This is a rare occurrence on our site, having only detected 4 instances of it over the past few weeks, where 10s of thousands of transactions have occurred successfully. We only call the following PaymentRequest API onClick from the <apple-pay-button>: async function startApplePay(merchantIdentifier, amount) { ... try { const request = new PaymentRequest([ applePayMethod ], paymentDetails); ... catch (e) { // cancel, just stay here if (e.name === "AbortError") { if (consoleLog) console.log("Payment canceled", e); logServer("INFO", "Payment canceled"); } else { handleError("Error caught: " + e.name + ", " + e.cause + ", " + e.message); } } Where the "handleError" else case is what gets triggered: Error caught: SecurityError, undefined, show() must be triggered by user activation. All 4 instances have been from iPads, but with that small of a sample size, we can't tell whether that's relevant or coincidence. Different iOS versions, but looks like same Safari version. Here are the 4 User Agents we've seen thus far: Mozilla/5.0 (iPad; CPU OS 18_2_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) GSA/352.0.715618234 Mobile/15E148 Safari/604.1 Mozilla/5.0 (iPad; CPU OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) GSA/352.0.715618234 Mobile/15E148 Safari/604.1 Mozilla/5.0 (iPad; CPU OS 18_3_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/133.0.6943.33 Mobile/15E148 Safari/604.1 Mozilla/5.0 (iPad; CPU OS 18_2_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/133.0.6943.33 Mobile/15E148 Safari/604.1

I'm not sure if this is even the right place to ask this, or voice this complaint if there's no fix. If not, please direct me where to go. I'm trying to switch all my development over to Safari, but the tab sidebar is driving me absolutely insane. Let's say I have a bunch of tab groups expanded, and I collapse the sidebar to focus on the webapp I am building. When I toggle to show the sidebar again, every single tab group is collapsed. Why is it 2 clicks to see the tabs in the sidebar? Even with zero tab groups, and just tabs in the workspace, if you collapse the sidebar it'll collapse the list of tabs. Is there some hidden setting for this? Who do we have to complain to?

Hi, We have a native application with a webview part. When we open the app, we load webview resources in a false foreground. The webview communicates with the native part to query local variables, among other things. We have noticed that for the past few weeks, when the biometric component is presented to enter the fingerprint or faceId, while the component is displayed, the webview does not respond. We do not see the calls made by the webview, nor can we respond to them. Even if you open the Safari debugger, the webview does not respond UNTIL you close the biometric component in the native part. This has created a big problem in our app, and we wanted to know if it is an issue you had on your radar. Thank you very much.

I can open an app (e.g. tiktok) from a website of mine by using the deeplink “tiktok://open”, if the app is installed on my iphone. What's the deeplink to launch TestFlight? Thanks in advance

If "Not Secure Connection Warnings" is enabled in the Settings > App > Safari, are no HTTP connections allowed? Setting NSAppTransportSecurity does not seem to apply either.

I am posting here because we have an urgent issue affecting the operation of our service and are in need of a solution after our own analysis has come up with few answers. Beginning in iOS 18.2.x, we experienced exactly the same issue as the author of this thread, as we are also operating a service that allows for device certificate login for users configured to require one: https://developer.apple.com/forums/thread/767374 The author seems to have resolved the issue but the fix mentioned in the thread did not resolve our problem for iOS devices with iOS 18.2.x installed and the contents of that private support ticket are, of course, not visible to us. Furthermore, we have a different issue that surfaced with the release of iOS 18.3.x. Namely, the issue in iOS 18.3.x is more severe than the one in iOS 18.2.x, in that instead of simply taking a long time for the certificate/identity selection dialog to appear, it simply fails immediately and is returning a “no certificate selected” response to our server. One thing to note here is that, curiously, if we wait for several seconds (about 10-15 seconds) this behavior is not replicated. So, it seems there is potentially something going in the background, and the certificate selection process will only occur successfully like before if we wait. This is a very unideal workaround. After entering user credentials, we have the user navigate to a dedicated certificate authentication page. On the BIG IP side, upon users visiting this page, we have it configured to apply an SSL profile that contains appropriate CAs for the given user, and then requests to the browser that a new connection requiring a certificate be made. We are investigating this by checking logs in in a variety of places: We can verify in BigIP logs that a response is being returned to the server without a certificate included. For the sake of our application, this is handled as a “user did not select a certificate” event, and thus the attempted login is failed. Using the MacOS “Console” application, we are able to see the following logs from the “trustd” process of the target iOS 18.3.x device: Failure case: debug 11:19:49.648581+0900 trustd XPC [com.apple.WebKit[1034]/1#25 LF=0] operation: trust_evaluate (8) debug 11:19:49.648766+0900 trustd complex trust settings anchor Successful case (after waiting 10-15 seconds after initial login page load/before moving to certificate page): debug 11:26:02.803153+0900 trustd XPC [MobileSafari[1031]/1#169 LF=0] operation: trust_evaluate (8) debug 11:26:02.804219+0900 trustd non ev score: 121 <private> There appears to be no attempt by MobileSafari to initiate the display of a certificate selection window in the failure cases. The iOS device is swift to return a response with no certificate selected to Big IP, and the result of “no certificate selected” is thus propagated through Big IP and ultimately to our web service. Does anyone have any advice or information on the following? Recommended tools to gather more data that may be pertinent. Any ideas on changes in iOS 18.2.x+ that could have resulted in the behavior changing as described above? If more information is necessary, I will do my best to supply it. Thank you in advance!

I am currently developing an app using WKWebView. In iOS 17, Apple introduced ProxyConfiguration, and I have two questions regarding its usage: Is there a way to use ProxyConfiguration to distinguish between HTTP and HTTPS traffic? I have reviewed the documentation but couldn’t find a clear method for this. As an alternative approach, I am attempting to determine the request scheme within WKWebView and switch proxyConfigurations just before loading the request. My current implementation sends requests to hoge_a by default and switches to hoge_b only for HTTP traffic. 　 if #available(iOS 17.0, *) { if URLString.contains("http:") { webView.configuration.websiteDataStore.proxyConfigurations = [hoge_b] } } webView.load(request) if #available(iOS 17.0, *) { if URLString.contains("http:") { webView.configuration.websiteDataStore.proxyConfigurations = [hoge_a] } } 　 2. Since I modify proxyConfigurations every time webView.load(request) is called, are there any potential issues or concerns with this approach? I would appreciate any insights you may have on either of these questions.

