After upgrading to Safari version 18, we encountered an issue with my extension’s background script not being able to access cookies. Previously, in Safari versions 17 and below, the extension worked as expected. Now, when the extension tries to retrieve cookies using browser.cookies.getAll(), it returns an empty list. However, if we open the extension’s developer tools, the cookies are visible and accessible. It seems that Safari only provides cookie data after the developer tools have been opened. However, after relaunching Safari and launching the extension without opening the developer tools, browser.cookies.getAll() still returns an empty list. Has anyone else experienced this? STEPS TO REPRODUCE Download this minimal app : https://www.icloud.com/iclouddrive/0bajlhnuQaG6T5NsFKXEB0U9Q#test%5Fcookies Compile test_mv2 extension (in test_cookies.getAll.zip). Launch test_mv2.app and activate extension. Click on the extension's button (browserAction). Open the developer tools. Observe an empty list of cookies. Click on the extension's button (browserAction). Cookies are retrieved as expected.

Hi, when creating a CryptoTokenKit extension according to https://developer.apple.com/documentation/cryptotokenkit/authenticating-users-with-a-cryptographic-token, it is neccessary to register it under the securityagent in order to make the CTK usable before login. i.e. we want to run sudo -u _securityagent /Applications/HostApp.app/Contents/MacOS/HostApp However, even with the empty application the command fails with illegal hardware instruction sudo -u _securityagent /Applications/HostApp.app/Contents/MacOS/HostApp I see that it always crashes when the HostApp is sandboxed, but it does not work even without sandboxing (i am sharing the error report message below). i actually noticed that when the HostApp is sandboxed and I run the above command, the extension starts to be usable even before login, even though i see the HostApp crash. The same does not happen without the sandbox So I am curious how to in fact properly register the CTK extension under security agent? Also am not sure how to unregister it from the _securityagent thank you for your help Version: 1.0 (1) Code Type: X86-64 (Native) Parent Process: Exited process [9395] Responsible: Terminal [399] User ID: 92 Date/Time: 2025-03-21 18:54:03.0684 +0100 OS Version: macOS 15.3.2 (24D81) Report Version: 12 Bridge OS Version: 9.3 (22P3060) Anonymous UUID: 41F9918C-5BCA-01C7-59C2-3E8CFC3F8653 Sleep/Wake UUID: 8AB66C75-3C32-41D4-9BD4-887B0FB468FE Time Awake Since Boot: 4300 seconds Time Since Wake: 1369 seconds System Integrity Protection: enabled Crashed Thread: 0 Dispatch queue: WMClientWindowManager Exception Type: EXC_BAD_INSTRUCTION (SIGILL) Exception Codes: 0x0000000000000001, 0x0000000000000000 Termination Reason: Namespace SIGNAL, Code 4 Illegal instruction: 4 Terminating Process: exc handler [9396] Application Specific Signatures: API Misuse Thread 0 Crashed:: Dispatch queue: WMClientWindowManager 0 libxpc.dylib 0x7ff80667b2bd _xpc_api_misuse + 113 1 libxpc.dylib 0x7ff80665f0e4 xpc_connection_set_target_uid + 187 2 WindowManagement 0x7ffd0b946693 -[WMClientWindowManager _createXPCConnection] + 1011 3 WindowManagement 0x7ffd0b947361 -[WMClientWindowManager _xpcConnection] + 65 4 WindowManagement 0x7ffd0b9447c9 __31-[WMClientWindowManager stages]_block_invoke + 41 5 libdispatch.dylib 0x7ff8067af7e2 _dispatch_client_callout + 8 6 libdispatch.dylib 0x7ff8067bca2c _dispatch_lane_barrier_sync_invoke_and_complete + 60 7 WindowManagement 0x7ffd0b9446fc -[WMClientWindowManager stages] + 268 8 AppKit 0x7ff80b1fd0b7 __54-[NSWMWindowCoordinator initializeStageFramesIfNeeded]_block_invoke + 30 9 libdispatch.dylib 0x7ff8067af7e2 _dispatch_client_callout + 8 10 libdispatch.dylib 0x7ff8067b0aa2 _dispatch_once_callout + 20 11 AppKit 0x7ff80b1fd060 -[NSWMWindowCoordinator initializeStageFramesIfNeeded] + 296 12 AppKit 0x7ff80a3b3701 -[NSWindow _commonInitFrame:styleMask:backing:defer:] + 888 13 AppKit 0x7ff80a3b2f77 -[NSWindow _initContent:styleMask:backing:defer:contentView:] + 1222 14 AppKit 0x7ff80a3b2aa9 -[NSWindow initWithContentRect:styleMask:backing:defer:] + 42 15 SwiftUI 0x7ff917f321e0 0x7ff91776f000 + 8139232 16 SwiftUI 0x7ff917a8e2f2 0x7ff91776f000 + 3273458 17 SwiftUI 0x7ff917bccfba 0x7ff91776f000 + 4579258 18 SwiftUI 0x7ff917f2ca8e 0x7ff91776f000 + 8116878 19 SwiftUI 0x7ff917f24a65 0x7ff91776f000 + 8084069 20 SwiftUI 0x7ff917f21540 0x7ff91776f000 + 8070464 21 SwiftUI 0x7ff91849e9f1 0x7ff91776f000 + 13826545 22 SwiftUICore 0x7ffb13103ea5 0x7ffb12c81000 + 4730533 23 SwiftUICore 0x7ffb13102e0f 0x7ffb12c81000 + 4726287 24 SwiftUI 0x7ff91849e903 0x7ff91776f000 + 13826307 25 SwiftUI 0x7ff91849bc1c 0x7ff91776f000 + 13814812 26 AppKit 0x7ff80a54f191 -[NSApplication _doOpenUntitled] + 422 27 AppKit 0x7ff80a4efc59 __58-[NSApplication(NSAppleEventHandling) _handleAEOpenEvent:]_block_invoke + 237 28 AppKit 0x7ff80a963818 __102-[NSApplication _reopenWindowsAsNecessaryIncludingRestorableState:withFullFidelity:completionHandler:]_block_invoke + 101 29 AppKit 0x7ff80a4ef6fa __97-[NSDocumentController(NSInternal) _autoreopenDocumentsIgnoringExpendable:withCompletionHandler:]_block_invoke_3 + 148 30 AppKit 0x7ff80a4eee8f -[NSDocumentController(NSInternal) _autoreopenDocumentsIgnoringExpendable:withCompletionHandler:] + 635 31 AppKit 0x7ff80a96373d -[NSApplication _reopenWindowsAsNecessaryIncludingRestorableState:withFullFidelity:completionHandler:] + 269 32 AppKit 0x7ff80a3a6259 -[NSApplication(NSAppleEventHandling) _handleAEOpenEvent:] + 529 33 AppKit 0x7ff80a3a5eb9 -[NSApplication(NSAppleEventHandling) _handleCoreEvent:withReplyEvent:] + 679 34 Foundation 0x7ff807a4b471 -[NSAppleEventManager dispatchRawAppleEvent:withRawReply:handlerRefCon:] + 307 35 Foundation 0x7ff807a4b285 _NSAppleEventManagerGenericHandler + 80 36 AE 0x7ff80e0e4e95 0x7ff80e0da000 + 44693 37 AE 0x7ff80e0e4723 0x7ff80e0da000 + 42787 38 AE 0x7ff80e0de028 aeProcessAppleEvent + 409 39 HIToolbox 0x7ff81217b836 AEProcessAppleEvent + 55 40 AppKit 0x7ff80a39ee6a _DPSNextEvent + 1725 41 AppKit 0x7ff80adf38b8 -[NSApplication(NSEventRouting) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1290 42 AppKit 0x7ff80a38faa9 -[NSApplication run] + 610 43 AppKit 0x7ff80a362d34 NSApplicationMain + 823 44 SwiftUI 0x7ff9177a7da1 0x7ff91776f000 + 232865 45 SwiftUI 0x7ff917af0d40 0x7ff91776f000 + 3677504 46 SwiftUI 0x7ff917d8fef8 0x7ff91776f000 + 6426360 47 Crescendo CryptoTokenKit 0x10b1baf6e static HostApp.$main() + 30 48 Crescendo CryptoTokenKit 0x10b1bd2f9 main + 9 (HostApp.swift:24) 49 dyld 0x7ff8065c82cd start + 1805

