I'm unclear on the implications of Apple's App Review Guideline 5.2.2: If your app uses, accesses, monetizes access to, or displays content from a third-party service, ensure that you are specifically permitted to do so under the service’s terms of use. Authorization must be provided upon request. If a paid subscription app uses a licensed search API to retrieve and display links to publicly available third-party web content, is the API license generally enough for compliance? Or does Apple expect separate authorization from each underlying website whose content appears in the search results?

Hello All, I have a app which has a WKWebview loading some code from a remote origin - https://my-company.example.com When WKWebview loads remote origin, that page does load some of the sub-resources from in-app localhost server (GCDWebserver), i.e. reach out to a loopback based in-app GCDWebserver, now to provide a secure context I had an existing setup with self signed cert, CORS and everything needed for https on localhost. And the sub-resources used to load fine from https localhost till 26.4 Starting with iOS 26.4 it started breaking with TLSv1_ALERT_UNKNOWN_CA Is there any known guidance for this? Technically as per w3c spec, localhost is considered secure context by default right? and no special things need to be done. But ios/Webkit seem to be different in this regard. Is this a known issue, and is there any mitigation here? I'll try to provide a sample app soon if possible.

There does not appear to be any way to use or create iCloud passkeys with a Safari Web Extension, either using the navigator.credentials API in an extension origin webpage such as the popover, or using the AuthenticationServices framework in the SafariWebExtensionHandler. I've setup an associated domain for my plugin, and I know it works for the host application. But I get errors trying to do so in the web extension target. createCredentialRegistrationRequests results in the following error: Domain=com.apple.AuthenticationServices.AuthorizationError Code=1004 "Application with identifier <ID> is not associated with domain <RPID> The other problem, assuming the entitlement works correctly for the web extension, is that there is no NSWindow to use as the presentation target from the SafariWebExtensionHandler. Trying to use the navigator.credentials.create JS API (which is the preferred method, frankly, in a web extension) results in the following error: NotAllowedError: The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission. Chrome has a great solution for this that I believe should be adopted by Safari. If an extension has host permissions for a relying party it wants to claim, or if it has an associated domain entitlement for it, webauthn operations should be allowed.

Safari on iOS 17, when entering characters into text input box after deleting characters, the layout is off. Here's the HTML: <body> <div id="J001" style="display: inline-block;"> <div id="J001__0" style="display: inline-block;"> <input id="J001__0__input" style="display: inline-block; height: 28px; padding:2px; border:1px solid gray;"></div> <div id="J003__0" style="display: inline-block;"> <button id="J003__0__btn" style="display: inline-block; height:34px;">a</button> </div> </div> </body> Enter "A" into text input box. Delete "A" with the backspace(x). Enter "A" into text input box, the button position will be shifted down. iOS 17 の Safari にて、テキスト入力ボックスで文字を削除した後、文字を入力するとレイアウトが崩れます。 テキスト入力ボックスに「A」と入力します。 バックスペース(x)で「A」を削除します。 テキスト入力ボックスに「A」と入力すると、ボタンの位置が下にずれます。

The title says it all, and I've filed FB FB22353950 that includes an Xcode 26.4 Screen Saver test project, QT movie demonstrating the error, and a PDF with complete steps to build and test. I'm asking here just to learn if this sounds familiar. The SS built on 26.4 fails in 26.4, works fine on 26.3.1. I'll supply the test files if there's interest. Thanks.

I would like to script my Mac to close a specific iCloud Tab of my choice that is open on my iPhone. This is for Accessibility reasons. Ideally, I’d prefer to do this without using GUI scripting. AppleScript methods only seem to see tabs in Windows Extensions also do not seem to have visibility of the other types of tabs I've tried many options so far, but all seem to not work and are also far too brittle even if they did. I have a feeling I'm missing something! 1. Toolbar Dropdown In Desktop Safari you can enable a toolbar button “iCloud Tabs” which when clicked shows a list of the tabs currently open on your other devices. If you hover one, an X appears which can be clicked to close the tab. When you next use Safari on the remote device that tab will be closed. If it’s already open and awake then the removal happens around one second later. It’s quick. (But I did try GUI scripting and I can get to the row in the outline in the popup, but I can’t get the cross to appear to click it) 2. Start Page they’re also listed on favorites:// “start page” but there are issues viewing all and no way to search them. There used to be a search field until Safari ~15. 3. Omnibar They’re also shown in omni/address bar, but getting the correct item to appear at all or in a predictable position is fragile. 4. Sidebar Another alternative to the favorites/"start page" layout. Same issues. 5. Modifying Safari Database directly Changes are not mirrored to the cloud. It seems Safari does a cloudd request that I can't do.

