android-browser-helper icon indicating copy to clipboard operation
android-browser-helper copied to clipboard
verified publisher icon GoogleChrome

Implement a SslError handler (cf WebView)

Open akerbo06 opened this issue 5 years ago • 4 comments

I'm using TrustedWebActivity to open SAP Fiori URLs. The problem is that these Fiori servers ask for certificate so a "No certificates found" dialog is shown each time a new user try to open a SAP-link through the TWA for the first time (the next times, and as long as our client app is installed on the user's device, this dialog doesn't show up).

I think a good way to handle this would be to implement a onReceivedSslError method as in WebView : https://source.chromium.org/chromium/chromium/src/+/master:android_webview/glue/java/src/com/android/webview/chromium/WebViewContentsClientAdapter.java;l=947;drc=439465f8724d4b502355d3683aa8dad2ff076ebf

Then I would be able to call the proceed and cancel methods in my client app to avoid this user-hostile behaviour.

akerbo06 avatar Oct 08 '20 08:10 akerbo06

@akerbo06 what happens when the Trusted Web Activity is opened in Chrome or another browser that supports the protocol?

andreban avatar Oct 08 '20 08:10 andreban

The "no certificates found" dialog is always shown. Even if I type and try to open the link directly in Chrome.

akerbo06 avatar Oct 08 '20 09:10 akerbo06

So, it seems the client certificate is not sent to the browser when opening the Trusted Web Activity for the first time but, after that, it is - is this correct? Does this also happens if accessing the page via the regular browser(eg: opening Chrome and typing in the URL). Trying to understand if this is a TWA specific behaviour or more general to how the browser behaves.

The WebView fallback is supposed to mimic the behaviour of the browser, and is not a great replacement. for it. In the ideal world, a browser that supports TWAs will always be available and it wouldn't even be needed.

andreban avatar Oct 08 '20 10:10 andreban

@andreban Yes, that's it. It also happens directly via Chrome, yes.

So I don't think it's a TWA specific behaviour but, as we use TWA, we are in need for a way to handle this certificate through TWA.

To contextualize, before we were using a WebView in our Android client app to open Fiori URLs. Since a Fiori update, WebView became not enough performant (at least 4 seconds latency between the user action and the result on screen). That's why we decided to migrate to TWA as it is way more performant but now we have this certificates issue that we are not able to catch whereas with WebView it was possible thanks to method I've mentionned above.

akerbo06 avatar Oct 09 '20 08:10 akerbo06