Hi Apple team, We’re shipping a Live Caller ID Lookup extension on iOS 18 and have a question about the automatic refresh of configuration/PIR parameters. Questions 1. Is there any documented interval/TTL (min/max) for the system’s automatic refresh of /config and PIR parameters, or is it entirely opportunistic (battery/network/usage)? I can’t find a cadence in the IdentityLookup docs. 2. Does iOS honor server cache headers (e.g., Cache-Control/Expires) to influence when it re-fetches? 3. Which events also trigger a refresh (enable/disable in Settings, OS/app update, device reboot, token/epoch change)? 4. Are there rate limits or best-practice limits for calling refreshExtensionContext and refreshPIRParameters?

I’m testing .glassEffect() in a widget on the latest iOS 26 beta, but it seems to have no effect at all — the blur isn’t visible, and in some cases even white text disappears completely. Is this the expected behavior for widgets (i.e. glass effect is not supported), or could this be a bug in the beta? Would appreciate any clarification or pointers. Thanks!

I'm using the LockedCameraCaptureExtension to launch my Camera app from the camera button. Some of our users report our app crashing a few seconds after being launch from the camera button. The call stack is something inside BoardServices [BSServicesConfiguration activateXPCService] I'm not sure how to investigate or fix this, anyone else having the same issue? Basically in my LockedCameraCaptureExtension when it loads I just call openApplication on the LockedCameraCaptureSession to launch into my app. @main struct captureExtension: LockedCameraCaptureExtension { var body: some LockedCameraCaptureExtensionScene { LockedCameraCaptureUIScene { session in Button(action: { Task { await openCamera(session: session) } }, label: { Text("Open Camera") }) .buttonStyle(PlainButtonStyle()) .task { await openCamera(session: session) } } } private func openCamera(session: LockedCameraCaptureSession) async { try? await session.openApplication(for: NSUserActivity(activityType: "com.mycompany.camera")) } }

I'm seeking help troubleshooting a persistent com.apple.IdentityLookup.error.messagefilter Code=3 error when my Message Filter Extension tries to defer to network. I’ve exhausted Apple documentation and forum posts, and Apple Support has asked me to escalate this via the forums to reach engineering. ✅ My Setup: Xcode: 16.2 macOS: Sequoia 15.3.1 (Apple Silicon Mac mini) Device: iPhone 14 Pro iOS: 18.3.2 (Developer Mode enabled) Tested via: TestFlight install on real device 📦 App Structure: Main App Target (minimal "hello world" logic) Message Filter Extension Target Messages Extension Target Message Reporting Extension Target Notifications Extension Target ✅ Capabilities & Configurations Main App Capabilities: App Groups: group.com.example.shared Network Extensions: Content Filter Associated Domains: messagefilter:my-api.example.com applinks:my-api.example.com Message Filter Capabilities: App Groups: same as main app Network Extensions: Content Filter Associated Domains: same as above 📄 Info.plist Config Main App Info.plist: NSAppTransportSecurity with: NSAllowsArbitraryLoads = YES Exception domain my-api.example.com with: NSIncludesSubdomains = YES NSTemporaryExceptionAllowsInsecureHTTPLoads = YES NSTemporaryExceptionMinimumTLSVersion = TLSv1.2 MessageFilter Info.plist: Same ATS settings as above NSExtension block: <key>NSExtension</key> <dict> <key>NSExtensionAttributes</key> <dict> <key>ILMessageFilterExtensionNetworkURL</key> <string>https://my-api.example.com/api/sms-filter</string> <key>ILClassificationExtensionSMSReportDestination</key> <string>+10000000000</string> </dict> <key>NSExtensionPointIdentifier</key> <string>com.apple.identitylookup.message-filter</string> <key>NSExtensionPrincipalClass</key> <string>$(PRODUCT_MODULE_NAME).MessageFilterExtension</string> </dict> 📜 Entitlements Main App Entitlements <key>com.apple.developer.associated-domains</key> <array> <string>messagefilter:my-api.example.com</string> <string>applinks:my-api.example.com</string> </array> <key>com.apple.developer.networking.networkextension</key> <array> <string>content-filter-provider</string> </array> <key>com.apple.security.application-groups</key> <array> <string>group.com.example.shared</string> </array> Message Filter Extension Entitlements Identical to main app’s, scoped to the extension. 📄 AASA File (Hosted on https://my-api.example.com/.well-known/apple-app-site-association) Serves as application/json, returns 200 OK, and is reachable on device via Safari. Logs confirm AASA is downloaded and installed successfully during TestFlight install. { "applinks": { "apps": [], "details": [ { "appID": "TEAMID.com.example.app", "paths": ["*"] }, { "appID": "TEAMID.com.example.app.MessageFilter", "paths": ["*"] } ] }, "messagefilter": { "apps": [], "details": [ { "appID": "TEAMID.com.example.app", "filterType": "URL", "domains": ["my-api.example.com"] }, { "appID": "TEAMID.com.example.app.MessageFilter", "filterType": "URL", "domains": ["my-api.example.com"] } ] }, "classificationreport": { "apps": [], "details": [ { "appID": "TEAMID.com.example.app", "domains": ["my-api.example.com"] }, { "appID": "TEAMID.com.example.MessageReporting", "domains": ["my-api.example.com"] } ] } } ❌ The Problem When the extension launches and receives an SMS to classify, logs show: deferQueryRequestToNetwork failed: The operation couldn’t be completed. (com.apple.IdentityLookup.error.messagefilter error 3.) The extension loads, network URL is available, the AASA is installed, and yet the extension is not allowed to defer to network. This occurs every time. 🧪 Other Notes Tried rebuilding everything from scratch Archiving to TestFlight, not running via Xcode Clean entitlements verified using codesign -d --entitlements :- Console logs show no issues with AASA download or validation Any help or insights from Apple engineering or others in the community who have successfully deployed a working Message Filter Extension would be hugely appreciated. Thanks in advance 🙏

I'm experiencing a conflict between Xcode 16's build requirements and App Store validation for DeviceActivityReport extensions. The Issue: Created a DeviceActivityReport extension using Xcode 16's template Extension builds and runs perfectly locally TestFlight upload fails with Apple saying EXAppExtensionAttributes is incorrect for widget extensions When I remove EXAppExtensionAttributes from Info.plist, local builds fail with: "Appex bundle does not define an EXAppExtensionAttributes dictionary" Current Info.plist (works locally, rejected by App Store): EXAppExtensionAttributes EXExtensionPointIdentifier com.apple.deviceactivityui.report-extension NSExtension NSExtensionPointIdentifier com.apple.deviceactivityui.report-extension NSExtensionPrincipalClass $(PRODUCT_MODULE_NAME).ActivityReportExtension The Problem: Xcode 16's "Device Activity Report Extension" template uses fileSystemSynchronizedGroups which appears to require the EX configuration format. But App Store validation rejects this format. Has anyone successfully uploaded a DeviceActivityReport extension created in Xcode 16? Any workarounds for this conflict between local build requirements and App Store validation? Using: Xcode 16.4, Family Controls entitlement (approved), iOS 18.5 SDK Thanks for any insights!

I've made working Spotlight Import Extension with in macOS 15.5 (24F74). mdimport confirm it's installed, and working. The problem is related to accessing data inside document bundles (package directory) class ImportExtension: CSImportExtension { override func update(_ attributes: CSSearchableItemAttributeSet, forFileAt url: URL) throws { // ERROR: The file "QuickSort.notepad" couldn't be opened because you don't have permission to view it. let fileWrapper = try FileWrapper(url: url) } } forFileAt url points to a bundle. In order to read the metadata the extension needs to load the bundle from url and access its content, however in the sandbox environment,t the url allows only access to the bundle directory itself in particular NSFileWrapper(url: url) fails with error "The file "name.extension" couldn't be opened because you don't have permission to view it.", and effectively prevent from providing useful metadata. Is there a way to access the Document Bundle content in order to read the metadata for Spotlight?

I get an error when using Share Extension to share images in iOS 26. It works fine in iOS 18. The error message is: Error acquiring assertion: <Error Domain=RBSAssertionErrorDomain Code=2 "Could not find attribute name in domain plist" UserInfo={NSLocalizedFailureReason=Could not find attribute name in domain plist}>. What should I do? My plist file looks like this: NSExtension NSExtensionAttributes NSExtensionActivationRule NSExtensionActivationSupportsImageWithMaxCount 1 NSExtensionMainStoryboard MainInterface NSExtensionPointIdentifier com.apple.share-services

I get an error when using Share Extension to share images in iOS 26. It works fine in iOS 18. The error message is: Error acquiring assertion: <Error Domain=RBSAssertionErrorDomain Code=2 "Could not find attribute name in domain plist" UserInfo={NSLocalizedFailureReason=Could not find attribute name in domain plist}>. What should I do? My plist file looks like this: NSExtension NSExtensionAttributes NSExtensionActivationRule NSExtensionActivationSupportsImageWithMaxCount 1 NSExtensionMainStoryboard MainInterface NSExtensionPointIdentifier com.apple.share-services

We are in the process of updating our legacy Spotlight MDImporter to the new macOS Spotlight App Extension. The transition works well for standard attributes such as title, textContent, and keywords. However, we encounter an issue when adding custom attributes to the CSSearchableItemAttributeSet. These custom attributes are not being persisted, which means they cannot be queried using a Spotlight NSMetadataQuery. Has anyone an idea on how to append custom attributes so that they are included in the indexed file status, as displayed by the shell command mdimport -t -d3 <path> A sample project illustrating the problem is available here: https://www.dropbox.com/scl/fi/t8qg51cr1rpwouxdl900b/2024-09-04-Spotlight-extAttr.zip?rlkey=lg6n9060snw7mrz6jsxfdlnfa&dl=1

Hello, I’ve noticed an issue with custom keyboard extensions in iOS 26 that seems specific to native apps. When a custom keyboard is opened in apps like Messages, Notes, or Safari, there’s an extra strip of native grey space around the left, right, and top edges of the keyboard. This extra margin cannot be rendered over by the keyboard’s own views. Interestingly, this behaviour does not occur in third-party apps like Instagram. It also wasn’t present in earlier iOS versions. The result is that keyboards with custom or non-grey backgrounds look visually inconsistent (they appear framed by unwanted grey). Has anyone else run into this? Is this a known change in iOS 26, or could it be a bug? Any guidance or official clarification would be appreciated. Thanks!

This concerns file provider framework on macOS. Some users of our application (Egnyte.app) report that they have problems downloading dataless files. When a file reaches invalid state, trying to open or download it through Finder results in "Invalid argument" alert (see example-recording.mp4). At the same time our FileProvider extension receives no fetchContents or fetchPartialContents calls. A step-by-step set of instructions to reproduce the problem (if possible) So far we don't have clear reproduction steps. The issue is easily reproducible, for multiple files, for some of our customers. See attached sysdiagnose and recording. What results you expected Our extension receives a request to download the file. File downloads and opens successfully. What results you actually saw No download request made to our File Provider extension. File doesn't open, Finder alert instead. PLEASE NOTE: Before recording and collecting sysdiagnose we installed FileProvider.mobileconfig, slightly modified official profile that we attach. Example reproduction happens 8:33 into full-recording.mp4, around 17:01:18 / 17:01:19 machine’s time. Shared sysdiagnose and recordings come from one of our customers, they permitted us to share the data. In the recording they try to open files with multiple 3rd party applications (Vectorworx, Office PowerPoint) and those opens fail with alerts from those applications. We have similar reports from customers using Adobe apps. More info in FB19462434

This concerns file provider framework on macOS. Some users of our application (Egnyte.app) report that they have problems downloading dataless files. When a file reaches invalid state, trying to open or download it through Finder results in "Invalid argument" alert (see example-recording.mp4). At the same time our FileProvider extension receives no fetchContents or fetchPartialContents calls. A step-by-step set of instructions to reproduce the problem (if possible) So far we don't have clear reproduction steps. The issue is easily reproducible, for multiple files, for some of our customers. See attached sysdiagnose and recording. What results you expected Our extension receives a request to download the file. File downloads and opens successfully. What results you actually saw No download request made to our File Provider extension. File doesn't open, Finder alert instead. PLEASE NOTE: Before recording and collecting sysdiagnose we installed FileProvider.mobileconfig, slightly modified official profile that we attach. Example reproduction happens 8:33 into full-recording.mp4, around 17:01:18 / 17:01:19 machine’s time. Shared sysdiagnose and recordings come from one of our customers, they permitted us to share the data. In the recording they try to open files with multiple 3rd party applications (Vectorworx, Office PowerPoint) and those opens fail with alerts from those applications. We have similar reports from customers using Adobe apps.

Has anyone encountered a situation like mine below? I’ve submitted feedback, but it seems like I’ll have to wait for a while. ContactProviderManager Fails with Custom domainIdentifier, Works Only with "defaultDomain" Category: Developer Tools / Frameworks Subcategory: ContactProvider Framework Reproducibility: Always iOS Version: iOS 18.0 (and later) Xcode Version: Xcode 16.0 (or later)  Description: When initializing a ContactProviderManager with a custom ContactProviderDomain using any identifier other than "defaultDomain", the initializer throws a ContactProviderError.domainNotRegistered error. The documentation for ContactProviderDomain (https://developer.apple.com/documentation/contactprovider/contactproviderdomain) does not provide any method to register custom identifiers, making it impossible to use ContactProviderManager with a desired custom identifier. The only successful case is when the identifier is "defaultDomain". print("Error: (error)") // No error, initialization succeeds Steps to Reproduce: Create a Contact Provider Extension in an iOS app targeting iOS 18.0. In host app, Attempt to initialize a ContactProviderManager with a custom ContactProviderDomain identifier: ​import ContactProvider func enableExtensionExample() async {    do {        // The app creates a contact provider manager with custom domain.        let manager =  try ContactProviderManager(domainIdentifier: "com.mycompany.customdomain")               // May prompt the person to enable the custom domain.        try await manager.enable()    } catch {       print("Error: \(error)") // Prints ContactProviderError.domainNotRegistered    } } Try the same with the default identifier: ​import ContactProvider func enableExtensionExample() async {    do {        // The app creates a contact provider manager with a default domain.        let manager =  try ContactProviderManager(domainIdentifier: "defaultDomain")               // May prompt the person to enable the default domain.        try await manager.enable()    } catch {       print("Error: \(error)") // No error, initialization succeeds    } } Build and run the app on a device or simulator running iOS 18.0 or later. Observe that the initializer fails with domainNotRegistered for any identifier other than "defaultDomain". Expected Behavior: The ContactProviderManager should initialize successfully with any valid ContactProviderDomain identifier, provided the domain is properly configured or registered, allowing developers to use custom identifiers for organizing contacts (e.g., for different categories or sources). Actual Behavior: The ContactProviderManager initializer throws ContactProviderError.domainNotRegistered for any ContactProviderDomain identifier other than "defaultDomain". Only the "defaultDomain" identifier succeeds, limiting the ability to use custom domains. Impact: Developers cannot use custom identifiers to categorize or manage contacts in separate domains, restricting the ContactProvider framework’s flexibility. This forces reliance on the "defaultDomain" identifier, which may not suit use cases requiring distinct contact groups (e.g., personal vs. business contacts). Suggested Fix: Provide an API to register custom ContactProviderDomain identifiers, such as a ContactProviderManager.register(domain:) method. Update the ContactProviderDomain and ContactProviderManager documentation to clarify how to use custom identifiers or explicitly state if only "defaultDomain" is supported. If custom identifiers are not intended to be supported, document this limitation clearly to avoid developer confusion. Feedback : FB20104001 (ContactProviderManager Fails with Custom domainIdentifier, Works Only with "defaultDomain")

I'm trying to use DNR to force safe search with Qwant search engine. Under certain circumstances (scenario described below) the search is performed with an API which contains the safe search level in a URL parameter. A typical query URL is https://api.qwant.com/v3/search/web?q=test&count=10&locale=fr_FR&offset=0&device=desktop&tgp=1&safesearch=0&displayed=true&llm=true. I want a DNR rule to force safesearch to be 2 (= strict) (from some javascript code) : { id: 1, priority: 1, action: { type: 'redirect', "redirect": { "transform": { "queryTransform": { "addOrReplaceParams": [{ "key": "safesearch", "value": "2" }] } } } }, condition: { "urlFilter": "api.qwant.com/v3/search", "resourceTypes": ["xmlhttprequest"] }, } When this rule is activated, I end up with a URL with the original safesearch parameter AND the forced one : https://api.qwant.com/v3/search/web?q=test&count=10&locale=fr_FR&offset=0&device=desktop&tgp=1&safesearch=0&displayed=true&llm=true&safesearch=2. To reproduce this request (with the previous DNR rule in place) : navigate to https://www.qwant.com search for some string (test in my case). This displays the list of results ; click the engine button at the top right to display the settings pane ; inspect network request performed by this page ; change the Adult filter in the list -> the results are automatically updated with the new settings. The web request shows URL with the 2 safesearch parameters. I already used addOrReplaceParams in 'standard' contexts (main_frame) and it works just fine. Any hint on what goes on ? Thank you.