We are experiencing an issue after Xcode 26.0 to load local javascript files to WKWebView to render our own design. it used to work well, however after Xcode 26.0, when [self.webView loadFileURL:fileURL allowingReadAccessToURL:accessURL]; it returns [PID=1514] WebProcessProxy::hasAssumedReadAccessToURL(3198190): no access self.webRootPath = [[NSHomeDirectory() stringByAppendingPathComponent:@"Documents"] stringByAppendingPathComponent:CHAT_VIEW_WEB_ROOT]; NSFileManager *fileManager = [NSFileManager defaultManager]; NSError *error = nil; if (! [fileManager fileExistsAtPath:self.webRootPath]){ [fileManager createDirectoryAtPath:self.webRootPath withIntermediateDirectories:NO attributes:nil error:&error]; } NSURL *accessURL = [NSURL fileURLWithPath:self.webRootPath]; Not sure how to assign access permission to WKWebView. Any help much appreciated.

According to our crash analytics, our application crashes while a context menu is opened on a web view. This crash takes place on iOS 26+ only. The messages states that a web view is no longer inside active window hierarchy, however we doesn't modify web view instance's parent anyhow while the context menu is opened. Can you please help with a fix or at least workaround for this issue? What's your opinion for bug localization (application or framework)? NSInternalInconsistencyException UIPreviewTarget requires that the container view is in a window, but it is not. (container: <WKTargetedPreviewContainer: 0x14b442840; name=Context Menu Hint Preview Container>) userInfo: { NSAssertFile = "UITargetedPreview.m"; NSAssertLine = 64; } Crashed: CrBrowserMain 0 CoreFoundation __exceptionPreprocess + 164 1 libobjc.A.dylib objc_exception_throw + 88 2 Foundation -[NSMutableDictionary(NSMutableDictionary) initWithContentsOfFile:] + 0 3 UIKitCore -[UIPreviewTarget initWithContainer:center:transform:] + 660 4 UIKitCore (Missing) 5 UIKitCore (Missing) 6 UIKitCore (Missing) 7 UIKitCore (Missing) 8 UIKitCore (Missing) 9 UIKitCore -[_UIContextMenuPresentation present] + 56 10 UIKitCore +[UIView(UIViewAnimationWithBlocksPrivate) _modifyAnimationsWithPreferredFrameRateRange:updateReason:animations:] + 168 11 UIKitCore (Missing) 12 UIKitCore (Missing) 13 UIKitCore (Missing) 14 UIKitCore (Missing) 15 UIKitCore +[UIView(UIViewAnimationWithBlocks) _setupAnimationWithDuration:delay:view:options:factory:animations:start:animationStateGenerator:completion:] + 516 16 UIKitCore (Missing) 17 UIKitCore (Missing) 18 UIKitCore +[UIView __animateUsingSpringWithDampingRatio:response:interactive:initialDampingRatio:initialResponse:dampingRatioSmoothing:responseSmoothing:targetSmoothing:projectionDeceleration:retargetImpulse:animations:completion:] + 192 19 UIKitCore -[_UIRapidClickPresentationAssistant _animateUsingFluidSpringWithType:animations:completion:] + 316 20 UIKitCore -[_UIRapidClickPresentationAssistant _performPresentationAnimationsFromViewController:] + 516 21 UIKitCore -[_UIRapidClickPresentationAssistant presentFromSourcePreview:lifecycleCompletion:] + 400 22 UIKitCore __55-[_UIClickPresentationInteraction _performPresentation]_block_invoke_3 + 48 23 UIKitCore +[UIViewController _performWithoutDeferringTransitionsAllowingAnimation:actions:] + 140 24 UIKitCore __55-[_UIClickPresentationInteraction _performPresentation]_block_invoke_2 + 144 25 UIKitCore -[_UIClickPresentationInteraction _performPresentation] + 836 26 UIKitCore postPreviewTransition_block_invoke_2 + 104 27 UIKitCore handleEvent + 256 28 UIKitCore -[_UIClickPresentationInteraction _driverClickedUp] + 48 29 UIKitCore -[_UIClickPresentationInteraction clickDriver:didPerformEvent:] + 400 30 UIKitCore stateMachineSpec_block_invoke_5 + 48 31 UIKitCore handleEvent + 144 32 UIKitCore -[_UILongPressClickInteractionDriver _handleGestureRecognizer:] + 140 33 UIKitCore -[UIGestureRecognizerTarget _sendActionWithGestureRecognizer:] + 128 34 UIKitCore _UIGestureRecognizerSendTargetActions + 268 35 UIKitCore _UIGestureRecognizerSendActions + 268 36 UIKitCore -[UIGestureRecognizer _updateGestureForActiveEvents] + 308 37 UIKitCore -[UIGestureRecognizer gestureNode:didUpdatePhase:] + 300 38 Gestures (Missing) 39 Gestures (Missing) 40 Gestures (Missing) 41 Gestures (Missing) 42 UIKitCore -[UIGestureEnvironment _updateForEvent:window:] + 528 43 UIKitCore -[UIWindow sendEvent:] + 2924 44 UIKitCore -[UIApplication sendEvent:] + 396

