-
Notifications
You must be signed in to change notification settings - Fork 832
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[PM-14240] Add Quetta Browser to Privileged Apps #4189
base: main
Are you sure you want to change the base?
Conversation
Thank you for your contribution! We've added this to our internal Community PR board for review. |
I tested these changes on several sites known to have working passkey implementations but I was not able to get the browser to trigger registration or authentication. Due to this, I'm hesitant to accept the changes as they are. If you provide a video of the browser supporting passkeys with your changes we can consider adding the browser. |
Hi @SaintPatrck, I forgot to mention that I had to enable the passkey flag in the quetta flags section via quetta://flags |
}, | ||
{ | ||
"build": "release", | ||
"cert_fingerprint_sha256": "32:57:D5:99:A4:9D:2C:96:1A:47:1C:A9:84:3F:59:D3:41:A4:05:88:45:83:FC:08:7D:F4:23:7B:73:3B:BD:6D" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are there two fingerprints here? I suppose one is from Google Play but what would be the other one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Honestly, it has been a few weeks since I've made this commit. I used "App Manager" to get the sha256 values. I tested it again without that other fingerprint and it seems to be working fine. It must have been removed since I do not see that sha256 fingerprint in "App Manager".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In that case this would be a security concern, I'd take it off;
BE:FE:E7:31:12:6A:A5:6E:7E:FD:AE:AF:5E:F3:FA:EA:44:1C:19:CC:E0:CA:EC:42:6B:65:BB:F8:2C:59:46:80 I can confirm is from the Play Store, but the other one I cannot.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In that case this would be a security concern, I'd take it off;
BE:FE:E7:31:12:6A:A5:6E:7E:FD:AE:AF:5E:F3:FA:EA:44:1C:19:CC:E0:CA:EC:42:6B:65:BB:F8:2C:59:46:80 I can confirm is from the Play Store, but the other one I cannot.
Yes, I did take it off and removed it on my end. I'll be pushing the commit with the removal to my version/repo once I am home tonight. And if you're not aware, Quetta also updated the browser to support autofill, I tested the browser with the latest commits in the custom built apk. I can confirm that the autofill works with bitwarden now.
To be fair all of the Chromium-based browsers I've added originally with 20383f0 do not seem to work properly with passkeys... Well, for me anyway. They did seem to work in the past but randomly broke, and weirdly this weird Quetta browser does seem to work... |
🎟️ Tracking
I added Quetta browser to allow for passkey support.
📔 Objective
Adds Quetta Browser to privileged apps for passkey support.
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:
) or similar for great changes:memo:
) or ℹ️ (:information_source:
) for notes or general info:question:
) for questions:thinking:
) or 💭 (:thought_balloon:
) for more open inquiry that's not quite a confirmedissue and could potentially benefit from discussion
:art:
) for suggestions / improvements:x:
) or:warning:
) for more significant problems or concerns needing attention:seedling:
) or ♻️ (:recycle:
) for future improvements or indications of technical debt:pick:
) for minor or nitpick changes