Can someone share how secure is the communication between iOS app and its safari mobile extension. Is it encrypted? Are there any references to best practices to follow?
If a user has opened multiple tabs and has multiple extensions can there be security issues during their communication like one extension able to read other extensions memory?
Safari
RSS for tagSafari is the web browser developed by Apple and built into all Apple devices.
Posts under Safari tag
200 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
I'd like to place a search bar of top of the main window of my visionOS app. It should look similar to Safari's search bar, and also show search results as the user types. How can this be accomplished?
Problem statement-
WKWebView cookies management. We need to clone the connection used by the WKWebView to the same end point, this connection utilize cookies for routing and missing even one the cookies will end up with a wrong route to be used. It appears that when retrieving the cookies from the WKWebView connection some cookies are missing. From some analysis seems that the missing cookies all have in common a value containing special characters. The question for Apple is if they are going to relax the constraint on cookies value to allow such cookies to be used.
Technical Description:-
We are using WKWebView. There are some cookies being set during server connection. We are retrieving all cookies using 'getAllCookies' method of WKWebview. Sometime its not giving correct set of cookies in case if there are any special characters in any cookie.
For example -
Cookie- ss2QKagAdkAV3My1pnKElaFDnQ6lxhgqNbD03IaRbX6WfDz2+P9dT6DdlK8G5WIH3svEATnehZSmWGQ3QFTnew==\n
It contains special character "+ = !".
The SFSafariViewController documentation mentions not to display content from websites when using the pageSheet and formSheet presentation styles for the In-App browser.
Is this a hard restriction that is enforced or more of a loose guideline? And if possible, providing the reasoning behind it would be great.
Thanks in advance.
Trying to test application using the WebXR features of Safari on Vision Pro. The colors of the objects in the scene when viewed in the normal Safari window look correct. Upon entering immersive mode all the colors are washed out. I've read reports of this issue elsewhere on the web with no cause or solution given. What could be causing this? The Vision Pro is running visionOS v1.0.3.
Safari Browser killing Long Running API requests after 60 seconds.
Do we have any way to increase a timeout limit?
Subject: Apple Developer Ticket: Issue with Web Page Loading Timeout after iOS 17.0 Update
Description:
I am writing to report an issue that arose after the recent iOS update to version 17.0. Since the update, users accessing our web page via Chrome and Safari browsers on iOS 17.0 and later are experiencing loading timeouts.
Problem Details:
Issue: Failed to load resource due to request timeout.
Affected Browsers: Chrome and Safari on iOS 17.0 and later.
Working Versions: The web page functions correctly on iOS versions 16.1 to 16.4.
Web Page Content: The web page includes JavaScript and Ajax calls.
Steps to Reproduce:
Access the web page using Chrome or Safari browser on iOS 17.0 or later.
Observe the loading timeout error.
Additional Information:
The issue seems to be related to a change in the way iOS 17.0 handles JavaScript and Ajax calls.
We have tested the web page on multiple devices running iOS 17.0 and encountered the same problem consistently.
No changes were made to the web page's codebase prior to the iOS update.
Expected Resolution:
We kindly request Apple's assistance in identifying and resolving the root cause of this issue. Our aim is to ensure compatibility with the latest iOS versions and provide a seamless user experience for our customers.
Thank you for your prompt attention to this matter. Please let us know if you require any further information or assistance from our end.
Hello,
I've encountered an issue with the scrollbar functionality on my webpage specifically when accessed through Safari. Despite its functionality on other browsers and devices, Safari on iOS 14 displays only the native scrollbar during scrolling, contrary to the desired behaviour of consistently showing the scrollbar.
&::-webkit-scrollbar {
height: 2px;
}
&::-webkit-scrollbar-track {
background-color: "white";
margin-left: 4px;
margin-right: 4px;
}
&::-webkit-scrollbar-thumb {
background: "orange";
}
}
Since going in the beta I have had problems uploading images to a WordPress site. This occurs with Safari and Chrome. There is no issue using my iPhone to upload to the same WordPress site and the support team at the hosting service have no issues uploading the same images I fail with using Windows systems. It is not consistent. The same file that has uploaded can later fail to upload after one or more files have failed to upload.
Very small images (5-20k) usually upload but larger than that and I start to get fails. When uploading to a different WP site I get uploads succeeding but the images are corrupt. But here aI also gett no issues using my iPhone uploading to the same site.
Scenario:
Apple decided to not support PWAs in Europe in IOS 17.4. My company has multiple Angular PWAs, all using IndexedDB and providing full offline-usage as main feature, that apparently won't work anymore.
The apps communicate with a server. We maintain two versions of that server, e.g. v1.1 and v1.2 - some customers don't want or can't upgrade to v1.2 just yet. Not all new features of an app will get implemented in v1.1, and eventually we won't push updates for it anymore. At some point, we'll have the same situation with e.g. v1.2 and v1.3.
My questions:
Do I understand correctly that offline-usage and IndexedDB features won't work anymore?
