Chrome Dev 69 - Trusted web activity - Digital assets link validation for intranet/private web app seem to be failing

358 views
Skip to first unread message

AnandT

unread,
Aug 8, 2018, 11:29:59 AM8/8/18
to Chromium-dev

Should the website accessed as "Trusted Web activity" be in public domain? 


I've followed this doc to

  1. Create a wrapper Android app based on this sample project for my UI application which runs in non-public domain in our corporate servers.
  2. Add assetlinks.json in my Angular 6 PWA application, with SHA256 fingerprints of my release key.
  3. Deployed the signed apk to a Android 4.4.3 device running Chrome Dev 69 and Google play services - 12.8.74.

When I run the application, everything works fine except hiding the address bar, which makes it as a regular custom tab and not the "Trusted web" content.

I don't see any error in the log and not sure how to debug this scenario. Any help on this is appreciated.

Dominick Ng

unread,
Aug 8, 2018, 9:07:15 PM8/8/18
to Chromium-dev, Peter Conn, Bernhard Bauer
+TWA folks.

Bernhard Bauer

unread,
Aug 9, 2018, 4:47:42 AM8/9/18
to Dominick Ng, Chromium-dev, Peter Conn
Ah yes, Chrome currently uses the Digital Asset Links REST API provided by Google to verify links, which means the origin needs to be publicly accessible. That being said, something I've been considering for a while is to just directly fetch the statement in Chrome, which would solve this use case.

Bernhard.
Message has been deleted

AnandT

unread,
Sep 6, 2018, 2:24:05 PM9/6/18
to Chromium-dev, domi...@chromium.org, pec...@chromium.org, bau...@chromium.org
Hi Bernhard,
Any plans to move assets validation to browser side to support private web apps? It would help huge pile of old Android Enterprise devices out there, including our 20K devices. 

Would be happy to know if there is any workaround or alternate options to wrap our PWA and distribute to enterprise devices. Since these devices are enterprise managed, we can do some outside app settings if required. 

Thanks,
Anand 

Bernhard Bauer

unread,
Sep 7, 2018, 6:21:13 AM9/7/18
to AnandT, Chromium-dev, domi...@chromium.org, pec...@chromium.org
Hi Anand, 

we ran into some issues that need to be fixed before TWAs will launch on stable. Chrome 71 is the earliest release now, but again we can't actually promise a fixed date. I think it should be feasible to implement native validation before we launch TWAs -- right, Peter?

Bernhard.

AnandT

unread,
Sep 7, 2018, 1:54:40 PM9/7/18
to Chromium-dev, anand...@gmail.com, domi...@chromium.org, pec...@chromium.org, bau...@chromium.org
Thanks for the update Bernhard.
We are fine using this feature in Chrome Beta/Canary as well if we could get the TWA validation native in browser. 

Sam

unread,
Dec 7, 2018, 3:56:16 PM12/7/18
to Chromium-dev, domi...@chromium.org, pec...@chromium.org, bau...@chromium.org
Is TWA validation going to happen in browser to support offline browser? Any scope for private/enterprise web apps which needs this feature?


On Thursday, August 9, 2018 at 4:47:42 AM UTC-4, Bernhard Bauer wrote:

Peter Conn

unread,
Dec 28, 2018, 3:51:48 AM12/28/18
to Sam, Chromium-dev, domi...@chromium.org, bau...@chromium.org
Hi Sam,

Digital Asset Link verification is now performed on the device (whereas previously the device sent a request to a server and the verification was performed there). This means that you can now verify with a website that is not publicly available.

Your phone will need to be able to connect to the website for the initial verification, but we do cache this result. So if a user opens the app when offline, but verification had originally succeeded verification will succeed again.

Peter
Reply all
Reply to author
Forward
0 new messages