import UIKit class KeyboardViewController: UIInputViewController { // MARK: - Properties private var keyboardView: KeyboardView! private var heightConstraint: NSLayoutConstraint! private var hasInitialLayout = false // 存储系统键盘高度和动画参数 private var systemKeyboardHeight: CGFloat = 300 private var keyboardAnimationDuration: Double = 0.25 private var keyboardAnimationCurve: UIView.AnimationOptions = .curveEaseInOut // MARK: - Lifecycle override func viewDidLoad() { super.viewDidLoad() setupKeyboard() } override func viewWillAppear(_ animated: Bool) { super.viewWillAppear(animated) // 在视图显示前更新键盘高度，避免闪动 if !hasInitialLayout { hasInitialLayout = true } } override func viewDidAppear(_ animated: Bool) { super.viewDidAppear(animated) } // MARK: - Setup private func setupKeyboard() { // 创建键盘视图 keyboardView = KeyboardView() keyboardView.translatesAutoresizingMaskIntoConstraints = false view.addSubview(keyboardView) // 设置约束 - 确保键盘贴紧屏幕底部 NSLayoutConstraint.activate([ keyboardView.leftAnchor.constraint(equalTo: view.leftAnchor), keyboardView.rightAnchor.constraint(equalTo: view.rightAnchor), keyboardView.bottomAnchor.constraint(equalTo: view.bottomAnchor) ]) // 设置初始高度约束（使用系统键盘高度或默认值） let initialHeight = systemKeyboardHeight heightConstraint = keyboardView.heightAnchor.constraint(equalToConstant: initialHeight) heightConstraint.isActive = true } // MARK: - Layout Events override func viewDidLayoutSubviews() { super.viewDidLayoutSubviews() } override func viewSafeAreaInsetsDidChange() { super.viewSafeAreaInsetsDidChange() } // MARK: - 键盘高度请求 // 这个方法可以确保键盘扩展报告正确的高度给系统 override func updateViewConstraints() { super.updateViewConstraints() // 确保我们的高度约束是最新的 if heightConstraint == nil { let height = systemKeyboardHeight > 0 ? systemKeyboardHeight : 216 heightConstraint = NSLayoutConstraint( item: self.view!, attribute: .height, relatedBy: .equal, toItem: nil, attribute: .notAnAttribute, multiplier: 0.0, constant: height ) heightConstraint.priority = UILayoutPriority(999) view.addConstraint(heightConstraint) } else { let height = systemKeyboardHeight > 0 ? systemKeyboardHeight : 216 heightConstraint.constant = height } } } // MARK: - Keyboard View Implementation class KeyboardView: UIView { private var keysContainer: UIStackView! override init(frame: CGRect) { super.init(frame: frame) setupView() } required init?(coder: NSCoder) { super.init(coder: coder) setupView() } private func setupView() { backgroundColor = UIColor(red: 0.82, green: 0.84, blue: 0.86, alpha: 1.0) // 创建按键容器 keysContainer = UIStackView() keysContainer.axis = .vertical keysContainer.distribution = .fillEqually keysContainer.spacing = 8 keysContainer.translatesAutoresizingMaskIntoConstraints = false addSubview(keysContainer) // 添加约束 - 确保内容在安全区域内 NSLayoutConstraint.activate([ keysContainer.topAnchor.constraint(equalTo: safeAreaLayoutGuide.topAnchor, constant: 8), keysContainer.leftAnchor.constraint(equalTo: safeAreaLayoutGuide.leftAnchor, constant: 8), keysContainer.rightAnchor.constraint(equalTo: safeAreaLayoutGuide.rightAnchor, constant: -8), keysContainer.bottomAnchor.constraint(equalTo: safeAreaLayoutGuide.bottomAnchor, constant: -8) ]) // 添加键盘行 } }

I created 2 iOS projects in Xcode: Project 1: 4 targets (main app + 3 app extensions) 4 static libraries the main app's target dependencies include - 3 app extensions and the 4 libs. the main app's binary is linked to all 4 libs similarly, each extension is linked to all 4 libs Project 2: 5 targets (main app + 3 app extensions + 1 framework) 4 static libraries the main app's target dependencies include - 3 app extensions and the framework each extension is dependent only on the framework the framework's target dependencies include all the 4 static libs As per my understanding, the app bundle size for Project 2 should be less than that of Project 1, since we eliminate duplicating the static libs for each target by using a framework instead. However, I have found that the bundle size is more for Project 2 as compared to the bundle size of project 1. I do not understand, why?

