Hello - we have a Mac application that uses a browser extension and the web extension JS APIs to communicate with Safari. As of macOS 15.4 / Safari 18.4 the tab OnAttached and tab onDetached events are no longer received. After some testing we verified that the events were working properly as of macOS 15.3 / Safari 18.3 but appear to have been broken in macOS 15.4. Note a similar issue was reported previously for Safari 17.6 and was fixed in macOS 15.0 (FB14324177). We have made a TestFlight version of our app (Tabby) available to simplify debugging via https://testflight.apple.com/join/Va8Zdv9d. To reproduce the issue: Install the Tabby TestFlight build on macOS 15.4 or 15.4.1 Open Safari, go to Safari settings and select the Extensions tab Enable the Tabby extension and grant permissions to all windows all the time Open a Safari window with at least 3 tabs Note the open window and tabs displayed in Tabby In Safari, perform a tab detach by dragging a tab out of the window Expected behavior Within Safari the detached tab should now be in it’s own window, and via the onDetached event Tabby should update to show the tab in it’s own window AND removed from the original window. Observed Safari fails to send the onDetached event and Tabby will continue to display the detached tab in its original window in addition to the new window. You can also use the repro steps above to observe the onDetached event being received or not by Tabby in the Safari developer console. The same steps but re-attaching the tab to the original window can be used to observe the onAttached event being received or not. We’ve attached two screen recordings to the Feedback ID below, one showing the events working on macOS 15.3, and one showing the events failing to be received on macOS 15.4.1. Note it also fails on macOS 15.4. FEEDBACK ID: FB17367977

Hi, I’m trying to detect whether my Safari Web Extension is running in Safari or Safari Technology Preview. Is there a reliable way to do that? I can get the executable path of the parent process using proc_pidpath(). However, unlike Chrome or Firefox, Safari extensions run under /sbin/launchd as the parent process, not the responsible process (browser’s binary). In this scenario, I need the executable path of the actual browser process, but I haven’t found a way to get it. Also, Safari doesn’t implement the Web Extension API’s browser.runtime.getBrowserInfo(), unlike Firefox. I haven’t tested it yet, but I’m considering checking the user agent string, though I’m not sure how reliable that would be. Use Case Some users use my Safari extension as a web development tool and want to enable some features exclusively in Safari Technology Preview, while using other features only in standard Safari. If I could detect which browser is in use, I could provide the appropriate functionality for them.

Hi all, Managing Safari usage in an enterprise environment and I’m looking for ways to disable or restrict the QUIC protocol to enforce network-level security policies (e.g., content filtering). Does Safari offer any settings to disable QUIC, or is there a known workaround to prevent Safari from using it? Appreciate any insights or guidance.

Hi there, I'm experiencing several crashes on JavaScriptCore pas_panic_on_out_of_memory_error, only on devices with tvOS 15.4 and 15.4.1. This happens with users using the app for several hours as well as 5 seconds after launching the app. Devices: AppleTV6,2 and AppleTV5,3 Thread 14 — JavaScriptCore pas_panic_on_out_of_memory_error (JavaScriptCore) JavaScriptCore bmalloc_try_iso_allocate_impl_impl_slow (JavaScriptCore) JavaScriptCore bmalloc_heap_config_specialized_local_allocator_try_allocate_small_segregated_slow (JavaScriptCore) JavaScriptCore bmalloc_allocate_impl_casual_case (JavaScriptCore) JavaScriptCore ***::String::String(char16_t const*, unsigned int) (JavaScriptCore) JavaScriptCore JSC::LiteralParser<char16_t>::parsePrimitiveValue(JSC::VM&) (JavaScriptCore) JavaScriptCore JSC::LiteralParser<char16_t>::parse(JSC::ParserState) (JavaScriptCore) JavaScriptCore JSC::jsonProtoFuncParse(JSC::JSGlobalObject*, JSC::CallFrame*) (JavaScriptCore) JavaScriptCore llint_entry (JavaScriptCore) JavaScriptCore llint_entry (JavaScriptCore) JavaScriptCore llint_entry (JavaScriptCore) JavaScriptCore llint_entry (JavaScriptCore) JavaScriptCore vmEntryToJavaScript (JavaScriptCore) JavaScriptCore JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) (JavaScriptCore) JavaScriptCore JSC::boundThisNoArgsFunctionCall(JSC::JSGlobalObject*, JSC::CallFrame*) (JavaScriptCore) JavaScriptCore vmEntryToNative (JavaScriptCore) JavaScriptCore JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) (JavaScriptCore) JavaScriptCore JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) (JavaScriptCore) JavaScriptCore JSObjectCallAsFunction (JavaScriptCore) JavaScriptCore -[JSValue invokeMethod:withArguments:] (JavaScriptCore) ITMLKit -[IKJSObject invokeMethod:withArguments:] (ITMLKit) ITMLKit -[IKJSEventListenerObject invokeMethod:withArguments:thenDispatchEvent:extraInfo:] (ITMLKit) ITMLKit __43-[IKJSXMLHTTPRequest setRequestReadyState:]_block_invoke (ITMLKit) ITMLKit -[IKAppContext _doEvaluate:] (ITMLKit) ITMLKit -[IKAppContext _evaluate:] (ITMLKit) ITMLKit __41-[IKAppContext evaluate:completionBlock:]_block_invoke (ITMLKit) ITMLKit -[IKAppContext _sourcePerform] (ITMLKit) ITMLKit -[IKConcurrentEvaluator lockSchedulingForEvaluation:] (ITMLKit) ITMLKit IKRunLoopSourcePerformCallBack (ITMLKit) CoreFoundation __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (CoreFoundation) CoreFoundation __CFRunLoopDoSource0 (CoreFoundation) CoreFoundation __CFRunLoopDoSources0 (CoreFoundation) CoreFoundation __CFRunLoopRun (CoreFoundation) CoreFoundation CFRunLoopRunSpecific (CoreFoundation) ITMLKit -[IKAppContext _jsThreadMain] (ITMLKit) Foundation __NSThread__start__ (Foundation) libsyste...ad.dylib _pthread_start (libsystem_pthread.dylib) libsyste...ad.dylib thread_start (libsystem_pthread.dylib) This issue seems very similar to this existing thread, although not sure its related

Hello, According to the documentation: If you provide your extension in macOS and don’t want to use the Mac App Store for distribution, you can sign and notarize your extension’s app with a Developer ID to distribute it outside the Mac App Store. However, I found this to be untrue in practice. Even after signing and notarising the Safari extension correctly, it is not possible to enable it in Safari without turning on "allow unsigned extension". This makes it impossible to distribute your Developer ID–signed and notarized extension outside the Mac App Store. I would like to distribute my web extension directly to employees in my organization using MDM without having each user manually enable "allow unsigned extension" for it to work. Any way to make it work? The documentation is quite confusing in this aspect, it says "Safari only supports signed extensions" but my extension is rejected even if notarised and signed.

I have a website that has been built in Wordpress and hosted on wordpress engine. In testing now and on the i phone with safari browser it keeps crashing after short time 2/3 minutes, content does not display properly pages go blank etc. Has anyone experienced this /have a solution? Thanks

I'm encountering an issue with front camera video recordings via browser (Safari/Chrome) on devices running iOS/iPadOS 18 and above: On iPad, the recorded video appears upside down. On iPhone, the recorded video is rotated 90 degrees. The rear camera functions correctly without orientation issues. This problem seems specific to browser-based recordings, as the native Camera app records videos with the correct orientation. Has anyone else experienced this behavior? Is there a known workaround or fix? The preview while recording is fine, the recorded video is oriented incorrectly.

In the safari or chrome app, when I want to change tabs, I can go into a grid view of the tabs. In this grid, each tab shows the content of the page. When I click on one of the tabs, the content of the page expands to fill the entire screen (and shrinks when I go back to grid). I'm creating my own browser and I'm trying to replicate this same functionality. I'm using WebKit on XCode 16.4, iOS 18. However, I'm unable to figure out how Chrome and Safari did this. First, I thought that I could take a snapshot of the page and then use that image as the thumbnail. However, very often the image is of the wrong size - likely due to the webview shrinking for the animation. Making the animation wait until the image is made available did help in making it more consistent. The above errors happen whenever I spam the new tab and then click the tab grid button. It only is misaligned on the very last new tab. Please help on this. // OpenedTab.swift Button(action: { tab.getThumbnail { tabManager.selectedTab = nil } }) { ZStack { Image(systemName: "square") .resizable() .frame(width: 25, height: 25) Text(tabManager.tabs.count.description) .font(.subheadline) } } // TabState.swift func getThumbnail(completionHandler: (() -> Void)? = nil) { webView.takeSnapshot(with: nil) { img, err in if let err = err { print("Snapshot err: \(err)") } else { self.thumbnail = img completionHandler?() } } } Also, something I'm noticing is that for some reason, the image is slightly bigger than the header of the tab card. It also happens in the progress view if the thumbnail isn't available. The images above show it too. I have no clue why this is happening and I would love advice on this too. struct TabCardView: View { @StateObject var manager = TabManager.shared @ObservedObject var tab: TabState var namespace: Namespace.ID @State var width: CGFloat = 0 var body: some View { GeometryReader { geo in VStack(spacing: 0) { HStack(spacing: 1) { Text(tab.title ?? tab.url.host() ?? "") .font(.caption2) .padding(.horizontal, 4) .padding(.vertical, 10) Button(action: { manager.close(tab: tab) }) { Image(systemName: "multiply") } } .frame(height: 40) .frame(width: geo.size.width) // .padding(.horizontal, 7) .background(.tertiary) .matchedGeometryEffect(id: tab.id.uuidString + "title", in: namespace) ZStack { if let thumbnail = tab.thumbnail { Image(uiImage: thumbnail) .resizable() .aspectRatio(contentMode: .fill) .frame(width: geo.size.width, height: 160, alignment: .top) .clipped() } else { Color.black.brightness(0.8) ProgressView() } } .frame(width: geo.size.width, height: 160) .matchedGeometryEffect(id: tab.id.uuidString + "container", in: namespace) } .frame(width: geo.size.width) } .frame(height: 200) .clipShape(RoundedRectangle(cornerRadius: 16)) .shadow(radius: 2) .padding(.all, 7) .overlay( RoundedRectangle(cornerRadius: 20) .stroke(.blue, lineWidth: manager.previousTab?.id == tab.id ? 5 : 0) ) .shadow(radius: 1) } }

myCode is here // titleScript = "document.querySelector('#\(rawValue) span')?.textContent" guard let titleResult = try? await webView.evaluateJavaScript(type.titleScript), let title = titleResult as? String else { return } this code has error Thread 1: Swift runtime failure: Unexpectedly found nil while implicitly unwrapping an Optional value but edit Code like this It is works Successful do { ... let titleResult = try await webView.evaluateJavaScript(type.titleScript) let title = titleResult as? String ... } catch { LogManager.log(level: .error, self, #function, error, "title is Invalid : \(type.titleScript)") continue } I don't know why guard let _ = try? is Fail

The “Add to Home Screen” feature for bookmarks is not working in Safari on iOS 26.

In my application, I use HTML pages to display the interface. Since it’s a cross-platform app, the pages and interactions work properly on other platforms. However, in WebKit, because HTTPS protocol is used, JS requests from the page cannot use the ws protocol but must use the wss protocol under HTTPS. Is there any way to allow a webpage under HTTPS to use ws requests normally? Google Chrome can do this.

I have compiled some Java code to WebAssembly via TeaVM and wrapped it in a PWA. The resulting code runs nicely in Firefox and Chrome but throws an exception in Safari. CompileError: WebAssembly.Module doesn't parse at byte 1657: invalid extended GC op 24, in function at index 2251 Can anybody tell me what's wrong with that code? I mean it can't be so bad if Firefox and Chrome can parse and run it without problems. I am using the most recent versions of all browsers and the offending code can be found here: Run the demo via: https://mpmediasoft.de/demos/Emmentaler/Emmentaler-Demo-TeaVM-Wasm/index.html The offending wasm file is: https://mpmediasoft.de/demos/Emmentaler/Emmentaler-Demo-TeaVM-Wasm/tvw/ModelBridgeTeaVM.wasm With Safari the demo just shows some empty space instead of a complex polygon. You can see the error in the javascript console of Safari.

Our app is an enterprise app via MDM. We are experiencing an issue in iPadOS 18.4 when loading an internal HTTPS server via WKWebView in a hybrid iOS app. Our server uses a self-signed certificate but lacks the digitalSignature usage in its Key Usage extension. (Currently we have no chance to change the server's certificate) We override webView:didReceiveAuthenticationChallenge:completionHandler: to trust the certificate: completionHandler(NSURLSessionAuthChallengeUseCredential, credential); This "completionHandler" works in previous 18.3.2 , but not work in 18.4. May I know is there any changes in 18.4 for the https certification? Why this delegate not work? What we can do to ignore this ssl error and get connection? Thanks in advance, look forward for your reply.

Chrome's Incognito mode can not open app from universal link on iOS. It's opened a web page instead of launching the app even the app already installed on the iOS device.

Can someone please help me: I do not have the brain space (85yo) to figure out an Apple Script or Java Script app to do this simple task. I have spent a few hours each day, over several days, and have made zero progress on such an apparently simple task. I wish to create an Automator App for the macOS Safari browser that will schedule (via a Calendar Event) the download of the 48hr data behind the hourly Fuel Mix Plot Data from the AEMO Web Site, every Monday, Wednesday, Friday and Sunday. Here is the link to the AEMO web site: AEMO, Energy Systems, Electricity, National Electricity Market (NEM), Data (NEM),Data Dashboard https://www.aemo.com.au/energy-systems/electricity/national-electricity-market-nem/data-nem/data-dashboard-nem The 48 hour hourly Fuel Mix data is found by selecting the "Fuel Mix" button (which by default will display the NEM Current Trend). The 48 hour trend is displayed by tapping on the small "Current" pulldown menu, and selecting "48 hrs". The 48hr Data is down loaded by selecting the small circular button just to the right of the pulldown menu. a) AEMO Web Site: https://www.aemo.com.au/energy-systems/electricity/national-electricity-market-nem/data-nem/data-dashboard-nem b) Main Menu, and underlying html, c) Fuel Mix menu, Pulldown list, DownLoad button, and underlying html, I am familiar with C++ and have built Xcode Apps, and used Excel Macros extensively in the past. Thank you. Robert.

It seems that in iOS 18.5+ built with Xcode 16.4+, there has been a breaking change since 18.4 with 16.3 within WebKit and how the navigationAction.sourceFrame property is initialized when implementing the decidePolicy delegate method. The flow goes: Implement a WKNavigationActionDelegate with decidePolicy Call WKWebView.loadHTMLString("some-string", baseURL: nil) Upon loading the HTML content, read the value of navigationAction.sourceFrame within the decidePolicy method of the WKNavigationActionDelegate On iOS 18.4 (and below) with Xcode 16.3 (and below); navigationAction.sourceFrame is <uninitialized> On iOS 18.5+ with Xcode 16.4+: navigationAction.sourceFrame is already initialized and is equal to navigationAction.targetFrame It appears that this change was made between minor versions of Xcode and is unexpected behavior of a minor version. Not only was this not called out in the release notes for Xcode 16.4 and iOS 18.5, but it's technically also a breaking change to the WebKit API. Can we get insight on why this change was made and what Apple's policy is on breaking changes between minor versions of Xcode/iOS?

Hi, I'm using a webview in Swift, where I load an html file locally. Basically I have an angular project built and loaded directly into my app bundle. The webview requires the use of the camera. I request permissions via and javascript, the pop-up appears, I accept the permissions and the app works correctly. Only that after a certain number of seconds, the permissions are requested again. It's as if the webview doesn't cache the accepted permissions. Is this normal behavior?

Is the new Observations API for WebPage not available in Beta 1 as demoed in the WWDC video? I get this error even though Observation is imported.

Subject: Help Needed with App Clip Implementation Hi Team, I need some assistance with implementing App Clip behavior in safari and also experimenting using TestFlight app. Default App Clip URL: https://appclip.apple.com/id?p=com.jey.ppclient-prod.appclip Website for App Clip Integration: https://appclip-sand.vercel.app/customer Current Behavior: Default App Clip URL: When I embed the default App Clip URL in an HTML tag like below: Launch App Clip it does launch the App Clip. but it says the appclip not supported in your region I've already added this configuration under Local Experience in App Store Connect. Website Integration: I’ve registered the site using the Advanced App Clip Experience. The apple-app-site-association file is in place. When I visit the site, the App Clip does launch as expected. What I Need Help With: I want to launch the App Clip from a custom button click, using either: The default App Clip URL, or The website URL (e.g., https://appclip-sand.vercel.app/customer) with additional query parameters like userId or sessionId. Is there a supported way to achieve this—perhaps through JavaScript or a specific tag setup that works with either Local or Advanced Experience? Your guidance would be greatly appreciated. Thanks, Jey

Hi all, Question: Can Apple confirm that, on macOS 15 without MDM/supervision, there is no supported API, entitlement, auth right, or config file that can enable a Safari App Extension without some form of user interaction? Environment • OS / Safari: macOS 15.0.1 (Sequoia), Safari 18.x • Distribution: Signed, notarized, stapled PKG installs a host app that contains a Safari App Extension • Management: No MDM allowed (and thus no supervision) • Goal: Have the extension come up enabled immediately after install, without requiring the user to click the checkbox in Safari Settings ▸ Extensions What we already know / tried Normal install flow – After PKG install, the extension shows up disabled. User must check the box to enable. SFSafariApplication.showPreferencesForExtension(...) – We can deep‑link the user to our row, but they still need to click “Enable.” Accessibility/UI scripting – We can script the click if the user grants our helper Accessibility permission. That still involves user interaction. .mobileconfig with Safari Extensions Management (AlwaysOn) – From what I can tell, this requires a supervised device enrolled in MDM. Installing that profile manually on an unsupervised Mac does not enforce the “AlwaysOn” state. Auth rights / Developer mode – Looked at auth.db rights like com.apple.Safari.allow-unsigned-app-extensions, and the Develop menu “Allow Unsigned Extensions.” Neither appears to auto‑enable a signed extension, and we don’t want to use private/unsupported APIs anyway. Thanks in advance for any clarification.