Closed abcang closed 6 months ago
Hi,
Indeed I think you are right.
Whate about $publicKeyCredentialOptions->id ?? $publicKeyCredentialOptions->rpId ?? $host;
instead?
It looks good to do so if strict distinction is not necessary. I will make the change.
Perfect. Many thanks
The instance of
PublicKeyCredentialCreationOptions
does not have therpId
property. I think it is correct to refer torp->id
instead.In particular, it does not work well when the RP ID is a top-level domain such as
example.com
and the host using WebAuthn is a subdomain such asaccount.example.com
.Target branch: 4.8.x Resolves issue #