Posts under App & System Services topic

Post

Replies

Boosts

Views

Activity

URLSession on watchOS never fails over to watch's own Wi-Fi when paired iPhone has Bluetooth but no internet (-1200)
We develop a healthcare emergency-alerting app with a native watchOS companion app. We've hit a network routing issue on watchOS that we cannot work around with any public API, and it breaks a safety-critical flow (triggering an emergency alarm from the watch). Environment watchOS 26.5 on Apple Watch SE3, paired with iPhone SE 2nd Gen on iOS 26.5 Watch app deployment target: watchOS 9.0 Plain URLSession (async/await), default configuration plus waitsForConnectivity = false, allowsExpensiveNetworkAccess = true, allowsConstrainedNetworkAccess = true HTTPS to our own backend (valid public TLS certificate, no pinning) Steps to reproduce Pair the watch with the iPhone. Both on the same known Wi-Fi network. On the iPhone: turn OFF Wi-Fi and cellular data. Keep Bluetooth ON. The watch remains connected to its known Wi-Fi network (or would be, if the system brought the radio up). Trigger any HTTPS request from the watch app (foreground). Expected Since the companion iPhone has no internet, the watch should satisfy the request over its own Wi-Fi. Actual The request is routed through the companion link (ipsec1, "companion preference: prefer" in the logs) and fails after the TLS handshake dies inside the tunnel: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9816 (errSSLClosedNoNotify) The watch never fails over to its own Wi-Fi, no matter how many times we retry or how long we wait. The same request succeeds within seconds if the user disables Bluetooth on the iPhone (watch then joins Wi-Fi directly), or restores the iPhone's internet. What we already tried waitsForConnectivity = true doesn't help; a path exists (the tunnel), it just doesn't work. Fresh URLSession per retry, backoff retries still routed via the tunnel. Per TN3135 we understand low-level networking is not available to a normal app: we prototyped NWConnection with prohibitedInterfaceTypes = [.other], and indeed on device NWPathMonitor stays .unsatisfied even when the watch has working Wi-Fi, exactly as TN3135 describes. So Network framework is not an escape hatch for us, and we are not looking to abuse the audio-streaming/CallKit carve-outs. Questions Is the companion-preferred routing supposed to fail over to the watch's own Wi-Fi when the iPhone is reachable over Bluetooth but has no internet? If yes, on what timescale, and is there anything an app can do to help the system notice the dead path sooner? Is there ANY supported way for a foreground watchOS app to express "do not use the companion link for this request"? We found only the private _companionProxyPreference SPI, which we obviously can't ship. If the answer to both is "no", what is the recommended pattern for safety-critical requests in this state is failing fast and instructing the user to disable iPhone Bluetooth really the intended UX? Related earlier reports of the same behavior: https://developer.apple.com/forums/thread/759321 https://developer.apple.com/forums/thread/107964
2
1
273
4d
Reboot-free upgrade of an always-matched DriverKit dext
I have a DriverKit dext that implements a virtual SCSI HBA (no physical hardware). Because a bare IOUserSCSIParallelInterfaceController has no provider to match, the bundle ships two IOKitPersonalities: Bootstrap — IOClass IOUserService, IOProviderClass IOUserResources, IOResourceMatch IOKit. In Start() it does SetProperties({NvmeOfSCSIHBA: true}) + RegisterService(), publishing itself as a nub. Controller — IOClass IOUserSCSIParallelInterfaceController, IOProviderClass IOUserService, IOPropertyMatch {NvmeOfSCSIHBA: true} — it matches the bootstrap nub. This loads and runs correctly. The problem is upgrades. Activating a higher CFBundleVersion via OSSystemExtensionRequest.activationRequest (in-place replace) always defers the old version's termination to reboot. The new version reaches [activated enabled] but never starts; the old process keeps running until reboot. From sysextd/kernelmanagerd: kernelmanagerd Dext … v15 … is being replaced and cannot be terminated right away sysextd delegate returns Error Domain=OSSystemExtensionErrorDomain Code=101 "…is being replaced", assumes responsibility for old version …, keeping old version 15 sysextd turning the responsibility for termination of …, version 15 over to delegate (with uninstallation at the next reboot) sysextd a category delegate declined to terminate extension with identifier: … sysextd v15 terminating_for_uninstall → terminating_for_upgrade_via_delegate Key observation: this defers even on a fresh boot where the dext was never opened — no app/daemon ever opened the IOUserClient, no I/O, nothing attached beyond the controller↔nub match. So it does not appear to be a "client still holds it open" / busy-state situation; the driver_extension category delegate declines the moment it's a replacement. What I've tried: In-place activationRequest (replace): always defers to reboot (above). deactivationRequest (standalone): the request hangs — no delegate callback at all (waited ~13 min), even with no client open. Disconnecting all clients first (graceful Stop() that cancels its dispatch queues and completes async) does not change the replace deferral. My understanding from the docs/forums is that the normal reboot-free replace relies on the backing device being disconnected/reconnected to quiesce the old dext (thread 677040). My controller matches a persistent IOUserResources-backed nub that never detaches, so there's no equivalent quiesce point. Questions: For a dext whose only provider is a self-published IOUserResources nub (no detachable hardware), is reboot-free replacement structurally impossible — i.e. is the Code=101 "is being replaced" defer inherent to this matching pattern? Is the supported way to live-upgrade such a dext to deactivationRequest → (on .completed) → activationRequest rather than an in-place replace? If so, what makes a deactivationRequest complete in-session vs. defer to reboot for an IOUserResources-matched dext — and what would cause it to hang with no delegate callback? (Daemon's IOUserClient is closed; the controller's Stop() cancels its queues and completes.) Should the dext itself proactively tear down the published nub (e.g. terminate the bootstrap IOService) before/at upgrade so the controller detaches — or does that just re-match the still-staged old personalities and relaunch the old version? Is there a recommended pattern for a virtual (hardwareless) DriverKit HBA that needs in-field, reboot-free version updates, or is reboot genuinely required for this class of dext? Environment: macOS 27 (Tahoe)
0
0
75
4d
Refund requests failing in production
We offer an in-app way for customers to request an Apple refund for an auto-renewable subscription using StoreKit2. Everything worked during testing and verification in the Sandbox and TestFlight phases, but now consistently fails in Production. We present the refund sheet on a button press: .refundRequestSheet(for: transactionID, isPresented: $isPresenting) { result in switch result { case .success(let status): // .success / .userCancelled handled here case .failure(let error): // -> .failed for every user } } We log the outcome of all the requests, success and cancel behaves as expected. Since RefundRequestError only has .duplicateRequest .failed and the localizedDescription is generic, we don't know why it is failing. We have already checked that the transaction are for verified, not revoked, non-upgraded and active subscriptions. The issue only happens in Production. Is there any way to get more information about why a refund request fails or what other configuration needs to verified for this to work? Is there an eligibility window or other non-specified limit that might result in these errors?
0
0
79
4d
Clarification on Screen Time API capabilities for per-child and per-device activity reports
Hello, I am developing a parental control app using FamilyControls, DeviceActivity, and DeviceActivityReport. My current setup is: The child device requests FamilyControls authorization with .child The parent device requests FamilyControls authorization with .individual The parent app displays reports through a DeviceActivityReportExtension The report filter uses users: .children and devices: .all I would like to clarify two questions: Can a third-party app use the Screen Time API to retrieve or display screen time activity per child or per child device from the parent app? For example: Child A's total screen time today Child A's iPhone screen time today Child A's iPad screen time today At the moment, I can only display an aggregated report using users: .children and devices: .all. I do not see a public API for selecting a specific child or a specific child device. Is this a current limitation of the public Screen Time API, or is there a recommended approach to implement this? Can the Screen Time API report activity data for family members aged 14-17? Specifically, if a family member is between 14 and 17 years old and their device has completed .child authorization, can the parent app still display their Screen Time data using DeviceActivityReport(users: .children)? Or are there restrictions related to Apple ID age, Family Sharing, or Screen Time permissions that prevent third-party apps from retrieving or displaying activity data for users in this age range? My goal is to understand what third-party apps can implement in a compliant way using the public APIs, without attempting to bypass any system limitations. Thank you.
0
0
62
4d
iOS 27+26+18: Spotlight only finds title, not textContent nor contentDescription.
Related feedback: FB16995719 This is an old one, that has not been solved in iOS 27. This is very annoying since iOS 27 brings new AI stuff to Spotlight, that can't be used because of this bug. Jennifer has acknowledged this bug during a one-on-one session last year (WWDC25) where we carefully reviewed my code. I simply would like that the app documents content to be indexed. It's simple text that I pass to textContent. ------- try await CSSearchableIndex.default().indexAppEntities([entity]) // How the indexing is called ------- @available(iOS 18, *) /// The IndexedEntity struct DocumentEntity: IndexedEntity, Identifiable { static var typeDisplayRepresentation: TypeDisplayRepresentation { TypeDisplayRepresentation(name: LocalizedStringResource("INTENT_DOCUMENT_DISPLAY_REP")) } static let defaultQuery = DocumentQuery() // A unique identifier for each document let id: NSManagedObjectID let title: String? let thumbnailData: Data? // The document's text to be indexed let textContent: String? let pageCount: Int // A display representation for UI purposes. var displayRepresentation: DisplayRepresentation { DisplayRepresentation( title: "\(title ?? "")", image: thumbnailData == nil ? nil : .init(data: thumbnailData!) // INDEXED successfully through the use of @available(iOS 18, *) struct DocumentEntity: IndexedEntity, Identifiable { static var typeDisplayRepresentation: TypeDisplayRepresentation { TypeDisplayRepresentation(name: LocalizedStringResource("INTENT_DOCUMENT_DISPLAY_REP")) } static let defaultQuery = DocumentQuery() // A unique identifier for each document (for example, your NSManagedObject's objectID). let id: NSManagedObjectID let title: String? let thumbnailData: Data? // The OCR text to be indexed let textContent: String? let pageCount: Int // A display representation for UI purposes. var displayRepresentation: DisplayRepresentation { DisplayRepresentation( title: "\(title ?? "")", image: thumbnailData == nil ? nil : .init(data: thumbnailData!) ) } } ) } } @available(iOS 18, *) extension DocumentEntity { // The attributeSet for Spotlight var attributeSet: CSSearchableItemAttributeSet { let attributeSet = defaultAttributeSet attributeSet.title = title attributeSet.displayName = title // THIS ONE IS INDEXED attributeSet.contentType = UTType.plainText.identifier attributeSet.textContent = textContent // THIS ONE IS **NOT** INDEXED attributeSet.pageCount = NSNumber(integerLiteral: pageCount) // THIS ONE IS INDEXED attributeSet.thumbnailData = thumbnailData attributeSet.creator = Constants.APP_NAME return attributeSet } } Related: https://discussions.apple.com/thread/256061571
0
0
73
4d
Wi-Fi Aware (NAN) throughput significantly degraded when iPhone is associated to a Wi-Fi network; disabling Wi-Fi from Control Center roughly doubles transfer speed
Summary We are observing that Wi-Fi Aware data transfer throughput on iPhone is heavily impacted by the device's Wi-Fi association state and by surrounding RF interference. When Wi-Fi is turned off from Control Center, Wi-Fi Aware throughput increases to roughly 2x (or higher) compared to when the device remains associated to a Wi-Fi network. We would like to confirm whether this is expected behavior or a system-level bug. Log Feedback ID: FB23454477 Environment Device: iPhone Feature under test: Wi-Fi Aware (NAN) data path transfer Steps to Reproduce Connect the iPhone to a Wi-Fi network (associate to an AP). Establish a Wi-Fi Aware (NAN) data-path session with a peer device. Start a sustained data transfer and measure the steady-state throughput. Repeat the measurement in two RF conditions: a. Clean RF environment (no other surrounding Wi-Fi/BLE devices nearby). b. Congested / high-interference RF environment. Turn Wi-Fi off from the Control Center pull-down menu (leave the peer/session as before). Repeat the same Wi-Fi Aware transfer and measure throughput again. Observed Behavior Scenario 1 — Wi-Fi connected (associated to an AP) Clean RF environment (Wi-Fi connected, no other surrounding Wi-Fi/BLE devices nearby): Wi-Fi Aware transfer throughput is approximately 20 MB/s. Congested / high-interference RF environment: Wi-Fi Aware transfer throughput drops to approximately 8 MB/s. Reference log: sysdiagnose_2026.06.28_21-05-09+0800_iPhone-OS_iPhone_23F81.tar.gz Scenario 2 — Wi-Fi turned off via Control Center After turning Wi-Fi off from the Control Center pull-down menu, the Wi-Fi Aware transfer throughput increases to 2x or higher compared to Scenario 1. Reference log: sysdiagnose_2026.06.28_21-15-00+0800_iPhone-OS_iPhone_23F81.tar.gz Expected Behavior Wi-Fi Aware throughput should not be significantly constrained by the device's Wi-Fi association state. We expect comparable Wi-Fi Aware performance regardless of whether the device is associated to a Wi-Fi network, since disabling Wi-Fi should not be required to achieve full Wi-Fi Aware data-path throughput. Questions for Apple Is the throughput reduction while associated to a Wi-Fi network expected behavior (e.g., due to time-sharing/channel scheduling between the infrastructure connection and the Wi-Fi Aware data path)? If this is by design, are there recommended APIs, configurations, or best practices to maintain higher Wi-Fi Aware throughput while the device remains connected to Wi-Fi? If this is not expected, we believe this is a system-level bug and would appreciate guidance on a fix or workaround.
2
0
109
4d
MultipeerConnectivity background operation for mesh relay — alternatives to CoreBluetooth rewrite?
'm building a peer-to-peer mesh messaging app using MultipeerConnectivity. The app implements TTL-bounded flooding relay so messages can traverse multiple hops across devices that aren't directly connected to each other. The core limitation I'm hitting: MPC stops browsing and advertising when the app is backgrounded, which means a node can no longer relay messages for the rest of the mesh. For the mesh to be useful in practice, nodes need to stay active as relays even when users switch to other apps. I'm aware of the standard options: . Background task extension (beginBackgroundTask) — only buys ~30 seconds, not a real solution . Push notifications (APNs) — requires a server, defeats the goal of a fully offline/local mesh . CoreBluetooth with state preservation/restoration — genuine background capability, but essentially a full rewrite of the transport layer, and BLE throughput (~100–250 kbps) would hurt larger payloads Before committing to a CoreBluetooth rewrite, I want to make sure I'm not missing anything. specifically questions are: Is there any way to keep an MCNearbyServiceAdvertiser or MCNearbyServiceBrowser running in the background that I'm not aware of? Does MCSession maintain existing connections long enough in the background to be useful for relay (i.e., does it survive past the background task expiry)? Is Network.framework's local network discovery (NWBrowser with Bonjour) any more background-friendly than MPC's browser/advertiser? • Has anyone successfully implemented a hybrid approach — CoreBluetooth for background discovery/signaling + a higher-bandwidth channel (WiFi Direct or Network.framework TCP) negotiated when foregrounded? • Are there any entitlements or capabilities (e.g., AccessorySetupKit, NEAppProxyProvider, or anything in the networking extension family) that could help here that aren't commonly discussed? The relay/routing layer, E2EE, and message dedup all sit above the transport and are transport-agnostic, so the rewrite scope is limited to the discovery and session management layer — but it's still significant. Any experience with this pattern would be very helpful.
1
0
158
4d
iOS 26.4 — How to return from main app to host app after a keyboard-extension dictation round-trip, without private APIs?
