Is it possible to enable/disable the enabled flag before the extension is loaded? we want to have a button in our app which controls the availability of the content blocker ruleSet in declarative_net_request in manifest (version 2). "declarative_net_request": { "rule_resources": [ { "id": "ruleset_1", "enabled": true, "path": "ruleset_1.json" } ] },

We have observed that blocking content using Safari web extension does not fetch few URLS within the #document (documentURLs) because the onBeforeRequest webextension API is currently not available in Safari iOS. But it works fine using the Content blocking extension. We have a list of URLs which we want to block from the website. Which extension would you suggest the Content blocking extension or the Safari web extension?

I am using two iPhone11 devices, having iOS v17.6.1 for automation testing using Seleniumv4.X-Appium v2.x. Today I updated the mac to Sequoia15 version which updated the XCode to v16. Just after this update, I could not able to run the previously running automation script. The console message is "org.openqa.selenium.SessionNotCreatedException: Could not start a new session. Response code 500. Message: Unable to launch WebDriverAgent. Original error: xcodebuild failed with code 70. This usually indicates an issue with the local Xcode setup or WebDriverAgent project configuration or the driver-to-platform version mismatch."

Hi everyone, I’m working on an iOS app using WKWebView, and I have a specific use case involving cross-origin iframes and form autofill. I’m wondering if it’s possible to programmatically fill input elements, such as credit card numbers, within a cross-origin iframe loaded in a WKWebView. I understand that due to the Same-Origin Policy, direct DOM manipulation of cross-origin iframes is restricted. However, I’m curious if there are any methods or workarounds that might allow me to achieve this, specifically within the context of WKWebView. Thanks.

Since updating to iOS v17.4.1 our safari extension no longer functions as it used to We are experiencing issues where our content script is not getting initialized, On devices running iOS 17.4.1, the content script included in our extension does not appear to run. There are no logs from the content script in the console, whereas on other versions and devices, it operates as expected. Our Extension relies con communication between the background and content scripts in order for us to render various popups to our users, based on our logs as of iOS 17.4.1 this communication is not successful, we can see messages being sent from the background script but as mentioned above nothing on the content script side. This behavior happens majority of the time and on random sites, sometimes opening the same site in a new tab would work but not always. There are also times where we would only receive our popups after opening the safari menu and interacting with our extension via this menu. Please assist with a way forward

Flutter web view- I am downloading assets from server and using that assets to create html file to load on web view. I downloaded them to the local document directory on the device. From there I can load the HTML files in a webview using the file:// schema, with the benefit that images, css etc. that are referenced in the HTML are loaded as well. This works fine in Android (simulator and real device) as well as in an iOS simulator. But on an iOS device the flutter webview fails to load assets , images & css files with a relative URL from local directory. This is strange as the iOS simulator should behave the same in that case (as it is not really a hardware related issue). Help me out from this issue.

Hello! We have been testing the upcoming Safari 18 on macOS 15 Sequoia betas and noticed one inconsistent detail about Safari Web Extensions support compared to other browser which implement Web Extensions (Chrome, Edge, Firefox). Background We have a Safari Web extension which is monitoring navigation events using browser.tabs.onUpdated API. navigation event subscription code sample browser.tabs.onUpdated.addListener((tabId, changeInfo, details) => { onTabUpdated(tabId, changeInfo, details) }); navigation event handling code sample onTabUpdated(tabId, changeInfo, details) { console.log(`onTabUpdated: ${tabId}`, changeInfo, details); // check URL in the tab for safety } }); If the extension detects that the user navigates to an unsafe URL, it redirects the user to a page hosted by the extension. It's an HTML resource from the extension bundle. The extension is using browser.tabs.update API to redirect a specific tab to an internal page. const internalPage = browser.runtime.getURL("popup.html"); browser.tabs.update(tabId, { url: internalPage }); Discovered problem When we use browser.tabs.update API browser.tabs.update(tabId, { url: internalPage }); to redirect the user from an unsafe page, we notice that the redirected tab changes its identifier. We know that is the case because we see another API firing. It's called browser.tabs.onReplaced. We have a similar subscription for those events. When the page is redirected, the onTabReplaced handler is firing and informs us about the tab ID change after the redirect. onTabReplaced(addedTabId, removedTabId) { console.log(`onTabReplaced: ${removedTabId} -> ${addedTabId}`); } This is problematic for us in several ways: The extension keeps track of the tab ID so that when the embedded HTML page is loaded, it can still tell the user about the original URL that was blocked. The behavior observed in Safari 18 breaks current expectations of our code and breaks the functionality of our extension. This behavior is specific to Safari 18. Safari 17 does not behave this way which means that we will need to deploy an update to our Safari extension to mitigate that bug on the upcoming Safari version. Moreover, this behavior is not observed in other browsers which implement Web Extensions standard (Chrome, Edge, Firefox). All these browsers preserve the tab ID after redirect. That is a problem for us as we run the same code in all 4 browsers that we support. This will cause increase of code complexity to cover Safari as an exception out of common rule. Environment Safari version 18.0 (20619.1.26.31.6) and all prior Safari 18 betas. issue does not happen on Safari 17. macOS 15 beta 8 (24A5331b) and all prior macOS 15 betas. issue has been successfully reproduced on macOS 14 with Safari 18 betas which points to the fact that the issue is not exclusive to macOS 15. Safari 18 brings the faulty logic. The issue has been confirmed and reproduced in a sample Xcode prowejt provided by Apple called "Sea Creator". So the issue is not specific to a single extension. Feedback case FB14975378. It contains sample code, the full Xcode project, screenshots and sysdiagnose. Any advice or assistance is highly appreciated!

We have an iOS Safari extension currently distributed via Testflight. I’ve noticed that after an indeterminate period of time (sometimes days, sometimes weeks) our safari extension will stop working. It will need to be turned on again from the system general -> safari -> extensions menu. This is occurring on both iPhones and iPads running 17.6.1. Is there any condition that will cause the system to disable a safari extension, requiring the user to reopen iOS settings to re-enable?

We have an iOS Safari extension currently distributed via Testflight. I’ve noticed that after an indeterminate period of time (sometimes days, sometimes weeks) our safari extension will stop working and will need to be turned on again from the system general -> safari -> extensions menu. This is occurring on both iPhones and iPads running 17.6.1. Is there any condition that will cause the system to disable a safari extension, requiring the user to reopen iOS settings to re-enable?

Hello there, We are having a problem when trying to repdorucir videos with videojs in a webview on devices with iOS older than 17.4. When playing them you see that the player restarts several times until crashing the webview. This are the xcode logs when this happens: Error acquiring assertion: <Error Domain=RBSServiceErrorDomain Code=1 "(originator doesn't have entitlement com.apple.runningboard.assertions.webkit AND originator doesn't have entitlement com.apple.multitasking.systemappassertions)" UserInfo={NSLocalizedFailureReason=(originator doesn't have entitlement com.apple.runningboard.assertions.webkit AND originator doesn't have entitlement com.apple.multitasking.systemappassertions)}> 0x114029980 - ProcessAssertion::acquireSync Failed to acquire RBS assertion 'WebKit Media Playback' for process with PID=64167, error: Error Domain=RBSServiceErrorDomain Code=1 "(originator doesn't have entitlement com.apple.runningboard.assertions.webkit AND originator doesn't have entitlement com.apple.multitasking.systemappassertions)" UserInfo={NSLocalizedFailureReason=(originator doesn't have entitlement com.apple.runningboard.assertions.webkit AND originator doesn't have entitlement com.apple.multitasking.systemappassertions)} 0x1140180c0 - [PID=64164] WebProcessProxy::didClose: (web process 0 crash) 0x1140180c0 - [PID=64164] WebProcessProxy::processDidTerminateOrFailedToLaunch: reason=Crash

After iOS 17.4, Passkey Autofill stopped working inside ASWebAuthenticationSession. iOS 17.5 re-enabled users to pick passkeys if they tap "🔑" icon on right bottom of keyboard and opened Safari password manager. However, it still doesn't recommend passkeys on the first view. Even on the latest iOS 18.0 developer beta, the behaviour is not fixed yet.

