[Feature] TLS support for playwright UI running on port/host

[kalvenschraut]

My company develops everything off a remote workstation and with the playwright being able to run on a port/host as of the last release this enables us to not have to vnc to the workstation to interact with the UI.

I was trying to access the UI from home via a VPN, but without TLS running the UI won't work due to the UI using a service worker. Service workers only function with a valid cert in place or on localhost. Currently my options are to port forward to my localhost on my home computer, or put the playwright server behind an nginx server that handles the TLS connection.

Both the options are not ideal and I would like to see playwright handle the TLS since its using service workers.

[yury-s]

There is no good place for us to get a valid certificate when serving for your local machine. There are two options for you:

1. Do something similar to what Codespaces do with port forwarding. I believe this is what you mean by bringing up nginx server in front of playwright.
2. Run a proxy on your local machine which will forward all requests to the remote playwright server. This way UI mode will be served from localhost which is considered secure.
   Would that work?

[kalvenschraut]

1. Port forwarding at least for me sounds more like using ssh to port forward port x on remote machine to port y on localhost. Which works fine and what I am doing now.
2. Using a proxy to provide TLS is somewhat similar to what I mentioned for nginx. Nginx is a proxy handling the TLS and then sends traffic to the playwright UI mode server.

The best solution IMO would be for playwright to add a cert option where we can provide a valid cert for playwright to use in its server. I would rather go this route then having to setup a completely separate proxy with a valid cert in place, or instruct each one of my developers on how to port forward.

This is how vite handles https https://vitejs.dev/config/server-options.html#server-https.

[skamansam]

I consider this to be a major bug. When I start my playwright instance with --ui-host=0.0.0.0, it immeddiately jumps to /trace/uiMode.html?ws=f571e4abe65b80c381e7577062fee4f7. This page cannot load because navigator.serviceWorker is undefined in this context because it is not using a secure connection. This is in direct conflict with what the docs say to do.

[delijah]

We are experiencing the same problem when using --ui-host=0.0.0.0. If we request http://127.0.0.1:{ui-port}, it works fine though. So we wonder if the actual url which is prompted at the end of the test command could be changed from 0.0.0.0 to 127.0.0.1. The 0.0.0.0 version really makes no sense, because the ui will never be able to work because 0.0.0.0 is not considered a secure context.

https://stackoverflow.com/a/52300901