I'm building a custom keyboard extension that offers voice dictation. Because keyboard extensions are constrained (memory cap ~30–48 MB, restricted audio session access), I delegate recording to my container app: User in a host app (e.g., Safari) taps the mic in my keyboard extension. The keyboard calls extensionContext.open(URL("myapp://dictation")) to launch the container app. The container app records audio via AVAudioEngine + SFSpeechRecognizer, writes the final transcript to the App Group, and signals completion via a Darwin notification. 4. The user is expected to be returned to the original host app (Safari) automatically so they can keep typing. The problem (step 4): On iOS 26.4 I can no longer identify which app was the host. Every previously-known path returns nil for the keyboard extension's host: parent.value(forKey: "_hostBundleID") → returns the literal string parent.value(forKey: "_hostApplicationBundleIdentifier") → returns NSNull xpc_connection_copy_bundle_id on the underlying XPC connection (via PKService.defaultService.personalities[…]) → returns NULL NSXPCConnection.processBundleIdentifier on extensionContext._extensionHostProxy._connection → returns nil proc_pidpath(hostPID, …) → EPERM from the keyboard sandbox LSApplicationWorkspace.frontmostApplication → selector unavailable from the extension RBSProcessHandle.handleForIdentifier:error: → returns an RBSServiceErrorDomain error Without the host's bundle ID, the container app has no way to call LSApplicationWorkspace.openApplicationWithBundleID: (the technique that worked on iOS 25 and earlier). UIApplication.suspend() correctly sends the container to background, but iOS treats us as a "fresh launch" — it returns the user to the Home Screen instead of Safari, because the container app was launched by an extension, not directly by Safari. KeyboardKit's maintainer reached the same conclusion (issue #1014) and shipped 10.4 without the feature. My questions: Is there a public, App-Store-safe API in iOS 26+ for a custom keyboard extension to identify its host application, or for the container app (launched via the extension's openURL) to identify which app initially hosted the extension that opened it? UIOpenURLContext.options.sourceApplication reports the extension's own container, not the actual host. 2. Is there a public mechanism for "return to source app" when the container app was launched by an extension's openURL? Equivalent to the ← Source affordance iOS shows for normal inter-app openURL, but triggered programmatically by the launched app. 3. Some popular keyboards (e.g., 微信输入法 / WeChat Keyboard) still appear to round-trip through their container app on iOS 26.4 and return the user to the original host — including the iOS ← WeChat back affordance in the host's status bar afterward. What's the recommended approach to achieve this? If it requires a specific scene-activation flow, NSUserActivity pattern, or extension-context configuration, please point at the relevant docs. 4. If there is no public path today, is FB22247647 (or a related radar) the right place to track this? Should developers in this position migrate to in-extension audio capture (which has its own significant constraints in keyboard extensions)? I'd much rather not rely on private APIs. Concrete guidance — or even an acknowledgment of which direction Apple intends — would help thousands of custom-keyboard developers who currently have a degraded voice-input experience on iOS 26.4+. Tested on iPhone 12 Pro Max running iOS 26.4.2 (build 23E261), Xcode 26.x, Swift 5. Thanks!
3
0
623
4d
Identifying the host app from a custom keyboard on iOS 26.4+ (host bundle id is now nil)
I have a custom keyboard (UIInputViewController, Full Access). For a dictation feature it opens its containing app to record audio (the keyboard can't use the microphone) and then needs to return the user to the host app they were typing in. That requires knowing the host app. Through iOS 26.3 this worked, because the host bundle id was exposed on the keyboard's input-session connection. On iOS 26.4 / 26.5 it is now nil, and every route I have tried is blocked: UIInputViewController _hostApplicationBundleIdentifier -> nil _hostProcessIdentifier and the host audit token are available, but: RBSProcessHandle handleForAuditToken: / handleForIdentifier: -> "Client not entitled" SecTaskCopySigningIdentifier / SecTaskCopyValueForEntitlement -> nil (sandbox) proc_pidpath -> EPERM UIKeyboardImpl _remoteAppId / _remoteLocalizedAppName -> nil The keyboard arbiter client-change event fires in SpringBoard, not in the extension process However, at least one shipping keyboard still does this on iOS 26.5. I verified in device logs that Yandex Keyboard launches its container app with a URL containing the correct, current host bundle id, and it is live: it reported net.whatsapp.WhatsApp, then net.whatsapp.WhatsAppSMB when the host was WhatsApp Business. So the capability clearly still exists for some apps. Questions: Is there a supported API on iOS 26.4+ for a keyboard extension to identify its host app? If it requires an entitlement, can developers request it, and how? If there is no public path, is the intended approach the system "back to previous app" breadcrumb (manual) plus a containing-app round trip? I have also filed Feedback (FB#######). Thanks.
1
0
125
4d
Inquiry Regarding iBeacon Compliance Test Specifications
We are conducting iBeacon compliance testing for our device and would like to clarify two test items from the iBeacon test specification: Regarding Tx power stability verification over time and across different battery capacities: Could you please specify the required test duration and the exact test procedure? Specifically, how long should the Tx power be monitored to verify stability within the 2dB standard deviation requirement, and what battery capacity levels (e.g., 100%, 50%, 20%, low battery threshold) should be tested? Regarding device interoperability with iOS CoreLocation APIs for beacon-based region monitoring and ranging: Could you please provide guidance on the test methodology? Specifically, what test cases, expected behaviors, and pass/fail criteria should we follow to verify correct interoperability with region monitoring (didEnter/didExit) and ranging (didRangeBeacons) APIs? Any official test guidelines or reference documents would be greatly appreciated.
0
0
65
4d
URL Filters not activating on iOS 27 beta
(Also submitted as FB23072541) iOS 27 beta 1 brings a brand new error which ends up resulting in a state of .serverSetupIncomplete: <NEPIRChecker: 0x7de6c79b60>: -[NEPIRChecker start:responseQueue:completionHandler:]_block_invoke - PIR status returned error <Error Domain=com.apple.CipherML Code=1100 "Unable to query status due to errors: Error details were logged and redacted." UserInfo={NSLocalizedDescription=Unable to query status due to errors: Error details were logged and redacted., NSUnderlyingError=0x7de712f4e0 {Error Domain=com.apple.CipherML Code=1800 "Error details were logged and redacted." UserInfo={NSLocalizedDescription=Error details were logged and redacted.}}}> <NEAgentURLFilterExtension: 0x7de6d24e60>: -[NEAgentURLFilterExtension startURLFilter]_block_invoke - Failed to startFilter <Error Domain=NEMembershipCheckerErrorDomain Code=3 "(null)"> What’s a NEMembershipChecker? Member of what? Digging deeper I found these: Failed to prefetch tokens for group 'site.kaylees.Wipr2': Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." UserInfo={_NSURLErrorNWPathKey=satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi, LQM: good, NSErrorFailingURLKey=https://pirissuer.kaylees.site/token-key-for-user-token, NSUnderlyingError=0x7517125a40 {Error Domain=NSPOSIXErrorDomain Code=50 "Network is down" UserInfo={NSDescription=Network is down}}, _NSURLErrorPrivacyProxyFailureKey=true, NSLocalizedDescription=The Internet connection appears to be offline.} queryStatus(for:options:) threw an error: Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." UserInfo={_NSURLErrorNWPathKey=satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi, LQM: good, NSErrorFailingURLKey=https://pirissuer.kaylees.site/token-key-for-user-token, NSUnderlyingError=0x7517125b00 {Error Domain=NSPOSIXErrorDomain Code=50 "Network is down" UserInfo={NSDescription=Network is down}}, _NSURLErrorPrivacyProxyFailureKey=true, NSLocalizedDescription=The Internet connection appears to be offline.} The connection and the URL mentioned are fine of course, but "Network is down” now? This new problem only affects the App Store version of my app – not present if I install from Xcode. Users report that oddly, having an active VPN on the device works around this bug.
3
3
352
4d
Unable to disable SIP on macOS 27 Beta 1
I work for a company which develops as part of our product suite a System Extension implementing an Endpoint Security client. Our local developer workflow for testing and validating changes is to build locally with Developer certificates (not a legitimate/production Developer ID certificate) and deploy local builds in to a VM, where to get the System Extension to load and be accepted we need to disable SIP & AMFI. macOS 27 VM is refusing to allow me to disable SIP. Is there an alternate approach we can use for this workflow to allow macOS VMs to accept our software when signing with a (same teamID, but different certificate to the provisioningprofile) developer certificate for local validation?
3
3
633
5d
Unexpected Third-Party Notifications During Edu-Assessment mode (Single app mode)
Hello, We have an assessment application that placing the device into Education Assessment Mode (also referred to as Single App Mode) to provide a secure exam environment. On our test devices, Education Assessment Mode behaves as expected. While an assessment session is active, we have verified that third-party notifications (such as WhatsApp and Snapchat) do not appear. However, one of our customers recently reported that during an active exam, a Snapchat notification was displayed while the device was still in Education Assessment Mode. We have been unable to reproduce this behavior on any of our test devices, even after repeated testing with the same application. Has anyone experienced similar behavior with education assessment mode? Specifically: Can there be any scenario where third-party notification banners are shown while an assessment session is active? Are there any known edge cases or system conditions that could allow notifications to appear during Education Assessment Mode? Is there any way to verify from the application that the assessment session is still fully enforced by the system? We're also interested in knowing whether Apple is aware of any issues related to notification suppression while an education assessment mode is active. Any insights would be greatly appreciated. Thank you.
0
0
83
5d
ApplePay on website -validateMerchant-payment sheet stuck
I tried to integrate ApplePay on website. Followed the official documentation. Successfully creating the apple session. However according to my logs, execution doesn't even going to verify the merchant. When I click the ApplePay button the payment sheet displays and it brings the card details, but the bottom button stays "Processing". May I know what could be the reason? Our PSP is credimax. Any input to resolve this is highly appreciate. we stuck on this for last 3 months.
