New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 807774 link

Starred by 2 users

Issue metadata

Status: Fixed
Owner:
Closed: Feb 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: ----
Type: ----



Sign in to add a comment

empty rpID in navigator.credentials.get(publicKey) causes crash

Project Member Reported by kpaulhamus@chromium.org, Jan 31 2018

Issue description

Issue found during testing with external relying party server implementations.
 
Project Member

Comment 1 by bugdroid1@chromium.org, Feb 19 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18

commit d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18
Author: Kim Paulhamus <kpaulhamus@chromium.org>
Date: Mon Feb 19 07:33:44 2018

Check publickey security requirements for calls to get(publicKey)
and handle empty or missing rpIds.

Add layout tests for various combinations of origins and rpId to
get(publicKey) just like the existing ones for create(publicKey).

Bug:  807774 ,  664630 
Change-Id: I86d3d36c3f3825743f003da69245c74bdca10d5b
Reviewed-on: https://chromium-review.googlesource.com/896384
Commit-Queue: Kim Paulhamus <kpaulhamus@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Balazs Engedy <engedy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#537594}
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/VirtualTestSuites
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-basics.html
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-from-nested-frame-expected.txt
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-from-nested-frame.html
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-origins.html
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-basics.html
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-from-nested-frame-expected.txt
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-from-nested-frame.html
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-origins.html
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/credential-helpers.js
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/nested-mock-authenticator-client.html
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/publickey-get-helper.html
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/virtual/enable-webauthn/http/tests/credentialmanager/README.txt
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/virtual/enable-webauthn/http/tests/credentialmanager/credentialscontainer-create-from-nested-frame-expected.txt
[add] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/LayoutTests/virtual/enable-webauthn/http/tests/credentialmanager/credentialscontainer-get-from-nested-frame-expected.txt
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/Source/modules/credentialmanager/CredentialManagerTypeConverters.cpp
[modify] https://crrev.com/d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

Components: Blink>WebAuthentication
Status: Fixed (was: Assigned)
Labels: Merge-Request-65 OS-Android OS-Chrome OS-Linux OS-Mac OS-Windows
Requesting merge to fix a crashing bug with a feature that is in Chrome-65 behind a flag. External servers that are testing against this implementation are affected by the bug.
Project Member

Comment 4 by sheriffbot@chromium.org, Feb 23 2018

Labels: -Merge-Request-65 Merge-Review-65 Hotlist-Merge-Review
This bug requires manual review: We are only 10 days from stable.
Please contact the milestone owner if you have questions.
Owners: cmasso@(Android), cmasso@(iOS), bhthompson@(ChromeOS), govind@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 5 by gov...@chromium.org, Feb 23 2018

Before we approve merge to M65, could you pls confirm followings?

Is this M65 regression and critical to merge?
Is the change well baked/verified in Canary, having enough automation tests coverage and safe to merge?
Any other imp details to justify the merge.

Please note M65 is VERY close to Stable promotion so merge bar is very high. Thank you.

I don't know if you can call it a 'regression' - the feature was only added behind a flag for 65.

This feature was verified in Canary, and this CL adds a number of tests for it.

The core issue is that an empty or missing "relying party ID" should be set to the current origin by default. This was being done for one of the API calls, navigator.credentials.create(), but not for this API call, which results in a crash later down the line.

Comment 7 by gov...@chromium.org, Feb 23 2018

Thank you kpaulhamus@. If something goes wrong, can we disable this feature via Finch?
The feature is already behind a flag; it's always disabled by default.

Comment 9 by gov...@chromium.org, Feb 23 2018

Cc: cma...@chromium.org
Are we planning to enable this feature on M65? If not, then i don't think we need a merge to M65.

+cmasso@, what do you think?
Sorry missed comment #3. 

Per chat with  kpaulhamus@, the feature is only shipping behind a flag for 65
relying party servers are already testing against it, hence our wanting it to be as stable as possible when they do enable the feature. 

cmass@, I'm ok to take this merge in for M65. Are you ok with it?


Comment 11 by cmasso@google.com, Feb 23 2018

All good!
Labels: -Merge-Review-65 Merge-Approved-65
Thank you cmasso@. Approving merge to M65 now.
M65 branch is 3325.
Thank you!
Project Member

Comment 15 by bugdroid1@chromium.org, Feb 23 2018

Labels: -merge-approved-65 merge-merged-3325
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e3d96590291b371b643ee138dfe3b50a41cf2fde

commit e3d96590291b371b643ee138dfe3b50a41cf2fde
Author: Kim Paulhamus <kpaulhamus@chromium.org>
Date: Fri Feb 23 20:18:17 2018

Check publickey security requirements for calls to get(publicKey)
and handle empty or missing rpIds.

Add layout tests for various combinations of origins and rpId to
get(publicKey) just like the existing ones for create(publicKey).

Bug:  807774 ,  664630 
Change-Id: I86d3d36c3f3825743f003da69245c74bdca10d5b
Reviewed-on: https://chromium-review.googlesource.com/896384
Commit-Queue: Kim Paulhamus <kpaulhamus@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Balazs Engedy <engedy@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#537594}(cherry picked from commit d1eeb248ea7f29e21901ad3ee3e5b7abcd0d6c18)
Reviewed-on: https://chromium-review.googlesource.com/935223
Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org>
Cr-Commit-Position: refs/branch-heads/3325@{#578}
Cr-Branched-From: bc084a8b5afa3744a74927344e304c02ae54189f-refs/heads/master@{#530369}
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/VirtualTestSuites
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-basics.html
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-from-nested-frame-expected.txt
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-from-nested-frame.html
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-create-origins.html
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-basics.html
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-from-nested-frame-expected.txt
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-from-nested-frame.html
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/credentialscontainer-get-origins.html
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/credential-helpers.js
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/nested-mock-authenticator-client.html
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/publickey-get-helper.html
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/virtual/enable-webauthn/http/tests/credentialmanager/README.txt
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/virtual/enable-webauthn/http/tests/credentialmanager/credentialscontainer-create-from-nested-frame-expected.txt
[add] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/LayoutTests/virtual/enable-webauthn/http/tests/credentialmanager/credentialscontainer-get-from-nested-frame-expected.txt
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/Source/modules/credentialmanager/CredentialManagerTypeConverters.cpp
[modify] https://crrev.com/e3d96590291b371b643ee138dfe3b50a41cf2fde/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp

Sign in to add a comment