Dear Apple Developer Experts, We're experiencing an intermittent issue with WKWebView in our macOS application where local HTML file access is occasionally denied by the sandbox, despite proper implementation and permissions. We seek your guidance in understanding and resolving this issue. Issue Description: The WKWebView occasionally fails to load local HTML files stored in the app's Contents/Resources directory Error occurs in WebKit Networking Process with sandbox denial Issue is intermittent and can be resolved by app restart or WebKit Networking Process restart Affects all local HTML files in the same directory once the issue occurs Technical Details: Error from Kernel Log: 2025-02-07 14:57:17.179821 +0800 kernel Sandbox: com.apple.WebKit.Networking(58661) deny(1) file-read-data /Applications/DingTalk.app/Contents/Resources/webcontent/contact-2024.html WKWebView Delegate Error (captured in WKNavigationDelegate method): (void)webView:(WKWebView *)webView didFailProvisionalNavigation:(WKNavigation *)navigation withError:(NSError *)error Error Details: Domain: NSPOSIXErrorDomain Code: 1 Description: "Operation not permitted" UserInfo: { networkTaskMetricsPrivacyStance: Unknown, _NSURLErrorFailingURLSessionTaskErrorKey: LocalDataTask &lt;3694CA1E-481B-4E06-975D-E3A56AD56C0F&gt;.&lt;1&gt;, _kCFStreamErrorDomainKey: 1, _kCFStreamErrorCodeKey: 1 } Key Observations: Error is captured in WKNavigationDelegate's didFailProvisionalNavigation method The issue affects all local HTML files in the same directory once it occurs Temporary workarounds we've discovered: Restarting the application completely resolves the issue Without restarting the application, terminating the "WebKit Networking Process" via Activity Monitor causes the process to automatically restart, and this resolves the issue and load works again Additional Information: We've collected complete system diagnostics (system_logs.logarchive) at the time of failure The issue appears similar to discussions in Apple Developer Forums (https://developer.apple.com/forums/thread/110072), though we're uncertain if it's the same root cause We've prepared a minimal demo project demonstrating: Our release version app can be downloaded from: https://dtapp-pub.dingtalk.com/dingtalk-desktop/mac_dmg/Release/M1-Beta/DingTalk_v7.6.45_43521682_universal.dmg?spm=0.0.0.0.UuwovG&amp;file=DingTalk_v7.6.45_43521682_universal.dmg for examining our app's codesign, sandbox, and entitlements configurations if needed Important Investigation Finding: We attempted to simulate the issue by using chmod 000 /path/to/test.html, but this produces a different error: CopyError Domain=NSURLErrorDomain Code=-1102 Description="You do not have permission to access the requested resource." UserInfo={ NSLocalizedDescription=You do not have permission to access the requested resource., NSErrorFailingURLStringKey=file:///Users/sunus/Library/Developer/Xcode/DerivedData/WKWebViewLocalDemo-eumardnlfbmwgnhkaadglsrrhzhs/Build/Products/Debug/WKWebViewLocalDemo.app/Contents/Resources/test.html, NSUnderlyingError=0x600003aedc50 {Error Domain=kCFErrorDomainCFNetwork Code=-1102 "(null)"} } This error is distinctly different from our original issue's "Operation not permitted" error, suggesting that the sandbox denial we're experiencing is not a simple file permission issue. Questions: Is this a known issue with the WebKit sandbox in recent macOS versions? Are there recommended best practices or workarounds to prevent this sandbox denial? Could this be related to the WebKit Networking Process's sandbox configuration? Are there additional diagnostics or logs we should collect to help investigate this issue? We appreciate your assistance in investigating this issue. Please let us know if you need any additional information or clarification. STEPS TO REPRODUCE Open App Then loads the local file in /WKWebViewLocalDemo.app/Contents/Resources/test.html PS, We also submit a DTS &amp; Feedback DTS:Case-ID: 11876957 Feedback-ID: FB16493282 sysdiagnose is in the Feedback-ID: FB16493282 is uploaded

I am currently developing a Chrome, Firefox and Safari web extension, and I am facing a CSP issue on the content script on Safari. The extension I develop has a content script that injects an img tag in the DOM of web pages the user is visiting. That img tag fetches its content at a specific URL. On Chrome and on Firefox, the img tag content fetches the content at the URL with no issue on every web pages, including those that set the CSP header img-src. On Safari, I'm getting the following error on web sites that set the img-src CSP header: Refused to load https://axxlfrmnpq.cloudimg.io/www.macifavantages.fr/wp-content/uploads/2021/06/Garmin-logo.png?func=bound&w=225&h=113 because it does not appear in the img-src directive of the Content Security Policy. Here is the actual CSP img-src header content of the web page where, on Safari, the injected img tag does not load the content at https://axxlfrmnpq.cloudimg.io/www.macifavantages.fr/wp-content/uploads/2021/06/Garmin-logo.png?func=bound&w=225&h=113: Content-Security-Policy: img-src https://secure.adnxs.com https://www.facebook.com https://.garmin.cn 'self' data: .garmin.com .trustarc.com .truste.com https://static.garmincdn.com https://www.google.com https://www.google.co.uk https://prefmgr-cookie.truste-svc.net https://res.cloudinary.com https://res.garmin.com https://.criteo.com https://.doubleclick.net https://www.googleadservices.com https://px.adentifi.com https://rtb.adentifi.com https://.teads.tv https://www.googletagmanager.com https://bat.bing.com https://.yahoo.com https://sync.outbrain.com https://*.google-analytics.com https://stats.g.doubleclick.net https://static.hotjar.com https://script.hotjar.com .akamaihd.net https://.tealiumiq.com https://deploytealium.com https://pixel.mediaiqdigital.com; My question is, is the page CSP blocking the img tag injected in the web page by the extension's content script? If so, is this behavior documented somewhere, or is it a Safari bug? I saw there is a similar post on the forum, but I couldn't find if the issue is a bug or if it's the expected behavior on Safari: https://developer.apple.com/forums/thread/651542?login=true. Thank you very much for your help.

