Hi, we have PWA for which we´ve built a wrapper using PWA Builder tool and we are experiencing an issue with apple sign in. When we try to redirect the user to "https://appleid.apple.com/auth/authorize?...params...", a bottom sheet login prompt appears and only once the user signs in using the prompt he is then redirected to the url where he needs to sign in again and then we get the callback. We want to get rid of that bottom sheet prompt. The code we´ve tried: ` iosButton.addEventListener('click', function () { window.location.href = "https://appleid.apple.com/auth/authorize?client_id=xxxxx&redirect_uri=xxxxx&response_type=code%20id_token&scope=name%20email&response_mode=form_post"; });` The alternative code we´ve tried for which it seems that nothing happens, we only see the "Started" alert, we´ve confirmed that there is no other error : ` <script src="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"></script> <script> (function initAppleSignIn() { try { window.AppleID.auth.init({ clientId: "{{ env('APPLE_WEB_CLIENT_ID') }}", scope: "name email", redirectURI: window.location.origin +"/auth/apple/callback", usePopup: true }); } catch (e) { console.warn('Apple Sign-In init skipped:', e); } })(); function appleButtonClicked() { alert("Started"); try { const res = await window.AppleID.auth.signIn(); } catch (err) { alert("Got error"); } alert("Got here"); } </script>

We’re seeing an issue in our Safari Web Extension where not all cookies from the Set-Cookie response header are accessible. We are using macOS 15.4 and Safari 18.4. In the webRequest.onHeadersReceived callback, the Set-Cookie header returned by Safari only includes some of the cookies set by the server. If multiple Set-Cookie headers are present, we seem to receive only a partial list, some cookies are missing entirely. In Chrome and Firefox, the same callback provides all cookies set by the server without issue. We are looking for assistance in fixing these issues and having our Safari Extension function the same as it does in Firefox and Chrome.

Hi, this is my first post in the community, so please correct me if i am posting this somewhat in a wrong manner. Im using my Apple M1 Pro(14inch, 2021) and installed the os 26 yesterday. Today, I was using Safari, and all of sudden it gets frozen, then the following window popped up. Is this something expected? i.e. my usage is somewhat unusual or is there any report around potential memory leak in Safari? appreciate any suggestions, as Safari is my main browser and currently on hold due to this issue. Thanks

I have a very specific issue that happens only on iOS Simulator version 18.4. It does NOT happen when I run my app on a real iOS 18.4 device through Testflight. My app displays a WebView (courtesy of Capacitor, url scheme capacitor://). Inside that Webview I'm using Firebase JS API (11.2.0) and calling signInWithEmailAndPassword, which works well in all other contexts, i.e. browser, Android webview, iOS webview in all other Simulator versions, and on real devices. Only when running in Simulator 18.4, I get a failed network request: cannot parse response Fetch API cannot load https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?... due to access control checks. Failed to load resource: cannot parse reponse error: FirebaseError: (auth/network-request-failed) Everything is working correctly for both: Capacitor app webview installed on a real 18.4 device with Testflight Safari (non-webview) in the 18.4 Simulator The issue is severe for us, because we are unable to develop our app and test it in the simulator on 18.4 Simulator before pushing it through Testflight internal release. Request headers on the failed request (no response status or headers available). Request Accept: / Content-Type: application/json Origin: capacitor://localhost Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 18_4 like Mac OS X) - AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 X-Client-Version: Mobile/JsCore/11.2.0/FirebaseCore-web X-Firebase-Client: (...)

In WKWebView, there is the WKUIDelegate method: func webView(_ webView: WKWebView, createWebViewWith configuration: WKWebViewConfiguration, for navigationAction: WKNavigationAction, windowFeatures: WKWindowFeatures) -> WKWebView? {} This delegate method provides a callback when a new window (for example, target="_blank") is requested in the web view. However, in native SwiftUI (iOS 26), WebView / WebPage APIs do not provide an equivalent delegate method to handle new window requests. As a workaround, I am using the following method: public func decidePolicy(for action: WebPage.NavigationAction, preferences: inout WebPage.NavigationPreferences) async -> WKNavigationActionPolicy {} In this method, when action.target == nil, I treat it as a new window request. My question: Is relying on action.target == nil in decidePolicy a reliable and future-safe way to detect new window requests in SwiftUI’s WebView, or is there a better or more recommended approach for handling target="_blank" / new window navigation in the SwiftUI WebView APIs? Code: public func decidePolicy(for action: WebPage.NavigationAction, preferences: inout WebPage.NavigationPreferences) async -> WKNavigationActionPolicy { guard let webPage = webPage else { return .cancel } // Handle case where target frame is nil (e.g., target="_blank" or window.open) // This indicates a new window request if action.target == nil { print("Target frame is nil - new window requested") // WORKAROUND: Until iOS 26 WebPage UI protocol is available, we handle new windows here // Try to create a new WebPage through UI plugins if handleCreateWebPage(for: webPage, navigationAction: action) != nil { // Note: The new WebPage has been created and published to the view return .allow } } return .allow }

I'm using a CSS filter to achieve dark mode for my HTML page. I know it's imperfect, but I have no choice for many reasons. However, I found that the CSS filter produces incorrect colors in iOS 26.2 WebView, while it works fine in iOS 18.6.2 WebView. Here is my HTML and CSS filter: <html> <head> <style> .filter_container { /* invert colors for the entire page */ filter: invert(1) hue-rotate(180deg); } .filter { /* restore colors for specific elements, such as img */ filter: hue-rotate(180deg) invert(1); } </style> </head> <body> <div>original & bgcolor+filter & img+filter</div> <table> <tr> <td> <div style="display:flex; gap:1px; align-items:center; justify-content:center;"> <div class="origin_container"><div class="origin" style="background-color:#FFFFFF; height:60px; width:60px; border-style: solid; border-color: #000000; border-width: 1px;"></div></div> <div class="filter_container"><div class="filter" style="background-color:#FFFFFF; height:60px; width:60px; border-style: solid; border-color: #000000; border-width: 1px"></div></div> <div class="filter_container"><img class="filter" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAA8CAYAAAA6/NlyAAAAdklEQVR4nOXOQQEAIACEMKR/57OFPliCnW0jRGIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkRmIkxt+B1y6HmAR0uIzOQQAAAABJRU5ErkJggg==" style="height:60px; width:60px; border-style: solid; border-color: #000000; border-width: 1px"></img></div> </div> <div style="text-align:center;">#FFFFFF</div> </td> ...many other colors </table> </body> </html> It works fine in iOS 18.6.2 WebView: But renders incorrectly in iOS 26.2 WebView:

Hi everyone, I’m building a React Native iOS app where I’m integrating Wazo (native WebRTC) and Jitsi (WebView / WebRTC). Use case: Wazo is used to maintain a background call session (mainly signaling + audio keep-alive). Jitsi is used in the foreground for video calls. Problem: When Jitsi starts, it takes control of the microphone and camera. The Wazo call disconnects after ~5 minutes (likely due to media / audio session conflict). Even if Wazo audio/video is muted or tracks are disabled, the session still drops. My questions: Is it officially supported or recommended to run two WebRTC stacks (Wazo + Jitsi) simultaneously on iOS? Can Wazo stay connected without active audio/video tracks while Jitsi uses mic/camera? Is there a way to release Wazo media streams temporarily (but keep signaling alive) while Jitsi is loading or active? Are there any AVAudioSession / background mode limitations on iOS that make this impossible by design? If this is not supported, what is the recommended architecture (single WebRTC pipeline, switching media ownership, etc.)? Environment: iOS (React Native) Wazo SDK (native WebRTC) Jitsi Meet (WebView) CallKit + PushKit enabled Any guidance, documentation, or real-world experience would be greatly appreciated. Thanks in advance 🙏

iPadOS 26, dark mode Open Safari Search for anything or open a website that has white background Kill Safari Open Safari again I still can reproduce it with Safari on iPadOS 26.0.1 This issue also happens to my app when opening a HTML/JS on WKWebView with white background while using dark mode. I did send a feedback ticket when using iPadOS 26 beta but havent seen any reply. This is my first time sending a feedback so I dont know if Apple would reply or not.

We’ve noticed that the ApplePaySession.applePayCapabilities() check has stopped working correctly in Safari over the past couple of days. Behavior observed: 1.) In Safari Private Window, paymentCredentialStatus behaves as expected and case 1 is triggered. 2.) In a normal Safari window, it always triggers case 3 (paymentCredentialsUnavailable), even when the user has active cards provisioned in Wallet. We tested across multiple devices, and the behavior is consistent. if (window.ApplePaySession) { var merchantIdentifier = 'YOUR MERCHANT IDENTIFIER'; var promise = ApplePaySession.applePayCapabilities(merchantIdentifier); promise.then(function(capabilities) { switch (capabilities.paymentCredentialStatus) { case "paymentCredentialsAvailable": // Show Apple Pay button as primary option case "paymentCredentialStatusUnknown": // Offer Apple Pay case "paymentCredentialsUnavailable": // Consider showing Apple Pay button case "applePayUnsupported": // Don’t show Apple Pay button } }) } This used to work fine until a few days ago, but now the capability check in non-private Safari windows always indicates unavailable, even with valid active cards. Has anyone else faced this issue recently? Could this be a Safari regression or a change on Apple’s side? Thanks in advance!

Hi, in our app we have a WKWebView with complex web content that is loaded with cachePolicy: .reloadIgnoringLocalCacheData. If the app is in the background for several hours and returns in the foreground we noticed that the system reloads the webpage, but it does so with a cachePoliy returnCacheDataElseLoad. This could break the app if older cache content is present. To reproduce start an app in the simulator (tested with iOS 17.2), put it in the background and via activity monitor stop the processes com.apple.Webkit.WebContent com.apple.Webkit.networking After foreground the reload will happen. Two questions: why is this reload happening after some hours in the background? We haven't seen any crash reports related to this. It mostly happens on one of our test devices (iphone13 with iOS17.2.1). why is the webview reloading with a modified cachePolicy (returnCacheDataElseLoad)? Our temporary fix is to detect this case in "webView:decidePolicyFor navigationAction decisionHandler", cancel the request and reload with modified cachePolicy. Any ideas? Thanks, Heiko Sample code: class ViewController: UIViewController, WKNavigationDelegate, WKUIDelegate { var webView: WKWebView! override func viewDidLoad() { super.viewDidLoad() let config = WKWebViewConfiguration() webView = WKWebView(frame: .zero, configuration: config) webView.uiDelegate = self webView.navigationDelegate = self view.addSubview(webView) let myRequest = URLRequest(url: URL(string: "https://www.apple.com")!, cachePolicy: .reloadIgnoringLocalCacheData) print("request \(myRequest)") webView.load(myRequest) } func webView(_ webView: WKWebView, decidePolicyFor navigationAction: WKNavigationAction, decisionHandler: @escaping (WKNavigationActionPolicy) -> Void) { print("start loading \(String(describing: navigationAction.request.url)), cache:\(navigationAction.request.cachePolicy)") decisionHandler(.allow) } override func viewDidLayoutSubviews() { super.viewDidLayoutSubviews() let fullscreen = CGRect.init(x: 0, y: 0, width: view.frame.size.width, height: view.frame.size.height) webView.frame = fullscreen } }

The crash is specific to iOS 26.2 WKScriptMessageHandler delegate func userContentController(_ userContentController: WKUserContentController, didReceive message: WKScriptMessage) Name attribute is accessible but WKScriptMessage body attribute causes crash The object seems to be not accessible

