| Summary: | [WebAuthn] User verification flag not honored during registration | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | pvanstaden | ||||
| Component: | WebCore Misc. | Assignee: | Nobody <webkit-unassigned> | ||||
| Status: | NEW --- | ||||||
| Severity: | Normal | CC: | bfulgham, pvanstaden, tim.cappalli, webkit-bug-importer | ||||
| Priority: | P2 | Keywords: | InRadar | ||||
| Version: | Safari 14 | ||||||
| Hardware: | Mac (Intel) | ||||||
| OS: | macOS 11 | ||||||
| Attachments: |
|
||||||
Created attachment 429515 [details] Expected dialog. When using the `navigator.credentials.create` call and passing in `authenticatorSelection.userVerification` as `required` there is divergent behavior. Start with a token that have already been registered, it works fine. If you have a token that have not yet been initialized, the browser is supposed to show a set pin screen. As shown here in attachment called `Expected dialog` Safari seems to return the userVerification flag as false when an uninitialized token is used.