Re: [webauthn] Clarify how the given origin in the ClientDataJSON matches to the expected one (#1889)

> Some of implementations in OSS just maintain list of acceptable origins and simply compares the given origin with the list by simply text equality.

Is the issue that strings may not be normalized by the client? I guess I'm not understanding how this process needs to be defined more robustly.

-- 
GitHub Notification of comment by MasterKale
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1889#issuecomment-1538638629 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 8 May 2023 15:55:41 UTC