Post

Replies

Boosts

Views

Activity

Library/Caches for app groups: automatically deleted when needed ?
In an app we can use FileManager.SearchPathDirectory.cachesDirectory (objc:NSCachesDirectory) to store files that could be recreated if necessary (and will be automatically deleted by iOS in cases of low disk memory). For app groups, there is a shared location that is automatically created as soon as we use containerURL(forSecurityApplicationGroupIdentifier:) (objc:containerURLForSecurityApplicationGroupIdentifier) : Library/Caches Is this cache directory (created by iOS) also gets automatically deleted by iOS in cases of low disk memory ? I also have more related questions : does this cache directory size count in the used disk space by the app displayed in the settings app ? is this cache directory (and same question for the top containerURL directory) saved in the cloud backups ? Does anyone have any information about this?
0
0
15
1h
Test Data for FinanceKit
FinanceKit framework provides access to Apple Card / Apple Cash transactional data. Does it provide any test data? One does not have to buy their own in-app purchases in order to test payment flow. Or there is no such option right now, and developers have to test this functionality with their own financial history?
0
0
23
4h
IPv6 DNS Queries Not Resolving
Forward posting from the Swift Forums. Within my iOS project (thesis project) I have set up a MITM server that is being sent data from a Packet Tunnel Provider. I am currently seeing that all IPv6 requests aren't able to have their IP address resolved when passed to Swift NIO that uses the default system DNS resolver. On the Packet Tunnel Provider, I have set it to use the DNS's 8.8.8.8 and 8.8.4.4 that are also the system defaults. I have also attempted to use my routers DNS routing to no avail. Both v4 and v6 traffic are proxied to the MITM server that uses Swift NIO, with v4 traffic successfully being processed on ingress and egress as intended. IPv6 traffic is failing to resolve with the following error: dev.thesis.apps.LocalProxyServer.ConnectHandler : [LocalPacketTunnelProvider] Connect failed: NIOConnectionError(host: "ipv6.mythic-beasts.com", port: 443, dnsAError: Optional(NIOCore.SocketAddressError.unknown(host: "ipv6.mythic-beasts.com", port: 443)), dnsAAAAError: Optional(NIOCore.SocketAddressError.unknown(host: "ipv6.mythic-beasts.com", port: 443)), connectionErrors: []) ipv6.mythic-beasts.com for the purposes of this is just a test website I am using that only has a AAAA record associated with it: When not connected to the Packet Tunnel Provider, the website is successfully resolved and can be viewed within the browser - so I have narrowed it down to either the server or tunnel configuration. The server uses the GetaddrinfoResolver, that utilises the iOS's system default DNS resolver. This should conform to necessary RFC. Could anyone provide me with a reason why this could be happening and if possible a link to a resource that could assist with remediating the issue? I'll be the first to admit this isn't my forte so would appreciate some support if possible. I am aware that this isn't an expected use cases for Network Extension packet tunnel providers (as per TN3120). I'm just concerned as IPv4 DNS records are resolving but IPv6 aren't so wondering if this is a wider issue. would expect the system DNS resolver to still work as intended though.
0
0
47
5h
Communication Notifications not grouping notifications by conversation
I've implemented Communication Notifications in my messaging application but am having difficulty with figuring out why notifications aren't being grouped by conversation - instead, they all collapse into a single group. I've verified that the conversationIdentifier of the INSendMessageIntent is being correctly set for my notifications, along with the speakableGroupName. Is there anything else I could be missing to achieve the desired conversation grouping behaviour?
0
0
21
6h
Webkit generated flow management using DNSProxy
Hi! I have been working on one idea for a while but can't figure out the proper way to do that. My app includes Content Filter and DNSProxy providers for filtering logic. And for the NEFilterSocketFlow everything works well, because the connection is first handled from DNSProxy and if it's blocked, NEFilterDataProvider returns datagrams that I wrote from DNSProxy (I return nxdomain). However, for NEFilterBrowserFlow it doesn't work, because webkit generated flows are for some reason intercepted by Content Filter first and at the time when the flow is checked for rules, there're none yet as DNSProxy didn't handle connection yet. So the app returns the following behaviour: In case the requested domain is not filtered by DNSProxy, the user is able to visit requested page, but if it's filtered, the flow just freezes and the page will never load for user. But I wanted to add proper handling and display block page. In case I am using some third-party apps for testing like ICS Dig, filtered domains return nxdomain properly. Not sure if there's a way to achieve desired result, but would be very grateful for any suggestions
0
0
38
7h
Web Login using Next Auth getting Invalid Credentials
import AppleProvider from 'next-auth/providers/apple'; export const appleProvider = AppleProvider({ name: 'Apple', clientId: process.env.NEXT_PUBLIC_APPLE_CLIENT_ID as string, clientSecret: process.env.NEXT_PUBLIC_APPLE_CLIENT_SECRET as string, idToken: true, authorization: { url: 'https://appleid.apple.com/auth/authorize', params: { clientId: process.env.NEXT_PUBLIC_APPLE_CLIENT_ID as string, scope: 'openid email name', response_type: 'code', response_mode: 'form_post', }, }, token: { url: 'https://appleid.apple.com/auth/token', async request(context) { console.log('----context', { context }); const url = https://appleid.apple.com/auth/token + ?code=${context.params.code} + &client_id=${context.provider.clientId} + &client_secret=${context.provider.clientSecret} + &redirect_uri=${context.provider.callbackUrl} + &grant_type=authorization_code; const response = await fetch(url, { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, }); console.log('----response', { response }); const tokens = await response.json(); console.log('----tokens', { tokens }); return { tokens }; }, }, });
