Hi, after upgrading MacOS (MB Air M1 Version 26.2 (25C56)) & Safari (Version 26.2 (21623.1.14.11.9)) to latest versions, we are experiencing a new bug occurring with our web extension (Click & Read) on local storage writing and getting this error : Invalid call to browser.storage.local.set(). Disk I/O error. This doesn't happen on other browsers (chromium, Firefox). export const setLocalStorage = async (value: object) => { try { await browser.storage.local.set(value); } catch (error) { console.error("[Click & Read] Error setting local storage", error); } };

Our app encountered a new crash since beta5(23A5308g) released last week,and it seems the crash is not solved yet in beta6(23A5318c).The crash stack below `-[UIView _backing_setPosition:] -[UIView setCenter:] -[_UIEditMenuContentPresentation _displayPreparedMenu:titleView:reason:didDismissMenu:configuration:] ___54-[_UIEditMenuContentPresentation _displayMenu:reason:]_block_invoke -[UIEditMenuInteraction _editMenuPresentation:preparedMenuForDisplay:completion:] -[_UIEditMenuContentPresentation _displayMenu:reason:] -[_UIEditMenuContentPresentation displayMenu:configuration:] ___58-[UIEditMenuInteraction presentEditMenuWithConfiguration:]_block_invoke ___80-[UIEditMenuInteraction _prepareMenuAtLocation:configuration:completionHandler:]_block_invoke ___109-[UITextContextMenuInteraction _editMenuInteraction:menuForConfiguration:suggestedActions:completionHandler:]_block_invoke ___107-[UITextContextMenuInteraction _querySelectionCommandsForConfiguration:suggestedActions:completionHandler:]_block_invoke WTF::CompletionHandler<void (WebKit::DocumentEditingContext&&)>::operator()(WebKit::DocumentEditingContext&&) WTF::Detail::CallableWrapper<IPC::Connection::makeAsyncReplyCompletionHandler<Messages::WebPage::RequestDocumentEditingContext, WTF::CompletionHandler<void (WebKit::DocumentEditingContext&&)> >(WTF::CompletionHandler<void (WebKit::DocumentEditingContext&&)>&&, WTF::ThreadLikeAssertion)::{lambda(IPC::Connection*, IPC::Decoder*)#1}, void, IPC::Connection*, IPC::Decoder*>::call(IPC::Connection*, IPC::Decoder*) WTF::Detail::CallableWrapper<WebKit::AuxiliaryProcessProxy::sendMessage(WTF::UniqueRefIPC::Encoder&&, WTF::OptionSetIPC::SendOption, std::__1::optionalIPC::ConnectionAsyncReplyHandler, WebKit::AuxiliaryProcessProxy::ShouldStartProcessThrottlerActivity)::$_1, void, IPC::Connection*, IPC::Decoder*>::call(IPC::Connection*, IPC::Decoder*) IPC::Connection::dispatchMessage(WTF::UniqueRefIPC::Decoder) IPC::Connection::dispatchIncomingMessages() WTF::RunLoop::performWork() WTF::RunLoop::performWork(void*) _CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION ___CFRunLoopDoSource0 ___CFRunLoopDoSources0 ___CFRunLoopRun __CFRunLoopRunSpecificWithOptions _GSEventRunModal -[UIApplication _run] _UIApplicationMain main main.m start

hi Testing on OS26 Public Beta 6. In Safari, if you enter x homepage and scroll, the tab bar sticks to the bottom and moves. Make the keyboard appear in the search window When scrolling down on the Safari homepage again, the issue of not being able to stick to the bottom appears. Is it because the liquid glass UI was applied this time? and safari bug? Please let me know if I'm missing anything

This is my first time to post on this forum. If there are something we didn't notice, please tell me. Thanks. Background We're using canvas to provide a web component to marketing. https://demo.mescius.jp/spreadjs/BenchmarkSample/ Problem Recently we have met an issue from customer. He is using iPad 10th to access the web component but when he tries to scroll it and it's very slow on iPad 10th. His iPad OS version is 17.7 and this issue also can be reproduced on our iPad 10th with iPad OS 18.0.1. But if we use iPad 9th with iPad OS 17.7 and 18.0.1, things are fine and there isn't any performance issue. We developer took some time investigating and found it's because of iPad 10th's safari takes longer time to paint each frame. On iPad 9th, it needs nearly 10ms to paint each frame. But on iPad 10, it needs nearly 70ms to paint each frame. Also we can provide simple code for you to check the different. We tried to simulate the repaint when user is scrolling. You can see on iPad 9th, it will be 2~3ms but on iPad 10th, it will be more than 10ms for each frame. test-ipad10.html It has been happening on iPad 10th only with iPad OS 17.6/17.7/18.0. This will be a big problem for us because it means on the iPad 10th (the latest iPad, non Pro or Air), it can't be used. Question Is there anyone knowing similar issue with this one? And do you know how to solve it on iPad 10?

I don't think the issue is specific iOS 18. We have a web application that runs with IIS Authentication of Windows and Anonymous. Initially the app opens and the user clicks a button and triggers the "401 Challenge" via ASP.NET. The browser presents the Active Directory login, user enters credentials, clicks Sign In, and the browser hangs (may actually be negotiating something). After a few minutes the user is logged into the application. We have done a number of google searches/AI to try to determine what to change and there is no clear solution. Is there anything else to try? This problem is not seen in Chrome on iOS or on a Windows machine. Strangely it is also not seen using BrowserStack with one of their "real" devices. We have other apps that run with just Windows Authorization and this problem is not observed.

overflow-x: clip; will also apply clipping on the Y-axis. The correct implementation of this should only affect the X-axis. This is correctly implemented in all browsers except for Safari

Hi everyone, I'm exploring the new app icon appearance options (Clear, Dark, Tinted) for Progressive Web Apps (PWAs) on iOS26, iPadOS26, and macOS26. Currently, PWA icons don't seem to render well with these new appearances, particularly in Clear and Tinted modes, resulting in very very poor visual quality. You can hardly see anything. Has support for these icon appearances been fully implemented for PWAs? If so, could someone point me to the relevant Apple Developer documentation or provide guidance on how to configure PWA icons to support Clear, Dark, and Tinted appearances? I've searched the Apple Developer Forums, Stack Overflow, and Reddit but haven't found clear information on this topic.A possible solution is a png file with transparent areas, but if the pattern is dark, nothing will be visible in dark mode. Any insights or resources would be greatly appreciated. Thanks! (plz don't give up on PWA😭) Reference: https://developer.apple.com/forums/thread/761615 https://stackoverflow.com/questions/78780916/is-there-a-way-to-provide-light-dark-and-tinted-variants-of-apple-touch-icon https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/ConfiguringWebApplications/ConfiguringWebApplications.html

Hey Guys My PWA video playback and even youtube videos stopped working after updating iOS to 26.0.1. The video thumnails appear fine and if i try to play the video, it remains stuck. If i restart the phone, the video plays for a second in the PWA and then stops again and entire app gets stuck. Request apple team to fix this issue at the earliest. This is hampering all my iOS users who install the PWA on their device homescreen and use it as app. FYI strangely EVERYTHING WORKS FINE ON iOS SAFARI browser including videos playback If i open it as a web app. so this seems like a specific PWA issue on latest ios 26.0.1

I'm encountering an issue with front camera video recordings via browser (Safari/Chrome) on devices running iOS/iPadOS 18 and above: On iPad, the recorded video appears upside down. On iPhone, the recorded video is rotated 90 degrees. The rear camera functions correctly without orientation issues. This problem seems specific to browser-based recordings, as the native Camera app records videos with the correct orientation. Has anyone else experienced this behavior? Is there a known workaround or fix? The preview while recording is fine, the recorded video is oriented incorrectly.

We are experiencing an issue after Xcode 26.0 to load local javascript files to WKWebView to render our own design. it used to work well, however after Xcode 26.0, when [self.webView loadFileURL:fileURL allowingReadAccessToURL:accessURL]; it returns [PID=1514] WebProcessProxy::hasAssumedReadAccessToURL(3198190): no access self.webRootPath = [[NSHomeDirectory() stringByAppendingPathComponent:@"Documents"] stringByAppendingPathComponent:CHAT_VIEW_WEB_ROOT]; NSFileManager *fileManager = [NSFileManager defaultManager]; NSError *error = nil; if (! [fileManager fileExistsAtPath:self.webRootPath]){ [fileManager createDirectoryAtPath:self.webRootPath withIntermediateDirectories:NO attributes:nil error:&error]; } NSURL *accessURL = [NSURL fileURLWithPath:self.webRootPath]; Not sure how to assign access permission to WKWebView. Any help much appreciated.

Before iOS 26.3, the WKWebView method open func loadFileURL(_ URL: URL, allowingReadAccessTo readAccessURL: URL) -> WKNavigation? worked fine when both parameters were passed the same path (e.g., h5path/index.html), allowing access to and loading of other files like CSS and JS within the h5path directory. However, in iOS 26.4 Beta, this results in an error, and the second parameter must point to a parent directory. Is this a bug?

I am reporting what appears to be a serious integrity flaw in Safari under iPadOS 26.3 (and lower) that materially undermines the reliability of Screen Time parental controls. This is not merely a UX inconsistency but a functional contradiction within a system explicitly marketed and positioned as secure parental control infrastructure. Device / Environment Device: iPad Air M3 13" (2025) OS: iPadOS 26.3 Safari (system version) Screen Time enabled with active restrictions Child account (10 years old) Background We deliberately chose an Apple device for school use based on the expectation that Apple’s system-level parental control mechanisms — especially Screen Time — are robust, tamper-resistant, and technically consistent. Screen Time is configured with: App limits Downtime Parental controls enabled with limited web content restrictions (school requirements prevent strict blocking) Safari enabled (mandatory for educational use) further parental control restrictions Because aggressive website blocking would interfere with legitimate school activities, monitoring Safari browsing history is a central supervisory mechanism. When Screen Time is active: Clearing the entire browsing history via Safari is correctly blocked. Clearing history via system settings is correctly blocked. The system explicitly communicates that deletion is not permitted due to Screen Time restrictions. This behavior establishes a clear user expectation: Browsing history is protected against manipulation. The Issue Despite the above safeguards, individual browsing history entries can be deleted easily and silently through the address bar suggestion interface. This creates a structural contradiction: Full deletion is blocked. Selective deletion — which is arguably more problematic — remains possible. Steps to Reproduce Enable Screen Time with restrictions that prevent deletion of browsing history (for example on a student device with a child account). Open Safari and visit any website. Confirm it appears in Safari history. Tap the Safari address bar. Type part of the URL or page title. Safari suggests the previously visited page below the address bar. Swipe left on that suggestion. A red “Delete from History” button appears. Tap it. Actual Result The entry disappears immediately: No Screen Time PIN required No authentication request No warning No restriction triggered No parental notification No audit trace visible Deletion occurs silently and irreversibly. Expected Result When Screen Time is configured to prevent browsing history deletion: Individual entries must not be deletable Deletion must require Screen Time authentication Anything else defeats the protective purpose of the restriction. Real-World Impact In practical use, this allows minors to selectively sanitize browsing history while preserving a seemingly intact record. In our case, this method is widely known among classmates and routinely used to conceal visits to gaming or social media platforms during school hours. The technical barrier to exploitation is negligible. This results in: A false sense of security for parents A discrepancy between advertised functionality and actual system behavior A material weakening of parental control integrity When a system explicitly blocks full history deletion but permits silent selective deletion, the protection mechanism becomes functionally inconsistent and unreliable. Given that Screen Time is publicly positioned as a dependable parental control framework, this issue raises concerns not only about implementation quality but also about user trust and reasonable reliance on advertised safeguards. Request Please classify this as a parental control integrity and trust issue. Specifically: Disable individual history deletion while Screen Time restrictions are active OR Require Screen Time passcode authentication for deleting single entries Screen Time is presented as a secure supervisory environment for minors. In its current implementation under iPadOS 26.3 and before, that expectation is technically not met. This issue warrants prioritization.

Safari on iOS 17, when entering characters into text input box after deleting characters, the layout is off. Here's the HTML: <body> <div id="J001" style="display: inline-block;"> <div id="J001__0" style="display: inline-block;"> <input id="J001__0__input" style="display: inline-block; height: 28px; padding:2px; border:1px solid gray;"></div> <div id="J003__0" style="display: inline-block;"> <button id="J003__0__btn" style="display: inline-block; height:34px;">a</button> </div> </div> </body> Enter "A" into text input box. Delete "A" with the backspace(x). Enter "A" into text input box, the button position will be shifted down. iOS 17 の Safari にて、テキスト入力ボックスで文字を削除した後、文字を入力するとレイアウトが崩れます。 テキスト入力ボックスに「A」と入力します。 バックスペース(x)で「A」を削除します。 テキスト入力ボックスに「A」と入力すると、ボタンの位置が下にずれます。

There does not appear to be any way to use or create iCloud passkeys with a Safari Web Extension, either using the navigator.credentials API in an extension origin webpage such as the popover, or using the AuthenticationServices framework in the SafariWebExtensionHandler. I've setup an associated domain for my plugin, and I know it works for the host application. But I get errors trying to do so in the web extension target. createCredentialRegistrationRequests results in the following error: Domain=com.apple.AuthenticationServices.AuthorizationError Code=1004 "Application with identifier <ID> is not associated with domain <RPID> The other problem, assuming the entitlement works correctly for the web extension, is that there is no NSWindow to use as the presentation target from the SafariWebExtensionHandler. Trying to use the navigator.credentials.create JS API (which is the preferred method, frankly, in a web extension) results in the following error: NotAllowedError: The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission. Chrome has a great solution for this that I believe should be adopted by Safari. If an extension has host permissions for a relying party it wants to claim, or if it has an associated domain entitlement for it, webauthn operations should be allowed.

