We seem to be having an issue with a webservice here which is used within our network and IOS Safari. For the service to work , we need to access it with an unencrypted HTTP API call, which acts as a trigger. The server does not respond to HTTPS requests. (the HTTP API call does not contain any data that is privacy sensitive or that can be abused) Since recently the service does not seem to work anymore properly, but this only happens with Safari and IOS. With all other browsers the service is still working normally, only with Safarai it fails. No matter what I do in the settings of the phone, the Safar browser seems to stop immediately after the HTTP request. What is going on here ?? The issue seems to occur only when you don't have an iCloud+ account. With an iCloud+ account I get the same issue when you switch Apple Private Relay on, but that make sense. When I have Apple Private Relay switched off, there is no issue.

Title: Content Overlapping Address Bar After Clicking Links in Safari, tested on iPhone 11 (iOS 18.1.1) Description: When browsing in Safari on iPhone (iOS 18.1.1), the one-tab bar (address bar) collapses as expected when scrolling down a page. However, after clicking on a link and loading the next page, the content appears to overlap the collapsed address bar. This results in parts of the content being hidden or obscured by the address bar, which affects the user experience, especially on mobile devices with limited screen space. This issue is reproducible on Next.js applications and can be observed on websites such as rotterdam.nl and halderberge.nl. Steps to Reproduce: Enable the One-Tab Bar: Go to Settings > Safari and enable the one-tab bar feature. Open the website rotterdam.nl or halderberge.nl in Safari on an iPhone 11 (iOS 18.1.1). Scroll down the page so that the top address bar collapses. Click on any link on the page to load a new one. Once the new page loads, observe that the content appears on top of the collapsed address bar, causing parts of the content to be hidden or obscured. Expected Result: The content should not overlap or be hidden behind the collapsed address bar after the page reloads. The layout should adjust properly without interference from the address bar, providing a smooth user experience. Actual Result: When the new page loads, the content overlaps or appears on top of the collapsed address bar, causing parts of the content to be hidden or obscured. Device(s) Affected: iPhone 11 running iOS 18.1.1. OS Version: iOS 18.1.1 Technical Notes: To address this issue, the following solutions have been attempted with no success: Viewport Meta Tag: <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover" /> This was added to help ensure proper layout on mobile devices, but did not resolve the issue. CSS Safe Area Insets: body { padding-top: env(safe-area-inset-top); } This CSS rule was applied to account for the safe area and prevent content from being hidden under the address bar, but it did not solve the overlapping issue. Scroll Position Adjustment (for scroll-to-top button): Adjusting the scroll behavior by changing the scroll position to {top: 1} instead of {top: 0} was a successful workaround to keep the address bar collapsed when clicking the "scroll to top" button. However, this did not resolve the issue when navigating between pages or changing routes, where the content still overlaps the collapsed address bar.

Hi, we are experiencing a strange issue with our Web App. Our web app runs entirely on the same domain , and we are making several AJAX requests to the same server. The Error occurs only on Iphones, the app works completely fine on androids and computers. Most of the requests work fine, but suddenly, one specific request always fails with the following error: XMLHttpRequest cannot load https://demo2.artios.cz/app37g/v105/php/endpoint.php due to access control checks What we have checked so far: ✅ CORS headers seem correct. Also we operate entirely on the same domain, client and server. ✅ The same request works fine in computer and android devices. ✅ The issue occurs only on iPhone (tested on Chrome and Safari). ✅ Some requests to the same endpoint pass, but suddenly, this specific request always fails. ✅ There is no OPTIONS preflight request logged in the network tab, but we use only simple requests. ✅ We are making a POST request with multipart/form-data. What is Your advice, or where I can find more info about this error? We do not think the CORS is the problem. We have tried to inspect with WebInspector but with no relevant answers. Thank You very much!

I built and extension for chrome, edge, and firefox. I'm porting the chrome extension to safari using the safari-web-extension-converter tool. This has worked successfully and I was able to publish my extension to the app store. I made some updates to the service worker code recently and I'm now being hit with an error when trying to load my unsigned extension into safari: The service_worker script failed to load due to an error. I've looked online at some other forums and haven't found anything helpful around how to debug this kind of error. Because the service worker is non-persistent in safari, I don't have access to the console logs of the service worker through the Develop > Web Extension Background Context menu. Has anyone successfully debugged this kind of error? Are there logs I can pull directly from safari that would help me here? Thanks in advance for the help!

I have an extension which was working fine on older Safari version, but it is getting killed after I upgraded the browser to Safari 18 and higher. From the system logs I could see, Safari is sending the KILL signal to my browser 2024-11-12 13:51:01.536167-0600 0x95b672 Default 0x0 1 0 launchd: [pid/45238/SafariExt [45463]:] signal service: caller = Safari[45238], value = 0x9 2024-11-12 13:51:01.536453-0600 0xfab Default 0x0 382 7 WindowServer: (SkyLight) [com.apple.SkyLight:default] [ ConnectionDebug ] Closing conn 0xf955b, PID 45463 in session 257 on console2024-11-12 13:51:01.536474-0600 0x95b674 Default 0x0 1 0 launchd: [gui/503 [100018]:] service inactive: com.apple.xpc.launchd.unmanaged.SafariExtension.45463 2024-11-12 13:51:01.536479-0600 0x95b674 Default 0x0 1 0 launchd: [gui/503 [100018]:] removing inactive unmanaged service: com.apple.xpc.launchd.unmanaged.SafariExtension.454632024-11-12 13:51:01.537354-0600 0x95b907 Default 0x0 354 0 launchservicesd: [com.apple.processmanager:front-35286506] QUITTING: pid=45463 asn=0x-0x176176 foreground=0 wasFront=0 2024-11-12 13:51:01.537375-0600 0x95b672 Default 0x0 1 0 launchd: [pid/45238/SafariExt [45463]:] exited due to SIGKILL | sent by launchd[1], ran for 342ms 2024-11-12 13:51:01.537380-0600 0x95b672 Default 0x0 1 0 launchd: [pid/45238/SafariExt [45463]:] service state: exited 2024-11-12 13:51:01.537384-0600 0x95b672 Default 0x0 1 0 launchd: [pid/45238/SafariExt [45463]:] internal event: EXITED, code = 0 2024-11-12 13:51:01.537385-0600 0x95b672 Default 0x0 1 0 launchd: [pid/45238/SafariExt [45463]:] job state = exited Just before this, I see a macOS error 2024-11-12 13:51:06.789342-0600 0x95b74f Default 0x0 45238 0 Safari: (Security) [com.apple.securityd:security_exception] MacOS error: -67054 This occurs only in my customer machines but not in my test machines. I have verified the code signing, certificate validity & entitlements are fine.

I am currently operating an app using an embedded web server that communicates over local HTTP. Recently, when opening Safari, I started encountering the following error message: "Safari cannot open the page. Error: Failed to navigate to an HTTP URL with HTTPS-only mode enabled." However, I am currently in a situation where switching to HTTPS is difficult. Are there any solutions to resolve this issue besides using HTTPS? Thank you.🙏