1
0
67
5d
XPC connection consistently invalidated on app upgrade
Hi, Our project is a MacOS SwiftUI GUI application that bundles a System Network Extension, signed with a Developer ID certificate for distribution outside of the app store. The system network extension is used to write a packet tunnel provider. The signing of the app & network extension is handled by XCode (v16.0.0), we do not run codesign ourselves. We have no issues with XPC or the system network extension during normal usage, nor when the application is installed on a user's device for the first time. The problem only arises when the user upgrades the application. I have experienced this issue myself, as have our users. It's been reported on Apple Silicon macbooks running at least macOS 15.3.2. Much like the SimpleFirewall example (which we used as a reference), we use XPC for basic communication of state between the app and NE. These XPC connections stop working when the user installs a new version of the app, with OS logs from the process indicating that the connection is immediately invalidated. Subsequent connection attempts are also immediately invalidated. Toggling the VPN in system settings (or via the app) does not resolve the problem, nor does restarting the app, nor does deleting and reinstalling the app, nor does restarting the device. The only reliable workaround is to delete the system extension in Login Items & Extensions, under Network Extensions. No device restart is necessary to garbage collect the old extension - once the extension is reapproved by the user, the XPC issue resolves itself. This would be an acceptable workaround were it possible to automate the deleting of the system extension, but that appears deliberately not possible, and requiring our users to do this each time they update is unreasonable. When the upgraded app is opened for the first time, the OSSystemExtensionRequest request is sent, and the outcome is that the previously installed system network extension is replaced, as both the CFBundleVersion and CFBundleShortVersionString differ. When this issue is encountered, the output of systemextensionsctl list shows the later version is installed and activated. I've been able to reproduce this bug on my personal laptop, with SIP on and systemextensionsctl developer off, but on my work laptop with SIP off and systemextensionsctl developer on (where the network extension is replaced on each activation request, instead of only when the version strings differ), I do not encounter this issue, which leads me to believe it has something to do with the notarization process. We notarize the pkg using xcrun notarytool, and then staple to the pkg. This is actually the same issue described in: https://developer.apple.com/forums/thread/711713 https://developer.apple.com/forums/thread/667597 https://developer.apple.com/forums/thread/742992 https://developer.apple.com/forums/thread/728063 but it's been a while since any of these threads were updated, and we've made attempts to address it off the suggestions in the threads to no avail. Those suggestions are: Switching to a .pkg installer from a .dmg As part of the .pkg preinstall, doing all of the following: Stopping the VPN (scutil --nc stop), shutting down the app (using osascript 'quit app id'), and deleting the app (which claims to delete the network extension, but not the approval in Login Items & Extensions remains??), by running rm -rf on the bundle in /Applications As part of the .pkg postinstall: Forcing macOS to ingest the App bundle's notarization ticket using spctl --assess. Ensuring NSXPCListener.resume() is called after autoreleasepool { NEProvider.startSystemExtensionMode() } (mentioned in a forum thread above as a fix, did not help.) One thing I'm particularly interested in is the outcome of this feedback assistant ticket, as I can't view it: FB11086599. It was shared on this forum in the first thread above, and supposedly describes the same issue. I almost find it hard to believe that this issue has been around for this many years without a workaround (there's system network extension apps out there that appear to work fine when updating, are they not using XPC?), so I wonder if there's a fix described in that FB ticket. Since I can't view that above feedback ticket, I've created my own: FB17032197
8
0
812
5d
iPhone 17 Pro max Bluetooth HFP call audio routing fails, media audio works
I’m seeing a Bluetooth call audio routing issue on a new iPhone 17 Pro running iOS 26.5.1, build 23F81. Bluetooth media audio works normally. Music and video audio stay on Bluetooth headphones without issues. The problem appears only when the device switches into call audio / HFP mode. Tested with multiple earbuds: Samsung, OPPO, Huawei and CMF Buds Pro 2. The behavior is similar with all of them. There are no other Bluetooth devices connected. Call Audio Routing is already set to Bluetooth Headset in Accessibility settings. The issue affects cellular calls, FaceTime Audio, Telegram and Signal. In some cases the earbuds seem to switch into call mode, but the call audio route falls back to the iPhone receiver or speaker instead of staying on the Bluetooth headset. After the call ends, Bluetooth media audio returns normally. I captured a sysdiagnose right after reproducing the issue. Relevant observations from the logs: Device: iPhone18,2 iOS: 26.5.1 Build: 23F81 Sysdiagnose time: 2026-06-03 11:22:03 +0300 In Bluetooth/CoreCapture/bluetooth_status.txt, Bluetooth was ON 3 paired devices were present 1 device was connected Connected device at the time: CMF Buds Pro 2 So the headset was not simply disconnected from the phone. In the powerlog, before the call the audio route was HeadphonesBT for media playback. Around the FaceTime Audio test, HeadsetBT / PhoneCall appeared, but then the route moved to ReceiverAndMicrophone / Speaker instead of staying on HeadsetBT. During a later cellular call, the active PhoneCall route was also ReceiverAndMicrophone rather than HeadsetBT. After the call ended, the route returned to HeadphonesBT for media playback. This looks like the Bluetooth connection remains alive, but call audio / HFP routing fails. The same sysdiagnose also contains CentauriFirmwareEvent entries under crashes_and_spins from the previous day. They show: subsystem = BT host-reason = firmware crash BTMAIN panic faulting_task = link_manager_thread LMAC_5G watchdog expired SCAN watchdog expired These firmware crash events do not happen at the exact same timestamp as the call test, so I’m not claiming that every call directly crashes Bluetooth firmware. But the sysdiagnose shows both incorrect Bluetooth call audio routing and separate BT firmware crash events. Has anyone seen similar behavior on iPhone 17 / iOS 26 with Bluetooth HFP call audio? Could this be a known iOS 26 / Apple N1 / Bluetooth firmware issue, or does it look more like a hardware defect of this particular device?
4
0
489
6d
CarPlay Entitlements for navigation
Bonjour, Je viens ici afin d'exposer mon problème en espérant trouver une solution. En Août 2025 j'ai publié une demande afin de pouvoir développer une application Carplay de type navigation. Ma demande n'a jamais été traitée, j'ai soumis une autre demande en février, puis en avril. Toujours sans réponse. Depuis environ 3 semaines, j'appelle Apple toutes les semaines afin de demander à ce que ma demande soit traitée. J'ai bien évidemment une réponse m'indiquant que la demande était remontée, mais sans retour par la suite. Je commence à sérieusement perdre patience, et ne trouve aucune solution. Quelles seraient vos propositions ? Merci par avance pour vos retours
1
0
258
6d
iOS Universal Link opens app and then opens browser (Flutter + Universal Links) — only when using paths/params
Hi everyone, I’ve been stuck on an issue with iOS Universal Links for about a week and could really use some help. The problem When tapping a Universal Link on iOS, my Flutter app opens correctly (desired behavior) — but immediately afterward, Safari opens the same link in the browser. So both the app and the browser open. This only happens on iOS. On Android everything works as expected. What works If the link is simply the domain, like: https://mydomain.com …then the app opens without triggering the browser afterward. This is the correct behavior. What doesn’t work If the link includes a path or parameters, like: https://mydomain.com/path https://mydomain.com/path?param=value …then the app opens, and then the browser opens immediately after. What I’ve tried Verified my AASA file using Branch’s validator: https://branch.io/resources/aasa-validator/ → The AASA file is valid. Universal Links do open the correct screen inside the app — the issue is the unwanted second step (Safari opening). Behavior is consistent across different iOS devices. Extra details Using Flutter. Universal Links set up with the standard configuration (associatedDomains, AASA hosted at /.well-known/apple-app-site-association, etc.). Question Has anyone encountered this issue where Universal Links with paths/params open the app and then open Safari? What could cause iOS to trigger the browser fallback even when the AASA file is valid and the app handles the link correctly? Any insights, debugging tips, or known edge cases would be incredibly appreciated!
5
2
502
6d
Monitor cpu, memory and network of a running vm in Virtualization framework
Hi, I would like to dipslay resource monitoring graph of CPU, Memory & Network of a running VM with Virtuization Framework. How can i do it with Swift? Is there a way we can do it without the need of guest agents.
