Open joycetoh8 opened 9 months ago
Adding some more details:
To allow both things, It seems that separating the URL used to bootstrap the app from the webManifestURL
would be the best way to go.
My proposed solution would be to ask the developer for the Manifest URL when creating the application, using the one provided to bootstrap it as default, and validate if it is HTTPS when doing that.
For ChromeOS, https should be enforced for the manifest URL as PWAs are not allowed to use http. If a http manifest URL is used to create a TWA via Bubblewrap, ChromeOS will install the PWA with http causing a weird launch behavior from Play.