Safari-FIDO-U2F: Why this doesn't work on GitHub

I see the note in the README that this extension doesn’t work with GitHub without spoofing the UA. GitHub does UA sniffing and JS feature detection to decide if U2F authentication should be attempted. The JS feature detection is why the FireFox U2F extension does work on GitHub.

Without running your code, my guess as to why the extension doesn’t work with GitHub is that unless the UA is Chrome or Opera, we check to see if window.u2f is defined. We do this check when our JavaScript bundle is first loaded. You aren’t injecting the window.u2f API until the DOMContentLoaded event is fired (code), which is probably too late. If you’re interested in getting this working on GitHub, I’d try injecting your U2F polyfill earlier in the page-load.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Reactions: 2
  • Comments: 24 (12 by maintainers)

Most upvoted comments

I changed the way we feature detect U2F for GitHub. Can someone with this extension installed see if it works now?

+3
btoews on Jan 31, 2017

My clones are currently 2 and 6 years old, and it turns out they don’t come out ready to code. :-\

+1
superdave on Sep 7, 2017

@samdeane This is unrelated to the issue, but I just wanted to say that I really appreciate the work you’re doing on this! I’m about to get a FIDO U2F key and am also a Safari user, and would love to see this work on GitHub (and everywhere else) until Safari properly implements FIDO U2F. Thanks!

+1
brandonweiss on Jan 29, 2017
Read more comments on GitHub
← ESPNet: Cityscape Dataset Error
safe-apps-sdk: Signing a message with EIP-712 throw an error "The address is invalid" →