Skip to content

Digital Credentials: ignore unknown digital credential types#55603

Merged
webkit-commit-queue merged 1 commit into
WebKit:mainfrom
marcoscaceres:eng/Digital-Credentials-ignore-unknown-digital-credential-types
Jan 8, 2026
Merged

Digital Credentials: ignore unknown digital credential types#55603
webkit-commit-queue merged 1 commit into
WebKit:mainfrom
marcoscaceres:eng/Digital-Credentials-ignore-unknown-digital-credential-types

Conversation

@marcoscaceres

@marcoscaceres marcoscaceres commented Dec 18, 2025
edited by webkit-early-warning-system
Loading

Copy link
Copy Markdown
Contributor

b2e1c11

Digital Credentials: ignore unknown digital credential types
rdar://166673454
https://bugs.webkit.org/show_bug.cgi?id=304158

Reviewed by Anne van Kesteren.

WebKit relied on the IdentityCredentialProtocol.idl enum to prevent requests with unknown protocols being processed.
However, this prevented unknown protocols from being ignored gracefully, as required by this spec change:
w3c-fedid/digital-credentials#372

We now gracefully ignore unknown protocols by filtering them out, rather than throwing an error.
We also now show a console warning, so developers are aware of ignored protocols.

Includes upstream web platform test commit:
web-platform-tests/wpt@2d00123

Tests: http/tests/digital-credentials/digital-credential-console-messages.https.html
       http/wpt/identity/digital-credential-protocol-filtering.https.html

* LayoutTests/http/tests/digital-credentials/digital-credential-console-messages.https-expected.txt: Added.
* LayoutTests/http/tests/digital-credentials/digital-credential-console-messages.https.html: Added.
* LayoutTests/http/wpt/identity/digital-credential-protocol-filtering.https-expected.txt: Added.
* LayoutTests/http/wpt/identity/digital-credential-protocol-filtering.https.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/create.tentative.https.html:
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https.html:
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/support/helper.js:
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/ios-18/TestExpectations:
* LayoutTests/platform/ios/TestExpectations:
* LayoutTests/platform/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt:
* LayoutTests/platform/mac-sequoia/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/visionos/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* LayoutTests/platform/wpe/TestExpectations:
* Source/WebCore/Modules/identity/DigitalCredential.cpp:
(WebCore::convertProtocolString):
(WebCore::jsToCredentialRequest):
(WebCore::DigitalCredential::convertObjectsToDigitalPresentationRequests):
* Source/WebCore/Modules/identity/DigitalCredentialRequest.h:
* Source/WebCore/Modules/identity/DigitalCredentialRequest.idl:

Canonical link: https://commits.webkit.org/305257@main

22fef8b

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style ✅ 🛠 ios ✅ 🛠 mac 🛠 wpe 🛠 win ✅ 🛠 ios-apple
✅ 🧪 bindings ✅ 🛠 ios-sim ✅ 🛠 mac-AS-debug 🧪 wpe-wk2 🧪 win-tests ✅ 🛠 mac-apple
✅ 🧪 webkitperl ✅ 🧪 ios-wk2 ⏳ 🧪 api-mac 🧪 api-wpe ✅ 🛠 vision-apple
✅ 🧪 ios-wk2-wpt ✅ 🧪 api-mac-debug ✅ 🛠 wpe-cairo-libwebrtc
✅ 🧪 api-ios ✅ 🧪 mac-wk1 ✅ 🛠 gtk
✅ 🛠 vision ✅ 🧪 mac-wk2 🧪 gtk-wk2
✅ 🛠 vision-sim ✅ 🧪 mac-AS-debug-wk2 ✅ 🧪 api-gtk
✅ 🛠 🧪 merge ✅ 🧪 vision-wk2 ✅ 🧪 mac-wk2-stress ✅ 🛠 playstation
✅ 🛠 tv ⏳ 🧪 mac-intel-wk2
✅ 🛠 tv-sim 🛠 mac-safer-cpp
✅ 🛠 watch
✅ 🛠 watch-sim

@marcoscaceres marcoscaceres self-assigned this Dec 18, 2025
@webkit-early-warning-system

webkit-early-warning-system commented Dec 18, 2025
edited
Loading

Copy link
Copy Markdown
Collaborator

EWS run on previous version of this PR (hash fe794ee)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style ✅ 🛠 ios ✅ 🛠 mac ✅ 🛠 wpe ❌ 🛠 win ✅ 🛠 ios-apple
✅ 🧪 bindings ✅ 🛠 ios-sim ✅ 🛠 mac-AS-debug ❌ 🧪 wpe-wk2 ❌ 🧪 win-tests ✅ 🛠 mac-apple
✅ 🧪 webkitperl ✅ 🧪 ios-wk2 ✅ 🧪 api-mac ✅ 🧪 api-wpe ⏳ 🛠 vision-apple
✅ 🧪 ios-wk2-wpt ✅ 🧪 api-mac-debug ✅ 🛠 wpe-cairo-libwebrtc
✅ 🧪 api-ios ❌ 🧪 mac-wk1 ✅ 🛠 gtk
✅ 🛠 vision ✅ 🧪 mac-wk2 ❌ 🧪 gtk-wk2
✅ 🛠 vision-sim ✅ 🧪 mac-AS-debug-wk2 ✅ 🧪 api-gtk
✅ 🧪 vision-wk2 ✅ 🧪 mac-wk2-stress ❌ 🛠 playstation
✅ 🛠 tv ✅ 🧪 mac-intel-wk2
✅ 🛠 tv-sim ✅ 🛠 mac-safer-cpp
✅ 🛠 watch
✅ 🛠 watch-sim

@webkit-ews-buildbot webkit-ews-buildbot added the merging-blocked Applied to prevent a change from being merged label Dec 18, 2025
@marcoscaceres marcoscaceres force-pushed the eng/Digital-Credentials-ignore-unknown-digital-credential-types branch from fe794ee to fa884f4 Compare January 7, 2026 04:44
@webkit-early-warning-system

webkit-early-warning-system commented Jan 7, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

EWS run on previous version of this PR (hash fa884f4)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style ✅ 🛠 ios ✅ 🛠 mac ✅ 🛠 wpe ✅ 🛠 win loading 🛠 ios-apple
✅ 🧪 bindings ✅ 🛠 ios-sim ✅ 🛠 mac-AS-debug ✅ 🧪 wpe-wk2 🧪 win-tests loading 🛠 mac-apple
✅ 🧪 webkitperl ✅ 🧪 ios-wk2 ✅ 🧪 api-mac ❌ 🧪 api-wpe ✅ 🛠 vision-apple
✅ 🧪 ios-wk2-wpt ✅ 🧪 api-mac-debug ✅ 🛠 wpe-cairo-libwebrtc
✅ 🧪 api-ios ✅ 🧪 mac-wk1 ✅ 🛠 gtk
✅ 🛠 vision ✅ 🧪 mac-wk2 ✅ 🧪 gtk-wk2
✅ 🛠 vision-sim ✅ 🧪 mac-AS-debug-wk2 ✅ 🧪 api-gtk
✅ 🧪 vision-wk2 ✅ 🧪 mac-wk2-stress ✅ 🛠 playstation
✅ 🛠 tv ✅ 🧪 mac-intel-wk2
✅ 🛠 tv-sim ✅ 🛠 mac-safer-cpp
✅ 🛠 watch
✅ 🛠 watch-sim