According to our crash analytics, our application crashes while a context menu is closed (after being opened on a web view). This crash takes place on iOS 26+ only. Seems like WebCore::ElementContext::isSameElement is called after ElementContext has been destroyed, so it's a kind of use-after-free issue. Can you please help with a fix or at least workaround for this issue? What's your opinion for bug localization (application or framework)? EXC_BAD_ACCESS 0x0000000000000001 Crashed: CrBrowserMain 0 WebKit WebCore::ElementContext::isSameElement(WebCore::ElementContext const&) const + 12 1 WebKit __74-[WKSelectPicker contextMenuInteraction:willEndForConfiguration:animator:]_block_invoke + 84 2 UIKitCore -[_UIContextMenuAnimator performAllCompletions] + 248 3 UIKitCore (Missing) 4 UIKitCore (Missing) 5 UIKitCore (Missing) 6 UIKitCore (Missing) 7 UIKitCore (Missing) 8 UIKitCore -[_UIGroupCompletion _performAllCompletions] + 160 9 UIKitCore (Missing) 10 UIKitCore (Missing) 11 UIKitCore (Missing) 12 UIKitCore (Missing) 13 UIKitCore __UIVIEW_IS_EXECUTING_ANIMATION_COMPLETION_BLOCK__ + 36 14 UIKitCore -[UIViewAnimationBlockDelegate _sendDeferredCompletion:] + 92 15 libdispatch.dylib _dispatch_call_block_and_release + 32 16 libdispatch.dylib _dispatch_client_callout + 16 17 libdispatch.dylib _dispatch_main_queue_drain.cold.5 + 812 18 libdispatch.dylib _dispatch_main_queue_drain + 180 19 libdispatch.dylib _dispatch_main_queue_callback_4CF + 44 20 CoreFoundation __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 16 21 CoreFoundation __CFRunLoopRun + 1944 22 CoreFoundation _CFRunLoopRunSpecificWithOptions + 532 23 GraphicsServices GSEventRunModal + 120 24 UIKitCore -[UIApplication _run] + 792 25 UIKitCore UIApplicationMain + 336

We're developing a service that requires webtransport support in the browser. Currently, the only browser that doesn't provide support is the IOS version of Safari. Our current way forward for client use is to flag iphone and ipad as non compliant and recommend either desktop use or android. Is there any ballpark date as to when WebTransport will be included in IOS Safari (- webkit supports webtransport)?

