Video in Landscape takes 2 taps on X to close.This issue can be replicated on iphone 14 ios 18.5.There is no issue on iPhone 15 ios 18.5.

When using iCloud Keychain passkeys with WebAuthn (mediation: "conditional") in non-Safari browsers (e.g. Chrome or WKWebView-based browsers), Face ID / Touch ID is requested twice during Passkey Autofill. This issue occurs only when the focused input field shows a numeric keypad–style keyboard, such as: Japanese Kana Chinese Zhuyin With a standard QWERTY keyboard, authentication completes with a single user verification. Notably: Safari completes authentication with one Face ID / Touch ID prompt even with numeric keypad keyboards. Other browsers require two prompts. The issue does not occur with other credential managers (Google Password Manager, 1Password), suggesting this is specific to iCloud Keychain. This issue has been confirmed on the following OS versions: iOS 17.6.1 iOS 18.7.2 iOS 26.2 iOS 26.3 beta Impact This behavior results in a confusing and unintuitive login experience for users relying on Passkey Autofill. Steps to Reproduce: Go to Settings → Keyboards → Keyboards, and set “Japanese – Kana” as the primary keyboard. Enable Face ID / Touch ID, and make sure “Use Face ID / Touch ID For” → “Password Autofill” is enabled. Open Chrome and navigate to https://webauthn.io. Enter a username and tap “Register” to create a passkey using iCloud Keychain. Tap the username field again so that the “Japanese – Kana” keyboard appears and the passkey suggestion created in step 4 is shown. Tap the passkey suggestion. Face ID / Touch ID is requested twice. === This issue has already been reported via Feedback Assistant as FB21726047. I am posting here to confirm whether this behavior is working as intended or represents a bug, and to make other developers aware of the current behavior.

This demonstrates an issue with SwiftUI's WebView on iPadOS. To repro, testing on iPad Simulator OS 26.2, macOS 26.2, Xcode 26.2. Download and unzip this project: https://drive.google.com/file/d/1z3MobjDf_RvvOtriXtinXvrJ7rGHwZRs/view?usp=share_link Set up Signing and Run the swiftui-webview App target on simulator (I'm using iPad Pro 13-inch (M5 simulator) Tap/click the fullscreen [ ] button in the bottom left corner of the webpage. Tap/click the 'X' button in the top left, to exit fullscreen. Result: The WebView exits fullscreen, but there is no content loaded, just a white background. It's also now not possible to visit other URLs - the WebView appears to be unresponsive and not repaint. This does not appear to affect macOS 26.2, just iPadOS.

Hello, I find it difficult to find information about this function, but Apple would allow you to download a Wallet ticket via a JWT signed token, without going through a pkpass, by calling the url https://wallet.apple.com/push/pass? Jwt= + jwt I have made several attempts with a different payload, either I am redirected to the Apple Pay presentation page, or I have a 403 error. I think I'm on my way, but I must miss a step in my signature. Could someone help me and give me the structure or how to manage the key? At the moment I use an Identifiers type PassType ID linked to a Certificate. Has anyone heard of this novelty? According to ChatGPT it should date from iOS 16-18 and potentially not be open to all devs. Thank you! Beautiful day

There appears to be a regression or restriction in iOS 26.2 and 26.2.1 regarding the Web Authentication API in third-party browsers (browsers other than Safari). Specifically, the method PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable() returns false when called from within non-Safari browsers (e.g., Chrome, Firefox, Edge) on iOS, even when the device supports biometrics (FaceID/TouchID) and Passkeys are enabled. This prevents third-party browsers from correctly detecting Platform Authenticator availability, leading websites to hide Passkey login options or default to cross-device authentication flows instead of using the local device's biometric authenticator. Environment: OS: iOS 26.2, iOS 26.2.1 Device: iPhone 17 Browsers Tested: Chrome iOS and Firefox iOS Steps to Reproduce: Launch Safari on an iOS device running iOS 26.2+. Navigate to https://www.passkeys-debugger.io/. Observe that "Platform Auth" is highlighted in Green (true), indicating the device is eligible for passkey authentication. Launch a non-Safari browser (e.g., Chrome or Firefox) on the same device. Navigate to https://www.passkeys-debugger.io/. Expected Results: "Platform Auth" should be Green (true), matching the behavior in Safari, as the device possesses a built-in platform authenticator. Actual Results: "Platform Auth" is highlighted in Red (false). Impact: This discrepancy fragments the Passkey user experience on iOS. Users preferring third-party browsers are unable to utilize the seamless on-device biometric authentication that is available in Safari. It forces developers to implement complex fallbacks or results in users believing their device is incompatible with Passkeys.