@marcoscaceres marcoscaceres marked this pull request as ready for review January 7, 2026 04:46
@marcoscaceres marcoscaceres requested a review from aprotyas January 7, 2026 05:07
annevk
annevk reviewed Jan 7, 2026
View reviewed changes
Comment thread Source/WebCore/Modules/credentialmanagement/CredentialsContainer.cpp Outdated
Comment thread Source/WebCore/Modules/identity/DigitalCredential.cpp Outdated
case IdentityCredentialProtocol::OrgIsoMdoc: {
auto result = convertDictionary<MobileDocumentRequest>(*globalObject, request.data.get());
if (result.hasException(scope)) [[unlikely]]
return Exception { ExceptionCode::ExistingExceptionError };
return DigitalCredentialRequestTypes { WTF::InPlaceType<MobileDocumentRequest>, result.releaseReturnValue() };
return std::optional<UnvalidatedDigitalCredentialRequest> { DigitalCredentialRequestTypes { WTF::InPlaceType<MobileDocumentRequest>, result.releaseReturnValue() } };

@annevk annevk Jan 7, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we really need all this wrapper boilerplate?

@marcoscaceres marcoscaceres Jan 8, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Managed to minimize some of the boilerplate. But yes, need some because ExceptionOr expects it to be fairly explicit.

Comment thread ...orm/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt
PASS navigator.credentials.get() API rejects if there are no credential request for same-origin iframe.
FAIL navigator.credentials.get() API rejects if there are no credential request for same-origin iframe. promise_rejects_js: function "function() { throw e; }" threw object "NotAllowedError: The document is not focused." ("NotAllowedError") expected instance of function "function TypeError() {
[native code]
}" ("TypeError")

@annevk annevk Jan 7, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like the test should be fixed?

@marcoscaceres marcoscaceres Jan 8, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll take a look, but I'm pretty sure this is https://bugs.webkit.org/show_bug.cgi?id=278553 😢

@marcoscaceres marcoscaceres Jan 8, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, the test is doing the right thing... it's calling focus()... just WebKit is not focusing it :/

@marcoscaceres marcoscaceres removed the merging-blocked Applied to prevent a change from being merged label Jan 8, 2026
@marcoscaceres marcoscaceres force-pushed the eng/Digital-Credentials-ignore-unknown-digital-credential-types branch from fa884f4 to 5375ea2 Compare January 8, 2026 02:16
@webkit-early-warning-system

webkit-early-warning-system commented Jan 8, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

EWS run on previous version of this PR (hash 5375ea2)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
❌ 🧪 style ❌ 🛠 ios ❌ 🛠 mac 🛠 wpe 🛠 win ⏳ 🛠 ios-apple
❌ 🧪 bindings ❌ 🛠 ios-sim ❌ 🛠 mac-AS-debug 🧪 wpe-wk2 🧪 win-tests ⏳ 🛠 mac-apple
❌ 🧪 webkitperl ❌ 🧪 ios-wk2 ❌ 🧪 api-mac 🧪 api-wpe ⏳ 🛠 vision-apple
❌ 🧪 ios-wk2-wpt ❌ 🧪 api-mac-debug 🛠 wpe-cairo-libwebrtc
❌ 🧪 api-ios ❌ 🧪 mac-wk1 🛠 gtk
❌ 🛠 vision ❌ 🧪 mac-wk2 🧪 gtk-wk2
❌ 🛠 vision-sim ❌ 🧪 mac-AS-debug-wk2 🧪 api-gtk
⏳ 🧪 vision-wk2 ❌ 🧪 mac-wk2-stress 🛠 playstation
❌ 🛠 tv ❌ 🧪 mac-intel-wk2
🛠 tv-sim 🛠 mac-safer-cpp
🛠 watch
🛠 watch-sim

@marcoscaceres marcoscaceres force-pushed the eng/Digital-Credentials-ignore-unknown-digital-credential-types branch from 5375ea2 to 620d14f Compare January 8, 2026 02:25
@webkit-early-warning-system

webkit-early-warning-system commented Jan 8, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

