From 2ad6e7dc4a5e3ee496c0a76c87ceb753c68bfdc9 Mon Sep 17 00:00:00 2001 From: Leendert de Borst Date: Fri, 20 Mar 2026 14:24:31 +0100 Subject: [PATCH] Add sanity check to prevent webauthn init errors in browser extension (#1854) --- apps/browser-extension/src/entrypoints/webauthn.ts | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/apps/browser-extension/src/entrypoints/webauthn.ts b/apps/browser-extension/src/entrypoints/webauthn.ts index 50a6bfdff..a688c7f3a 100644 --- a/apps/browser-extension/src/entrypoints/webauthn.ts +++ b/apps/browser-extension/src/entrypoints/webauthn.ts @@ -23,6 +23,14 @@ export default defineUnlistedScript(() => { } (window as any).__aliasVaultWebAuthnIntercepted = true; + /* + * Check if navigator.credentials API is available + * Some pages (iframes, non-secure contexts, older browsers) may not have this API + */ + if (!navigator.credentials) { + return; + } + // Get the original implementations from the reservation script or bind directly const queue = (window as any).__aliasVaultWebAuthnQueue; const originalCreate = queue?.originalCreate || navigator.credentials.create.bind(navigator.credentials);