In WKWebView, there is the WKUIDelegate method: func webView(_ webView: WKWebView, createWebViewWith configuration: WKWebViewConfiguration, for navigationAction: WKNavigationAction, windowFeatures: WKWindowFeatures) -> WKWebView? {} This delegate method provides a callback when a new window (for example, target="_blank") is requested in the web view. However, in native SwiftUI (iOS 26), WebView / WebPage APIs do not provide an equivalent delegate method to handle new window requests. As a workaround, I am using the following method: public func decidePolicy(for action: WebPage.NavigationAction, preferences: inout WebPage.NavigationPreferences) async -> WKNavigationActionPolicy {} In this method, when action.target == nil, I treat it as a new window request. My question: Is relying on action.target == nil in decidePolicy a reliable and future-safe way to detect new window requests in SwiftUI’s WebView, or is there a better or more recommended approach for handling target="_blank" / new window navigation in the SwiftUI WebView APIs? Code: public func decidePolicy(for action: WebPage.NavigationAction, preferences: inout WebPage.NavigationPreferences) async -> WKNavigationActionPolicy { guard let webPage = webPage else { return .cancel } // Handle case where target frame is nil (e.g., target="_blank" or window.open) // This indicates a new window request if action.target == nil { print("Target frame is nil - new window requested") // WORKAROUND: Until iOS 26 WebPage UI protocol is available, we handle new windows here // Try to create a new WebPage through UI plugins if handleCreateWebPage(for: webPage, navigationAction: action) != nil { // Note: The new WebPage has been created and published to the view return .allow } } return .allow }

When using passkeys stored in iCloud Keychain (Passwords app) via Passkey Autofill in browsers other than Safari, the userVerification parameter is ignored and user verification (UV) is not performed. As a result, relying party servers that require userVerification = required fail validation because the UV flag is not set, causing passkey authentication to fail. This issue occurs when the following setting is disabled: Settings → Face ID & Passcode → Use Face ID For → Password AutoFill The issue is reproducible only with the following combination: Non-Safari browsers (e.g. Chrome) Passkeys stored in iCloud Keychain (Passwords app) Passkey Autofill The issue does not occur in the following cases: Safari with passkeys stored in any credential manager Non-Safari browsers using credential managers other than iCloud Keychain Steps to Reproduce: Go to Settings → General → Autofill & Passwords, and enable the Passwords app under “Autofill From”. Go to Settings → Face ID & Passcode → Use Face ID For, and disable “Password AutoFill”. Open Chrome and navigate to https://webauthn.io Enter a username and tap “Register” to create a passkey using the Passwords app (iCloud Keychain). On webauthn.io, go to Advanced Settings → Authentication Settings, and set “User Verification” to “Required”. Reload the page, tap the input field, and perform Passkey Autofill. User Verification is not triggered, and “Authentication failed” is displayed on webauthn.io. === This issue has already been reported via Feedback Assistant as FB21756948. I am posting here to confirm whether this behavior is working as intended or represents a bug, and to make other developers aware of the current behavior.

Hi, this is my first post in the community, so please correct me if i am posting this somewhat in a wrong manner. Im using my Apple M1 Pro(14inch, 2021) and installed the os 26 yesterday. Today, I was using Safari, and all of sudden it gets frozen, then the following window popped up. Is this something expected? i.e. my usage is somewhat unusual or is there any report around potential memory leak in Safari? appreciate any suggestions, as Safari is my main browser and currently on hold due to this issue. Thanks