Hi, after upgrading MacOS (MB Air M1 Version 26.2 (25C56)) & Safari (Version 26.2 (21623.1.14.11.9)) to latest versions, we are experiencing a new bug occurring with our web extension (Click & Read) on local storage writing and getting this error : Invalid call to browser.storage.local.set(). Disk I/O error. This doesn't happen on other browsers (chromium, Firefox). export const setLocalStorage = async (value: object) => { try { await browser.storage.local.set(value); } catch (error) { console.error("[Click & Read] Error setting local storage", error); } };

The crash is specific to iOS 26.2 prior versions working fine. WKScriptMessageHandler delegate func userContentController(_ userContentController: WKUserContentController, didReceive message: WKScriptMessage) Name attribute is accessible but WKScriptMessage body attribute causes crash The object seems to be not accessible(not in memory) self.webkit.configuration.userContentController.add(self, name: "sampleHandler") self.webkit.load(request) func userContentController(_ userContentController: WKUserContentController, didReceive message: WKScriptMessage) { print(message.name) // works print(message.body) // crashes }

I'm encountering an issue with front camera video recordings via browser (Safari/Chrome) on devices running iOS/iPadOS 18 and above: On iPad, the recorded video appears upside down. On iPhone, the recorded video is rotated 90 degrees. The rear camera functions correctly without orientation issues. This problem seems specific to browser-based recordings, as the native Camera app records videos with the correct orientation. Has anyone else experienced this behavior? Is there a known workaround or fix? The preview while recording is fine, the recorded video is oriented incorrectly.

Hi, I'm developing an extension and I need to debug console logs that are logged in the Service Worker. The worker is configured in the manifest and is generally working as expected: However, when I open the browser, go to any site, and open Develop -> Service Workers or Develop -> Web Extension Background Content it is not visible there, so I can't really access the logs: But then I noticed that if I go out of focus from the browser for some time (and probably let the SW die), it becomes visible and I can open it without an issue: So, a couple of questions: Why isn't it instantly accessible? The extension Service Worker dev tools should be accessible regardless of what is happening to the tab or the browser, even if the SW terminates. Why does it eventually appear under Web Extension Background Content instead of the Service Workers when it is in fact an SW?

Hi there I've been having trouble finding any details around how safari is supposed to behave when a FairPlay license expires. My assumption was that the video segments would stop getting decrypted and playback would stop, however I just see that the playback continues like nothing has happened. I've setup the "fps_safari_has_key_renewal.html" sample code from the Fairplay SDK and got encrypted playback working. The renewal method also appears to work. However, if I don't issue a renew call, or if I wait several minutes after the renew has succeeded the video never stops (my license is set with a 1 minute expiry so I can test this quickly). I've also observed that the MediaKeySession expiration property is always set to NaN even though my license has an expiry. I've tried with both Lease and Rental expiries set in the license (separately AND at the same time in separate tests). I'm using EZDRM as my drm provider. Just looking for some feedback on if this is supposed to work this way in safari or if license expiry isn't supported in safari. Thanks!

I don't know why but all of a sudden when I build the extension it just doesn't load in Safari. The build executes fine but the extension doesn't load. Sometimes, through trying different combinations of clearing the build folder, building, archiving, ... it suddenly loads. And the next time I build again it doesn't load properly. So I can't do any work on it or test anything. I don't know why all of a sudden I am getting this behavior. It looks like engineers at Apple are constantly trying to overcomplicate a process that is at least ten times simpler in any other browser. This is ridiculous. Is this what our annual fee goes to? And they don't even provide any support for that. Several times I've tried to get some help here just to have to spend hours upon hours to figure it out by myself. I'm so tired of this.

