Re: [webauthn] Prohibit Create Credential from cross-origin iframes (#1336)

Yes, and at TPAC I believe it was Duo who asked for enrollment in the cross-origin iframe, too.

However, I believe this to be a real threat, and one easily-remedied.

GitHub Notification of comment by jcjones
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 6 November 2019 20:04:04 UTC