From 7d7549bef2bf4bb713f0157be0729cf603760600 Mon Sep 17 00:00:00 2001 From: jng Date: Wed, 16 Aug 2023 12:44:18 -0400 Subject: [PATCH] added isNotIFrame method to page-script --- .../src/vault/fido2/content/page-script.ts | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/apps/browser/src/vault/fido2/content/page-script.ts b/apps/browser/src/vault/fido2/content/page-script.ts index aaf3bec9cd6..9d43788a98c 100644 --- a/apps/browser/src/vault/fido2/content/page-script.ts +++ b/apps/browser/src/vault/fido2/content/page-script.ts @@ -52,6 +52,14 @@ const browserCredentials = { const messenger = Messenger.forDOMCommunication(window); +const isNotIframeCheck = () => { + try { + return window.self === window.top; + } catch { + return false; + } +}; + navigator.credentials.create = async ( options?: CredentialCreationOptions, abortController?: AbortController @@ -62,6 +70,8 @@ navigator.credentials.create = async ( (options?.publicKey?.authenticatorSelection.authenticatorAttachment !== "platform" && browserNativeWebauthnSupport); try { + const isNotIframe = isNotIframeCheck(); + const response = await messenger.request( { type: MessageType.CredentialCreationRequest, @@ -69,7 +79,7 @@ navigator.credentials.create = async ( data: WebauthnUtils.mapCredentialCreationOptions( options, window.location.origin, - true, + isNotIframe, fallbackSupported ), }, @@ -96,6 +106,8 @@ navigator.credentials.get = async ( ): Promise => { const fallbackSupported = browserNativeWebauthnSupport; try { + const isNotIframe = isNotIframeCheck(); + const response = await messenger.request( { type: MessageType.CredentialGetRequest, @@ -103,7 +115,7 @@ navigator.credentials.get = async ( data: WebauthnUtils.mapCredentialRequestOptions( options, window.location.origin, - true, + isNotIframe, fallbackSupported ), },