Forcing a `WKWebsiteDataStore` proxy change onto existing connections without losing session state

Question

Created 7h

Replies 6

Boosts 0

Participants 2

This post is from the WWDC26 WebViews Q&A.

Context: This is for a privacy relay in a browser, where the proxy is toggled on/off and rotated mid-session, so we can't lose the user's logged-in sessions when it engages.

Connection pool behavior — is this expected?

When we mutate proxyConfigurations on a live data store, the proxy only applies to newly-visited origins. Origins that already have established connections keep going direct — reloading the page, and even tearing down and recreating the WKWebView, doesn't move them onto the proxy. The only thing that reliably forces all traffic through the proxy is swapping in a brand-new WKWebsiteDataStore.

Is that the intended behavior — i.e. is recreating the store the expected way to re-establish the connection pool — or is there a supported way to invalidate the existing connections so a mutated proxy config takes effect on already-loaded origins?

What does fetchData / restoreData actually carry?

To preserve the session across that store swap, we serialize the old store with fetchData(of: WKWebsiteDataStore.allWebsiteDataTypes()) and rehydrate the new one with restoreData(_:) (iOS 26).

Passing the full allWebsiteDataTypes() set:

Does this round-trip everything those types represent — cookies, localStorage, IndexedDB, service worker registrations, etc. — into a store created with init(forIdentifier:)?
Does anything not enumerated by allWebsiteDataTypes() — per-site permissions, tracking-prevention/ITP state — get dropped silently?

Answer 1

Frameworks Engineer OP

Apple

7h

When changing the proxyConfiguration on a live data store, the behavior for an already-loaded WKWebView is undetermined - starting to treat future resource loads in that web view differently would cause all sorts of problems.

So it is correct that you should expect to have to reload content to get the new proxy settings. There is no safe, deterministic way to do otherwise.

The fact that the act of reloading doesn't seem to impact existing connections to existing servers is unexpected and worth filing a Feedback Assistant report for.

If you prefer to swap data stores, you correctly identified fetchData/restoreData. They are meant for data migration and should cover all data types in the set of allWebsiteDataTypes

Answer 2

carson4444 OP

7h

I guess I am hoping to understand if it is strange or an anti pattern to build a new store every time you turn your proxy on/off. Up until now we have always used the default provided store for every webview: WKWebsiteDataStore.default.

Answer 3

Frameworks Engineer OP

Apple

7h

There are many apps that use different data stores in the same run of the app for various reasons.

Think of a reason where it makes sense, and it's supported.

It's probably not terribly common to be constantly migrating all website data between two data stores, though.

If I understand your original post fully, I think if the "connections to already pinged servers continue down the old path even when I change the proxy setting" issue was resolved then you wouldn't need to entertain the more complicated idea?

If so, that makes it doubly important to get that Feedback filed!

Answer 4

carson4444 OP

6h

Right, if we could ensure that when you configured the proxy on the existing store and reloaded the current webview you would be connected to the proxy then we would not need to swap the data store at all.

Answer 5

carson4444 OP

6h

Is there any WebKit-specific error handling for when something with the proxy configuration goes wrong?

In the failure cases I've been able to test — e.g. failing authentication with the proxy server — WebKit surfaces it through the navigation delegate's didFailProvisionalNavigation callback as a generic:

"Could not connect to the server." — NSURLErrorCannotConnectToHost (code -1004)

Since that's indistinguishable from an ordinary connectivity failure, is there any way to tell proxy/relay failures apart from normal browsing errors? I would want to be able to surface a distinct "proxy unavailable" state to the user rather than a generic connection error.

Answer 6

Frameworks Engineer OP

Apple

6h

Since that's indistinguishable from an ordinary connectivity failure, is there any way to tell proxy/relay failures apart from normal browsing errors?

Unfortunately I'm not set up with a test application to look more deeply at this right now, but: I'm 98% sure that additional context inside the NSError.userInfo would surface this.

For now, I'd recommend taking a look inside there when you reproduce the proxy connection failure and see what surfaces.