Replies
2
Boosts
0
Views
119
Activity
4d
URLSession on watchOS never fails over to watch's own Wi-Fi when paired iPhone has Bluetooth but no internet (-1200)
We develop a healthcare emergency-alerting app with a native watchOS companion app. We've hit a network routing issue on watchOS that we cannot work around with any public API, and it breaks a safety-critical flow (triggering an emergency alarm from the watch). Environment watchOS 26.5 on Apple Watch SE3, paired with iPhone SE 2nd Gen on iOS 26.5 Watch app deployment target: watchOS 9.0 Plain URLSession (async/await), default configuration plus waitsForConnectivity = false, allowsExpensiveNetworkAccess = true, allowsConstrainedNetworkAccess = true HTTPS to our own backend (valid public TLS certificate, no pinning) Steps to reproduce Pair the watch with the iPhone. Both on the same known Wi-Fi network. On the iPhone: turn OFF Wi-Fi and cellular data. Keep Bluetooth ON. The watch remains connected to its known Wi-Fi network (or would be, if the system brought the radio up). Trigger any HTTPS request from the watch app (foreground). Expected Since the companion iPhone has no internet, the watch should satisfy the request over its own Wi-Fi. Actual The request is routed through the companion link (ipsec1, "companion preference: prefer" in the logs) and fails after the TLS handshake dies inside the tunnel: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9816 (errSSLClosedNoNotify) The watch never fails over to its own Wi-Fi, no matter how many times we retry or how long we wait. The same request succeeds within seconds if the user disables Bluetooth on the iPhone (watch then joins Wi-Fi directly), or restores the iPhone's internet. What we already tried waitsForConnectivity = true doesn't help; a path exists (the tunnel), it just doesn't work. Fresh URLSession per retry, backoff retries still routed via the tunnel. Per TN3135 we understand low-level networking is not available to a normal app: we prototyped NWConnection with prohibitedInterfaceTypes = [.other], and indeed on device NWPathMonitor stays .unsatisfied even when the watch has working Wi-Fi, exactly as TN3135 describes. So Network framework is not an escape hatch for us, and we are not looking to abuse the audio-streaming/CallKit carve-outs. Questions Is the companion-preferred routing supposed to fail over to the watch's own Wi-Fi when the iPhone is reachable over Bluetooth but has no internet? If yes, on what timescale, and is there anything an app can do to help the system notice the dead path sooner? Is there ANY supported way for a foreground watchOS app to express "do not use the companion link for this request"? We found only the private _companionProxyPreference SPI, which we obviously can't ship. If the answer to both is "no", what is the recommended pattern for safety-critical requests in this state is failing fast and instructing the user to disable iPhone Bluetooth really the intended UX? Related earlier reports of the same behavior: https://developer.apple.com/forums/thread/759321 https://developer.apple.com/forums/thread/107964
Replies
2
Boosts
1
Views
273
Activity
4d
Reboot-free upgrade of an always-matched DriverKit dext
I have a DriverKit dext that implements a virtual SCSI HBA (no physical hardware). Because a bare IOUserSCSIParallelInterfaceController has no provider to match, the bundle ships two IOKitPersonalities: Bootstrap — IOClass IOUserService, IOProviderClass IOUserResources, IOResourceMatch IOKit. In Start() it does SetProperties({NvmeOfSCSIHBA: true}) + RegisterService(), publishing itself as a nub. Controller — IOClass IOUserSCSIParallelInterfaceController, IOProviderClass IOUserService, IOPropertyMatch {NvmeOfSCSIHBA: true} — it matches the bootstrap nub. This loads and runs correctly. The problem is upgrades. Activating a higher CFBundleVersion via OSSystemExtensionRequest.activationRequest (in-place replace) always defers the old version's termination to reboot. The new version reaches [activated enabled] but never starts; the old process keeps running until reboot. From sysextd/kernelmanagerd: kernelmanagerd Dext … v15 … is being replaced and cannot be terminated right away sysextd delegate returns Error Domain=OSSystemExtensionErrorDomain Code=101 "…is being replaced", assumes responsibility for old version …, keeping old version 15 sysextd turning the responsibility for termination of …, version 15 over to delegate (with uninstallation at the next reboot) sysextd a category delegate declined to terminate extension with identifier: … sysextd v15 terminating_for_uninstall → terminating_for_upgrade_via_delegate Key observation: this defers even on a fresh boot where the dext was never opened — no app/daemon ever opened the IOUserClient, no I/O, nothing attached beyond the controller↔nub match. So it does not appear to be a "client still holds it open" / busy-state situation; the driver_extension category delegate declines the moment it's a replacement. What I've tried: In-place activationRequest (replace): always defers to reboot (above). deactivationRequest (standalone): the request hangs — no delegate callback at all (waited ~13 min), even with no client open. Disconnecting all clients first (graceful Stop() that cancels its dispatch queues and completes async) does not change the replace deferral. My understanding from the docs/forums is that the normal reboot-free replace relies on the backing device being disconnected/reconnected to quiesce the old dext (thread 677040). My controller matches a persistent IOUserResources-backed nub that never detaches, so there's no equivalent quiesce point. Questions: For a dext whose only provider is a self-published IOUserResources nub (no detachable hardware), is reboot-free replacement structurally impossible — i.e. is the Code=101 "is being replaced" defer inherent to this matching pattern? Is the supported way to live-upgrade such a dext to deactivationRequest → (on .completed) → activationRequest rather than an in-place replace? If so, what makes a deactivationRequest complete in-session vs. defer to reboot for an IOUserResources-matched dext — and what would cause it to hang with no delegate callback? (Daemon's IOUserClient is closed; the controller's Stop() cancels its queues and completes.) Should the dext itself proactively tear down the published nub (e.g. terminate the bootstrap IOService) before/at upgrade so the controller detaches — or does that just re-match the still-staged old personalities and relaunch the old version? Is there a recommended pattern for a virtual (hardwareless) DriverKit HBA that needs in-field, reboot-free version updates, or is reboot genuinely required for this class of dext? Environment: macOS 27 (Tahoe)
Replies
0
Boosts
0
Views
75
Activity
4d
Refund requests failing in production
We offer an in-app way for customers to request an Apple refund for an auto-renewable subscription using StoreKit2. Everything worked during testing and verification in the Sandbox and TestFlight phases, but now consistently fails in Production. We present the refund sheet on a button press: .refundRequestSheet(for: transactionID, isPresented: $isPresenting) { result in switch result { case .success(let status): // .success / .userCancelled handled here case .failure(let error): // -> .failed for every user } } We log the outcome of all the requests, success and cancel behaves as expected. Since RefundRequestError only has .duplicateRequest .failed and the localizedDescription is generic, we don't know why it is failing. We have already checked that the transaction are for verified, not revoked, non-upgraded and active subscriptions. The issue only happens in Production. Is there any way to get more information about why a refund request fails or what other configuration needs to verified for this to work? Is there an eligibility window or other non-specified limit that might result in these errors?
Replies
0
Boosts
0
Views
79
Activity
4d
Clarification on Screen Time API capabilities for per-child and per-device activity reports
Hello, I am developing a parental control app using FamilyControls, DeviceActivity, and DeviceActivityReport. My current setup is: The child device requests FamilyControls authorization with .child The parent device requests FamilyControls authorization with .individual The parent app displays reports through a DeviceActivityReportExtension The report filter uses users: .children and devices: .all I would like to clarify two questions: Can a third-party app use the Screen Time API to retrieve or display screen time activity per child or per child device from the parent app? For example: Child A's total screen time today Child A's iPhone screen time today Child A's iPad screen time today At the moment, I can only display an aggregated report using users: .children and devices: .all. I do not see a public API for selecting a specific child or a specific child device. Is this a current limitation of the public Screen Time API, or is there a recommended approach to implement this? Can the Screen Time API report activity data for family members aged 14-17? Specifically, if a family member is between 14 and 17 years old and their device has completed .child authorization, can the parent app still display their Screen Time data using DeviceActivityReport(users: .children)? Or are there restrictions related to Apple ID age, Family Sharing, or Screen Time permissions that prevent third-party apps from retrieving or displaying activity data for users in this age range? My goal is to understand what third-party apps can implement in a compliant way using the public APIs, without attempting to bypass any system limitations. Thank you.
Replies
0
Boosts
0
Views
62
Activity
4d
MapKit JS: Dashed MKPolyline stroke becomes thicker when zooming the map
I draw a dashed line using MKPolyline in MapKit JS. Even though I set a fixed strokeWidth, the dashed polyline automatically becomes thicker every time I zoom in or out of the map. The line thickness scales along with the map zoom level.
Replies
0
Boosts
0
Views
70
Activity
4d
iOS 27+26+18: Spotlight only finds title, not textContent nor contentDescription.
