I am getting an error when trying to call an api being hosted on my local development machine from an XCode project running on my iPhone: Task <xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx>.<2> finished with error [-1202] Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “10.0.0.5” which could put your confidential information at risk." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=( "<cert(0x106046600) s: XXXXXXXXXX-Dev i: XXXXXXXXXX Dev CA>", "<cert(0x106047000) s: XXXXXXXXXX Dev CA i: XXXXXXXXXX Dev CA>" ), NSErrorClientCertificateStateKey=0 I have followed the instructions for creating a certificate authority and certificate and installing it on my phone as outlined in Creating Certificates for TLS Testing and Installing a CA’s Root Certificate on Your Test Device. I have read posts in this forum without resolution and seen them on stack overflow like this one and this one which have not been answered or the solutions do not work in more current environments (example response: "This doesn't work in XCode 14.2"). I did have this running in earlier versions and with Android Studio. It would be ideal to have the current state answer to how to develop api's on your local machine and call them from your iPhone or simulator.

Requirements: Suppose a carrier provides multiple networks and an iPhone can switch to the best network based on signal strength. Questions: In iOS, suppose we need to switch IMSI based on the best network available then is it possible to achieve that. We do have apple carrier entitlements as well. Can we achieve with Applet? if Yes so please describe it like how can we create applet and how applet works to switch IMSI profile.

In macOS Sequoia, there are up to 3 locations where an end user can enable or disable a Network Extension. In order of appearance in the System Settings.app application: Network > Filters General > Login Items & Extensions (1) General > Login Items & Extensions > Network Extensions a) it's quite difficult for an end user (and even a developer) to understand why there are 3 different locations and whether we are dealing with the same unique item or not. e.g. why would an end user have a clue about the difference between a Network Extension and a (Packet | Content) Filter? b) it's not possible for an end user to figure out what the consequences of disabling an item in one of these 3 locations is going to be, because, in each case, the consequences appear to be different, undocumented or not detailed clearly in the UI. (2) [Q] Is there a clear, complete and detailed documentation for Network Extensions UX controls in macOS Sequoia? For either end users or developers? I could't find one when searching inside www.apple.com or developer.apple.com. (1) not sure why a Network Extension also appears here as it's not a launchd daemon controlled by a 3rd party launchd plist. And not sure to understand why it's there since there's now the Network Extensions panel. (2) it does not help that the output of the systemextensionsctl command line tool, in most cases, reports that the extension is still activated and enabled.

NSURLSessionConfiguration *configuration = [NSURLSessionConfiguration defaultSessionConfiguration]; configuration.URLCache = [[NSURLCache alloc] initWithMemoryCapacity:20 * 1024 * 1024 diskCapacity:100 * 1024 * 1024 diskPath:@"myCache"]; if (!configuration) { NSLog(@"Failed to create session configuration."); return; } NSURLSession *session = [NSURLSession sessionWithConfiguration:configuration]; if (!session) { NSLog(@"Failed to create session."); return; } NSURL *url = [NSURL URLWithString:@"https://example.com"]; if (!url) { NSLog(@"Invalid URL."); return; } NSURLRequest *request = [NSURLRequest requestWithURL:url]; if (!request) { NSLog(@"Failed to create request."); return; } NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) { if (error) { NSLog(@"Error: %@", error.localizedDescription); } else { NSLog(@"Data received: %@", data); } }]; if (!dataTask) { NSLog(@"Failed to create data task."); return; } dataTask.priority = NSURLSessionTaskPriorityDefault; [dataTask resume]; error message Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '*** -[NSFileManager createDirectoryAtURL:withIntermediateDirectories:attributes:error:]: URL is nil' *** First throw call stack: (0x1848bd08c 0x181bbf2e4 0x183585f48 0x185d2f2bc 0x185d2ec7c 0x10709271c 0x1070a3f04 0x185d2ea88 0x185d2db20 0x185d2d5f4 0x185d2d07c 0x185d274b0 0x185dd82c4 0x185dd8214 0x185dd730c 0x107090a30 0x10709271c 0x10709a5e8 0x10709b394 0x10709cb20 0x1070a85f0 0x1070a7c00 0x20bc27c7c 0x20bc24488) libc++abi: terminating due to uncaught exception of type NSException