Hello, We are trying to implement Actionable Notifications on iOS via Remote Notifications. According to Apple’s official documentation (Declaring Your Actionable Notification Types), it is recommended to register notification categories at launch time. However, in our use case, the number of buttons and their actions in the Actionable Notification are determined at the time of the Remote Notification request. This means that we cannot predefine the categories at app launch but need to dynamically configure them based on the payload of the Remote Notification. Our Approach We are considering setting aps.mutable-content = 1 and using Notification Service Extension to modify the categoryIdentifier dynamically. Below is the JSON payload we plan to use for Remote Notifications: { "aps": { "alert": { "title": "New Message Received!", "body": "Check out the details." }, "category": "DYNAMIC_CATEGORY", "mutable-content": 1 }, "categoryData": { "id": "DYNAMIC_CATEGORY", "actions": [ { "id": "REPLY_ACTION", "title": "Reply", "options": ["foreground"] }, { "id": "DELETE_ACTION", "title": "Delete", "options": ["destructive"] } ] } } Questions: Can we dynamically configure Actionable Notifications based on the Remote Notification payload? If we set categoryIdentifier in Notification Service Extension’s didReceive(_:withContentHandler:), will users still see the correct action buttons even if the app is terminated? What is the recommended approach to dynamically configure Actionable Notifications at the time of receiving the Remote Notification, rather than at app launch?

Hi, I have few questions regarding the widgets. I would like to know whether widget and app extensions are same ? This link(https://developer.apple.com/app-extensions/) says widget is type of app extension but I am not quite sure as few link in web says they are different. so need to confirm here :) Can a widget share same bundle id as the main app ? so basically can we use the same provisioning profile as the main app? If we use the same bundle id and provisioning profile, will there be any issue during the app store submission process.?

Ref: https://developer.apple.com/documentation/bundleresources/entitlements/com.apple.developer.usernotifications.filtering?language=objc Currently, it seems impossible to enable this entitlement for local development and testing without first going through Apple’s approval process. I would like to be able to test how it works on a side project without having to submit the form which seems designed for real app. There is any trick I can use?

Hello, our app is non-sandboxed app, but we do want to support widget extension and safari extension. Those extensions require sandboxing. Is it possible to do this without sandboxing our app? Thank you!

https://developer.apple.com/documentation/xcodekit/creating_a_source_editor_extension I created new MacOS project and added a Xcode Source Editor Extension target to the project. I run the extension in debug mode with extension target, but the extension is not show up in Editor menu debug mode Xcode. Xcode version is 15.3(released) MacOS version is 14.4.1 Sonoma

Hi, I am developing the Click & Read web add-on for Chromium, Firefox and Safari. We use xcrun safari-web-extension-converter tool to generate the Safari add-on, with up-to-date MacBook MacOS, Xcode et Safari : Sequoia 15.3.2, Safari Version 18.3.1 (20620.2.4.11.6), XCode Version 16.0 (16A242d). We have updated our addon to Manifest v3, having the Background script as Server Worker "background": { "service_worker": "background.js", "type": "module" } self.addEventListener("activate", (event) => { console.info("Service Worker activated", event); event.waitUntil( self.registration.pushManager .subscribe({ userVisibleOnly: true, applicationServerKey: urlBase64ToUint8Array( process.env.VAPID_PUBLIC_KEY ), }) .then(async (subscription) => { console.info("[Service Worker] Extension is subscribed to push"); const { subscription: savedSubscription } = await getLocalStorageKeyData("subscription"); if (savedSubscription) fetchApi({ url: `${API_SERVER_URL}/subscription/remove/${savedSubscription.keys.auth}`, }); // Remove previous subscription from server on addon activate currentBrowser.storage.local.set({ subscription: subscription.toJSON(), }); // Save subscription in local storage currentBrowser.runtime.setUninstallURL( `${API_SERVER_URL}/subscription/remove/${ subscription.toJSON().keys.auth }` ); // Set uninstall URL to remove notification subscription on addon uninstall fetchApi({ url: `${API_SERVER_URL}/subscription`, reqInit: { body: JSON.stringify(subscription.toJSON()), method: "POST", headers: { "Content-Type": "application/json", }, }, }); }) .catch((error) => { console.error("Push subscribe error: ", error); }) // Subscribe to push notifications ); }); When trying to subscribe the addon instance to our Push server, we get this error : Push subscribe error: NotAllowedError: User denied push permission Our NodeJS backend is using the web-push librabry : https://github.com/web-push-libs/web-push) to save subscriptions and make notifications push. By looking for same errors on forums, the best hint I found is that it could be related to the testing is done on localhost (addon is built from XCode onto Safari, and Push server is running on localhost). Thanks for your help !

