I'm not sure what is special about Gmail of if this is an issue on other sites as well, but my declarativeNetRequest rules are totally ignored in a Safari Extension that runs on Gmail. I make an web extension that blocks email trackers (1x1 pixel images embedded in emails to track if and when you open email sent to you). All images in Gmail are loaded through Google's proxy: googleusercontent.com/proxy/#originalURL But no matter what I do, I can't block a single image that is loaded in an email. To try and prove it is a bug in Safari, I created a new template web extension in Xcode. I block all resourceTypes (images and other should be all that is needed) and added two rules: Block all images loaded through Google's proxy server (this should block all embedded images in all emails) Block any image with copper in the URL (just in case the blocking doesn't apply to the proxy root url for some reason). {   "id": 1,   "priority": 1,   "action": { "type": "block" },   "isUrlFilterCaseSensitive": false,   "condition": {    "regexFilter": "googleusercontent.com/proxy",    "resourceTypes": [     "image",     "media",     "main_frame",     "sub_frame",     "stylesheet",     "script",     "font",     "xmlhttprequest",     "ping",     "websocket",     "other"    ]   }  },  {   "id": 2,   "priority": 1,   "action": { "type": "block" },   "isUrlFilterCaseSensitive": false,   "condition": {    "regexFilter": "copper",    "resourceTypes": [     "image",     "media",     "main_frame",     "sub_frame",     "stylesheet",     "script",     "font",     "xmlhttprequest",     "ping",     "websocket",     "other"    ]   }  } ] = = = = = = Even though I know this isn't needed, I also added the requester domain (mail.google.com) and the proxy domain (googleusercontent.com) to the permissions list in the manifest file: ... "declarative_net_request": {    "rule_resources": [{      "id": "ruleset_1",      "enabled": true,      "path": "rules.json"     }]   },  "permissions": [    "declarativeNetRequest",    "*://mail.google.com/*",   "*://*.googleusercontent.com/proxy/*" ] = = = = = = If I open an email from copper, the image still loads in Gmail: = = = = = = If I right click and select "Open Image in New Tab", the image will not load and I am told it was blocked = = = = = = If I open a test page that has two images in it, one the image from the email, the image is blocked and the other image is not (as expected, the second image is from wikipedia and should not be blocked) = = = = = = Running the same extension in Chrome DOES block the image in Gmail (and in all the other cases too) = = = = = = Sidenotes: This is a reposting of this post which was locked when the wwdc21-10131 tag was applied to the post which disabled my ability to reply, comment, or update the post. Please do NOT apply tags that lock the post. As requested on the original post by @bweinstein, I filed a bug report on Feedback assistant under FB 10544296 last year and haven't gotten any replies on it. I verified before reposting this (on Mar 1, 2023) that the bug still exists.

Hi, I've run into an issue when using runtime ports to communicate between the popup and the background of an extension. Specifically, there seems to be an inconsistency between Chrome and Safari as to when the disconnect event on a port is fired. My expectation is that a disconnect event is fired when the extension popup is closed, but this does not seem to be the case in the Safari browser. The only way I can see this event being fired is to call the port.disconnect() event manually. Is it possible to ensure the disconnect event is called when the popup is closed by any means?  https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/runtime/Port port.onDisconnect.addListener(function() { console.log("Extension disconnected"); }); I've also opened a case via the feedback assistant.

I'm porting a Chrome extension to Safari. The Chrome extension's manifest version is 3 and must stay 3. I've encountered an error around webRequest API where Safari allows this API only on persistent background pages which available only on manifest v2. So, my questions are: Is it possible to use webRequest API on manifest v3 Safari extension? If no, is there any alternative API to listen to requests? Is it something that going to be supported soon? It feels really strange that his basic API is not supported by Safari while the rest of browsers supports this.

The Safari 16.4.* release docs appear to suggest that Safari now supports registerContentScripts. However, though it no longer throws a method not found error, the actual function doesn't appear to do anything in any of my tests, in either 16.4.0 or now 16.4.1. https://github.com/GoogleChrome/chrome-extensions-samples/scripting Has an example that shows an alert when a script is registered using registerContentScripts. If you run xcrun safari-web-extension-converter scripting/ On the directory it successfully creates a Safari extension project that works for everything except the registerContentScripts call (after adding icons!). It just silently does nothing, with no log or error, whereas everything else works the same as in Chrome. Is anything available on the web anywhere that someone has seen actually working in a real browser? If not I will try and submit a bug report but if I'm just holding it wrong...

Hi all, I want to be able to query Google with the additional parameter '&lr=-lang_en' (what it does - prevents results in English from being shown). The full url is looking as follows: https://www.google.com/search?q=query&lr=-lang_en In Safari version 16.4, and I think a few earlier versions too, Safari overrides query parameters and drops 'lr' completely. The URI Safari ends up fetching is: https://www.google.com/search?client=safari&rls=en&q=query&ie=UTF-8&oe=UTF-8 I've tried entering the URI manually in the address bar and using the declarativeNetRequest API from my custom extension with no success. Is there a way to make Safari 16.4 to request Google Search the way I want? declarativeNetRequest rule I've used so far that also gets overriden: await browser.declarativeNetRequest.updateDynamicRules({ addRules: [ { id: 1, priority: 1, action: { type: 'redirect', redirect: { transform: { queryTransform: { addOrReplaceParams: [{ key: 'lr', value: '-lang_en' }], }, }, }, }, condition: { regexFilter: '^https://www.google.com/.*', resourceTypes: ['main_frame'], }, }, ], removeRuleIds: [1], });

I have signed Safari app using product-> archive with automatic sign option using developer ID and notarised to distribute out side of App Store. Finally , I have observed that Safari is showing extension only in develop mode by selecting allowing unsigned apps option. why safari treating properly signed as unsigned ? Is my understanding correct?

It looks like currently Safari doesn't work with or support initiatorDomains in the RuleCondition for a Declarative Network Request Rule. Is there a plan to support this functionality? https://developer.apple.com/documentation/safariservices/safari_web_extensions/blocking_content_with_your_safari_web_extension for reference.

We have a Mac Catalyst app that is installed and works with a custom Safari extension. The Safari is working as expected and is able to pass messages (using sendNativeMessage) to the Mac Catalyst app as expected. Now we want to port the extension to Chrome and other browsers on the desktop and retain the ability to pass messages back and forth. My questions: Is it possible ? Can we pass messages form the Chrome extension and the Mac Catalyst app? How do we distribute/install the Chrome extension? Can we have the extension running in parallel across multiple browsers and still communicate the Mac Catalyst app ?

When you have a blank Safari new tab open, the browser.tabs.query API inaccurately includes those tabs in results that include a url or title in the query options. To reproduce, open several tabs, and a blank new tab. Open the background page devtools, and execute the following command: browser.tabs.query({url: 'https://github.com/'}, console.log) In addition to any potentially valid results (if you have github.com open, for example), there will also be an entry for the blank tab, which has an empty, non-matching URL. Tab { active: true, audible: false, height: 1095, highlighted: true, id: 6, incognito: false, index: 3, isArticle: false, isInReaderMode: false, mutedInfo: {muted: false}, pendingUrl: "", pinned: false, status: "complete", title: "", url: "", width: 1792, windowId: 1 } I hope that this bug can be addressed, as it causes some unexpected behavior.

Hi Everyone, I'm new to develop safari extension and faced with the issue that I can't inject script to the web page by my extension. This is how I trying to do this: function injectScript(filePath, tag) { let script = document.createElement('script'); script.setAttribute('type', 'text/javascript'); script.setAttribute('src', filePath); document.body.insertBefore(script, document.body.firstChild); } injectScript(browser.runtime.getURL('inject-script.js'), 'body'); Info.plist Script is present in source But can't be dowloaded Please advise me what should I do! Thanks

Safari extension MV3, MacBook Pro with Ventura 13.3.1, Safari 16.4 and Xcode 14.3 Although the “webkit features in Safari 16.4” claims to support requestDomains condition, any attempt to load a ruleset containing that condition fails. The extension’s manifest declares the permissions and the ruleset to use: "permissions": [ "declarativeNetRequestWithHostAccess", "declarativeNetRequestFeedback" ], "declarative_net_request": { "rule_resources": [ { "id": "ADS", "enabled": false, "path": "rules/adstest.json" } ] } This is the ruleset used for tests: [ { "id": 1, "priority": 1, "action": { "type": "block" }, "condition": { "requestDomains": ["testpages.kzar.co.uk"] } } ] The ruleset is enabled by the service worker with this function: function EnableDNRRules() { return new Promise( (resolve, reject) => { browser.declarativeNetRequest.updateEnabledRulesets( { enableRulesetIds: [ 'ADS' ] }, () => { console.log("LAST ERROR",browser.runtime.lastError) resolve(true); console.log("dNR rules enabled"); }); }); } The result in last error is: “Failed to apply rules” and rule is not used at all. If I enable the ruleset directly in manifest, and not using the function to load the ruleset, the rule is simply not applied (so not loaded at all). In Chrome and Firefox the same code/ruleset works fine, but not in Safari 16.4, although the docs say it works. Using different condition (e.g. urlFilter) works fine in Safari too. The expected behavior is to have requestDomains working too, as per 16.4 documentation.