Related feedback: FB16995719 This is an old one, that has not been solved in iOS 27. This is very annoying since iOS 27 brings new AI stuff to Spotlight, that can't be used because of this bug. Jennifer has acknowledged this bug during a one-on-one session last year (WWDC25) where we carefully reviewed my code. I simply would like that the app documents content to be indexed. It's simple text that I pass to textContent. ------- try await CSSearchableIndex.default().indexAppEntities([entity]) // How the indexing is called ------- @available(iOS 18, *) /// The IndexedEntity struct DocumentEntity: IndexedEntity, Identifiable { static var typeDisplayRepresentation: TypeDisplayRepresentation { TypeDisplayRepresentation(name: LocalizedStringResource("INTENT_DOCUMENT_DISPLAY_REP")) } static let defaultQuery = DocumentQuery() // A unique identifier for each document let id: NSManagedObjectID let title: String? let thumbnailData: Data? // The document's text to be indexed let textContent: String? let pageCount: Int // A display representation for UI purposes. var displayRepresentation: DisplayRepresentation { DisplayRepresentation( title: "\(title ?? "")", image: thumbnailData == nil ? nil : .init(data: thumbnailData!) // INDEXED successfully through the use of @available(iOS 18, *) struct DocumentEntity: IndexedEntity, Identifiable { static var typeDisplayRepresentation: TypeDisplayRepresentation { TypeDisplayRepresentation(name: LocalizedStringResource("INTENT_DOCUMENT_DISPLAY_REP")) } static let defaultQuery = DocumentQuery() // A unique identifier for each document (for example, your NSManagedObject's objectID). let id: NSManagedObjectID let title: String? let thumbnailData: Data? // The OCR text to be indexed let textContent: String? let pageCount: Int // A display representation for UI purposes. var displayRepresentation: DisplayRepresentation { DisplayRepresentation( title: "\(title ?? "")", image: thumbnailData == nil ? nil : .init(data: thumbnailData!) ) } } ) } } @available(iOS 18, *) extension DocumentEntity { // The attributeSet for Spotlight var attributeSet: CSSearchableItemAttributeSet { let attributeSet = defaultAttributeSet attributeSet.title = title attributeSet.displayName = title // THIS ONE IS INDEXED attributeSet.contentType = UTType.plainText.identifier attributeSet.textContent = textContent // THIS ONE IS **NOT** INDEXED attributeSet.pageCount = NSNumber(integerLiteral: pageCount) // THIS ONE IS INDEXED attributeSet.thumbnailData = thumbnailData attributeSet.creator = Constants.APP_NAME return attributeSet } } Related: https://discussions.apple.com/thread/256061571
Replies
0
Boosts
0
Views
73
Activity
4d
Wi-Fi Aware (NAN) throughput significantly degraded when iPhone is associated to a Wi-Fi network; disabling Wi-Fi from Control Center roughly doubles transfer speed
Summary We are observing that Wi-Fi Aware data transfer throughput on iPhone is heavily impacted by the device's Wi-Fi association state and by surrounding RF interference. When Wi-Fi is turned off from Control Center, Wi-Fi Aware throughput increases to roughly 2x (or higher) compared to when the device remains associated to a Wi-Fi network. We would like to confirm whether this is expected behavior or a system-level bug. Log Feedback ID: FB23454477 Environment Device: iPhone Feature under test: Wi-Fi Aware (NAN) data path transfer Steps to Reproduce Connect the iPhone to a Wi-Fi network (associate to an AP). Establish a Wi-Fi Aware (NAN) data-path session with a peer device. Start a sustained data transfer and measure the steady-state throughput. Repeat the measurement in two RF conditions: a. Clean RF environment (no other surrounding Wi-Fi/BLE devices nearby). b. Congested / high-interference RF environment. Turn Wi-Fi off from the Control Center pull-down menu (leave the peer/session as before). Repeat the same Wi-Fi Aware transfer and measure throughput again. Observed Behavior Scenario 1 — Wi-Fi connected (associated to an AP) Clean RF environment (Wi-Fi connected, no other surrounding Wi-Fi/BLE devices nearby): Wi-Fi Aware transfer throughput is approximately 20 MB/s. Congested / high-interference RF environment: Wi-Fi Aware transfer throughput drops to approximately 8 MB/s. Reference log: sysdiagnose_2026.06.28_21-05-09+0800_iPhone-OS_iPhone_23F81.tar.gz Scenario 2 — Wi-Fi turned off via Control Center After turning Wi-Fi off from the Control Center pull-down menu, the Wi-Fi Aware transfer throughput increases to 2x or higher compared to Scenario 1. Reference log: sysdiagnose_2026.06.28_21-15-00+0800_iPhone-OS_iPhone_23F81.tar.gz Expected Behavior Wi-Fi Aware throughput should not be significantly constrained by the device's Wi-Fi association state. We expect comparable Wi-Fi Aware performance regardless of whether the device is associated to a Wi-Fi network, since disabling Wi-Fi should not be required to achieve full Wi-Fi Aware data-path throughput. Questions for Apple Is the throughput reduction while associated to a Wi-Fi network expected behavior (e.g., due to time-sharing/channel scheduling between the infrastructure connection and the Wi-Fi Aware data path)? If this is by design, are there recommended APIs, configurations, or best practices to maintain higher Wi-Fi Aware throughput while the device remains connected to Wi-Fi? If this is not expected, we believe this is a system-level bug and would appreciate guidance on a fix or workaround.
Replies
2
Boosts
0
Views
109
Activity
4d
MultipeerConnectivity background operation for mesh relay — alternatives to CoreBluetooth rewrite?
'm building a peer-to-peer mesh messaging app using MultipeerConnectivity. The app implements TTL-bounded flooding relay so messages can traverse multiple hops across devices that aren't directly connected to each other. The core limitation I'm hitting: MPC stops browsing and advertising when the app is backgrounded, which means a node can no longer relay messages for the rest of the mesh. For the mesh to be useful in practice, nodes need to stay active as relays even when users switch to other apps. I'm aware of the standard options: . Background task extension (beginBackgroundTask) — only buys ~30 seconds, not a real solution . Push notifications (APNs) — requires a server, defeats the goal of a fully offline/local mesh . CoreBluetooth with state preservation/restoration — genuine background capability, but essentially a full rewrite of the transport layer, and BLE throughput (~100–250 kbps) would hurt larger payloads Before committing to a CoreBluetooth rewrite, I want to make sure I'm not missing anything. specifically questions are: Is there any way to keep an MCNearbyServiceAdvertiser or MCNearbyServiceBrowser running in the background that I'm not aware of? Does MCSession maintain existing connections long enough in the background to be useful for relay (i.e., does it survive past the background task expiry)? Is Network.framework's local network discovery (NWBrowser with Bonjour) any more background-friendly than MPC's browser/advertiser? • Has anyone successfully implemented a hybrid approach — CoreBluetooth for background discovery/signaling + a higher-bandwidth channel (WiFi Direct or Network.framework TCP) negotiated when foregrounded? • Are there any entitlements or capabilities (e.g., AccessorySetupKit, NEAppProxyProvider, or anything in the networking extension family) that could help here that aren't commonly discussed? The relay/routing layer, E2EE, and message dedup all sit above the transport and are transport-agnostic, so the rewrite scope is limited to the discovery and session management layer — but it's still significant. Any experience with this pattern would be very helpful.
Replies
1
Boosts
0
Views
158
Activity
4d
iOS 26.4 — How to return from main app to host app after a keyboard-extension dictation round-trip, without private APIs?
I'm building a custom keyboard extension that offers voice dictation. Because keyboard extensions are constrained (memory cap ~30–48 MB, restricted audio session access), I delegate recording to my container app: User in a host app (e.g., Safari) taps the mic in my keyboard extension. The keyboard calls extensionContext.open(URL("myapp://dictation")) to launch the container app. The container app records audio via AVAudioEngine + SFSpeechRecognizer, writes the final transcript to the App Group, and signals completion via a Darwin notification. 4. The user is expected to be returned to the original host app (Safari) automatically so they can keep typing. The problem (step 4): On iOS 26.4 I can no longer identify which app was the host. Every previously-known path returns nil for the keyboard extension's host: parent.value(forKey: "_hostBundleID") → returns the literal string parent.value(forKey: "_hostApplicationBundleIdentifier") → returns NSNull xpc_connection_copy_bundle_id on the underlying XPC connection (via PKService.defaultService.personalities[…]) → returns NULL NSXPCConnection.processBundleIdentifier on extensionContext._extensionHostProxy._connection → returns nil proc_pidpath(hostPID, …) → EPERM from the keyboard sandbox LSApplicationWorkspace.frontmostApplication → selector unavailable from the extension RBSProcessHandle.handleForIdentifier:error: → returns an RBSServiceErrorDomain error Without the host's bundle ID, the container app has no way to call LSApplicationWorkspace.openApplicationWithBundleID: (the technique that worked on iOS 25 and earlier). UIApplication.suspend() correctly sends the container to background, but iOS treats us as a "fresh launch" — it returns the user to the Home Screen instead of Safari, because the container app was launched by an extension, not directly by Safari. KeyboardKit's maintainer reached the same conclusion (issue #1014) and shipped 10.4 without the feature. My questions: Is there a public, App-Store-safe API in iOS 26+ for a custom keyboard extension to identify its host application, or for the container app (launched via the extension's openURL) to identify which app initially hosted the extension that opened it? UIOpenURLContext.options.sourceApplication reports the extension's own container, not the actual host. 2. Is there a public mechanism for "return to source app" when the container app was launched by an extension's openURL? Equivalent to the ← Source affordance iOS shows for normal inter-app openURL, but triggered programmatically by the launched app. 3. Some popular keyboards (e.g., 微信输入法 / WeChat Keyboard) still appear to round-trip through their container app on iOS 26.4 and return the user to the original host — including the iOS ← WeChat back affordance in the host's status bar afterward. What's the recommended approach to achieve this? If it requires a specific scene-activation flow, NSUserActivity pattern, or extension-context configuration, please point at the relevant docs. 4. If there is no public path today, is FB22247647 (or a related radar) the right place to track this? Should developers in this position migrate to in-extension audio capture (which has its own significant constraints in keyboard extensions)? I'd much rather not rely on private APIs. Concrete guidance — or even an acknowledgment of which direction Apple intends — would help thousands of custom-keyboard developers who currently have a degraded voice-input experience on iOS 26.4+. Tested on iPhone 12 Pro Max running iOS 26.4.2 (build 23E261), Xcode 26.x, Swift 5. Thanks!
Replies
3
Boosts
0
Views
623
Activity
4d
Identifying the host app from a custom keyboard on iOS 26.4+ (host bundle id is now nil)
I have a custom keyboard (UIInputViewController, Full Access). For a dictation feature it opens its containing app to record audio (the keyboard can't use the microphone) and then needs to return the user to the host app they were typing in. That requires knowing the host app. Through iOS 26.3 this worked, because the host bundle id was exposed on the keyboard's input-session connection. On iOS 26.4 / 26.5 it is now nil, and every route I have tried is blocked: UIInputViewController _hostApplicationBundleIdentifier -> nil _hostProcessIdentifier and the host audit token are available, but: RBSProcessHandle handleForAuditToken: / handleForIdentifier: -> "Client not entitled" SecTaskCopySigningIdentifier / SecTaskCopyValueForEntitlement -> nil (sandbox) proc_pidpath -> EPERM UIKeyboardImpl _remoteAppId / _remoteLocalizedAppName -> nil The keyboard arbiter client-change event fires in SpringBoard, not in the extension process However, at least one shipping keyboard still does this on iOS 26.5. I verified in device logs that Yandex Keyboard launches its container app with a URL containing the correct, current host bundle id, and it is live: it reported net.whatsapp.WhatsApp, then net.whatsapp.WhatsAppSMB when the host was WhatsApp Business. So the capability clearly still exists for some apps. Questions: Is there a supported API on iOS 26.4+ for a keyboard extension to identify its host app? If it requires an entitlement, can developers request it, and how? If there is no public path, is the intended approach the system "back to previous app" breadcrumb (manual) plus a containing-app round trip? I have also filed Feedback (FB#######). Thanks.
Replies
1
Boosts
0
Views
125
Activity
4d
Inquiry Regarding iBeacon Compliance Test Specifications
We are conducting iBeacon compliance testing for our device and would like to clarify two test items from the iBeacon test specification: Regarding Tx power stability verification over time and across different battery capacities: Could you please specify the required test duration and the exact test procedure? Specifically, how long should the Tx power be monitored to verify stability within the 2dB standard deviation requirement, and what battery capacity levels (e.g., 100%, 50%, 20%, low battery threshold) should be tested? Regarding device interoperability with iOS CoreLocation APIs for beacon-based region monitoring and ranging: Could you please provide guidance on the test methodology? Specifically, what test cases, expected behaviors, and pass/fail criteria should we follow to verify correct interoperability with region monitoring (didEnter/didExit) and ranging (didRangeBeacons) APIs? Any official test guidelines or reference documents would be greatly appreciated.
Replies
0
Boosts
0
Views
65
Activity
4d
URL Filters not activating on iOS 27 beta
(Also submitted as FB23072541) iOS 27 beta 1 brings a brand new error which ends up resulting in a state of .serverSetupIncomplete: <NEPIRChecker: 0x7de6c79b60>: -[NEPIRChecker start:responseQueue:completionHandler:]_block_invoke - PIR status returned error <Error Domain=com.apple.CipherML Code=1100 "Unable to query status due to errors: Error details were logged and redacted." UserInfo={NSLocalizedDescription=Unable to query status due to errors: Error details were logged and redacted., NSUnderlyingError=0x7de712f4e0 {Error Domain=com.apple.CipherML Code=1800 "Error details were logged and redacted." UserInfo={NSLocalizedDescription=Error details were logged and redacted.}}}> <NEAgentURLFilterExtension: 0x7de6d24e60>: -[NEAgentURLFilterExtension startURLFilter]_block_invoke - Failed to startFilter <Error Domain=NEMembershipCheckerErrorDomain Code=3 "(null)"> What’s a NEMembershipChecker? Member of what? Digging deeper I found these: Failed to prefetch tokens for group 'site.kaylees.Wipr2': Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." UserInfo={_NSURLErrorNWPathKey=satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi, LQM: good, NSErrorFailingURLKey=https://pirissuer.kaylees.site/token-key-for-user-token, NSUnderlyingError=0x7517125a40 {Error Domain=NSPOSIXErrorDomain Code=50 "Network is down" UserInfo={NSDescription=Network is down}}, _NSURLErrorPrivacyProxyFailureKey=true, NSLocalizedDescription=The Internet connection appears to be offline.} queryStatus(for:options:) threw an error: Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." UserInfo={_NSURLErrorNWPathKey=satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi, LQM: good, NSErrorFailingURLKey=https://pirissuer.kaylees.site/token-key-for-user-token, NSUnderlyingError=0x7517125b00 {Error Domain=NSPOSIXErrorDomain Code=50 "Network is down" UserInfo={NSDescription=Network is down}}, _NSURLErrorPrivacyProxyFailureKey=true, NSLocalizedDescription=The Internet connection appears to be offline.} The connection and the URL mentioned are fine of course, but "Network is down” now? This new problem only affects the App Store version of my app – not present if I install from Xcode. Users report that oddly, having an active VPN on the device works around this bug.
Replies
3
Boosts
3
Views
352
Activity
4d
Unable to disable SIP on macOS 27 Beta 1
I work for a company which develops as part of our product suite a System Extension implementing an Endpoint Security client. Our local developer workflow for testing and validating changes is to build locally with Developer certificates (not a legitimate/production Developer ID certificate) and deploy local builds in to a VM, where to get the System Extension to load and be accepted we need to disable SIP & AMFI. macOS 27 VM is refusing to allow me to disable SIP. Is there an alternate approach we can use for this workflow to allow macOS VMs to accept our software when signing with a (same teamID, but different certificate to the provisioningprofile) developer certificate for local validation?
Replies
3
Boosts
3
Views
633
Activity
5d
Unexpected Third-Party Notifications During Edu-Assessment mode (Single app mode)
Hello, We have an assessment application that placing the device into Education Assessment Mode (also referred to as Single App Mode) to provide a secure exam environment. On our test devices, Education Assessment Mode behaves as expected. While an assessment session is active, we have verified that third-party notifications (such as WhatsApp and Snapchat) do not appear. However, one of our customers recently reported that during an active exam, a Snapchat notification was displayed while the device was still in Education Assessment Mode. We have been unable to reproduce this behavior on any of our test devices, even after repeated testing with the same application. Has anyone experienced similar behavior with education assessment mode? Specifically: Can there be any scenario where third-party notification banners are shown while an assessment session is active? Are there any known edge cases or system conditions that could allow notifications to appear during Education Assessment Mode? Is there any way to verify from the application that the assessment session is still fully enforced by the system? We're also interested in knowing whether Apple is aware of any issues related to notification suppression while an education assessment mode is active. Any insights would be greatly appreciated. Thank you.
