Bug 241126
| Summary: | Error after calling navigator.credentials.get() twice | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Simon Bluhm <simon.bluhm> |
| Component: | WebKit Misc. | Assignee: | pascoe <pascoe> |
| Status: | NEW | ||
| Severity: | Major | CC: | bfulgham, drmoerkerke, mjs, pascoe, webkit-bug-importer, wilander |
| Priority: | P2 | Keywords: | InRadar |
| Version: | Safari 15 | ||
| Hardware: | iPhone / iPad | ||
| OS: | iOS 15 | ||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=240134 | ||
Simon Bluhm
I recently noticed that users of my web app are no longer able to signin using WebAuthn TouchID / fingerprint on iOS 15.5. The problem seems to be calling navigator.credentials.get() more than once. The first attempt is successful but calling navigator.credentials.get() a second time will result in the following error:
"This request has been cancelled by the user".
The only way to get around this is for the user to reload the website. This is problematic for Single Page Apps, especially if standalone, as the browser UI and refresh button are hidden.
The bug is also reproducible here: https://try-webauthn.appspot.com/
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/94178936>
pascoe@apple.com
It looks like we aren't registering the user gestures as being associated with navigator.credentials calls with this sample site. Looking into why this happens.