Hi all, Question: Can Apple confirm that, on macOS 15 without MDM/supervision, there is no supported API, entitlement, auth right, or config file that can enable a Safari App Extension without some form of user interaction? Environment • OS / Safari: macOS 15.0.1 (Sequoia), Safari 18.x • Distribution: Signed, notarized, stapled PKG installs a host app that contains a Safari App Extension • Management: No MDM allowed (and thus no supervision) • Goal: Have the extension come up enabled immediately after install, without requiring the user to click the checkbox in Safari Settings ▸ Extensions What we already know / tried Normal install flow – After PKG install, the extension shows up disabled. User must check the box to enable. SFSafariApplication.showPreferencesForExtension(...) – We can deep‑link the user to our row, but they still need to click “Enable.” Accessibility/UI scripting – We can script the click if the user grants our helper Accessibility permission. That still involves user interaction. .mobileconfig with Safari Extensions Management (AlwaysOn) – From what I can tell, this requires a supervised device enrolled in MDM. Installing that profile manually on an unsupervised Mac does not enforce the “AlwaysOn” state. Auth rights / Developer mode – Looked at auth.db rights like com.apple.Safari.allow-unsigned-app-extensions, and the Develop menu “Allow Unsigned Extensions.” Neither appears to auto‑enable a signed extension, and we don’t want to use private/unsupported APIs anyway. Thanks in advance for any clarification.

I'm in the process of supporting Apple Pay through a 2nd payment gateway for some users, so I need to support two separate Apple Pay relationships. Both require their own apple-developer-merchantid-domain-association. I don't see how I can have both files for the one domain. Is this possible? Is there a workaround other than just replacing the old file with the new one and hoping that doesn't disrupt anything. That seems to be the approach taken by others (https://developer.apple.com/forums/thread/695538) but it is too high risk for me without any confirmation from Apple that this is ok. I'd also like to avoid having to setup a 2nd domain for these customers, since the current domain is already quite embedded in their operations.

Hey everyone, After installing iOS 26 beta, I started noticing unexpected behavior in our input event handlers. Specifically, when users type into an field, event.target.value is always an empty string — but only when the JS file is loaded from a specific domain (e.g., t1.daumcdn.net). The exact same code works perfectly when hosted on other domains like t2.daumcdn.net or search1.daumcdn.net. 👉 I created a demo here: 🔗 CodePen Demo The scripts loaded from each domain are 100% identical (apart from the top-level selector). Before iOS 26 beta, this worked fine. I suspect this is related to ITP or some new cross-origin behavior in Safari, but I’d love to know if anyone else is running into this — or if someone knows a workaround. Thanks!

Safari Web Extension for enterprice distribution: If I press run button on xcode it shows the safari web extension toggle and works perfect When installed through exported ipa, the web extension toggle dissapears, it doesnt matter how it was installed through mdm, link, or directly ipa from xcode I just exported an ipa as debugging and it worked when I pushed the ipa

We are embedding TikTok Live streams inside our iOS app using WKWebView. The Live stream loads and plays normally at first. However, when the app goes to the background (for example, user presses the Home button or switches apps) and then returns to the foreground, the TikTok Live video and audio become paused and do not resume automatically. Expected behavior When the app returns from the background to the foreground, the video/audio should resume playback automatically Actual behavior Video/audio pauses after app resumes from background Any guidance would be greatly appreciated. Thank you.

