Tuesday, March 31, 2020

Lyst: Shop Designer Brands app for iOS: Facebook Messenger sharing - Light Mode - The Done and Send options are not appearing

iOS 13.4
Lyst: Shop Designer Brands app for iOS (version 6.46)
Date: 03/31/20

Description:

Minor problem with the Lyst app and sharing to Facebook Messenger. The Lyst app has a problem with sharing a product from their app via Facebook Messenger, using the iOS share sheet.

This is much easier to show than it is to describe, so please take a look at this screen shot:

This is what the user sees when they try to share a product from inside the Lyst app. This is with the iOS device set to light mode.

Compare that to dark mode:






Steps to Reproduce:

1. With the iPhone set to light mode, download and launch the Lyst app for iOS
2. Choose any product in the app
3. Choose the share option from any product
4. From the iOS share sheet, select the Facebook Messenger option
5. Note that the "Done" and "Send" options do not appear

Result: With the iOS device set to light mode, the "Done" and "Send" options on the Facebook Messenger pop-up do not appear when accessed via a product's share option

Expected: Users should always be able to see the "Done" and "Send" options from the Facebook Messenger pop-up UI accessible via the share sheet

Posted by at No comments:
Labels: , , ,

HYPEBEAST app for iOS: Share sheet - light or dark mode - cant see Facebook Messenger options!

iOS 13.4
HYPEBEAST app for iOS (version 3.20)
Date: 03/31/20

Description:

Minor problem with the how HYPEBEAST integrates with the iOS share sheet. This happens in either light or dark mode.

When you share an article on HYPEBEAST using the share option and then select Facebook Messenger sharing, the "Done" and "Send" option aren't visible.

The entire top of this Facebook Messenger sharing option is simply replaced by a colored bar.

Take a look at the this screenshot, with the device set to dark mode:


Take a look at this screenshot, with the device set to the light mode:

Steps to Reproduce:

1. Download an launch the HYPEBEAST app for iOS
2. Select any article in the app
3. Select the share option
4. Select the Facebook Messenger option

Result: The HYPEBEAST app for iOS has a problem with the iOS share sheet and Facebook Messenger sharing - the "Done" and "Send" options aren't visible

Expected: The "Done" and "Send" options should be visible, with the iOS device set to either light or dark mode, with the HYPEBEAST app for iOS
Posted by at No comments:
Labels: , , , ,

Moncler app for iOS: Email subject lines have product URL by default

iOS 13.4
Moncler app for iOS (version 2.5.1)
Date: 03/31/20

Description:

Minor problem with the Moncler app for iOS and the share sheet.

When the user goes to share a product using the email option, the url of the product is entered into the subject line of the auto-generated email.

Take a look:

Check out the subject line! Usually (majority of the time) apps simply leave the subject line blank. This is the first time i've seen a URL show up in a subject line. Odd!

Steps to Reproduce:

1. Download and launch the Moncler app for iOS
2. Choose a county
3. Select any product
4. Select the share option
5. Select the email option

Result: With the Moncler app for iOS, the URL of the product shows up in the subject line of the emails generated in the share sheet. Odd problem - not great end user experience

Expected: Subject line should either be blank, or should be related to the product being shared. URL shouldn't be displayed in this subject line

Launch the Moncler app...

Select the sharing option...

Select the email share option...





Posted by at No comments:
Labels: ,

Monday, March 30, 2020

6thStreet app for iOS: Certain characters crash the app!

iOS 13.4
6thStreet app for iOS (version 2.12.0)
Date: 03/30/20

Description:

Here's a bug that i've spotted with various iOS apps for the past several years. This particular bug is crash that happens when the user runs certain searches for certain characters. This is happening with an app called 6thStreet.com.

This is basically the same bug that's been happening with the Yelp app for iOS for years.

Here's the basics: certain characters simply crash the app. I understand that this is a mySQL database problem - but, an iOS app in 2020 should be able to handle these characters without crashing.

Characters such as [ * + \ ? all crash the app.

Here's the crash dump:



Steps to Reproduce:

1. Download and launch the 6thStreet app for iOS
2. Select a county to main homepage
3. Select the "Brands" option
4. Click inside the search box that says: "What are you looking for?"
5. Enter in characters like: [ * + \ ?