I’m encountering an issue with CSS not displaying when using WKURLSchemeHandler to load local HTML files. When I package the app using Xcode 15.3 or above, the CSS styles do not display on iOS 17 or higher. However, on iOS 16.7.1, the CSS displays correctly. • If I use Xcode 15.2 to package the app, the CSS loads and displays correctly on all iOS versions. I am using WKURLSchemeHandler to intercept and load the local HTML files. Is there any known issue or workaround for this? You can now post this in the “Safari & Web” section of the Apple Developer forums for further assistance! // // CustomURLSchemeHandler.m // HTMLTest // // Created by lvxue on 2024/9/23. // // CustomURLSchemeHandler.m #import "CustomURLSchemeHandler.h" @implementation CustomURLSchemeHandler - (void)webView:(WKWebView *)webView startURLSchemeTask:(id<WKURLSchemeTask>)urlSchemeTask { NSURL *url = urlSchemeTask.request.URL; //NSString *filePath; NSString *filePath = [[NSBundle mainBundle] pathForResource:@"index" ofType:@"html" inDirectory:@"LoaclHtml.bundle/A4"]; if ([url.lastPathComponent hasSuffix:@".css"]) { filePath = [[NSBundle mainBundle] pathForResource:@"style" ofType:@"css" inDirectory:@"LoaclHtml.bundle/A4/css"]; } else if ([url.lastPathComponent hasSuffix:@".js"]) { filePath = [[NSBundle mainBundle] pathForResource:@"yourJSFileName" ofType:@"js" inDirectory:@"LoaclHtml.bundle/A4/js"]; } NSData *htmlData = [NSData dataWithContentsOfFile:filePath]; NSString *mimeType = [self mimeTypeForPath:filePath]; NSURLResponse *response = [[NSURLResponse alloc] initWithURL:url MIMEType:mimeType expectedContentLength:htmlData.length textEncodingName:@"utf-8"]; [urlSchemeTask didReceiveResponse:response]; [urlSchemeTask didReceiveData:htmlData]; [urlSchemeTask didFinish]; } - (void)webView:(WKWebView *)webView stopURLSchemeTask:(id<WKURLSchemeTask>)urlSchemeTask { } - (NSString *)mimeTypeForPath:(NSString *)path { NSString *fileExtension = [path pathExtension]; if ([fileExtension isEqualToString:@"html"]) { return @"text/html"; } else if ([fileExtension isEqualToString:@"css"]) { return @"text/css"; } else if ([fileExtension isEqualToString:@"js"]) { return @"application/javascript"; } else if ([fileExtension isEqualToString:@"png"]) { return @"image/png"; } else if ([fileExtension isEqualToString:@"jpg"] || [fileExtension isEqualToString:@"jpeg"]) { return @"image/jpeg"; } else if ([fileExtension isEqualToString:@"gif"]) { return @"image/gif"; } return @"application/octet-stream"; } @end code-block

In the Safari browser on mobile devices, the tags in an HTML element are styled with the system's default styles. I want the text inside the tags to be displayed without line breaks. However, in reality, the text wraps according to its length. May I ask if there are any methods to achieve this? (ps: CSS-related properties such as white-space: nowrap do not work.)

I am using SFSafariViewController to process payments via a Stripe checkout URL. Once the payment is completed, the user is redirected to a success URL. I have also added associated domains for deep linking. Below is my implementation: func presentCheckout(url: String) { showProgressHUD() let checkoutURL = URL(string: url)! safariVC = SFSafariViewController(url: checkoutURL) safariVC.delegate = self self.present(safariVC, animated: true) } // Delegate method implementations func safariViewControllerDidFinish(_ controller: SFSafariViewController) { print("SafariViewController dismissed") // Handle dismissal } func safariViewController(_ controller: SFSafariViewController, initialLoadDidRedirectTo URL: URL) { print(URL.absoluteString) if URL.absoluteString.contains("xsworld/payment/stripe/checkout/success") { controller.dismiss(animated: true) { if URL.absoluteString.contains("/v1/resources/xsworld/payment/stripe/checkout") { NotificationCenter.default.post( name: Notification.Name("StripePaymentStatus"), object: nil, userInfo: ["url": URL] ) } } } else if URL.absoluteString.contains("xsworld/payment/stripe/checkout/cancel") { // Handle failure NotificationCenter.default.post( name: Notification.Name("StripePaymentStatus"), object: nil, userInfo: ["url": URL] ) } } func safariViewController(_ controller: SFSafariViewController, didCompleteInitialLoad didLoadSuccessfully: Bool) { if didLoadSuccessfully { print("Initial page loaded successfully") } else { print("Initial page load failed") } } Issue: The safariViewController(_:initialLoadDidRedirectTo:) method does not always get called after the payment is completed. Sometimes it works as expected, and sometimes it does not trigger at all. What I’ve Tried: Ensuring the associated domains for deep linking are correctly set up. Checking the success and failure URLs. Debugging to see if the redirect happens but is not detected. What I Need Help With: I want to ensure that the redirection always works after the payment process is completed, whether through deep linking or another reliable approach. How can I guarantee that my app correctly detects and handles the redirect every time? Any guidance or best practices would be greatly appreciated.

