Universal Links deep-link non-whitelisted routes

Originator:itsbusticated
Number:rdar://23316524 Date Originated:29-Oct-2015 10:26 AM
Status:Open Resolved:
Product:Safari Product Version:
Classification:Serious Bug Reproducible:Always
 
using the following configuration within the apple-app-site-association:

"paths": [ 
    "/",
    "/explore",
    "/explore/*",
    "/stories/top",
    "/mostviewed",
    "/most-viewed",
    "/stories/*",
    "/s/*",
    "/search",
    "/search/*",
    "/search/hashtags/*" 
]

links to /users/auth/twitter/callback are deep-linked

note that in this specific case, the urls impacted are those used by our OAuth flow - so currently our users are not able to sign-in or register using social services (twitter, etc) when visiting our site on safari on iOS.

Steps to Reproduce:
1. install the steller app http://stlr.co/getsteller (lol - not trolling for users here)
2. visit https://steller.co
3. click the "sign-in" link in the nav bar located top-left of the page
4. sign-in using whatever social network you want

NOTE: you do not need an account w/ steller to repro the issue. 

Expected Results:
OAuth redirect flow completes - you are able to to sign-in to your social identify provider (e.g. twitter, etc) and upon returning to steller.co, you are either signed in or prompted to register a new account.

Actual Results:
OAuth redirect is broken after signing into your social identify provider - steller app is launched, link is recognized as unsupported, you are redirected back to steller.co but now see an error page ("Steller will be back shortly..."

NOTE: we maintain a blacklist internally within the app - if we see an incoming Universal Link from a blacklisted url, we redirect back out to safari.

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!