Hello, ive been dealing with this glitch all year that hasnt happened last year. When I watch a video on public safari and then it exit the video it immediately takes me to the private tab but when I go on the private tab to watch videos and exit out it takes me back to the website just like normal. Its a pretty annoying bug and I watch all my videos in the private tab because of it

Hi Apple developers, I am very new to XCode and Swift, I am planning to build an app for iOS from a web. I tried to use WKWebView to handle the web , I managed to redirect some of the links to Safari, however some button/links didn't trigger .linkActivated function and encounter the error as "Your browser preventing this app to open “URL”. If I copy the URL to Safari is able to open, I trying to research on web but can't find any related solution for my case. Here is the code in my app: import UIKit import WebKit import SafariServices class ViewController: UIViewController, WKNavigationDelegate { var webView: WKWebView! override func viewDidLoad() { super.viewDidLoad() // Initialize WKWebView let webConfiguration = WKWebViewConfiguration() //enable javascript webConfiguration.preferences.javaScriptEnabled = true webView = WKWebView(frame: self.view.frame, configuration: webConfiguration) webView.navigationDelegate = self self.view.addSubview(webView) // Load a web page as webview if let url = URL(string: "https://myurl") { let request = URLRequest(url: url) webView.load(request) } //console log webView.evaluateJavaScript("console.log('Button clicked!')") { result, error in if let error = error { print("Error executing JavaScript: \(error.localizedDescription)") } else { print("JavaScript result: \(String(describing: result))") } } } func webView(_ webView: WKWebView, decidePolicyFor navigationAction: WKNavigationAction, decisionHandler: @escaping (WKNavigationActionPolicy) -> Void) { if let url = navigationAction.request.url, navigationAction.navigationType == .linkActivated { // Check if URL is external and open it in Safari if UIApplication.shared.canOpenURL(url) { UIApplication.shared.open(url, options: [:], completionHandler: nil) decisionHandler(.cancel) // Prevent loading the link in the WebView } else { decisionHandler(.allow) // Allow loading if URL cannot be opened in Safari } } else { decisionHandler(.allow) // Allow the WebView to load the URL normally } } }

Dears, We are facing some issue in ios 18.4.1. Recently some of our end users who updated their ios devices to 18.4.1 have experienced random 403 errors in runtime. as per our analysis, We identified that these errors are associated with "CSRF token mismatch". After successful login, the user's CSRF token is causing issue and it was changed in runtime, this causes the cookie mismatch, and the users is getting 403 errors, and the user session is getting invalid suddenly. let me know if anyone facing the same issue in ios 18.4.1 and let me know Is there any workaround for this issue. Thanks.

Hello, We do not have explicitly set it our website, but still Smart Banner appears since we have universal link setup. (current URL matches the universal link patterns set in your apple-app-site-associations file ). Also, I understand it appears only for users having our app installed. We do not want to show this banner in any case. is there any way to choose not to show the app banner? either setting additional meta or any other way would work. regards, Hussain

Subject: Help Needed with App Clip Implementation Hi Team, I need some assistance with implementing App Clip behavior in safari and also experimenting using TestFlight app. Default App Clip URL: https://appclip.apple.com/id?p=com.jey.ppclient-prod.appclip Website for App Clip Integration: https://appclip-sand.vercel.app/customer Current Behavior: Default App Clip URL: When I embed the default App Clip URL in an HTML tag like below: Launch App Clip it does launch the App Clip. but it says the appclip not supported in your region I've already added this configuration under Local Experience in App Store Connect. Website Integration: I’ve registered the site using the Advanced App Clip Experience. The apple-app-site-association file is in place. When I visit the site, the App Clip does launch as expected. What I Need Help With: I want to launch the App Clip from a custom button click, using either: The default App Clip URL, or The website URL (e.g., https://appclip-sand.vercel.app/customer) with additional query parameters like userId or sessionId. Is there a supported way to achieve this—perhaps through JavaScript or a specific tag setup that works with either Local or Advanced Experience? Your guidance would be greatly appreciated. Thanks, Jey

Hi! My SwiftUI app is a rather complex browser app. Starting with iOS 18, the app crashes due to repeted reloads of the WkWebView. I’ve tracked the issue as far as I can, but I still haven’t found the root cause. My app is structured like this: MainView holds a cuple of subviews. It also holds a @StateObject called viewModel that holds a lot of @Published vars. The viewModel is passed as a enivormentObject. Example from ViewModel: @MainActor class ViewModel: NSObject, ObservableObject { @Published public var isLoading: Bool = false @Published public var loadProgress: Double? = 0 public func setIsLoading(_ value: Bool) async { self.isLoading = value } public func setLoadProgress(_ value: Double?) async { self.loadProgress = value } } WebView is a subview of MainView, which holds a navigation bar, and a UIViewRepresentable, which is a WkWebView. The WkWebView pushes some states to the ViewModel as the underlying values of the WkWebView changes, i.e. estimaedProgress, and isLoading. This is done via KVO and works like this: estimatedProgressObservation = self.parent.webView.observe(\.estimatedProgress) { webView, progress in Task { await parent.viewModel.setLoadProgress(webView.estimatedProgress) } } isLoadingObservation = self.parent.webView.observe(\.isLoading) { webView, value in Task { await parent.viewModel.setIsLoading(webView.isLoading) } } By using a timer in WkWebViews Coordinator, i trigger a load after a configurable amount of time :
 func loadUrl(url: URL) { DispatchQueue.main.async { console.info("Load URL: ...", sensitive: "Load URL: \(url.absoluteString)") let policy: NSURLRequest.CachePolicy if self.parent.settings.noCache { policy = .reloadIgnoringLocalAndRemoteCacheData } else { policy = .useProtocolCachePolicy } let request = URLRequest(url: url, cachePolicy: policy) self.parent.webView.load(request) } } Running the app with the automatic reload enabled freezes the app after a couple of hours. It also seems to freeze Safari on the device. The device needs to be rebooted. If I inspect the device's running processes, hundreds of ”com.apple.webkit. web content " processes are running. Removing await parent.viewModel.setLoadProgress(webView.estimatedProgress) and await parent.viewModel.setIsLoading(webView.isLoading) fixes the issue, but it is necessary for other app functions. Therefore, is suspect that the viewModel somehow causes the bug. The issue arises after a couple of loads 5-10. The debugger shows a message when the processes start to pile up. I suspect its related. Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x12d0e7f60 {Error Domain=RBSServiceErrorDomain Code=1 "Client not entitled" UserInfo={RBSEntitlement=com.apple.runningboard.terminateprocess, NSLocalizedFailureReason=Client not entitled, RBSPermanent=true}}} How can I find out what causes the suspected memory leak? Instruments gives me nothing of value. The memory leak wasn't present in iOS 17. Is this a bug in iOS 18, or was something intentionally changed?

Hello! I am looking to use SF Pro as the main font of my website. This website is used as a place of purchase for some of my products, none of which will actually be using this font. The websites logo will also not be using this font, however I am worried that may be legally unviable. Please let me know if this is an option. I'm not looking to get direct financial gain by using your fonts, just would like to use it for the website. Thank you for your help.

I’m experiencing an issue where Safari takes approximately 30 seconds to load web pages on mTLS-enabled sites. However, when I enable Private Browsing mode, the problem disappears. This suggests that the issue is not related to the network environment. To provide more context, I’ve attached a Wireshark packet capture for reference. From the logs, it seems that the TLS handshake process encounters delays, but I cannot identify the exact cause. Has anyone encountered a similar issue or can provide insights into what might be causing this behavior? Any troubleshooting suggestions or fixes would be greatly appreciated. OS: iPadOS 18.2.1 Thank you! Wireshark packet capture

When our Safari Web Extension makes a api request from its background script (registered via "scripts" in manifest.json, e.g., "background": { "scripts": ["js/background.bundle.js"] }) to our authenticated API endpoint (https://api-domain/user), the Cookie header is not included in the request. This occurs only when the extension is running within a non-default Safari User Profile. This causes our API to treat the user as unauthenticated. The exact same extension code, manifest, and API call work correctly (Cookie header is present and user is authenticated) when the extension is running in the Default Safari User Profile.

We are getting the cookie from server side when user will do the login successful. Cookie store into app browser. This cookie need to clear when user will do the logout app. We are using the Cordova framework to create the iOS application. In Cordova i have used plugin to clear the cookie. But in iOS device not able to clear the app browser cookie. And in android device same Cordova plugin is working fine. Why the iOS device not able to clear the cookie using Cordova plugin? Plugin name - https://github.com/Cartegraph/cordova-cookie-master Kindly help me out with the solutions.

For many years, I've noticed that although in native code I can handle continuous and simultaneous Apple pencil and touch inputs using UIKit, Safari and WKWebView's PointerEvents only seem to allow you to use one input type at a time. i.e. Apple Pencil down blocks touch input until lifted and touch input blocks Apple Pencil input. It's as though requiresexclusivetouchtype has been set in the underlying webkit implementation. There's decades of research (e.g. https://dl.acm.org/doi/10.1145/1866029.1866036 ) and several existing native applications in production showing that multimodal inputs open-up many unique and useful applications and interactions. Even a simple "hold object with finger" + "draw with stylus" controls are the norm. I recently built a native application using multimodal simultaneous inputs, but this is impossible to port to web due to the unexpected behavior of PointerEvents (and touch events, and mouse events; any variant exhibits the same behavior). I've researched and attempted to apply every possible flag, change, and css code to get this working, but I think the behind-the-scenes implementation is what's blocking the simultaneous touch types. This is unexpected and undesired behavior because it's inconsistent with the native behavior. If it's unintended, it's a big priority to fix for creating better user experiences on the iPad. If it's intended, I do not believe that's reasonable (even if it might be more complex and used for more advanced applications). Please expose a way to support simultaneous touch types in iPadOS/iOS in both Safari and WKWebView. At minimum, may we have a discussion on how to support the desired behavior? The simplest solution I can think of is to provide a webkit-platform-specific boolean in Safari and WKWebView called requiresExclusiveTouchType, which is set to False by default to keep the current behavior, and settable to True to get the more flexible behavior I'm expecting.

