mortenVChristiansen
/
k_card
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
k_card/tests
History
Morten V. Christiansen 4b719a0846 Switch token binding from per-request URL+method to domain-level host+nonce 
Challenge is now SHA256(host|nonce) instead of SHA256(url|method|nonce).
A single card interaction authorises access to any path and method on the
gated domain, which is the intended granularity. Tests updated accordingly:
path/method rejection cases replaced with domain-level and tampered-host cases.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 		2026-05-09 23:52:48 +02:00
..
card_emulator.py Initial commit: chromecard workspace snapshot 2026-04-29 22:06:14 +02:00
card_emulator_bridge.py Initial commit: chromecard workspace snapshot 2026-04-29 22:06:14 +02:00
k_client_portal.spec.js Initial commit: chromecard workspace snapshot 2026-04-29 22:06:14 +02:00
k_phone_android.spec.js Fix Android Playwright tests: connectOverCDP + card reconnect 2026-05-09 21:41:36 +02:00
k_phone_portal.spec.js Add Playwright acceptance tests for k_phone proxy routing 2026-05-08 12:43:40 +02:00
k_phone_proxy.spec.js Add Playwright acceptance tests for k_phone proxy routing 2026-05-08 12:43:40 +02:00
test_k_proxy.py Initial commit: chromecard workspace snapshot 2026-04-29 22:06:14 +02:00
test_k_server.py Switch token binding from per-request URL+method to domain-level host+nonce 2026-05-09 23:52:48 +02:00