WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
239275
Safari freezes on WebAuthn navigator.credentials.get() when users interacts with security key not in allowCredentials
https://bugs.webkit.org/show_bug.cgi?id=239275
Summary
Safari freezes on WebAuthn navigator.credentials.get() when users interacts w...
matthew
Reported
2022-04-12 22:00:50 PDT
Created
attachment 457507
[details]
Video reproducing the issue Safari Version 15.4 (17613.1.17.1.13) on macOS 12.3.1 enters a "disabled" state when `navigator.credentials.get()` is called with a security key credential (i.e. transports are set to "usb" and "nfc") in `allowCredentials`, but then the user interacts with a security key that does not match the credential. By "disabled" state I mean the window becomes almost completely unresponsive to left clicks, and right clicks bring up context menus with all options disabled. Additionally the red close button on the windows's "stoplights" turns grey and cannot be used to close the window. At this point the only way to close the window is to Force Quit out of Safari. See attached video for a demonstration, and screenshot for proof of Safari version. ## Reproduction: The issue can be reproduced with the following HTML + JavaScript hosted at
http://localhost
: ``` <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Safari Bug Repro - WebAuthn Authentication Browser Crash</title> </head> <body> <h1> Safari Bug Repro - WebAuthn Authentication Browser Crash </h1> <button id="startAuth">Authenticate</button> <h2>Context</h2> <p> A single credential with a random ID has been set to <strong>allowCredentials</strong> with security key transports <strong>"usb"</strong> and <strong>"nfc"</strong>. </p> <h2>Reproduction Steps</h2> <ol> <li> Click the <strong>Authenticate</strong> button above to call navigator.credentials.get(). </li> <li> Select <strong>Security Key</strong> from the WebAuthn browser modal. </li> <li> Interact with any available security key. </li> <li> Observe the browser becomes unresponsive to almost all input, and the close button in the upper-left enters a disabled state. </li> </ol> <script> document.getElementById('startAuth').addEventListener('click', async (event) => { event.preventDefault(); try { console.log('Calling navigator.credentials.get()'); const res = await navigator.credentials.get({ publicKey: { rpId: 'localhost', allowCredentials: [ { id: new Uint8Array(32).fill(1), type: "public-key", transports: ["usb", "nfc"] } ], challenge: new Uint8Array(32).fill(1), }, }); console.log('Response:', res); } catch (err) { alert(err); } }); </script> </body> </html> ```
Attachments
Video reproducing the issue
(4.22 MB, video/quicktime)
2022-04-12 22:00 PDT
,
matthew
no flags
Details
Screenshot of Safari showing version
(132.20 KB, image/png)
2022-04-12 22:03 PDT
,
matthew
no flags
Details
View All
Add attachment
proposed patch, testcase, etc.
matthew
Comment 1
2022-04-12 22:03:26 PDT
Created
attachment 457508
[details]
Screenshot of Safari showing version
Radar WebKit Bug Importer
Comment 2
2022-04-13 12:48:46 PDT
<
rdar://problem/91708885
>
pascoe@apple.com
Comment 3
2022-04-13 14:21:12 PDT
Hi. Thank you for the report. This issue has been fixed in the 12.4 beta released last week.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug