- From: Nina Satragno via GitHub <sysbot+gh@w3.org>
- Date: Wed, 01 Mar 2023 16:04:56 +0000
- To: public-webauthn@w3.org
nsatragno has just merged stephenmcgruer's pull request 1801 for https://github.com/w3c/webauthn:
== Allow for credential creation in a cross-origin iframe ==
See https://github.com/w3c/webauthn/issues/1656
This PR adds the ability to call navigator.credentials.create() in a cross-origin
iframe (more exactly, a frame that is not same-origin with its ancestor chain),
as long as the following conditions are met:
- The iframe has a publickey-credentials-create-feature permission policy
- The iframe has a [user activation](https://html.spec.whatwg.org/multipage/interaction.html#tracking-user-activation)
It has a corresponding PR on the credential management spec; see
https://github.com/w3c/webappsec-credential-management/pull/209
<!--
This comment and the below content is programmatically generated.
You may add a comma-separated list of anchors you'd like a
direct link to below (e.g. #idl-serializers, #idl-sequence):
Don't remove this comment or modify anything below this line.
If you don't want a preview generated for this pull request,
just replace the whole of this comment's content by "no preview"
and remove what's below.
-->
***
<a href="https://pr-preview.s3.amazonaws.com/stephenmcgruer/webauthn/pull/1801.html" title="Last updated on Feb 27, 2023, 12:52 PM UTC (cc256f3)">Preview</a> | <a href="https://pr-preview.s3.amazonaws.com/w3c/webauthn/1801/d3270c5...stephenmcgruer:cc256f3.html" title="Last updated on Feb 27, 2023, 12:52 PM UTC (cc256f3)">Diff</a>
See https://github.com/w3c/webauthn/pull/1801
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 1 March 2023 16:04:58 UTC