Merge pull request #2019 from abergs/localhost-context-example

SHA: 1a72b38 Reason: push, by nicksteele Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
w3c · Feb 21, 2024 · 834f5a8 · 834f5a8
1 parent f42f4b6
commit 834f5a8
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/index.html b/index.html
@@ -6,7 +6,7 @@
   <meta content="ED" name="w3c-status">
   <meta content="Bikeshed version d5d58a306, updated Fri Jan 26 16:12:28 2024 -0800" name="generator">
   <link href="https://www.w3.org/TR/webauthn-3/" rel="canonical">
-  <meta content="3c71812cfb6f2e295e9ea42e2ede9529820784b4" name="revision">
+  <meta content="1a72b38d408b59f823a863a18dc755d76e0ba21d" name="revision">
 <style type="text/css">
 body {
     counter-reset: table;
@@ -2345,7 +2345,7 @@ <h2 class="heading settled" data-level="4" id="sctn-terminology"><span class="se
        <li data-md>
         <p>The <a data-link-type="dfn" href="#determines-the-set-of-origins-on-which-the-public-key-credential-may-be-exercised" id="ref-for-determines-the-set-of-origins-on-which-the-public-key-credential-may-be-exercised④">origin</a>'s <a data-link-type="dfn" href="https://url.spec.whatwg.org#concept-url-port" id="ref-for-concept-url-port②">port</a> is unrestricted.</p>
       </ul>
-      <p>For example, given a <a data-link-type="dfn" href="#relying-party" id="ref-for-relying-party⑦③">Relying Party</a> whose origin is <code>https://login.example.com:1337</code>, then the following <a data-link-type="dfn" href="#rp-id" id="ref-for-rp-id⑨">RP ID</a>s are valid: <code>login.example.com</code> (default) and <code>example.com</code>, but not <code>m.login.example.com</code> and not <code>com</code>.</p>
+      <p>For example, given a <a data-link-type="dfn" href="#relying-party" id="ref-for-relying-party⑦③">Relying Party</a> whose origin is <code>https://login.example.com:1337</code>, then the following <a data-link-type="dfn" href="#rp-id" id="ref-for-rp-id⑨">RP ID</a>s are valid: <code>login.example.com</code> (default) and <code>example.com</code>, but not <code>m.login.example.com</code> and not <code>com</code>. Another example of a valid origin is <code>http://localhost:8000</code>, due to the origin being <code>localhost</code>.</p>
       <p>This is done in order to match the behavior of pervasively deployed ambient credentials (e.g., cookies, <a data-link-type="biblio" href="#biblio-rfc6265" title="HTTP State Management Mechanism">[RFC6265]</a>).
     Please note that this is a greater relaxation of "same-origin" restrictions than what <a data-link-type="dfn" href="https://html.spec.whatwg.org/multipage/origin.html#dom-document-domain" id="ref-for-dom-document-domain">document.domain</a>'s setter provides.</p>
       <p>These restrictions on origin values apply to <a data-link-type="dfn" href="#webauthn-client" id="ref-for-webauthn-client⑤">WebAuthn Clients</a>.</p>