Dear Apple Developer Support, I’m developing a Chromium-based iOS browser and want to open the Safari settings page (Settings → Apps→ Safari) like Chrome’s “Import data from Safari” feature, where clicking “Go to settings” opens the Safari settings page. To reproduce this behavior in Chrome: 1.In Chrome, search “Import password from Safari.” 2.Restart Chrome. 3.Go to Chrome → Settings → Safari import → Import to Chrome → Go to settings. 4.You will see it opens Settings → Apps → Safari. Please see the attached file for steps to trigger this feature in Chrome. My attempt with App-Prefs:root=SAFARI only opens the Settings main page ,Is there a public API to open the Safari settings page directly? Look forward to your reply,many thanks

Dears, We are facing some issue in ios 18.4.1. Recently some of our end users who updated their ios devices to 18.4.1 have experienced random 403 errors in runtime. as per our analysis, We identified that these errors are associated with "CSRF token mismatch". After successful login, the user's CSRF token is causing issue and it was changed in runtime, this causes the cookie mismatch, and the users is getting 403 errors, and the user session is getting invalid suddenly. let me know if anyone facing the same issue in ios 18.4.1 and let me know Is there any workaround for this issue. Thanks.

Our UI-less share extension (com.apple.services) appears in Safari and Chrome. We raise a popup "Open in (app)..." via the Action.js script document.location.href = urlScheme://... in Safari. However, in Chrome, while our extension executes, parses the URL item attachment from Chrome, it never triggers that popup or opens our app. How can a UI-less share extension open our app from Chrome? Is the accepted practice, despite guidelines, turning the com.apple.ui-services view controller invisible and auto-openURLing? Several apps on the store appear to do this, immediately popping their app without any confirmation dialog or UI in both Safari and Chrome. https://stackoverflow.com/a/79369242

Since the transition to iOS 18.4, we have been having an issue where when loading an m3u8 file specified in the src attribute of a video tag in WKWebView, the ts file is loaded repeatedly. Are there any good ideas for this? Also, if there have been any changes to the specifications of WKWebView, we would appreciate it if you could let us know.

Create shortcut to open chrome with url and put it on the desktop. Tap the shortcut. Tap the username text field. When launching Safari from an iOS shortcut on an iOS device with a valid passkey registered, the passkey suggestion does not appear; instead, the password suggestion appears sometimes.

Posting this here since Apple Discussion Forums kept deleting this citing it was a "developer issue" even though it's not and there's no way to appeal. Can someone help me? I can't get 2FA SMS/Email Codes to autofill in Brave or Chrome as of this writing. Has anyone else had this issue?

With most recent Safari update, our page started having some of it's core functionality broken while users access it on Private mode due to Fingerprinting protection. The issue is that the code that breaks is our first-party code and I want understand why it is breaking and how to properly fix it. One thing we discovered was that a service of ours that uses the same code base doesn't have these issues and current assumption is that their page bundles are served on the same domain as the actual page request, while ours is coming from a different one. The other assumption was that the domain which we use for serving the bundles of the page are set on the domain that is flagged as tracking domain. Is there some documentation on how Safari decides which code is allowed reading user inputs and which isn't and what is the appropriate approach to fix this issue as it would be possible that these changes get release as default in the future?

Hey team, I've integrated custom WkWebsiteDatastore to manage profiling for different sessions. upon testing the WkWebsiteDataStore as its mentioned to be persistent But The storage can be accessed via identifier, But the session data in storage is absent, such as cookies caches all are cleared when app is relaunched is it the default behavior to be expected or there is some property missing causing the session data to be removed from storage.

Enabling Private Relay seems to block XHR in Safari from reaching a local HTTPS server hosted by an iOS app, though it works in other browsers. Before (working): JS → https://local.example.com → 127.0.0.1 → OK After (blocked / no DNS reply probably): JS → https://local.example.com → ERR Is there any way to restore local domain access or mitigate this issue?