Safari 18.0.1 on macOS 15.01 doesn't support the Passkey PRF extension during cross-device WebAuthn authentication when using QR code scanning, while it works correctly with iCloud passkeys. Steps to Reproduce: Clone and setup: git clone https://github.com/quocle108/passkey-prf-test yarn yarn start Test iCloud Passkey Flow: Open http://localhost:3000 in Safari Open DevTools (Cmd+Option+I) Click "Register" Choose "Passkey on iCloud" Expected console output: PRF supported: true Test Cross-Device Flow: Click "Register" Choose "Phone/Tablet" Scan QR with mobile device Expected: PRF supported: true PRF extension should be supported in cross-device flow, matching iCloud passkey behavior. Actual: PRF supported: false Cross-device flow returns empty extension results. Verify in Chrome Repeat steps 2-3 in Chrome Both flows return proper PRF extension results: PRF supported: true Test Environment: Browser: Safari 18.1.1 , Chrome 131.0.6778.70 OS: macOS 15.01 Mobile: iOS 18.x / Galaxy Note9 Android 10 Test repo: https://github.com/quocle108/passkey-prf-test

WKWebView has a new property "isBlockedByScreenTime" since iOS 26. But I do not yet understand when exactly this property could be used. When I setup content-based restrictions in the ScreenTime settings then WKWebView reports an error 105 via "webView:didFailProvisionalNavigation:" delegate. The isBlockedByScreenTime property still returns false in this case. If ScreenTime has a time-based limit, the App would not run at all. Under which circumstances would the property "isBlockedByScreenTime" return the value true? When exactly and for what can this property be actually used? The "problem" is that I want to find if a web page is blocked and can not be loaded, why this is the case. By simply trial and error I found out that WKWebView returns error codes 104 and 105 for blocked web sites because of content filters and Screen Time restrictions, however these error codes are not documented at all (at least I've not found any documentation or documentation for these error codes and also some other codes like 100, 102, 204 etc), so I'm not really sure if I handle all cases correctly. I hoped that isBlockedByScreenTime would at least tell me one reason for blocked pages. If there are documents which explain these error codes (100 and above), where I can find these?

I'm trying to sync authentication data from my iOS app to a Safari Web Extension using App Groups, but the extension isn't consistently receiving the data. Setup: App Group: group.com.airaai.AiraApp (configured in both app and extension) iOS app writes auth data using UserDefaults(suiteName: "group.com.airaai.AiraApp") Extension's Swift SafariWebExtensionHandler reads from App Groups in beginRequest() Extension's JavaScript reads from browser.storage.local Problem: Extension popup always shows "logged out" even when: User is logged into main iOS app Auth data exists in App Groups (verified via native module logs) Handler successfully writes test values to extension storage Current Behavior: Handler CAN read from App Groups ✅ Handler CAN write test values to extension storage ✅ But auth data doesn't appear in browser.storage.local when popup checks ❌ Popup reads empty keys even though handler logged writing them Code: // Handler reads from App Groups guard let sharedDefaults = UserDefaults(suiteName: "groupName") else { return } let authData = sharedDefaults.string(forKey: "auth_data") // Handler writes to extension storage (tried multiple suite names) let extensionDefaults = UserDefaults(suiteName: Bundle.main.bundleIdentifier ?? "") extensionDefaults?.set(authData, forKey: "oauth_token") extensionDefaults?.synchronize() // Popup reads from storage browser.storage.local.get(['oauth_token']).then(data => { console.log(data); // Always empty {} }); What I've tried: ✅ App Groups properly configured in both targets ✅ Extension has App Groups capability enabled ✅ Multiple UserDefaults suite names (bundle ID, bundle ID + suffix) ✅ Delayed sync attempts in handler ✅ Comprehensive logging Questions: What is the correct UserDefaults suite name for Safari extension storage on iOS? When does beginRequest() get called? Can it be triggered manually? Is App Groups the right approach, or should I use a different pattern? Alternatives I've considered: Deep link/redirect method (app opens Safari with token in URL) Content script intercepts URL and sends to background script Is this a supported approach for iOS Safari extensions? Any guidance or examples would be greatly appreciated!