Avoid Apple Attestation when attestation = "none".
<rdar://problem/59692104>
Created attachment 392653 [details] Patch
Comment on attachment 392653 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=392653&action=review > Source/WebKit/ChangeLog:3 > + [WebAuthn] Avoid Apple Attestation when attestation = "none" Maybe call this "Do not perform Attestation with type is 'none'"? > Source/WebKit/ChangeLog:10 > + accesses to Apple Attestation for now. The whitelist includes file URL, "... to restrict access until validation is complete. The whitelist allows file URLs and test-related domains." > Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:101 > +// FIXME<rdar://problem/60108131>: Remove this whitelist before shipping. I think its enough just say: // FIXME(<rdar://problem/60108131>): Remove this whitelist once testing is complete. > LayoutTests/ChangeLog:3 > + [WebAuthn] Avoid Apple Attestation when attestation = "none" Ditto (change title).
Comment on attachment 392653 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=392653&action=review Thanks Brent for r+ this patch. >> Source/WebKit/ChangeLog:3 >> + [WebAuthn] Avoid Apple Attestation when attestation = "none" > > Maybe call this "Do not perform Attestation with type is 'none'"? Fixed. >> Source/WebKit/ChangeLog:10 >> + accesses to Apple Attestation for now. The whitelist includes file URL, > > "... to restrict access until validation is complete. The whitelist allows file URLs and test-related domains." Fixed. >> Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:101 >> +// FIXME<rdar://problem/60108131>: Remove this whitelist before shipping. > > I think its enough just say: > > // FIXME(<rdar://problem/60108131>): Remove this whitelist once testing is complete. Fixed. >> LayoutTests/ChangeLog:3 >> + [WebAuthn] Avoid Apple Attestation when attestation = "none" > > Ditto (change title). Fixed.
Created attachment 392757 [details] Patch for Landing
Committed r258020: <https://trac.webkit.org/changeset/258020>