246339 – [WebAuthn] window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable set to False for carnival.com | Safari IOS 16.1

Bug 246339 - [WebAuthn] window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable set to False for carnival.com | Safari IOS 16.1

Summary: [WebAuthn] window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAva...

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit API (show other bugs)
Version:	Safari 16
Hardware:	Other iOS 16

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2022-10-11 07:38 PDT by Tal Peretz
Modified:	2022-10-18 07:38 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tal Peretz 2022-10-11 07:38:03 PDT

While trying of using WebAuthn on carnival.com with IOS 16.1 (beta 4) and mobile Safari, we discovered that the PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable flag was set to false for unknown reasons. From the source code of Webkit, it appears that Webkit is blocking the use of Webauthn for a number of domains which are not publicly shared. The issue occurs only on carnival.com.

As far as I am aware, this is a bug because it works perfectly on IOS 16.0 with Safari (as passkeys) on the domain carnival.com.

Comment 1 Radar WebKit Bug Importer 2022-10-18 07:38:19 PDT

<rdar://problem/101290643>