A few observations Very slow response and loading times for both URLs, forms, and scrolling Frequently non-responsive touch-screen for on-page forms and actions Keyboard stays open with no option to get rid of it Auto zoom stuck in xoomed-in mode, often hiding "Save"/"Submit"-buttons Dowbload folder setting ignored Toggling of web inspector mode does not work In vertical mode, with address bar on top of screen, clicking items on bottom part of page is not registered as click, but makes the navigation bar pop up, hiding the clickable feature. For clicks to register, frequently 2-3 touches are required.

Hi, I have a SAML authentication scenario with MFA(probably Okta) in my app that runs in WKWebView using Cordova. I am currently doing POC to authenticate PIV certificates(either one of the 3 Issuers: DISA Purebred, Intercede and Entrust) in WKWebView with Cordova. As if now, I have found that WKNavigationDelegate method: didReceive challenge, we can authenticate the certificate. Also, these PIV certificates which are stored in the form of .p12 in Apple's keychain group needs to be imported using function: SecPKCS12Import. Please let me know if my understanding is correct or if there are any implementation challenges in WKWebView with Cordova. I would highly appreciate if any information regarding this can be provided.

iPhone 15pro iOS 18.2 Downloaded files cannot be located anywhere in Files, only by accessing Downloads in Safari. I have tried setting download folder to various locations, iCloud, Phone, Google Disk, but nothing is stored. Has an invisible cache or temp folder been introduced? If so, it is a total fail: When press-holding any file in Safari download, the normal file action options (Quick Look, share, store to Files, etc) are not available. When clicking any file it opens any of several apps that has this file type associated with it, and there is no way to change the default app or disable the forced opening of an app. I tried deleting the app opening .csv (in this case OneDrive), and another irrelevant app opened. There seems to be a hierarchy of apps-file types, and it has no logic to it. Tips?

Hi, I need a version of a web app to be accessible on a local network (LAN), when the users connect to a wifi without internet access. I provide a valid TLS certificate to validate the website. There is also a local DNS (dnsmasq), with the following entries to return NXDOMAIN, as specified by the documentation. server=/mask.icloud.com/ server=/mask-h2.icloud.com/ However, without internet (no cellular data), there is an error in Safari instead of the website. When there is some internet connection, there is a warning that allows to continue to the website by showing the IP address, which is not clear for the user. iPhone users are very frustrated. Is there a solution?

Hello. Environment Safari version 18.1 (22B81). Problem In my Safari Web Extension i need to determine the url of the active tab. I do it this way: const onError = (error) => { console.error(error); }; const getFrameUrl = async (frames) => { console.info(frames) }; const getAllFrames = (frames) => { browser.webNavigation.getAllFrames({ tabId: frames[0].id }).then(getFrameUrl, onError); }; browser.tabs.onUpdated.addListener(() => { browser.tabs.query({ currentWindow: true, active: true }).then(getAllFrames, onError); }); The problem is that if the tab url is a link in the blob protocol, then the result function browser.webNavigation.getAllFrames({ tabId: tabs[0].id }) is as follows: {frameId: 0, parentFrameId: -1, url: "", errorOccurred: false} In Safari version 17 the correct URL value was returned: {frameId: 0, parentFrameId: -1, url: "blob://<some id>", errorOccurred: false} How can I fix the problem? Environment Safari version 18.1 (22B81).

Hello, i've read about this error, which means a DNS-Problem. Some hints: I'm using an Apple MDM and have set up an cardDAV-Server with "Radicale". If i set up the account for this cardDAV on the iPhone manually, everything works fine, i even can get the Website on my cardDAV in Safari without problems. If i deploy this payload with my MDM, i'll get the Error and after We'll refresh if we find a better network connection. I don't understand where the problem is. Thomas

Safari samesite none cookie added after login but we are facing the issue in post method. While doing the post method cookie not getting into request header.And always sending the new cookie in the response header. Safari not sending the cookie into request header with samesite none. Kindly help me out.

