I'm finding a way to hook vnode operations, following is a snippet of the code: IOReturn FltIOKitKAuthVnodeGate::RegisterVnodeScopeCallback(void) { // // register our listener // this->VnodeListener = kauth_listen_scope( KAUTH_SCOPE_VNODE, // for the vnode scope FltIOKitKAuthVnodeGate::VnodeAuthorizeCallback, // using this callback this ); // give a cookie to callback if( NULL == this->VnodeListener ){ DBG_PRINT_ERROR( ( kauth_listen_scope failedn ) ); return kIOReturnInternalError; } return kIOReturnSuccess; } Here use kauth_listen_scope to get the newly created vnode object, then will hook on it. But now kauth_listen_scope is deprecated, and there is no way to get the vnode by using EndpointSecurity. So is there any other way to get the newly created vnode object?
Search results for
ASWebAuthenticationSession cookie
1,295 results found
Selecting any option will automatically load the page
Post
Replies
Boosts
Views
Activity
In our macOS SystemExtension, we are using Network.framework for creating web socket connection to our remote WSS server. We provide authentication token in cookies of the connection and websocket server validates it before upgrading the connection from HTTP to WebSocket. If the cookie is invalid, server returns 403 HTTP status code and closes the connection. When server returns 403, in Big Sur and Monterey, we get state update of failed(let error) where error is NWError.posix(.ECONNABORTED). However, in Ventura, we are getting state waiting(let error) where error is NWError.posix(.ECONNABORTED). As per documentation, waiting state should be received if there is any network error in establishing the connection and connection goes into waiting for network path change. But in this case, TCP connection to server is established, HTTP headers are received and validated by server and then get rejected. So shouldn't this result into connection failed instead of waiting? This behaviour has only chan
Hi, Below is the test results - Cross site cookies work on mac OS - Safari, Chrome, Firefox, Edge and iOS - Safari, Edge. Does not work on iOS - Chrome and Firefox. Regards, Bikram
Topic:
App & System Services
SubTopic:
Core OS
Tags:
Same site = none, Secure and HttpOnly are the attributes used while creating the cookie. This issue is limited to iOS Chrome. Does not occur on iOS Safari, mac Safari, mac Chrome. Will check other browsers and update here. @darkpaw
Topic:
App & System Services
SubTopic:
Core OS
Tags:
You'll ned to give us more info on this before we can help you. What have you tried? How are you setting the cookies?
Topic:
App & System Services
SubTopic:
Core OS
Tags:
I have noticed that there is a new initializer for ASWebAuthenticationSession in macOS 14.4. The standard initializer has been deprecated without further info. The new initializer looks as follows: init(url: URL, callback: ASWebAuthenticationSession.Callback, completionHandler: ASWebAuthenticationSession.CompletionHandler) This initializer takes a callback object for class ASWebAuthenticationSession.Callback. But this class cannot be initialized and also not be subclassed. When you try to do this there will be the following error in Xcode 'init()' is unavailable The documentation also does not give any hint on how to use it, it just defines 2 class methods and a method called func matchesURL(URL) -> Bool which could mean that by using this method you could match any arbitrary URL to continue the process. Has anyone figured out what to do with this?
We're using webview in our iOS app to show the web page. The website contains cookies and they need to be Accepted/Declined by the users by clicking on Accept or Decline button, Which is handled by the website. Apple asked us to either remove the cookies from web content or implement App Tracking Transparency. We added App Tracking Transparency and now the user is asked to allow or deny the tracking permission once the user allows then we show the cookie prompt in the webview and if they deny the permission we don't show the cookie prompt. To achieve this we've set one cookie when the user denies the permission - so that the cookie popup isn't shown. But our app still got rejected, below is the message by the apple review team - We noticed you collect data to track after the user selects Ask App Not to Track on the App Tracking Transparency permission request. Specifically, we noticed your app accesses web content you own and collects cookies for
Topic:
App Store Distribution & Marketing
SubTopic:
General
Tags:
App Tracking Transparency
wwdc21-10032
有用户反馈有些APP引导弹窗多次弹出,经过埋点日志观察发现,这些用户保存在钥匙串中的openudid,沙盒数据,甚至网络请求的cookie都突然丢失了,然后后续几次重启后可能这些数据又都恢复了,感觉非常不可思议,代码上看不出有任何问题,有大神帮忙解答下吗?
