AppStream2 bug in appstream_embed.js when socket times out - how to request a fix?

We have a problem when socket connection to an AppStream times out. appstream_embed.js makes a request the backend when the socket connection is broken, and gets a text/html response back. This response (that is a complete web page) is put in the <body> of the iframe holding the embedded AppStream session. This makes the HTML to be rendered as plain text in the browser. Since appstream_embed.js is only delivered as a minified version, and no source code is available, it is very hard to debug.

Could perhaps someone at AWS consider letting the source code forappstream_embed.js become publicly available? Maybe even versioned and publicly source controlled?

Would it be possible to confirm our bug and see if it can be fixed?

Technical details.

We have a custom domain, let's assume as-eu.apps.example.com. Once the session times out, the socket is lost and a request is to the root is made. It includes all cookies used for session and authentication in previous requests (to logs and metrics). The response is 401 Unauthorized but also contains a response body. The body is available below. The response is introduced in the iframe by appstream_embed.js, but in the body of that HTML document. The result looks like:

API Response:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="icon" href="/appstream/styles/media/favicon.ico" type="image/x-icon">
    <link rel="shortcut icon" href="/appstream/styles/media/favicon.ico" type="image/x-icon">
    <title>Session expired</title>
  <link type="text/css" rel="stylesheet" href="https://appstream2.eu-west-1.aws.amazon.com/css/appstream/prod_vcd8a680d2b64ada06ea05031c5b8ed82838e81e9.gz.css"/>

    <style>
        .client-session-expired-background{
            background: #212f3e url(/appstream/media/photon-wallpaper.svg) no-repeat center bottom;
            background-size: 100% auto;
        }
    </style>
</head>
<body class="client-session-expired-background">

    <div class="alert-modal-container">
        <div class="model-dialog alert">
            <div class="title-bar">
                <h1>Expired Session</h1>
            </div>
            <div class="model-dialog-content">Your session has expired.</div>
            <p class="clearfix text-center">
                <button class="btn btn-primary btn-retry alert-button" onclick="toRedirectPage()">OK</button>
            </p>
        </div>
    </div>

</body>
<script>
    var nativeClientRedirectURL = "https://example.com";
    var webClientRedirectURL = "https://example.com";
    function toRedirectPage(){
      if(window.CefSharp) {
        window.CefSharp.BindObjectAsync("as2NativeClient")
        .then((result) => {
          if(window.as2NativeClient) {
            console.log("NC Object bound");
            window.as2NativeClient.redirectToHomeWithUrl(nativeClientRedirectURL);
          }
        })
        .catch((error) => {
           window.location.href = nativeClientRedirectURL;
        });
      }else {
        window.location.href = webClientRedirectURL;
      }
    }
</script>
</html>

Resulting html in the iframe where appstream_embed.js is running:

<html>
  <head>
    <meta name="color-scheme" content="light dark">
  </head>
  <body>
    <pre style="word-wrap: break-word; white-space: pre-wrap;">
     &lt;!DOCTYPE html&gt;&lt;html lang="en"&gt;&lt;head&gt;&lt;meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"&gt;  &lt;meta charset="utf-8"&gt;  &lt;meta name="viewport" content="width=device-width, initial-scale=1"&gt;  &lt;link rel="icon" href="/appstream/styles/media/favicon.ico" type="image/x-icon"&gt;  &lt;link rel="shortcut icon" href="/appstream/styles/media/favicon.ico" type="image/x-icon"&gt;  &lt;title&gt;Session expired&lt;/title&gt;  &lt;link type="text/css" rel="stylesheet" href="https://appstream2.eu-west-1.aws.amazon.com/css/appstream/prod_vcd8a680d2b64ada06ea05031c5b8ed82838e81e9.gz.css"/&gt;  &lt;style&gt;    .client-session-expired-background{      background: #212f3e url(/appstream/media/photon-wallpaper.svg) no-repeat center bottom;      background-size: 100% auto;    }  &lt;/style&gt;&lt;/head&gt;&lt;body class="client-session-expired-background"&gt;  &lt;div class="alert-modal-container"&gt;    &lt;div class="model-dialog alert"&gt;      &lt;div class="title-bar"&gt;        &lt;h1&gt;Expired Session&lt;/h1&gt;      &lt;/div&gt;      &lt;div class="model-dialog-content"&gt;Your session has expired.&lt;/div&gt;      &lt;p class="clearfix text-center"&gt;        &lt;button class="btn btn-primary btn-retry alert-button" onclick="toRedirectPage()"&gt;OK&lt;/button&gt;      &lt;/p&gt;    &lt;/div&gt;  &lt;/div&gt;&lt;/body&gt;&lt;script&gt;  var nativeClientRedirectURL = "https://qlucore.dev";  var webClientRedirectURL = "https://qlucore.dev";  function toRedirectPage(){   if(window.CefSharp) {    window.CefSharp.BindObjectAsync("as2NativeClient")    .then((result) =&gt; {     if(window.as2NativeClient) {      console.log("NC Object bound");      window.as2NativeClient.redirectToHomeWithUrl(nativeClientRedirectURL);     }    })    .catch((error) =&gt; {      window.location.href = nativeClientRedirectURL;    });   }else {    window.location.href = webClientRedirectURL;   }  }&lt;/script&gt;&lt;/html&gt;
    </pre>
  </body>
</html>

Result page to the end user looks like this:. It's obviously not working as intended.