commit | 54d12f7046fac87aa6b190cf001ef10834da5f9b | [log] [tgz] |
---|---|---|
author | Martin Kreichgauer <martinkr@google.com> | Thu May 16 21:25:24 2019 |
committer | Commit Bot <commit-bot@chromium.org> | Thu May 16 21:25:24 2019 |
tree | 076da9023a0b2a91835de43677fce0ff955e272d | |
parent | 744ced6d82e41091b76bc7512bf47beefeb67d76 [diff] |
Revert "webauthn: remove the CREDENTIAL_NOT_RECOGNIZED status" This reverts commit 62ed0cea3b83a600f245ce4a2387f28593c95271. Reason for revert: This apparently breaks an Android build where CREDENTIAL_NOT_RECOGNIZED is referenced. Original change's description: > webauthn: remove the CREDENTIAL_NOT_RECOGNIZED status > > The WebAuthn spec says that during a WebAuthn get() request, if an > authenticator returns an error in response to the request, the browser > should simply ignore that device and let the user try a different one > until the user cancels or the request times out, at which point the > browser returns a "NotAllowedError" DOMException. > > Chrome diverges from the WebAuthn spec a little in that errors from the > authenticator can cause termination of the entire request (depending on > the exact nature of the authenticator's response). Originally, this > resulted in the WebAuthn request's promise to be rejected with an error > immediately. > > To allow the relying party (RP) to distinguish a request that was > terminated due to a security key not recognizing any of the presented > credential IDs from other errors (such as the user clicking "Cancel" in > the UI), Chrome therefore returned an InvalidStateError for this > particular case, such that the RP could then inform the user that the > security key that they tapped wasn't registered with the site. > > Later, Chrome's WebAuthn implementation added an error to its own UI for > this case that informs the user that their security key wasn't > recognized. But Chrome still returns the InvalidState error with a > special message. This change aligns Chrome's behavior with the spec and > makes it return NotAllowedError in this case. > > Change-Id: Ib2a3c3134555cfc87da451a5c5738b59df674139 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1602745 > Commit-Queue: Martin Kreichgauer <martinkr@google.com> > Reviewed-by: Mike West <mkwst@chromium.org> > Reviewed-by: Adam Langley <agl@chromium.org> > Cr-Commit-Position: refs/heads/master@{#660519} TBR=agl@chromium.org,martinkr@google.com,mkwst@chromium.org Change-Id: Icc31c71dbfdea5a741bf0511223e48874852ac0a No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1614254 Reviewed-by: Martin Kreichgauer <martinkr@google.com> Commit-Queue: Martin Kreichgauer <martinkr@google.com> Cr-Commit-Position: refs/heads/master@{#660555}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .