iOS18的app中加载了自己开发的H5页面，H5页面有个input输入框，每次输入框聚焦的时候，都会弹出键盘滑行键入的提示：“滑动手指将字母拼成词以快速键入”，应该怎么修改，达到不每次都弹出这个提示呢

Good morning fellow developers, For a while i am struggeling with providing sound to my users on IOS (Safari on Mac is no problem and every other device is not a problem) (we have an existing phone system and made a chat as well), the case is very simple: the notification sound is only for users who are logged in and online for chat. i have tried multiple things: Audio play with javascript (start with mute, play when user clicks a button so the sound is familiar, play when user clicks a button and directly pause it and continue when needed) PWA: the dashboard has been made available as pwa and notifications using google firebase. The popup does show for notifcations to be allowed (and receiving the notifications does work on any other device) But any IOS device cannot register. The information i find is that notifications were supported with 16.4 or higher but also have been deprecated around IOS 17, auto play is not allowed. We have an app in development for our product as well were we will have a notification which will handle this, but that is not the solution we can use now. Long story, short question: is it still somehow possible to push a notification to the user when using the PWA or play a sound in the browser (based on an ajax function). The app/website wont be in the background, so it will always be on the screen. Languages we use: html/javascript (mostly vanilla)/php

Hello, We are developing a Safari Web Extension that uses a cookie-based authentication mechanism. The extension makes a request to an endpoint e.g. /login, and this endpoint expects a cookie (e.g., sessionId) to be included with the request. Everything works correctly when running in the default Safari profile. However, when I install and run the same extension in a new, non-default profile, the behaviour changes: The request to /login is still made The cookie sent is not as expected As a result, the response returns null user data I confirmed that logging into the site in the new profile (in a tab) works, but the extension does not appear to share the session/cookie state with the login tab We’ve tried explicitly setting "credentials": "include" in the request but that still didn’t share the cookie in the extension context in the non-default profile. My questions: Is there away to allow cookie-based session sharing between a tab and an extension in non-default profiles in safari? Would switching to a token-based auth mechanism (e.g., Bearer tokens ) be the recommended workaround? I’d appreciate any insights or guidance from those who’ve run into similar issues. 
 Thanks in advance!

I have a visionOS app using Apple's WebView and WebPage to display web content. When viewing a live YouTube stream last night, YouTube put up the warning in the area that would have the chat window: Oh no! It looks like you're using an older version of your browser. Please update it to use live chat. Anyone know if YouTube is generating this from the server based on the WebPage's user agent string, from Javascript running in the browser engine, or something else? Anyone know if and how it is possible to resolve this? (See right side of YouTube web page from a screen grab):

Apple must comply with the requirements of the Level Index, the global digital credit gateway, and suspend gift cards and similar services until formal arrangements are made with service providers.

How did you test apple-app-site-association in non-production environments that are usually not public?

I am trying to build and run a Safari Web Extension from Xcode and I have enabled "Allow unsigned extensions" in Safari settings. However, I see the below pop up: And, if click on the "Quit and Open Safari Extensions Preferences..." button, the project stops running on Xcode and nothing happens. What can be the issue? The extension works and runs fine if I get it from the Mac App Store and this only happens when running from Xcode. I even tried completely uninstalling the mac app store version and still facing the same issue.

Safari Web Extension for enterprice distribution: If I press run button on xcode it shows the safari web extension toggle and works perfect When installed through exported ipa, the web extension toggle dissapears, it doesnt matter how it was installed through mdm, link, or directly ipa from xcode I just exported an ipa as debugging and it worked when I pushed the ipa

0x158c2ce18 - [pageProxyID=33, webPageID=34, PID=883] WebPageProxy::didFailProvisionalLoadForFrame: frameID=4294967298, isMainFrame=1, domain=NSURLErrorDomain, code=-999, isMainFrame=1, willInternallyHandleFailure=0 Error Domain=NSURLErrorDomain Code=-999 "已取消" UserInfo={_NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <9A09D8F8-351D-4BE3-A1F7-0E2E325DC7BA>.<4>, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <9A09D8F8-351D-4BE3-A1F7-0E2E325DC7BA>.<4>" ), NSLocalizedDescription=已取消, _WKRecoveryAttempterErrorKey=<WKReloadFrameErrorRecoveryAttempter: 0x159acf6c0>, networkTaskDescription=LocalDataTask <9A09D8F8-351D-4BE3-A1F7-0E2E325DC7BA>.<4>, NSErrorFailingURLStringKey=https://oamobile.zmmc.com.cn:28385/pages/Reports/ZBReport.aspx?ShowInLegend=true&appid=69b487001fcc11bc30c7344e50768c3c&userid=9784299b-cced-4702-91b0-0476511ba8d2, NSErrorFailingURLKey=https://oamobile.zmmc.com.cn:28385/pages/Reports/ZBReport.aspx?ShowInLegend=true&appid=69b487001fcc11bc30c7344e50768c3c&userid=9784299b-cced-4702-91b0-0476511ba8d2, networkTaskMetricsPrivacyStance=Unknown} Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x159bd1830 {Error Domain=RBSRequestErrorDomain Code=3 "No such process found" UserInfo={NSLocalizedFailureReason=No such process found}}} After upgrade to ios 26， if WKWebView load url which did not contain "#" will always ok. but load url contain “#” will cancel when start load, then result in white screen

I am testing stuff on a website, and it worked well on any mobile browser till iOS18. Now that I am testing iOS26, even with the latest BETA (3) everything works smoothly on any other mobile browser but Safari. Previously I had the bug, which now has been patched, for status-bar, which was flickering too, but popover and page issue seems still there. I have persistent popover and ajax navigation, and both are rendering with bugs and fouc while view/page changes. Example: If I have an element which must stay on its place and its width is 100vw: while page changes it blinks, shrinks, flicker and jumps on rendering, while it simply must stay as is.. Animations and page transitions work smoothly on Chrome mobile (latest iOS 26 beta 3) , while breaking on Safari. I did open a feedback FB18328720, but seems no one caring. Any idea guys? ** Video of the bug (which is huge!) : ** https://youtube.com/shorts/rY3oxUwDd7w?feature=share Cheers

please network best link wifi perfile very issue in wifi

I'm facing an unexpected cancel event, when i get a merchantSession from my sever, and call completeMerchantValidation, then applepay client give a oncancel event, with error: unknown info:{} the session is : { "epochTimestamp": 1762116084960, "expiresAt": 1762119684960, "merchantSessionIdentifier": "SSH60E2321574454A9FB4015EFF24C8769E_CCE257A9D27B42513B2C3CA67DB49F602F3450D996C0811ED462EDCA0D7477FD", "nonce": "43fb3a9a", "merchantIdentifier": "ABD51C33E9F2E612C0D594921DEC478118D23C77525223127FC716DA8589FDDC", "domainName": "checkout.peppr.com", "displayName": "Heji Guilin Rice Noodle", "signature": "308006092a864886f70d010702a0803080020101310d300b0609608648016503040201308006092a864886f70d0107010000a080308203e330820388a003020102020816634c8b0e305717300a06082a8648ce3d040302307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553301e170d3234303432393137343732375a170d3239303432383137343732365a305f3125302306035504030c1c6563632d736d702d62726f6b65722d7369676e5f5543342d50524f4431143012060355040b0c0b694f532053797374656d7331133011060355040a0c0a4170706c6520496e632e310b30090603550406130255533059301306072a8648ce3d020106082a8648ce3d03010703420004c21577edebd6c7b2218f68dd7090a1218dc7b0bd6f2c283d846095d94af4a5411b83420ed811f3407e83331f1c54c3f7eb3220d6bad5d4eff49289893e7c0f13a38202113082020d300c0603551d130101ff04023000301f0603551d2304183016801423f249c44f93e4ef27e6c4f6286c3fa2bbfd2e4b304506082b0601050507010104393037303506082b060105050730018629687474703a2f2f6f6373702e6170706c652e636f6d2f6f63737030342d6170706c65616963613330323082011d0603551d2004820114308201103082010c06092a864886f7636405013081fe3081c306082b060105050702023081b60c81b352656c69616e6365206f6e207468697320636572746966696361746520627920616e7920706172747920617373756d657320616363657074616e6365206f6620746865207468656e206170706c696361626c65207374616e64617264207465726d7320616e6420636f6e646974696f6e73206f66207573652c20636572746966696361746520706f6c69637920616e642063657274696669636174696f6e2070726163746963652073746174656d656e74732e303606082b06010505070201162a687474703a2f2f7777772e6170706c652e636f6d2f6365727469666963617465617574686f726974792f30340603551d1f042d302b3029a027a0258623687474703a2f2f63726c2e6170706c652e636f6d2f6170706c6561696361332e63726c301d0603551d0e041604149457db6fd57481868989762f7e578507e79b5824300e0603551d0f0101ff040403020780300f06092a864886f76364061d04020500300a06082a8648ce3d0403020349003046022100c6f023cb2614bb303888a162983e1a93f1056f50fa78cdb9ba4ca241cc14e25e022100be3cd0dfd16247f6494475380e9d44c228a10890a3a1dc724b8b4cb8889818bc308202ee30820275a0030201020208496d2fbf3a98da97300a06082a8648ce3d0403023067311b301906035504030c124170706c6520526f6f74204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553301e170d3134303530363233343633305a170d3239303530363233343633305a307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b30090603550406130255533059301306072a8648ce3d020106082a8648ce3d03010703420004f017118419d76485d51a5e25810776e880a2efde7bae4de08dfc4b93e13356d5665b35ae22d097760d224e7bba08fd7617ce88cb76bb6670bec8e82984ff5445a381f73081f4304606082b06010505070101043a3038303606082b06010505073001862a687474703a2f2f6f6373702e6170706c652e636f6d2f6f63737030342d6170706c65726f6f7463616733301d0603551d0e0416041423f249c44f93e4ef27e6c4f6286c3fa2bbfd2e4b300f0603551d130101ff040530030101ff301f0603551d23041830168014bbb0dea15833889aa48a99debebdebafdacb24ab30370603551d1f0430302e302ca02aa0288626687474703a2f2f63726c2e6170706c652e636f6d2f6170706c65726f6f74636167332e63726c300e0603551d0f0101ff0404030201063010060a2a864886f7636406020e04020500300a06082a8648ce3d040302036700306402303acf7283511699b186fb35c356ca62bff417edd90f754da28ebef19c815e42b789f898f79b599f98d5410d8f9de9c2fe0230322dd54421b0a305776c5df3383b9067fd177c2c216d964fc6726982126f54f87a7d1b99cb9b0989216106990f09921d00003182018730820183020101308186307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553020816634c8b0e305717300b0609608648016503040201a08193301806092a864886f70d010903310b06092a864886f70d010701301c06092a864886f70d010905310f170d3235313130323230343132345a302806092a864886f70d010934311b3019300b0609608648016503040201a10a06082a8648ce3d040302302f06092a864886f70d010904312204200dd015b60ad5539b1a06704eaacab7d5f2b509aeeaee4de3db0e68771b6c1549300a06082a8648ce3d040302044630440220267b23d8330b8fd6fd78ee68a2b6315b5db65c60e5453c54ccc70a6fe1e800c502204a909d3e6741b8dc82c55edd5c9e569951ee1e45593aa4e3b249b0bfff0314cf000000000000", "operationalAnalyticsIdentifier": "Heji Guilin Rice Noodle:ABD51C33E9F2E612C0D594921DEC478118D23C77525223127FC716DA8589FDDC", "retries": 0, "pspId": "6C8FB940FD816AC15282D94009E72179FC9E5FFBC5712B366EB4364CAFB25153" }

iOS 26 (from beta 1 to beta 2) We have a VPN app that installs a per-app VPN profile with SafariDomains to filter Safari network traffic. This setup works as expected on iOS versions lower than 26.0. See here more details on SafariDomains: https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf On iOS 26, all SafariDomains configured to go through the per-app VPN result in the following error: "Safari can’t open the page. The error was: Unknown Error" Additional Details: Only SafariDomains encounter this error. Other managed apps traffic through the per-app VPN works correctly. Steps to Reproduce: Install the VPN app with a per-app VPN profile. Configure SafariDomains with any URL (e.g., example.com). Open Safari and navigate to the configured URL. Example Configuration: We tested with a simple example by adding only one URL to SafariDomains (example.com). Logs from the console were captured at the moment Safari opened and encountered the error. safari_google2.txt Has anyone else encountered this issue on iOS 26? Any insights or solutions would be greatly appreciated. Thank you!

Hi Apple Developer Community and Support, We are implementing Apple Pay on the Web and are encountering a persistent issue with merchant validation when the ApplePaySession is initiated from a JavaScript application running within a cross-origin iframe. Our Setup: Top-Level Domain: https://application.my.com/ (where the Apple Pay button is displayed, and the iframe is embedded) iFrame Content Origin: https://cashier.my.com/ (Our custom JavaScript application that handles the Apple Pay integration and directly calls our Payment Service Provider's (PSP) API for merchant validation). iFrame allow attribute: The iframe correctly includes allow="payment *". The Problem: When a user clicks the Apple Pay button, the ApplePaySession is successfully created and the Apple Pay sheet opens in Safari iOS. This suggests the browser recognizes the allow="payment *" attribute and allows the API calls. However, during the session.onvalidatemerchant callback, our JavaScript code makes a direct API call to our PSP (Nuvei)'s endpoint. This call consistently fails with an "Invalid domain name!" error, and the Apple Pay sheet then shows "Payment Not Completed." PSP's Diagnosis: Our PSP (Nuvei) has investigated and stated that for this specific endpoint (getAppleValidationApiFlow.do), "there is no explicit way to pass domain to the endpoint and domain for which session is issued is based on 'Referer' header." Our Question for Apple: Given that Safari 17+ now supports allow="payment" for cross-origin iframes to enable Apple Pay APIs, we have the following questions: What is Apple's official guidance or expectation regarding the Referer header for ApplePaySession.onvalidatemerchant calls when the ApplePaySession is instantiated from a cross-origin iframe? Is it expected that the Referer header for calls originating from the iFrame will always be the iFrame's origin? Does Apple's merchant validation process (when the PSP calls apple-pay-gateway.apple.com/paymentservices/startSession) itself rely on or interpret the Referer from the initial client-to-PSP call? Are there recommended best practices or standard approaches for PSP integrations in this cross-origin iFrame scenario to ensure the Referer validation (or equivalent domain validation) is correctly satisfied? We're trying to understand if our PSP's specific reliance on the Referer for this validation is a standard requirement implicitly set by Apple for this flow, or if there are other architectural approaches that should allow this scenario to work seamlessly. Thank you for any insights or guidance you can provide.

We are encountering a download issue in Safari 18.2 on macOS Sequoia 15.2 where file downloads initiated by our AngularJS application (such as Excel exports) are silently blocked. There are no errors in the browser console, and the download does not occur. Interestingly, after testing on Safari 18.3 with Sequoia 15.3, the downloads worked as expected. However, the problem reappeared on Safari 18.4 with Sequoia 15.4. We suspect that recent changes in Safari’s security or download handling may be preventing downloads triggered via asynchronous JavaScript (e.g., AJAX calls) that are not initiated directly by user interaction. We would appreciate any insights, suggestions, or possible workarounds from the community. Looking forward to your guidance on this matter.

Hi everyone, i'm running into a problem with my personal domain being flagged as 'deceptive website' in safari, and i can't figure out how to fix it Domain: neon0404.space This is just my personal domain - i use it for adguard home, vaultwarden, some test stuff, sometimes small web tools for friends or family Nothing illegal or malicious has ever been hosted there On july 6, i launched a very simple web utility for a friend when he opened it on ios safari, he got the red 'deceptive website warning' I checked this on other different devices - all got the same warning The next day (july 7) i submitted a review request via websitereview.apple.com, but got no reply I did some digging and found that safari safe browsing daemon pulls data from google safe browsing, tencent safe browsing, and some apple's internal lists So, going one-by-one https://transparencyreport.google.com/safe-browsing/search showed up that domain is flagged for something shady Signed up in google search console and saw my domain was flagged for 'malware links' (with no related urls listed), so looked like a false positive I audited everything related to this domain on august 5 - nothing suspicious Next day i requested a review in Google Search Console, just next day Google confirmed that everything is ok and removed the flag So, i thought, maybe this was the key and requested another review via websitereview.apple.com (august 7) No reply, domain still flagged While i was waiting, i checked domain in Tencent (https://urlsec.qq.com/check.html) - no issues Other services like VirusTotal, Norton and Sucuri showed up same result - no issues I attempted to contact regular support (even though it's not their area of responsibility), but just in case They, as expected, couldn't do anything At this point it feels like a dead end, so i'm here Has anyone been through this before? Is there any other way to escalate the review process with apple? Really appreciate any advice, as this domain is personal and linked to my username, which i want to use later

We would like to confirm the unsubscribe flow related to recurring payment processing. When a user unsubscribes, does your system send any notification to us? If no notification is provided, we will not be able to detect the unsubscribe event and will continue to send recurring payment requests to the gateway periodically. Would this cause any issues? We would appreciate it if you could share the specific unsubscribe flow with us. Thank you in advance for your support.

ios26beta8 mesh不切换

Hello, ive been dealing with this glitch all year that hasnt happened last year. When I watch a video on public safari and then it exit the video it immediately takes me to the private tab but when I go on the private tab to watch videos and exit out it takes me back to the website just like normal. Its a pretty annoying bug and I watch all my videos in the private tab because of it

Hi, it seems that with iOS26 the system displays two entries in the screentime report for apps that use a WKWebView: one for the app itself and one for the website that was displayed in the app. We don't see this behaviour in iOS18.7. I'm reseaching how to disable the recording for the webviews in one of our apps (written in Swift with UIKit). The STWebpageController looked promising, especially the field suppressUsageRecording, but the whole class is poorly documented. We initialized it with the bundle identifier of the app and set the url of the wkwebview as the url in STWebpageController. It looks a bit like this: webView = WKWebView(frame: .zero, configuration: config) view.addSubview(webView) //setup STWebpageController webpageController = STWebpageController() do { try webpageController!.setBundleIdentifier(bundleIdentifier) } catch{ } webpageController!.suppressUsageRecording = true addChild(webpageController!) view.addSubview(webpageController!.view) webpageController!.view.frame = view.frame webpageController!.didMove(toParent: self) //load url in webView let request = URLRequest(url: url, cachePolicy: .reloadIgnoringLocalCacheData) webview.load(request) webpageController?.url = request.url This has no effect on the recorded screentime for the webview inside our app - we still see the same time for the container app and the included webview. Any suggestions? Thanks, Heiko