Hi, Our app has a section where, we show to users how to activate "Silence Unknown Callers", because is a crucial feature for our app. But, we saw that 30% of users drop the process here, because we can't open directly that setting option in phone app. We are using this url scheme to open phone settings in iOS 18: if let url = URL(string: "App-prefs:com.apple.mobilephone") { UIApplication.shared.open(url) } But, we don't see other way to open directly the path "silence", like in iOS 17, with this url scheme: prefs:root=Phone&path=SILENCE_CALLS So, do you know if is possible open that option directly? We want to improve our accessibility. Thank you!

I'm developing a single target watchOS app that obtains HealthKit information. I have the "Background Delivery" option checked under "Signing & Capabilities" for the watch target. The app does HKObserverQueries in the foreground that work as I would expect. But when I click the Digital Crown to return to clock face, the HKObserverQuery activity stops. I'm using Xcode 15.4, on Mac 14.5 and a Apple Watch Series 4 running 10.5.

I'm reaching out to see if anyone else is experiencing issues with the Live Caller ID feature on iOS. We recently encountered a problem where the feature stopped working entirely. Here's a brief overview of the situation: We were monitoring test traffic on our backend and noticed everything came to a halt around 1:00 AM UTC on November 15th. After this time, any attempts to reach our backend through calls failed completely. I tested this across multiple devices running iOS 18.2 and iOS 18.0. I used both TestFlight builds and development builds via Xcode, which should communicate directly with our backend. I experienced the problem on our main application as well as a dedicated test app. To troubleshoot further, I even set up a local server on localhost and tried directing requests there, but the requests did not reach the local server when a call was received. Further debugging in Console.app revealed the following error: identity request returned error: Error Domain=com.apple.CipherML Code=400 "Error Domain=com.apple.CipherML Code=401 "Unable to request data by keywords batch: failed to fetch token issuer directory" However, when I manually tried to hit our server endpoint using curl, the request successfully reached the server: curl https://our_server/something hb_method=GET hb_uri=/something [Hummingbird] Request -- log on backend This suggests that while our backend is responsive, the requests from the iOS client side are simply not being initiated.

Hello! We're currently testing Live Caller ID implementation and noticed an issue with userIdentifier values in our database. Initially, we expected to have approximately 100 records (one per user), but the database grew to about 10,000 evaluationKey entries. Upon investigation, we discovered that the userIdentifier (extracted from "User-Identifier" header) for the same device remains constant throughout a day but changes after a few days. We store these evaluation keys using a composite key pattern "userIdentifier/configHash". All these entries have the same configHash but different userIdentifier values. This behavior leads to unnecessary database growth as new entries are created for the same users with different userIdentifier values. Could you please clarify: Is this the expected behavior for userIdentifier to change over time? If yes, is there a specific TTL (time-to-live) for userIdentifier? If this is not intended, could this be a potential iOS bug? This information would help us optimize our database storage and implement proper cleanup procedures. Thank you for your assistance!

When our content filter is deployed, some customers report issues which show that the content filter activation was performed but the filter is showing the state [activated waiting for user]. This typically happens if the customer isn't deploying a profile to pre-authorise the system extension. The customers report that there was no popup shown for them to allow the filter to complete activation. Once the filter is in this state, there doesn't seem to be a way to clear it without resorting to disabling SIP. Attempting a deactivation does not work, the filter remains in the same state. Is there a way we can we resolve this "stuck" state when it happens without disabling SIP?