Result: Characters like [ * + \ ? crash the 6thStreet iOS app

Expected: Characters like [ * + \ ? should not crash the 6thStreet iOS app

Download and launch the 6thStreet app...

Select the brands option...

Enter in [ * + \ ?
Posted by at No comments:
Labels: , ,

Sunday, March 29, 2020

Newchic-Fashion Shopping app for iOS: Share sheet - two cancel options on text messages

iOS 13.4
Newchic-Fashion Shopping (version 5.5.0)
Date: 03/29/20

Description:

Minor problem with the Newchic-Fashion shopping app and the iOS share sheet.

When you select the "Message" option from from the share sheet for any product, the word "Cancel" is displayed twice. I've never seen this with an iOS before!




Steps to Reproduce:

1. Download and launch the Newchic-Fashion app
2. Select any product listed in the app
3. Select the share option for any product
4. From the share sheet select "Messages"
5. Notice that the "Cancel" is doubled in the generated message

Result: Two "Cancels" appear on the generated text message

Expected: There should only be one "Cancel" option in the generated text message
Posted by at No comments:
Labels: , , ,

Saturday, March 28, 2020

Grabbd - Social Foodie & Travel: Bad data floating off the coast of Africa

iOS 13.4
Grabbd - Social Foodie & Travel (version 1.15.3)
Date: 03/28/20



Avast Ye Matey! If you're looking bad data, then you need look no further than Null Island! Located in the Gulf of Guinea off the coast of Africa, Null Island is a mystical place, where incorrectly geo-coded entities magically float in water.

Firing up an app that uses a map-based search function? Want to find the bad data in the app? Then simply head to the geo-coordinates of 0.0.0.0. Looking to see bad data across multiple platforms? You'll find all this and more, off the coast of Africa.

As i've reported before, you can do this with a whole lot of apps.

Today I spotted it with Grabbd.

Take a look at some of the spots that are floating off the coast of Africa:



London restaurants floating off the coast of Africa.

Looking for yer roast beef sandwich, ye scirvy dog? It's floating out in the ocean. 2nd start to the right, and straight on till dawn!






Steps to Reproduce:

1. Download and launch the Grabbd app for iOS
2. Move the map and search 0.0.0.0

Result: There's always bad data at 0.0.0.0

Expected: There should not be bad data at 0.0.0.0
Posted by at No comments:
Labels: , ,

Thursday, March 26, 2020

Sneaker Crush: Share Sheet - missing Instagram option under the Suggested Apps area

iOS 13.4
Sneaker Crush - Release Dates app for iOS (version 3.1)
Date: 03/26/20

Here's a minor problem with the iOS share sheet and an app called Sneaker Crush. The app displays various sneakers.

If the user goes to the share option for any piece of footwear, and then opens up the iOS share sheet, they will see an Instagram option which is lacking an icon. These kinds of bugs happen from time to time, and you'd think that this would be an absolute priority for app store review guidelines.

Steps to Reproduce:

1. Download and launch the Sneaker Crush app for iOS
2. Select any sneaker featured in the app
3. Select the share option for any sneaker
4. From the share sheet, scroll over and select the "... More" option
5. From the "Apps" page, scroll down to "Suggestions"
6. Notice that the Instagram icon is missing - totally blank

Result: In the iOS share sheet's "Suggestions" area for apps, the Instagram icon is missing/blank with the Sneaker Crush app

Expected: There should never be a blank/missing icon in the iOS share sheet

Select any shoe featured in the app...

Select the share option for any shoe...

Select this "... More" option from the share sheet...

From the "Apps" page scroll down to "Suggestions"...

The Instagram option is missing!


Posted by at No comments:
Labels: , , ,

iOS 13.4: Selecting the Bluetooth force touch into Settings crashes the app if Bluetooth is on!

iOS 13.4

Date: 03/26/20

Description:

As has been described by a number of users, there is a new bug which was introduced with the just released iOS 13.4.

I first spotted a twitter user named @Themetris discussing this. I quickly saw that he was absolutely correct, and the issue he describes is happening with iOS 13.4:

If Bluetooth is ON, and if all other apps (including Settings) are closed, the Settings app will crash if the user enters it by using the force touch shortcut from the Settings icon on the home screen.

