profile
viewpoint
Nina Satragno nsatragno Google Kitchener, ON, Canada http://twitter.com/nsatragno 👩🏻‍💻 Computer Engineer @ Chrome 🔐 Making the web safer ✨ Rosalina & Luma main 🐈 Cat mom 👸🏻 she/her

google/virtual-authenticators-tab 135

Debug webauthn with a chrome extension that adds a virtual authenticators tab to devtools

google/CTAP2-test-tool 36

Test tool for CTAP2 authenticators

nsatragno/dota2timer 4

Temporizador de DOTA2 para el smartwatch Pebble

nsatragno/AMAR 1

Alimentador de Mascotas Automático con Raspberry pi.

nsatragno/angular-csv-parser 1

An angularjs service with methods to turn strings representing CSV files into arrays of objects and vice-versa

nsatragno/battlesnake 1

Nothing too fancy, this is a simple battlesnake implementation for a competition at work

nsatragno/gosu-fighter 1

2D side scrolling shooter written in ruby using the gosu library.

nsatragno/2015a 0

Repositorio con el código dado en las clases del Taller de Programación Avanzada de los sábados. UNLaM

PR closed nsatragno/webauthn

Reviewers
Add conditional UI flow

Introduce a CredentialRequestOptions parameter that instructs the user agent to show a prominent user interface only if there are discoverable credentials detected.

A new credential type, ConditionalPublicKeyCredential, which is effectively a carbon-copy of PublicKeyCredential, is introduced to allow feature detection and integration with the credential management relevant credential interface objects algorithm.

Since this specification does not prescribe behaviour regarding user interfaces, the details are left vague on purpose.

+35 -6

2 comments

1 changed file

nsatragno

pr closed time in 18 hours

pull request commentnsatragno/webauthn

Add conditional UI flow

Agreed.

nsatragno

comment created time in 18 hours

PullRequestReviewEvent

startedAcurisu/NieR-Replicant-ver.1.22474487139

started time in a month

Pull request review commentw3c/webauthn

conditional UI via mediation

 When this method is invoked, the user agent MUST execute the following algorithm  1. Let |options| be the value of <code>|options|.{{CredentialRequestOptions/publicKey}}</code>. -1. If the {{PublicKeyCredentialRequestOptions/timeout}} member of |options| is present, check if its value lies-    within a reasonable range as defined by the [=client=] and if not, correct it to the closest value lying within that range.-    Set a timer |lifetimeTimer| to this adjusted value. If the {{PublicKeyCredentialRequestOptions/timeout}} member of-    |options| is not present, then set |lifetimeTimer| to a [=client=]-specific default.+1. If <code>|options|.{{CredentialRequestOptions/mediation}}</code> is present with the value+    {{CredentialMediationRequirement/conditional}}: -        Recommended ranges and defaults for the {{PublicKeyCredentialRequestOptions/timeout}} member of |options| are as follows.-          If <code>|options|.{{PublicKeyCredentialRequestOptions/userVerification}}</code>-            <dl class="switch">-                :   is set to {{UserVerificationRequirement/discouraged}}-                ::  Recommended range: 30000 milliseconds to 180000 milliseconds.-                ::  Recommended default value: 120000 milliseconds (2 minutes).+    1. If <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code> is not [=list/empty=],+        return a {{DOMException}} whose name is "{{NotAllowedError}}", and terminate this algorithm.

Agreed, this should be NotSupportedError. Done.