I tried building some app logic around NetworkMonitor.isConnected in my watch app (I want to trigger an update when the user opens the app and isConnected == true, otherwise observe NetworkMonitor.isConnected until it changes to true), and I found out that on a real device, NetworkMonitor.isConnected is always false. This does not seem to be documented anywhere. Am I right in assuming NetworkMonitor is not to be trusted on the watch? watchOS version is 18. I found an old post where eskimo argues that NWPathMonitor is not useful on the watch (which is also not documented), is it the same for NetworkMonitor? https://forums.developer.apple.com/forums/thread/127080

Hello, I have a Qt c++ executable that accesses a server backend on my local network. After building the executable, I can run it either from within the Qt Creator IDE, OR I can run it from the command line. When I launch from within the Qt Creator IDE, the same executable cannot talk to the backend server on my local network. However, the same executable when launched from the command line works fine. This started only with macOS Sequoia and the new "Local Network" permission. How can I get my IDE launched executable to work? Otherwise I cannot continue my app development.

Hi! I am new to Apple app development so please bear with me. I am trying to design an app that can mimic some of the functionality of iptables routing. The crux of it is I would like to redirect local traffic bound for a specific port to a different port and then redirect any outgoing traffic on that port back to the original port: outgoing packet bound for IP:1234 -> 127.0.0.1:2345 outgoing packet bound for IP:2345 -> IP:1234 I tried to implement this behavior with a packet tunnel but have not made any substantial progress. Is this the right approach? Here is my implementation: private func handleConnection(_ connection: NWConnection) { connection.receive(minimumIncompleteLength: 1, maximumLength: 65536) { [weak self] data, context, isComplete, error in if let data = data, !data.isEmpty { self?.processData(data, from: connection) } if let error = error { print("Connection error: \(error)") } if isComplete { connection.cancel() } else { self?.handleConnection(connection) // Continue to receive data } } connection.start(queue: .main) } private func processData(_ data: Data, from connection: NWConnection) { switch connection.endpoint { case .hostPort(let host, let port): let portNumber = port.rawValue let hostDescription = host.debugDescription print("Received data from host: \(hostDescription) on port: \(portNumber)") if portNumber == 1234 { // Rule 1: Redirect traffic from port 1234 to 127.0.0.1:2345 redirectTraffic(data, to: "127.0.0.1", port: 2345) print("Redirecting traffic from 1234 to 2345") } else if portNumber == 2345 { // Rule 2: Redirect traffic from port 2345 to the original IP address but port 1234 redirectTraffic(data, to: hostDescription, port: 1234) print("Redirecting traffic from 2345 back to 1234") } case .service(name: _, type: _, domain: _, interface: _): print("Received bonjour service") case .unix(path: _): print("Received unix domain path") case .url(_): print("Received url") case .opaque(_): print("Opaque?") @unknown default: fatalError("Unknown endpoint type") } }

How can I resolve the error（Code=65 "No route to host）. Xcode 16(SDK ios18): We invoke GCDAsyncUdpSocket to send UDP data to the broadcast address,then get Error Domain=NSPOSIXErrorDomain Code=65 "No route to host" Xcode 16.1 beta 2(SDK ios18.1): We invoke GCDAsyncUdpSocket to send UDP data to the broadcast address,then it work fine. Xcode 15.4(SDK ios17.5): We invoke GCDAsyncUdpSocket to send UDP data to the broadcast address,then it work fine. Notes: Privacy - Local Network Usage Description and the multicast entitlement has been added. Bonjour services has been added _http._tcp、_http._udp Code: GCDAsyncUdpSocket *gcdUdpSearchSocket = [[GCDAsyncUdpSocket alloc] initWithDelegate:self delegateQueue:dispatch_get_main_queue()]; NSError *error = nil; if (![gcdUdpSearchSocket enableBroadcast:YES error:&error]){ NSLog(@"gcdUdpSearchSocket enableBroadcast Error binding: %@", error); return; } if (![gcdUdpSearchSocket bindToPort:UDP_PORT error:&error]) { NSLog(@"GCDUdp Error binding: %@", error); return; } if (![gcdUdpSearchSocket beginReceiving:&error]) { NSLog(@"GCDUdp Error receiving: %@", error); return; }

My App is a rather small menu-bar status-item app with 2 informational windows. It does NOT make use of ANY of the APIs mentioned here: https://developer.apple.com/forums/thread/663874 that are bound to need "Local Network" hence trigger TCC dialog. Yet - on first run of the app, the dialog pops. App is Obj-C, and the only APIs used are Notification-Center (for scheduling local notifications to the user), XPC connections and calls to other (our) apps for gathering that information, plus normal AppKit windowing (Controls, Text-fields, etc.) nothing else. Obviously SOMETHING I do causes the thing - and I know for sure this app DOES NOT NEED access to the local network - only I do not know how to identify the specific API I need to avoid using (or change the way I'm using) Are there any specific system logs to watch for? Is there any official set of APIs that will trigger the dialog? Provided that I cannot avoid this - could this permission be granted via MDM profile payload? Our product comes with

