registration fails due to trusted facets not used

[cornelinux]

Environment:

• Ubuntu 16.04
• Firefox 53
• Yubikey 4
• Backend privacyIDEA

It looks like this firefox addon does not support trusted facets at least during enrollment.

Scenario 1 - works with FF+u2f4moz and Chrome

register the u2f device on a machine called https://puck.az.intern. The AppId is set to https://puck.az.intern.

Scenario 2 - works with Chrome - does not work with FF+u2f4moz

register the u2f device on a machine called https://puck.az.intern.
The AppId is set to https://puck2.az.inter/u2f, which provides a list of trusted facets:

{
  "trustedFacets": [
            {
               "version": {
                   "major": 1,
                   "minor": 0
                },
  "ids": [
        "https://puck.az.intern",
        "https://puck2.az.intern/u2f"
        ]
    }
  ]
}

The registration works nice with Chrome. FF produces a U2F timeout. THe yubikey does not blink.

[baloo]

I use this too, and I just found that trusted facets json should be served with:

Content-Type: application/fido.trusted-apps+json

As specified here:
https://fidoalliance.org/specs/fido-u2f-v1.0-ps-20141009/fido-appid-and-facets-ps-20141009.pdf

The extension does work with u2f facets, but checks that facets is served with expected content-type and will silently fail if not.