If I wrap the PWAs via Capacitor and upload them as Custom App via App Store Connect, in IOS 17.4...
Will the app, including routing, work offline?
Will the IndexedDb still be usable as permanent data storage?
Can I upload v1.1 and v1.2 as separate apps or will I have to create on app with in-app purchase options? If it's the latter, how do I push updates? Apparently, Apple Review can cause problems with separate apps that have similar functions...
Thank you for your time!
I need to remove the Safari Smart Banner from on top of the safari browser, for this , i have remove the meta tag from the head of the website
However, the banner still continue to show up on the Safari browser. Can you please tell me what are the steps to remove the banner from showing up on the Safari and what changes would be required ?
Firebase JS SDK require Notification check so we are added. But its not working in iOS and iPad.
Version: 17.3.1
Working MacOS Safari 17.3.1
Hello,
The iOS 17.4 update brings changes to the PWA experience for EU residents. I'm in NA and would like to test my PWA on my iPhone as if I'm an EU resident.
I found this article about changing an account's location. https://support.apple.com/en-euro/HT201389
Will that work, and if not, is this possible?
Thanks,
Ryan
We are using network proxy on macOS to divert network traffic. We found that when the proxy is configured with an exception list, if we exceed 685 number of characters in the exception list, then Safari is not accepting this exception list. In this case, Safari is connecting to all sites (including sites in the exception list) directly. Where as the same excption list is accepted by other browsers like Google Chrome, Firefox and MS Edge. We have not found any reference to the maximum size of this exception list for Safari browser.
1.Please share any documentation in this regard.
2. Also let us know if we can configure this maximum character limit using any suitable configuration.
I recently noticed that using Google Docs, Google Sheets, and any other Google-related sites on a Safari browser uses tons of RAM. It usually consumes around 4-5 GB of RAM.
Compare it to when I use Google Docs on Chrome; it only uses around 1-2 GB.
Why is this so? I want to use Safari alone for work, but it's so slow. Do you have any tips on this?
Getting this error on some safari devices on few it is working.
{"logs":["Unable to generate ICNS file for push notification package"]}
https://monayqa.washgas.com/portal/auth/payment/2814a6ac-e9ef-4e54-86c3-a9e811cb46d2
I have noticed that Safari on macOS does not update the SDR/HDR information about the display on which it is displayed if you refresh the page.
Specifically if I use this query and set my MacBook Pro monitor to XDR the result will be "HDR true", but if I then set the monitor to a non-HDR mode like "Photography P3" and refresh the page the result is still the same. The only way is to close the tab, open a new one and launch the query again. This behaviour does not happen with chrome for example, a simple page refresh is enough.
The problem in common use can be found on YouTube with an HDR video. If the YouTube player page is already loaded and you change the monitor settings (from SDR to HDR or vice versa), you are forced to close and open a new browser window to have the player loaded with the correct video format.
You can check this behavior directly on the site I developed for the HDR test wide-gamut.com
It would definitely be more efficient if this information was updated simply by reloading the page.
In Safari 17's private mode, an inconsistent behaviour has been observed where GET query parameters are stripped from window.location after following user's click on any link with GET query parameters. The issue is reproducible for any link with GET query parameters.
This issue varies; in some cases, the parameters remain visible in the URL, while in others, they are removed. (The window.location is always stripped of the query parameters).
This behaviour impacts both iOS and MacOS users, suggesting a broader issue with Safari's treatment of URL parameters in private mode.
The issue is not reproducible on both Safari < 17 and Safari 17 in Normal mode. Most probably it is the result of adding Advanced Tracking and Fingerprinting Protection in Safari 17.
Can you please clarify logic behind Advanced Tracking and Fingerprinting Protection? Is it an expected behaviour?
We have a credit card registration page where each input fields are loaded in each individual iframes.
Something like this: https://codesandbox.io/p/sandbox/autocomplete-and-iframes-qvy8dz
Using pre-registered test credit cards
Chrome: All fields are auto-filled
Safari: Only credit card number field is auto-filled
Is there a way to make Safari behave the same way with Chrome?
One Line Summary
window.safari.pushNotification.requestPermission() is no longer showing a prompt to the user with Safari 17.3 on macOS 14.3 and it's callback fires as "denied".
Why this is is important to fix
Starting with Safari 16 for macOS 13 Apple introduced support for the standard Push API. However it is expected that the original Safari JS API window.safari.pushNotification should continue working, as many sites have not fully upgraded to the new API and Apple has not announced a deprecation.
Environments
NOT Working
macOS 14.3 with Safari Version 17.3 (19617.2.4.11.8)
macOS 14.4 Beta (23E5191e) with Safari Version 17.4 (19618.1.13.11.5)
Working
macOS 13.6.4 with Safari Version 17.3 (18617.2.4.11.11, 18617)
MRE (minimal reproducible example)
See the following site to quickly reproduce the issue noted here:
https://public-mre-macos-window-safari-prompt-bug.glitch.me/