Summary: | [WebAuthn] Make WebAuthn default off and let clients turn it on at will | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Jiewen Tan <jiewen_tan> | ||||||||
Component: | WebKit Misc. | Assignee: | Jiewen Tan <jiewen_tan> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Normal | CC: | achristensen, alex.gaynor, bfulgham, commit-queue, jiewen_tan, mitz, sam, thorton, webkit-bug-importer, youennf | ||||||||
Priority: | P2 | Keywords: | InRadar | ||||||||
Version: | WebKit Nightly Build | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
See Also: | https://bugs.webkit.org/show_bug.cgi?id=201369 | ||||||||||
Bug Depends on: | |||||||||||
Bug Blocks: | 181943 | ||||||||||
Attachments: |
|
Description
Jiewen Tan
2019-09-03 16:57:26 PDT
Created attachment 377937 [details]
Patch
Comment on attachment 377937 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=377937&action=review > Source/WebKit/UIProcess/API/Cocoa/WKPreferencesPrivate.h:160 > +@property (nonatomic, setter=_setWebAuthenticationEnabled:) BOOL _webAuthenticationEnabled WK_API_AVAILABLE(macos(10.13), ios(13.0)); macOS 10.13 has already shipped without this SPI, and I suspect that iOS 13.0 is also incorrect here. We typically use WK_MAC_TBA and WK_IOS_TBA until after the GM seed of the OS is available to developers. Comment on attachment 377937 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=377937&action=review Thanks Dan for reviewing the patch. >> Source/WebKit/UIProcess/API/Cocoa/WKPreferencesPrivate.h:160 >> +@property (nonatomic, setter=_setWebAuthenticationEnabled:) BOOL _webAuthenticationEnabled WK_API_AVAILABLE(macos(10.13), ios(13.0)); > > macOS 10.13 has already shipped without this SPI, and I suspect that iOS 13.0 is also incorrect here. We typically use WK_MAC_TBA and WK_IOS_TBA until after the GM seed of the OS is available to developers. WebAuthentication is enabled for Safari 13 and we are shipping Safari 13 on High Sierra, Mojave, and Catalina. I think specify WK_MAC_TBA for macOS might be risky as someone might later change it to 10.15 and breaks Safari. Fixed iOS. (In reply to Jiewen Tan from comment #4) > Comment on attachment 377937 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=377937&action=review > > Thanks Dan for reviewing the patch. > > >> Source/WebKit/UIProcess/API/Cocoa/WKPreferencesPrivate.h:160 > >> +@property (nonatomic, setter=_setWebAuthenticationEnabled:) BOOL _webAuthenticationEnabled WK_API_AVAILABLE(macos(10.13), ios(13.0)); > > > > macOS 10.13 has already shipped without this SPI, and I suspect that iOS 13.0 is also incorrect here. We typically use WK_MAC_TBA and WK_IOS_TBA until after the GM seed of the OS is available to developers. > > WebAuthentication is enabled for Safari 13 and we are shipping Safari 13 on > High Sierra, Mojave, and Catalina. I think specify WK_MAC_TBA for macOS > might be risky as someone might later change it to 10.15 and breaks Safari. > > Fixed iOS. The SPI that’s available to Safari when deployed to an already-shipping macOS release is different from what’s in those release. Please use WK_MAC_TBA or consult folks who are familiar with how Apple manages WebKit API availability. Comment on attachment 377937 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=377937&action=review >>>> Source/WebKit/UIProcess/API/Cocoa/WKPreferencesPrivate.h:160 >>>> +@property (nonatomic, setter=_setWebAuthenticationEnabled:) BOOL _webAuthenticationEnabled WK_API_AVAILABLE(macos(10.13), ios(13.0)); >>> >>> macOS 10.13 has already shipped without this SPI, and I suspect that iOS 13.0 is also incorrect here. We typically use WK_MAC_TBA and WK_IOS_TBA until after the GM seed of the OS is available to developers. >> >> WebAuthentication is enabled for Safari 13 and we are shipping Safari 13 on High Sierra, Mojave, and Catalina. I think specify WK_MAC_TBA for macOS might be risky as someone might later change it to 10.15 and breaks Safari. >> >> Fixed iOS. > > The SPI that’s available to Safari when deployed to an already-shipping macOS release is different from what’s in those release. Please use WK_MAC_TBA or consult folks who are familiar with how Apple manages WebKit API availability. I see. Fixed macOS as well. Created attachment 377944 [details]
Patch
Created attachment 378153 [details]
Patch
Comment on attachment 378153 [details]
Patch
Thanks Youenn for r+ the patch.
Comment on attachment 378153 [details] Patch Clearing flags on attachment: 378153 Committed r249600: <https://trac.webkit.org/changeset/249600> All reviewed patches have been landed. Closing bug. |