Urgent: PWA (Progressive Web App) Interference - Incorrect Content-Type for manifest.json a

https:eletricistaefaztudo.sampa.br

Dear Hosting Support Team,

I am writing to request urgent assistance with a critical issue affecting my Progressive Web App (PWA) functionality on my website, https://eletricistaefaztudo.sampa.br.

I have implemented a PWA, including manifest.json and sw.js files, which are essential for its proper operation (e.g., installability, offline capabilities). These files are located at the root of my domain.

Upon inspecting the network requests using browser developer tools, I found that requests for /manifest.json (and likely /sw.js as well) are being served with an incorrect Content-Type header of text/html, instead of application/json or application/javascript, respectively. Furthermore, the response content for these files is an HTML page containing a JavaScript challenge (similar to a bot protection script, e.g., /aes.js), rather than the actual JSON/JavaScript content.

This behavior is preventing the browser from parsing the manifest.json correctly (resulting in a “SyntaxError: Unexpected token ‘<’” at line 1, column 1) and from registering the Service Worker, thus breaking the core functionality of my PWA.

Given that my hosting uses Cloudflare, I believe this issue stems from the Cloudflare security/bot protection settings that are intercepting and modifying the responses for these specific PWA files.

To resolve this, I kindly request one of the following actions:

1. Option A (Preferred): Configure Cloudflare Page Rules/Security Settings Please configure Cloudflare to bypass security checks and any HTML modification/injection for the following specific URLs:

• https://eletricistaefaztudo.sampa.br/manifest.json
• https://eletricistaefaztudo.sampa.br/sw.js This configuration should ensure that these files are served directly with their correct Content-Type headers (application/json for manifest.json and application/javascript for sw.js) and without any injected HTML challenge.

2. Option B (Alternative): Temporarily Disable Cloudflare/CDN for my Domain If configuring specific bypass rules is not feasible or complex for your team, please temporarily disable Cloudflare (or any other CDN/security service that might be causing this) for my domain, https://eletricistaefaztudo.sampa.br, until I can fully diagnose and resolve the issue on my end, or find an alternative solution.

A functional PWA is critical for my website’s user experience and engagement. I appreciate your prompt attention to this matter.

Please let me know if you require any further information or access to my account.

Thank you.

I don’t know why you straight up assumed that we are using some Cloudflare things to do this. But anyways, there is indeed a security system tampering with PWAs, and cannot be disabled.

By far only one user has worked out a workaround, but we still didn’t know how it is done.

I assumed Cloudflare was being used because the results I got using Chrome’s code inspector were pretty consistent with their practices.

In any case, I appreciate the quick response and the information.

Best regards.

There was this topic from a few weeks where someone claimed they were able to make it work. Maybe this information could help you too?

It looks promising.

I’ll give it a try. I’ll be very happy if it works. I was already considering changing hosting.

Thank you very much!

Best regards.

I couldn’t overcome the problem. I worked hard on it and even had some success, manipulating my .htaccess file, implementing and configuring the Claudfrare CDN, but it was a very specific solution that would make it difficult to maintain and refine the site in the long term, and would even compromise the casual user experience.

I could implement the PWA routines through Claudfrare’s own resources. It would be a robust solution, but eventually I would run into the same problem. A difficult and complicated maintenance.

Even so, I appreciate the tip.

Cheers!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.