New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 880131 link

Starred by 3 users
Status: Available
Owner: ----
Cc:
maxkirsch@chromium.org
dominickn@chromium.org
bgalbs@google.com
pcovell@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Chrome , Mac
Pri: 3
Type: Feature

Blocking:
issue 844278



Sign in to add a comment

policy: Make it easier for Admins to install Web Apps for sites that redirect.

Project Member Reported by ortuno@chromium.org, Sep 4 
When a new policy arrives, we navigate to the URL in the policy. If the site redirects to a different URL, the installation of that Web App fails. This is to avoid installing an incorrect Web App.

So for example if an admin pushes "https://gmail.com" the installation will fail because "https://gmail.com" redirects to "https://mail.google.com/mail/u/0/".

This makes it really hard to install some Web Apps.

We should figure out a way to make it easier for Admins to install Web Apps for sites that redirect.

The are commonly two types of redirects:

1. To an off-origin login page e.g. chat.google.com redirects to accounts.google.com for users that are not signed in.

2. To a more specific URL e.g. mail.google.com directs to mail.google.com/mail/u/0/.

For case 1, we should fail the installation; we shouldn't install an app for accounts.google.com. But in case 2 we should succeed the installation. 

To handle case 2, we could require the target URL to be in the same origin to that of the provided URL.

Sign in to add a comment