Hello, I was going through the Apple Pay API documentation and noticed ambiguity on the exact process to complete merchant validation. One of the documentation mentions that the validation url will be Your server posts a request using mutual TLS (mTLS) by calling the Apple Pay server’s Payment Session endpoint. Endpoint (Global) POST https://apple-pay-gateway.apple.com/paymentservices/paymentSession Endpoint (China region) POST https://cn-apple-pay-gateway.apple.com/paymentservices/paymentSession Referencing the url: https://developer.apple.com/documentation/apple_pay_on_the_web/apple_pay_js_api/requesting_an_apple_pay_payment_session whereas the other references that the value should be used as provided by the onvalidatemerchant event object with the property validationURL. Refer: https://developer.apple.com/documentation/apple_pay_on_the_web/apple_pay_js_api/providing_merchant_validation Can someone confirm which is the correct approach to follow ?

input type="file"でアップロードした画像データからGPS情報が除去されます。 こちらはiPadOS16.5.1で発生しておりました。 iPadOS17.4.1、iPadOS18.3では正常にGPS情報が保持されます。 iOS、iPadOSのアップデートでGPS情報を保持するよう修正されたと見受けられますが、リリースノートを参照しても上記修正についての記事を見つけられませんでした。 お手数ですが、上記修正に該当する記事をご教示頂けませんでしょうか。 どうぞよろしくお願い致します。

Hello, I am developing Safari Content Blocker extension and discovered that it frequently fails to load with large amount of rules. Currently I have over 45k and most of the time when I reload the extension on iOS 18 (iPhone 12) it ends with error: Error Domain=NSCocoaErrorDomain Code=4097 "connection to service named com.apple.SafariServices.ContentBlockerLoader" UserInfo={NSDebugDescription=connection to service named com.apple.SafariServices.ContentBlockerLoader} #0 And the simpler message is just: Couldn’t communicate with a helper application. From what I managed to find (for example here - https://developer.apple.com/forums/thread/756931) the limit for blocking rules should be 150k items. It was previously 50k but got increased years ago. Is there anything special I need to do to get the extension to work reliably with say 100k items? I am usng the JSON format from the docs: { "trigger": { ... }, "action": { ... } }, { "trigger": { ... }, "action": { ... } } ] My trigger is url-filter and the action is type: block I was thinking about providing multiple JSON files in attachments property of NSExtensionItem but apparently that is not supported. Thanks for help!

When you open the Directorate General of civil Aviation, India website then in the top bar bring the cursor to “Regulations and Guidance” under that there will be a drop down which will give numerous options. In that go to Centre Column “Civil Aviation Requirements”. Then click on ”Section 7” then click on “Part II”. Actually on a laptop it’s a 4 page document but on my iPad it’s just an image of the first page. I can’t read any of the PDF’s.

We have a Web Extension that uses firebase for auth. It was working fine until the latest version of Safari 18.3 got released few days ago on January 27, 2025. All of out extension versions stopped working on it; even the ones that are published on App Store. It uses FirebaseJS v9.23.0. Same version of the extension are working fine on other browsers. We use onAuthStateChanged to listen to auth related events; but it is never fired now.

I want use the Safari Extension to decorate the window.fetch function, But No matter how I try, I can't get the fetch function to execute correctly. I was going through the documentation: https://developer.apple.com/documentation/safariservices/using-injected-style-sheets-and-scripts and found this sentence: "Injected scripts have an implied namespace — you don’t have to worry about your variable or function names conflicting with those of the website author, nor can a website author call functions in your extension. In other words, injected scripts and scripts that you include in the webpage run in isolated worlds, with no access to each other’s functions or data." Does this mean I can't modify the window object in the content script just like a Chrome extension does with the webpage? BTW, In chrome I use chrome.scripting.executeScript API, and in plasmo I just use world: "MAIN" content script's config to achieved this feature.

Sometimes the Safari App Extension i'm developing does not show up in my Safari Extensions unless i change mu bundle identifier to some unique name. Even if I delete all other apps i've built with the same (and different) bundle ID, the extension is still does not show up. The only solution for me is to always change the bundle ID. For example: Now it is "kopyl.tab-finder-10" If i change it to "kopyl.tab-finder-11", the extension does show up in the Safari extensions settings page again. Is there any other way to fix it?

