What’s TWA?

Trusted Web Activity (TWA) lets you publish your Progressive Web App (PWA) to Google Play Store as an app and runs in full screen. It’s new (introduced on February 5, 2019) and has all Chrome features. Its predecessors are Chrome Custom Tab (CCT) and WebView. CCT has browser UI and WebView lacks some features such as web push notifications, therefor TWA is better than both of them. Be aware that it will use CCT if the user’s browser is older than version 72. Sounds great until I found the URL bar still exists.

HTTP Status Code

Both documents(here and here) said that the response HTTP status code of the assertlinks.json file must be 200. And I get a 304. It first occured to me that this must be the real reason, turned out it’s not. 304 is fine.

TWA uses Digital Asset Links to verify the app and the site belongs to the same developer. The Chrome bar will disappear if the verification successes. I followed this document, it works only when I insall the app on my phone directly but failed when I downloaded it from the play store. So I guess the problem is app signing. I formerly used the upload key’s fingerprint in assertlinks.json and enabled the App Signing by Google Play at the same time. In the end, the App is signed with Google’s key and my key got striped, the verification would fail certainly. The app signing process is annoyingly confusing.

The solution is to find Google’s signing certificate fingerprint in the Google Play Console (Release management -> App signing), then copy the SHA-256 fingerprint to the assertlinks.json file.

Now we can upload Kahla TWA app to the play store! You can view the TWA project code on Github.

.well-known Folder

The assertlinks.json file is placed in the /.well-known/ folder, this location is defined by RFC 8615. You can see all the other well-known URLs on INNA’s website, like EFF’s dnt-policy.txt.

Read More