We have an app store app that hosts an internal webserver we use as a proxy and it works for a period until iOS 18.3.x decides our cert is no longer valid at which point our customer have reinstall the app. This has only become a problem on iOS18.3. We publish the self-signed with out app, and it is valid and accepted until it's not. We know the cert is valid and our implementation of the local proxy has not changed. If we install a cert on the device and trust it, then the app will start behaving normally again without reinstall. We have replicated this locally and the error we are seeing is: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _WKRecoveryAttempterErrorKey=<WKReloadFrameErrorRecoveryAttempter: 0x301111e40>, networkTaskDescription=LocalDataTask <541390E2-65FA-47AB-80B1-10209D6C761A>.<3>, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=( "<cert(0x108e3b700) s: 127.0.0.1 i: 127.0.0.1>", "<cert(0x108e3b980) s: 127.0.0.1 i: 127.0.0.1>" ), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://localhost:8082/Blablal/?device=ios&sftouch=1&pgport=8081&secure=1, NSErrorFailingURLStringKey=https://localhost:8082/blahblah/?device=ios&sftouch=1&pgport=8081&secure=1, NSUnderlyingError=0x301e1d680 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802}}, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <541390E2-65FA-47AB-80B1-10209D6C761A>.<3>" ), _kCFStreamErrorCodeKey=-9802, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <541390E2-65FA-47AB-80B1-10209D6C761A>.<3>, networkTaskMetricsPrivacyStance=NotEligible, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x302670a50>, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made.}

We are using WebKit in our app and recently started noticing a crash occurring on iOS 17 and earlier versions. The crash log shows the following error: Thread 0 Crashed: 0 WebKit 0x00000001a38593cc WebKit::WebPageProxy::updateActivityState(WTF::OptionSet<WebCore::ActivityState>) + 220 (WebPageProxy.cpp:2544) 1 WebKit 0x00000001a39cb1e0 WebKit::WebPageProxy::dispatchActivityStateChange() + 132 (WebPageProxy.cpp:2653) 2 WebKit 0x00000001a3f541f8 WTF::Detail::CallableWrapper<WebKit::WebPageProxy::scheduleActivityStateUpdate()::$_5::operator()() const::'lambda'(), void>::call() + 52 (Function.h:53) 3 JavaScriptCore 0x00000001a48317ec void WTF::dispatchWorkItem<WTF::(anonymous namespace)::DispatchWorkItem>(void*) + 60 (WorkQueueCocoa.cpp:48) 4 libdispatch.dylib 0x00000001964f5dd4 _dispatch_client_callout + 20 (object.m:576) 5 libdispatch.dylib 0x00000001965045a4 _dispatch_main_queue_drain + 988 (queue.c:7898) 6 libdispatch.dylib 0x00000001965041b8 _dispatch_main_queue_callback_4CF + 44 (queue.c:8058) 7 CoreFoundation 0x000000018e623710 __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__ + 16 (CFRunLoop.c:1780) 8 CoreFoundation 0x000000018e620914 __CFRunLoopRun + 1996 (CFRunLoop.c:3149) 9 CoreFoundation 0x000000018e61fcd8 CFRunLoopRunSpecific + 608 (CFRunLoop.c:3420) 10 GraphicsServices 0x00000001d34d01a8 GSEventRunModal + 164 (GSEvent.c:2196) 11 UIKitCore 0x0000000190c5890c -[UIApplication _run] + 888 (UIApplication.m:3713) 12 UIKitCore 0x0000000190d0c9d0 UIApplicationMain + 340 (UIApplication.m:5303) After investigating, we found that this crash was addressed in this https://github.com/WebKit/WebKit/pull/24778 WebKit PR. However, our app is still crashing for users on older iOS versions where this fix is not available. Is there a known workaround to prevent this crash on affected iOS versions? Any guidance would be greatly appreciated.

