In Safari Web Extensions on iOS 18, declarativeNetRequest Rulesets and Dynamic Rules take over twice as long to apply -- which causes rulesets to often fail to apply before sites load. In a boilerplate Xcode project you can note the time difference toggling the OISD (https://oisd.nl) ruleset on iOS 17 and iOS 18 simulators. Additionally, if you force quit Safari and reopen to a site with ads blocked by OISD list (e.g. espn.com) the content will be blocked in that initial state on iOS 17, but not in iOS 18 due to the latency. Based on the boilerplate extension, this bug is impacting all Mobile Safari Extensions using declarativeNetRequest Rulesets and Dynamic Rules. We know several other extension developers dealing with this issue. Our team wrote detailed reproduction steps in our Feedback Assistant ticket: https://feedbackassistant.apple.com/feedback/15196130 but have received no responses. I would attach a screen recording here but it won't allow me.

Title: SafariViewService Recurring "Hard Refresh" Issue on iOS 18.0.1 Hello, Many of my app users are experiencing a recurring "hard refresh" issue related to SafariViewService, which appears only on iOS 18.0.1 across various iPhone models. Users on earlier iOS versions are not encountering this problem. Our app relies on SafariViewService, and the logs show an event triggered by an EXC_GUARD exception with a termination reason from LIBXPC, causing the app to stop. Below are key details from the log report: App Version: 4.1.2 (build 4.1.1.0) OS Version: iPhone OS 18.0.1 Exception Type: EXC_GUARD Subtype: GUARD_TYPE_USER Termination Reason: LIBXPC, XPC_EXIT_REASON_FAULT Device Model: iPhone 11 Pro Max Process Path: [Removed] Here’s an excerpt from the logs: ... {"codes":"0x6000000000000007, 0x0000000000000009","reason":9,"message":"namespc 7 reason_code 0x0000000000000009","subtype":"GUARD_TYPE_USER","type":"EXC_GUARD","rawCodes":[Removed],"namespc":7}, "termination" : {"flags":518,"code":9,"namespace":"LIBXPC","indicator":"XPC_EXIT_REASON_FAULT"}, ... I would greatly appreciate any guidance on resolving this issue, particularly if there are known concerns with inter-process communication (LIBXPC) in iOS 18.0.1 or advice on how to manage the EXC_GUARD exception more effectively. Full log details are in the attachment. Thank you for your help! ExcUserFault_SafariViewService-2024-10-10-102717 (1).ips ExcUserFault_OnixWorker.Maui-2024-10-10-102718 (1).ips Thank you for your help!

When our app makes an API call to our backend service, we want the app to provide a client certificate in the call. What API and mechanism we can use so that our app (iOS app store, and Mac with Developer ID) to read a client certificate present in the Keychain. Please note that the client certificate will be put in the Keychain by an external MDM process. Not sure if an iOS or Mac app can read client certificates from Keychain which they have not put it there in the first place.

Hello, I encountered a problem in the latest beta version of ios 18. When I go to any browser or game, everything freezes and I can't do anything. The keyboard does not open and there is no response to touch. It started in the evening, but at first everything was fine. I hope you will fix it. I can't use the browser

declarativeNetRequest.getMatchedRules() gives us the below error: Error retrieving tabs or matched rules: – Error: Invalid call to declarativeNetRequest.getMatchedRules(). The 'activeTab' permission has not been granted by the user for the tab. We have added the "activeTab" permissions in the manifest (version 2). And in the device Safari extension settings we see that user has given permission as "allow".

After updating Xcode to the latest version we observed that SFSafariViewController is not loading web pages on Xcode 16 Simulator with iOS 18, whenever it is presented the View Controller is empty (does not load any content) and the app freezes, but other screens that use WKWebView are working normally. Also, during tests on physical devices with iOS 18 it seems to work just fine, so it might be just a IDE version problem. Is anyone experiencing the same issue? If so, did anyone find a solution for it?

