Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 8a961b3ac7181f8447e9e23cd2e4935669acf629
https://github.com/WebKit/WebKit/commit/8a961b3ac7181f8447e9e23cd2e4935669acf629
Author: Marcos Caceres <[email protected]>
Date: 2026-01-20 (Tue, 20 Jan 2026)
Changed paths:
M
LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/digital-credentials/non-fully-active.https-expected.txt
M
LayoutTests/imported/w3c/web-platform-tests/digital-credentials/non-fully-active.https.html
M Source/WebCore/Modules/identity/CredentialRequestCoordinator.cpp
M Source/WebCore/Modules/identity/CredentialRequestCoordinator.h
M Source/WebCore/Modules/identity/DigitalCredential.cpp
M Source/WebCore/SaferCPPExpectations/UncountedCallArgsCheckerExpectations
Log Message:
-----------
Digital Credential: CredentialRequestCoordinator can remain non-Idle if
AbortSignal races with picker result
rdar://163295172
https://bugs.webkit.org/show_bug.cgi?id=305363
Reviewed by Pascoe.
Fix race and crash in CredentialRequestCoordinator by settling promises only
after picker teardown and safely handling abort reasons.
Ensure credential requests always settle after the picker UI has fully torn
down.
This change:
- Defers promise settlement until the picker dismiss callback fires
- Better handles aborts during presentation and teardown
- Avoids capturing unprotected JSValues across async boundaries
- Keeps coordinator state transitions more consistent (with better checks)
It also more closely follows the spec:
https://github.com/w3c-fedid/digital-credentials/pull/420
https://github.com/w3c-fedid/digital-credentials/pull/419
*
LayoutTests/imported/w3c/web-platform-tests/digital-credentials/get.tentative.https-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/digital-credentials/non-fully-active.https-expected.txt:
*
LayoutTests/imported/w3c/web-platform-tests/digital-credentials/non-fully-active.https.html:
* Source/WebCore/Modules/identity/CredentialRequestCoordinator.cpp:
(WebCore::CredentialRequestCoordinator::PickerStateGuard::PickerStateGuard):
(WebCore::CredentialRequestCoordinator::PickerStateGuard::~PickerStateGuard):
(WebCore::CredentialRequestCoordinator::setState):
(WebCore::CredentialRequestCoordinator::prepareCredentialRequest):
(WebCore::CredentialRequestCoordinator::handleDigitalCredentialsPickerResult):
(WebCore:: const):
(WebCore::CredentialRequestCoordinator::dismissPickerAndSettle):
(WebCore::CredentialRequestCoordinator::abortPicker):
(WebCore::CredentialRequestCoordinator::contextDestroyed):
(WebCore::CredentialRequestCoordinator::~CredentialRequestCoordinator):
(): Deleted.
(WebCore::CredentialRequestCoordinator::presentPicker): Deleted.
(WebCore::CredentialRequestCoordinator::finalizeDigitalCredential): Deleted.
* Source/WebCore/Modules/identity/CredentialRequestCoordinator.h:
* Source/WebCore/Modules/identity/DigitalCredential.cpp:
(WebCore::DigitalCredential::discoverFromExternalSource):
* Source/WebCore/SaferCPPExpectations/UncountedCallArgsCheckerExpectations:
Canonical link: https://commits.webkit.org/305868@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
