When a new policy arrives, we navigate to the URL in the policy. If the site redirects to a different URL, the installation of that Web App fails. This is to avoid installing an incorrect Web App.
So for example if an admin pushes "https://gmail.com" the installation will fail because "https://gmail.com" redirects to "https://mail.google.com/mail/u/0/".
This makes it really hard to install some Web Apps.
We should figure out a way to make it easier for Admins to install Web Apps for sites that redirect.
The are commonly two types of redirects:
1. To an off-origin login page e.g. chat.google.com redirects to accounts.google.com for users that are not signed in.
2. To a more specific URL e.g. mail.google.com directs to mail.google.com/mail/u/0/.
For case 1, we should fail the installation; we shouldn't install an app for accounts.google.com. But in case 2 we should succeed the installation.
To handle case 2, we could require the target URL to be in the same origin to that of the provided URL.