Test Scenario: Initial Setup: Register a passkey on Chrome (MacBook) with cross-platform option The passkey syncs to iPhone via iCloud Both devices share same iCloud account Authentication Tests: Chrome on MacBook: Using hybrid transport (QR code with iPhone) → PRF output A Using platform authenticator → PRF output B (different) Safari on MacBook: Only uses platform authenticator → PRF output B Expected Behavior: When using same credential ID and salt, PRF output should be consistent across browsers/devices

Safari 18.0.1 on macOS 15.01 doesn't support the Passkey PRF extension during cross-device WebAuthn authentication when using QR code scanning, while it works correctly with iCloud passkeys. Steps to Reproduce: Clone and setup: git clone https://github.com/quocle108/passkey-prf-test yarn yarn start Test iCloud Passkey Flow: Open http://localhost:3000 in Safari Open DevTools (Cmd+Option+I) Click "Register" Choose "Passkey on iCloud" Expected console output: PRF supported: true Test Cross-Device Flow: Click "Register" Choose "Phone/Tablet" Scan QR with mobile device Expected: PRF supported: true PRF extension should be supported in cross-device flow, matching iCloud passkey behavior. Actual: PRF supported: false Cross-device flow returns empty extension results. Verify in Chrome Repeat steps 2-3 in Chrome Both flows return proper PRF extension results: PRF supported: true Test Environment: Browser: Safari 18.1.1 , Chrome 131.0.6778.70 OS: macOS 15.01 Mobile: iOS 18.x / Galaxy Note9 Android 10 Test repo: https://github.com/quocle108/passkey-prf-test

We are building a Safari web extension utilising native messaging, to send messages to the Swift native part of the app. We sometimes experience, that the beginRequest handler is executed multiple times, at the same time. We have a special part of the code in the handler, that must be run only once. Because it uses NS defaults storage, and also because it calls our servers. We have tried to use a serial dispatch queue, as well as other locking and mutex techniques, to no success. We suspect that the instances of the handler are isolated in a way, that these locks don’t work (maybe they don’t share memory?). But we are not sure. When looking at os_logs from the handlers, they all share the same PID. Has anyone experienced anything similar and can shed some light on what's going on?

After the official release of iOS 18.3, our app has collected numerous identical crash logs. These crashes occurred on different devices, but the common denominator is that they all, and only, happened on iOS 18.3. Based on the stack trace, the crash is happening internally within WebKit. The details are as follows: Crashed: com.apple.main-thread 0 WebCore 0x721f9c + 28 1 WebCore 0x15b6924 + 11356 2 WebCore 0x15b174c + 1008 3 WebCore 0x1776e4 + 292 4 WebCore 0x17753c WebCore::SerializedScriptValue::deserialize(OpaqueJSContext const*, OpaqueJSValue const**) + 100 5 WebKit 0x530b28 + 92 6 WebKit 0x5a0d2c + 176 7 WebKit 0x9e74b0 + 956 8 WebKit 0xe43d58 + 392 9 WebKit 0x886ac + 272 10 WebKit 0x88940 + 44 11 WebKit 0x87a74 + 252 12 WebKit 0x875ec + 576 13 JavaScriptCore 0x2f8a48 ***::RunLoop::performWork() + 204 14 JavaScriptCore 0x2f895c ***::RunLoop::performWork(void*) + 36 15 CoreFoundation 0x73f4c CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION + 28 16 CoreFoundation 0x73ee0 __CFRunLoopDoSource0 + 176 17 CoreFoundation 0x76b40 __CFRunLoopDoSources0 + 244 18 CoreFoundation 0x75d3c __CFRunLoopRun + 840 19 CoreFoundation 0xc8284 CFRunLoopRunSpecific + 588 20 GraphicsServices 0x14c0 GSEventRunModal + 164 21 UIKitCore 0x3ee674 -[UIApplication _run] + 816 22 UIKitCore 0x14e88 UIApplicationMain + 340 23 18Birdies 0x1b2d3c main + 14 (main.m:14) 24 ??? 0x1ac161de8 (Missing)