two-factor icon indicating copy to clipboard operation
two-factor copied to clipboard
verified publisher icon WordPress

TypeError: setting getter-only property "u2f"

Open kasparsd opened this issue 6 years ago • 2 comments

The window.u2f object in Firefox is now a native browser API which is read-only which is why it now triggers this error when the U2F polyfill tries to override the global u2f here:

https://github.com/georgestephanis/two-factor/blob/ebbdaf3692deff5794d181e21944679f2dd3fd2c/includes/Google/u2f-api.js#L17

This is error doesn't impact the functionality and the U2F process still works as expected.

kasparsd avatar Apr 22 '19 07:04 kasparsd

I'm hitting this error too on a website on which I've installed two-factor, however in my case it does impact functionality and I can't log in using a yubikey. I have to use one of the backup codes I generated to log in.

Here's a screen capture of Firefox's console after pressing the yubikey button: Screenshot from 2019-05-16 12-02-39

It is likely worth specifying that in this case Firefox is really the Tor Browser 8.0.8 (based on Mozilla Firefox 60.6.1esr) (64-bit) (with security settings set at "standard" and security.webauth.u2f set to true manually).

Thanks!

axelsimon avatar May 16 '19 10:05 axelsimon

error 4 is kinda weird. 4 generally means that the key is

  1. already registered (on regeister)
  2. not registered (on login)

which in this case is certainly a weird error as that means that the Yubi got a proper U2F request, but just that maybe the keyhandle could for example be borked (for example doing base64 to it) or whatever Source: https://developers.yubico.com/U2F/Libraries/Client_error_codes.html

If you want I can gladly take a look. just contact me using the form on website in my profile

My1 avatar Jan 15 '20 21:01 My1

U2F is deprecated and no longer works in Chrome, so the provider is being removed in #439 . Given that, there's probably no reason to keep this open anymore.

iandunn avatar Oct 20 '22 14:10 iandunn