This is much easier to show than to describe, so please take a look at the numerous videos that are being posted online:


Here are some Twitter users who have captured some video of the issue:



And another user:




And another:



And another:






Steps to Reproduce:

1. With your iOS device set to 13.4, turn on the Bluetooth option
2. Force close all apps (including settings)
3. Activate the drop-down menu from the Settings icon on the home screen
4. From the drop down menu, tap "Bluetooth"

Result: If Bluetooth is turned on the iOS device, the Settings app will crash if the user uses the force touch drop down menu and selects "Bluetooth"

Expected: Settings app should not crash if the user selects the "Bluetooth" shortcut option via the drop-down menu for the Settings app

Here's my video:



Posted by at No comments:
Labels: , ,

SideChef app for iOS: Error Messaging - Canceling out of Google login results in an inaccurate "no internet connection" message

iOS 13.4
SideChef app for iOS (version 4.4.1)
Date: 03/26/20

Description:

Here's a little unusual bug that I haven't seen before. With an app called SideChef, the user is presented the standard option to use Google credentials to sign-in/log-in to an account.

This is what users see:

There's a Google log-in option, as you can see. If you select it, the prompt comes up...

Select the "Cancel" option from this prompt...
An error message of "No Internet Connection" appears! Not very accurate - and not the usual "The user canceled the log-in flow" error message that other apps display.

Steps to Reproduce:

1. Download and launch the SideChef app for iOS
2. From the "Cook with Confidence" page, select the Google option
3. Select "Cancel" from the pop-up
4. Note that the error message says: "No Internet Connection"

Result: Canceling out of the Google log-in option results in an inaccurate error message of "No Internet Connection"

Expected: An error message of "No Internet Connection" should not be displayed to the user if this is inaccurate





Posted by at No comments:
Labels: , , ,

Wednesday, March 25, 2020

Likewise app for iOS: Share sheet option on Apps page freezes apps

iOS 13.4
Likewise app for iOS (version 7.8)
Date: 03/25/20

Description:

This looks to be a somewhat serious problem related to the Likewise app that has just started happening with the iOS 13.4 update.

I've been using Likewise for more than six months now, and I like the app. Once a user has Likewise downloaded on their device, a Likewise option appears in the iOS share sheet.

The Likewise option appears on my device in the "Suggestions" area for apps in the iOS share sheet. This is where and how I see this option...

Head to the Apps area of the iOS share sheet. This is from a Pinterest posting.

As you can see, there is a Likewise option.

The problem is that now, with iOS 13.4, the app just seems to freeze. Previously, there was either an option to share something to Likewise, or an error message.

Here's a video of the freeze:



Steps to Reproduce:

1. Have Likewise on your device, along with an active account
2. Open any other app that has a share option (such as Pinterest)
3. Open up the share sheet
4. From the Apps page, scroll down to "Suggestions"
5. Select the Likewise option

Result: Selecting the Likewise option in the Apps portion of the iOS share sheet now seems to freeze apps - no error message - no share option

Expected: Selecting the Likewise option in the Apps portion of the iOS share sheet should not freeze any app!

Open an app like Pinterest, and select the share option...

Open up the share sheet "More apps" option...

Select the "... More" option...

Scroll down to Suggestions...

Select the "Likewise" option - it freezes the app
Posted by at No comments:
Labels: , ,

Tuesday, March 24, 2020

Slickdeals app for iOS: XSS: Error if you try to change username to plaintext

iOS 13.3.1
Slickdeals: Save with Coupons app for iOS (version 5.14.1)
Date: 03/24/20

Description:

The Slickdeals: Save with Coupons app (version 5.14.1) for iOS has a minor XSS problem.

The app has "Request Username" option. If the user enters in the standard XSS term of "<plaintext>"..

The app displays an error message that indicates that there are additional XSS errors to be found...