According to our crash analytics, our application crashes while a context menu is opened on a web view. This crash takes place on iOS 26+ only. The messages states that a web view is no longer inside active window hierarchy, however we doesn't modify web view instance's parent anyhow while the context menu is opened. Can you please help with a fix or at least workaround for this issue? What's your opinion for bug localization (application or framework)? NSInternalInconsistencyException UIPreviewTarget requires that the container view is in a window, but it is not. (container: <WKTargetedPreviewContainer: 0x14b442840; name=Context Menu Hint Preview Container>) userInfo: { NSAssertFile = "UITargetedPreview.m"; NSAssertLine = 64; } Crashed: CrBrowserMain 0 CoreFoundation __exceptionPreprocess + 164 1 libobjc.A.dylib objc_exception_throw + 88 2 Foundation -[NSMutableDictionary(NSMutableDictionary) initWithContentsOfFile:] + 0 3 UIKitCore -[UIPreviewTarget initWithContainer:center:transform:] + 660 4 UIKitCore (Missing) 5 UIKitCore (Missing) 6 UIKitCore (Missing) 7 UIKitCore (Missing) 8 UIKitCore (Missing) 9 UIKitCore -[_UIContextMenuPresentation present] + 56 10 UIKitCore +[UIView(UIViewAnimationWithBlocksPrivate) _modifyAnimationsWithPreferredFrameRateRange:updateReason:animations:] + 168 11 UIKitCore (Missing) 12 UIKitCore (Missing) 13 UIKitCore (Missing) 14 UIKitCore (Missing) 15 UIKitCore +[UIView(UIViewAnimationWithBlocks) _setupAnimationWithDuration:delay:view:options:factory:animations:start:animationStateGenerator:completion:] + 516 16 UIKitCore (Missing) 17 UIKitCore (Missing) 18 UIKitCore +[UIView __animateUsingSpringWithDampingRatio:response:interactive:initialDampingRatio:initialResponse:dampingRatioSmoothing:responseSmoothing:targetSmoothing:projectionDeceleration:retargetImpulse:animations:completion:] + 192 19 UIKitCore -[_UIRapidClickPresentationAssistant _animateUsingFluidSpringWithType:animations:completion:] + 316 20 UIKitCore -[_UIRapidClickPresentationAssistant _performPresentationAnimationsFromViewController:] + 516 21 UIKitCore -[_UIRapidClickPresentationAssistant presentFromSourcePreview:lifecycleCompletion:] + 400 22 UIKitCore __55-[_UIClickPresentationInteraction _performPresentation]_block_invoke_3 + 48 23 UIKitCore +[UIViewController _performWithoutDeferringTransitionsAllowingAnimation:actions:] + 140 24 UIKitCore __55-[_UIClickPresentationInteraction _performPresentation]_block_invoke_2 + 144 25 UIKitCore -[_UIClickPresentationInteraction _performPresentation] + 836 26 UIKitCore postPreviewTransition_block_invoke_2 + 104 27 UIKitCore handleEvent + 256 28 UIKitCore -[_UIClickPresentationInteraction _driverClickedUp] + 48 29 UIKitCore -[_UIClickPresentationInteraction clickDriver:didPerformEvent:] + 400 30 UIKitCore stateMachineSpec_block_invoke_5 + 48 31 UIKitCore handleEvent + 144 32 UIKitCore -[_UILongPressClickInteractionDriver _handleGestureRecognizer:] + 140 33 UIKitCore -[UIGestureRecognizerTarget _sendActionWithGestureRecognizer:] + 128 34 UIKitCore _UIGestureRecognizerSendTargetActions + 268 35 UIKitCore _UIGestureRecognizerSendActions + 268 36 UIKitCore -[UIGestureRecognizer _updateGestureForActiveEvents] + 308 37 UIKitCore -[UIGestureRecognizer gestureNode:didUpdatePhase:] + 300 38 Gestures (Missing) 39 Gestures (Missing) 40 Gestures (Missing) 41 Gestures (Missing) 42 UIKitCore -[UIGestureEnvironment _updateForEvent:window:] + 528 43 UIKitCore -[UIWindow sendEvent:] + 2924 44 UIKitCore -[UIApplication sendEvent:] + 396

We’re seeing an issue in our Safari Web Extension where not all cookies from the Set-Cookie response header are accessible. We are using macOS 15.4 and Safari 18.4. In the webRequest.onHeadersReceived callback, the Set-Cookie header returned by Safari only includes some of the cookies set by the server. If multiple Set-Cookie headers are present, we seem to receive only a partial list, some cookies are missing entirely. In Chrome and Firefox, the same callback provides all cookies set by the server without issue. We are looking for assistance in fixing these issues and having our Safari Extension function the same as it does in Firefox and Chrome.

Hi, I have an app that uses WKWebView and it's crashing on iOS 26 Simulator in places I've never had problems before. In this case it's crashing when calling WKWebView.callAsyncJavaScript, but in my other project WKWebView is crashing with some sort of EXC_BAD_ACCESS other than callAsyncJavaScript. Am I missing something? Thanks,