Do not create WebAPK if manifest URL or start URL do not meet requirements |
||||||
Issue descriptionIn order for a Web Manifest to be WebAPK-compatible: start_url and manifest_url may not contain a port www.google.com:400/ is invalid may not contain a username / password http://username:password@example.com/ is invalid. According to http://serverfault.com/questions/371907/can-you-pass-user-pass-for-http-basic-authentication-in-url-parameters this format is no longer supported in Chrome.
,
Jul 18 2016
,
Jul 20 2016
,
Aug 8 2016
,
Aug 17 2016
,
Aug 17 2016
I have posted a CL to disallow creating WebAPKs for URLs with a username and password (https://codereview.chromium.org/2248293002/) Do we need to disallow creating WebAPKs for URLs which specify a custom port? Can we create a OneOffWebAPK if any URL in the web manifest specifies a custom port?
,
Aug 17 2016
I think it may be technically feasible to implement support for custom ports in android intent filters: https://developer.android.com/reference/android/content/IntentFilter.html I don't think it's that probably though so would be inclined to disable support due to testing/complexity overhead. If there's demand, we can add it back? thoughts?
,
Aug 26 2016
Unfortunately EmbeddedTestServer::GetURL() returns a URL with a port. This means that we need to support ports in URLs in order for the tests to work. Adding ports to the WebAPK intent filter is annoying. My suggestion: - If an explicit port is specified in the Web Manifest, the WebAPK server generates a OneOffWebAPK - The WebAPK's intent filter is set to match the scope in the Web Manifest, but any port.
,
Aug 27 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6981e68516d341354372d174c557fb85653adcd7 commit 6981e68516d341354372d174c557fb85653adcd7 Author: pkotwicz <pkotwicz@chromium.org> Date: Sat Aug 27 10:53:12 2016 Do not install WebAPKs with web manifests with invalid URL components This CL disallows generating WebAPKs for pages with Web Manifests with passwords and user name URL components. The WebAPK server caches web manifests for WebAPKs that it has previously generated. We do not want to store usernames and passwords on the WebAPK server. BUG= 622465 Review-Url: https://codereview.chromium.org/2248293002 Cr-Commit-Position: refs/heads/master@{#414907} [modify] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/browser/android/banners/app_banner_manager_android.cc [modify] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/browser/android/webapk/manifest_upgrade_detector_fetcher.cc [add] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/browser/android/webapk/webapk_web_manifest_checker.cc [add] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/browser/android/webapk/webapk_web_manifest_checker.h [add] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/browser/android/webapk/webapk_web_manifest_checker_unittest.cc [modify] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/browser/installable/installable_logging.cc [modify] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/browser/installable/installable_logging.h [modify] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/chrome_browser.gypi [modify] https://crrev.com/6981e68516d341354372d174c557fb85653adcd7/chrome/chrome_tests_unit.gypi
,
Aug 29 2016
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by yfried...@chromium.org
, Jun 30 2016