Steps to Reproduce:

1. Download and launch the Slickdeals: Save with Coupons app for iOS
2. Select profile
3. Sign Up with either a Google or Facebook account
4. Select "Edit Username" from the pop-up
5. From the "Change Username" screen, enter in <plaintext>
6. Click on "Request Username"
7. Note "</p></div><footer><button class =" appears
8. Start looking for other XSS problems

Result: Entering in the standard XSS test term of "<plaintext>" in the "Request Username" area of the app results in an error indicative of an XSS failure

Expected: The Slickdeals app should handled the entry of "<plaintext>" gracefully - shouldn't display an error message that would encourage additional searches for XSS problems
Posted by at No comments:
Labels: , ,

Econo ToGo app for iOS: crashes if you disallow camera access then tries to access it again

iOS 13.3.1
Econo ToGo app for iOS (version 1.3.4)
Date: 03/24/20

Description:

There is an easy to reproduce crash with the Econo ToGo app for iOS.

Here's a video of the crash:



This crash happens after the user disallows camera access to take a profile picture. After disallowing camera access, the app will crash after the user attempts to take a photo for a profile picture.

Here's the camera option disabled for this Econo ToGo app.

In all the times I have played around with this functionality with different apps, this is the first time that I have seen this occur in exactly this way. So, sort of unique!

Steps to Reproduce:

1. Download the Econo ToGo app for iOS
2. From the "Pickup" screen select "Skip"
3. From the "Start Now!" screen select "Create Account"
4. From the "Register Account" screen, click on the default profile icon next to "Upload Profile Picture"
5. From the "Econo Togo - Select Method" pop-up select "Take Photo"
6. Decline camera access
7. Exit out of the app and repeated steps 1 to 5

Result: The Econo ToGo app will crash if the user selects a "Take Photo" option after declining camera permission to the app

Expected: The Econo ToGo app should not crash if the user selects a "Take Photo" option after declining camera permission to the app

Select the "Create Account" option...

Select the profile icon next to "Upload Profile Picture"...

With the camera access disabled, the app will crash with every subsequent selection of the "Take Photo" option.

Posted by at No comments:
Labels: ,

Port City Java app for iOS: Bad link to Facebook page

iOS 13.3.1
Port City Java app for iOS (version 1.0.2)
Date: 03/24/20

Description:

Extremely minor problem with the Port City Java app for iOS.

Inside of the app there is a listing of links to Port City Java's social media accounts. The Twitter link works. The Instagram link works. The Facebook link does not. It does not take the user to Port City Java's valid Facebook page.

Click the menu option in the upper left...

Click the Facebook link...

Doesn't take the user to the valid Facebook page for Port City Java.

Steps to Reproduce:

1. Download and launch the Port City Java app for iOS
2. Select the side menu option in the upper left hand corner of the screen
3. Under "Social" select the "Facebook" option

Result: The Facebook link inside of the app to Port City Java's Facebook page doesn't work - leads to a removed page, even though Port City Java has a working Facebook page

Expected: The Facebook link inside of the Port City Java app should lead to Port City Java's valid Facebook page
Posted by at No comments:
Labels: , ,

Telegram Messenger app for iOS: Misplaced search input box on a camera roll during profile picture selection

iOS 13.3.1
Telegram Messenger app for iOS (version 5.15.2)
Date: 03/24/20

Description:

Here's an odd little problem with the current version (5.15.2) of the Telegram Messenger app for iOS.

This is easier to show than it is to describe, so please take a look at the screenshots attached below. Basically, there is a search option (a magnifying glass) that appears when the user selects the "Choose Photo" to bring up the camera roll in order to select a new profile picture.

This search option is not supposed to be activated at this point. Clicking inside of the search box activates a keyboard, and the user can enter terms. However, nothing appears until after the user cancels out of photo selection.

Long story short - this search box is misplaced and then brings a web search option for profile pictures in the wrong part of the app's UI. I've not seen many (any?) iOS apps do something like this.
This is easy to spot if you play around with it.

Steps to Reproduce:

1. While signed into an active Telegram account, launch the app
2. Select the "Settings" option
3. Select the profile picture area
4. From the "Edit Profile" page, click on the camera icon
5. From the pop-up menu, select the "Choose Photo" option
6. From the RECENTS camera roll - click inside the search input box (note the keyboard)
7. Enter in a term on the keyboard, click search
8. Select "Cancel" to close the Camera roll
9. Note that web options appear

Result: There is a misplaced search input box option on a camera roll option that is accessible with the Telegram app

Expected: This search input box should not appear in this place


This is from the "Edit Profile" area of the Telegram app..

