diff options
| author | wxiaoguang <wxiaoguang@gmail.com> | 2025-03-08 03:37:27 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-07 19:37:27 +0000 |
| commit | b8c2afdc5fda830c85586988a49d47678ba0ea98 (patch) | |
| tree | 4f1c164b178aaf1a0b542d872fe00747869db13d | |
| parent | 582ad338d79fe129d079c2f14cf175adace53849 (diff) | |
| download | gitea-b8c2afdc5fda830c85586988a49d47678ba0ea98.tar.gz gitea-b8c2afdc5fda830c85586988a49d47678ba0ea98.zip | |
Do not show passkey on http sites (#33820)
Fix #33615
| -rw-r--r-- | web_src/js/features/user-auth-webauthn.ts | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/web_src/js/features/user-auth-webauthn.ts b/web_src/js/features/user-auth-webauthn.ts index b9ab2e2088..e6c37581e0 100644 --- a/web_src/js/features/user-auth-webauthn.ts +++ b/web_src/js/features/user-auth-webauthn.ts @@ -1,5 +1,5 @@ import {encodeURLEncodedBase64, decodeURLEncodedBase64} from '../utils.ts'; -import {showElem} from '../utils/dom.ts'; +import {hideElem, showElem} from '../utils/dom.ts'; import {GET, POST} from '../modules/fetch.ts'; const {appSubUrl} = window.config; @@ -11,6 +11,15 @@ export async function initUserAuthWebAuthn() { return; } + if (window.location.protocol === 'http:') { + // webauthn is only supported on secure contexts + const isLocalhost = ['localhost', '127.0.0.1'].includes(window.location.hostname); + if (!isLocalhost) { + hideElem(elSignInPasskeyBtn); + return; + } + } + if (!detectWebAuthnSupport()) { return; } |