Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-21 11:35:34 +01:00
Code Issues Projects Releases Wiki Activity

[PM-4704] feat: filter non-webauthn calls to credmanager apis (#6803)

Browse Source
This commit is contained in:
Andreas Coroiu 2023-11-06 16:42:39 +01:00 committed by GitHub
parent ffab1e31e2
commit e88d0acc8d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
apps/browser/src/vault/fido2/content/page-script.ts
View File

@ -66,6 +66,10 @@ navigator.credentials.create = async (
options?: CredentialCreationOptions,
abortController?: AbortController
): Promise<Credential> => {
if (!isWebauthnCall(options)) {
return await browserCredentials.create(options);
}
const fallbackSupported =
(options?.publicKey?.authenticatorSelection.authenticatorAttachment === "platform" &&
browserNativeWebauthnPlatformAuthenticatorSupport) ||
@ -106,6 +110,10 @@ navigator.credentials.get = async (
options?: CredentialRequestOptions,
abortController?: AbortController
): Promise<Credential> => {
if (!isWebauthnCall(options)) {
return await browserCredentials.get(options);
}
const fallbackSupported = browserNativeWebauthnSupport;
try {
@ -141,6 +149,10 @@ navigator.credentials.get = async (
}
};
function isWebauthnCall(options?: CredentialCreationOptions | CredentialRequestOptions) {
return options && "publicKey" in options;
}
/**
* Wait for window to be focused.
* Safari doesn't allow scripts to trigger webauthn when window is not focused.