Bug 274444

Summary:	Credential Management API shouldn't allow method calls on non-fully active docs
Product:	WebKit	Reporter:	Marcos Caceres <marcosc>
Component:	WebCore Misc.	Assignee:	Marcos Caceres <marcosc>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	webkit-bug-importer, yarik02819xx
Priority:	P2	Keywords:	InRadar
Version:	Other
Hardware:	Unspecified
OS:	Unspecified

Marcos Caceres

Reported 2024-05-20 23:16:22 PDT

The following CredentialContainer methods all allow operations if a document is not fully active: .get() .store() .create() .preventSilentAccess() However, we probably shouldn't allow that. Spec change: https://github.com/w3c/webappsec-credential-management/pull/230

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2024-05-23 01:44:08 PDT

<rdar://problem/128595290>

Marcos Caceres

Comment 2 2024-05-23 01:46:47 PDT

Pull request: https://github.com/WebKit/WebKit/pull/28979

EWS

Comment 3 2024-05-24 21:18:18 PDT

Committed 279309@main (0864a389355b): <https://commits.webkit.org/279309@main> Reviewed commits have been landed. Closing PR #28979 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.