After reading several posts I see that I need to add the "com.apple.developer.web-browser.public-key-credential" capability to my macOS app in order to get it to work. So my noob question is where do I request this capability? Can I as a developer request it or does the Account owner need to request it? Once approved, how do I add it to my app's capabilities? Thanks for your patience

This is a really strange issue on iOS Safari. Under certain conditions a basic input element will not be focusable or show the on screen keyboard. I can reproduce the issue with a very simple HTML file by dynamically adding an anchor element with an href during a touch event. If you add a different element or an anchor without an href, there is no issue. Similarly, if you apply the same listener to a click event there is no issue. Reproducible in iOS Simulator 17.2 and 18.1 This HTML/JS showcases the problem: <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <title>InputIssue</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> </head> <body> <div id="parent"> <input type="text" name="test" /> <div id="child"></div> </div> <script> document.addEventListener("touchstart", () => { const child = document.getElementById("child"); if (!child) return; while (child.firstChild) { child.removeChild(child.firstChild); } const link = document.createElement("a"); link.href = "https://test.com"; link.textContent = "test"; child.appendChild(link); }); </script> </body> </html>

It seems fetch() does not include credentials (cookie) even when credentials: include is used and Safari extension has host_permissions for that domain when using from a non-default Safari profile. It includes credentials (cookie) when using from the default profile (which has the default name Personal). Is there anyone who has this problem? I try to request in popup.js like this: const response = await fetch( url, { method: 'GET', mode: 'cors', credentials: 'include', referrerPolicy: 'no-referrer', } ); and it does not include the credentials (cookie) from host_permissions. I already posted https://developer.apple.com/forums/thread/764279, and opened feedback assistant (FB15307169). But it is still not fixed yet. (macOS 15.4 beta 3) I hope this is fixed soon.

Hi Apple Team, We’ve noticed a couple of issues with launching default App Clip in safari and would appreciate your guidance. App Clip Popup Timing: When launching the App Clip using default URL, we sometimes see the small App Clip popup appear before the App Clip banner is displayed. Ideally, the banner should appear first. Cached URL Handling: In certain cases, the App Clip appears to be using a cached URL instead of the most recent one. For example, when we invoke two different App Clip URLs with unique parameters, the App Clip sometimes launches using the previous URL’s data instead of the new one. This behavior is inconsistent and makes it difficult to ensure users are directed to the correct experience each time. Could you please help us understand whether this is expected behavior or if there are any known issues or recommended solutions? Thank you for your time and support. Example

We confirmed a problem at Safari on iPadOS 18.2 or after version. For confirmation, we made a HTML document (see below HTML1) what include ‘method="POST" target="_blank"’ and tested the form however server received GET method and there is no parameter, server did not receive “id” parameter. We confirmed that fact in captured packet and log file that on the server. HTML1: We also made another HTML document (see below HTML2) what include submit button, but the server received GET method as above. HTML2: And we also confirmed that it behaves differently depending on the network environment. If the form targets a name that does not exist (ex. target=” A12345”), behaves differently http or https. http: Safari opened new tag, but the server received GET method. Normally, Safari open new tag and the server receive POST method. https: Safari opened new tag, and the server received POST method. It is normally. If the form targets ‘_blank’, the server received GET method on http or https both. We think Safari change the method POST to GET and delete parameters. It is not conformed to the HTML specification if is that true. We confirmed it was not happened at Safari on iPadOS 17.4, and Windows PC (Edge, Chrome). The method what the server received is POST. We find same problem in Apple Support Community (see below URL). https://discussionsjapan.apple.com/thread/255987615 (Described in Japanese) Is it a bug in Safari on iPadOS 18.2 or after version? Do you have plan to fix? Or if fixed the bug, when do you release fixed version.