We are encountering an issue where the Safari extension we are developing stops working while in use on relatively new iOS versions (confirmed on 17.5.1, 17.6.1, and 18). Upon checking the Safari console, the content script is displayed in the extension script, so the background script or Service Worker must be stopping. The time until it stops is about 1 minute on 17.5.1 and about one day on 17.6.1 or 18. When it stops, we would like to find a way to restart the Service Worker from the extension side, but we have not found a method to do so yet. To restart the extension, the user needs to turn off the corresponding extension in the iPhone settings and then turn it back on. As mentioned in the following thread, it is written that the above bug was fixed in 17.6, but we recognize that it has not been fixed. https://forums.developer.apple.com/forums/thread/758346 On 17.5.1, adding the following process to the background script prevents it from stopping for about the same time as on 17.6 and above. // Will be passed into runtime.onConnect for processes that are listening for the connection event const INTERNAL_STAYALIVE_PORT = "port.connect"; // Try wake up every 9S const INTERVAL_WAKE_UP = 9000; // Alive port var alivePort = null; // Call the function at SW(service worker) start StayAlive(); async function StayAlive() { var wakeup = setInterval(() => { if (alivePort == null) { alivePort = browser.runtime.connect({ name: INTERNAL_STAYALIVE_PORT }); alivePort.onDisconnect.addListener((p) => { alivePort = null; }); } if (alivePort) { alivePort.postMessage({ content: "ping" }); } }, INTERVAL_WAKE_UP); } Additionally, we considered methods to revive the Service Worker when it stops, which are listed below. None of the methods listed below resolved the issue. ① Implemented a process to create a connection again if the return value of sendMessage is null. The determination of whether the Service Worker has stopped is made by sending a message from the content script to the background script and checking whether the message return value is null as follows. sendMessageToBackground.js let infoFromBackground = await browser.runtime.sendMessage(sendParam); if (!infoFromBackground) { // If infoFromBackground is null, Service Worker should have stopped. browser.runtime.connect({name: 'reconnect'}); // ← reconnection process // Sending message again infoFromBackground = await browser.runtime.sendMessage(sendParam); } return infoFromBackground.message; Background script browser.runtime.onConnect.addListener((port) => { if (port.name !== 'reconnect') return; port.onMessage.addListener(async (request, sender, sendResponse) => { sendResponse({ response: "response form background", message: "reconnect.", }); }); ② Verified whether the service worker could be restarted by regenerating Background.js and content.js. sendMessageToBackground.js export async function sendMessageToBackground(sendParam) { let infoFromBackground = await browser.runtime.sendMessage(sendParam); if (!infoFromBackground) { executeContentScript(); // ← executeScript infoFromBackground = await browser.runtime.sendMessage(sendParam); } return infoFromBackground.message; } async function executeContentScript() { browser.webNavigation.onDOMContentLoaded.addListener((details) => { browser.scripting.executeScript({ target: { tabId: details.tabId }, files: ["./content.js"] }); }); } However, browser.webNavigation.onDOMContentLoaded.addListener was not executed due to the following error. @webkit-masked-url://hidden/:2:58295 @webkit-masked-url://hidden/:2:58539 @webkit-masked-url://hidden/:2:58539 ③ Verify that ServiceWorker restarts by updating ContentScripts async function updateContentScripts() { try { const scripts = await browser.scripting.getRegisteredContentScripts(); const scriptIds = scripts.map(script => script.id); await browser.scripting.updateContentScripts(scriptIds);//update content } catch (e) { await errorLogger(e.stack); } } However, scripting.getRegisteredContentScripts was not executed due to the same error as in 2. @webkit-masked-url://hidden/:2:58359 @webkit-masked-url://hidden/:2:58456 @webkit-masked-url://hidden/:2:58456 @webkit-masked-url://hidden/:2:58549 @webkit-masked-url://hidden/:2:58549 These are the methods we have considered. If anyone knows a solution, please let us know.

