fix: ship IDS_WEBAUTHN_TOUCH_ID_PROMPT_REASON and allow overriding it#51592
Merged
Conversation
Pack device/fido strings into the locale .pak files so
IDS_WEBAUTHN_TOUCH_ID_PROMPT_REASON ("verify your identity on $1") is
present at runtime. Previously the resource was never repacked, so the
macOS Touch ID prompt for WebAuthn requests crashed when looking up the
missing IDS string.
Also lets apps override the prompt text via
configureWebAuthn({ touchID: { promptReason } }) using
ResourceBundle::OverrideLocaleStringResource. An optional $1 placeholder
is replaced with the relying party ID; without it the string is used
verbatim.
85ca7e9 to
ab03dd2
Compare
touchID.promptReason to app.configureWebAuthn
rf-figma
approved these changes
May 12, 2026
gn check does not evaluate preprocessor conditionals, so it flags the mac-only #include of fido_strings.h on Linux/Windows even though the include is behind BUILDFLAG(IS_MAC). Depend on //device/fido/strings on all platforms to satisfy the header check.
jkleinsc
approved these changes
May 12, 2026
VerteDinde
approved these changes
May 12, 2026
|
Release Notes Persisted
|
Contributor
|
I was unable to backport this PR to "41-x-y" cleanly; |
This was referenced May 12, 2026
Contributor
|
I have automatically backported this PR to "42-x-y", please check out #51594 |
Contributor
|
I have automatically backported this PR to "43-x-y", please check out #51595 |
Contributor
|
@MarshallOfSound has manually backported this PR to "41-x-y", please check out #51604 |
|
Is there a reference Electron repo with this implemented? |
MarshallOfSound
added a commit
that referenced
this pull request
May 13, 2026
…#51604) fix: ship IDS_WEBAUTHN_TOUCH_ID_PROMPT_REASON and allow overriding it (#51592) * fix: ship IDS_WEBAUTHN_TOUCH_ID_PROMPT_REASON and allow overriding it Pack device/fido strings into the locale .pak files so IDS_WEBAUTHN_TOUCH_ID_PROMPT_REASON ("verify your identity on $1") is present at runtime. Previously the resource was never repacked, so the macOS Touch ID prompt for WebAuthn requests crashed when looking up the missing IDS string. Also lets apps override the prompt text via configureWebAuthn({ touchID: { promptReason } }) using ResourceBundle::OverrideLocaleStringResource. An optional $1 placeholder is replaced with the relying party ID; without it the string is used verbatim. * build: make //device/fido/strings an unconditional electron_lib dep gn check does not evaluate preprocessor conditionals, so it flags the mac-only #include of fido_strings.h on Linux/Windows even though the include is behind BUILDFLAG(IS_MAC). Depend on //device/fido/strings on all platforms to satisfy the header check.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of Change
Fixes a crash in the macOS Touch ID prompt for WebAuthn requests caused by
IDS_WEBAUTHN_TOUCH_ID_PROMPT_REASONnot being shipped in Electron's locale.pakfiles, and lets apps override the prompt text.device/fido/stringsinto Electron's locale.pakfiles soIDS_WEBAUTHN_TOUCH_ID_PROMPT_REASON(default:verify your identity on $1) is present at runtime — previously the resource was never repacked, so the lookup failed when the Touch ID prompt was shown.touchID.promptReasontoapp.configureWebAuthn()which callsResourceBundle::OverrideLocaleStringResourceto replace the default. An optional$1placeholder is substituted with the relying party ID; without it the string is used verbatim.promptReasondoesn't leave the keychain group half-configured.macOS renders the prompt as
"<App Name>" is trying to <promptReason>.Checklist
npm testpassesRelease Notes
Notes: Fixed a crash in the macOS Touch ID WebAuthn prompt caused by a missing string resource, and added
touchID.promptReasontoapp.configureWebAuthn()to customize the prompt text.