W3C home > Mailing lists > Public > public-webauthn@w3.org > August 2022

Re: [webauthn] Credential Creation Options are inconsistent to Request (#1716)

From: Shane Weeden via GitHub <sysbot+gh@w3.org>
Date: Mon, 15 Aug 2022 06:45:02 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-1214675594-1660545900-sysbot+gh@w3.org>
> It's incredibly frustrating that with Chrome, a user can enroll an Android phone, but cannot use it to verify without "cable" in the list of transports, whose presence causes Safari to crash.
> 
> We absolutely need the ability to restrict registration the same way we restrict verification. At least until all the browsers comply with whatever standards are agreed upon.

It might be just a stop-gap but given that transports are optional elements of the allowCredentials list, couldn't you just filter that out client-side before calling `navgiator.credentials.get` when you detect you are running on Safari?

-- 
GitHub Notification of comment by sbweeden
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1716#issuecomment-1214675594 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 15 August 2022 06:45:04 UTC

This archive was generated by hypermail 2.4.0 : Monday, 15 August 2022 06:45:09 UTC