In the past 2 weeks Siri will not call my contacts but instead looks for names on the web. Example: 'Call John Dough (i have a John Dough in my contacts) Siri will then search the web and call some random number that sounds like John Dough. Even my wife, who I have called for years, now SIri will search the web and call someone or company not in my contacts. Siri will recognize both when I request Siri to text my contacts, just not when I ask Siri to call. I am running latest iOS on a iPhone 12max plus. Cookies were cleared. Reset network setting. Restarted phone. Issue won't go away. 2 other people i know with iphones newer than mine also having similar issues.
Topic:
App & System Services
SubTopic:
Core OS
Tags:
Ideally, of course, all of the links on your website are allowed to be opened in the app, regardless of subdomains or www redirects, and then you use the content of apple-app-site-association to limit which ones actually will open in the app. Let's assume you want everything on your domain (e.g. coursicle.com) to be eligible to be opened as a deep link. Then you'll want to configure your entitlements in Xcode as applinks:*.coursicle.com. No problem because you own coursicle.com, right? But it's very likely that you're redirecting coursicle.com to www.coursicle.com and Apple's going to check coursicle.com/.well-known/apple-app-site-association and/or coursicle.com/apple-app-site-association, which is going to redirect to the www equivalent. Because of Apple's no redirects stipulation, your deep links will fail. @focorner's answer points this out and offers a workaround. We were considering this solution, by making it so that on iPhones any link on our site that we wanted deep linked would have a subdomain link
Topic:
App & System Services
SubTopic:
General
Tags:
And yeah, forgot about 3rd one: Sometimes UI test cannot even pass the login flow, via ASWebAuthenticationSession, the login form just disappears but nothing happens. This happens like in 1 of 4 tests runs randomly, never happens locally
Topic:
Developer Tools & Services
SubTopic:
Xcode
Tags:
Problem statement- WKWebView cookies management. We need to clone the connection used by the WKWebView to the same end point, this connection utilize cookies for routing and missing even one the cookies will end up with a wrong route to be used. It appears that when retrieving the cookies from the WKWebView connection some cookies are missing. From some analysis seems that the missing cookies all have in common a value containing special characters. The question for Apple is if they are going to relax the constraint on cookies value to allow such cookies to be used. Technical Description:- We are using WKWebView. There are some cookies being set during server connection. We are retrieving all cookies using 'getAllCookies' method of WKWebview. Sometime its not giving correct set of cookies in case if there are any special characters in any cookie. For example - Cookie- ss2QKagAdkAV3My1pnKElaFDnQ
That’s kinda how HTTP cookies work. Consider the secure-av product in RFC 6265. There isn’t any syntax for setting the attribute to false. You do that by simply not including the attribute. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com
Topic:
App & System Services
SubTopic:
Networking
Tags:
In my Xcode 15 beta 8 setup, I'm encountering an issue with the iOS 17 simulator where StoreKit.Product.purchase() consistently throws StoreKit Error.Unknown while running XCTest. Inside XCTest, I have declared SKTestSession(configuration: ). I'm using try await StoreKit.Product.purchase(options: []). However, it always throws StoreKit Error.Unknown. There's no such problem with the iOS 16.4 simulator, where I can retrieve the result and handle it appropriately. This issue is only present in the iOS 17 simulator. Is there any necessary workaround or fix for this? I've also included the console log output for your reference: デフォルト 10:06:45.981812+0900 storekitd AMSURLRequest: [597e_SK2] Failed to fetch client ID domains from bag. Defaulting to not including analytics cookies. error = { Error domain=AMSErrorDomain, code=204 | URL = http://localhost:XXXXX/inApps/history?REDACTED
Namaste Gupta, Dobri ranuk Ihor, hi WKC, we made the same experience as you describe, while trying to make cookie-based sessions work with iOS AND WebViews. We didn't find the perfect solution, but a least a workaround. Please read the full story of our Odyssee here: https://medium.com/axel-springer-tech/synchronization-of-native-and-webview-sessions-with-ios-9fe2199b44c9
Topic:
Safari & Web
SubTopic:
General
Tags: