User Profile

I'm experiencing an intermittent bug with Auto Layout in the popover for Safari App Extensions. It appears that any resizing in the view controller sometimes happens before the window itself is resized, and this has a very odd appearance. I'd like to figure out how to stop this from happening. I've tried moving any constraint changes into the updateConstraints method as suggested in AppKit resources I've found, however the bug remains. For reference, here are the collapsed and expanded views: Here are the intermediate frames that I'd like to prevent: This is the function that toggles the constraints to show/hide the long text: @objc private func toggleContent(_ sender: NSButton) { if longText.isDescendant(of: contentView) { contentButton.title = "Show text" // Remove text longText.removeFromSuperview() initialBottomConstraint.isActive = true } else { // Add text contentButton.title = "Hide text" initialBottomConstraint.isActive = false longText.translatesAutoresizingMaskIntoConstraints = false contentView.addSubview(longText) NSLayoutConstraint.activate([ longText.leadingAnchor.constraint(equalTo: contentView.leadingAnchor, constant: 16.0), longText.topAnchor.constraint(equalTo: contentButton.bottomAnchor, constant: 16.0), longText.trailingAnchor.constraint(equalTo: contentView.trailingAnchor, constant: -16.0), longText.bottomAnchor.constraint(equalTo: contentView.bottomAnchor, constant: -16.0) ]) } } Edit: for screenshot size

I'm adding an embedded XPC service to a Safari Extension to handle some user sensitive data. I've been reading anything I can get my hands on, and I know that since the service is private, no other process besides my extension should be able to connect to it. That's great. However, I want to be sure that the channel is safe from man in the middle attacks. Digging in, the output of sudo launchctl procinfo <pid> has among other things, an address to a Unix socket under SSH_AUTH_SOCK. I'm wondering if Unix file sockets are the underlying technology used to deliver these XPC messages, are the payloads encrypted, and if those messages can be intercepted. I'm using the NSXPXConnection API, rather than the lower-level XPC API, if that makes a difference.