NSItemProvider throwing exception related to secure coding

Question

Created Feb ’24

Replies 27

Boosts 0

Views 3.5k

Participants 5

Our app has a share extension. And we recently noticed something with iOS 17.3.1.

From Safari, when we receive the plist and try to load it, we are seeing exceptions for classes not allowed to be unarchived.

[itemProvider loadItemForTypeIdentifier:[UTTypePropertyList identifier] options:nil completionHandler:^(NSDictionary *jsDict, NSError *error) {
}

We see these exceptions:

value for key 'NS.keys' was of unexpected class 'NSString' (0x1ee7d2970) [/System/Library/Frameworks/Foundation.framework].
Allowed classes are:
 {(
    "'NSDictionary' (0x1ee7cad38) [/System/Library/Frameworks/CoreFoundation.framework]"
)}
(null)

Our preprocessing javascript file is basic, and only passes a title and URL as part of the payload.

arguments.completionFunction({
    "URL": document.URL
    "title": document.title,
});

Answer 1

BarryD0706 OP

Nov ’24

I am seeing the same problem as R4N in his second quote (when using Swift). Specifically, NSItemProvider.loadDataRepresentation(for: UTType, completionHandler: (Data?, (any Error)?) -> Void) -> Progress (when used with UTType .heic) returns the expected result with no error to the completion handler, but issues the message to the console: -[_EXSinkLoadOperator loadItemForTypeIdentifier:completionHandler:expectedValueClass:options:] nil expectedValueClass allowing {( NSNumber, NSMutableDictionary, NSDate, NSString, NSError, NSDictionary, NSData, UIImage, CKShare, NSMutableString, NSMutableArray, NSUUID, NSMutableData, NSValue, NSURL, _EXItemProviderSandboxedResource, NSArray )}

I don't know how to look at someone else's feedback (by the number) so don't know if there's been any progress on that.

Answer 2

DTS Engineer OP

Apple

Nov ’24

I don't know how to look at someone else's feedback

You can’t, at least not in general. I talk about this more in Bug Reporting: How and Why?.

Still, your post reminded me about this issue and so I checked on FB13691762. I’ve no additional info to share on that front.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"