Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Webauthn inside iframe and cross origin

  • 2 답장
  • 1 이 문제를 만남
  • 57 보기
  • 최종 답변자: cor-el

more options

Hello,

does Firefox support "allow" Tag for Web Authentication API? I am trying to Register(create()) Credentials(Yubikey) but the request is rejected. How can I allow an iframe to create Credentials?

window - a.domain.com iframe - b.domain.com

I am trying to register the keys for domain.com

5.10. Using Web Authentication within iframe elements The Web Authentication API is disabled by default in cross-origin iframes. To override this default policy and indicate that a cross-origin iframe is allowed to invoke the Web Authentication API, specify the allow attribute on the iframe element and include the publickey-credentials feature-identifier token in the allow attribute’s value. https://w3c.github.io/webauthn/#publickey-credentials-feature

Note: This API is restricted to top-level contexts. Use from within an <iframe> element will not have any effect. https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential

<iframe allow="publickey-credentials 'https://myprofile.ekir.de';" src="https://b.domain.com"> <iframe allow="publickey-credentials:*" src="https://b.domain.com"> <iframe allow="publickey-credentials:*" publickey-credentials src="https://b.domain.com">


Thank you in Advance!

Hello, does Firefox support "allow" Tag for Web Authentication API? I am trying to Register(create()) Credentials(Yubikey) but the request is rejected. How can I allow an iframe to create Credentials? window - a.domain.com iframe - b.domain.com I am trying to register the keys for domain.com 5.10. Using Web Authentication within iframe elements The Web Authentication API is disabled by default in cross-origin iframes. To override this default policy and indicate that a cross-origin iframe is allowed to invoke the Web Authentication API, specify the allow attribute on the iframe element and include the publickey-credentials feature-identifier token in the allow attribute’s value. https://w3c.github.io/webauthn/#publickey-credentials-feature Note: This API is restricted to top-level contexts. Use from within an <iframe> element will not have any effect. https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential <iframe allow="publickey-credentials 'https://myprofile.ekir.de';" src="https://b.domain.com"> <iframe allow="publickey-credentials:*" src="https://b.domain.com"> <iframe allow="publickey-credentials:*" publickey-credentials src="https://b.domain.com"> Thank you in Advance!

모든 댓글 (2)

more options

This method is restricted to top-level contexts. Calls to it within an <iframe> element will resolve without effect. https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/create

글쓴이 UserCanFirefox 수정일시

more options