I'm building a Capacitor iOS app with a plain <video> element playing an MP4 file inline. I want Picture-in-Picture to activate automatically when the user goes home — swipe up from the bottom edge of the screen (on an iPhone with Face ID) or press the Home button (on an iPhone with a Home button). Fullscreen → background works perfectly — iOS automatically enters Picture-in-Picture. But I need this to work from inline playback without requiring the user to enter fullscreen first. Setup <video id="video" playsinline autopictureinpicture controls src="http://podcasts.apple.com/resources/462787156.mp4"> </video> // AppDelegate.swift let audioSession = AVAudioSession.sharedInstance() try? audioSession.setCategory(.playback, mode: .moviePlayback) try? audioSession.setActive(true) UIBackgroundModes: audio in Info.plist allowsPictureInPictureMediaPlayback is true (Apple default) iOS 26.3.1, WKWebView via Capacitor What I've tried 1. autopictureinpicture attribute <video playsinline autopictureinpicture ...> WKWebView doesn't honor this attribute from inline playback. It only works when transitioning from fullscreen. 2. requestPictureInPicture() on visibilitychange document.addEventListener('visibilitychange', () => { if (document.visibilityState === 'hidden' && !video.paused) { video.requestPictureInPicture(); } }); Result: Fails with "not triggered by user activation". The visibilitychange event doesn't count as a user gesture. 3. webkitSetPresentationMode('picture-in-picture') on visibilitychange document.addEventListener('visibilitychange', () => { if (document.visibilityState === 'hidden' && !video.paused) { video.webkitSetPresentationMode('picture-in-picture'); } }); Result: No error thrown. The webkitpresentationmodechanged event fires with value picture-in-picture. But the PIP window never actually appears. The API silently accepts the call but nothing renders. 4. await play() then webkitSetPresentationMode document.addEventListener('visibilitychange', async () => { if (document.visibilityState === 'hidden') { await video.play(); video.webkitSetPresentationMode('picture-in-picture'); } }); Result: play() succeeds (audio resumes in background), but PIP still doesn't open. 5. Auto-resume on system pause + PIP on visibilitychange iOS fires pause before visibilitychange when backgrounding. I tried resuming in the pause handler, then requesting PIP in visibilitychange: video.addEventListener('pause', () => { if (document.visibilityState === 'hidden') { video.play(); // auto-resume } }); document.addEventListener('visibilitychange', () => { if (document.visibilityState === 'hidden' && !video.paused) { video.webkitSetPresentationMode('picture-in-picture'); } }); Result: Audio resumes successfully, but PIP still doesn't open. 6. Native JS eval from applicationDidEnterBackground func applicationDidEnterBackground(_ application: UIApplication) { webView?.evaluateJavaScript( "document.querySelector('video').requestPictureInPicture()" ) } Result: Same failure — no user activation context. Observations The event order on background is: pause → visibility: hidden webkitSetPresentationMode reports success (event fires, no error) but the PIP window never renders requestPictureInPicture() consistently requires user activation, even from native JS eval Audio can be resumed in background via play(), but PIP is a separate gate Fullscreen → background automatically enters Picture-in-Picture, confirming the WKWebView PIP infrastructure is functional Question Is there any way to programmatically enter PIP from inline playback when a WKWebView app goes to background? Or is this intentionally restricted by WebKit to fullscreen-only transitions? Any pointers appreciated. Thanks!

Reporting a consistent system-wide freeze followed by a Kernel Panic when attempting to use the "Add to Home Screen" feature in Safari. This issue has persisted across multiple recent iOS updates and leads to a device bootloop. Technical Details: The UI becomes entirely unresponsive for exactly 180 seconds. Analytics logs indicate a userspace watchdog timeout caused by SpringBoard failing to check in. Panic String: panic(cpu 0 caller 0xffffffff0422ccb9): userspace watchdog timeout: no successful checkins from SpringBoard (0 induced crashes) in 180 seconds Steps to Reproduce: Open Safari and navigate to any URL. Tap the Share icon. Select Add to Home Screen. The device UI freezes immediately. After 3 minutes, the system triggers a reboot. Environment: • Device: 16PM panic-base-2026-03-12-222721.ips.txt • OS Version: 26.4 RC and Beta 3 v1 • Feedback ID: FB22286846 (Full sysdiagnose and panic logs are attached to the original Feedback Assistant report). Questions: Is this a known regression involving the web clip background daemon, or does the 180s timeout suggest a specific database corruption within the Home Screen layout?

Summary When an app is associated with a domain via applinks in the Apple App Site Association (AASA) file, the app's icon is displayed next to passkey entries in the iOS passkey selection UI (e.g., in Safari's sign-in dialog). This occurs even when: The AASA file does not contain a webcredentials section The passkey's relying party ID (rp.id) matches the domain, but the app has no webcredentials association The URL path of the passkey login page does not match any paths specified in the applinks configuration Environment iOS 18.6.2 iPhone 16 Pro Safari / Passkey UI via WebAuthn Steps to Reproduce Create an iOS app and register it in App Store Connect (or distribute via TestFlight) Configure the AASA file on the domain with only applinks — no webcredentials section: json{ "applinks": { "apps": [], "details": [ { "appIDs": ["TEAMID.com.example.myapp"], "components": [ { "/": "/specific-path/*" } ] } ] } } Implement WebAuthn/passkey registration on the same domain with the domain as rp.id Install the app on the device (via TestFlight or App Store) Register a passkey on the website via Safari Navigate to the login page and trigger the passkey selection UI Expected Behavior Since webcredentials is not configured in the AASA file, the passkey selection UI should NOT display the app icon next to the passkey entry. The passkey icon should be the default website favicon or a generic icon. Actual Behavior The app icon (from App Store Connect / TestFlight) is displayed next to the passkey entry in the selection UI, even though: Only applinks is configured (no webcredentials) The current page URL does not match any paths in the applinks configuration Impact In our production environment, we have a single domain serving multiple partner bank apps. The AASA file contains applinks entries for many different apps (20+ partner apps). When a user accesses the passkey login page, the passkey UI may display an app icon from one of these partner apps, which can be confusing for users — especially if the displayed icon belongs to a different partner's app than the one the user intends to use. Questions Is this the intended behavior — that applinks associations influence the passkey UI icon display? Is there a way to prevent applinks associations from affecting the passkey selection UI without removing the applinks entries? Would adding a proper webcredentials section with the correct app ID override the icon source from applinks to webcredentials? Is there a recommended approach for domains that serve multiple apps via applinks but want to control which icon appears in the passkey UI?