Hello. I have a project that loads a page using jquery 3.6.3 in WKWebView. When I try this on iOS developer beta 4, WKWebView malfunctions and the page does not load properly. If I remove jquery, the page loads. Even if I update jquery to the latest version, the problem remains the same. This problem did not occur until developer beta 3. The log is as follows. 0x12107c170 - [PID=994] WebProcessProxy::didClose: (web process 0 crash) 0x12107c170 - [PID=994] WebProcessProxy::processDidTerminateOrFailedToLaunch: reason=Crash Error acquiring assertion: <Error Domain=RBSAssertionErrorDomain Code=2 "Specified target process 994 does not exist" UserInfo={NSLocalizedFailureReason=Specified target process 994 does not exist}> 0x121138300 - ProcessAssertion::acquireSync Failed to acquire RBS assertion 'XPCConnectionTerminationWatchdog' for process with PID=994, error: (null) 0x132e00018 - [pageProxyID=9, webPageID=10, PID=994] WebPageProxy::processDidTerminate: (pid 994), reason=Crash 0x132e00018 - [pageProxyID=9, webPageID=10, PID=994] WebPageProxy::dispatchProcessDidTerminate: reason=Crash Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x13357de30 {Error Domain=RBSRequestErrorDomain Code=3 "No such process found" UserInfo={NSLocalizedFailureReason=No such process found}}} Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x13357f390 {Error Domain=RBSRequestErrorDomain Code=3 "No such process found" UserInfo={NSLocalizedFailureReason=No such process found}}} Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x13357d770 {Error Domain=RBSRequestErrorDomain Code=3 "No such process found" UserInfo={NSLocalizedFailureReason=No such process found}}}

I have a WKWebView that contains a js text editor, built on top of a content editable div. Currently, inline predictions on Mac break the text editors functionality significantly every time there's a prediction. There's not a way for me to fix this on the js side unless I can know when a prediction is shown. I've tried disabling inline predictions and writing tools with the web view config, but it doesn't work: let config = WKWebViewConfiguration() config.writingToolsBehavior = .none config.allowsInlinePredictions = false let webView = WKWebView(frame: .zero, configuration: config) I've also tried disabling all spellcheck and autocorrect features in the html but that doesn't work either: <div contenteditable="true" spellcheck="false" autocomplete="off" autocorrect="off" autocapitalize="off"></div> Is there anything I can do to turn it off? Or, is it possible to know when the WebView is predicting text?

I’m a developer working on a Safari Web Extension that’s distributed via the App Store and also tested locally through Xcode. I’m running into an issue that’s affecting my ability to debug errors reported to my Sentry error logging instance from production. The Problem When an error is thrown in one of my extension scripts (e.g., background.js, popup.js, or content.js), the error is sent to Sentry but the captured JavaScript error stack trace replaces the file paths with the webkit-masked-url://hidden placeholder like this: ReferenceError: Cannot access uninitialized variable. at ? (webkit-masked-url://hidden/:14677:28) at ? (webkit-masked-url://hidden/:16307:3) This happens consistently across both App Store builds and local Xcode runs. It prevents me from seeing which script the error came from or resolving the actual source code lines using uploaded source maps in Sentry. My Setup Safari Version: 18.5 (Stable on macOS) Distribution: App Store and local Xcode development Extension Type: Safari Web Extension Error Reporting: Sentry (@sentry/browser SDK) Bundler: Webpack with inline-source-map What I’ve Confirmed I can see the actual source files in Safari’s Web Inspector under the Sources tab when the extension is running. My source maps are uploaded to Sentry correctly and are associated with the matching release. Errors from Safari are being captured by Sentry, but the file URLs are masked, so stack traces cannot be resolved against my original source. My Question Is this behavior (masking file URLs in stack traces with webkit-masked-url://hidden/) intentional for Safari Web Extensions? If so, is there any supported method or workaround to allow exception stack traces to reveal the original script path (e.g., popup.js, background.js) so tools like Sentry or even console logs can point to real locations? I fully understand the privacy/security rationale behind the masking, but as the extension developer, this is making it extremely difficult to debug runtime issues in production. I’d really appreciate any insight into: Whether this masking is expected and permanent behavior If there are any entitlements, debug settings, or Info.plist keys that can alter this behavior for development or for trusted/own extensions If Apple recommends a different way to log extension errors that includes script name or source references Thanks in advance for your help! I’m happy to share more technical details or try out suggestions.

