greg/webauthn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #30 from deibertf/1.x

Browse Source 
Update webauthn.js to prevent wrong request urls
This commit is contained in:
Italo
2023-02-15 22:18:36 -03:00
committed by GitHub
parent 3291c57a3a 73502cea4e
commit 2e420ba518
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
resources/js/webauthn.js
View File

@@ -156,7 +156,9 @@ class WebAuthn {
* @returns {Promise<Response>} * @returns {Promise<Response>}
*/ */
#fetch(data, route, headers = {}) { #fetch(data, route, headers = {}) {
return fetch(route, { const url = new URL(route, window.location.origin).href;
return fetch(url, {
method: "POST", method: "POST",
credentials: this.#includeCredentials ? "include" : "same-origin", credentials: this.#includeCredentials ? "include" : "same-origin",
redirect: "error", redirect: "error",
@@ -313,6 +315,7 @@ class WebAuthn {
const publicKeyCredential = this.#parseOutgoingCredentials(credentials); const publicKeyCredential = this.#parseOutgoingCredentials(credentials);
Object.assign(publicKeyCredential, response); Object.assign(publicKeyCredential, response);
Object.assign(publicKeyCredential, request);
return await this.#fetch(publicKeyCredential, this.#routes.register).then(WebAuthn.#handleResponse); return await this.#fetch(publicKeyCredential, this.#routes.register).then(WebAuthn.#handleResponse);
} }