95f5234613
Expanded documentation to cover the new downloads manager, native context menu, OAuth/SSO and WebAuthn compatibility, and user agent strategy. Updated project structure and core concepts to reflect these features and clarified session and popup handling for authentication. Fixed minor typos and improved feature descriptions for clarity.
2.1 KiB
2.1 KiB
Google OAuth Sign-in Debug Guide
Changes Made to Fix Google Sign-in Issues
1. User Agent Strategy
- Nebula removes the default Electron token from the UA and appends
Nebula/<version>for better compatibility while still identifying the app. - The UA is applied at the session level (main/default sessions) so all tabs/webviews inherit it.
- To debug with Electron visible in UA, set environment variable
NEBULA_DEBUG_ELECTRON_UA=1before launch.
2. Webview and Window Behavior
- Webviews inherit secure defaults from
webPreferences. - Popup windows opened by sites (e.g., OAuth) are allowed for
http/httpsURLs to preserve login flows.
3. Session Configuration for OAuth
- Configured session permissions for OAuth compatibility.
- Added cookie change monitoring for Google domains.
- Enhanced request headers (Accept-Language, Accept) and
Referrer-Policyfor OAuth endpoints.
4. Unified Session Partitioning
- The main window uses partition
persist:main, and sessions are configured consistently so auth/session state is shared across tabs.
Testing Google Sign-in
- Open the browser (already running)
- Navigate to any Google service (Gmail, YouTube, Drive, etc.)
- Click Sign In - you should now see the Google account picker
- Select your account - should take you to password/2FA screen
- Complete sign-in - should successfully sign you in
Note: POST-based navigations are not blocked or intercepted by the main process to avoid stripping request bodies.
Debug Information
If issues persist, check the Console (F12) for:
- Cookie changes for Google domains
- OAuth redirect flows
- JavaScript errors
Common OAuth Issues Fixed
- ✅ Missing User Agent (Google blocks unidentified browsers)
- ✅ Third-party cookie restrictions
- ✅ Session isolation between tabs
- ✅ Missing referrer policies
- ✅ Popup blocking for OAuth flows
What Should Work Now
- Google account picker should appear
- Password entry screens should load
- Two-factor authentication should work
- OAuth redirects should complete properly
- Session should persist across tabs