I’m encountering an issue with a Safari extension bundled with our main application (F-Secure). The extension is not appearing consistently in Safari settings on a customer’s iPad running iOS 18.3. Below are the details of the issue: Issue Description The Safari extension is bundled with the main app (F-Secure). After installing the app, the extension should automatically appear in Settings > Safari > Extensions, where the user can enable it. On the customer’s iPad, the extension is missing from the Safari settings. It briefly appeared once but then disappeared again.

Consider this simple miniature of my iOS Share Extension: import SwiftUI import Photos class ShareViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() if let itemProviders = (extensionContext?.inputItems.first as? NSExtensionItem)?.attachments { let hostingView = UIHostingController(rootView: ShareView(extensionContext: extensionContext, itemProviders: itemProviders)) hostingView.view.frame = view.frame view.addSubview(hostingView.view) } } } struct ShareView: View { var extensionContext: NSExtensionContext? var itemProviders: [NSItemProvider] var body: some View { VStack{} .task{ await extractItems() } } func extractItems() async { guard let itemProvider = itemProviders.first else { return } guard itemProvider.hasItemConformingToTypeIdentifier(UTType.url.identifier) else { return } do { guard let url = try await itemProvider.loadItem(forTypeIdentifier: UTType.url.identifier) as? URL else { return } try await downloadAndSaveMedia(reelURL: url.absoluteString) extensionContext?.completeRequest(returningItems: []) } catch {} } } On the line 34 guard let url = try await itemProvider.loadItem ... I get these warnings: Passing argument of non-sendable type '[AnyHashable : Any]?' outside of main actor-isolated context may introduce data races; this is an error in the Swift 6 language mode 1.1. Generic enum 'Optional' does not conform to the 'Sendable' protocol (Swift.Optional) Passing argument of non-sendable type 'NSItemProvider' outside of main actor-isolated context may introduce data races; this is an error in the Swift 6 language mode 2.2. Class 'NSItemProvider' does not conform to the 'Sendable' protocol (Foundation.NSItemProvider) How to fix them in Xcode 16? Please provide a solution which works, and not the one which might (meaning you run the same code in Xcode, add your solution and see no warnings). I tried Decorating everything with @MainActors Using @MainActor in the .task @preconcurrency import Decorating everything with @preconcurrency Playing around with nonisolated

I’m encountering an issue while reading/writing shared preferences using UserDefaults with an App Group in my iOS Message Extension. The following error appears in the console: `Couldn't read values in CFPrefsPlistSource<0x3034e7f80> (Domain: [MyAppGroup], User: kCFPreferencesAnyUser, ByHost: Yes, Container: (null), Contents Need Refresh: Yes): Using kCFPreferencesAnyUser with a container is only allowed for System Containers, detaching from cfprefsd. I have correctly enabled the App Group in both my containing app and the Message Extension, and I am using UserDefaults(suiteName:) to access shared preferences. However, I keep getting this error when trying to read/write values. Has anyone encountered this before? How can I properly configure my app group preferences to avoid this issue? Any help would be greatly appreciated!

I have a share extension in my app, that shall allow users to send CSV files, custom app files, and selected text to my app via the share sheet for importing that data. So, the share extension should activate when the user has selected either: CSV or plain text files Custom UTI app files Text selected in other apps The supported file types have been defined in as a predicate query according to the example in the docs This works all fine on iOS, and the file sharing also works on the Mac. However, on macOS, my app is not shown as a target in the share sheet when the user selects text in other apps and tries to share that text via the context menu. Does macOS need a different configuration to enable a share extension for selected text? This is how my Info.plist of the Mac share extension looks like: ... <plist version="1.0"> <dict> <key>NSExtension</key> <dict> <key>NSExtensionAttributes</key> <dict> <key>NSExtensionActivationRule</key> <string>SUBQUERY ( extensionItems, $extensionItem, SUBQUERY ( $extensionItem.attachments, $attachment, ANY $attachment.registeredTypeIdentifiers UTI-CONFORMS-TO "public.plain-text" || ANY $attachment.registeredTypeIdentifiers UTI-CONFORMS-TO "com.myCompany.myApp.customFormat" || ANY $attachment.registeredTypeIdentifiers UTI-CONFORMS-TO "public.delimited-values-text" ).@count == $extensionItem.attachments.@count ).@count &gt;= 1</string> </dict> ... </dict> </plist> I know there is a NSExtensionActivationSupportsText but it seems this cannot be combined with a subquery rule. Is there a way to explicitly enable text activation within the subquery rule?

