Open steamraven opened 7 years ago
There are actually multiple issues with calling u2f-ref-code from another extension. There are a lot of assumptions throughout the code that the origin is http://
or https://
, not chrome-extension://
.
Enabling this will probably be a lot of work (more than I can probably do).
Some areas I already found, more probably lurking
Has anybody found any way around this? Seems like Chrome actually blocks other extensions from accessing the U2F extension (ERR_BLOCKED_BY_CLIENT
).
When calling u2f.register from another extension, the callback is never called, even with a timeout. No error, just vanishes.
To be clear, I am trying to write a new extension that uses the u2f-chrome-extension to handle talking to u2f token.
On the console for my extension, on first try, I get
Extension JS API Version: 1.1
So at least the version call back is working.
When debugging on the u2f-chrome-extension, I see the following error on the console:
Digging further, this appears to be an error in
sendResponseToActiveTabOnly
@u2fbackground.js
The function tries to determine if the tab that made the registration request is still active. To do so it accesses
sender.tab.id
, where sender is a MessageSender. However, I am calling from an extension, not a tab, and thussender.tab
is undefined.This code path seems to only be for Register responses.
I don't see a good workaround for this. Unfortunately, I cannot absorb the u2f-chrome-extension into mine, because the u2f-chrome-extension requires some black magic to get permissions to the usb. I also can't seem to communicate directly with the built-in chrome from my extension.