Closed Bug 1927160 Opened 11 days ago Closed 11 days ago

PWA manifest not retrieved when tls mutual authentication used

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Version:
Firefox 131
Type:
defect

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: iontankatchker, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0

Steps to reproduce:

I wrote a PWA (container can be built here if you want to reproduce https://github.com/jNullj/fox-timetail)
The docker container is running behind a reverse proxy with Apache serving it over HTTPS with SSL mutual authentication.
The Firefox client (131.0.3) on my Archlinux OS is able to get data over SSL i expected the PWA manifest.json to get served as well

Actual results:

get request for manifest.json is attempted but never sent. its stuck at TLS step.
Other files do work.

Expected results:

manifest.json get request sent.

other (might be) related notes, i try to register a service-worker and i never see an attempt to send a request and i noticed TLS mutual auth does not work on mobile at all.

Component: Untriaged → Security: PSM
Product: Firefox → Core

I don't think Firefox supports PWAs on Desktop: https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps/Guides/Making_PWAs_installable#browser_support

Status: UNCONFIRMED → RESOLVED
Closed: 11 days ago
Flags: needinfo?(iontankatchker)
Resolution: --- → INVALID

That's odd, I run the same docker container locally and it does get the manifest as well it runs my service worker
I can see in the dev tools the manifest info loaded and it says my service worker is running.

On the same desktop firefox that refuses to send the get request to the same file when its used with TLS mutual authentication

My issue is not about the ability to install PWA but about sending the get request to fetch the manifest.

Flags: needinfo?(iontankatchker)

Do you have any extensions installed?

Flags: needinfo?(iontankatchker)

I have 2 extensions installed, "Dark reader" & "KeePassXC-browser"
I just checked again in private browsing (control+shift+P) without extensions and had the exact same issue.
In developer tools my request timing shows the last step triggered is "TLS Setup" with 10ms, then it stalled and never tried the "Sending" setup.
Also in Application under developer tools it says about manifest "NetworkError when attempting to fetch resource".

Its not an issue with the TLS certificates as other requests work just fine and the site loads other then the manifest file and worker.

Flags: needinfo?(iontankatchker)
You need to log in before you can comment on or make changes to this bug.