Hi, I'm having difficulties fetching many 2 many relationships. I have an Actor entity (which I can query in CloudKit JS) that has 2 relationships: inputComponents and outputComponents, both pointing towards a Component entity. How to query these relationships? Thanks Tom

We are currently supporting an Apple Pay-enabled card program as an issuer/issuer processor and have successfully completed In-App Push Provisioning integration within our iOS application. The in-app flow is fully operational, including issuer-side cryptographic exchange and Mastercard MDES network tokenization. We are now looking to extend this integration to support Apple Pay Web Push Provisioning, allowing cardholders to add eligible cards to Apple Wallet directly from our web application. We would appreciate guidance on: -The process for enrolling in Apple Business Register (if required) -Enabling Web Push Provisioning for an issuer profile Required entitlements or provisioning certificates Any additional onboarding steps specific to issuer-level Web provisioning We understand that Web Push Provisioning requires issuer-level enablement beyond standard Apple Pay on the Web, and we would like clarification on the correct path to activate this capability. Thank you in advance for your guidance.

When setting the language in iOS/macOS to German (or other languages with “,” decimal separator) and number format to “1.234.567,89” in iOS 26.2, 26.3 and 26.4 Beta, Safari inserts the wrong decimal separator in elements. It should use the local German decimal separator comma “,” instead it uses the english/international period “.” Here is a screenshot of iOS 26.2 when visiting a website with just 2 number inputs in Safari: <input type="number"> <input type="number" value="5.6"> It behaves the following way: On the first input, enter a number with decimals like “12,34”, clicking “,” on the onscreen-keyboard, a “.” instead of a “,” is added. The number then is formatted in international/English: “12.34”. The input set programatically shows the right decimal separator for German: "5,6". But deleting the “,” and pressing “,” on the onscreen-keyboard again adds a dot instead of a comma and shows the number in international/english: “5.6”. The same issue also happens on desktop Safari on MacOS 26.2 and newer and iOS apps using webviews, also since iOS 26.2. How to use the correct decimal separator in html number inputs for the user selected language in iOS/macOS on iOS 26.2 and newer versions? Is this maybe a bug? This was working correctly for iOS 26.1 and older:

When using passkeys stored in iCloud Keychain (Passwords app) via Passkey Autofill in browsers other than Safari, the userVerification parameter is ignored and user verification (UV) is not performed. As a result, relying party servers that require userVerification = required fail validation because the UV flag is not set, causing passkey authentication to fail. This issue occurs when the following setting is disabled: Settings → Face ID & Passcode → Use Face ID For → Password AutoFill The issue is reproducible only with the following combination: Non-Safari browsers (e.g. Chrome) Passkeys stored in iCloud Keychain (Passwords app) Passkey Autofill The issue does not occur in the following cases: Safari with passkeys stored in any credential manager Non-Safari browsers using credential managers other than iCloud Keychain Steps to Reproduce: Go to Settings → General → Autofill & Passwords, and enable the Passwords app under “Autofill From”. Go to Settings → Face ID & Passcode → Use Face ID For, and disable “Password AutoFill”. Open Chrome and navigate to https://webauthn.io Enter a username and tap “Register” to create a passkey using the Passwords app (iCloud Keychain). On webauthn.io, go to Advanced Settings → Authentication Settings, and set “User Verification” to “Required”. Reload the page, tap the input field, and perform Passkey Autofill. User Verification is not triggered, and “Authentication failed” is displayed on webauthn.io. === This issue has already been reported via Feedback Assistant as FB21756948. I am posting here to confirm whether this behavior is working as intended or represents a bug, and to make other developers aware of the current behavior.

