I have a Safari extension which allows the user to load their own homepage upon opening a new tab. The extension works by retrieving the homepage URL from UserDefaults and then redirecting to it using window.location.replace. In iOS 18, if the homepage is unable to be loaded due to, for example the user having no internet connection, Safari will go into an rapid loading loop, which eventually stops after a while. This is unlike iOS 17, where trying to reproduce the same scenario will end up with a Safari error page, which should be the expected behaviour. In short, instead of Safari going into an infinite loading loop, it should display a Safari error page like iOS 17 does. As this issue is only happening on iOS 18, I am almost certain it's an iOS bug and would appreciate if this can be fixed as soon as possible. I have created a Feedback Assistant report with ID FB15853821, which contains a sysdiagnose file from my iPhone 16 Pro, as well as two videos, one from my iPhone 16 Pro with iOS 18.2 beta 3 and the other video showing a comparison between iOS 18 and 17. Both videos first show the extension functioning correctly with an active internet connection, but when I disable my internet, the iOS 18 Safari goes into an infinite loop. Here are the steps to reproduce the issue: Download the Homepage for Safari app from the App Store: https://apps.apple.com/gb/app/homepage-for-safari/id6481118559 Enter any valid homepage URL, such as https://apple.com and tap Save Go to Settings -> Apps -> Safari -> Extensions -> Homepage and enable the extension Make sure Open New Tabs is set to “Homepage” Turn off both WiFi and cellular data and attempt to open a new tab in Safari Please note that this also happens with iOS 18.2 beta 4.

Hello, I'm experiencing an issue where WKWebView consistently fails to load a specific URL on the iOS 18.4 simulator (Xcode 16.3). The error is as follows: Error Domain=NSURLErrorDomain Code=-1005 "The network connection was lost." UserInfo={ _kCFStreamErrorCodeKey=-4, _kCFStreamErrorDomainKey=4, NSUnderlyingError=Error Domain=kCFErrorDomainCFNetwork Code=-1005, NSErrorFailingURLKey=[REDACTED] } Key Observations: This URL fails consistently only on the iOS 18.4 simulator. The same URL loads without issue in iOS 18.3 and 18.2 simulators. The backend is serving a valid HTTPS certificate chain, and the server appears to be presenting it properly. The same application appears to work on a real iPhone running 18.4. Certificate Chain for the Failing URL Leaf: WR3 (Valid: Mar 17, 2025 – Jun 15, 2025) Intermediate 1: GTS Root R1 (Valid: Dec 13, 2023 – Feb 20, 2029) Intermediate 2: GlobalSign Root CA (Valid: Jun 19, 2020 – Jan 28, 2028) Other URLs Work Fine in iOS 18.4 Simulator WKWebView successfully loads the following URLs with similar or more complex certificate chains: https://google.com → WR2, GTS Root R1, GlobalSign Root CA https://amazon.com → DigiCert Global CA G2, DigiCert Global Root G2, VeriSign G5 https://stackoverflow.com → E5, ISRG Root X1 https://shopify.com → GlobalSign Root CA, GTS Root R4, WE1 This suggests the issue may not be with general network or certificate trust but instead something specific about how iOS 18.4 handles this domain or certificate configuration in the simulator. Any insights on how to solve this would be greatly appreciated.

WKWebView has set the option to disable selection ("document. documentElement. style. webkitUserSelect='none ';") and long press ("document. documentElement. style. webkitTouchCallout='none';"). If there is text on one of the images in WebView, simply tap the image twice and then long press the text. The program will crash with the following error message: 0 CoreFoundation 0x185e058c8 __exceptionPreprocess + 164 1 libobjc.A.dylib 0x182d797c4 objc_exception_throw + 88 2 CoreFoundation 0x185e908d4 -[NSException initWithCoder:] + 0 3 QuartzCore 0x18678a874 CA::Layer::set_position(CA::Vec2<double> const&, bool) + 160 4 QuartzCore 0x1869a7270 -[CALayer setPosition:] + 52 5 UIKitCore 0x18c4ac564 -[UIView _backing_setPosition:] + 176 6 UIKitCore 0x18cefdf0c -[UIView setCenter:] + 220 7 UIKitCore 0x18cd9f794 -[_UIEditMenuContentPresentation _displayPreparedMenu:titleView:reason:didDismissMenu:configuration:] + 936 8 UIKitCore 0x18cd9f3c0 __54-[_UIEditMenuContentPresentation _displayMenu:reason:]_block_invoke + 104 9 UIKitCore 0x18ced1060 -[UIEditMenuInteraction _editMenuPresentation:preparedMenuForDisplay:completion:] + 384 10 UIKitCore 0x18cd9f2e4 -[_UIEditMenuContentPresentation _displayMenu:reason:] + 304 11 UIKitCore 0x18cd9f0d8 -[_UIEditMenuContentPresentation displayMenu:configuration:] + 64 12 UIKitCore 0x18ced0344 __58-[UIEditMenuInteraction presentEditMenuWithConfiguration:]_block_invoke + 260 13 UIKitCore 0x18ced1f8c __80-[UIEditMenuInteraction _prepareMenuAtLocation:configuration:completionHandler:]_block_invoke + 80 14 UIKitCore 0x18cc8403c __109-[UITextContextMenuInteraction _editMenuInteraction:menuForConfiguration:suggestedActions:completionHandler:]_block_invoke + 180 15 UIKitCore 0x18cc84584 __107-[UITextContextMenuInteraction _querySelectionCommandsForConfiguration:suggestedActions:completionHandler:]_block_invoke + 148 16 WebKit 0x1a05ae5d4 WTF::CompletionHandler<void (WebKit::DocumentEditingContext&&)>::operator()(WebKit::DocumentEditingContext&&) + 64 17 WebKit 0x1a05bb468 WTF::Detail::CallableWrapper<WTF::CompletionHandler<void (IPC::Connection*, IPC::Decoder*)> IPC::Connection::makeAsyncReplyCompletionHandler<Messages::WebPage::RequestDocumentEditingContext, WTF::CompletionHandler<void (WebKit::DocumentEditingContext&&)>>(WTF::CompletionHandler<void (WebKit::DocumentEditingContext&&)>&&, WTF::ThreadLikeAssertion)::'lambda'(IPC::Connection*, IPC::Decoder*), void, IPC::Connection*, IPC::Decoder*>::call(IPC::Connection*, IPC::Decoder*) + 196 18 WebKit 0x19fcf5db8 WTF::Detail::CallableWrapper<WebKit::AuxiliaryProcessProxy::sendMessage(WTF::UniqueRef<IPC::Encoder>&&, WTF::OptionSet<IPC::SendOption>, std::__1::optional<IPC::ConnectionAsyncReplyHandler>, WebKit::AuxiliaryProcessProxy::ShouldStartProcessThrottlerActivity)::$_1, void, IPC::Connection*, IPC::Decoder*>::call(IPC::Connection*, IPC::Decoder*) + 64 19 WebKit 0x19fce54f0 IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>) + 340 20 WebKit 0x19fcf5aa0 IPC::Connection::dispatchIncomingMessages() + 536 Will the official version have this issue?

We are building a Safari web extension utilising native messaging, to send messages to the Swift native part of the app. We sometimes experience, that the beginRequest handler is executed multiple times, at the same time. We have a special part of the code in the handler, that must be run only once. Because it uses NS defaults storage, and also because it calls our servers. We have tried to use a serial dispatch queue, as well as other locking and mutex techniques, to no success. We suspect that the instances of the handler are isolated in a way, that these locks don’t work (maybe they don’t share memory?). But we are not sure. When looking at os_logs from the handlers, they all share the same PID. Has anyone experienced anything similar and can shed some light on what's going on?

Hi, I am trying to find a unix timestamp from a safari bookmark. I have been able to open the Plist file but I am not sure how to find the timestamp. Any help would be great!

Body:
Hi all, I’m seeing a puzzling discrepancy in behavior between NSURLSession (with multipathServiceType = NSURLSessionMultipathServiceTypeInteractive) and WKWebView when the device is connected to a Wi-Fi SSID that has no internet (e.g., a hardware device’s AP). I have the Multipath entitlement properly enabled, and in this scenario: NSURLSession requests automatically fall back to cellular and succeed (no user intervention, fast switch). WKWebView loads fail or stall: the web content does not appear, and it seems like the web view is not using the cellular path even though the system network path becomes satisfied and real Internet reachability is confirmed. Environment: iOS version: (e.g., iOS 18.4) Device: (e.g., iPhone 15 Pro) Multipath entitlement: enabled in the app, using NSURLSessionMultipathServiceTypeInteractive Connected SSID: hardware device Wi-Fi with no external internet Expected fallback: automatic to cellular once the Wi-Fi has no internet, as observed with NSURLSession What I’ve done / observed: NSURLSession using Multipath works as expected:
NSURLSessionConfiguration *cfg = [NSURLSessionConfiguration defaultSessionConfiguration];
cfg.multipathServiceType = NSURLSessionMultipathServiceTypeInteractive;
NSURLSession *session = [NSURLSession sessionWithConfiguration:cfg];
NSURLRequest *req = [NSURLRequest requestWithURL:[NSURL URLWithString:@"https://www.apple.com/library/test/success.html"]];
NSURLSessionDataTask *task = [session dataTaskWithRequest:req completionHandler:^(NSData *data, NSURLResponse *resp, NSError *err) {
NSLog(@"NSURLSession result: %@, error: %@", resp, err);
}];
[task resume];
When connected to the device Wi-Fi (no external internet), the session quietly shifts to cellular and completes successfully. WKWebView fails to load under the same conditions:
[self.webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://www.apple.com/library/test/success.html"]]];
The web view either shows a load failure or just hangs, even though lower-level monitoring reports that the network path is satisfied and real Internet connectivity is available. Network path monitoring logic: I use the C API nw_path_monitor to watch for nw_path_status_satisfied. Once satisfied is observed, I perform a true connectivity check using nw_connection (e.g., connecting tohttps://www.apple.com/library/test/success.html) to verify that real Internet traffic can flow over cellular. That check passes, confirming fallback to cellular, but WKWebView still does not load content. Meanwhile, NSURLSession requests in the same condition succeed immediately. Sample logging trace:
[+] nw_path_status_satisfied=1, hasWiFi=1, hasCellular=1
[+] Internet connectivity test: ready (via nw_connection)
[-] WKWebView load failed / stalled
[+] NSURLSession request completed successfully Questions: Why does NSURLSession with the multipath service type seamlessly use cellular when the Wi-Fi has no internet, but WKWebView does not exhibit the same fallback behavior? Is WKWebView not honoring the system’s multipath fallback the same way? Does it use a different networking stack or ignore the multipath entitlement in this scenario? Is there a supported way to force WKWebView to behave like NSURLSession here? For example, can I bridge content through a multipath-enabled NSURLSession and inject it into WKWebView via a custom scheme? Are there any WKWebView configuration flags, preferences, or policies that enable the same automatic interface switching? Are there known limitations or documented differences in how WKWebView handles network interface switching, path satisfaction, or multipath compared to raw NSURLSession? What I’ve ruled out / tried: Verified the Multipath entitlement is included and active. Confirmed network path is “satisfied” and that real Internet reachability succeeds before calling [webView loadRequest:]. Delayed the WKWebView load until after connectivity verification. Observed that NSURLSession requests succeed under identical connectivity conditions. Any insight into internal differences, recommended workarounds, or Apple-recommended patterns for making web content robust in a “Wi-Fi with no internet” + automatic fallback-to-cellular scenario would be greatly appreciated. Thank you!

After updating to iOS 18.4, our web application (with service workers) crashes on devices that accessed it prior to the update. This issue also affects hybrid mobile apps using the same web application; reinstalling the app resolves it by refetching and reinstalling service workers. Debugging is challenging because clearing the cache or reinstalling the app fixes the problem, and no useful error logs are available. Has anyone encountered similar crashes related to service workers after an iOS update and have any insights into the cause?

We use a direct link mechanism in our app that attempts to open the app if it's already installed; otherwise, it redirects the user to the App Store. However, when the app is not installed, Safari displays an alert saying: "Safari cannot open the page because the address is invalid." This popup appears to be caused by attempting to open a custom URL scheme that doesn't resolve. what is the recommendation from apple to have a smooth transition to our mobile App Here’s a sample link we’re using: https://new.oneclear.com/Asset/fe5f7fb6-205a-40f8-9efe-71678361aa2c?t=NTA0NQ==

I am trying to build and run a Safari Web Extension from Xcode and I have enabled "Allow unsigned extensions" in Safari settings. However, I see the below pop up: And, if click on the "Quit and Open Safari Extensions Preferences..." button, the project stops running on Xcode and nothing happens. What can be the issue? The extension works and runs fine if I get it from the Mac App Store and this only happens when running from Xcode. I even tried completely uninstalling the mac app store version and still facing the same issue.

Does webkit have a way to display a smart banner for a home screen web app similar to how a smart banner can be displayed for native apps? I recently noticed (10/23) that Twitter showed a smart banner encouraging Home Screen web app on my Mac running Sonoma. How is this done?

I am testing stuff on a website, and it worked well on any mobile browser till iOS18. Now that I am testing iOS26, even with the latest BETA (3) everything works smoothly on any other mobile browser but Safari. Previously I had the bug, which now has been patched, for status-bar, which was flickering too, but popover and page issue seems still there. I have persistent popover and ajax navigation, and both are rendering with bugs and fouc while view/page changes. Example: If I have an element which must stay on its place and its width is 100vw: while page changes it blinks, shrinks, flicker and jumps on rendering, while it simply must stay as is.. Animations and page transitions work smoothly on Chrome mobile (latest iOS 26 beta 3) , while breaking on Safari. I did open a feedback FB18328720, but seems no one caring. Any idea guys? ** Video of the bug (which is huge!) : ** https://youtube.com/shorts/rY3oxUwDd7w?feature=share Cheers

SwiftUI List Accessibility VoiceOver

I'm posting a question here as I have encountered an issue while seeking help from engineers in the thread. thread773837 If the "Not Secure Connection Warnings" is enabled in Settings > App > Safari, are HTTP connections not allowed under any circumstances? I also posted a question about NSAllowsLocalNetworking not being applied, and I was informed that ATS (App Transport Security) is not related to SFSafariViewController. If that's the case, what feature causes the error "Safari cannot open the page. Error: Failed to navigate to an HTTP URL with HTTPS-only mode enabled"? I am currently working to resolve this issue.

Hello, We do not have explicitly set it our website, but still Smart Banner appears since we have universal link setup. (current URL matches the universal link patterns set in your apple-app-site-associations file ). Also, I understand it appears only for users having our app installed. We do not want to show this banner in any case. is there any way to choose not to show the app banner? either setting additional meta or any other way would work. regards, Hussain

Hello. I have a project that loads a page using jquery 3.6.3 in WKWebView. When I try this on iOS developer beta 4, WKWebView malfunctions and the page does not load properly. If I remove jquery, the page loads. Even if I update jquery to the latest version, the problem remains the same. This problem did not occur until developer beta 3. The log is as follows. 0x12107c170 - [PID=994] WebProcessProxy::didClose: (web process 0 crash) 0x12107c170 - [PID=994] WebProcessProxy::processDidTerminateOrFailedToLaunch: reason=Crash Error acquiring assertion: <Error Domain=RBSAssertionErrorDomain Code=2 "Specified target process 994 does not exist" UserInfo={NSLocalizedFailureReason=Specified target process 994 does not exist}> 0x121138300 - ProcessAssertion::acquireSync Failed to acquire RBS assertion 'XPCConnectionTerminationWatchdog' for process with PID=994, error: (null) 0x132e00018 - [pageProxyID=9, webPageID=10, PID=994] WebPageProxy::processDidTerminate: (pid 994), reason=Crash 0x132e00018 - [pageProxyID=9, webPageID=10, PID=994] WebPageProxy::dispatchProcessDidTerminate: reason=Crash Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x13357de30 {Error Domain=RBSRequestErrorDomain Code=3 "No such process found" UserInfo={NSLocalizedFailureReason=No such process found}}} Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x13357f390 {Error Domain=RBSRequestErrorDomain Code=3 "No such process found" UserInfo={NSLocalizedFailureReason=No such process found}}} Failed to terminate process: Error Domain=com.apple.extensionKit.errorDomain Code=18 "(null)" UserInfo={NSUnderlyingError=0x13357d770 {Error Domain=RBSRequestErrorDomain Code=3 "No such process found" UserInfo={NSLocalizedFailureReason=No such process found}}}

Hello everyone. I have a very strange behavior with smart app banners in Safari. When I don't have installed app on my phone, I can't see the banner on our product main page. When I installed the app, I can see the banner, which allows me to go directly to the app. When I put any other app's ID in the meta tag it works perfectly even if I don't have its installed app. So the code is right, what can be the reason of this behavior? Any settings of the app are required?

We are building a hybrid iOS app using Angular (web) rendered inside a WKWebView, hosted by a native Swift app. Communication between the Angular UI and native Swift code is done using WKScriptMessageHandler. The app mostly works without issues, but in rare edge cases, we’re seeing crashes on the main thread, and the crash is reported in Firebase Crashlytics. The root cause appears related to CFRelease and WKScriptMessageHandler. Here’s the relevant crash stack: Crashed: com.apple.main-thread 0 CoreFoundation 0xbfac CFRelease + 44 1 CoreFoundation 0xa734 __CFURLDeallocate + 128 2 CoreFoundation 0x730c _CFRelease + 292 3 libobjc.A.dylib 0x4e28 AutoreleasePoolPage::releaseUntil(objc_object**) + 204 4 libobjc.A.dylib 0x4cbc objc_autoreleasePoolPop + 260 5 WebKit 0x99f194 WebKit::WebUserContentControllerProxy::didPostMessage(WTF::ObjectIdentifierGeneric<WebKit::WebPageProxyIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebKit::FrameInfoData&&, WTF::ObjectIdentifierGeneric<WebKit::ScriptMessageHandlerIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, std::__1::span<unsigned char const, 18446744073709551615ul>, WTF::CompletionHandler<void (std::__1::span<unsigned char const, 18446744073709551615ul>, WTF::String const&)>&&) + 680 6 WebKit 0x1b358 WebKit::WebUserContentControllerProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 392 7 WebKit 0xe86b0 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 272 8 WebKit 0x23c0c WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 44 9 WebKit 0xe3f054 IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>) + 252 10 WebKit 0x332d4 IPC::Connection::dispatchIncomingMessages() + 744 11 JavaScriptCore 0x58a7c WTF::RunLoop::performWork() + 204 12 JavaScriptCore 0x599a4 WTF::RunLoop::performWork(void*) + 36 13 CoreFoundation 0x56328 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 14 CoreFoundation 0x562bc __CFRunLoopDoSource0 + 176 15 CoreFoundation 0x53dc0 __CFRunLoopDoSources0 + 244 16 CoreFoundation 0x52fbc __CFRunLoopRun + 840 17 CoreFoundation 0x52830 CFRunLoopRunSpecific + 588 18 GraphicsServices 0x11c4 GSEventRunModal + 164 19 UIKitCore 0x3d2eb0 -[UIApplication _run] + 816 20 UIKitCore 0x4815b4 UIApplicationMain + 340 21 APP1 0xa2f80 main + 21 (AppDelegate.swift:21) 22 ??? 0x1c234eec8 (シンボルが不足しています) Steps: WebView: WKWebView Message passing: WKScriptMessageHandler → passing data from Angular → Swift WKWebView is long-lived and reused Native is using WKUserContentController.add(_:name:) to register handlers Crashes are intermittent (hard to reproduce), but often follow: Screen sleep/wake Push notification open Angular calling native immediately after resume Questions: Has anyone seen this specific crash pattern involving CFRelease and WKScriptMessageHandler? Are there known WebKit or CoreFoundation bugs related to WKScriptMessageHandler and retained URLs or message content? Thank you for your help!

We have noticed that in iOS 16 or greater , the Smart App Banner which shows based on meta tag added is not showing the app ratings inside the popup. Can we override this new behavior to show ratings and custom text.

Hi all, Question: Can Apple confirm that, on macOS 15 without MDM/supervision, there is no supported API, entitlement, auth right, or config file that can enable a Safari App Extension without some form of user interaction? Environment • OS / Safari: macOS 15.0.1 (Sequoia), Safari 18.x • Distribution: Signed, notarized, stapled PKG installs a host app that contains a Safari App Extension • Management: No MDM allowed (and thus no supervision) • Goal: Have the extension come up enabled immediately after install, without requiring the user to click the checkbox in Safari Settings ▸ Extensions What we already know / tried Normal install flow – After PKG install, the extension shows up disabled. User must check the box to enable. SFSafariApplication.showPreferencesForExtension(...) – We can deep‑link the user to our row, but they still need to click “Enable.” Accessibility/UI scripting – We can script the click if the user grants our helper Accessibility permission. That still involves user interaction. .mobileconfig with Safari Extensions Management (AlwaysOn) – From what I can tell, this requires a supervised device enrolled in MDM. Installing that profile manually on an unsupervised Mac does not enforce the “AlwaysOn” state. Auth rights / Developer mode – Looked at auth.db rights like com.apple.Safari.allow-unsigned-app-extensions, and the Develop menu “Allow Unsigned Extensions.” Neither appears to auto‑enable a signed extension, and we don’t want to use private/unsupported APIs anyway. Thanks in advance for any clarification.

Hello, I find it difficult to find information about this function, but Apple would allow you to download a Wallet ticket via a JWT signed token, without going through a pkpass, by calling the url https://wallet.apple.com/push/pass? Jwt= + jwt I have made several attempts with a different payload, either I am redirected to the Apple Pay presentation page, or I have a 403 error. I think I'm on my way, but I must miss a step in my signature. Could someone help me and give me the structure or how to manage the key? At the moment I use an Identifiers type PassType ID linked to a Certificate. Has anyone heard of this novelty? According to ChatGPT it should date from iOS 16-18 and potentially not be open to all devs. Thank you! Beautiful day