Post

Replies

Boosts

Views

Activity

Passkey Provider: allowedCredentials not populated
I'm working on a Passkey Provider and I'm trying to limit my extension to already existing credentials added via ASCredentialIdentityStore. So if a browser calls navigator.credentials.get without any allowedCredentials, I want to reject that request and if navigator.credentails.get contain an allowedCredentials list, and the allowedCredentials are in my internal store, then I process the challenge. The problem I'm seeing is that allowedCredentials is empty whether I pass allowedCredentials to navigator.credentials.get or not. Is there any way to troubleshoot this?
0
0
181
Aug ’24
Network Calls in Notification Content Extension
I'm working on an app that uses NSURLSession to perform a network call from inside a Notification Content Extension, and we're seeing some inconsistent behavior. When the user selects one of the actions offered in the notification, a network request is triggered to finalize the action selection. But we're seeing in some cases that the network request fails. Sometimes it will error out with "The network connection was lost" and sometimes "The request timed out" but there are no network issues so it seems like the failure isn't quite accurate. I'm wondering if there are known issues with using NSURLSession from inside a Notification Content Extension that could cause intermittent problems.
0
0
365
Apr ’22
Getting System prompts with keychain access groups on macOS
I've created two simple mac apps that both are configured with the same keychain access group. I tried inserting a keychain record from App A and then reading it from App B. When App B requests the keychain entry, I get a system prompt saying "App B wants to use your confidential information stored in <redacted> in your keychain." and I have to enter my password to approve the request. My understanding was that setting keychain access groups would obviate the need for a system prompt. Is that an incorrect assumption? Or is there something mis-configured here? Any pointers or advice would be appreciated. Thanks.
0
0
372
Jun ’21
DNS with Packet Tunnel Provider
I'm working on building a custom Packet Tunnel Provider and I'm running into a group of related problems surrounding how DNS appears to be handled. If I don't specify dnsSettings in my NEPacketTunnelNetworkSettings then nothing resolves and the tunnel is useless. So I tried setting a specific DNS resolver; that solves the problem of DNS resolution and the tunnel works, but those DNS requests are sent outside the tunnel and I don't see a way to enforce them going through the tunnel. This is a problem as plain text DNS requests are a big information leak. I next tried to set the dnsSettings to an NEDNSOverHTTPSSettings object pointing to cloudflare's public DoH server. That doesn't appear to work. No DNS requests are seen over the wire, but nothing resolves so it's just as useless as the original state. Is there something I'm missing here w/r/t DNS setting on packet tunnel providers?
1
0
736
Dec ’20