crypto.randomUUID is not a function. Appcheck bug in iOS safari local dev

Question

crypto.randomUUID is not a function. Appcheck bug in iOS safari local dev

Opened this issue 2 months ago · 3 comments

EthanSK commented 2 months ago

Operating System

iOS

Environment (if applicable)

Angular

Firebase SDK Version

11.9.0

Firebase SDK Product(s)

AppCheck

Project Tooling

Angular, node (nestjs), nx monorepo

Detailed Problem Description

If i try and test my app over LAN on my iphone (for debug development), appcheck throws random UUID error

[Error] crypto.randomUUID is not a function. (In 'crypto.randomUUID()', 'crypto.randomUUID' is undefined)

It's because this function doesnt exist on ios safari. I dont wanna do polyfils so for now I just do this script so it sets the token in indexdb so it doesnt try and generate again


(async (token = 'YOUR DEBUG TOKEN THATS REGISTERED ON FIREBASE CONSOLE FOR APPCHECK  ') => {
  // Optional: also set the runtime flag so dev builds don't auto-generate
  window.FIREBASE_APPCHECK_DEBUG_TOKEN = token;

  const db = await new Promise((res, rej) => {
    const r = indexedDB.open('firebase-app-check-database', 1);
    r.onupgradeneeded = e => {
      const db = e.target.result;
      if (!db.objectStoreNames.contains('firebase-app-check-store')) {
        db.createObjectStore('firebase-app-check-store', { keyPath: 'compositeKey' });
      }
    };
    r.onsuccess = () => res(r.result);
    r.onerror = () => rej(r.error);
  });

  await new Promise((res, rej) => {
    const tx = db.transaction('firebase-app-check-store', 'readwrite');
    const store = tx.objectStore('firebase-app-check-store');
    const req = store.put({ compositeKey: 'debug-token', value: token });
    req.onsuccess = () => res();
    req.onerror = () => rej(req.error);
  });

  console.log('✅ App Check debug token set in IndexedDB:', token, '→ reload now.');
})();

Steps and code to reproduce issue

Just load the page with configured appcheck and you will see it.

Answer 1 · 2025-09-22T16:54:54.000Z

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

Answer 2 · 2025-09-22T18:57:14.000Z

crypto.randomUUID exists on iOS Safari: https://developer.mozilla.org/en-US/docs/Web/API/Crypto/randomUUID#browser_compatibility

You described that you're testing your app over LAN on your phone. Can you confirm that this is a Secure Context? crypto.randomUUID is only available in Secure Contexts, which may be why you're seeing this error specifically in your test environment.

Answer 3 · 2025-09-23T16:45:19.000Z

ok, well maybe that's the issue, but I expect it to still work for local debugging