-
Notifications
You must be signed in to change notification settings - Fork 15k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: Linkedin loaded in WebView prompting Windows users to "Sign in with your passkey" #41472
Comments
yes, would love to see it fixed :) |
Same as this one I've created this a few months ago: #40812 |
Thanks for reaching out! Because we treat our issues list as the team's backlog, we close issues that are questions since they don't represent a task needing to be completed. In this specific case, because the issue is specific to LinkedIn's auth page, it's likely either a bug or intended feature of their login flow. This forum is for raising bugs or requesting new features, and for most questions about Electron there are a lot of more appropriate community options. There are helpful people in this Discord or the subreddit that should be willing to point you in the right direction. |
Is there potential for a feature to be added which can disable these types of popups? |
Additionally, this doesn't happen in the chrome browser, this isn't expected functionality from loading this website in the webview, and as such would consider that as a bug. |
Yes, this is not feature of Linkedin. It doesnt happen in other browsers
like chrome. It happens only on latest version of windows with electron.
Whixh is why its an electron bug. I suspect it also happens on any other
authentification page, so its probably not related to LinkedIn
specifically. It relates to electron on latest versions of windows.
If it happens for any login page on latest version of Windows, I guess it
makes it very much worth solving. What do you think?
…On Sat, 2 Mar 2024, 09:08 Joel Wright, ***@***.***> wrote:
Additionally, this doesn't happen in the chrome browser, this isn't
expected functionality from loading this website in the webview, and as
such would consider that as a bug.
—
Reply to this email directly, view it on GitHub
<#41472 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AS4VV5RKXAIEPU6SR23Y5J3YWGCJHAVCNFSM6AAAAABD7B4JGCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNZUG4YDCMJSGY>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
I agree, this might seem like a specific case that isn't too important to fix but this could cause future issues in applications as this is not expected behavior. I've seen bugs like this reported before and be closed because "its a question". These aren't questions, these are unexpected behaviors we're experiencing, and as far us we can tell, don't have any way of even debugging or implementing a work around. |
@VerteDinde what can we do to appeal and reopen this ticket please? :) |
I've also created a post on reddit if you'd like to keep up to date with the thread: https://www.reddit.com/r/electronjs/comments/1b4ke3g/linkedin_authentication_issues_passkey_popup/ |
I'm also seeing this issue with LinkedIn. It only occurs with Electron, not with Edge or Chrome |
I have an update! After playing around with the requests being sent by Linkedin and blocking certain ones until I got somewhere, I managed to come up with this work around code. Ideally the electron team still implements a way to block this passkey request, however for those in need of a solution for the particular case of Linkedin, let me know if this works: // when a webview is created, add the following code to it
app.on("web-contents-created", (e, wc) => {
// before a webview makes a request
wc.session.webRequest.onBeforeRequest((details, callback) => {
// if the request url matches the url which appears to be sending the passkey request
if(details.url.includes("checkpoint/pk/initiateLogin")) {
// log the blocked url
console.log("\x1b[31m", "Blocked", details.url)
} else {
// if the request url doesn't match the misbehaving url, allow the callback as usual
callback({})
}
})
}) |
@joelwright-dev thanks! we will try this and I will write back if it works :) |
@joelwright-dev You are awesome!! Thank you for sharing! This worked :) |
@slavochek2 glad I could come up with the work around 😄 hopefully the team implements something for disabling this properly in a future update |
Works great Joel, thank you so much! |
Preflight Checklist
Electron Version
28.2.0
What operating system are you using?
Windows
Operating System Version
Windows 11 Version 22H2
What arch are you using?
x64
Last Known Working Electron version
No response
Expected Behavior
The user can sign in using their username and password.
Actual Behavior
The user attempts to sign in, the Windows Security "Sign in with your passkey" popup appears, the user clicks Cancel, the cycle repeats.
Testcase Gist URL
No response
Additional Information
Linkedin is the only site this behavior can be observed on. The URL is being loaded through a webview. The following electron settings are in use:
The text was updated successfully, but these errors were encountered: