Today I learned that the way the Google FIDO u2f polyfill is written means the API defined at https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#high-level-javascript-api … can't actually be shipped in non-Chrome browsers in that form because the polyfill will stomp on it with code that only works in Chrome.
-
-
What's inside the functions that only works in Chrome?
-
Looking at https://u2fdemo.appspot.com/js/u2f-api.js the relevant bit is u2f.getMessagePort. It checks for chrome.runtime, then for a Chrome Android user-agent, then for iOS-specific stuff, and finally falls back to a chrome-extension:// iframe. That last only works in Chrome, yes? ;)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.