tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert "ui: window/Settings / WebAuthn: add browser setting for userVerificationo"

Browse Source 
even if the options *could* be set in the frontend, the backend
actually has to do validation of those settings, thus we should not
make that a browser setting

additionally, having the value 'preferred' does not actually make sense,
since it does not add any security (the backend skips the
userverification check then)

This reverts commit aca4c2b5a9.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This commit is contained in:
Dominik Csapak
2021-02-25 10:01:20 +01:00
committed by Thomas Lamprecht
parent 7f37cacfac
commit b452e2df74
3 changed files with 1 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
www/LoginView.js
View File

@ -390,11 +390,6 @@ Ext.define('PBS.login.TfaWindow', {
// Byte array fixup, keep challenge string:
challenge.string = challenge.publicKey.challenge;
challenge.publicKey.challenge = PBS.Utils.base64url_to_bytes(challenge.string);
let userVerification = Ext.state.Manager.getProvider().get('webauthn-user-verification');
if (userVerification !== undefined) {
challenge.publicKey.userVerification = userVerification;
}
for (const cred of challenge.publicKey.allowCredentials) {
cred.id = PBS.Utils.base64url_to_bytes(cred.id);
}