7

I recently started forcing HTTPS and non-WWW forms for the URL of my React PWA through the .htaccess file, but this is apparently preventing certain applications (such as pwabuilder.com) from accessing public files of the app, such as its web manifest. That said, there are certain applications, such as Chrome mobile that allow me to access the manifest. How can I make it always accesible?

My .htaccess file is structured like this:

<IfModule mod_rewrite.c> 
  RewriteEngine On
  RewriteCond %{HTTPS} off [OR]
  RewriteCond %{HTTP_HOST} ^www\. [NC]
  RewriteRule ^ https://aurora.igloo.ooo%{REQUEST_URI} [L,NE,R=301]
</IfModule>
<IfModule mod_rewrite.c> 
  RewriteEngine On  
  RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -f [OR]
  RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -d
  RewriteRule ^ - [L]

  RewriteRule ^ /index.html [L]
</IfModule>

The file that pwabuilder.com can't access is hosted on https://aurora.igloo.ooo/manifest.json

Samuele Dassatti
  • 259
  • 3
  • 15
  • Can you share your .htaccess, and exact path to one of the public files that are not accessible? – Dusan Bajic Dec 30 '18 at 08:44
  • I edited my question with the .htaccess file – Samuele Dassatti Dec 30 '18 at 10:04
  • There doesn't seem to be anything "wrong" with your `.htaccess` file that would prevent these applications from accessing these files. Just as you can access that file with any browser, so should the other application. ...Unless perhaps these other applications are not requesting the canonical URL (HTTPS + www) and do not follow redirects?! You should check your server's access log to see what requests are hitting your server and how your server is responding. Do these other applications not give you a more meaningful error? – MrWhite Jan 05 '19 at 22:53
  • The response from `https://aurora.igloo.ooo/manifest.json` comes back from "nginx/1.2.1", not Apache? – MrWhite Jan 07 '19 at 23:01
  • @MrWhite nginx can be used as proxy server, so you can't know exactly which server is really answering the request, but assumed the content is dynamic the answer can come from apache or another web-server while static files are directly served by nginx. Can be completely different, but it's a technical option. – David Jan 08 '19 at 00:46
  • 1
    @David Yes - I was really just trying to draw this to the attention of the OP, as they made no reference to this in the question. If nginx is being used as a proxy then it potentially changes the focus of the question. – MrWhite Jan 08 '19 at 23:38

2 Answers2

3

aurora.igloo.ooo has a strange server and preventing some requests from accessing manifest.json.
First time when I clicked your link, I saw the manifest.json. Then I called the main-page by removing the filepath, clicked back in browser-history to see the manifest again and got this shown (with http-response-code 200):

enter image description here

Looking at it in the network-console it's still getting more confusing but also leads to the source of the error:

enter image description here

It's complaining about missing enabling of javascript, so they make some weird things with javascript and probably some hidden redirect too (else the response code would be 3xx). Perhaps they never want the manifest being accessed from outside and it's not configured properly and can be seen under some conditions.

I don't have a quick solution for your problem but it's quite obvious that some clients can't access the manifest and you've to search for another solution. If you're working for aurora.igloo.ooo you've to speak with the frontend-developers and/or server-admins to change something, else you've to offer your own manifest-file. Also it's possible that they offer a solution for the problem, but for that you've either to have access to some FAQ or knowledge-base or you've to contact the support.

David
  • 5,882
  • 3
  • 33
  • 44
1

Having read about manifest-files on desktop it would force another user-experience and at least in chrome change the complete window. While that might be cool for some special pages it also could be confusing.
Here are the three links I read about it:

  1. https://developers.google.com/web/fundamentals/web-app-manifest/
  2. https://developers.google.com/web/fundamentals/app-install-banners/
  3. https://developers.google.com/web/progressive-web-apps/desktop

My assumption is that aurora.igloo.ooo never want to break with common browsing experience by showing a special app-window on desktop, therefore they prevent the manifest from loading properly on desktop.
I just read the first time about it, so the technical behavior like I understood it might be wrong or it's not the complete technical background.
At least the impression I got is that on desktop it should be considered twice if a website shall run as web-app. If you choose this solution nevertheless, you probably need still find more information about it but the links I posted might be a good start and offer still further details and links.

Another reason to decide against a web-app for desktop might be the compatibility between browsers, as support of technical options is very differing:
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json#Browser_compatibility

David
  • 5,882
  • 3
  • 33
  • 44