Issue metadata
Sign in to add a comment
|
"Site cannot be installed: the page is not served from a secure origin" - on HTTPS
Reported by
nunomigu...@gmail.com,
Dec 9 2017
|
||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Steps to reproduce the problem: 1. Create a Manifest and a Service Worker ready to install as a PWA 2. Have your website under HTTPS 3. "Add to Homescreen" or visit the page twice (this is on Desktop) What is the expected behavior? Your app will be installed. What went wrong? "Site cannot be installed: the page is not served from a secure origin" Did this work before? Yes Last I successfully tested this was in September 24, 2017. I believe I was using a BETA version of Chrome. Does this work in other browsers? Yes Chrome version: 63.0.3239.84 Channel: stable OS Version: 10.0 Flash Version: Also reported by another person here -- https://stackoverflow.com/questions/47522793/site-cannot-be-installed-the-page-is-not-served-from-a-secure-origin-yet-page
,
Dec 11 2017
I reduced my code to a minimum, and I still reproduce the issue.
Here's a sample:
serviceworker.js:
'use strict';
self.addEventListener('install', function(e) {
self.skipWaiting();
});
self.addEventListener('fetch', function(e) {
});
manifest.json:
{
"name": "My App",
"description": "My App is the best.",
"short_name": "My App",
"icons": [{
"src": "https://images.myapp.com/My-App-Logo-64.webp",
"sizes": "64x64",
"type": "image/webp"
}, {
"src": "https://images.myapp.com/My-App-Logo-64.png",
"sizes": "64x64",
"type": "image/png"
}, {
"src": "https://images.myapp.com/My-App-Logo-128.png",
"sizes": "128x128",
"type": "image/png"
}, {
"src": "https://images.myapp.com/My-App-Logo-96.png",
"sizes": "96x96",
"type": "image/png"
}, {
"src": "https://images.myapp.com/My-App-Logo-144.png",
"sizes": "144x144",
"type": "image/png"
}, {
"src": "https://images.myapp.com/My-App-Logo-192.png",
"sizes": "192x192",
"type": "image/png"
}]
}
script.js:
navigator.serviceWorker.register("serviceworker.js").then(function() {
console.log('Service Worker Registered'); // this works well - it registers the service worker
});
index.html:
<link rel="manifest" href="/manifest.json" />
,
Dec 11 2017
Thank you for providing more feedback. Adding requester "vamshi.kommuri@techmahindra.com" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 12 2017
nunomiguelperalta@ - Could you please provide sample test file to test the issue from TE-end. As the code in comment #2 is not of much help in triaging the issue from our end. Thanks...!!
,
Dec 12 2017
I already provided enough information for you to proceed. This is happening with any minimal setup for PWA. I have no more test files to provide.
,
Dec 12 2017
Can you attach a screenshot of the page before attempting to install it? Are there *ANY* non-secure resources on the page? Currently, our logic rejects pages that have any non-secure references.
// static
bool InstallableManager::IsContentSecure(content::WebContents* web_contents) {
if (!web_contents)
return false;
// Whitelist localhost. Check the VisibleURL to match what the
// SecurityStateTabHelper looks at.
if (net::IsLocalhost(web_contents->GetVisibleURL().HostNoBracketsPiece()))
return true;
security_state::SecurityInfo security_info;
SecurityStateTabHelper::FromWebContents(web_contents)
->GetSecurityInfo(&security_info);
return security_info.security_level == security_state::SECURE ||
security_info.security_level == security_state::EV_SECURE;
}
,
Dec 12 2017
See attached screenshot. There is absolutely nothing coming from "http".
,
Dec 12 2017
Re #8: Thanks, that helps narrow things down. Do you see the same issue with Chrome 64 or Chrome 65?
,
Dec 12 2017
,
Dec 12 2017
I've just installed Chrome 64 Dev, and then installed the same extensions I have, and it appears to be working.
,
Dec 12 2017
I don't know if this means that Chrome 64 is actually fixed, or if it could be some configuration on my Chrome 63 setup...
,
Dec 12 2017
Ok - I've just tested on Chrome 63 Beta, and it worked. This then means the problem is in my setup/configuration, which likely means this issue might happen with other users, and probably needs to be fixed on Chromium?
,
Dec 12 2017
Can you share the exact build number of the working Chrome 63 beta?
,
Dec 12 2017
63.0.3239.90
,
Jan 13 2018
This is still happening with 63.0.3239.132 (64-bit)
,
Jan 13 2018
Thank you for providing more feedback. Adding requester "krajshree@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jan 16 2018
As per comment#5 reporter says its not possible to provide any other test files, hence requesting some one from dev team to look into this issue. Adding label TE-NeedsTriageHelp for further investigation. Thanks!
,
Jan 16 2018
Hello, I've just realized I had a few flags turned on, and one of them might be the cause for the error I was getting. Once I disabled them, I could install the app with no problem: #enable-new-app-menu-icon #bypass-app-banner-engagement-checks #enable-experimental-app-banners #enable-app-banners #enable-message-center-new-style-notification You might want to have a look at them, before they go live. Thank you.
,
Jan 17 2018
,
Jan 26 2018
NOT_FROM_SECURE_ORIGIN error comes from InstallableManager::CheckEligiblity() https://cs.chromium.org/chromium/src/chrome/browser/installable/installable_manager.cc?l=431&rcl=c67646fb6096ac1d87b516b2eaf2eb9968d2da73 Removed SW as Blink>AppManifest seems like the right component. |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by vamshi.k...@techmahindra.com
, Dec 11 2017Labels: Needs-Triage-M63 Triaged-ET Needs-Feedback