Hi, I am having issue with WebAssembly not able to load wasm file on Safari web extension. It is showing CompileError: Refused to create a WebAssembly object because 'unsafe-eval' or 'wasm-unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval'". It was working fine 2 month ago, my original CPS is "script-src 'self' 'unsafe-eval'". But now it is not accepting 'unsafe-eval', I also tried 'wasm-unsafe-eval' did not work. Is there any changes on Safari browser regarding the CSP for WebAssenbly? Please let me know what CPS value will work. Here is the example code on how I load the WebAssembly wasm file. fetch('test_wasm_lib.wasm') .then(response => { if (!response.ok) throw new Error('Network response was not ok'); return response.arrayBuffer(); }) .then(bytes => WebAssembly.instantiate(bytes)) .then(results => { // Use your WebAssembly instance here console.log('load wasm success') }) .catch(error => { console.error('Error loading WASM:', error); });

Is it possible to enable/disable the enabled flag before the extension is loaded? we want to have a button in our app which controls the availability of the content blocker ruleSet in declarative_net_request in manifest (version 2). "declarative_net_request": { "rule_resources": [ { "id": "ruleset_1", "enabled": true, "path": "ruleset_1.json" } ] },

We are using manifest version 2, and currently some dynamic ads which come under the #document (documentURL) are not getting fetched and we are not able to block. is there an alternative for onBeginRequest in iOS Safari? How can we fetch the dynamic URLs otherwise?

We have observed that blocking content using Safari web extension does not fetch few URLS within the #document (documentURLs) because the onBeforeRequest webextension API is currently not available in Safari iOS. But it works fine using the Content blocking extension. We have a list of URLs which we want to block from the website. Which extension would you suggest the Content blocking extension or the Safari web extension?

Hi everyone, I’m working on an iOS app using WKWebView, and I have a specific use case involving cross-origin iframes and form autofill. I’m wondering if it’s possible to programmatically fill input elements, such as credit card numbers, within a cross-origin iframe loaded in a WKWebView. I understand that due to the Same-Origin Policy, direct DOM manipulation of cross-origin iframes is restricted. However, I’m curious if there are any methods or workarounds that might allow me to achieve this, specifically within the context of WKWebView. Thanks.

We have an iOS Safari extension currently distributed via Testflight. I’ve noticed that after an indeterminate period of time (sometimes days, sometimes weeks) our safari extension will stop working. It will need to be turned on again from the system general -> safari -> extensions menu. This is occurring on both iPhones and iPads running 17.6.1. Is there any condition that will cause the system to disable a safari extension, requiring the user to reopen iOS settings to re-enable?

We have an iOS Safari extension currently distributed via Testflight. I’ve noticed that after an indeterminate period of time (sometimes days, sometimes weeks) our safari extension will stop working and will need to be turned on again from the system general -> safari -> extensions menu. This is occurring on both iPhones and iPads running 17.6.1. Is there any condition that will cause the system to disable a safari extension, requiring the user to reopen iOS settings to re-enable?

We have implemented a content blocker using the Safari Web Extension, which can be toggled on or off as needed. However, we've noticed that changes in the Safari browser take effect only after the page is reloaded again. This behaviour has been observed across all simulators as well as on iPhone 8 Plus running iOS 16.7.8. Is this due to a delay in the JS file rules updation on simulator and lower devices?

Hi everyone, when My project (Angular 5) running in Safari Browser, we have a download function, it's download the excel file, end with .xlsx, but when running in low version Safari version, it will have a popup, that is not my project did, it blocked be safari itself, you can check the image, my question is how to hide the 'View' button or directly download instead of show the popup?

We have implemented content blocking using Safari web extension, it blocks the content but after reloading the current page about 3-4 times the blocked content re-appears, how can we fix this issue?

In Safari, when there are two password fields side-by-side, they are actually asking for different passwords. However, the browser's autofill might automatically fill the second field with the same password as the first, assuming it's a confirmation.

