Does Safari only allow native apps to communicate with extensions? Can I create webpages to do the same just like in chrome ?

Would we always have to inject content script into a webpage in order to communicate from webpage to extension ? Is there an externally_connectable API approach in Safari just like in chrome ?

The Safari Web Extension can connect to the App extension via the the browser.runtime.sendNativeMessage and browser.runtime.connectNative APIs. How many Native Messaging host processes can be created through the above APIs? Can new processes be spun up per browser.runtime.connectNative call just like in chrome? or is it always going to be one process ? What other alternatives can we leverage

A general question regarding the architecture of the web extensions in Safari 14. Does it follow a similar strategy used by chrome ? Do content scripts reside in a separate process or are they part of the same process as the webpage?

I would like to create multiple App Extension processes from Safari Web Extension by calling the browser.runtime.connectNative API. Would this be feasible? Is there another method to talk to multiple App extension binaries from the Safari Web extension other than using browser.runtime.connectNative Does the Safari Web Extension always need to be bundled with app extension and native app? Can it talk to other app extensions/native app

Is there a way for Safari Web Extensions to talk to the chrome native messaging processes ? Also how does the communication from Safari Web Extension to App Extension happen ? is it using shared memory or sockets ?

When a let port = chrome.runtime.connectNative('applicationId') is called in Safari Web Extension, does it create multiple ports that can individually communicate with the app extension ? In chrome, every connectNative call spawns one process How does it work in Safari ?

Can an external process be started by calling Process() method in an App Extension ? or is it sandboxed to restrict this access?

I am running a Safari Web Extension and i am unable to see any logs printed from func beginRequest. What could be the potential cause of this ?

I am running a Safari Web extension and looking to launch a shell script from the containing app. Error in process Error Domain=NSCocoaErrorDomain Code=4 "The file “test.command” doesn’t exist." I get the above error when I try to access the binary. I use NSOpenPanel to allow the user to give permission to access the file system. The program works perfectly without the sandbox and so that ensures there is no file path error. I have the following entitlements: com.apple.security.scripting-targets com.apple.security.files.user-selected.executable com.apple.security.files.user-selected.read-write  let task = Process()     task.launchPath = "/Users/test/test.command"      let openPanel = NSOpenPanel()   openPanel.prompt = "Choose"   openPanel.canChooseFiles = false   openPanel.canChooseDirectories = true        do{       try task.run()     }catch{       os_log(.error,"Error in process")       print(" \(error)")     } What could be the issue ?

Is it possible to run a compiled binary from a sandboxed app with proper entitlement and user permission ? I tried giving the following permissions and it still did not run com.apple.security.scripting-targets com.apple.security.files.user-selected.executable com.apple.security.files.user-selected.read-write

What exactly are the differences in terms of privileges for sandboxed apps and XPC service?

A new instance of SafariWebExtensionHandler (which is set as the NSExtensionPrincipal class) inside the app extension is created for every incoming message from the browser extension. Is this something that can be changed? What is the lifecycle of this object? If I have to instantiate other class objects, would they have to be singleton instances?

It appears that safari web extensions can only go through the app store. In order to distribute it outside, is it sufficient to use a valid Developer ID cert or does it need to be notarized? I understand that users would have to click Allow Unsigned Extensions. Do they have to do this every single time even if a valid cert is used to sign the app?

Can a notarized safari web extension (that is distributed outside the store) be permanently allowed to run in the Safari browser when a user selects 'Allow Unsigned extensions'? Or do they have to keep doing it every single time they open the browser?