EWS run on previous version of this PR (hash 620d14f)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
❌ 🧪 style ❌ 🛠 ios ❌ 🛠 mac 🛠 wpe 🛠 win ⏳ 🛠 ios-apple
❌ 🧪 bindings ❌ 🛠 ios-sim ❌ 🛠 mac-AS-debug 🧪 wpe-wk2 🧪 win-tests ⏳ 🛠 mac-apple
❌ 🧪 webkitperl ❌ 🧪 ios-wk2 ❌ 🧪 api-mac 🧪 api-wpe ⏳ 🛠 vision-apple
❌ 🧪 ios-wk2-wpt ❌ 🧪 api-mac-debug 🛠 wpe-cairo-libwebrtc
❌ 🧪 api-ios ❌ 🧪 mac-wk1 🛠 gtk
❌ 🛠 vision ❌ 🧪 mac-wk2 🧪 gtk-wk2
❌ 🛠 vision-sim ❌ 🧪 mac-AS-debug-wk2 🧪 api-gtk
⏳ 🧪 vision-wk2 ❌ 🧪 mac-wk2-stress 🛠 playstation
❌ 🛠 tv ❌ 🧪 mac-intel-wk2
❌ 🛠 tv-sim 🛠 mac-safer-cpp
❌ 🛠 watch
❌ 🛠 watch-sim

@marcoscaceres marcoscaceres force-pushed the eng/Digital-Credentials-ignore-unknown-digital-credential-types branch from 620d14f to 0c1a8a5 Compare January 8, 2026 02:56
@webkit-early-warning-system

webkit-early-warning-system commented Jan 8, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

EWS run on previous version of this PR (hash 0c1a8a5)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style ✅ 🛠 ios ✅ 🛠 mac 🛠 wpe 🛠 win ✅ 🛠 ios-apple
✅ 🧪 bindings ✅ 🛠 ios-sim ✅ 🛠 mac-AS-debug 🧪 wpe-wk2 🧪 win-tests ✅ 🛠 mac-apple
✅ 🧪 webkitperl 🧪 ios-wk2 🧪 api-mac 🧪 api-wpe ⏳ 🛠 vision-apple
⏳ 🧪 ios-wk2-wpt ⏳ 🧪 api-mac-debug 🛠 wpe-cairo-libwebrtc
⏳ 🧪 api-ios 🧪 mac-wk1 🛠 gtk
✅ 🛠 vision 🧪 mac-wk2 🧪 gtk-wk2
✅ 🛠 vision-sim ⏳ 🧪 mac-AS-debug-wk2 🧪 api-gtk
🧪 vision-wk2 🧪 mac-wk2-stress 🛠 playstation
✅ 🛠 tv 🧪 mac-intel-wk2
✅ 🛠 tv-sim 🛠 mac-safer-cpp
🛠 watch
🛠 watch-sim

@marcoscaceres marcoscaceres force-pushed the eng/Digital-Credentials-ignore-unknown-digital-credential-types branch from 0c1a8a5 to 22fef8b Compare January 8, 2026 03:25
@webkit-early-warning-system

webkit-early-warning-system commented Jan 8, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

EWS run on current version of this PR (hash 22fef8b)

Details

Misc iOS, visionOS, tvOS & watchOS macOS Linux Windows Apple Internal
✅ 🧪 style ✅ 🛠 ios ✅ 🛠 mac 🛠 wpe 🛠 win ✅ 🛠 ios-apple
✅ 🧪 bindings ✅ 🛠 ios-sim ✅ 🛠 mac-AS-debug 🧪 wpe-wk2 🧪 win-tests ✅ 🛠 mac-apple
✅ 🧪 webkitperl ✅ 🧪 ios-wk2 ⏳ 🧪 api-mac 🧪 api-wpe ✅ 🛠 vision-apple
✅ 🧪 ios-wk2-wpt ✅ 🧪 api-mac-debug ✅ 🛠 wpe-cairo-libwebrtc
✅ 🧪 api-ios ✅ 🧪 mac-wk1 ✅ 🛠 gtk
✅ 🛠 vision ✅ 🧪 mac-wk2 🧪 gtk-wk2
✅ 🛠 vision-sim ✅ 🧪 mac-AS-debug-wk2 ✅ 🧪 api-gtk
✅ 🛠 🧪 merge ✅ 🧪 vision-wk2 ✅ 🧪 mac-wk2-stress ✅ 🛠 playstation
✅ 🛠 tv ⏳ 🧪 mac-intel-wk2
✅ 🛠 tv-sim 🛠 mac-safer-cpp
✅ 🛠 watch
✅ 🛠 watch-sim