I have a url that I want to stream, the stream is protected by basic auth. I am using URLAuthenticationChallenge (wkwebview navigation delegate function) method to provide my credentials. the credential changes with every stream url. The issue I am facing is that URLAuthenticationChallenge is never called upon refresh or on new URL request until the app is killed and opened again. I have tried: clearing cooking setting cache to ignore opening an another blank url using child view approach setting wkwebview instance to nil I always end up with 401 in decidePolicy (wkwebview delegate functions) on subsequent refresh call. Upon inspecting I see that it is using my previous used credentials and never calling challenge to update. *Backend has a no-cache policy in its header. **I am using http resource, the aim is to have streaming service on iOS. class ViewController: UIViewController, WKNavigationDelegate, WKUIDelegate { @IBOutlet weak var wkWebView: WKWebView! override func viewDidLoad() { super.viewDidLoad() let url = URL(string: "http://some-ip-address/some-path")! var request = URLRequest(url: url) request.httpMethod = "GET" wkWebView.configuration.allowsInlineMediaPlayback = true wkWebView.navigationDelegate = self wkWebView.load(request) } // this is just called once. we want to call it everytime our page refreshes. // we have tried clearing cache and cookies but failed to call challenge func webView(_ webView: WKWebView, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping(URLSession.AuthChallengeDisposition, URLCredential?) -> Void) { let credential = URLCredential(user: "user", password: "password", persistence: .forSession) completionHandler(.useCredential, credential) } }

crash screenshot below：

Hi Apple Team, We have a PWA which supports downloading and playback for audio and video content. Downloaded content is stored in IndexedDB in the form of blobs and blob URLs are generated on runtime through which content is played. We have observed that the blob URLs have stopped working on iOS 17.4.1. They work on iOS 17.4 and iOS 17.3 as well. This feature is very critical for us as it is the heart of the offline mode of the app. Thanks!

In our project, URLProtocol is used to intercept the request of WKWebView.loadRequest. On iOS18, if the APP is idle for more than 10 minutes and then clicks on an H5 page, the time from WKWebView.loadRequest -> URLProtocol.canInitWithRequest will be as long as 600ms or more, but the second time the H5 page is opened, it will only be 80ms. This only occurs on iOS18 models.

Hello, I'm facing the issue of not working sync of Safari tabs across my devices. I'm currently on macOS 15.2 Public Beta and iOS 18.2 Public Beta and sync still doesn't work. When I try to turn it off on all devices and set-up again it starts working and sync properly but only one time, than again stop working properly. It's also described here as an issue: https://discussions.apple.com/thread/255767048?sortBy=rank

I have an webview that loads videos in it, we would like to be able to fullscreen our videos, so we use the fullscreen preference in the documentation however when it is set to true, upon fullscreening a video then pausing it, the entire video player will disappear. You can exit fullscreen and attempt to fullscreen the video player once again, however upon doing this the entire app view will now disappear and you'll see your desktop background (or whatever is currently behind your app). This behavior seems consistent across multiple websites with the current app. I have setup a sample project you can test here The Main error that seems to trigger to the console is this. I have not been able to find a solution to, maybe I am simply missing something here. I am on Sequoia 15.2 for Mac. Attempting to update all DD element frames, but the bounds or contentsRect are invalid. Bounds: X: 0.00 Y: 0.00, W: 0.00 H: 0.00, contentsRect: X: 0.00 Y: 0.00, W: 1.00 H: 1.00 , skipping

Script error. We've decided to implement certain highly-dynamic content in out iOS codebase using web technologies, here's what we're doing: We download a zip file containing html, javascript, and images. We unzip the archive, construct a WKWebView, and load the content using webView.loadFileURL(indexHtmlUrl, allowingReadAccessTo: parentDirectory) This works fine, but we'd also like to be notified on any rendering errors that might be raised, so we can fix them. let errorHandlerScriptString = """ (function() { var oldLog = console.log; console.log = function(message) { window.webkit.messageHandlers.consoleLog.postMessage(message); oldLog.apply(console, arguments); } })(); // don't even allow asking for location permissions navigator.geolocation.getCurrentPosition = function(success, error, options) { error({ PERMISSION_DENIED: 1, code: 1 }); }; window.onerror = (msg, url, line, column, error) => { const message = { message: msg, url: url, line: line, column: column, error: JSON.stringify(error) } if (window.webkit) { window.webkit.messageHandlers.error.postMessage(message); } else { console.log("Error:", message); } }; """ let errorHandlerScript = WKUserScript(source: errorHandlerScriptString, injectionTime: .atDocumentStart, forMainFrameOnly: false) webView.configuration.userContentController.addUserScript(templateParamsScript) This causes the error messages to be censored to just "Script error." - See here for more reference https://stackoverflow.com/questions/50229935/wkwebview-get-javascript-errors This seems to be a security measure to prevent scripts with a different origin from reading error messages. I've tried to move the javascript that hooks to window.onerror to a file that's loaded in the header of the html, as well as putting it directly at the beginning of the <body> tag. Same results, still censored. There's recommendations to load the html using webView.loadHTMLString(html, baseURL: URL(string: "http://localhost/")!), but my understanding is that than there is not way to access a local resource, such as an image that was downloaded together with the html?