equalsJeffH

comment created time in a month

Pull request review commentw3c/webauthn

conditional UI via mediation

 When this method is invoked, the user agent MUST execute the following algorithm         ::  [=set/For each=] |authenticator| in |issuedRequests| invoke the [=authenticatorCancel=] operation on |authenticator|             and [=set/remove=] |authenticator| from |issuedRequests|. Return a {{DOMException}} whose name is "{{NotAllowedError}}". -        :   If the {{CredentialRequestOptions/signal}} member is present and the [=AbortSignal/aborted flag=] is set to-            [TRUE],-        ::  [=set/For each=] |authenticator| in |issuedRequests| invoke the [=authenticatorCancel=] operation on |authenticator|-            and [=set/remove=] |authenticator| from |issuedRequests|. Then-            return a {{DOMException}} whose name is "{{AbortError}}" and terminate this algorithm.+            <!-- this needs to be indented 2 more levels to get it to render properly -->+                <dt id="GetAssn-ConditionalMediation-Interact-FormControl">+                    If <code>|options|.{{CredentialRequestOptions/mediation}}</code> is {{CredentialMediationRequirement/conditional}}+                    and the user interacts with an <{input}> form control with an <{input/autocomplete}> attribute whose value+                    contains a `"webauthn"` [=autofill detail token=],+                </dt> -        :   If |issuedRequests| is empty, <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code> is not empty, and no |authenticator| will become available for any [=public key credentials=] therein,-        ::  Indicate to the user that no eligible credential could be found. When the user acknowledges the dialog, return a {{DOMException}} whose name is "{{NotAllowedError}}".+        ::  1. If |silentlyDiscoveredCredentials| is not [=list/empty=]: -            Note: One way a [=client platform=] can determine that no |authenticator| will become available is by examining the <code>{{transports}}</code> members of the present <code>{{PublicKeyCredentialDescriptor}}</code> [=list/items=] of <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code>, if any. For example, if all <code>{{PublicKeyCredentialDescriptor}}</code> [=list/items=] list only <code>{{AuthenticatorTransport/internal}}</code>, but all [=platform authenticator|platform=] |authenticator|s have been tried, then there is no possibility of satisfying the request. Alternatively, all <code>{{PublicKeyCredentialDescriptor}}</code> [=list/items=] may list <code>{{transports}}</code> that the [=client platform=] does not support.+                1. Prompt the user to optionally select a [=DiscoverableCredentialMetadata=] (|credentialMetadata|) from |silentlyDiscoveredCredentials|. -        :   If an |authenticator| becomes available on this [=client device=],-        ::  Note:  This includes the case where an |authenticator| was available upon |lifetimeTimer| initiation.+                    Note: The prompt shown SHOULD include values from |credentialMetadata|'s [=DiscoverableCredentialMetadata/otherUI=]+                    such as {{PublicKeyCredentialEntity/name}} and {{PublicKeyCredentialUserEntity/displayName}}. -            1. If <code>|options|.{{PublicKeyCredentialRequestOptions/userVerification}}</code> is set to-                {{UserVerificationRequirement/required}} and the |authenticator| is not capable of performing [=user verification=],-                [=iteration/continue=].+                1. If the user selects a |credentialMetadata|, -            1. Let |userVerification| be the <dfn>effective user verification requirement for assertion</dfn>, a Boolean value, as-                follows. If <code>|options|.{{PublicKeyCredentialRequestOptions/userVerification}}</code>+                    1. Let |optionsCopy| be a temporary copy of |options|. -                    <dl class="switch">+                    1. Let |authenticator| be the value of |silentlyDiscoveredCredentials|[|credentialMetadata|]. -                        :   is set to {{UserVerificationRequirement/required}}-                        ::  Let |userVerification| be [TRUE].+                    1. Set <code>|optionsCopy|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code> to be a [=list=] containing a+                        single {{PublicKeyCredentialDescriptor}} [=list/item=] whose  {{PublicKeyCredentialDescriptor/id}}'s value is set to+                        |credentialMetadata|'s [=DiscoverableCredentialMetadata/id=]'s value. -                        :   is set to {{UserVerificationRequirement/preferred}}-                        ::  If the |authenticator|+                    1. Execute the [=issuing a credential request to an authenticator=] algorithm with |authenticator|, |savedCredentialIds| and |optionsCopy|. -                            <dl class="switch">-                                :   is capable of [=user verification=]-                                ::  Let |userVerification| be [TRUE].+                    1. [=set/Append=] |authenticator| to |issuedRequests|. -                                :   is not capable of [=user verification=]-                                ::  Let |userVerification| be [FALSE].-                            </dl>+            Issue: Nina to submit a PR to the HTML spec to add the "webauthn" autofill detail token. -                        :   is set to {{UserVerificationRequirement/discouraged}}-                        ::  Let |userVerification| be [FALSE].+        :   If the {{CredentialRequestOptions/signal}} member is present and the [=AbortSignal/aborted flag=] is set to+            [TRUE],+        ::  [=set/For each=] |authenticator| in |issuedRequests| invoke the [=authenticatorCancel=] operation on |authenticator|+            and [=set/remove=] |authenticator| from |issuedRequests|. Then+            return a {{DOMException}} whose name is "{{AbortError}}" and terminate this algorithm. -                    </dl>+        :   If <code>|options|.{{CredentialRequestOptions/mediation}}</code> is not {{CredentialMediationRequirement/conditional}},+            |issuedRequests| is empty, <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code> is not empty,+            and no |authenticator| will become available for any [=public key credentials=] therein,+        ::  Indicate to the user that no eligible credential could be found. When the user acknowledges the dialog, return a {{DOMException}} whose name is "{{NotAllowedError}}". -            1. <span id="allowCredentialDescriptorListCreation"></span>-                If <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code>-                <dl class="switch">-                    :   [=list/is not empty=]-                    ::  1. Let |allowCredentialDescriptorList| be a new [=list=].