macOS Sequoia has started to fully control security. The issue is with App Groups in xCode. The app developer in xCode should go to the section (repeat for each target): Signing & Capabilities → Targets → TARGET_NAME → App Groups → App Group in which he should specify the following: $(TeamIdentifierPrefix)myFirm.myName A fictitious ID like this does not work: myGroupID.myFirm.myName And in the program code he should specify the real group ID (in numbers) let storeDirectory = FileManager.default.containerURL( forSecurityApplicationGroupIdentifier: “0123456789.myFirm.myName” ) After recompiling the app, the problem disappears.

I had the same problem after updating to Sequoia - every time I launch the application, a window started appearing asking me to approve the action "Application wants to access the data of another application". I changed the values ​​to these in my application and everything worked: File "*.entitlements": <key>com.apple.security.application-groups</key> <array> - <string>maxrys.js-blocker.group</string> + <string>$(TeamIdentifierPrefix)maxrys.js-blocker</string> </array> File "modelDomains.swift": public class Domains: NSManagedObject { @NSManaged var name: String static let context: NSManagedObjectContext = { - let appGrpName = "maxrys.js-blocker.group" + let appGrpName = "97CZR6J379.maxrys.js-blocker" let storeDirectory = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: appGrpName)! let storeURL = storeDirectory.appendingPathComponent("Database.sqlite") let storeDescription = NSPersistentStoreDescription(url: storeURL) let container = NSPersistentContainer(name: "Model") container.persistentStoreDescriptions = [storeDescription] container.loadPersistentStores(completionHandler: { (storeDescription, error) in if let error = error as NSError? { fatalError("Unresolved error \(error), \(error.userInfo)") } }) return container.viewContext }() convenience init() { self.init(context: Domains.context) } static func selectAll(orderBy: String = #keyPath(Domains.name), ascending: Bool = true) -> [Domains] { let fetchRequest = NSFetchRequest<Domains>(entityName: "Domains") let sortDescriptorKey = NSSortDescriptor(key: orderBy, ascending: ascending) fetchRequest.sortDescriptors = [sortDescriptorKey] return try! self.context.fetch( fetchRequest ) } } You can get your Team ID here: https://developer.apple.com/account → Membership details → Team ID

This only works for the selected domain and only on the https protocol. Info.plist <key>SFSafariWebsiteAccess</key> <dict> <key>Level</key> <string>All</string> <key>Allowed Domains for Header Injection</key> <array> <string>js-blocker.com</string> </array> </dict> SafariExtensionHandler.swift class SafariExtensionHandler: SFSafariExtensionHandler { override func additionalRequestHeaders(for url: URL, completionHandler: @escaping ([String : String]?) -> Void) { print("FIRE: additionalRequestHeaders") } }

Here is a code example that will explain everything: class SafariExtensionHandler: SFSafariExtensionHandler { override func toolbarItemClicked(in window: SFSafariWindow) { // when: info.plist → SFSafariToolbarItem → Action = Command } override func popoverWillShow(in window: SFSafariWindow) { // when: info.plist → SFSafariToolbarItem → Action = Popover } override func popoverViewController() -> SFSafariExtensionViewController { // when: info.plist → SFSafariToolbarItem → Action = Popover return SafariExtensionViewController.shared } }