[webauthn] add sameOriginWithAncestors parameter to internal methods from =JeffH via GitHub on 2017-11-29 (public-webauthn@w3.org from November 2017)

From: =JeffH via GitHub <sysbot+gh@w3.org>
Date: Wed, 29 Nov 2017 08:59:15 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-277514918-1511898435-sysbot+gh@w3.org>

equalsJeffH has just created a new issue for https://github.com/w3c/webauthn:

== add sameOriginWithAncestors parameter to internal methods ==
CredMan](https://w3c.github.io/webappsec-credential-management/) PR w3c/webappsec-credential-management#114 "Remove the blanket restriction against nested usage" adds the `sameOriginWithAncestors parameter` to the internal methods -- webauthn needs to _at least_ update its internal method declarations -- [\[\[Create\]\](origin, options)](https://w3c.github.io/webauthn/#createCredential) and [[\[\[DiscoverFromExternalSource\]\](origin, options)](https://w3c.github.io/webauthn/#discover-from-external-source) -- to be:
```
[[Create]](origin, options, sameOriginWithAncestors)

[[DiscoverFromExternalSource]](origin, options, sameOriginWithAncestors)
```
..and then also update each of the latter two webauthn algs to include this:
> If |sameOriginWithAncestors is false, return a "NotAllowedError" DOMException.

..as an early step (yes?). 



Please view or discuss this issue at https://github.com/w3c/webauthn/issues/700 using your GitHub account

Received on Wednesday, 29 November 2017 08:59:18 UTC