There is a Cordova issue when trying to deploy onto Android which I have tracked down and can now see same issue in the default Meteor example app :
https://github.com/meteor/simple-todos
When deployed using https through nginx the Account sign-in widget
which should appear on the initial screen (see screenshot below)
Sign in ▾
fails to appear on Android yet appears and works OK on desktop browser
… without https although still using nginx it is OK on Android and elsewhere.
This issue is causing our app to just hang on Android using https showing a blank white screen saying
Loading...
and never reaching our initial login screen … our iOS app and any desktop browser is OK using https … its just Android which is failing
Has anyone seen this issue ?
here is browser with https using nginx with Sign in widget inside RED circle
here is Android with https using nginx Notice missing Sign in widget
here is Android with http using nginx Notice it correctly has Sign in widget
I am leaning toward believing its a Meteor / Cordova issue since my app is fine using iOS … in any case here is my nginx config using https
worker_processes 1;
error_log /var/log/nginx/error.log info;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS
return 301 https://$host$request_uri;
}
server {
# force http to use https
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
ssl_certificate /somepath/nginxcerts/primacyofdirectexperience.com/fullchain.pem;
ssl_certificate_key /somepath/nginxcerts/primacyofdirectexperience.com/privkey.pem;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_session_tickets on;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers On;
add_header Strict-Transport-Security "max-age=31536000; preload; includeSubDomains";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Xss-Protection "1";
# Your favorite resolver may be used instead of the Google one below
resolver 8.8.8.8;
server_name primacyofdirectexperience.com;
proxy_buffering off;
proxy_http_version 1.1;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_set_header Host $host:$server_port;
proxy_set_header Referer $http_referer;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
location / {
proxy_pass http://45.55.49.67:3000;
}
}
}