CoreLibs icon indicating copy to clipboard operation
CoreLibs copied to clipboard

Published 20 hours ago verified publisher icon AdguardTeam

Browser uses the default certificate after re-enabling protection

Open zloyden opened this issue 1 year ago • 4 comments

Please answer the following questions for yourself before submitting an issue.

  • [X] I am running the latest version
  • [X] I checked the documentation and found no answer
  • [X] I checked to make sure that this issue has not already been filed

AdGuard version

4.3n21

Environment

- OS: Android 11
- Device: POCO F1

Root access

  • [X] Yes, I have it.

What filters do you have enabled?

AdGuard Base filter, AdGuard Mobile Ads filter, AdGuard Russian filter, AdGuard Tracking Protection filter, AdGuard URL Tracking filter, AdGuard Social Media filter, AdGuard Annoyances filter

What Stealth Mode options do you have enabled?

No response

Issue Details

Steps to reproduce:

  1. Disable protection
  2. Open github.com in Chrome
  3. Check the certificate and you will see it's given by DigiCert
  4. Return to app and enable protection
  5. Refresh the page.

Expected Behavior

The certificate must be provided by AdGuard.

Actual Behavior

The certificate are provided by DigiCert.

Screenshots

Screenshot 1:

Additional Information

No response

zloyden avatar Nov 22 '23 12:11 zloyden

@zloyden doesn't repeat this for me. How quickly do you get back to the browser after enabling protection? It takes some time for the application to enable protection. Please try enabling protection, wait for example 10-20 seconds, then try refreshing the page

maxikuzmin avatar Nov 22 '23 17:11 maxikuzmin

@zloyden Could it be due to the service worker caching?

ameshkov avatar Nov 22 '23 18:11 ameshkov

Please try enabling protection, wait for example 10-20 seconds, then try refreshing the page

I usually wait ~10 seconds, but today I have waited over 20 seconds and still the same thing.

Could it be due to the service worker caching?

I don't notice that they use sw, but I've tested on my personal device which have 4.2 that works via local VPN and there is no such issue. For instance, I've checked github.com, ya.ru with the same pattern, but after restarting the protection, the certificate changes to AdGuard normally. Meanwhile, on POCO F1 it does not work as expected. Perhaps a CoreLibs issue or something is wrong with the Proxy mode.

zloyden avatar Nov 23 '23 07:11 zloyden

@ameshkov looks like a CoreLibs issue. I have the same on Windows using the latest nightly (CL 1.13.81). Closing idle sockets helps here chrome://net-internals/#sockets.

zloyden avatar Nov 28 '23 14:11 zloyden