Skip to content

iOS v12 Https requests errors / Https requests don't reach backend #112

Closed
@peterpeterparker

Description

@peterpeterparker

Bug Report

Describe the Bug

We, I and other Ionites, noticed that https requests on iOS v12 are failing respectively never reach our backends. Some are facing preflight error or typical CORS errors but in any case, requests aren't reaching our backend.

When it comes to me, I could confirm that my app is productive and the fact that this error only occurs on iOS >= v12

Errors

In Xcode 10 Beta I get the following error:

{“headers”:{“normalizedNames”:{},“lazyUpdate”:null,“headers”:{}},“status”:0,“statusText”:“Unknown Error”,“url”:null,“ok”:false,“name”:“HttpErrorResponse”,“message”:“Http failure response for (unknown url): 0 Unknown Error”,“error”:{“isTrusted”:true}}

I added so much log I could on my backend API side, unfortunately nothing was parsed, it looks like nothin reach it

Report

I have reported my problem to Apple too. Can't tell if it's an iOS v12 bug or an improvement which should be developed in the WkWebView plugin in order to be compatible for v12, therefore I allowed my self to open this issue

Other resources

Discussion on the Ionic forum: https://forum.ionicframework.com/t/ios-12-beta-preflight-requests-fail/132177/9

Open radar about a similaire issue: https://openradar.appspot.com/radar?id=4959044250894336

Stackoverflow: https://stackoverflow.com/questions/50707146/ios-v12-https-requests-errors

Version

cordova-plugin-ionic-webview: 1.2.1
ionic-angular: 3.9.2
angular/http: 5.0.0
node: 10.2.1

Note

It fails with any https requests but if you need a repo to reproduce the problem, sure let me know, I will take the time if needed

Node / Express

I set the following headers in my backend, which like I said, works find till iOS < v12

var allowedOrigins = ["https://example.com", "http://ionic.local", "http://localhost:8080"];

 var origin = req.headers.origin;
 if(allowedOrigins.indexOf(origin) > -1){
        res.setHeader('Access-Control-Allow-Origin', origin);
 } else {
        res.setHeader("Access-Control-Allow-Origin", "https://example.com");
    }

 res.header("Access-Control-Allow-Credentials", "true") 
 res.header("Access-Control-Allow-Headers", "Origin, Authorization, Content-Type, Content-Range, Content-Disposition, Content-Description, X-Requested-With, X-ACCESS_TOKEN");
 res.header("Access-Control-Allow-Methods", "GET,PUT,POST");

Note: Even if I set res.setHeader('Access-Control-Allow-Origin', '*'); if won't work, really have the feeling the https query doesn't reach the backend, I did add some logging in that section of my backend but nothing was logged

Side note

On the same simulated device with iOS v12, I opened Safari and used my Angular web app to see if I was facing the same problem (in my web app I use angular http too the query the same backend) which actually wasn't the case, no problem there

Activity

mhartington

mhartington commented on Jun 6, 2018

@mhartington

@peterpeterparker Thanks for the issue! We'll be tracking this and keeping an eye on things.
WWDC builds of iOS tend to have quite a few bugs, so we'll need to keep checking this, as it could be a bug in this build of WKWebview

peterpeterparker

peterpeterparker commented on Jun 6, 2018

@peterpeterparker
Author

@mhartington really nice to hear that, thx for the support 👍

Craytor

Craytor commented on Jun 8, 2018

@Craytor

Also, for the record, I can attest that this is indeed an issue. I really hope Apple is able to resolve it!

lassic

lassic commented on Jun 11, 2018

@lassic

Haven't tried iOS 12 yet, but I can say that from iOS > 11.3 WKWebView fails on navigator.sendBeacon to HTTPS. The same POST with XHR is successful (also HTTP is successful, it's a TLS issue).

The client seems to break the connection right after the TLS handshake is complete.
and console shows "Failed HTTP authentication" error.
Interestingly, forcing the browser to preconnect with: <link href='https://...' rel='preconnect' crossorigin/> before calling sendBeacon makes it succeed (seems that preconnect creates a valid TLS session that can then be reused).

Wild guess, but perhaps XHR in iOS 12 is now reusing the same code that broke sendBeacon in > 11.3?

Pittan

Pittan commented on Jun 12, 2018

@Pittan

I'm facing with the same issue.
I'm using just a WKWebView + Angular instead of ionic + cordova.
I think it is a bug for WKWebView in v12, too. No problem with Safari here.

sunderls

sunderls commented on Jun 12, 2018

@sunderls

run into this issue as well.
Same CORS settings works on iOS11

Serlight

Serlight commented on Jun 12, 2018

@Serlight

I test HTTP work well, but HTTPS run into this issue.
when post with form-data work well, if post with son-data, will run into this issue

mewehren

mewehren commented on Jun 12, 2018

@mewehren

IOS 12 beta2 fix it?

mhartington

mhartington commented on Jun 12, 2018

@mhartington

@peluqui2010 Beta 2 is not out yet.

@peterpeterparker Could you create a sample test project to test against? This way, as new beta's are released, we can test against some real code. We can also test this in mobile safari as well since that also uses wkwebview

peterpeterparker

peterpeterparker commented on Jun 12, 2018

@peterpeterparker
Author

@mhartington sure I'll right now

Is it ok if I send you an invite to get the test project thru a private bitbucket repo? Not to difficult to find but still I would be happy to keep my productive api backend a bit under radar you know...

mhartington

mhartington commented on Jun 12, 2018

@mhartington

Sounds good. it's mahrtington on bitbucket as well.

peterpeterparker

peterpeterparker commented on Jun 12, 2018

@peterpeterparker
Author

@mhartington I have build the same repo and invited you, let me know if everything is alright

IMPORTANT I discovered something really interesting while developing this sample repo, actually, Https GET queries are still fine with iOS v12 but I face problems with POST requests

GET = OK

const params: HttpParams = new HttpParams();
this.httpClient.get('https://example.com/route/', {params: params}).subscribe...

POST = KO

 let headers:HttpHeaders = new HttpHeaders();
 headers.append('Content-Type', 'application/json');
 this.httpClient.post('https://example.com/route/', {}, {headers: headers}).subscribe(....

Would be happy to hear if someone could confirm that

P.S.: I didn't tried PUT and DELETE

mhartington

mhartington commented on Jun 12, 2018

@mhartington

@peterpeterparker are you in the ionic slack? Got a few questions for you

peterpeterparker

peterpeterparker commented on Jun 13, 2018

@peterpeterparker
Author

@mhartington don't think I'm now, you could send me an invite plz

31 remaining items

Loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @joseph@mlynch@devakone@gregavola@timbru31

        Issue actions

          iOS v12 Https requests errors / Https requests don't reach backend · Issue #112 · ionic-team/cordova-plugin-ionic-webview