There does not appear to be any way to use or create iCloud passkeys with a Safari Web Extension, either using the navigator.credentials API in an extension origin webpage such as the popover, or using the AuthenticationServices framework in the SafariWebExtensionHandler. I've setup an associated domain for my plugin, and I know it works for the host application. But I get errors trying to do so in the web extension target. createCredentialRegistrationRequests results in the following error: Domain=com.apple.AuthenticationServices.AuthorizationError Code=1004 "Application with identifier <ID> is not associated with domain <RPID> The other problem, assuming the entitlement works correctly for the web extension, is that there is no NSWindow to use as the presentation target from the SafariWebExtensionHandler. Trying to use the navigator.credentials.create JS API (which is the preferred method, frankly, in a web extension) results in the following error: NotAllowedError: The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission. Chrome has a great solution for this that I believe should be adopted by Safari. If an extension has host permissions for a relying party it wants to claim, or if it has an associated domain entitlement for it, webauthn operations should be allowed.

As of IOS 18.3, there browser.tabs.create methods active property which is supposed to determine whether a tab get open in the active window or not is not working as it should. I have the active property set to false but the tab still gets opened and is active on the window. Tested on older ios versions 18.2 and below and it works as it should. please advise

I'm currently experimenting to add 3d stereo images in HEIC format to my daily Mars Rover Images website https://areo.info/mars20 which can be opened on a Vision Pro. Only a few images are yet converted into that mode, those on the sol 1411 page. As I'm currently only working in the Vision Pro Simulator from Xcode, no real 3d effect if of course visible and I'm curious if anyone using the real hardware can confirm that the images are working. Especially the eye distance correction is important to know about as the Mars Rover camera has a much wider pupil distance than humans and while I entered that distance in the conversion tool, I'm not sure if it worked well. So feedback is welcome! For those who like to try to create stereo images themselves: I used https://developer.apple.com/documentation/ImageIO/writing-spatial-photos to create a HEIC file from two JPEGs.

hi, I'm having an issue with Safari devlop menu "Web Extension Background Content" menu item being grayed out. I cant do any debugging right now and its becoming mission critical for us. Any help is appreciated. Thank you,

I've a apple pay integration on my website. The new sdk, that allows third party browsers. My integration works well everywhere, except on third party when I read the QR code it results in a "payment incomplete". I have gone through several threads in apple dev forums, and several guides on implementation steps and troubleshooting. But I'm still without solution. When Debugging in iOS device I get: "Application failed to provide a valid merchant session. We can't proceed to authorize the transaction." I've doublechecked, the values I send to create the payment Session are correct, the domain and merchantIds. (It works well with the same implementation on safari, what's the difference here?) I've also doublechecked the values i'm sending to the completeMerchantValidation, and they are all in the right format and types. What else can iIcheck?

WebRTC and Web Audio are essential for modern web applications, powering everything from real-time voice communication to accessibility tools. However, in iOS Safari, these technologies are suspended as soon as the screen locks or Safari goes into the background. This makes web-based calling, live audio spaces, broadcast sessions and assistive applications unreliable for iOS users. Why This Matters: It’s impractical and inefficient. Asking users to keep their screen on to continue a WebRTC call wastes more battery, as the display is one of the most power-intensive components of a device. Allowing WebRTC audio to run in the background would be more battery-efficient than forcing the screen to stay lit for extended periods. Competing platforms allow WebRTC to run in the background. Safari’s restriction puts web-based applications at a disadvantage compared to native apps. Many industries depend on persistent WebRTC audio, including telehealth, live broadcasting, and accessibility tools. This restriction forces developers to build native iOS apps instead of using the open web, limiting web innovation and increasing development costs. Proposed Solution: Apple could implement an explicit user permission for background WebRTC, similar to how background audio playback is already handled for media apps. This would balance user security with the need for uninterrupted real-time communication—without forcing users to keep their screens on unnecessarily. I would love to hear if anyone has found workarounds or if Apple has commented on potential improvements in future iOS versions.

