diff options
author | Timothy Andrew <mail@timothyandrew.net> | 2016-07-11 10:30:22 +0300 |
---|---|---|
committer | Timothy Andrew <mail@timothyandrew.net> | 2016-07-14 05:49:09 +0300 |
commit | 4b33c4c6d1aa529ec22606995123cfa3a151ccee (patch) | |
tree | 3b8a555e88995454e9db663bd35cd5c3eb5ab6f8 /app/controllers | |
parent | df49492fc011bd74ebaa4cb82bd85252127859a0 (diff) |
Load Javascript U2F library selectively.
1. Only on supported Chrome versions
2. Mainly, this lets us simplify the javascript-based U2F check to
`window.u2f`, where `window.u2f` can either be loaded from the GitLab
server (for Chrome) or from the Firefox extension.
3. This is a better way to provide browser detection for U2F.
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/application_controller.rb | 4 | ||||
-rw-r--r-- | app/controllers/concerns/authenticates_with_two_factor.rb | 3 | ||||
-rw-r--r-- | app/controllers/profiles/two_factor_auths_controller.rb | 3 |
3 files changed, 2 insertions, 8 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 9cc31620d9f..a1004d9bcea 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -344,10 +344,6 @@ class ApplicationController < ActionController::Base session[:skip_tfa] && session[:skip_tfa] > Time.current end - def browser_supports_u2f? - browser.chrome? && browser.version.to_i >= 41 && !browser.device.mobile? - end - def redirect_to_home_page_url? # If user is not signed-in and tries to access root_path - redirect him to landing page # Don't redirect to the default URL to prevent endless redirections diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb index 998b8adc411..0c755894790 100644 --- a/app/controllers/concerns/authenticates_with_two_factor.rb +++ b/app/controllers/concerns/authenticates_with_two_factor.rb @@ -80,8 +80,7 @@ module AuthenticatesWithTwoFactor challenges = sign_requests.map(&:challenge) session[:challenges] = challenges gon.push(u2f: { challenges: challenges, app_id: u2f_app_id, - sign_requests: sign_requests, - browser_supports_u2f: browser_supports_u2f? }) + sign_requests: sign_requests }) end end end diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb index 6a358fdcc05..e37e9e136db 100644 --- a/app/controllers/profiles/two_factor_auths_controller.rb +++ b/app/controllers/profiles/two_factor_auths_controller.rb @@ -100,7 +100,6 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController gon.push(u2f: { challenges: session[:challenges], app_id: u2f_app_id, register_requests: registration_requests, - sign_requests: sign_requests, - browser_supports_u2f: browser_supports_u2f? }) + sign_requests: sign_requests }) end end |