Expose passwords to JavaScript in Credential Manager API

This change implements the proposed change to the Credential Manager API to directly expose passwords to JavaScript. It also deprecates the existing PasswordCredential attributes and the ability to attach a Credential to fetch. See the corresponding GitHub issue and pull request for more details: - w3c/webappsec-credential-management#75 - w3c/webappsec-credential-management#76 - Intent to Deprecate: Custom fetch for Credential Manager API: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/WPckvg8JO0U - Intent to Implement and Ship: The password property of PasswordCredential: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/nT51eE7fWn4 BUG=718416 Review-Url: https://codereview.chromium.org/2852423002 Cr-Commit-Position: refs/heads/master@{#473576}
valerioadm · May 22, 2017 · 66a1bb9 · 66a1bb9
1 parent 28b490c
commit 66a1bb9
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 5 deletions.
diff --git a/credential-management/credentialscontainer-create-basics.https.html b/credential-management/credentialscontainer-create-basics.https.html
@@ -25,7 +25,7 @@
             assert_equals(credential.name, '');
             assert_equals(credential.iconURL, '');
             assert_equals(credential.type, 'password');
-            // TODO(jdoerrie): Add checks for 'credential.password'.
+            assert_equals(credential.password, 'pencil');
         });
 }, "navigator.credentials.create() with valid PasswordCredentialData");
 
@@ -43,6 +43,7 @@
             assert_equals(credential.name, 'friendly name');
             assert_equals(credential.iconURL, 'https://example.com/photo');
             assert_equals(credential.type, 'password');
+            assert_equals(credential.password, 'sekrit');
         });
 }, "navigator.credentials.create() with valid HTMLFormElement");
 

diff --git a/credential-management/idl.https.html b/credential-management/idl.https.html
@@ -75,10 +75,7 @@
      Exposed=Window,
      SecureContext]
     interface PasswordCredential : Credential {
-      attribute USVString idName;
-      attribute USVString passwordName;
-
-      attribute CredentialBodyType? additionalData;
+      readonly attribute DOMString password;
     };
     PasswordCredential implements CredentialUserData;