After the official release of iOS 18.3, our app has collected numerous identical crash logs. These crashes occurred on different devices, but the common denominator is that they all, and only, happened on iOS 18.3. Based on the stack trace, the crash is happening internally within WebKit. The details are as follows: Crashed: com.apple.main-thread 0 WebCore 0x721f9c + 28 1 WebCore 0x15b6924 + 11356 2 WebCore 0x15b174c + 1008 3 WebCore 0x1776e4 + 292 4 WebCore 0x17753c WebCore::SerializedScriptValue::deserialize(OpaqueJSContext const*, OpaqueJSValue const**) + 100 5 WebKit 0x530b28 + 92 6 WebKit 0x5a0d2c + 176 7 WebKit 0x9e74b0 + 956 8 WebKit 0xe43d58 + 392 9 WebKit 0x886ac + 272 10 WebKit 0x88940 + 44 11 WebKit 0x87a74 + 252 12 WebKit 0x875ec + 576 13 JavaScriptCore 0x2f8a48 ***::RunLoop::performWork() + 204 14 JavaScriptCore 0x2f895c ***::RunLoop::performWork(void*) + 36 15 CoreFoundation 0x73f4c CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION + 28 16 CoreFoundation 0x73ee0 __CFRunLoopDoSource0 + 176 17 CoreFoundation 0x76b40 __CFRunLoopDoSources0 + 244 18 CoreFoundation 0x75d3c __CFRunLoopRun + 840 19 CoreFoundation 0xc8284 CFRunLoopRunSpecific + 588 20 GraphicsServices 0x14c0 GSEventRunModal + 164 21 UIKitCore 0x3ee674 -[UIApplication _run] + 816 22 UIKitCore 0x14e88 UIApplicationMain + 340 23 18Birdies 0x1b2d3c main + 14 (main.m:14) 24 ??? 0x1ac161de8 (Missing)

We are building a Safari web extension utilising native messaging, to send messages to the Swift native part of the app. We sometimes experience, that the beginRequest handler is executed multiple times, at the same time. We have a special part of the code in the handler, that must be run only once. Because it uses NS defaults storage, and also because it calls our servers. We have tried to use a serial dispatch queue, as well as other locking and mutex techniques, to no success. We suspect that the instances of the handler are isolated in a way, that these locks don’t work (maybe they don’t share memory?). But we are not sure. When looking at os_logs from the handlers, they all share the same PID. Has anyone experienced anything similar and can shed some light on what's going on?

Safari 18.0.1 on macOS 15.01 doesn't support the Passkey PRF extension during cross-device WebAuthn authentication when using QR code scanning, while it works correctly with iCloud passkeys. Steps to Reproduce: Clone and setup: git clone https://github.com/quocle108/passkey-prf-test yarn yarn start Test iCloud Passkey Flow: Open http://localhost:3000 in Safari Open DevTools (Cmd+Option+I) Click "Register" Choose "Passkey on iCloud" Expected console output: PRF supported: true Test Cross-Device Flow: Click "Register" Choose "Phone/Tablet" Scan QR with mobile device Expected: PRF supported: true PRF extension should be supported in cross-device flow, matching iCloud passkey behavior. Actual: PRF supported: false Cross-device flow returns empty extension results. Verify in Chrome Repeat steps 2-3 in Chrome Both flows return proper PRF extension results: PRF supported: true Test Environment: Browser: Safari 18.1.1 , Chrome 131.0.6778.70 OS: macOS 15.01 Mobile: iOS 18.x / Galaxy Note9 Android 10 Test repo: https://github.com/quocle108/passkey-prf-test