Re: [webauthn] WebAuthn assertion disabled by default in cross-origin iframes (Emv 3D Secure flow) (#1589)

We sympathise with the challenges of coordinating many websites. But the alternative is to enable WebAuthn in _all_ existing iframes, which seems surprising and potentially dangerous. As such, I'm afraid that we still believe that an explicit opt-in by the embedder is the right path.

GitHub Notification of comment by agl
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Wednesday, 31 March 2021 20:54:49 UTC