I've got an odd issue where a certain domain fails to load in a WKWebView. It gives an error:
WebPageProxy::didFailProvisionalLoadForFrame: frameID=3, domain=NSURLErrorDomain, code=-1200
Which I believe is complaining about a certificate issue? It works fine if I allow insecure content via info.plist, but of course I don't want to allow that.
The cert is fine for that domain. I'm unable to share the url unfortunately. It's a .gov domain. The cert is DigiCert and not-expired.
It works fine in Safari outside of the app, and even in Firefox and Chrome, which I thought used WKWebView but maybe not?
Has anyone ever experienced this issue? What additional steps can I do to pin down what exactly WKWebView is complaining about and what can be done to fix it?
We're actually using Xamarin, but we have test projects in both Xamarin and Xcode that replicate the issue.
Thanks!
I found the problem!
WKWebView (unlike Safari) requires that SSL certs support forward secrecy.
https://developer.apple.com/documentation/bundleresources/information_property_list/nsexceptionrequiresforwardsecrecy
You can check if a cert supports this here:
https://www.ssllabs.com/ssltest/analyze.html
It's possible to disable it in info.plist but we've opted to ask the site owner to change their certs.
Related
I'm having a strange issue with RN Webview. I need to open the payment page with Webview on my app, and when I select the 3D secure payment option, all banks show me an error page. This only happens on iOS devices, everything works fine on all browsers and on Android devices.
I've found this solution on Stackoverflow but it didn't work for me. I tried the NSAllowsArbitraryLoads key, I also added the bank URL's as NSExceptionDomains, with NSExceptionRequiresForwardSecrecy key set to false.
One thing I noticed is that when I run the /usr/bin/nscurl --ats-diagnostics --verbose https:{bankUrl} command, I see the only Failing situation is when the NSExceptionMinimumTLSVersion value is TLSv1.3. When I check the payment page on browser, I see the used protocol is TLS 1.3, so I thought this could be the issue.
I tried to set NSExceptionMinimumTLSVersion to TLSv1.3, but then I get the an ssl error has occurred and a secure connection to the server cannot be made error. I'm out of ideas here, what should I do?
I am using the the HTML5 Video tag on a PWA created in angular 6 and for the life of me I can't get it to work. At first I thought it was an issue with encoding since it works on FF, Chrome (Desktop and Mobile), and Safari Desktop. I have checked the encoding and the use of the video tag. I believe that all is in order. I am able to play the video on iOS when serving it using HTTP from my local.
ng serve --host 0.0.0.0
It fails to play when trying to use HTTPS and a cert generated from openssl.
http-server dist/marcel-webapp/ -S
This leads me to believe that the issue is only with untrusted certificates. The problem that I having a very hard time finding the solution to is that I am hosting it on Firebase, and google handles the provisioning of the SSL certificates automatically. I checked my version of the trust store on my phone and the neither the root or intermediate certificates in use are listed.
Here is the link to the video my site
The question is... If really do have a certificate issue on firebase, what can be do about it?
Thanks in advance for any guidance on this.
Update and actual problem identified! I eliminated an untrusted certificate as the problem by deploying to AWS. The problem is actually related to the service worker created when adding PWA support to the project. The reason the video works over HTTP is that service workers are only enabled in HTTPS. I'm using Angular 6 to create the PWA, however it seems that other frameworks have the same problem. Turning off services workers in the Safari allows the video to display as expected
Settings > Safari > Advanced > Experimental Features > Service Workers
I found this post describes the problem in great detail. View Post Here
I have a weird situation, I am developing a site I can see all of the images well on my mac as well as an android phone but on my iPhone and my friends mac, and iPad it is not displaying the images when using safari. Is there something I need to add to the files for this to display properly all through out?
Thanks all feedback welcomes
It appears these assets are linked using https but there is not a valid SSL on the site. So on the devices where it works you have either authorized the SSL or bypassed it, but the other devices have not.
If you open up the Developer Tools in Chrome and view the console you can see the assets with issues along with the error message... "Failed to load resource: net::ERR_INSECURE_RESPONSE"
Just in case someone else has the same problem. For me the problem was that a plugin "Ewww image optimizer" converted images to webP, these were then cached and served by cloudflare and wouldn't load in safari
I have an issue to make an investigation using my iOS app (iOS 9.3.3). I need to connect to a site which uses self-signed certificate. That site redirects me to an address with http. I see several solutions, but neither of them is working.
First I try to disable the https check using NSAppTransportSecurity but I still get -9813. I add domain as exception using NSExceptionDomains but still continue to receive that error.
If your site runs on Http// then you have to add an App Transport Security Settings
Under that Allow Arbitrary Loads to YES.
If Your site runs on Https// then there no need to add any Key to your info.plist file.
Hope This will help you . If not let me know.
I have https server configured with ssl options.I configured certificates in Settings>General>Profiles.
When I access my server using Safari browser it works fine. But same doesn't work with Firefox,chrome and my ios app.
Do I need to do any specific step to solve this problem?
I am afraid it is not possible to solve this issue :/
I'm having the exact same problem: I have installed a custom certificate on my IPad and the secure connection works fine on Safari, but on Firefox the website tells me that there is no certificate installed
On the desktop application there is an option to add certificates to Firefox (tools > security > certificates), but this option does not exists in Firefox
From my understanding this is due to Firefox for IOS having only very limited functionalities (no module for example), so unfortunately it looks like it is not possible to set Firefox for IOS to use local security certificates...