Hi, We're experiencing a WKWebView issue where the screen intermittently turns pure magenta (#FF00FF) in our production iOS app. After investigation, we traced this to WebKit's internal WKCompositingView.mm where [UIColor magentaColor] is used as a pending state indicator when coverView.hidden == NO. This matches rdar://163597990 / WebKit Bug 303157 ("Magenta flash when loading page"), which was fixed in commit 303720@main on 2025-12-01 via PR #54499. My question is simple: which iOS/Safari release includes this fix? We're on iOS 26.3 and still seeing the issue. We need to know: Is the fix already in iOS 26.3? (If so, there may be another unfixed code path) If not, which upcoming iOS version will include it? Our environment iOS 26.3, iPhone 15 Pro Max WKWebView with complex web content App codebase contains zero magenta color usage — this is purely from WebKit Related rdar://163597990 Bug 303157 — RESOLVED FIXED Bug 230531 — "Pages render as magenta after being in background" PR #54499 — Merged to main 2025-12-01 Any information about the release timeline would be very helpful. Thanks!

overflow-x: clip; will also apply clipping on the Y-axis. The correct implementation of this should only affect the X-axis. This is correctly implemented in all browsers except for Safari

I am reporting what appears to be a serious integrity flaw in Safari under iPadOS 26.3 (and lower) that materially undermines the reliability of Screen Time parental controls. This is not merely a UX inconsistency but a functional contradiction within a system explicitly marketed and positioned as secure parental control infrastructure. Device / Environment Device: iPad Air M3 13" (2025) OS: iPadOS 26.3 Safari (system version) Screen Time enabled with active restrictions Child account (10 years old) Background We deliberately chose an Apple device for school use based on the expectation that Apple’s system-level parental control mechanisms — especially Screen Time — are robust, tamper-resistant, and technically consistent. Screen Time is configured with: App limits Downtime Parental controls enabled with limited web content restrictions (school requirements prevent strict blocking) Safari enabled (mandatory for educational use) further parental control restrictions Because aggressive website blocking would interfere with legitimate school activities, monitoring Safari browsing history is a central supervisory mechanism. When Screen Time is active: Clearing the entire browsing history via Safari is correctly blocked. Clearing history via system settings is correctly blocked. The system explicitly communicates that deletion is not permitted due to Screen Time restrictions. This behavior establishes a clear user expectation: Browsing history is protected against manipulation. The Issue Despite the above safeguards, individual browsing history entries can be deleted easily and silently through the address bar suggestion interface. This creates a structural contradiction: Full deletion is blocked. Selective deletion — which is arguably more problematic — remains possible. Steps to Reproduce Enable Screen Time with restrictions that prevent deletion of browsing history (for example on a student device with a child account). Open Safari and visit any website. Confirm it appears in Safari history. Tap the Safari address bar. Type part of the URL or page title. Safari suggests the previously visited page below the address bar. Swipe left on that suggestion. A red “Delete from History” button appears. Tap it. Actual Result The entry disappears immediately: No Screen Time PIN required No authentication request No warning No restriction triggered No parental notification No audit trace visible Deletion occurs silently and irreversibly. Expected Result When Screen Time is configured to prevent browsing history deletion: Individual entries must not be deletable Deletion must require Screen Time authentication Anything else defeats the protective purpose of the restriction. Real-World Impact In practical use, this allows minors to selectively sanitize browsing history while preserving a seemingly intact record. In our case, this method is widely known among classmates and routinely used to conceal visits to gaming or social media platforms during school hours. The technical barrier to exploitation is negligible. This results in: A false sense of security for parents A discrepancy between advertised functionality and actual system behavior A material weakening of parental control integrity When a system explicitly blocks full history deletion but permits silent selective deletion, the protection mechanism becomes functionally inconsistent and unreliable. Given that Screen Time is publicly positioned as a dependable parental control framework, this issue raises concerns not only about implementation quality but also about user trust and reasonable reliance on advertised safeguards. Request Please classify this as a parental control integrity and trust issue. Specifically: Disable individual history deletion while Screen Time restrictions are active OR Require Screen Time passcode authentication for deleting single entries Screen Time is presented as a secure supervisory environment for minors. In its current implementation under iPadOS 26.3 and before, that expectation is technically not met. This issue warrants prioritization.