+            Note: One way a [=client platform=] can determine that no |authenticator| will become available is by examining the <code>{{transports}}</code> members of the present <code>{{PublicKeyCredentialDescriptor}}</code> [=list/items=] of <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code>, if any. For example, if all <code>{{PublicKeyCredentialDescriptor}}</code> [=list/items=] list only <code>{{AuthenticatorTransport/internal}}</code>, but all [=platform authenticator|platform=] |authenticator|s have been tried, then there is no possibility of satisfying the request. Alternatively, all <code>{{PublicKeyCredentialDescriptor}}</code> [=list/items=] may list <code>{{transports}}</code> that the [=client platform=] does not support. -                        1. Execute a [=client platform=]-specific procedure to determine which, if any, [=public key credentials=] described by-                            <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}</code> are [=bound credential|bound=] to this-                            |authenticator|, by matching with |rpId|,-                            <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}.{{PublicKeyCredentialDescriptor/id}}</code>,-                            and-                            <code>|options|.{{PublicKeyCredentialRequestOptions/allowCredentials}}.{{PublicKeyCredentialDescriptor/type}}</code>.-                            Set |allowCredentialDescriptorList| to this filtered list.+        :   If an |authenticator| becomes available on this [=client device=],+        ::  Note:  This includes the case where an |authenticator| was available upon |lifetimeTimer| initiation. -                        1. If |allowCredentialDescriptorList| [=list/is empty=], [=continue=].+            1. If <code>|options|.{{CredentialRequestOptions/mediation}}</code> is {{CredentialMediationRequirement/conditional}}+                and the |authenticator| supports the [=silentCredentialDiscovery=] operation: -                        1. Let |distinctTransports| be a new [=ordered set=].+                1. Let |collectedDiscoveredCredentialMetadata| be the result of invoking the [=silentCredentialDiscovery=] operation on |authenticator| with |rpId| as parameter. -                        1. If |allowCredentialDescriptorList| has exactly one value, set-                            <code>|savedCredentialIds|[|authenticator|]</code> to <code>|allowCredentialDescriptorList|[0].id</code>'s-                            value (see [here](#authenticatorGetAssertion-return-values) in [[#sctn-op-get-assertion]] for more information).+                1. [=list/For each=] |credentialMetadata| of |collectedDiscoveredCredentialMetadata|: -                        1. [=list/For each=] credential descriptor |C| in |allowCredentialDescriptorList|,-                            [=set/append=] each value, if any, of <code>|C|.{{transports}}</code> to |distinctTransports|.+                    1. [=map/Set=] |silentlyDiscoveredCredentials|[|credentialMetadata|] to |authenticator|. -                            Note: This will aggregate only distinct values of {{transports}} (for this [=authenticator=]) in-                                |distinctTransports| due to the properties of [=ordered sets=].+                        Note: A request will be issued to this authenticator upon user selection of a credential via+                        interaction with a particular UI context+                        (see [here](#GetAssn-ConditionalMediation-Interact-FormControl) for details). -                        1. If |distinctTransports|-                            <dl class="switch">-                                :   [=list/is not empty=]-                                ::  The client selects one |transport| value from |distinctTransports|, possibly incorporating local-                                    configuration knowledge of the appropriate transport to use with |authenticator| in making its-                                    selection.--                                    Then, using |transport|, invoke the [=authenticatorGetAssertion=] operation on-                                    |authenticator|, with |rpId|, |clientDataHash|, |allowCredentialDescriptorList|,-                                    |userVerification|, and |authenticatorExtensions| as parameters.--                                :   [=list/is empty=]-                                ::  Using local configuration knowledge of the appropriate transport to use with |authenticator|,-                                    invoke the [=authenticatorGetAssertion=] operation on |authenticator| with |rpId|,-                                    |clientDataHash|, |allowCredentialDescriptorList|, |userVerification|, and-                                    |authenticatorExtensions| as parameters.-                            </dl>+            1. Else: -                    :   [=list/is empty=]-                    ::  Using local configuration knowledge of the appropriate transport to use with |authenticator|, invoke the-                        [=authenticatorGetAssertion=] operation on |authenticator| with |rpId|, |clientDataHash|,-                        |userVerification| and |authenticatorExtensions| as parameters.+                1. Execute the [=issuing a credential request to an authenticator=] algorithm with |authenticator|, |savedCredentialIds| and |options|. -                        Note: In this case, the [=[RP]=] did not supply a list of acceptable credential descriptors. Thus, the-                            authenticator is being asked to exercise any credential it may possess that is [=scoped=] to-                            the [=[RP]=], as identified by |rpId|.-                </dl>+                    Note: This branch is taken if <code>|options|.{{CredentialRequestOptions/mediation}}</code> is {{CredentialMediationRequirement/conditional}}+                    and the |authenticator| does not support the [=silentCredentialDiscovery=] operation to allow use of such authenticators during a+                    {{CredentialMediationRequirement/conditional}} [=user mediation=] request.              1. [=set/Append=] |authenticator| to |issuedRequests|.