Hi, I'm working on a sample app to enable two-way data transfer between Mac, iOS, and Android devices. The devices will be in close proximity to each other. To implement this, I used Google's Nearby API, which supports cross-platform communication. The approach has worked well for Mac and iOS devices, even across different networks. However, while Mac and Android devices communicate successfully when on the same network, they fail to discover each other when on different networks. Mac :left_right_arrow: iOS-----Works fine in all scenarios. Mac :left_right_arrow: Android-------Works only when both devices are on the same network, but fails to discover each other on different networks. Is there any alternative approach to achieve reliable cross-platform communication, or any technical documentation that could help with this? Thanks in advance!

Hi, just got upgraded this morning and now I can't use my local Tomcat install as server for my apps. I can access it in safari using localhost, but not using my computers IP. I start it from terminal. I looked everywhere in settings, and searched online of course, but have been unable to find an answer. Anyone knows how I can fit it? Input appreciated.

My app often fails to access the network (other apps on the device can access the network normally), and restarting the app is also ineffective. I need to open and close the flight mode to restore the app's network I used to suspect the background refresh was the cause, but removing the background refresh still occasionally causes this problem.

Hello, I'm developing a transparent proxy which only intercepts traffic coming from certain apps. I'm having a problem when there are other transparent proxies active where the flow.metaData.sourceApplicationSigningIdentifier property is whichever provider intercepted the traffic before my provider did. To verify this, I have implemented a small application that installs two transparent proxy profiles which handle the flows only coming from Safari. Here's the is the bit of the code where the provider determines that: open override func handleNewFlow(_ flow: NEAppProxyFlow) -> Bool { guard let flow = flow as? NEAppProxyTCPFlow else { return false } let sourceApp = flow.metaData.sourceAppSigningIdentifier NSLog("[TransparentProxyProvider] Received flow from: \(sourceApp)") guard sourceApp == "com.apple.Safari" else { return false } // Create NWConnection and handle flow copying as needed return true } As you can see from the following screenshots, when both profiles are active are the same time, the logs show that the second profile sees that the source application is the first profile: From what I understand, that happens because the Transparent Proxy Provider creates a TCP connection and therefore, from the Operating System's perspective, is initiating a new separate flow which is what is then intercepted by the second provider. My questions are: Is this expected behavior? Is there a way to find what the actual source application was? How does the Operating System determine which profile receives the traffic first?

Hello, I make a matter device with extended color light functions. I add the mode select cluster in device to set work mode of device. I can not find the work mode in Apple Home application, only the light related functions show in UI. I tested my device with chip-tool, and read out the mode from device. B.R. Ray

After update to IOS18, my app crashed. following is the exception got from xcode: Trapped uncaught exception 'NSInvalidArgumentException', reason: '*** -[NSFileManager createDirectoryAtURL:withIntermediateDirectories:attributes:error:]: URL is nil' ( 0 CoreFoundation 0x0000000194a79098 47427277-EE15-3C17-AD68-6886B0380B5E + 540824 1 libobjc.A.dylib 0x0000000191d7b2e4 objc_exception_throw + 88 2 Foundation 0x0000000193741f48 12E17A7A-B65F-35EE-82D7-CBC31004E223 + 1154888 3 CFNetwork 0x0000000195eeb2bc FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 164540 4 CFNetwork 0x0000000195eeac7c FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 162940 5 libdispatch.dylib 0x000000010342a71c _dispatch_client_callout + 20 6 libdispatch.dylib 0x000000010343bf04 _dispatch_lane_barrier_sync_invoke_and_complete + 176 7 CFNetwork 0x0000000195eeaa88 FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 162440 8 CFNetwork 0x0000000195ee9b20 FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 158496 9 CFNetwork 0x0000000195ee95f4 FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 157172 10 CFNetwork 0x0000000195ee907c FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 155772 11 CFNetwork 0x0000000195ee34b0 FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 132272 12 CFNetwork 0x0000000195f942c4 FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 856772 13 CFNetwork 0x0000000195f94214 FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 856596 14 CFNetwork 0x0000000195f9330c FA95B718-E8EB-34BD-90FA-8FB1AFE016D6 + 852748 15 libdispatch.dylib 0x0000000103428a30 _dispatch_call_block_and_release + 32 16 libdispatch.dylib 0x000000010342a71c _dispatch_client_callout + 20 17 libdispatch.dylib 0x00000001034325e8 _dispatch_lane_serial_drain + 828 18 libdispatch.dylib 0x0000000103433394 _dispatch_lane_invoke + 460 19 libdispatch.dylib 0x0000000103434b20 _dispatch_workloop_invoke + 2264 20 libdispatch.dylib 0x00000001034405f0 _dispatch_root_queue_drain_deferred_wlh + 328 21 libdispatch.dylib 0x000000010343fc00 _dispatch_workloop_worker_thread + 580 22 libsystem_pthread.dylib 0x000000021bddfc7c _pthread_wqthread + 288 23 libsystem_pthread.dylib 0x000000021bddc488 start_wqthread + 8 ) This app works fine until ios 18 appear. Could you help me? thanks

