Details

      Description

      Summary
      Currently, the Instance administrator can set any non-valid Origin, and after save, we didn't provide any feedback to UI about this configuration will cause troubles.

      Repro

      1. Create a new virtual instance, eg. able.com
      2. Login to able.com as Instance admin
      3. Go to Instance Settings / Multi-factor Authentication
      4. Enable MFA and Save
      5. Go to FIDO2 settings
      6. Enter the following to Origins field "http://localhost.com,[http://able.com:8080|http://able.com:8080/]"
      7. Save

      Actual Result
      No warning message on the UI about the contents of Origins

      Expected Results
      We should at least, warn the Instance Admin after save, about the origin url will be lead to problems.

      Reproduced on
      master
      SHA: a13ddd1546319ec52ea5228accd463f4c407694c
      Updated on: Tue Nov 17 13:37:30 2020 -0800

        Attachments

          Activity

            People

            Assignee:
            arthur.chen Arthur Chen
            Reporter:
            gabor.lovas Gábor Lovas
            Recent user:
            Enterprise Release HU
            Participants of an Issue:
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Packages

                Version Package