Open richvdh opened 3 weeks ago
t3chguy
commented
3 weeks ago Safari 15 is not one of our supported browsers but we should fail more gracefully.
According to our support policy this issue should be closed
Definition: Issues only affecting unsupported environments are closed
richvdh
commented
3 weeks ago Can we not detect Safari 15 and show an error (in the same way that we do for browsers that are missing other required features)? I think we can do better than just close such issues out of hand.
t3chguy
commented
3 weeks ago Can we not detect Safari 15 and show an error (in the same way that we do for browsers that are missing other required features)?
We do feature detection, not browser detection for those. Modernizr doesn't seem to have a way to detect wasm-unsafe-eval support nor can I find one using JS. Safari also often obfuscates user agent details like claiming I'm on macOS Catalina (10.15.7) on this machine. Plus a lot of privacy extensions go further on this front so parsing UA should be avoided in favour of feature detection.
I think we can do better than just close such issues out of hand.
Then I suggest bringing this up as a topic of discussion in the weekly chapter meeting, otherwise this goes against policy.
kegsay
commented
1 week ago Can we do the bad thing and just grep the error message then? Given it'll mention unsafe-eval: E Unable to load session Refused to create a WebAssembly object because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive:
The failure mode is pretty horrible, as it means as we roll out EW-R to more users, they will just end up with a broken app which won't load.
Not being an Apple user myself, I can't reproduce this, but we have had some reports from users on Safari 15 of "Unable to restore session" errors.
Safari 15 is not one of our supported browsers but we should fail more gracefully.
It appears that, before Element R, you would get an application which mostly worked, but still didn't support encryption (rageshakes showed:
Failed to load Olm). This is now worse, because failure to instantiate the crypto stack means that the application doesn't load at all (see also https://github.com/element-hq/element-web/issues/27424).[Context: the cause of the failure is our use of a
script-src: "wasm-unsafe-eval"content security policy, which is unsupported on Safari 15 This is is required for any WASM to be loaded (see MDN. In theory you can also usescript-src: "unsafe-eval", but this is dangerous).]