WKWebView and WebAuthn seems broken in iOS 15.4. Did something change, are they broken?
To explain in more detail, when attempting to use a WebAuthn enabled web application in previous versions of iOS, the browser (WKWebView) reports "Not Supported".
Trying the same in iOS 15.4, both simulator and device does not report "Not supported" and attempting a WebAuthn challenge gets stuck. Additionally, it seems not respect timeout times.
An easy example is to run a simple test app with a WebView, load "https://webauthn.io/" and see the results. (See attachments). This has been tested in more vendors as well with similar results. I am posting here some results from webauthn.io that clearly demonstrate the behaviour change without any other moving parts.
This causes multiple authentication issues on some 3rd party apps, when the authentication journeys include WebAuthn challenges. Is there a bug in WKWebViews, is that intended and if so how is someone supposed to get around that?
Please let me know if you need code samples or for me to raise a bug report.
Thanks in advance, George Bafaloukas