Users are reporting that 3rd-party software that leverages Apple's Network Extensions (such as LuLu and Windows Defender) are causing networking issues after upgrading to macOS 15. However as such products were working seamlessly on macOS 14.* and nothing in the code of these products changed between then and now, this would point to bug in macOS. Users have mentioned the following work arounds: Disabling the internal (macOS) firewall Upgrading to macOS 15.1 beta More info about the issues and these "workarounds" here and here.. Looking for any guidance / insight / technical details from Apple, as users are (understandably) blaming these tools and their developers 😭 Of course if there are updated APIs or some other changes in macOS 15 that developers should consider / conform to, to ensure compatibility that'd be great to know too!

Hello, I'm trying to implement a PIN request feature for a Sony TV in my iOS app. The goal is to keep the PIN entry window open on the TV until the user enters the PIN. However, I'm encountering an issue where the connection is closed immediately when using Swift's URLSession, while the same request works as expected in Postman. Here's my Swift code: let parameters = """ { "method": "actRegister", "params": [ { "clientid": "MyDevice:1", "nickname": "My Device", "level": "private" }, [ { "value": "yes", "function": "WOL" } ] ], "id": 1, "version": "1.0" } """ guard let postData = parameters.data(using: .utf8) else { completion(.failure(NSError(domain: "Invalid data", code: 0, userInfo: nil))) return } var request = URLRequest(url: URL(string: "http://\(ipAddress)/sony/accessControl")!,timeoutInterval: 30) request.addValue("application/json", forHTTPHeaderField: "Content-Type") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in if let error = error { completion(.failure(error)) return } guard let data = data else { completion(.failure(NSError(domain: "No data received", code: 0, userInfo: nil))) return } if let responseString = String(data: data, encoding: .utf8) { print("Response: \(responseString)") } } task.resume() When I send this request using Postman, the PIN window on the TV stays open as expected. I receive a 401 response, which is normal for this type of request. In Postman, I can simulate the unwanted behavior by sending the request twice in quick succession, which closes the PIN window. However, when I run this code in the iPhone Simulator, the PIN window on the TV closes immediately after appearing. What I've tried: Increasing the timeoutInterval Using URLSession.shared.dataTask and URLSession(configuration:delegate:delegateQueue:) Implementing URLSessionDataDelegate methods Expected behavior: The PIN window should stay open on the TV until the user enters the PIN or a timeout occurs. Actual behavior: The PIN window appears briefly on the TV and then closes immediately. Questions: Why does the behavior differ between Postman and my Swift code? How can I modify my Swift code to keep the connection open and the PIN window displayed on the TV? Is there a way to prevent URLSession from automatically closing the connection after receiving the 401 response? Any insights or suggestions would be greatly appreciated. Thank you! Environment: iOS 15+ Swift 5 Xcode 13+

ISSUE Upgrading a macOS Ventura host to Sequoia results in the attached three issues visible in either of the two screen shot: Whether or not "Block all incoming connections" is enabled, a small subset of connections are hard-wired to "Allow incoming connections"; It is not possible to remove the hard-wired "Allow incoming connections" (e.g., selecting the row, the "-" button at bottom left is not available"; and After the upgrade to Sequoia, SidecarRelay was set to "Block incoming connections". QUESTIONs a) What terminal level commands should be used to remove the hard-wired "Allow incoming connections"? b) What other integrity checks should I run on the firewall configuration to see if other aspects of its operations are now botched? FB15074003 tracks the issues noted above.