I've gotten to the point where I can use the mount(8) command line tool and the -t option to mount a file system using my FSKit file system extension, in which case I can see a process for my extension launch, probe, and perform the other necessary actions. However, when plugging in my USB flash drive or trying to mount with diskutil mount, the file system does not mount: $ diskutil mount disk20s3 Volume on disk20s3 failed to mount If you think the volume is supported but damaged, try the "readOnly" option $ diskutil mount readOnly disk20s3 Volume on disk20s3 failed to mount If you think the volume is supported but damaged, try the "readOnly" option Initially I thought it would be enough to just implement probeExtension(resource:replyHandler:) and the system would handle the rest, but this doesn't seem to be the case. Even a trivial implementation that always returns .usable doesn't cause the system to use my FSModule, even though I've enabled my extension in System Settings > General > Login Items & Extensions > File System Extensions. From looking at some of the open source msdos and Disk Arb code, it seems like my app extension needs to list FSMediaTypes to probe. I eventually tried putting this in my Info.plist of the app extension: <key>FSMediaTypes</key> <dict> <key>EBD0A0A2-B9E5-4433-87C0-68B6B72699C7</key> <dict> <key>FSMediaProperties</key> <dict> <key>Content Hint</key> <string>EBD0A0A2-B9E5-4433-87C0-68B6B72699C7</string> <key>Leaf</key> <true/> </dict> </dict> <key>0FC63DAF-8483-4772-8E79-3D69D8477DE4</key> <dict> <key>FSMediaProperties</key> <dict> <key>Content Hint</key> <string>0FC63DAF-8483-4772-8E79-3D69D8477DE4</string> <key>Leaf</key> <true/> </dict> </dict> <key>Whole</key> <dict> <key>FSMediaProperties</key> <dict> <key>Leaf</key> <true/> <key>Whole</key> <true/> </dict> </dict> <key>ext4</key> <dict> <key>FSMediaProperties</key> <dict> <key>Content Hint</key> <string>ext4</string> <key>Leaf</key> <true/> </dict> </dict> </dict> </plist> (For reference, the partition represented by disk20s3 has a Content Hint of 0FC63DAF-8483-4772-8E79-3D69D8477DE4 and Leaf is True which I verified using IORegistryExplorer.app from the Xcode additional tools.) Looking in Console it does appear now that the system is trying to use my module (ExtendFS_fskit) to probe when I plug in my USB drive, but I never see a process for my extension actually launch when trying to attach to it from Xcode by name (unlike when I use mount(8), where I can do this). However I do see a Can't find the extension for <private> error which I'm not sure is related but does sound like the system can't find the extension for some reason. The below messages are when filtering for "FSKit": default 19:14:53.455826-0400 diskarbitrationd probed disk, id = /dev/disk20s3, with ExtendFS_fskit, ongoing. default 19:14:53.456038-0400 fskitd Incomming connection, entitled 1 default 19:14:53.456064-0400 fskitd [0x7d4172e40] activating connection: mach=false listener=false peer=true name=com.apple.filesystems.fskitd.peer[350].0x7d4172e40 default 19:14:53.456123-0400 fskitd Hello FSClient! entitlement yes default 19:14:53.455902-0400 diskarbitrationd [0x7461d8dc0] activating connection: mach=true listener=false peer=false name=com.apple.filesystems.fskitd default 19:14:53.456151-0400 diskarbitrationd Setting remote protocol to all XPC default 19:14:53.456398-0400 fskitd About to get current agent for 501 default 19:14:53.457185-0400 diskarbitrationd probed disk, id = /dev/disk20s3, with ExtendFS_fskit, failure. error 19:14:53.456963-0400 fskitd -[fskitdXPCServer applyResource:targetBundle:instanceID:initiatorAuditToken:authorizingAuditToken:isProbe:usingBlock:]: Can't find the extension for <private> (I only see these messages after plugging my USB drive in. When running diskutil mount, I see no messages in the console when filtering by FSKit, diskarbitrationd, or ExtendFS afterward. It just fails.) Is there a step I'm missing to get this to work, or would this be an FSKit bug/current limitation?

Do I need this permission to test out development on my local phone? I believe I do since I cannot get the monitor extension to embed AND sign, making it so i cannot test this feature. As in the class will not instantiate and trigger after specific time has happened

Our UI-less share extension (com.apple.services) appears in Safari and Chrome. We raise a popup "Open in (app)..." via the Action.js script document.location.href = urlScheme://... in Safari. However, in Chrome, while our extension executes, parses the URL item attachment from Chrome, it never triggers that popup or opens our app. How can a UI-less share extension open our app from Chrome? Is the accepted practice, despite guidelines, turning the com.apple.ui-services view controller invisible and auto-openURLing? Several apps on the store appear to do this, immediately popping their app without any confirmation dialog or UI in both Safari and Chrome. https://stackoverflow.com/a/79369242