Cannot register a security key with Google when legacy U2F API is disabled
Categories
(Core :: DOM: Web Authentication, defect, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr102 | --- | unaffected |
| firefox109 | --- | unaffected |
| firefox110 | --- | unaffected |
| firefox111 | + | fixed |
| firefox112 | --- | fixed |
People
(Reporter: jschanck, Assigned: jschanck)
References
(Regression)
Details
(Keywords: regression)
I'm not able to register a security key with Google when security.webauth.u2f is false. We made this the default in Bug 1809333, which landed in Nightly 111.
To reproduce
- Set
security.webauth.u2fto false - Visit https://myaccount.google.com/two-step-verification/security-keys
- Click "Add a security key"
- Select "Physical USB or NFC key"
- Click "Next"
After a few seconds, a small error message in the bottom left of the page says "The extension is not installed".
If I register a key with security.webauth.u2f set to true, I am able to use it with both settings of security.webauth.u2f and both settings of security.webauthn.ctap2.
I suspect that we may need to implement the googleLegacyAppIdSupport WebAuthn extension mentioned in Google's intent to deprecate and remove the U2F API.
|
||
Updated•2 years ago
|
|
|
||
Comment 1•2 years ago
|
||
Set release status flags based on info from the regressing bug 1809333
|
||
Updated•2 years ago
|
|
||
Comment 2•2 years ago
|
||
I suspect that we may need to implement the googleLegacyAppIdSupport WebAuthn extension mentioned in Google's intent to deprecate and remove the U2F API.
That is not the case, Google should be able to enroll security keys with regular WebAuthn in Firefox. I'm looking into what we can do to fix this from the Google side.
|
|
||
Comment 3•2 years ago
|
||
Setting 111 to since the regressor 1809333 was backed out
|
Assignee | |
Updated•2 years ago
|
|
|
Assignee | |
Comment 4•2 years ago
|
||
The problem has been fixed on Google's end.
|
||
Updated•2 years ago
|
Description
•