Disable FIDO U2F API for Android
Categories
(Core :: DOM: Web Authentication, defect, P1)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox66 | --- | unaffected |
| firefox67 | --- | unaffected |
| firefox68 | + | fixed |
| firefox69 | --- | fixed |
People
(Reporter: jcj, Assigned: jcj)
References
()
Details
Attachments
(1 file)
|
(deleted),
text/x-phabricator-request
|
jcristau
:
approval-mozilla-beta+
|
Details |
Per https://bugzilla.mozilla.org/show_bug.cgi?id=1550625#c5 there is no mechanism available for FIDO U2F JS API operations on Android. The exposed API is FIDO2/WebAuthn-only. As such, Firefox cannot support FIDO U2F JS API operations on Android, and we should disable the u2f preference so that window.u2f is not set inappropriately.
|
Assignee | |
Comment 1•6 years ago
|
||
Per https://bugzilla.mozilla.org/show_bug.cgi?id=1550625#c5 there is no
mechanism available for FIDO U2F JS API operations on Android. The exposed API
is FIDO2/WebAuthn-only. As such, Firefox cannot support FIDO U2F JS API
operations on Android, and we should disable the u2f preference so that
window.u2f is not set inappropriately.
|
||
Comment 3•6 years ago
|
||
Backed out changeset 8e8ea33ecb3d (Bug 1552602) for test_interfaces_secureContext.html failures
Backout link: https://hg.mozilla.org/integration/autoland/rev/777492b75f9745bd78dc96155ccd91523b788db0
Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=247146101&repo=autoland&lineNumber=1695
[task 2019-05-18T00:46:25.750Z] 00:46:25 INFO - 123 INFO TEST-START | dom/tests/mochitest/general/test_interfaces_secureContext.html
[task 2019-05-18T00:47:07.826Z] 00:47:07 INFO - <snipped 2326 output lines - if you need more context, please use SimpleTest.requestCompleteLog() in your test>
[task 2019-05-18T00:47:07.827Z] 00:47:07 INFO - Buffered messages logged at 00:46:56
[task 2019-05-18T00:47:07.828Z] 00:47:07 INFO - 124 INFO TEST-PASS | dom/tests/mochitest/general/test_interfaces_secureContext.html | If this is failing: DANGER, are you sure you want to expose the new interface Comment to all webpages as a property on the window? Do not make a change to this file without a review from a DOM peer for that specific change!!! (or a JS peer for changes to ecmaGlobals)
...
[task 2019-05-18T00:47:07.882Z] 00:47:07 INFO - 222 INFO TEST-PASS | dom/tests/mochitest/general/test_interfaces_secureContext.html | ScopedCredentialInfo should NOT be defined on the global scope
[task 2019-05-18T00:47:07.883Z] 00:47:07 INFO - 223 INFO TEST-PASS | dom/tests/mochitest/general/test_interfaces_secureContext.html | StorageManager should NOT be defined on the global scope
[task 2019-05-18T00:47:07.883Z] 00:47:07 INFO - Buffered messages finished
[task 2019-05-18T00:47:07.887Z] 00:47:07 INFO - 224 INFO TEST-UNEXPECTED-FAIL | dom/tests/mochitest/general/test_interfaces_secureContext.html | U2F should be defined on the global scope
[task 2019-05-18T00:47:07.888Z] 00:47:07 INFO - SimpleTest.ok@https://example.com/tests/SimpleTest/SimpleTest.js:275:18
[task 2019-05-18T00:47:07.889Z] 00:47:07 INFO - runTest@https://example.com/tests/dom/tests/mochitest/general/test_interfaces.js:1337:5
[task 2019-05-18T00:47:07.889Z] 00:47:07 INFO - @https://example.com/tests/dom/tests/mochitest/general/test_interfaces.js:1347:1
[task 2019-05-18T00:47:07.890Z] 00:47:07 INFO - 225 INFO TEST-PASS | dom/tests/mochitest/general/test_interfaces_secureContext.html | UserProximityEvent should NOT be defined on the global scope
[task 2019-05-18T00:47:07.891Z] 00:47:07 INFO - 226 INFO TEST-PASS | dom/tests/mochitest/general/test_interfaces_secureContext.html | WebAuthnAssertion should NOT be defined on the global scope