I'm using a CSS filter to achieve dark mode for my HTML page. I know it's imperfect, but I have no choice for many reasons. However, I found that the CSS filter produces incorrect colors in iOS 26.2 WebView, while it works fine in iOS 18.6.2 WebView. Here is my HTML and CSS filter: <html> <head> <style> .filter_container { /* invert colors for the entire page */ filter: invert(1) hue-rotate(180deg); } .filter { /* restore colors for specific elements, such as img */ filter: hue-rotate(180deg) invert(1); } </style> </head> <body> <div>original & bgcolor+filter & img+filter</div> <table> <tr> <td> <div style="display:flex; gap:1px; align-items:center; justify-content:center;"> <div class="origin_container"><div class="origin" style="background-color:#FFFFFF; height:60px; width:60px; border-style: solid; border-color: #000000; border-width: 1px;"></div></div> <div class="filter_container"><div class="filter" style="background-color:#FFFFFF; height:60px; width:60px; border-style: solid; border-color: #000000; border-width: 1px"></div></div> <div class="filter_container"><img class="filter" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAA8CAYAAAA6/NlyAAAAdklEQVR4nOXOQQEAIACEMKR/57OFPliCnW0jRGIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkxt+B1y6HmAR0uIzOQQAAAABJRU5ErkJggg==" style="height:60px; width:60px; border-style: solid; border-color: #000000; border-width: 1px"></img></div> </div> <div style="text-align:center;">#FFFFFF</div> </td> ...many other colors </table> </body> </html> It works fine in iOS 18.6.2 WebView: But renders incorrectly in iOS 26.2 WebView:

We are building a hybrid iOS app using Angular (web) rendered inside a WKWebView, hosted by a native Swift app. Communication between the Angular UI and native Swift code is done using WKScriptMessageHandler. The app mostly works without issues, but in rare edge cases, we’re seeing crashes on the main thread, and the crash is reported in Firebase Crashlytics. The root cause appears related to CFRelease and WKScriptMessageHandler. Here’s the relevant crash stack: Crashed: com.apple.main-thread 0 CoreFoundation 0xbfac CFRelease + 44 1 CoreFoundation 0xa734 __CFURLDeallocate + 128 2 CoreFoundation 0x730c _CFRelease + 292 3 libobjc.A.dylib 0x4e28 AutoreleasePoolPage::releaseUntil(objc_object**) + 204 4 libobjc.A.dylib 0x4cbc objc_autoreleasePoolPop + 260 5 WebKit 0x99f194 WebKit::WebUserContentControllerProxy::didPostMessage(WTF::ObjectIdentifierGeneric<WebKit::WebPageProxyIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebKit::FrameInfoData&&, WTF::ObjectIdentifierGeneric<WebKit::ScriptMessageHandlerIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, std::__1::span<unsigned char const, 18446744073709551615ul>, WTF::CompletionHandler<void (std::__1::span<unsigned char const, 18446744073709551615ul>, WTF::String const&)>&&) + 680 6 WebKit 0x1b358 WebKit::WebUserContentControllerProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 392 7 WebKit 0xe86b0 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 272 8 WebKit 0x23c0c WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 44 9 WebKit 0xe3f054 IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>) + 252 10 WebKit 0x332d4 IPC::Connection::dispatchIncomingMessages() + 744 11 JavaScriptCore 0x58a7c WTF::RunLoop::performWork() + 204 12 JavaScriptCore 0x599a4 WTF::RunLoop::performWork(void*) + 36 13 CoreFoundation 0x56328 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 14 CoreFoundation 0x562bc __CFRunLoopDoSource0 + 176 15 CoreFoundation 0x53dc0 __CFRunLoopDoSources0 + 244 16 CoreFoundation 0x52fbc __CFRunLoopRun + 840 17 CoreFoundation 0x52830 CFRunLoopRunSpecific + 588 18 GraphicsServices 0x11c4 GSEventRunModal + 164 19 UIKitCore 0x3d2eb0 -[UIApplication _run] + 816 20 UIKitCore 0x4815b4 UIApplicationMain + 340 21 APP1 0xa2f80 main + 21 (AppDelegate.swift:21) 22 ??? 0x1c234eec8 (シンボルが不足しています) Steps: WebView: WKWebView Message passing: WKScriptMessageHandler → passing data from Angular → Swift WKWebView is long-lived and reused Native is using WKUserContentController.add(_:name:) to register handlers Crashes are intermittent (hard to reproduce), but often follow: Screen sleep/wake Push notification open Angular calling native immediately after resume Questions: Has anyone seen this specific crash pattern involving CFRelease and WKScriptMessageHandler? Are there known WebKit or CoreFoundation bugs related to WKScriptMessageHandler and retained URLs or message content? Thank you for your help!

