- From: Boris Zbarsky via GitHub <sysbot+gh@w3.org>
- Date: Wed, 18 Sep 2019 04:34:58 +0000
- To: public-webauthn@w3.org
bzbarsky has just created a new issue for https://github.com/w3c/webauthn: == Length restriction on user handles has no processing model associated with it == https://w3c.github.io/webauthn/#dom-publickeycredentialuserentity-id says: > A user handle is an opaque byte sequence with a maximum size of 64 bytes but nothing says where or whether that maximum size is enforced. Based on code inspection, Firefox checks for this in code that gets called from `CredentialsContainer.create` and throws an exception (a DOMException with name "TypeError") if the user handle is longer than 64 bytes. Also based on code inspection it looks like Chrome throws a JS TypeError in this situation (with a comment about <https://www.w3.org/TR/webauthn/#user-handle>). Note that the lack of clear processing model leads to lack of interop here: the two browsers are throwing totally different kinds of exceptions... @jcjones Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1302 using your GitHub account
Received on Wednesday, 18 September 2019 04:35:01 UTC