Hi,
AFAIK Safari or any macOS apps which uses WKWebview, uses com.apple.WebKit.Networking.xpc to do actual networking.
I am working on a packet tunnel, where I am able to get process id associated with packet read. Based on process id, i am using libproc to get process name.
I am facing below problem:
For Safari or any other apps which uses WKWebview having same process name: com.apple.WebKit.Networking
Any ways to distinguish wether it is from safari or other xyz wkwebview apps?
Related Problem: https://developer.apple.com/forums/thread/693528 In this thread, app proxy can help but in packet tunnel no such options exposed.
I call this the ‘responsibility problem’, that is, for a given process, how do you determine which user-visible app is responsible for it. It crops up all the time on our platforms. The system has a bunch of infrastructure to track responsibility. You can see this in Activity Monitor, which you show the process list hierarchically. However, there’s virtually no API surface for that infrastructure )-:
I say “virtually” because there is one way you can get this info: by creating an Endpoint Security client [1]. If your product already has an ES client, you could use that to solve this problem. If not, I don’t have any good suggestions.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] ES surfaces this via the responsible_audit_token property.