1

I'm trying to integrate Twitter sharing functionality into my Android PhoneGap application, and rather than re-implement the controls to shorten URLs and track tweet length, I thought I'd use their premade web intents at https://twitter.com/intent/...

So I'm trying to launch a URL like https://twitter.com/intent/tweet?text=Hello in a ChildBrowser window, so that I can let Twitter's interface take over. The user could sign in with their credentials, and once they're signed in, the text from the URL params would appear in the Tweet box.

It won't work. When I use http://twitter.com/intent/... instead of https://twitter.com/intent/... , ChildBrowser displays the sign-in screen, but as soon as the user submits their credentials, the screen goes white. I suspect this is because Twitter switches over to HTTPS.

I confirmed that this was the case by trying a simple window.open instead of window.plugins.childBrowser.showWebPage. I have no problems with HTTP / HTTPS when using the native browser on Android. However, the native browser prompts me to accept an unverified security certificate. I suspect this is the problem with ChildBrowser - it doesn't know how to handle that prompt.

Using the native browser popover simply isn't an option: the user needs to be able to exit the process after hitting 'Tweet' or 'Follow', etc., but the 'back' button on the Android device simply moves the history one step backward to the POST action for their intent. Then, it re-launches the app from scratch, instead of returning you to the original state.

How can I configure ChildBrowser / my Android Phonegap application to override SSL issues on Twitter, so that I can run web intents in Childbrowser?

The relevant code is:

base="https://twitter.com/intent/tweet?text="; 
URL=base+encodeURIComponent("it works!"); 

// works, but asks to accept a certificate
window.open(URL);

// blank white page
window.plugins.childBrowser.showWebPage(URL, { showLocationBar: true });

My cordova.xml file has whitelists configured as such:

<access origin="http://127.0.0.1*"/> <!-- allow local pages -->

...which I don't suspect should be a problem. However, a basic test of swapping origin=".*" yielded no change in behaviour.

I've also examined the HTTP and HTTPS headers for the Twitter intent landing pages. There doesn't appear to be anything out of line - they're identical, except for the Strict-Transport-Security header for HTTPS, which works elsewhere (e.g. Github).

Please help!

StickByAtlas
  • 357
  • 2
  • 14
  • By the way - I already tried setting `debuggable="true"` in the Android manifest file, but that didn't work. – StickByAtlas Jun 02 '12 at 20:09
  • @Simon Another piece of the puzzle - I'm using Phonegap / Cordova 1.7.0. After reading http://groups.google.com/group/phonegap/browse_thread/thread/83363ce5a77fcfdb?fwc=2 I thought that this might be worth knowing. – StickByAtlas Jun 02 '12 at 22:09
  • Apparently, I'm not the only one who has had problems with Twitter in Childbrowser. Please see: http://stackoverflow.com/q/10107661/697061 – StickByAtlas Jun 02 '12 at 22:14

1 Answers1

0

The ChildBrowser is not bound by the whitelist. The whitelist is only used to keep the main PhoneGap app from running code outside of trusted domains.

I'm confident if you go get the latest ChildBrowser code from Android you won't have run into this problem anymore. We've made some changes recently that make it more robust.

Also, Libby has a good tutorial integrating Twitter and the ChildBrowser.

http://www.mobiledevelopersolutions.com/home/start/twominutetutorials/tmt5p1

Simon MacDonald
  • 23,253
  • 5
  • 58
  • 74
  • I just downloaded and hooked up ChildBrowser today, so the code is as up-to-date as can be expected. I'll try re-downloading and swapping out, but I'm pretty sure the SSL problem will persist. I'm familiar with the TMT tutorial. It's definitely the best practice, but it will take a lot more work than simply using Twitter's ready-made tweet tool. – StickByAtlas Jun 02 '12 at 21:51
  • Weird, I can't reproduce your problem using the exact code that you posted. – Simon MacDonald Jun 04 '12 at 14:04
  • Try this: in your `deviceReady` listener, add the following code: `window.plugins.childBrowser.showWebPage("https://twitter.com/intent/follow?screen_name=stickbyatlas", { showLocationBar: true });` It all boils down to that - does that URL load for you in ChildBrowser? – StickByAtlas Jun 04 '12 at 14:29
  • Also - apparently, you can't copy and paste the line of code I posted above. I just tried copying `https://twitter.com/intent/follow?scre‌​en_name=stickbyatlas` from the above comment and pasting it in a web browser, and it inserts some strange characters. You'll have to type it out manually... – StickByAtlas Jun 04 '12 at 14:36
  • After I fix the URL I see the following: https://dl.dropbox.com/u/887989/twitterintent.png So it all looks good to me right now. – Simon MacDonald Jun 04 '12 at 14:42
  • How strange. I see one immediate difference - I'm using Android 2.3 as my emulator VM, whereas it looks like you're using 3.x or 4.x. Can you see if you can reproduce the issue on 2.x? – StickByAtlas Jun 04 '12 at 14:48
  • I just changed my build target to Android 4.0, and now ChildBrowser is rendering the Twitter intents just fine. Also, a correction to my above comment - I was in fact using Android 2.1 earlier. I will try 2.3 and see if the problem disappears. It would be nice to support the 2.x platform, if at all possible. Any idea what could be causing this problem on 2.1? Not sure if it's relevant, but I found this: http://stackoverflow.com/questions/4461360/how-to-install-trusted-ca-certificate-on-android-device – StickByAtlas Jun 04 '12 at 15:09
  • Changing my virtual device to Android 2.3 fixed the problem. So I guess I have to support 2.3+, which isn't the end of the world. If you'd like to do some investigation, determine whether this is a ChildBrowser problem or a 2.1 problem, and report your findings, I'd be happy to accept that as the answer for this issue. Thank you for your help so far! – StickByAtlas Jun 04 '12 at 15:17
  • Yeah, I was using the 2.3 emulator. I've been able to reproduce the issue on the 2.1 emulator but I see nothing in the logs so I'm at a loss of how to debug it right now. – Simon MacDonald Jun 04 '12 at 16:28