Skip to main content

Browse the archive

Revision 750cfaf984c93f0cc80cf28110fe0c6333fcfbb4 authored by Tarun Bansal on 15 March 2018, 17:56:27 UTC, committed by Blink WPT Bot on 15 March 2018, 18:14:49 UTC 
Test that client hints are not sent on insecure transports
 
Also, add tests for other client hints.

Finally. use the built-in sub pipe to enable running the
cross-origin test.

Bug: 817049
Change-Id: Ib4155f50e0ffd3a0447cf250cd4018b650f3b419
Reviewed-on: https://chromium-review.googlesource.com/963403
Commit-Queue: Tarun Bansal <tbansal@chromium.org>
Reviewed-by: Robert Ma <robertma@chromium.org>
Cr-Commit-Position: refs/heads/master@{#543433}
1 parent d56bf78
Raw File
getcredential-extensions.https.html 
<!DOCTYPE html>
<meta charset="utf-8">
<title>WebAuthn navigator.credentials.get() extensions Tests</title>
<link rel="author" title="Adam Powers" href="mailto:adam@fidoalliance.org">
<link rel="help" href="https://w3c.github.io/webauthn/#iface-credential">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src=helpers.js></script>
<body></body>
<script>
standardSetup(function() {
    "use strict";

    var dummyExtension = {
        foo: true,
        bar: "yup"
    };
    var credPromise = createCredential();

    // bad extension values
    new GetCredentialsTest("options.publicKey.extensions", "hi mom")
        .addCredential(credPromise)
        .runTest("Bad extensions: extensions is string", new TypeError());
    new GetCredentialsTest("options.publicKey.extensions", null)
        .addCredential(credPromise)
        .runTest("Bad extensions: extensions is null", new TypeError());
    new GetCredentialsTest("options.publicKey.extensions", [])
        .addCredential(credPromise)
        .runTest("Bad extensions: extensions is empty Array", new TypeError());
    new GetCredentialsTest("options.publicKey.extensions", new ArrayBuffer(0))
        .addCredential(credPromise)
        .runTest("Bad extensions: extensions is empty ArrayBuffer", new TypeError());
    var badJson = '{"foo": true, "bar: "yup"}'; // missing quote after "bar"
    new GetCredentialsTest("options.publicKey.extensions", {foo: badJson})
        .addCredential(credPromise)
        .runTest("Bad extensions: malformatted JSON", new TypeError());
    new GetCredentialsTest("options.publicKey.extensions", {foo: dummyExtension})
        .addCredential(credPromise)
        .runTest("Bad extensions: JavaScript object", new TypeError());
    var badExtId = {};
    badExtId[createRandomString(65)] = dummyExtension;
    new GetCredentialsTest("options.publicKey.extensions", {badExtId: dummyExtension})
        .addCredential(credPromise)
        .runTest("Bad extensions: extension ID too long", new TypeError());

    // phony extensions
    // TODO: not sure if this should pass or fail
    // should be clarified as part of https://github.com/w3c/webauthn/pull/765
    var randomExtId = {};
    randomExtId[createRandomString(64)] = dummyExtension;
    new GetCredentialsTest("options.publicKey.extensions", {foo: JSON.stringify(randomExtId)})
        .addCredential(credPromise)
        .runTest("extensions is a nonsensical JSON string");

    // TODO
    // defined extensions:
    // * appid
    // * txAuthSimple
    // * txAuthGeneric
    // * authnSel
    // * exts
    // * uvi
    // * loc
    // * uvm
});

/* JSHINT */
/* globals standardSetup, GetCredentialsTest, createRandomString, createCredential */
</script>
back to top