[Webkit-unassigned] [Bug 259861] [iOS] Attempting to load Wallet pass from api.americaspharmacy.com results in Safari showing a failure alert
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 9 10:51:56 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=259861
Alexey Proskuryakov <ap at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Unable to load a website on |[iOS] Attempting to load
|any WebKit browser unless |Wallet pass from
|on a desktop browser on |api.americaspharmacy.com
|other platforms |results in Safari showing a
| |failure alert
CC| |ap at webkit.org,
| |karlcow at apple.com
--- Comment #2 from Alexey Proskuryakov <ap at webkit.org> ---
When this website sees an iOS user agent, it attempts to provide a Wallet pass instead of an HTML document that it sends to other browsers.
$ curl -i 'https://api.americaspharmacy.com/wallet/samsclub-card-pass' --header 'User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1'
HTTP/1.1 200 OK
Date: Wed, 09 Aug 2023 17:41:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: Express
Content-Type: application/vnd.apple.pkpass
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: frame-ancestors 'self' *.medimpact.com;
Transfer-Encoding: chunked
Not yet certain if this is a bug in Safari or WebKit, or something wrong with the website. But this explains why the behavior is different between iOS and desktop.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230809/832692d2/attachment.htm>
More information about the webkit-unassigned
mailing list