Expose passwords to JavaScript in Credential Management API

This change exposes passwords to JavaScript in the Credential Management API by providing the corresponding attribute on PasswordCredential. Furthermore it deprecates the previously existing PasswordCredential attributes and the custom `fetch()` `credential` infrastructure.

Documentation

• https://developers.google.com/web/updates/2017/06/credential-management-updates

Specification

Editor's draft

Status in Chromium

Blink components: Blink>SecurityFeature

Enabled by default (launch bug) in:

• Chrome for desktop release 60
• Chrome for Android release 60
• Android WebView release 60
• Opera release 47
• Opera for Android release 47

Consensus & Standardization

• Firefox: Mixed public signals
• Edge: No public signals
• Safari: No public signals
• Web Developers: Positive

Owner

• jdoerrie@chromium.org

Last updated on 2017-07-25