W3C home > Mailing lists > Public > public-webauthn@w3.org > June 2018

Re: [webauthn] `CredentialRequestOptions` make otherwise valid values invalid in an undesirable way

From: Boris Zbarsky via GitHub <sysbot+gh@w3.org>
Date: Sat, 30 Jun 2018 04:55:30 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-401517353-1530334529-sysbot+gh@w3.org>
> Gecko implements this proposed resolution to heycam/webidl#76:

Gecko doesn't implement the elidable stuff yet.

>  and note in spec prose that if one does not pass all of them in with values when calling navigator.credentials.{create(),get()}, that the latter calls will not succeed

Right, this is option 1.

> Provide default values for all required fooOptions dictionary members

Huh.  IDL allows a default value for required members in the grammar...  I filed https://github.com/heycam/webidl/issues/569 to fix that.

But even without that, the prose in https://heycam.github.io/webidl/#required-dictionary-member explicitly says:

    A required dictionary member must not have a default value.

because there are no sane semantics for a required thing with a default value...  That said, you could do non-required members with default values.  That would be option 2.

Option 3 is to argue that https://github.com/heycam/webidl/issues/76 should be wontfixed and that dictionary members of dictionaries should not be treated the same way as dictionaries as arguments.  Basically comes down to what a dictionary "is", conceptually...

-- 
GitHub Notification of comment by bzbarsky
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/750#issuecomment-401517353 using your GitHub account
Received on Saturday, 30 June 2018 04:56:05 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:33 UTC