Hello, I recently upgraded my iPhone 13 to iOS 18.0, and I've encountered an issue with VPN applications. After downloading and installing the required certificate for the VPN, I noticed that it does not appear in the "Certificate Trust Settings." Because of this, I am unable to mark the certificate as "trusted," which results in the VPN application's features not functioning properly. This issue is critical for my VPN usage, and it was not present in previous iOS versions. Could you please provide guidance or suggest a solution to this problem? Thank you for your assistance!

Hi all, I'm developing an TCP socket SDK in C. The SDK is using Apple Network Framework and encountered some wired bad access issue occasionally on function nw_connection_send. Looking into the trace stack, it was bad access issue in nw_write_request_create, when it is trying to release a reference. However, I could not found more doc/source code details about nw_write_request_create. // on socket destroy, we will release the related nw_connection. increase_ref_count(socket) nw_connection_t nw_connection = socket->nw_connection; dispatch_data_t data = dispatch_data_create(message_ptr->ptr, message_ptr->len, dispath_event_loop, DISPATCH_DATA_DESTRUCTOR_FREE); // > Bad Access here < // While I check `nw_connection` and `data`, both seems available while the function get called. I tried to call dispatch_retain on `data`, but it was not helpful. nw_connection_send( nw_connection, data, NW_CONNECTION_DEFAULT_MESSAGE_CONTEXT, false, ^(nw_error_t error) { // process the message, we will release message_buf in this function. completed_fn(message_buf); reduce_ref_count(socket) } While I check nw_connection and data, both seems available while the function get called. I tried to call dispatch_retain on data, but it was not helpful. Is there any way to narrow down which object is releasing? As the issue happened occasionally (9 failure out of 10 attempts when I run multiple unit tests at the same time, and I rarely see it when I ran a single unit test). I would assume it was actually a race condition here. Is there a way to track down which object is released? I do understand it would be hard to track without knowing more design details of my SDK, but any related suggestions or ideas would be appreciated. Thanks in advance. More related source code: struct nw_socket{ nw_connection_t nw_connection; nw_parameters_t socket_options_to_params; dispatch_queue_t event_loop; // ... bunch of other parameters... struct ref_count ref_count; } static int s_socket_connect_fn( const struct socket_endpoint *remote_endpoint, struct dispatch_queue_t event_loop) { nw_socket = /*new socket memory allocation, increasing ref count*/ nw_endpoint_t endpoint = nw_endpoint_create_address(/* process remote_endpoint */); nw_socket->nw_connection = nw_connection_create(endpoint, nw_socket >socket_options_to_params); nw_release(endpoint); nw_socket->nw_connection->set_queue(nw_socket->nw_connection, event_loop); nw_socket->event_loop = event_loop; nw_connection_set_state_changed_handler(nw_socket->nw_connection, ^(nw_connection_state_t state, nw_error_t error) { // setup connection handler } nw_connection_start(nw_socket->nw_connection); nw_retain(nw_socket->nw_connection); } // nw_socket is ref counted, call the destroy function on ref_count reduced to 0 static void s_socket_impl_destroy(void *sock_ptr) { struct nw_socket *nw_socket = sock_ptr; /* Network Framework cleanup */ if (nw_socket->socket_options_to_params) { nw_release(nw_socket->socket_options_to_params); nw_socket->socket_options_to_params = NULL; } if (nw_socket->nw_connection) { nw_release(nw_socket->nw_connection); // Print here, to make sure the nw_connection was not released before nw_connection_send call. nw_socket->nw_connection = NULL; } // releasing memory and other parameters } static int s_socket_write_fn( struct nw_socket *socket, const struct bytePtr* message_ptr, // message_ptr is a pointer to allocated message_buf socket_on_write_completed_fn *completed_fn, void *message_buf) { // Ideally nw_connection would not be released, as socket ref_count is retained here. increase_ref_count(socket->ref_count); nw_connection_t nw_connection = socket->nw_connection; struct dispatch_queue_t dispatch_event_loop = socket->event_loop; dispatch_data_t data = dispatch_data_create(message_ptr->ptr, message_ptr->len, dispath_event_loop, DISPATCH_DATA_DESTRUCTOR_FREE); // > Bad Access here < // While I check `nw_connection` and `data`, both seems available while the function get called. I tried to call dispatch_retain on `data`, but it is not helpful. nw_connection_send( nw_connection, data, NW_CONNECTION_DEFAULT_MESSAGE_CONTEXT, false, ^(nw_error_t error) { // process the message, we will release message_buf in this function. completed_fn(message_buf); reduce_ref_count(socket) } }