Re: [webauthn] Related origin validation should reference the Fetch spec (#2408) from John Schanck via GitHub on 2026-04-24 (public-webauthn@w3.org from April 2026)

From: John Schanck via GitHub <noreply@w3.org>
Date: Fri, 24 Apr 2026 23:43:43 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-4317062673-1777074220-noreply@w3.org>

The check for when the environment settings "Does Not Restrict Mixed Security Contexts" might be an issue (I think that's why I wasn't able to implement the related origins validation procedure using fetch in Firefox), but yes I think ensuring that mixed content is blocked is sufficient.

-- 
GitHub Notification of comment by jschanck
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/2408#issuecomment-4317062673 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 24 April 2026 23:43:44 UTC