Unable to create a cookie using WebKit API or manually create a cookie in Safari with SameSite=None on a device using iPadOS 18 beta. In Safari, the None option is still in the drop down as a selection for SameSite which leads me to believe this is a bug. Is this going to be fixed in the release version of iOS 18?

Hello, a very simple question, is there a test domain that is flagged by safari as a fraudulent webpage? one that is just for testing? Thank you.

We have implemented a content blocker using the Safari Web Extension, which can be toggled on or off as needed. However, we've noticed that changes in the Safari browser take effect only after the page is reloaded again. This behaviour has been observed across all simulators as well as on iPhone 8 Plus running iOS 16.7.8. Is this due to a delay in the JS file rules updation on simulator and lower devices?

Hello everyone, I am currently developing several Progressive Web Apps (PWAs) and I am wondering if it’s possible to programmatically open an installed PWA on iOS/iPadOS from another app or a link. My goal is to be able to launch an installed PWA directly from an action in another PWA, a web app, or a native app on iOS. For example, I’d like to know if this can be achieved via a deep link, a custom protocol (web+), or any other mechanism available on these platforms. Has anyone successfully implemented this feature or found a workaround to programmatically open an installed PWA on iOS/iPadOS? Thank you very much for your feedback and suggestions!

Hello, dear Apple community I have WordPress website: https://fritzboxwelt.de/ I was using Google Chrome to access the website dashboard. For some reason, I shifted from Chrome to Safari, but now I am facing errors when logging in. What should I do now? Is it a website issue or my browser settings are not okay? It will be great to hear from you.

Hi, I'm experiencing an issue with my Safari extension on iOS 18. When trying to access images using browser.runtime.getURL(), it doesn't work as expected. The same code works on iOS 17 and earlier versions. Here's my manifest file and code snippet. "web_accessible_resources": [ { "resources": [ "html/*.html", "images/*.png", "images/*.gif", "images/*.svg", "json/*.json", "fonts/*.ttf", "css/*.css" ], "matches": [ "<all_urls>" ] }, "images/fs_loading.svg", "images/status_protected.svg", "images/safe_check_icon.svg" ] `var status_ok_svg = browser.runtime.getURL("images/status_protected.svg");` Note: Image all are added in Images folder only

I'm experiencing a Safari Web Extension issue where the non-persistant background script seems to crash after 30 seconds even when the content script is messaging it. Here is a minimal-reproducible example. When running in an emulator, the background script will stay responsive forever. However, when running on a physical device, the background script becomes non-responsive after 30 seconds of activity. It never becomes responsive again until I toggle the extensions enable/disable toggle, after which it stays active for 30 seconds and then crashes again.

We had developed an iOS Safari web extension (which uses non-persistent background scripts) that functioned properly until iOS 17.3. However, I've encountered inconsistent behavior on iOS 17.4.1, 17.5, and 17.5.1. Upon further debugging, I noticed that the background scripts often become idle and are unloaded frequently. They are not loaded again even for the registered webNavigation events and only trigger when interacting with the extension popup menu. This is also mentioned here. I had tried this in both manifest versions 2 & 3. I had tried using service_worker for background scripts. But, none of it seems to resolve this issue. Could you please clarify if this is a bug or an intended behavior? Our extension relies on webNavigation events without users having to interact with the popup menu often.

Hello there! At our company we have started to deal with an issue in the latest iOS (17.5) version. It looks like the background script of the extension becomes unresponsive after a short amount of time (around 30 seconds) after performing more than one request to it within a range of 1 - 4 seconds. How it can be tested? Pretty simple example: // content.js const t = 4000 // Using less than 4000ms makes background script unresponsive async function requestNext() { return browser.runtime.sendMessage({ greeting: "getNext" }) } setInterval(async () => { const n = await requestNext() console.log("current is: " + n) }, 4000) // background.js let counter = 0 browser.runtime.onMessage.addListener((request, sender, sendResponse) => { console.log("Received request: ", request); if (request.greeting === "getNext") { counter++ sendResponse(counter); return true } }); Whenever the browser.runtime.sendMessage is executed too fast the background script will stop working. As far as we have been able to check this only can be reproduced after 17.4.1