| <!DOCTYPE html> |
| <meta charset="utf-8"> |
| <title>WebAuthn navigator.credentials.create() clientData test</title> |
| <link rel="help" href="https://w3c.github.io/webauthn/#iface-credential"> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="/resources/testdriver.js"></script> |
| <script src="/resources/testdriver-vendor.js"></script> |
| <script src="helpers.js"></script> |
| <body></body> |
| <script> |
| standardSetup(function() { |
| "use strict"; |
| |
| const options = { |
| rp: {name: "Acme"}, |
| user: {id: new Uint8Array(1), name: "name", displayName: ""}, |
| pubKeyCredParams: [{type: "public-key", alg: -7}], |
| attestation: "none", |
| challenge: new Uint8Array([0xff]), |
| }; |
| |
| promise_test(async t => { |
| const cred = await navigator.credentials.create({publicKey: options}); |
| // WebAuthn specifies a precise, JSON-compatible serialization for the |
| // clientDataJSON. See |
| // https://www.w3.org/TR/webauthn-2/#clientdatajson-serialization |
| const expectedPrefix = |
| `{"type":"webauthn.create","challenge":"_w","origin":"`; |
| const clientData = new TextDecoder().decode(cred.response.clientDataJSON); |
| assert_true(clientData.startsWith(expectedPrefix), |
| "The clientData (" + clientData + |
| ") should have the prefix: " + expectedPrefix); |
| |
| |
| // Skip over the origin value by finding the closing quote. |
| const originEnd = clientData.indexOf('"', expectedPrefix.length); |
| assert_not_equals(originEnd, -1, "Should find the closing quote for origin"); |
| |
| const expectedRemainder = `","crossOrigin":false`; |
| assert_true(clientData.substring(originEnd).startsWith(expectedRemainder), |
| "The clientData (" + clientData + |
| ") should have the following after the origin: " + |
| expectedRemainder); |
| }, "navigator.credentials.create() has valid clientData"); |
| }); |
| </script> |