我使用Apple Pay on the Web Interactive Demo构建了一个web应用使用的是Payment Request API方式，但是遇到了几个问题： 拉起的web Apple Pay 底部一直转圈圈无法付款，这个是什么问题？ 如何设置sandbox测试付款呢？ 如何异步、同步获取支付结果（后端代码获取支付结果）？demo只有await response.complete("success");前端代码获取支付结果的操作 demo网址: https://shop.wowseer.com/rsolomakhin/pr/applepay/

I built a web application using the Apple Pay on the Web Interactive Demo with the Payment Request API, but encountered a few issues: The initiated web Apple Pay interface shows a spinning circle at the bottom and cannot proceed with payment（Bottom display:正在处理）. What could be causing this? How to set up sandbox testing for payments? How to asynchronously and synchronously retrieve payment results (backend code to fetch payment results)? The demo only shows frontend code using await response.complete("success"); for retrieving payment results my demo URL： https://shop.wowseer.com/rsolomakhin/pr/applepay/

Hello, As previous reports have already shown, there seems to be a few issues on the latest version of Safari, mainly around: Modals taking up the full viewport Elements positioned at the bottom of the screen This also seems to affect the modals on apple.com/iphone. I've recently done an analysis of what can and can't be done in code to work with the new liquid glass UI and thought I'd share my findings here. The full write up, along with screenshots and the demos I used are available in this repository: https://github.com/stevenocchipinti/liquid-glass-spike A brief summary of the findings: The conditions for a fullscreen modal overlay element to cover the entire screen with a position: fixed; seems to be: The background must be semi-transparent Solid colours, linear-gradients, etc. don't work The container must be empty This also means the standard and ::backdrop don't seem to work. The conditions for a bottom sheet to cover the entire screen, including the area around the Safari toolbar seems to be: The element must be positioned within 3px from the bottom of the viewport The height must be within a certain threshold If I've missed anything, please let me know. It would be really nice to have some official documentation on these issues to explain to developers how to do this properly.

Hello all, I'm building a web application in ASP.NET MVC (.NET Framework 4.7.2), from this web app I need to send push notifications to users. For the ones who are logged in with windows/android, everything works as expected, but I can't manage to get it work on the apple side. If I use the same methods to subscribe to push notifications, it shows me the popup that asks the user to enable push notifications, and then I get an endpoint like this: https://web.push.apple.com/QKC1Muic0H7... It doesn't work using this (taking the part after https://web.push.apple.com/), I keep getting "Bad device token" (trying to send the notification via APNS). Then I found out that there is another method to register the device from the frontend, and this one should give me the real device token: window.safari.pushNotification.requestPermission But this one doesn't show me the popup, it gives me "denied" without a reason. I'm trying to a test application which is here https://pwa.vctplanner.it, the web push id is web.it.vctplanner, I created a push package downloadable from POST https://pwa.vctplanner.it/api/v2/PushPackages/web.it.vctplanner, and the code from the frontend is this: function registerSafariPush() { // Controlla se Safari Push Notifications è disponibile if (!('safari' in window) || !('pushNotification' in window.safari)) { console.log("Safari Push Notifications non supportate su questo browser."); return; } // Il tuo Website Push ID registrato su Apple Developer var websitePushId = "web.it.vctplanner"; // Controlla lo stato della permission var permissionData = window.safari.pushNotification.permission(websitePushId); switch (permissionData.permission) { case 'default': // L'utente non ha ancora deciso window.safari.pushNotification.requestPermission( 'https://pwa.vctplanner.it', // URL del server che serve il Push Package websitePushId, {}, // dati opzionali da inviare al server function (permission) { if (permission.permission === 'granted') { console.log("Notifiche push abilitate!"); sendSubscriptionToServer({ endpoint: permission.deviceToken }); } else { console.log("Notifiche push non abilitate dall'utente."); } } ); break; case 'denied': // L'utente ha negato console.log("Notifiche push negate."); break; case 'granted': // L'utente ha già autorizzato console.log("Notifiche push già autorizzate."); sendSubscriptionToServer({ endpoint: permissionData.deviceToken }); break; } } Any suggestions of what I'm missing? Is there a complete guide to how generate the push package? Thank you

Hello from Leipzig, Germany! I noticed that when vertically scrolling in Safari 26 on my Mac, the content of the website I am currently working on is visible in the tab and URL bar with a liquid glass effect. I then looked at various other websites. Some websites have an opaque top bar. Some websites have a transparent top bar where content is visible when scrolling. On the Apple website, the top bar is opaque in light mode but transparent in dark mode. Unfortunately, I can't find a way to control this behavior. Has anyone found out more about this?

Touch not working to close in-app close-ups since latest iOS 26 update