Good catch, you're right. Done.

equalsJeffH

comment created time in a month

PullRequestReviewEvent
PullRequestReviewEvent

push eventnsatragno/webauthn

Nina Satragno

commit sha 4790c172a33e7ef4e43bcf146f97e0954c231cd9

Add Jeff's suggestion

view details

Nina Satragno

commit sha b359055a1d1a2e14c9fcc17412ce5bb62706f476

Address emlun's comments.

view details

push time in a month

GollumEvent

push eventnsatragno/webauthn

Emil Lundberg

commit sha a4b80ad68caaf7e283fc1cb10e6c405d8b034147

Update FIDO-Registry link (#1675)

view details

=JeffH

commit sha 92a2295b08956939910303cc047170091153679d

remove extraneous "create credential" permissions policy cruft (#1686) fixes #1685

view details

Nina Satragno

commit sha ed7c852a44a8c74a3982e2ab1e855513cd1e19d3

Add conditional UI flow

view details

Nina Satragno

commit sha faa2da08a4716c339b191077265044c732a69e9c

Remove unneeded dictionary.

view details

Nina Satragno

commit sha 04f08a6ebf8afbc869d8981b53b7444cc5c92ef0

Do not allow non-discoverable credentials for the conditional UI flow

view details

Nina Satragno

commit sha 98559e0fa96ee1f2f8f9bb95acf551261ad68131

Fix request option type

view details

JeffH

commit sha accd9a8f5f52f4e7fdb22b840f19cafbef7ecc8c

conditional UI flow rework see also https://github.com/w3c/webappsec-credential-management/pull/155 and [Explainer: WebAuthn Conditional/Hinted UI](https://docs.google.com/document/d/11hWpUPAnblPtkn1f7AIQW0ujoiu_BAKzlMVhZKQPiW8/)

view details

Nina Satragno

commit sha 83048513addb08f463e8e0572bb00194a205b84f

Clean up and add availability.

view details

Nina Satragno

commit sha 302a370d74991cca659283a3c6527f0b393ef1f4

wip: Conditional UI + autofill specification.

view details

Nina Satragno

commit sha af3968d7991b6257005927521f5a201f6af3c51f

Put isConditionalMediationAvailable on interface block

view details

Nina Satragno

commit sha 8baca602558d7587e6d4ac65ab36347c0ade79b0

Add silent discovery and polish.

view details

Nina Satragno

commit sha ed8d8fabfdb6b1cdbedd3d787296c94c435f7997

Only return discoverable credentials.

view details

Nina Satragno

commit sha b1e900c7b731a577097b6d343ae7f6d35ef2ce16

Do not timeout, no need for |conditionalFlow|

view details

Nina Satragno

commit sha 70d272f2a4dbefa65715bf1e59250e76b351b99b

Don't use pkcs directly.

view details

Nina Satragno

commit sha 5f15ba7a9852aa1cb140f4fcfed4d65f5a2151ae

Address comments.

