Multi-facet sign doesn't work across the u2fdemo.appspot.com variants

[thgreasi]

Expected behavior

After registering a key @ u2fdemo.appspot.com we should be able to use it to authenticate on any other websites that are in the origins.json

Actual behavior

After registering a key @ u2fdemo.appspot.com we can't sing in to https://crxjs-dot-u2fdemo.appspot.com & https://noext-dot-u2fdemo.appspot.com without re-registering the key there as well.

Steps to reproduce:

1. Navigate to u2fdemo.appspot.com and register a token
2. Navigating to https://crxjs-dot-u2fdemo.appspot.com and trying to authenticate with the registered token fails, logging u2f-api.js:532 Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('chrome-extension://pfboblefjcgdjicmnffhdgionmgcdmne') does not match the recipient window's origin ('null'). in the console
3. Navigating to https://noext-dot-u2fdemo.appspot.com and trying to authenticate with the registered token fails, showing a "U2F token is not registered" banner.
   

Specifications

• Browser: Google Chrome 66.0.3359.117 64-bit
• OS: Ubuntu 16.04

References

The https://u2fdemo.appspot.com/origins.json atm:

{
  "trustedFacets" : [{
    "version": { "major": 1, "minor" : 0 },
    "ids": [
      "http://localhost:8888",
      "https://u2fdemo.appspot.com",
      "https://crxjs-dot-u2fdemo.appspot.com",
      "https://noext-dot-u2fdemo.appspot.com",
      "android:apk-key-hash:bkHnlWEV_jRCPdYGJfwOl7Sn_CLC_2TE3h4TO1_n34I"
    ]
  }]
}

[dgoujard]

I have the same issue in other project (https://github.com/Yubico/php-u2flib-server), i think it's chrome related