0
0
30
10h
Can one use the new provenance feature to avoid slow notarization checks for newly compiled unsigned binaries?
I am working with a compiler that produces native binaries, It's really meant for servers so it's not integrated with Xcode or the Xcode build system. As such the output binaries get the default ad-hoc signatures the linker makes. After (re)compiling such a binary, there is a delay whilst running it. This is because macOS notices it's an unknown binary and goes off to ask notarization servers/Xprotect if it's known malware. Fine, I understand the need for this and why it happens. From the logs it's clear that macOS is now tracking the "provenance" of binaries. This means where they came from. This raises the question of whether it could know that my local dev binaries are coming from this compiler, if it was in turn properly signed and notarized. And if so, whether there is some security policy I could set to say "if binary X produces binary Y, then trust Y". Yes I know this would be a security exploit if it were done that way by default, but I am willing to take the risk of special malware that compiles itself first using this special compiler that isn't installed by default then runs the output, as presumably any such malware would be so targeted Xprotect/notarization wouldn't know about it anyway. The provenance mechanism is some internal security thing and isn't documented, but I'm curious if anyone knows more about it and whether it's usable for this? Or alternatively if there's a way to stop macOS doing these slow checks for certain binaries e.g. under specific paths?
0
0
38
10h
My Xs Max cant update or reset.
I have been having troubles with my 5 year old Xs Max for two months now. The only things I can do are use instagram, call people and send text messages. I am logged out of my imessage thing and when i click on it to put in my phone number and choose my account it just keeps on loading and never fully loads. I dont think this is an issue with my actual data as I can use instagram although I have to refresh each time I want to see a message. I cant use my home wifi, other people's hotspot, and other place's wifi. Its saying I am connected to the network but it does not come up in the top right corner and always says i am using data. I cannot use safari, google, chrome and even the app store does not work. It just says its loading but it never loads. This also means I cannot update any app or install an app that I have already purchased. I have tried updating it but it also couldnt do that, I even tried updating it by connecting my phone to my laptop and even though it installed the update it could never actually update the phone. I just tried to fully reset my phone but it is saying it cant do this due to some error (akauthenticationerror code 7005). I then tried to sign out of my apple ID but then this also didnt work. It told me an error occured and this couldnt be done. I was wondering if this is is happening just because my phone might be too old but maybe there are some other issues? Thanks
1
0
36
11h
Screen Time | How to enable/disable screen time for a game app by setting start and end times?
let schedule = DeviceActivitySchedule( intervalStart: DateComponents(calendar: Calendar.current ,hour: 20, minute: 0), intervalEnd: DateComponents(calendar: Calendar.current ,hour: 22, minute: 59), repeats: true, warningTime: nil ) store.shield.applications = selectionToDiscourage.applicationTokens.isEmpty ? nil : selectionToDiscourage.applicationTokens store.shield.applicationCategories = selectionToDiscourage.categoryTokens.isEmpty ? nil : ShieldSettings.ActivityCategoryPolicy.specific(selectionToDiscourage.categoryTokens) store.shield.webDomains = selectionToDiscourage.webDomainTokens store.application.blockedApplications = selectionToDiscourage.applications try center.startMonitoring(.daily, during: schedule)
0
0
16
11h
NEHotspotConfigurationManager removeConfiguration not working consistent
Hey, I'm currently developing an app that uses NEHotspotConfigurationManager to connect to and disconnect from a WiFi network based on user actions. I'm using the following code to connect and disconnect: Connect let configuration = NEHotspotConfiguration(ssid: ssid, passphrase: password, isWEP: false) configuration.joinOnce = true NEHotspotConfigurationManager.shared.apply(configuration) { (error) in if let error = error { print("Error connecting to WiFi network: \(error.localizedDescription)") } else { self.lastSSID = ssid } } Disconnect NEHotspotConfigurationManager.shared.removeConfiguration(forSSID: self.lastSSID) The issue I'm encountering is that the app successfully connects to the WiFi network and disconnects properly the first time. However, after connecting again, the second disconnect attempt fails to disconnect from the WiFi network. I found a similar bug report from 2020 that mentioned this issue. The suggested workaround involved setting joinOnce = false, which is not suitable for my app's requirements.
1
0
24
11h
Core Telephony Deprecation Issue
We are using CoreTelephony's CTTelephonyNetworkInfo to access Carrier information such as carrierName, mobileNetworkCode, mobileCountryCode and CTTelephonyNetworkInfo().subscriberCellularProviderDidUpdateNotifier to know whether any event has occurred in the sim. We are using these above data for the Sim Binding process of UPI for our Financial App as per the requirement from NPCI(RBI). Now that these are deprecated, what is the appropriate or alternative way to get these details?
