Feedback on Documentation Page for Message Filter App Extension
Documentation: Creating a Message Filter App Extension
Hello,
I am writing to provide feedback on the documentation for creating a message filter app extension. We followed the instructions on the page, particularly the section regarding setting up shared credentials. The instructions state:
"Then, you must set up shared credentials as described in Shared Web Credentials, substituting messagefilter for webcredentials throughout the steps. Lastly, you must specify the domains in your Info.plist file, which should look similar to the dictionary shown below."
However, when we tried to implement this, we encountered the following error while attempting to save credentials via the SecAddSharedWebCredential function from the message filter extension:
Error Domain=com.apple.security.xpc Code=3 "<connection: 0x12e0d4500> { name = com.apple.securityd, listener = false, pid = 0, euid = 4294967295, egid = 4294967295, asid = 4294967295 }: Connection invalid - failed at lookup with error 159 - Sandbox restriction" UserInfo={numberOfErrorsDeep=0, NSDescription=<connection: 0x12e0d4500> { name = com.apple.securityd, listener = false, pid = 0, euid = 4294967295, egid = 0, asid = 4294967295}: Connection invalid - failed at lookup with error 159 - Sandbox restriction}
The specific call we did:
func SecAddSharedWebCredential(
_ fqdn: CFString,
_ account: CFString,
_ password: CFString?,
_ completionHandler: @escaping (CFError?) -> Void
)
This error seems related to sandbox restrictions. The documentation does not provide enough information on how to properly set up the environment or what additional configurations might be needed to avoid such sandbox restrictions. More detailed guidance on configuring sandbox permissions and any additional steps required for setting up shared credentials in a message filter extension context would be highly beneficial.
Thank you for your attention to this matter. We look forward to any updates or clarifications you can provide to improve the implementation.