I am encountering an intermittent issue with WKWebView in my iOS app. The problem occurs infrequently, but when it does, the WKWebView consistently displays a white screen and remains in this state until the app is forcefully terminated and relaunched. To provide more context, here are the key characteristics of the issue: The white screen problem occurs sporadically and is not easily reproducible. The WKWebView remains unresponsive despite attempts to interact with it. Reloading the webpage or navigating to a different URL does not resolve the white screen issue. The problem persists until the app is terminated and relaunched. This issue is specific to the WKWebView; other components of the app function correctly. The WKWebView renders normally, and the main document synchronously loads resources both offline and online without any issues. The bridge and JavaScript execution also work as expected. However, when interacting with the WKWebView, it becomes unresponsive to user clicks, and the web inspector fails to respond. Additionally, asynchronous network requests also do not receive any response. The problem occurs exclusively on HTTPS pages, whereas HTTP pages load without any issues. Other components, such as workers, function correctly. addUserScript injection during WKWebView creation is effective, and evaluateJavaScript during the page loading process works as expected. However, when the document becomes unresponsive, executing evaluateJavaScript only triggers the callback after the WKWebView is destroyed. I have discovered a reliable method to reproduce the white screen issue in WKWebView. This method involves the following steps and conditions: Create a WKWebView instance. Load an HTML page using the loadRequest method（https url request）. Before the WKWebView is attached to the UI (not yet visible to the user), call the evaluateJavaScript function. This issue has occurred in almost all iOS versions, including the latest iOS 17.x version.

I have "http://localhost:8080" showing the index page I've created but php is not handled though an extension is running. Haven't even tried mySQL yet but since there is no reference to it in https.conf the same problem will exist. Homebrew extension running also. https.conf: #PHP was deprecated in macOS 11 and removed from macOS 12 #LoadModule php7_module libexec/apache2/libphp7.so There are no php.so files on my machine and again no mention of mysql What should I enter in http.conf to activate these functionalities? Thanks. PS could you reference a tutorial on using Safari and Web inspector

There is no problem with the content display of each tab, but the tab bar is completely buggy. If you open 5 or more tabs and browse tabs after the 5, the first 4 tab bars will be completely blacked out, and you don't even know how many tabs you have. If you click on the place where the tab title probably exists, the tab is displayed as if the partial display of the tab bar has been restored. There is no problem with content display. But because it is unclear what tab is open, the browsing experience is at its lowest. If you switch to the tab after the 5th, the first 4 will return to the blackout state again. Of course, it is the latest software configuration at the moment. There is no shortage of memory at 24GB. I recently started developing a Safari extension with AppExtension, but is that due to it?

the backdrop is not work through css variable, but it works well through the certain value. and the problem wasn't appear in old version

I have a web extension that I want to send data to, and receive a response containing modified data. My understanding is that the native app is only contactable by a background script. How does a webpage contact the background script? One answer is by adding a content script, which is able to communicate with the background script using browser.native.sendMessage(). Unfortunately this triggers a warning that "this extension can read and alter web pages". I do not want to read and alter web pages, nor do I want users to be concerned about a permission the app doesn't need. I just want to receive data, and then return a response. What API should I be using to achieve this?

Merhaba ben Müslüm İkuz blog sayfam için Safari tarayıcıdan siteye çok fazla istek geliyor. Sayaçlara girdiğimde uygulama safari olarak gözüküyor ve binlerce sayfa isteği gelmiş. Bu bir siber saldırı mı ? site adress https://ikuz.com.tr/

We have a Web Extension that uses firebase for auth. It was working fine until the latest version of Safari 18.3 got released few days ago on January 27, 2025. All of out extension versions stopped working on it; even the ones that are published on App Store. It uses FirebaseJS v9.23.0. Same version of the extension are working fine on other browsers. We use onAuthStateChanged to listen to auth related events; but it is never fired now.

My Mac app and its Safari web extension share an app group, and I want to notify the web extension native process when the app makes a change to the app group NSUserDefaults, but I can't find a good way to do this. According to the documentation, "You can use key-value observing to register observers for specific keys of interest in order to be notified of all updates, regardless of whether changes are made within or outside the current process." In my testing, however, this doesn't work in the web extension process. I'm using NSUserDefaults addObserver forKeyPath, but observeValueForKeyPath never gets called. I've also tried NSDistributedNotificationCenter, but the web extension process doesn't receive the notifications sent by the main app. Are either of these supposed to work? If not, are there any alternatives?

I've a apple pay integration on my website. The new sdk, that allows third party browsers. My integration works well everywhere, except on third party when I read the QR code it results in a "payment incomplete". I have gone through several threads in apple dev forums, and several guides on implementation steps and troubleshooting. But I'm still without solution. When Debugging in iOS device I get: "Application failed to provide a valid merchant session. We can't proceed to authorize the transaction." I've doublechecked, the values I send to create the payment Session are correct, the domain and merchantIds. (It works well with the same implementation on safari, what's the difference here?) I've also doublechecked the values i'm sending to the completeMerchantValidation, and they are all in the right format and types. What else can iIcheck?