Title: [288137] branches/safari-613.1.14.0-branch
- Revision
- 288137
- Author
- alanc...@apple.com
- Date
- 2022-01-18 12:13:19 -0800 (Tue, 18 Jan 2022)
Log Message
Cherry-pick r287957. rdar://problem/87327557
[WebAuthn] Fix freebie call without user gesture not being given
https://bugs.webkit.org/show_bug.cgi?id=235078
rdar://87327557
Reviewed by Brent Fulgham.
Source/WebKit:
This logic was previously always requiring a user gesture. The desired
behavior of giving pages a single "freebie" webauthn call without gesture
was lost in a refactor.
Tested manually on iOS device with webauthn.me.
* WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
(WebKit::WebAuthenticatorCoordinator::processingUserGesture):
Tools:
Updated API test to reflect user gesture freebie.
* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@287957 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-613.1.14.0-branch/Source/WebKit/ChangeLog (288136 => 288137)
--- branches/safari-613.1.14.0-branch/Source/WebKit/ChangeLog 2022-01-18 20:07:02 UTC (rev 288136)
+++ branches/safari-613.1.14.0-branch/Source/WebKit/ChangeLog 2022-01-18 20:13:19 UTC (rev 288137)
@@ -1,3 +1,50 @@
+2022-01-18 Russell Epstein <repst...@apple.com>
+
+ Cherry-pick r287957. rdar://problem/87327557
+
+ [WebAuthn] Fix freebie call without user gesture not being given
+ https://bugs.webkit.org/show_bug.cgi?id=235078
+ rdar://87327557
+
+ Reviewed by Brent Fulgham.
+
+ Source/WebKit:
+
+ This logic was previously always requiring a user gesture. The desired
+ behavior of giving pages a single "freebie" webauthn call without gesture
+ was lost in a refactor.
+
+ Tested manually on iOS device with webauthn.me.
+
+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
+ (WebKit::WebAuthenticatorCoordinator::processingUserGesture):
+
+ Tools:
+
+ Updated API test to reflect user gesture freebie.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@287957 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2022-01-12 J Pascoe <j_pas...@apple.com>
+
+ [WebAuthn] Fix freebie call without user gesture not being given
+ https://bugs.webkit.org/show_bug.cgi?id=235078
+ rdar://87327557
+
+ Reviewed by Brent Fulgham.
+
+ This logic was previously always requiring a user gesture. The desired
+ behavior of giving pages a single "freebie" webauthn call without gesture
+ was lost in a refactor.
+
+ Tested manually on iOS device with webauthn.me.
+
+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
+ (WebKit::WebAuthenticatorCoordinator::processingUserGesture):
+
2022-01-09 Sam Weinig <wei...@apple.com>
Remove support for Direct2D
Modified: branches/safari-613.1.14.0-branch/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp (288136 => 288137)
--- branches/safari-613.1.14.0-branch/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2022-01-18 20:07:02 UTC (rev 288136)
+++ branches/safari-613.1.14.0-branch/Source/WebKit/WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp 2022-01-18 20:13:19 UTC (rev 288137)
@@ -126,13 +126,15 @@
bool WebAuthenticatorCoordinator::processingUserGesture(const Frame& frame, const FrameIdentifier& frameID)
{
auto processingUserGesture = UserGestureIndicator::processingUserGestureForMedia();
- if (!processingUserGesture && m_requireUserGesture)
+ bool processingUserGestureOrFreebie = processingUserGesture || !m_requireUserGesture;
+ if (!processingUserGestureOrFreebie)
m_webPage.addConsoleMessage(frameID, MessageSource::Other, MessageLevel::Warning, "User gesture is not detected. To use the WebAuthn API, call 'navigator.credentials.create' or 'navigator.credentials.get' within user activated events."_s);
+
if (processingUserGesture && m_requireUserGesture)
m_requireUserGesture = false;
- else
+ else if (!processingUserGesture)
m_requireUserGesture = true;
- return processingUserGesture || !m_requireUserGesture;
+ return processingUserGestureOrFreebie;
}
} // namespace WebKit
Modified: branches/safari-613.1.14.0-branch/Tools/ChangeLog (288136 => 288137)
--- branches/safari-613.1.14.0-branch/Tools/ChangeLog 2022-01-18 20:07:02 UTC (rev 288136)
+++ branches/safari-613.1.14.0-branch/Tools/ChangeLog 2022-01-18 20:13:19 UTC (rev 288137)
@@ -1,3 +1,45 @@
+2022-01-18 Russell Epstein <repst...@apple.com>
+
+ Cherry-pick r287957. rdar://problem/87327557
+
+ [WebAuthn] Fix freebie call without user gesture not being given
+ https://bugs.webkit.org/show_bug.cgi?id=235078
+ rdar://87327557
+
+ Reviewed by Brent Fulgham.
+
+ Source/WebKit:
+
+ This logic was previously always requiring a user gesture. The desired
+ behavior of giving pages a single "freebie" webauthn call without gesture
+ was lost in a refactor.
+
+ Tested manually on iOS device with webauthn.me.
+
+ * WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp:
+ (WebKit::WebAuthenticatorCoordinator::processingUserGesture):
+
+ Tools:
+
+ Updated API test to reflect user gesture freebie.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@287957 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2022-01-12 J Pascoe <j_pas...@apple.com>
+
+ [WebAuthn] Fix freebie call without user gesture not being given
+ https://bugs.webkit.org/show_bug.cgi?id=235078
+ rdar://87327557
+
+ Reviewed by Brent Fulgham.
+
+ Updated API test to reflect user gesture freebie.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html:
+
2022-01-10 Carlos Garcia Campos <cgar...@igalia.com>
[GTK][a11y] WTR: do not show html-id and toolkit attributes in test results
Modified: branches/safari-613.1.14.0-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html (288136 => 288137)
--- branches/safari-613.1.14.0-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html 2022-01-18 20:07:02 UTC (rev 288136)
+++ branches/safari-613.1.14.0-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-no-mock.html 2022-01-18 20:13:19 UTC (rev 288137)
@@ -20,10 +20,14 @@
};
navigator.credentials.create(options).then(credential => {
- // console.log("Succeeded!");
window.webkit.messageHandlers.testHandler.postMessage("Succeeded!");
}, error => {
- // console.log(error.message);
+ // The first call will consume the freebie, the second will give the no user gesture error.
+ navigator.credentials.create(options).then(credential => {
+ window.webkit.messageHandlers.testHandler.postMessage("Succeeded!");
+ }, error => {
+ window.webkit.messageHandlers.testHandler.postMessage(error.message);
+ });
window.webkit.messageHandlers.testHandler.postMessage(error.message);
});
</script>
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