0
0
25
11h
Split tunnel using Personal VPN
Our app uses NEVPNManager with IPsec to create VPN. Full tunnel is working fine both with NEVPNManager API and profile created using Apple Configurator. Now, we are trying to create split tunnel using the same. Apple Configurator created profile is working when DNS Supplemental Match domains is set to empty string. But we couldn't find the equivalent to the DNS Supplemental Match domains in the NEVPNManager API. In NEVPNManager config, all DNS is routing to the default route instead of VPN. Can you please help us on this?
0
0
17
13h
NSXPCConnection setCodeSigningRequirement: in sandbox works only with Developer ID signing
Hello, I use setCodeSigningRequirement: in sandboxed XPCService and it seems that no matter what I always get errSecCSNoSuchCode[1] when the app is signed with development certificate. The same application signed with DeveloperID is fine. I use following CSR for development signed builds. identifier com.example.app and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.1] exists and certificate leaf[field.1.2.840.113635.100.6.1.12] exists But also tried to simplify to identifier com.example.app or just true. If I validated the CSR with codesign -R I get "explicit requirement satisfied". I spotted this log line: Sandbox: com.example.app(67058) deny(1) file-read-data /Users/(...)/example-app/build/arm64-mac/src/mac/app/Debug/Example App.app/Contents/MacOS/ExampleApp So I disabled the sandbox for XPCService and now everything works. But then why the DeveloperID signed build works with XPCService sandboxed? ...or does it really? :) Just for completeness the CSR which I use in production build are: identifier com.example.app and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] exists and certificate leaf[field.1.2.840.113635.100.6.1.13] exists and certificate leaf[subject.OU] = EXAMPLE
3
0
60
14h
Xcode (15.4) simulator not working (17.5)
Recently I have updated the Xcode version as 15.4 and run my project in the simulator is not working in the 17.5 version and also some time this issue - Building for 'iOS-simulator', but linking in object file resolved and check not yet working the simulator. give any suggestion.Thanks!
0
0
10
14h
Notification Received on Consumable Purchase
Hello, I am encountering an issue where I receive an App Store Server Notification V2 upon the purchase of a consumable item. I have configured the App Store Server Notification V2 endpoint to handle notifications related to subscription products. However, I did not expect to receive notifications for consumable purchases. The notification includes the following signedPayload decoded into the ResponseBodyV2DecodedPayload object with the following values: notificationUUID: 3cd6410b-0c89-4247-aba5-20710e79895e notificationType: null subtype: null The transaction information decoded from the ResponseBodyV2DecodedPayload object is as follows: transactionId: 2000000633622618 webOrderLineItemId: null productId: heart_2 To debug, I called the Get Notification History API of the App Store Server API, and the mentioned notification for the consumable product purchase is not included in the history. Only notifications related to subscription product purchases are retrieved. According to the notification type documentation, there is no explanation for cases where both notificationType and subtype are null, nor is there any mention of receiving notifications for consumable purchases. Therefore, I am uncertain how to interpret and handle this notification. Could you please provide an explanation or guidance on this issue? Thank you. References: https://developer.apple.com/forums/thread/737592 https://developer.apple.com/documentation/appstoreservernotifications/notificationtype
2
0
32
16h
How to distinguish between subscription purchases made through the app and directly from the App Store
We are wondering if it is possible to distinguish between purchases made through our app and those made directly from the App Store in the subscription process. Does the API information such as Server notifications v2 and Get All Subscription Statuses contain information that can distinguish between these cases? If not, we are thinking of using the appAccountToken included in JWSTransaction to distinguish between them. We are aware that appAccountToken is set when an appAccountToken or applicationUsername is given to an app when purchasing a subscription. Therefore, we believe that the appAccountToken of JWSTransaction is not set when you purchase a subscription directly from the App Store. We think that by setting the appAccountToken for purchases made through our app, we can distinguish whether the subscription was purchased directly from the App Store or not, but is this an appropriate way to do so? Please let us know if there is a case where the appAccountToken is set even if the subscription was purchased directly from the App Store. https://developer.apple.com/documentation/appstoreserverapi/appaccounttoken
0
0
24
19h
Invalid argument error from tcsetattr when setting speed to anything other than predefined
I'm trying to communicate with an RS-485 device using a USB-to-RS-485 adapter based on a CP21012N. It's capable of speeds up to 3 Mbaud. However, when I call tcsetattr() with speed set to anything other than one of the predefined constants (using cfsetspeed()), I get an "Invalid argument" error back from the call. Googling, I found https://github.com/avrdudes/avrdude/issues/771 Seems like macOS really can't accept baud rates outside the predefined set without resorting to ioctl?
2
0
59
21h