Question:
Hello! I’m working with a program called AusweisApp, which is distributed through government services for working with ID cards. The app acts as a server on the local host and awaits data from our authentication website.
We have a script, eid.js, which first determines if the user is on a smartphone or a PC/Mac.
If it’s a PC/Mac, it checks if the AusweisApp client is running on that machine.
If it’s running, the script redirects to the local AusweisApp server.
This mechanism works on Windows and partially on macOS (in Chrome, Edge, and Firefox), but in Safari, an error occurs where the browser cannot open the address of the local server.
It seems like the issue is due to “mixed content” because our page is opened via HTTPS, while the local server is running on HTTP.
eid.js
`this.openURL = function (url) {
// it can take a while for the dialog to appear
// gives user time to allow open the app before they are forwarded to the app store.
const dialogTimeout = 5000;
setTimeout(function () {
if (!didHide && options.onIgnored) {
options.onIgnored();
}
}, dialogTimeout);
window.location = url;
};`
We have examples of websites where this technology is successfully implemented:
Arbeitsamt.de
id.bund.de
Can anyone help me understand how this issue is solved on these sites so that we can adapt it for our project? Any suggestions would be greatly appreciated!
Links:
Wikipedia page on AusweisApp
Official AusweisApp website
We have tried allowing mixed content in the browser settings, which works but is not ideal since it requires manual intervention by the user. We expected the redirection to work seamlessly across all browsers.
It seems like the issue is due to “mixed content” because our page is opened via HTTPS, while the local server is running on HTTP.
We have examples of websites where this technology is successfully implemented:
Arbeitsamt.de
id.bund.de