Replies
0
Boosts
0
Views
83
Activity
5d
ApplePay on website -validateMerchant-payment sheet stuck
I tried to integrate ApplePay on website. Followed the official documentation. Successfully creating the apple session. However according to my logs, execution doesn't even going to verify the merchant. When I click the ApplePay button the payment sheet displays and it brings the card details, but the bottom button stays "Processing". May I know what could be the reason? Our PSP is credimax. Any input to resolve this is highly appreciate. we stuck on this for last 3 months.
Replies
1
Boosts
0
Views
67
Activity
5d
XPC connection consistently invalidated on app upgrade
Hi, Our project is a MacOS SwiftUI GUI application that bundles a System Network Extension, signed with a Developer ID certificate for distribution outside of the app store. The system network extension is used to write a packet tunnel provider. The signing of the app & network extension is handled by XCode (v16.0.0), we do not run codesign ourselves. We have no issues with XPC or the system network extension during normal usage, nor when the application is installed on a user's device for the first time. The problem only arises when the user upgrades the application. I have experienced this issue myself, as have our users. It's been reported on Apple Silicon macbooks running at least macOS 15.3.2. Much like the SimpleFirewall example (which we used as a reference), we use XPC for basic communication of state between the app and NE. These XPC connections stop working when the user installs a new version of the app, with OS logs from the process indicating that the connection is immediately invalidated. Subsequent connection attempts are also immediately invalidated. Toggling the VPN in system settings (or via the app) does not resolve the problem, nor does restarting the app, nor does deleting and reinstalling the app, nor does restarting the device. The only reliable workaround is to delete the system extension in Login Items & Extensions, under Network Extensions. No device restart is necessary to garbage collect the old extension - once the extension is reapproved by the user, the XPC issue resolves itself. This would be an acceptable workaround were it possible to automate the deleting of the system extension, but that appears deliberately not possible, and requiring our users to do this each time they update is unreasonable. When the upgraded app is opened for the first time, the OSSystemExtensionRequest request is sent, and the outcome is that the previously installed system network extension is replaced, as both the CFBundleVersion and CFBundleShortVersionString differ. When this issue is encountered, the output of systemextensionsctl list shows the later version is installed and activated. I've been able to reproduce this bug on my personal laptop, with SIP on and systemextensionsctl developer off, but on my work laptop with SIP off and systemextensionsctl developer on (where the network extension is replaced on each activation request, instead of only when the version strings differ), I do not encounter this issue, which leads me to believe it has something to do with the notarization process. We notarize the pkg using xcrun notarytool, and then staple to the pkg. This is actually the same issue described in: https://developer.apple.com/forums/thread/711713 https://developer.apple.com/forums/thread/667597 https://developer.apple.com/forums/thread/742992 https://developer.apple.com/forums/thread/728063 but it's been a while since any of these threads were updated, and we've made attempts to address it off the suggestions in the threads to no avail. Those suggestions are: Switching to a .pkg installer from a .dmg As part of the .pkg preinstall, doing all of the following: Stopping the VPN (scutil --nc stop), shutting down the app (using osascript 'quit app id'), and deleting the app (which claims to delete the network extension, but not the approval in Login Items & Extensions remains??), by running rm -rf on the bundle in /Applications As part of the .pkg postinstall: Forcing macOS to ingest the App bundle's notarization ticket using spctl --assess. Ensuring NSXPCListener.resume() is called after autoreleasepool { NEProvider.startSystemExtensionMode() } (mentioned in a forum thread above as a fix, did not help.) One thing I'm particularly interested in is the outcome of this feedback assistant ticket, as I can't view it: FB11086599. It was shared on this forum in the first thread above, and supposedly describes the same issue. I almost find it hard to believe that this issue has been around for this many years without a workaround (there's system network extension apps out there that appear to work fine when updating, are they not using XPC?), so I wonder if there's a fix described in that FB ticket. Since I can't view that above feedback ticket, I've created my own: FB17032197
Replies
8
Boosts
0
Views
812
Activity
5d
iPhone 17 Pro max Bluetooth HFP call audio routing fails, media audio works
I’m seeing a Bluetooth call audio routing issue on a new iPhone 17 Pro running iOS 26.5.1, build 23F81. Bluetooth media audio works normally. Music and video audio stay on Bluetooth headphones without issues. The problem appears only when the device switches into call audio / HFP mode. Tested with multiple earbuds: Samsung, OPPO, Huawei and CMF Buds Pro 2. The behavior is similar with all of them. There are no other Bluetooth devices connected. Call Audio Routing is already set to Bluetooth Headset in Accessibility settings. The issue affects cellular calls, FaceTime Audio, Telegram and Signal. In some cases the earbuds seem to switch into call mode, but the call audio route falls back to the iPhone receiver or speaker instead of staying on the Bluetooth headset. After the call ends, Bluetooth media audio returns normally. I captured a sysdiagnose right after reproducing the issue. Relevant observations from the logs: Device: iPhone18,2 iOS: 26.5.1 Build: 23F81 Sysdiagnose time: 2026-06-03 11:22:03 +0300 In Bluetooth/CoreCapture/bluetooth_status.txt, Bluetooth was ON 3 paired devices were present 1 device was connected Connected device at the time: CMF Buds Pro 2 So the headset was not simply disconnected from the phone. In the powerlog, before the call the audio route was HeadphonesBT for media playback. Around the FaceTime Audio test, HeadsetBT / PhoneCall appeared, but then the route moved to ReceiverAndMicrophone / Speaker instead of staying on HeadsetBT. During a later cellular call, the active PhoneCall route was also ReceiverAndMicrophone rather than HeadsetBT. After the call ended, the route returned to HeadphonesBT for media playback. This looks like the Bluetooth connection remains alive, but call audio / HFP routing fails. The same sysdiagnose also contains CentauriFirmwareEvent entries under crashes_and_spins from the previous day. They show: subsystem = BT host-reason = firmware crash BTMAIN panic faulting_task = link_manager_thread LMAC_5G watchdog expired SCAN watchdog expired These firmware crash events do not happen at the exact same timestamp as the call test, so I’m not claiming that every call directly crashes Bluetooth firmware. But the sysdiagnose shows both incorrect Bluetooth call audio routing and separate BT firmware crash events. Has anyone seen similar behavior on iPhone 17 / iOS 26 with Bluetooth HFP call audio? Could this be a known iOS 26 / Apple N1 / Bluetooth firmware issue, or does it look more like a hardware defect of this particular device?
Replies
4
Boosts
0
Views
489
Activity
6d
CarPlay Entitlements for navigation
Bonjour, Je viens ici afin d'exposer mon problème en espérant trouver une solution. En Août 2025 j'ai publié une demande afin de pouvoir développer une application Carplay de type navigation. Ma demande n'a jamais été traitée, j'ai soumis une autre demande en février, puis en avril. Toujours sans réponse. Depuis environ 3 semaines, j'appelle Apple toutes les semaines afin de demander à ce que ma demande soit traitée. J'ai bien évidemment une réponse m'indiquant que la demande était remontée, mais sans retour par la suite. Je commence à sérieusement perdre patience, et ne trouve aucune solution. Quelles seraient vos propositions ? Merci par avance pour vos retours
Replies
1
Boosts
0
Views
258
Activity
6d
iOS Universal Link opens app and then opens browser (Flutter + Universal Links) — only when using paths/params
Hi everyone, I’ve been stuck on an issue with iOS Universal Links for about a week and could really use some help. The problem When tapping a Universal Link on iOS, my Flutter app opens correctly (desired behavior) — but immediately afterward, Safari opens the same link in the browser. So both the app and the browser open. This only happens on iOS. On Android everything works as expected. What works If the link is simply the domain, like: https://mydomain.com …then the app opens without triggering the browser afterward. This is the correct behavior. What doesn’t work If the link includes a path or parameters, like: https://mydomain.com/path https://mydomain.com/path?param=value …then the app opens, and then the browser opens immediately after. What I’ve tried Verified my AASA file using Branch’s validator: https://branch.io/resources/aasa-validator/ → The AASA file is valid. Universal Links do open the correct screen inside the app — the issue is the unwanted second step (Safari opening). Behavior is consistent across different iOS devices. Extra details Using Flutter. Universal Links set up with the standard configuration (associatedDomains, AASA hosted at /.well-known/apple-app-site-association, etc.). Question Has anyone encountered this issue where Universal Links with paths/params open the app and then open Safari? What could cause iOS to trigger the browser fallback even when the AASA file is valid and the app handles the link correctly? Any insights, debugging tips, or known edge cases would be incredibly appreciated!
Replies
5
Boosts
2
Views
502
Activity
6d