view details

Nina Satragno

commit sha 1e93cbfac82e4a0bfdfa92a6cd747ea104aa7654

Apply most of the suggestions Co-authored-by: =JeffH <jdhodges@google.com>

view details

Nina Satragno

commit sha 7fdbff0523da024680a6f5ed4b3ac65e1c712aa4

Address more comments.

view details

Nina Satragno

commit sha 716ac32fda25400b8d6eaa65c8ed4f7560835ee0

add blurb to request algo

view details

Nina Satragno

commit sha b131c69fca5d3e300f6a8f2d2b66400505b2486a

guard credential metadata prompt section

view details

Nina Satragno

commit sha e5c82e2f07262f6f563393ed3908a963f2f1e11e

Address comments.

view details

push time in a month

push eventnsatragno/webauthn

Nina Satragno

commit sha 9e23ab040ad1a6ba4e7fbcf3afbba4b24869a991

Apply suggestions from code review Co-authored-by: =JeffH <jdhodges@google.com>

view details

push time in a month

issue commentw3ctag/design-reviews

Credential Management: Conditional Mediation

Hi @torgo, thank you for looking into this! I have ported the explainer to a wiki file written in markdown on the WebAuthn repository.

I'll try to answer all the questions below:

if the user does have an appropriate credential but they don't want to use it - for example, they want to log in as another identity - then what information does the web app know about the user's choice?

The user agent will disclose a credential if and only if the user selects that webauthn credential and passes the local user verification challenge. For any other case, the user agent won't disclose anything at all. In other words, if they want to log-in with a different identity, the website will get no information at all through WebAuthn/Conditional UI. I have updated the explainer's privacy considerations to make this more clear.

If the web page displays a username and password dialog at the same time that the browser surfaces a webauthn UI of some kind to pick a credential, isn't that going to be confusing to the user?

Conditional UI is designed to integrate with the browser's existing autofill UI surface to address this, i.e. it should be no more confusing that the website offering to autofill a password

Since the web page won't know that the browser is supplying this UI (which seems important from a privacy & security standpoint) how is that expected to work?

Autofill surfaces and sign-in forms already deal with this UI dynamic, which we are leveraging for Conditional UI.

nsatragno

comment created time in a month

GollumEvent
GollumEvent
GollumEvent
GollumEvent

Pull request review commentweb-platform-tests/wpt

Check that credential.id is base64-encoding of credential.rawId

 function validatePublicKeyCredential(cred) {     // rawId     assert_idl_attribute(cred, "rawId", "should return PublicKeyCredential with rawId attribute");     assert_readonly(cred, "rawId", "should return PublicKeyCredential with readonly rawId attribute");+    rawId = cred.rawId;

Did you forget about this change?

dontcallmedom

comment created time in a month

PullRequestReviewEvent
PullRequestReviewEvent

Pull request review commentw3c/webappsec-credential-management

Add permissions-policy check for publicKey credentials

 spec:css-syntax-3;     6.  Let |sameOriginWithAncestors| be `true` if |settings| is [=same-origin with its         ancestors=], and `false` otherwise. -    7.  Run the following steps [=in parallel=]:+    7.  Let |key| be the result of [=map/getting the key=] of |options|.

The getting the keys algorithm returns all keys (e.g. mediation, publicKey, federated...). Perhaps:

If options contains an entry with the key {{CredentialRequestOptions/publicKey}}, then...
equalsJeffH

comment created time in a month

Pull request review commentw3c/webappsec-credential-management

Add permissions-policy check for publicKey credentials

 spec:css-syntax-3;     6.  Let |sameOriginWithAncestors| be `true` if |settings| is [=same-origin with its         ancestors=], and `false` otherwise. -    7.  Run the following steps [=in parallel=]:+    7.  Let |key| be the result of [=map/getting the key=] of |options|.++    8.  If |key| is {{CredentialRequestOptions/publicKey}} then

We should add web OTP

https://wicg.github.io/web-otp/#sctn-permissions-policy

This mechanism is a bit of a pain to extend to other credential types and somewhat defeats the purpose of the credential types registry. Can we add the permission policy names to the registry, and then iterate those?

equalsJeffH

comment created time in a month

Pull request review commentw3c/webappsec-credential-management

Add permissions-policy check for publicKey credentials

 Shortname: credential-management Level: 1 Editor: Jeff Hodges, w3cid 43843, Google Inc., jdhodges@google.com Editor: Nina Satragno, w3cid 116344, Google Inc., nsatragno@google.com-Former Editor: Mike West 56384, Google Inc., mkwst@google.com+Former Editor: Mike West 56384, Google Inc., mkwst@google.co

nit: unintentional change?