I'm attempting to reload a Safari Content Blocker from within a sandboxed command-line tool configured as a LaunchAgent. However, when I use SFContentBlockerManager to reload the content blocker, I encounter the error SFErrorDomain Code=1: Unavailable error. Is it possible to reload a content blocker from a LaunchAgent? If so, how can it be done? // // main.swift // BlockerUpdater // // Created by Sebastian Livoni on 30/06/2024. // import Foundation import SafariServices // Function to reload content blocker asynchronously func reloadContentBlocker() async { NSLog("Hello, World!") do { try await SFContentBlockerManager.reloadContentBlocker(withIdentifier: "me.livoni.blocker.dns") NSLog("Reload complete") } catch { NSLog("Failed to reload content blocker: \(error.localizedDescription)") } } // Main entry point for async code @main struct BlockerUpdater { static func main() async { await reloadContentBlocker() } }

Hello, I've encoutered an issue with Safari App Extensions. My extension prints lots of suspect error logs in the Xcode console and inside Console.app. This happens basically whenever I make any interaction with the App Extension or with Safari. The most common and predictable error log I get is: No current extension context; trying most recent context (Subsystem: com.apple.SafariServices) However, I also sometimes get the following error messages, albeit less frequently, which may be related: No extension context for best match No extension context for remote object Error connecting back to host for remote object: NSCocoaErrorDomain, code: 4099 No known extension contexts for profile 00000000-0000-0000-0000-000000000000 Most recent extension context B7223E12-B563-45E0-97F8-50500BC6B994 does not have connection back to host; trying best match context I haven't been able to find anything about these error logs in Apple documentation or on the Internet, so I did a bit of empirical investigation. I reproduced the bug in the following basic scenario: I've created a new Safari App Extension project in Xcode by going to File > New > Project > Safari Extension App. I've selected "Safari App extension" for the type and "Swift" for the language. The project comes by default with a "SafariExtensionHandler.swift" file, which includes the following code: override func validateToolbarItem(in window: SFSafariWindow, validationHandler: @escaping ((Bool, String) -> Void)) { validationHandler(true, "") } No issues so far. If I add the following call: override func validateToolbarItem(in window: SFSafariWindow, validationHandler: @escaping ((Bool, String) -> Void)) { validationHandler(true, "") SFSafariApplication.getActiveWindow { window in // code } } There are still no error messages logged in the Console. However, if I do this instead: override func validateToolbarItem(in window: SFSafariWindow, validationHandler: @escaping ((Bool, String) -> Void)) { validationHandler(true, "") DispatchQueue.main.async { SFSafariApplication.getActiveWindow { window in // code } } } Then my Xcode console starts being spammed with "No current extension context; trying most recent context" error logs. With some more testing, it seems that the most common/predictable situation that causes the error log seems to be when calling any Safari API (e.g. SFSafariApplication.getActiveWindow{} or even SFSafariApplication.setToolbarItemsNeedUpdate()) outside of a direct method call provided by the Safari App Extension API. So making API calls directly from inside validateToolbarItem(in:, validationHandler:) or messageReceived(withName:from:userInfo:) calls is fine, but anything else causes "No extension context" logs. The bug even reproduces if you make a Safari API call directly inside of an @IBAction method call caused by a button click inside the Safari popover of the Safari App Extension. With this being the case, it seems to be impossible to make clean Safari API calls in an asynchronous or proactive way, which is problematic for our app extension use case and which seems to defeat the purpose of some of the API calls like SFSafariApplication.setToolbarItemsNeedUpdate(). Also, this seems to be a new issue. I've tested these scenarios on various macOS versions that I had on hand (specifically, on macOS 10.15 Catalina, macOS 13 Ventura and macOS 14 Sonoma) and the bug seems to reproduce only on macOS 14 Sonoma. The Safari App Extension behaves as expected on previous macOS versions, with no suspect error logs. Does anyone know what this issue is about?

This method does not seem to work consistently: SFSafariViewControllerDelegate.safariViewController(_ controller: SFSafariViewController, initialLoadDidRedirectTo URL: URL) It was working 100% of the time until this week for me, now it has about a 1-5% success rate for detecting redirects. The docs are not clear: @discussion This method may be called even after -safariViewController:didCompleteInitialLoad: if the web page performs additional redirects without user interaction. Code snippet from calling UIViewController that conforms to SFSafariViewControllerDelegate: let config = SafariViewController.Configuration() config.entersReaderIfAvailable = false let vc = SFSafariViewController(url: url, configuration: config) vc.delegate = self self.safariViewController = vc print(self.safariViewController?.delegate) self.present(vc, animated: true) Did something change? How can I make this consistent again?