Hi Team, We have Flight Check-in functionality on our app that helps the end users to perform Mobile Check-in and to select the seats on the flight. This Checkin page is a Refx page created by Amadeus and we are loading the weblink on the WKWebview to show to the users. In order to select the seat on the seatmap, the webview has to show the seatmap on the app. But, unfortunately the app's webview is failing to load the seatmap component that is created by Amadeus(third party) on the webview. But the seatmap is loading perfectly on iPhone's Safari browser, Macbook Safari browser and Android app as well. We tried to load the Check-in flow via SFSafariViewController and the seatmap renders correctly. We want to know why the page is not loading on the WKWebview. We need your technical help related to this issue. STEPS TO REPRODUCE This is an upcoming feature on the app and is not available on the LIVE app. We are facing this issue on the developer version. We would request your connect to debug/trace the issue

I have found two Safari Extension issues that reproduce on iPad 6th generation and not on iPad 8th generation. Have any of these events been reported? 1. content_scripts is not executed immediately after Safari is launched After closing Safari, the content_scripts that the Safari Extension is supposed to execute in the Safari tab immediately after startup are not working. In our app, we are using background's webNavigation.onDOMContentLoaded to run as content_scripts. We are reproducing this issue about 50% of the time. 2. 2. sendNativeMessage response is not returned The following code sends a message from the Safari Extension to the application, but sometimes neither response nor error is output. browser.runtime.sendNativeMessage('application.id, {}) .then((response) => { console.log(response) }) .catch((error) => { console.error(error) }) This problem reproduces about 5~10% of the time.

I am pretty new to the safari extension development. Currently we have an app which is free lite version. Is it allowed to release the same extesion with extra options. Where the extra options are for the pro version of the extension.

Hi We have a working chrome extension(using manifest version 3) with content security policy having frame-src: <remote_urls> "content_security_policy": { "extension_pages": "script-src 'self'; child-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://abc.com https://xyz.com" } We converted the extension using a utility (safari-web-extension-converter) to make it work in Safari and faced the following error while testing- Refused to load: https://abc.com/h.html because it does not appear in the frame-src directive of the Content Security Policy. Environment Details macOS - 13.4 Safari - Version 16.5 (18615.2.9.11.4) Xcode - Version 14.3 (14E222b) Can you help us with the correct way to define the frame src directive of the content security policy in the extension?

Hi. For my Safari Web Extension, using getMatchedRules() from declarativeNetRequest does not seem to work. I've declared the permission for declarativeNetRequestFeedback in my manifest.json file and tried the activeTab permission too. getMatchedRules() was added in a previous Safari release and was adjusted in Safari 16.4. I'm using Safari 16.5. It only returns an empty array when it's called. I know the rules are there and they're being applied from the static rules json, it's just that getMatchedRules() is not showing them for some reason. I'm using: const rules = await browser.declarativeNetRequest.getMatchedRules(); But it only ever returns: {rulesMatchedInfo: []} Can anyone tell me what I'm doing wrong please? The same code works fine in Chromium based browsers. Thank you.

Some users send me error logs which says that the IndexedDB is broken (all DB operations throws TypeError: Load failed). And reinstalling doesn't help. It seems that uninstalling extension doesn't delete all data so the corrupted database is still there. How can I find and delete the extension files manually after it's been uninstalled?

In the Release Notes of Safari 17 Beta it is mentioned that it is already available for certain macOS versions. Where do I find the link to macOS Ventura? https://developer.apple.com/documentation/safari-release-notes/safari-17-release-notes

I want to set a minimum Safari version of 17 for my upcoming Mac App Store Safari extension, while still supporting Monterey and Ventura. Is that possible?