[task 2019-05-18T00:47:07.892Z] 00:47:07 INFO - 227 INFO TEST-PASS | dom/tests/mochitest/general/test_interfaces_secureContext.html | WebAuthnAttestation should NOT be defined on the global scope
[task 2019-05-18T00:47:07.892Z] 00:47:07 INFO - 228 INFO TEST-PASS | dom/tests/mochitest/general/test_interfaces_secureContext.html | WebAuthentication should NOT be defined on the global scope
[task 2019-05-18T00:47:07.893Z] 00:47:07 INFO - 229 INFO TEST-UNEXPECTED-FAIL | dom/tests/mochitest/general/test_interfaces_secureContext.html | The following interface(s) are not enumerated: U2F - got 1, expected +0
[task 2019-05-18T00:47:07.893Z] 00:47:07 INFO - SimpleTest.is@https://example.com/tests/SimpleTest/SimpleTest.js:320:16
[task 2019-05-18T00:47:07.894Z] 00:47:07 INFO - runTest@https://example.com/tests/dom/tests/mochitest/general/test_interfaces.js:1343:3
[task 2019-05-18T00:47:07.894Z] 00:47:07 INFO - @https://example.com/tests/dom/tests/mochitest/general/test_interfaces.js:1347:1
[task 2019-05-18T00:47:07.895Z] 00:47:07 INFO - 230 INFO TEST-OK | dom/tests/mochitest/general/test_interfaces_secureContext.html | took 43711ms
[task 2019-05-18T00:47:07.895Z] 00:47:07 INFO - 231 INFO TEST-START | Shutdown
[task 2019-05-18T00:47:07.895Z] 00:47:07 INFO - 232 INFO Passed: 2430
[task 2019-05-18T00:47:07.896Z] 00:47:07 WARNING - 233 INFO Failed: 2
[task 2019-05-18T00:47:07.896Z] 00:47:07 WARNING - One or more unittests failed.
[task 2019-05-18T00:47:07.896Z] 00:47:07 INFO - 234 INFO Todo: 0
[task 2019-05-18T00:47:07.896Z] 00:47:07 INFO - 235 INFO Mode: non-e10s
[task 2019-05-18T00:47:07.897Z] 00:47:07 INFO - 236 INFO Slowest: 43708ms - /tests/dom/tests/mochitest/general/test_interfaces_secureContext.html
[task 2019-05-18T00:47:07.897Z] 00:47:07 INFO - 237 INFO SimpleTest FINISHED
[task 2019-05-18T00:48:21.045Z] 00:48:21 INFO - Failed to get top activity, retrying, once...
[task 2019-05-18T00:48:21.962Z] 00:48:21 INFO - wait for org.mozilla.fennec_aurora complete; top activity=com.android.launcher
[task 2019-05-18T00:48:22.168Z] 00:48:22 INFO - remoteautomation.py | Application ran for: 0:04:39.736009
[task 2019-05-18T00:48:22.790Z] 00:48:22 INFO - Stopping web server
[task 2019-05-18T00:48:22.799Z] 00:48:22 INFO - Stopping web socket server
[task 2019-05-18T00:48:22.820Z] 00:48:22 INFO - Stopping ssltunnel
[task 2019-05-18T00:48:22.843Z] 00:48:22 INFO - leakcheck | refcount logging is off, so leaks can't be detected!
[task 2019-05-18T00:48:22.843Z] 00:48:22 INFO - runtests.py | Running tests: end.
|
|
Assignee | |
Comment 4•6 years ago
|
||
[Tracking Requested - why for this release]:
I'm out Monday the 20th, so assuming I miss the merge with the rework (it's on try and r? bz), we'll need to uplift this to 68 as part of the Fennec/WebAuthn support.
|
||
Updated•6 years ago
|
|
||
Comment 6•6 years ago
|
||
| bugherder | ||
|
|
Assignee | |
Comment 7•6 years ago
|
||
Comment on attachment 9065830 [details]
Bug 1552602 - Disable FIDO U2F API for Android r?keeler
Beta/Release Uplift Approval Request
- User impact if declined: Capability checking will assume the FIDO U2F API is available when it is not.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): It's a pref-off and a test-flip. However, there's no way to test Fennec features in Nightly anymore, so we effectively must go straight to Beta.
- String changes made/needed:
|
|
||
Comment 8•6 years ago
|
||
Comment on attachment 9065830 [details]
Bug 1552602 - Disable FIDO U2F API for Android r?keeler
disable fido u2f api for upcoming fennec nightly and beta builds
|
||
Comment 9•6 years ago
|
||
| bugherder uplift | ||
Description
•