Hi Apple Developers, I am currently working on a message filtering application and facing issues specifically with filtering RCS (Rich Communication Services) messages. To debug this, I created a sample app that consistently categorizes all incoming messages as "junk." However, the filtering behaviour is inconsistent and not functioning as expected. Here are the key issues observed during testing on iOS versions 18.2.1 and 18.3: Inconsistent Filtering Behavior: When a message is received from an unknown number, it sometimes gets moved to the Junk folder momentarily but is then immediately moved back to the main Messages inbox. In some cases, the message does not get moved to the Junk folder at all, despite the app returning the verdict as "junk." Duplicate Contact Tiles: The Messages app displays two separate conversation tiles for the same mobile number, which is unexpected behavior. I have attached both a sample app and a screen recording that clearly demonstrates the issue. The recording shows that the app categorizes messages as junk, yet they still end up in the main Messages inbox. For reference, my carrier partner is T-Mobile. Please let me know if you need any additional information to investigate this issue further. Looking forward to your insights and guidance. Best regards, Rijul Singhal

Hi. I'm a developer of Tab Finder (https://apps.apple.com/us/app/tab-finder/id6741719894) My problem is that every time i switch from my first window to a second window, the tabs in the validateToolbarItem() are INcorrect on a first call, but when I switch back from the second window to my main window, the tabs are CORRECT even on a first call. To demonstrate it, i recorded a video: https://youtu.be/RwskzrSJ8u0 To run the same sample extension from the video, you can get the code from this GitHub repo: https://github.com/kopyl/test-tabs-change Its only purpose is to log URLs of an active page of all tabs. The SafariExtensionHandler's code of the sample app is very simple: import SafariServices func printOpenTabsHost(in window: SFSafariWindow) async { let tabs = await window.allTabs() log("Logging tabs for a new window: \(window.hashValue)") for tab in tabs { let page = await tab.activePage() let properties = await page?.properties() let url = properties?.url log(url?.absoluteString ?? "No URL") } } class SafariExtensionViewController: SFSafariExtensionViewController { static let shared = SafariExtensionViewController() } class SafariExtensionHandler: SFSafariExtensionHandler { override func validateToolbarItem(in window: SFSafariWindow, validationHandler: @escaping ((Bool, String) -> Void)) { Task { await printOpenTabsHost(in: window) } validationHandler(true, "") } override func popoverViewController() -> SFSafariExtensionViewController { return SafariExtensionViewController.shared } } Could you please tell if i'm missing something and how to see the actual tabs inside the overridden validateToolbarItem call of the SafariExtensionHandler (or in any other way, I'm okay with any implementation as long as it works).

I'm working on a Password Manager app that integrates with the AutoFill Credential Provider to provide stored passwords and OTPs to the user within Safari and other apps. Password AutoFill works perfectly. I'm unable to get iOS to register that the app supports OTPs though. I've followed the Apple documentation here: https://developer.apple.com/documentation/authenticationservices/providing-one-time-passcodes-to-autofill and added "ProvidesOneTimeCodes" to the AutoFill extension's Info.plist, but iOS just doesn't seem to notice the OTP support. &lt;key&gt;ASCredentialProviderExtensionCapabilities&lt;/key&gt; &lt;dict&gt; &lt;key&gt;ProvidesOneTimeCodes&lt;/key&gt; &lt;true/&gt; &lt;key&gt;ProvidesPasswords&lt;/key&gt; &lt;true/&gt; &lt;/dict&gt; Any help would be greatly appreicated!