Safari has "implemented" the `preventSilentAccess` function from the Credential Management API (https://w3c.github.io/webappsec-credential-management/#dom-credentialscontainer-preventsilentaccess). However, it unconditionally throws a NotSupportedError whenever it's called. This happens on both macOS and iOS from my testing. The specification doesn't mention this as an expected behaviour and I was surprised to see that the function is implemented but also not implemented, meaning my feature detection looking for the existence of the function fails. The below code can be pasted into Web Inspector on a secure domain to demonstrate the issue. Both Chromium and Firefox work correctly but Safari fails. if (navigator.credentials.preventSilentAccess) { console.log('preventSilentAccess is implemented'); navigator.credentials.preventSilentAccess() .then(() => { console.log('preventSilentAccess succeeded'); }) .catch((err) => { console.log('preventSilentAccess failed'); console.error(err); }); } else { console.log('preventSilentAccess is NOT implemented'); }
<rdar://problem/96020741>
This is definitely how it is implemented indeed. It's been a long time since this code was added, and I couldn't find any explanation of why it was done this way. void CredentialsContainer::preventSilentAccess(DOMPromiseDeferred<void>&& promise) const { promise.reject(Exception { NotSupportedError, "Not implemented."_s }); }
Pull request: https://github.com/WebKit/WebKit/pull/11303
Committed 264345@main (40294715d0c0): <https://commits.webkit.org/264345@main> Reviewed commits have been landed. Closing PR #11303 and removing active labels.