PWA with expired security certificate should open in browser

REOPENED
Assigned to

Status

()

defect
REOPENED
2 years ago
2 years ago

People

(Reporter: oana.horvath, Assigned: cnevinchen)

Tracking

(Blocks 1 bug)

Firefox 59
Firefox 59
ARM
Android
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox59 fixed)

Details

(Whiteboard: [FNC][SPT59.5][BL])

Attachments

(1 attachment)

Build: Nightly 59.0a1 (2017-12-05);

Steps to reproduce:
1. Add https://s3-us-west-2.amazonaws.com/pwa-nevin/index.html to the homescreen as a PWA. Close the PWA.
2. Set the device date to 2020.
3. Launch the PWA from the homescreen.

Expected result:
Open the page in the browser, without opening the PWA.

Actual result:
Opening the PWA after the certificate expires, a blank PWA is opened in the background and an unsecure connection error page is opened in Nightly. 

note: Chrome only opens the error page in the browser without launching the web app.
Scenario #2:

Please configure a test website as follows:
1. https://test.abc/ with manifest file reference in source.
2. Manifest file defines view mode of standalone/fullscreen, and points to start_url at https://test.abc/mixed-content.html
3.https://test.abc/mixed-content.html points to some image served over http, breaking the https label.

Steps:
1. User goes to https://test.abc/ and taps badge; https://test.abc/mixed-content.html is installed as starting point for the PWA.
2. User launches PWA

Expected result:
https://test.abc/mixed-content.html should not be opened in standalone/fullscreen, but in the browser instead.
GeckoSession exposes the security state via GeckoSession.ProgressListener.onSecurityChange(). The PWA app could abort the load as soon as it sees that the certificate is broken and open the page in Fennec.

-> nevin
Flags: needinfo?(cnevinchen)
Please help prioritize
Flags: needinfo?(cnevinchen) → needinfo?(wehuang)
keep the ni so I won't forget
Flags: needinfo?(cnevinchen)
as discussed I added it to 59.5 Sprint planning.
Flags: needinfo?(wehuang)
Comment on attachment 8940421 [details]
Bug 1423587 - PWA with expired security certificate should open in browser.

https://reviewboard.mozilla.org/r/210700/#review216994
Attachment #8940421 - Flags: review?(max) → review+
Whiteboard: [FNC][SPT59.5][BL]
Assignee: nobody → cnevinchen
Flags: needinfo?(cnevinchen)
Pushed by nechen@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/07d782c8eb49
PWA with expired security certificate should open in browser. r=maliu
https://hg.mozilla.org/mozilla-central/rev/07d782c8eb49
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 59
Verified this on Nightly 59 (2018-01-14) and the issue is still reproducing with the same STR.
Additionally, if the homepage of the PWA contains mixed content (e.g. https://s3-us-west-2.amazonaws.com/pwa-nevin/index.html), then the page opens in the browser twice. Selecting the PWA task that is still in the background re-opens again 2 pages. (Note: this happens without changing the system's date.)
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
I though the only issue left is the original WebAppActivity is still opened after Fennec is launched?
If that's the case I'll create a new bug for the follow up.
Flags: needinfo?(oana.horvath)
Follow up bug: Bug 1430731
Depends on: 1430731
Flags: needinfo?(oana.horvath)
You need to log in before you can comment on or make changes to this bug.