When I open the browser in Safari on iOS 26, I want to specify the background color for the header notch (where the time, battery, etc. are displayed) and the footer indicator area. Specifying the theme color in HTML as shown below did not change anything. <meta name="theme-color" content="#ff0000"> <meta name="theme-color" media="(prefers-color-scheme: light)" content="#ff0000"> <meta name="theme-color" media="(prefers-color-scheme: dark)" content="#ff0000"> The HTML below specifies the background color as green, but is it necessary to specify the background color directly in the body like this? Or is there some kind of metadata, like theme color? <!doctype html> <html lang="ja"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width,initial-scale=1" /> <meta name="theme-color" content="#ff0000"> <meta name="theme-color" media="(prefers-color-scheme: light)" content="#ff0000"> <meta name="theme-color" media="(prefers-color-scheme: dark)" content="#ff0000"> <title>サンプル</title> </head> <body style="background:#00ff00"> <main> <p>テキスト</p> </main> <div id="overlay" role="dialog" aria-modal="true" data-test-id="health-warning-modal" style=" color:#000000; position:fixed; inset:0; z-index:30000; background:#2563eb; display:grid; /* 初期表示：表示中 */ align-items:center; justify-content:center; overflow-y:auto; " > <div style=" padding:60px 16px; display:flex; flex-direction:column; gap:20px; width:100%; box-sizing:border-box; " > <p style=" font-weight:700; text-align:center; margin-top:20px; font-size:28px; line-height:1.4; " > オーバーレイ </p> </div> </div> </body> </html>

aID is an ID service for 150+ newspaper sites in Norway. Since the middle of January the average login time with passkeys on our site https://www.aid.no/ has increased for Safari users, the number of logins using passkey in Safari has decreased dramatically. Previously Safari was the browser that provided the best user experience during login, since it triggered fingerprint reader straight away, but this behavior has vanished. Has something changed that we should be aware of, and is there something we can do to make conditional get great again? Without mediation conditional, the passkeys work as expected. In Chrome and Firefox, we get passkey suggestions in the username field, in Safari it's only password suggestions. To make things even stranger, the same code works as it used to in our test environment. It triggers a small popup by the username field and activates the fingerprint reader. If I cancel this, I can click on the Passwords icon and get passkey suggestion there.

Hello i would like to report a bug on iOS 26 beta. The problem is on the epic games website you see when I hit sign in it is just blank but the epic games store is just fine i would like this to be fixed on iOS 26 beta 3 thank you.

I have had zero luck anywhere else and it’s at this point infuriating. February 23rd of this year I submitted a ticket in Feedback regarding how Safari for me has been broken. I can’t load any website at all, I have cleared cache, data, you name it. I have reset the phone after doing so and as I type this today on a brand new iPhone 17 Pro Max it still doesn’t work. Every single app that prompts a Safari window to sign in also doesn’t work and crashes just as Safari the app does. Sometimes I get a message that pops up that says “Webkit encountered an internal error” before it crashes. I can’t provide a screen recording or screen shots because Safari just crashes. I genuinely don’t know what to do or where to go for an answer and i’ve submitted seven updates to my open Feedback ticket since February 23rd 2025, spanning months from that original date and yet no change or help has came from it. I am clueless on how to even begin to go about fixing it and agitated because it’s been so long, so many other apps effected by this, even on a brand new device Safari still does not work for me. Any help at all would be greatly appreciated I used to have a 15 Pro Max but now on the 17 Pro Max and throughout the entire time i’ve been on the developer beta. Maybe that is the issue i’m unsure because now i’m just on iOS 26 so I don’t know if it’s just stuck like this forever. Again any help would be appreciated. I have not went physically to Apple yet to get this solved it‘s been a last resort, considering my options I might have to clear time to go. I’ve been using Chrome ever since this issue.

Device: iPhone 15pro, ios26.0 (23A 341) IOS version: 26.0 (23A 341) When using position: sticky; bottom: 0, the div is expected to stick to the bottom of the viewport when the browser toolbar hides while scrolling. However, it stops at the height where the toolbar was, instead of moving down with the disappearing toolbar. In the image below, the red-bordered navigation shows the situation where it does not stick to the bottom. i