Skip to content

2FA should not attempt to use U2F in unsupported browsers

Summary

U2F keys are supported in Chrome 41+. When logging into Gitlab, with 2FA and U2F enabled in the Safari, I'm shown following screen:

screenshot_2017.11.09_144351

Instead of showing this screen, Gitlab should be smart enough to display field for entering 2FA code, saying U2F is not supported in this browser.

Steps to reproduce

  1. Enable 2FA and U2F in Gitlab (using Chrome browser).
  2. Open Safari and attempt to login to Gitlab.

What is the current bug behavior?

Message displayed to use Chrome in order to use U2F.

What is the expected correct behavior?

Detect browser and allow entering 2FA code in Safari without extra click.

Relevant logs and/or screenshots

screenshot_2017.11.09_144351