mirror of
https://github.com/bitwarden/browser.git
synced 2024-09-27 04:03:00 +02:00
parent
ff19514c27
commit
07b69edef2
@ -151,6 +151,16 @@ describe("FidoAuthenticatorService", () => {
|
|||||||
await rejects.toBeInstanceOf(DOMException);
|
await rejects.toBeInstanceOf(DOMException);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it("should not throw error if localhost is http", async () => {
|
||||||
|
const params = createParams({
|
||||||
|
origin: "http://localhost",
|
||||||
|
rp: { id: undefined, name: "localhost" },
|
||||||
|
});
|
||||||
|
authenticator.makeCredential.mockResolvedValue(createAuthenticatorMakeResult());
|
||||||
|
|
||||||
|
await client.createCredential(params, tab);
|
||||||
|
});
|
||||||
|
|
||||||
// Spec: If credTypesAndPubKeyAlgs is empty, return a DOMException whose name is "NotSupportedError", and terminate this algorithm.
|
// Spec: If credTypesAndPubKeyAlgs is empty, return a DOMException whose name is "NotSupportedError", and terminate this algorithm.
|
||||||
it("should throw error if no support key algorithms were found", async () => {
|
it("should throw error if no support key algorithms were found", async () => {
|
||||||
const params = createParams({
|
const params = createParams({
|
||||||
@ -506,6 +516,16 @@ describe("FidoAuthenticatorService", () => {
|
|||||||
expect.anything(),
|
expect.anything(),
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it("should not throw error if localhost is http", async () => {
|
||||||
|
const params = createParams({
|
||||||
|
origin: "http://localhost",
|
||||||
|
});
|
||||||
|
params.rpId = undefined;
|
||||||
|
authenticator.getAssertion.mockResolvedValue(createAuthenticatorAssertResult());
|
||||||
|
|
||||||
|
await client.assertCredential(params, tab);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("assert discoverable credential", () => {
|
describe("assert discoverable credential", () => {
|
||||||
|
@ -103,7 +103,10 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
|
|||||||
}
|
}
|
||||||
|
|
||||||
params.rp.id = params.rp.id ?? parsedOrigin.hostname;
|
params.rp.id = params.rp.id ?? parsedOrigin.hostname;
|
||||||
if (parsedOrigin.hostname == undefined || !params.origin.startsWith("https://")) {
|
if (
|
||||||
|
parsedOrigin.hostname == undefined ||
|
||||||
|
(!params.origin.startsWith("https://") && parsedOrigin.hostname !== "localhost")
|
||||||
|
) {
|
||||||
this.logService?.warning(`[Fido2Client] Invalid https origin: ${params.origin}`);
|
this.logService?.warning(`[Fido2Client] Invalid https origin: ${params.origin}`);
|
||||||
throw new DOMException("'origin' is not a valid https origin", "SecurityError");
|
throw new DOMException("'origin' is not a valid https origin", "SecurityError");
|
||||||
}
|
}
|
||||||
@ -238,7 +241,10 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
|
|||||||
|
|
||||||
params.rpId = params.rpId ?? parsedOrigin.hostname;
|
params.rpId = params.rpId ?? parsedOrigin.hostname;
|
||||||
|
|
||||||
if (parsedOrigin.hostname == undefined || !params.origin.startsWith("https://")) {
|
if (
|
||||||
|
parsedOrigin.hostname == undefined ||
|
||||||
|
(!params.origin.startsWith("https://") && parsedOrigin.hostname !== "localhost")
|
||||||
|
) {
|
||||||
this.logService?.warning(`[Fido2Client] Invalid https origin: ${params.origin}`);
|
this.logService?.warning(`[Fido2Client] Invalid https origin: ${params.origin}`);
|
||||||
throw new DOMException("'origin' is not a valid https origin", "SecurityError");
|
throw new DOMException("'origin' is not a valid https origin", "SecurityError");
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user