[Bug 266317] www/firefox 104.0.1 and firefox-esr 91.13.0 freezes when using WebAuthn security keys

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266317

            Bug ID: 266317
           Summary: www/firefox 104.0.1 and firefox-esr 91.13.0 freezes
                    when using WebAuthn security keys
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: snakedoctr@gmail.com

OVERVIEW:
  Any WebAuthn site where a security key is required/configured (e.g., Google,
GitHub, etc.) isn't working properly.
  If Firefox is working properly, the security key should light up when logging
in and you should be able to press it to authenticate (or register).
  Instead, it appears to work the first or second time as usual, but repeated
attempts (e.g., on a different site you're logging into) will not work (see
below) and/or Firefox will hang.

SYSTEM:
  FreeBSD hostname 13.1-RELEASE-p2 FreeBSD 13.1-RELEASE-p2 GENERIC amd64

FIREFOX VERSION:
  I've tried on www/firefox-104.0.1,2 and www/firefox-esr-91.13.0,1.
  Both have the same result.

STEPS TO REPRODUCE:
  As a test, visit the Yubikey WebAuthn demo page
(https://demo.yubico.com/webauthn-technical/registration).
  Click the "Next" button to perform a test registration.
  Firefox will prompt about demo.yubico.com requesting extended information
about the security key, I click "Anonymize anyway" and hit "Proceed".
  Your U2F key (Yuibkey, etc.) should start flashing and Firefox should prompt
with a "demo.yubico.com wants to register an account with one of your security
keys."  
  Touch the security key to authorize.
  The demo site should say "Regiration compelted!", and the next step is to
test the authentication.
  Click "Authenticate"
  Click the "Next" button to perform a test authentication.

  *This is where things may go one of a few different ways*

  1) 
    Your U2F key (Yuibkey, etc.) should start flashing and Firefox should
prompt with a "demo.yubico.com wants to register an account with one of your
security keys."
    Touch the security key to authorize.
    The demo site will say "authentication successful!"
    *REPEAT the steps again and this time you will likely run into the second
result below.

  2)
    Firefox should prompt with a "demo.yubico.com wants to register an account
with one of your security keys."
    Your U2f key should start flashing, but doesn't.
    Click "Cancel".
    Firefox is now hung at what seems to be a network level -- open a new tab
and try to pull up another website (any).
    Try to quit out of Firefox and it will not exit.  You'll need to force quit
the process.

EXPECTED RESULTS:
  When presented with the WebAuthn prompt from Firefox, the security key should
light up and you should press it to register/authorize on the Yubikey demo
site.  
  Firefox should not hang

ADDITIONAL INFORMATION/LOGS:
  I also tried www/chromium, but it doesn't even light up the security key,
even.

  The following logs are created when the security key either doesn't flash, or
when you do press it and authentication should proceed but doesn't:

  Firefox console error: JavaScript error:
resource://gre/modules/TelemetrySession.jsm, line 757: NS_ERROR_NOT_AVAILABLE:
Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE)
[nsITelemetry.msSinceProcessStartExcludingSuspend]

  /var/log/messages: devd[1016]: check_clients:  dropping disconnected client

-- 
You are receiving this mail because:
You are the assignee for the bug.