@marcoscaceres marcoscaceres added merge-queue Applied to send a pull request to merge-queue safe-merge-queue Applied to automatically send a pull-request to merge-queue after passing EWS checks and removed merge-queue Applied to send a pull request to merge-queue safe-merge-queue Applied to automatically send a pull-request to merge-queue after passing EWS checks labels Jan 8, 2026
@marcoscaceres
Digital Credentials: ignore unknown digital credential types
b2e1c11 
rdar://166673454
https://bugs.webkit.org/show_bug.cgi?id=304158

Reviewed by Anne van Kesteren.

WebKit relied on the IdentityCredentialProtocol.idl enum to prevent requests with unknown protocols being processed.
However, this prevented unknown protocols from being ignored gracefully, as required by this spec change:
w3c-fedid/digital-credentials#372

We now gracefully ignore unknown protocols by filtering them out, rather than throwing an error.
We also now show a console warning, so developers are aware of ignored protocols.

Includes upstream web platform test commit:
web-platform-tests/wpt@2d00123

Tests: http/tests/digital-credentials/digital-credential-console-messages.https.html
       http/wpt/identity/digital-credential-protocol-filtering.https.html

* LayoutTests/http/tests/digital-credentials/digital-credential-console-messages.https-expected.txt: Added.
* LayoutTests/http/tests/digital-credentials/digital-credential-console-messages.https.html: Added.
* LayoutTests/http/wpt/identity/digital-credential-protocol-filtering.https-expected.txt: Added.
* LayoutTests/http/wpt/identity/digital-credential-protocol-filtering.https.html: Added.
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/create.tentative.https.html:
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https.html:
* LayoutTests/imported/w3c/web-platform-tests/digital-credentials/support/helper.js:
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/ios-18/TestExpectations:
* LayoutTests/platform/ios/TestExpectations:
* LayoutTests/platform/ios/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt:
* LayoutTests/platform/mac-sequoia/TestExpectations:
* LayoutTests/platform/mac-wk1/TestExpectations:
* LayoutTests/platform/visionos/TestExpectations:
* LayoutTests/platform/win/TestExpectations:
* LayoutTests/platform/wpe/TestExpectations:
* Source/WebCore/Modules/identity/DigitalCredential.cpp:
(WebCore::convertProtocolString):
(WebCore::jsToCredentialRequest):
(WebCore::DigitalCredential::convertObjectsToDigitalPresentationRequests):
* Source/WebCore/Modules/identity/DigitalCredentialRequest.h:
* Source/WebCore/Modules/identity/DigitalCredentialRequest.idl:

Canonical link: https://commits.webkit.org/305257@main
@webkit-commit-queue webkit-commit-queue force-pushed the eng/Digital-Credentials-ignore-unknown-digital-credential-types branch from 22fef8b to b2e1c11 Compare January 8, 2026 06:51
@webkit-commit-queue

webkit-commit-queue commented Jan 8, 2026

Copy link
Copy Markdown
Collaborator

Committed 305257@main (b2e1c11): https://commits.webkit.org/305257@main

Reviewed commits have been landed. Closing PR #55603 and removing active labels.

@webkit-commit-queue webkit-commit-queue merged commit b2e1c11 into WebKit:main Jan 8, 2026
@webkit-commit-queue webkit-commit-queue removed the merge-queue Applied to send a pull request to merge-queue label Jan 8, 2026
@marcoscaceres marcoscaceres mentioned this pull request Jan 9, 2026
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@annevk annevk annevk approved these changes

@aprotyas aprotyas Awaiting requested review from aprotyas

Assignees

@marcoscaceres marcoscaceres

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@marcoscaceres @webkit-early-warning-system @webkit-commit-queue @annevk @webkit-ews-buildbot