Open Bug 1423587 Opened 3 years ago Updated 2 years ago
PWA with expired security certificate should open in browser
59 bytes, text/x-review-board-request
Build: Nightly 59.0a1 (2017-12-05); Steps to reproduce: 1. Add https://s3-us-west-2.amazonaws.com/pwa-nevin/index.html to the homescreen as a PWA. Close the PWA. 2. Set the device date to 2020. 3. Launch the PWA from the homescreen. Expected result: Open the page in the browser, without opening the PWA. Actual result: Opening the PWA after the certificate expires, a blank PWA is opened in the background and an unsecure connection error page is opened in Nightly. note: Chrome only opens the error page in the browser without launching the web app.
Scenario #2: Please configure a test website as follows: 1. https://test.abc/ with manifest file reference in source. 2. Manifest file defines view mode of standalone/fullscreen, and points to start_url at https://test.abc/mixed-content.html 3.https://test.abc/mixed-content.html points to some image served over http, breaking the https label. Steps: 1. User goes to https://test.abc/ and taps badge; https://test.abc/mixed-content.html is installed as starting point for the PWA. 2. User launches PWA Expected result: https://test.abc/mixed-content.html should not be opened in standalone/fullscreen, but in the browser instead.
GeckoSession exposes the security state via GeckoSession.ProgressListener.onSecurityChange(). The PWA app could abort the load as soon as it sees that the certificate is broken and open the page in Fennec. -> nevin
Please help prioritize
Flags: needinfo?(cnevinchen) → needinfo?(wehuang)
keep the ni so I won't forget
as discussed I added it to 59.5 Sprint planning.
Comment on attachment 8940421 [details] Bug 1423587 - PWA with expired security certificate should open in browser. https://reviewboard.mozilla.org/r/210700/#review216994
Attachment #8940421 - Flags: review?(max) → review+
Assignee: nobody → cnevinchen
Pushed by email@example.com: https://hg.mozilla.org/integration/autoland/rev/07d782c8eb49 PWA with expired security certificate should open in browser. r=maliu
Verified this on Nightly 59 (2018-01-14) and the issue is still reproducing with the same STR. Additionally, if the homepage of the PWA contains mixed content (e.g. https://s3-us-west-2.amazonaws.com/pwa-nevin/index.html), then the page opens in the browser twice. Selecting the PWA task that is still in the background re-opens again 2 pages. (Note: this happens without changing the system's date.)
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
I though the only issue left is the original WebAppActivity is still opened after Fennec is launched? If that's the case I'll create a new bug for the follow up.
Follow up bug: Bug 1430731
You need to log in before you can comment on or make changes to this bug.