Security

Reply
Contributor I

Social login Google - disallowed_useragent

When using social login for google+ and we don't enable 'bypass Apple CNA', the clients (mostly iOS) receive and error 403 This user-agent is not permitted to make an OAuth auth request to Google as it is classified as an embedded user-agent (also known as a web-view).

This is quite annoying since not using the Apple CNA, makes it tedious for the user to manually open a browser and open an URL.

Is there any way to circumvent this behaviour?

Guru Elite

Re: Social login Google - disallowed_useragent

Unfortunately no. You need to bypass CNA. You can thank Apple for making the CNA so restrictive.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: Social login Google - disallowed_useragent

Thanks for the quick answer, I'll have to dissapoint the customer unfortunatly.

Guru Elite

Re: Social login Google - disallowed_useragent

Please ask them to send their feedback to their Apple respresentative. They don't listen to us. 😊

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Highlighted
New Contributor

Re: Social login Google - disallowed_useragent

 Same Story

 

I ended up hiding the google button when inside the Apple CNA that way they can't click on it and get the error. 

 

{if ($_wpl.browser.is_iphone || $_wpl.browser.is_ipad) && $_wpl.browser.is_mobile && (strpos($_wpl.browser.user_agent, 'Safari') == false)}
{literal}
<script>
var x = document.getElementsByClassName("btn-google");
var i;
for (i = 0; i < x.length; i++) {
x[i].style.display = "none";
}
</script>
{/literal}
{else}

{/if}

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: