From 49325c8983c688c4526815ee008289aa9f276b1f Mon Sep 17 00:00:00 2001 From: "Michael B. Jones" Date: Thu, 1 Aug 2024 06:15:53 +1200 Subject: [PATCH] Apply RFC 8264 enforcement only to non-empty strings (#2073) * Disallow empty strings * Update index.bs Co-authored-by: Matthew Miller * Apply RFC 8264 enforcement only to non-empty strings --------- Co-authored-by: Matthew Miller --- index.bs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/index.bs b/index.bs index d70ec37cf..e895ca9ad 100644 --- a/index.bs +++ b/index.bs @@ -3324,14 +3324,15 @@ credential. - [=[RPS]=] SHOULD perform enforcement, as prescribed in Section 2.3 of [[!RFC8266]] for the Nickname Profile of the PRECIS FreeformClass [[!RFC8264]], - when setting {{PublicKeyCredentialUserEntity/displayName}}'s value, or displaying the value to the user. + when setting {{PublicKeyCredentialUserEntity/displayName}}'s value to a non-empty string, + or displaying a non-empty value to the user. - This string MAY contain language and direction metadata. [=[RPS]=] SHOULD consider providing this information. See [[#sctn-strings-langdir]] about how this metadata is encoded. - [=Clients=] SHOULD perform enforcement, as prescribed in Section 2.3 of [[!RFC8266]] for the Nickname Profile of the PRECIS FreeformClass [[!RFC8264]], - on {{PublicKeyCredentialUserEntity/displayName}}'s value prior to displaying the value to the user or - including the value as a parameter of the [=authenticatorMakeCredential=] operation. + on {{PublicKeyCredentialUserEntity/displayName}}'s value prior to displaying a non-empty value to the user or + including a non-empty value as a parameter of the [=authenticatorMakeCredential=] operation. When [=clients=], [=client platforms=], or [=authenticators=] display a {{PublicKeyCredentialUserEntity/displayName}}'s value, they should always use UI elements to provide a clear boundary around the displayed value, and not allow overflow into other elements [[css-overflow-3]].