-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Client not secure for android messages login #441
Comments
It seems like the latest version of the phone app no longer supports pairing with the QR code (at least, I can't find it now), so this problem makes it impossible to pair. |
I got stuck on this too, but have a complicating factor. |
I get the same message as the original post - the "This browser or app may not be secure". However, while troubleshooting, I stumbled across a workaround that lets me login. I tried starting the program with the --debug switch to try getting more troubleshooting information to share here. $ ./AndroidMessages --debug
[61919:0217/185412.944387:ERROR:node_bindings.cc(244)] Error parsing Node.js cli flags
electron: [DEP0062]: `node --debug` and `node --debug-brk` are invalid. Please use `node --inspect` and `node --inspect-brk` instead. So I then tried using the --inspect switch, because why not. The program started and let me login. This is the command output, for what it's worth. $ ./AndroidMessages --inspect
Debugger listening on ws://127.0.0.1:9229/961741b9-d61c-405d-8c49-44300d11d83a
For help, see: https://nodejs.org/en/docs/inspector
APPIMAGE env is not defined, current application is not an AppImage
[74550:0217/191924.083478:ERROR:nss_util.cc(349)] After loading Root Certs, loaded==false: NSS error code: -8018 After logging in and closing the program, I can open it again without the --inspect switch and I'm still logged in. |
@sansbyte: |
Same error on windows 11. |
I also got the message when trying to login, but then I added the @gmail.com to my username and it worked. |
Doesn't work for me. |
Does not work on Fedora 40. Tried with the --inspect toggle using the CLI and also clicked on the top sign. All to no avail. It is the app since the web version works. |
After trying a few times, the sequence: |
For me (running an Arch-based Linux distro), --inspect by itself did not work. I needed to use --inspect, then I had to select "Remove Account", click the red (-) icon next to my account, say "Yes, remove" and then re-enter my credentials. After that, I closed the app and re-ran without --inspect and it still worked. I thought maybe removing the account itself was what worked so I tried that after things were working from the above but removing didn't resolve the issue without first running --inspect. YMMV, I didn't want to mess around with it much more after getting it to work twice the original --inspect way |
I experienced this issue as well, on Linux Mint 21.3. The |
Modified how the user agent is set when sending headers. There were two issues that I was able to identify. First, the Google sign-in page sends requests to the youtube.com domain sometimes, so the existing replacement effect was not always firing. Adding a url entry for this domain fixes this problem. Second, Google sometimes doesn't like the hard-coded user agent this project was previously providing. I have no idea why -- this Electron/user agent/Google problem has been ongoing for years. I've solved this problem this time by instead taking the user agent Electron would have passed by itself and stripping out only the Electron-specific component. I don't know how long this fix will last, since Google seems intent on being opaque about how they determine if a browser is secure or not. Fingers crossed.
https://github.com/drislands/android-messages-desktop/tree/bugfix/441 I've attempted a fix. It's working consistently for me now, but I'd like to see if it works for other people before I open a PR. If there's anyone experiencing this issue, can you clone my project from the link above and see if it works for you? |
I haven't used github much so I'm not really sure what you mean by cloning your project. I thought I could maybe just download your code as a .zip then replace something in my Android Messages install folder with the most recently changed files you did, but there doesn't seem to be a background.ts in my install folder. |
@Vilacard you cannot juste replace the files, they need to be compiled first. I do know how to use GitHub but I don't have the time right now to setup the environment, would it be easy for you @drislands to build a Windows executable? |
@maelchiotti I'll see if I can package this up. I haven't done this for a JS project before so it may take some doing. |
Turns out that's not hard to do. @maelchiotti @Vilacard try the EXE attached to this release. I don't have a Windows machine I can test this on, let me know if there's any issues with getting this working and I'll try to sort it out. https://github.com/drislands/android-messages-desktop/releases/tag/411-fix.1 |
Thanks! I installed it and I am able to successfully login. |
Thank you! I will try it tomorrow to confirm if it's working. |
@drislands Worked perfectly, thank you so much |
Modified how the user agent is set when sending headers. There were two issues that I was able to identify. First, the Google sign-in page sends requests to the youtube.com domain sometimes, so the existing replacement effect was not always firing. Adding a url entry for this domain fixes this problem. Second, Google sometimes doesn't like the hard-coded user agent this project was previously providing. I have no idea why -- this Electron/user agent/Google problem has been ongoing for years. I've solved this problem this time by instead taking the user agent Electron would have passed by itself and stripping out only the Electron-specific component. I don't know how long this fix will last, since Google seems intent on being opaque about how they determine if a browser is secure or not. Fingers crossed. Co-authored-by: Doc Islands <dont@email.me>
Describe the bug
When attempting to sign in (not with a QR Code) it says it is not a supported browser / secure. See attached image.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Should allow you to login in a supported secure setting.
Screenshots
![image](https://private-user-images.githubusercontent.com/61894631/297447219-e0ab9df7-3168-4bbc-aa14-6c32cfe5561d.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjEwNDE3MzksIm5iZiI6MTcyMTA0MTQzOSwicGF0aCI6Ii82MTg5NDYzMS8yOTc0NDcyMTktZTBhYjlkZjctMzE2OC00YmJjLWFhMTQtNmMzMmNmZTU1NjFkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MTUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzE1VDExMDM1OVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTY1YjdmNWNiMzRmMDkzYWI3ZTNhNzdjYWI3YzNmZGY2NjBjZjUzYjY1YWJkNzZhYjkwYzg0ZDk3NDI2NDg2MjEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.yQvCbhOq-QfU7FFUJ96StCIhw4Xd4Yztub2FfW2wDKE)
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered: