iOS 14 Universal Links timeout error with Apple CDN

Safari & Web General
Shin5 OP
Created Aug ’20
Replies 5
Boosts 0
Views 7.8k
Participants 4
Our app is using 2 domains of Universal Links.
One for our main domain, the other is provided by Adjust.

iOS 12, iOS 13:
Both domains work correctly.
This means apple-app-site-association files are valid.

iOS 14 beta 5:
Adjust one is working, but main domain's Universal Links is not working. This issue has been persisting for a month.

Device: iPhone XS Max, iOS 14 beta 5
SDK: iOS 14 beta 5

apple-app-site-association

Code Block json
{
  "applinks": {
    "apps": [],
    "details": [
      {
        "appID": "XXXXXXXXX1.com.example.APP",
        "paths": ["NOT /aaa/", "*"]
      },{
        "appID": "XXXXXXXXX2.com.example.APP.enterprise.production",
        "paths": ["NOT /aaa/", "*"]
      },{
        "appID": "XXXXXXXXX2.com.example.APP.enterprise.staging",
        "paths": ["NOT /aaa/", "*"]
      }
    ]
  }
}

We have not been updated this file for over a year, and no plan to change any time soon.

sysdiagnose (iOS 14 beta 5)


Code Block 
--------------------------------------------------------------------------------
Service:              applinks
App ID:               XXXXXXXXXX.com.example.APP
App Version:          4.0
App PI:               <LSPersistentIdentifier 0x104e305b0> { v = 0, t = 0x8, u = 0xaf4, db = A16B541E-0D61-4813-A711-FCF89CF22411, {length = 8, bytes = 0xf40a000000000000} }
Domain:               app.example.com
User Approval:        unspecified
Site/Fmwk Approval:   unspecified
Flags:               
Last Checked:         2020-08-25 04:08:09 +0000
Next Check:           2020-08-25 07:49:53 +0000
Error:                Error Domain=SWCErrorDomain Code=7 "SWCERR00301 Timeout -- {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"}" UserInfo={Line=274, Function=-[SWCDownloader URLSession:dataTask:didReceiveResponse:completionHandler:], NSDebugDescription=SWCERR00301 Timeout -- {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"}, UnderlyingError=Error Domain=HTTP Code=404 "(null)" UserInfo={Line=274, Function=-[SWCDownloader URLSession:dataTask:didReceiveResponse:completionHandler:]}}
Retries:              2
--------------------------------------------------------------------------------
Service:              applinks
App ID:               XXXXXXXXXX.com.example.APP
App Version:          4.0
App PI:               <LSPersistentIdentifier 0x104e305b0> { v = 0, t = 0x8, u = 0xaf4, db = A16B541E-0D61-4813-A711-FCF89CF22411, {length = 8, bytes = 0xf40a000000000000} }
Domain:               xxxx.adj.st
Patterns:             {"/":"/*"}
User Approval:        unspecified
Site/Fmwk Approval:   approved
Flags:               
Last Checked:         2020-08-25 04:08:09 +0000
Next Check:           2020-08-30 03:57:44 +0000


Our server is fast enough, probably located somewhere in Japan.

Could you suggest me if I'm missing something, or Apple CDN has any issue crawling aasa files?



Answered by Technology Evangelist in 632874022
The user-agent string for the Apple App Site Association CDN bot is:

Code Block 
AASA-Bot/1.0.0


If you're blocking the above, once unblocked, it may take several hours for the object to be refreshed across all caches.
Replies  5
Boosts  0
Views  7.8k
Participants  4
Shin5 OP
Aug ’20
This is our server's apple-app-site-association detail.

Code Block 
curl -v https ://app.example.com/.well-known/apple-app-site-association
*   Trying XX.*.XX.*...
* TCP_NODELAY set
* Connected to app.example.com (XX.*.XX.*) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: businessCategory=Private Organization; jurisdictionCountryName=JP; serialNumber=XXXX-XX-XXXXXX; C=JP; ST=Tokyo; L=XXXXXX; O=XXXXXX; OU=XXXXXX; CN=www .example.com
*  start date: May  8 00:00:00 2020 GMT
*  expire date: Aug  3 12:00:00 2022 GMT
*  subjectAltName: host "app.example.com" matched cert's "app.example.com"
*  issuer: C=US; O=DigiCert Inc; OU=www .digicert.com; CN=DigiCert ECC Extended Validation Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fade700f600)
 > GET /.well-known/apple-app-site-association HTTP/2
 > Host: app.example.com
 > User-Agent: curl/7.64.1
 > Accept: */*
 >
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
 < HTTP/2 200
 < server: Apache
 < last-modified: Tue, 25 Aug 2020 05:44:52 GMT
 < x-content-type-options: nosniff
 < x-xss-protection: 1; mode=block
 < content-type: application/json
 < date: Thu, 27 Aug 2020 01:56:23 GMT
 < content-length: 445
 <
{
  "applinks": {
    "apps": [],
    "details": [
      {
        "appID": "XXXXXXXXX2.com.example.APP",
        "paths": ["NOT /aaa/", "*"]
      },{
        "appID": "XXXXXXXXX1.com.example.APP.enterprise.production",
        "paths": ["NOT /aaa/", "*"]
      },{
        "appID": "XXXXXXXXX1.com.example.APP.enterprise.staging",
        "paths": ["NOT /aaa/", "*"]
      }
    ]
  }
* Connection #0 to host app.example.com left intact
}* Closing connection 0

(inserting some spaces in several URLs above due to this forum's restriction)

0
Shin5 OP
Sep ’20
Our server team identified the User Agent of Apple CDN.
And allowing a bot access with that UA is fixed this issue.
I hope Apple disclose the details of Apple CDN soon.
0
Technology Evangelist OP
Apple
Sep ’20
Accepted Answer
The user-agent string for the Apple App Site Association CDN bot is:

Code Block 
AASA-Bot/1.0.0


If you're blocking the above, once unblocked, it may take several hours for the object to be refreshed across all caches.
1
Swagata_Sarangi OP
Oct ’20
Is there any issue in universal link?
Bcoz suddenly universal link not working in app.

0
RedDevil4Ever OP
Jan ’21
We're facing the same issue for our App's Universal Links in iOS 14+
Here is the sysdiagnose from iOS 14.3 device

Code Block --------------------------------------------------------------------------------
Service: applinks
App ID: ********.com.s4m.***
App Version: 192.0
App PI: <LSPersistentIdentifier 0x105219330> { v = 0, t = 0x8, u = 0x8e0, db = 71F75FB7-6D38-49FA-9299-A8A115C60A84, {length = 8, bytes = 0xe008000000000000} }
Domain: ***.***********.com.kw
User Approval: unspecified
Site/Fmwk Approval: unspecified
Flags: 
Last Checked: 2021-01-24 08:52:10 +0000
Next Check: 2021-01-24 12:14:47 +0000
Error: Error Domain=SWCErrorDomain Code=7 "SWCERR00301 Timeout -- {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"}" UserInfo={Line=274, Function=-[SWCDownloader URLSession:dataTask:didReceiveResponse:completionHandler:], NSDebugDescription=SWCERR00301 Timeout -- {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"}, UnderlyingError=Error Domain=HTTP Code=404 "(null)" UserInfo={Line=274, Function=-[SWCDownloader URLSession:dataTask:didReceiveResponse:completionHandler:]}}
Retries: 1
--------------------------------------------------------------------------------
Service: webcredentials
App ID: ******.com.s4m.***
App Version: 192.0
App PI: <LSPersistentIdentifier 0x105219330> { v = 0, t = 0x8, u = 0x8e0, db = 71F75FB7-6D38-49FA-9299-A8A115C60A84, {length = 8, bytes = 0xe008000000000000} }
Domain: ***.*************.com.kw
User Approval: unspecified
Site/Fmwk Approval: unspecified
Flags: 
Last Checked: 2021-01-24 08:52:10 +0000
Next Check: 2021-01-24 12:14:47 +0000
Error: Error Domain=SWCErrorDomain Code=7 "SWCERR00301 Timeout -- {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"}" UserInfo={Line=274, Function=-[SWCDownloader URLSession:dataTask:didReceiveResponse:completionHandler:], NSDebugDescription=SWCERR00301 Timeout -- {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"}, UnderlyingError=Error Domain=HTTP Code=404 "(null)" UserInfo={Line=274, Function=-[SWCDownloader URLSession:dataTask:didReceiveResponse:completionHandler:]}}
Retries: 1

Our association-file containing server has no VPN connection and is not blocking the user-agent string for the Apple App Site Association CDN bot but still the Universal links just redirect users to safari not the App.

Any help would be really appreciated!

EDIT: screen shot of the bot accessing the domain association file "https://imgur .com/xUgZekD" remove space please


0
iOS 14 Universal Links timeout error with Apple CDN
First post date Last post date
 
 
Q