Select the camera option...

Select the "Choose Photo" option...

Notice the search option. Click it...

A keyboard appears - enter a search term. Then click on "Search" - it does nothing but dismiss the keyboard...

After you click on the "Cancel" option...

This appears AFTER the user has select the "Cancel" option.




Posted by at No comments:
Labels: ,

Sunday, March 22, 2020

OpenTable app for iOS: Bad Data in the Gulf of Guinea!

iOS 13.3.1
OpenTable app for iOS (version 13.12.2)
Date: 03/22/20

Description:

Have ever been curious to know a quick way to find "bad data" in an app? Meaning, data that may have a listed address, but one that isn't recognized as valid? Have you every wanted to see if the particular map-integrated app you're using has entities which aren't geo-locating to the correct place?

Here's an easy way to do it!

The OpenTable app has a problem which is common on numerous other apps. Here's a summation of the problem: if a restaurant address is listed that is not recognized as a "valid" it is deposited at a latitude/longitude of "0.0.0.0."

This "0.0.0.0" is off the coast of Africa and is known as a mythical "Null Island" for database purposes. 


Some of the various locations you can quickly find - many of them are in Australia...
The Mexican Port Douglas
Lime Leaf Thai Restaurant 
Choo Choos Marina Port Douglas

Steps to Reproduce:

1. Download and launch the OpenTable app for iOS (version 13.12.2)
2. Sign into an account
3. Click on "Search" - search in any location
4. Click on the Map
5. Search in the Gulf of Guinea area off of West Africa
OR:
6. Run a search for restaurants in the Gulf of Guinea

Result: Searching the 0.0.0.0 area in many apps will show you locations that lack a correct address

Expected: Not sure - just a fun way to find bad data across multiple apps!



Posted by at No comments:
Labels: , , ,

DHgate - Online Wholesale Stores app: Full Twitter DM access requested for account creation

iOS 13.3.1
DHgate - Online Wholesale Stores app for iOS (version 5.0.4)
Date: 03/22/20

Description:

Yet another app that goes way too overboard in regards to Twitter permissions and account creation. Like some other apps, DHgate has an option to use either Facebook or Twitter to create an account.

The Twitter option with the DHgate app has a Twitter login page explaining permissions. This particular app requests the ability to "read, manage and delete" the direct messages of the connected Twitter account.

NO third party app - under any circumstances - should have that access. Most especially an e-commerce app.

Take a look at the permissions requested:

The "Send Direct Messages for you and read, manage, and delete your Direct Messages." is far too intrusive. I've seen this with other apps, reported it, and seen it changed instantly.

Steps to Reproduce:

1. Download and launch the DHgate - Online Wholesale Stores app for iOS
2. Select the Account option
3. From the "My Account" page, select the "Sign in or Join Free" option
4. From under the "Sign in with your social account" options, select the Twitter icon
5. Note the Twitter permissions requested

Result: The Twitter permissions requested by the DHgate app are too intrusive - the app requires the ability to "Send Direct Messages for you and read, manage, and delete your Direct Messages"

Expected: Read, manage and delete permissions for Twitter account creation with the DHgate app are too intrusive!
Posted by at No comments:
Labels: , , ,

Thursday, March 19, 2020

The Yes fashion app for iOS: Totally Uninformative Error Message

iOS 13.3.1
THE YES app for iOS (version 1.0.3)
Date: 03/19/20

Description:

Minor problem with the error message displayed by an app called The Yes for iOS.

If the user cancels out of a login, the app displays an error message like this:

No consumer who sees this error message will have any idea what this error message means. This is the kind of nonsensical error message one expects on Android - not on iOS.

The Alert message says:

"{"error":"a0.session.user_cancelled","error_description":"User cancelled the Auth"}

Steps to Reproduce:

1. Download and launch The Yes app for iOS
2. Select "Get Started"
3. Select "Let's Go"
4. Select "DIVE IN"
5. From "TheYes.com" permission pop-up select "Cancel"
6. Note the error message

Result: The user is presented with an extraordinarily obtuse error message after they cancel out of giving "TheYes.com" access

Expected: An iOS user should never be presented with an error message this bad:


Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)