If the host name included in the URL of the PWA and the host name included in the URL of the xlsx file accessed from within the PWA match, the upper menu portion of the application selection screen for opening the xlsx file will be blank. However, if the host name in the PWA URL is changed from the PC name to an IP address and the host name in the URL of the xlsx file accessed from within the PWA is left as the PC name so that the host names do not match, the upper menu portion of the application selection screen for opening the xlsx file will be displayed. (e.g., the Safari icon appears in the upper right corner). Is anyone else experiencing the same phenomenon? Is it a bug?

iOS16 and iOS17 were fine, but on iOS18, our Safari extension that blocks content via static rulesets randomly stops working. Frequently, when a tab is left in the background for a long time (i.e. hours), the content blocker will stop working (until I either kill safari, or reload the extension). I've debugged this and the background.js script reports the ruleset as being loaded, but nevertheless, our rules aren't applied. I really don't think that it's an issue with the way that the rules are defined, since iOS16 and iOS17 worked fine, and on iOS18, the rules DO work. They just stop working after a while. "declarative_net_request": { "rule_resources": [ { "id": "ruleset_1", "enabled": true, "path": "ruleset_1.json" } ] }, Some theories: I have other content blockers on my phone that have LOTS of rules (adguard). Could I be seeing the effects of too many rules? Can I debug this somehow? Do logs get printed somewhere when the max rule limit is reached? Does the use of private and regular tabs mess things up? Please, any input is appreciated, as all of our logs are normal and error-free.

My Safari Web Extension got rejected with the following reason: "Guideline 4.0 - Design The user is taken to a new Safari window or tab to sign in or register for an account, which provides a poor user experience." Is this right? First of all Design guide line 4.0 does not seem to mention antyhing about this topic. Second, I've seen many, many web extensions that opens a new tab to let you sign in or register. Including top recommended ones like Grammarly, PayPal Honey and Pocket. The review also mentions: It is acceptable to take users to the default web browser for some sign in or account registration options if ASWebAuthenticationSession is used for the session. That does not seem right either, since that is primarily designed for native apps. I'm pretty sure the extensions I've tried that open a tab for authentication does not use that. It is like my Safari Web Extension is being reviewed like a Mac OS app. What am I'm doing wrong?

After upgrading to Safari version 18, we encountered an issue with my extension’s background script not being able to access cookies. Previously, in Safari versions 17 and below, the extension worked as expected. Now, when the extension tries to retrieve cookies using browser.cookies.getAll(), it returns an empty list. However, if we open the extension’s developer tools, the cookies are visible and accessible. It seems that Safari only provides cookie data after the developer tools have been opened. However, after relaunching Safari and launching the extension without opening the developer tools, browser.cookies.getAll() still returns an empty list. Has anyone else experienced this? STEPS TO REPRODUCE Download this minimal app : https://www.icloud.com/iclouddrive/0bajlhnuQaG6T5NsFKXEB0U9Q#test%5Fcookies Compile test_mv2 extension (in test_cookies.getAll.zip). Launch test_mv2.app and activate extension. Click on the extension's button (browserAction). Open the developer tools. Observe an empty list of cookies. Click on the extension's button (browserAction). Cookies are retrieved as expected.

I'm working on a rather complex web application that includes 3D terrain, 2D mapping, and SVG animations. Both Safari and the Swift app I've built using WkWebKit reload the page after some period of time. Safari pops up a small text block that says: This webpage was reloaded because it was using significant memory. Yes. That's true. It's also true that the M1 Max Mac was in now way experiencing issues, nor were any of the other web pages running in other tabs or windows. The memory limit is simply too low for modern web apps. So far I've not found any way to adjust the parameters in Safari or WkWebView. Apple, help a brother out. It's not 1997 anymore. Web apps are big. And resetting them at some arbitrary point causes more problems that is solves. Anyone have any suggestions? Quinn, any way (other than casting a stone into the one-way abyss of Radar) of getting help from the big A here?

Hello, notificationclick event cannnot be triggered if the progressive web app(pwa) is already opened. I have tried many methods including client.focus() clients.openWindow() client.postMessage() message event listening Delayed message queue (to let the client being opened) preventDefault() in notificationclick event Activation event.waitUntil() The situation is that when the device install the pwa twice, the second pwa works normally. However, it is nonsense to ask users install the pwa twice. Is it a bug in Webkit and will it be fixed in the future? is there a workable example? Background: using web-push, iOS 17/18 Thanks a lot