equalsJeffH

comment created time in a month

PullRequestReviewEvent
PullRequestReviewEvent

Pull request review commentw3c/webappsec-credential-management

Map options member identifiers and credential types: public-key vs publicKey

 spec:css-syntax-3;   This document depends on the Infra Standard for a number of foundational concepts used in its   algorithms and prose [[!INFRA]]. ++  ### Infrastructure Algorithms ### {#sctn-infra-algorithms}++  <!-- NOTE: '<h4>' maps to the same heading level as three hashs '###', thus using '<h5>' for the next section -->+  <h5 id="algorithm-same-origin-with-ancestors" algorithm>Same-Origin with its Ancestors</h5>+   An [=environment settings object=] (|settings|) is <dfn noexport>same-origin with its   ancestors</dfn> if the following algorithm returns `true`: -  1.  If |settings| has no [=environment settings object/responsible document=],-      return `false`.+  <ol class="algorithm">+    1.  If |settings| has no [=environment settings object/responsible document=],+        return `false`.++    2.  Let |document| be |settings|' [=environment settings object/responsible document=]. -  2.  Let |document| be |settings|' [=environment settings object/responsible document=].+    3.  If |document| has no [=document/browsing context=], return `false`. -  3.  If |document| has no [=document/browsing context=], return `false`.+    4.  Let |origin| be |settings|' [=environment settings object/origin=]. -  4.  Let |origin| be |settings|' [=environment settings object/origin=].+    5.  Let |current| be |document|'s [=document/browsing context=]. -  5.  Let |current| be |document|'s [=document/browsing context=].+    6.  While |current| has a [=parent browsing context=]:++        1.  Set |current| to |current|'s [=parent browsing context=].++        2.  If |current|'s [=active document=]'s [=origin=] is not [=same origin=] with |origin|,+            return `false`.++    7.  Return `true`.+  </ol>++  ### Registry: Credential Type to Options Member Identifier Mappings ### {#sctn-registry-cred-type-to-options-member-identifier}++  This registry maps [=credential types=] (i.e., {{Credential/[[type]]}} values) to the+  [=dictionary member=] [=identifier=] used in+  {{CredentialCreationOptions}} and {{CredentialRequestOptions}} (i.e., "options dictionaries")+  by their specifications.++  Note: This registry is used by the [=relevant credential interface objects=] algorithm.+++  <table class="complex data longlastcol">+    <tr>+        <th>Credential Type<br>+        (in alphabetical order)</th>+        <th>Options Member Identifier</th>

find all instances of that object type

I believe there's only one instance of each interface object, e.g. only one instance of the {{PublicKeyCredential}} interface, so you wouldn't need to do step c. Instead, you'd presumably append the value in the "appropriate interface object" column to the relevant interface objects set. in step b.

equalsJeffH

comment created time in a month

PullRequestReviewEvent

pull request commentw3c/webappsec-credential-management

Add default dictionary value

(closing because someone already made this change! this must have fallen through the cracks)

saschanaz

comment created time in a month

PR closed w3c/webappsec-credential-management

Add default dictionary value

Required after heycam/webidl#750. (Found from web-platform-tests/wpt#18382)

<!-- This comment and the below content is programatically generated. You may add a comma-separated list of anchors you'd like a direct link to below (e.g. #idl-serializers, #idl-sequence):

Don't remove this comment or modify anything below this line.
If you don't want a preview generated for this pull request,
just replace the whole of this comment's content by "no preview"
and remove what's below.

-->


<a href="https://pr-preview.s3.amazonaws.com/saschanaz/webappsec-credential-management/pull/139.html" title="Last updated on Feb 16, 2021, 11:21 PM UTC (b9265e8)">Preview</a> | <a href="https://pr-preview.s3.amazonaws.com/w3c/webappsec-credential-management/139/99332be...saschanaz:b9265e8.html" title="Last updated on Feb 16, 2021, 11:21 PM UTC (b9265e8)">Diff</a>

+2 -2

1 comment

1 changed file

saschanaz

pr closed time in a month

delete branch w3c/webappsec-credential-management

delete branch : jeffh-add-conditional-mediation-approach

delete time in 2 months

more