That’s what was happening last night 😅 Currently (on the latest beta), I always get that error when trying to activate the TestFlight build. However, some testers have reported being able to activate 🤷‍♀️ But (still on the latest beta) versions installed from Xcode eventually activate. They flip many times between “busy” and “error” before tho, but that’s not new. It takes like a minute for the NEURLFilterManager.Status to eventually go to running. Once it does, everything works. I don’t see any new errors on the server side, always the same two that were already common two days ago when everything was working, so I don’t think these are related, but here goes anyway: Gateway: 2026-03-03T13:01:21.886520Z ERROR ThreadId(02) http_request{request_id=508c3c86-e2e2-440b-901e-0041f5928152 method=POST uri=/gateway user_agent=unknown}: ohttp_gateway::handlers::ohttp: Failed to decapsulate OHTTP request: a problem occurred with HPKE: Failed to open ciphertext PIR: 2026-03-03T12:50:16+0000 error id=8836ee4457e3aa7dce6037645e7783cc [PIRService] HTTPError: Bad Request, Evaluation key not found All I see on the server side when trying to activate is a few GETs to /.well-known/private-token-issuer-directory which appear to succeed. I’ve restarted everything on the server but no change. Any guidance in how to debug this would be extremely appreciated!

Of course the new beta would break the whole thing immediately 😅 Now all I get is <NEPIRChecker: 0x6a7057180>: -[NEPIRChecker start:responseQueue:completionHandler:] - failed to register with PIR for Group site.kaylees.Wipr2 usecase site.kaylees.Wipr2.url.filtering even with no errors on the server side. My kingdom for a flag to ignore the PIR server completely and just “fail closed” on the bloom filter. Why do we even need to register with the server in order to enable a “fail closed” filter? I see that pirSkipRegistration flag in the logs, can we have it please? 😬 Or like a normal API with a JSON file like Content Blockers and regex and bundle ID filtering, but I guess that’s asking too much 😬

I think I finally did it! I eventually gave up and switched to a different gateway: https://github.com/gruberb/ohttp-gateway Once configured properly, everything started flowing, even from TestFlight (which I hope means that it will be the same from the App Store). Feels kinda unreal that this is actually happening, I had lost hope. Thanks to everyone who helped out!

Ok, I was able to upload a build containing the extension! I will release it to TestFlight soon, even tho the actual filtering doesn’t work atm, due to the server part. I’m using @ameshkov’s tester (thank you!!) and everything seems to be ok with my server stuff; however when I actually try to turn the feature on I always get this: <NEPIRChecker: 0xd65178d00>: -[NEPIRChecker start:responseQueue:completionHandler:]_block_invoke - PIR status returned error <Error Domain=com.apple.CipherML Code=1100 "Unable to query status due to errors: failed to fetch token key" UserInfo={NSLocalizedDescription=Unable to query status due to errors: failed to fetch token key, NSUnderlyingError=0xd64d70810 {Error Domain=CipherML.AuthenticationError Code=7 "failed to fetch token key" UserInfo={NSLocalizedDescription=failed to fetch token key}}}> Does this mean the server stuff was not certified?

@DTS Engineer I think that was the EXExtensionPointIdentifier in the info.plist of the URL FIlter, not entitlements. @beacham haven’t had a chance to try this, but wouldn’t changing the extension point identifier prevent the extension from being recognized at all? Like, can you upload the app to TestFlight and have the extension function?

Wow, a) I’d assumed they’d tell me something if I was approved, and b) I cannot believe I got the configuration right on the first try without being able to test 😅

Should I take that to mean that the relay validation thing is happening, now? I’ve submitted mine in August; should I submit another one or does my first submission still have a chance to be looked at?

It’s been another month and a half, any updates? At least about the "App Store Connect auto-rejects apps with URL Filter extension” issue?

I was told (https://developer.apple.com/forums/thread/791352?answerId=865728022#865728022) to post here. I have now additionally submitted this issue as FB21013893.

Hi! I’m not asking about either feedback per se; I’m reporting/asking about what I think is a bug in Feedback Assistant(‘s backend). In one case the engineers confirmed they received my debug data, yet the app is still yelling at me like I need to do something.

So the fact that those feedbacks are in the “Requests” mailbox with an “unread” dot is just a glitch that I can safely ignore?

It’s been over a month since then with no activity, however FB19582905 still has the “unread” badge so I’m afraid as far as you're concerned you’re still waiting for my answer? (FB14888965 is another bug with an unresolved unread badge after providing requested info)

Thanks, I just provided the requested info!

Hmmm I got an email reply but I can’t see it here? Anyways I did just try to resubmit again and the errors are the same: Validation failed Invalid Code Signing Entitlements. Your application bundle's signature contains code signing entitlements that are not supported on iOS. Specifically, value 'url-filter-provider' for key 'com.apple.developer.networking.networkextension' in 'Payload/Wipr.app/Wipr' is not supported. (ID: 65f19038-24b1-4701-9bae-237253675d6f) Validation failed Invalid Code Signing Entitlements. Your application bundle's signature contains code signing entitlements that are not supported on iOS. Specifically, value 'url-filter-provider' for key 'com.apple.developer.networking.networkextension' in 'Payload/Wipr.app/Extensions/WiprBlockerNetwork.appex/WiprBlockerNetwork' is not supported. (ID: cdc0f1ec-d541-4d55-8202-bb9c8e3553d7) Validation failed Invalid Info.plist value. The value of the EXExtensionPointIdentifier key, com.apple.networkextension.url-filter-control, in the Info.plist of “Wipr.app/Extensions/WiprBlockerNetwork.appex” is invalid. Please refer to the App Extension Programming Guide at https://developer.apple.com/library/content/documentation/General/Conceptual/ExtensibilityPG/Action.html#/apple_ref/doc/uid/TP40014214-CH13-SW1. (ID: 27b322bc-9010-40c6-880c-7ad627a7c149)

Hi! Few more weeks went by, 26.1 beta is out, but I’m still nowhere closer to test this (let alone release it). Same two blockers: No response to the server certification form App Store Connect auto-rejects apps with URL Filter extension I have 150 testers that signed up to test this specifically... What do I tell them? 😬 I figured it was safe to announce this feature late in the 26 beta cycle 🥲