The WebContent process has the entitlement 'com.apple.private.webkit.use-xpc-endpoint', which is not present in the development version.
Created attachment 410553 [details] Patch
<rdar://problem/68585497>
Created attachment 410564 [details] Patch
Comment on attachment 410564 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=410564&action=review > Source/WebKit/ChangeLog:10 > + The WebContent process has the entitlement 'com.apple.private.webkit.use-xpc-endpoint', > + which is not present in the development version. I’ll take your word for it that this is a good change. But I don’t understand what you are saying here with that sentence. You say the process "has the entitlement", but how does it get it? You say it "is not present in the development version". Is that a statement of what’s wrong and what you are fixing, and hence no longer true? Or does it mean something else. What I see in the patch is two changes: 1) Only add use-xpc-endpoint for macOS 11.0 and newer. 2) Add use-xpc-endpoint even when WK_USE_RESTRICTED_ENTITLEMENTS is NO. I can’t make the connection between this and "the development version" and "has the entitlement" comment above.
(In reply to Darin Adler from comment #4) > Comment on attachment 410564 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=410564&action=review > > > Source/WebKit/ChangeLog:10 > > + The WebContent process has the entitlement 'com.apple.private.webkit.use-xpc-endpoint', > > + which is not present in the development version. > > I’ll take your word for it that this is a good change. > > But I don’t understand what you are saying here with that sentence. You say > the process "has the entitlement", but how does it get it? You say it "is > not present in the development version". Is that a statement of what’s wrong > and what you are fixing, and hence no longer true? Or does it mean something > else. > > What I see in the patch is two changes: > > 1) Only add use-xpc-endpoint for macOS 11.0 and newer. > 2) Add use-xpc-endpoint even when WK_USE_RESTRICTED_ENTITLEMENTS is NO. > > I can’t make the connection between this and "the development version" and > "has the entitlement" comment above. Yes, the description in the change log was too short. The required entitlement 'com.apple.private.webkit.use-xpc-endpoint' is already present in com.apple.WebKit.WebContent.xpc, but not in the development XPC service, com.apple.WebKit.WebContent.Development.xpc. The intention of this patch was to add the entitlement also for the development XPC service, but I have later learned that the system WebKit development XPC service cannot have private entitlements, so this patch is now invalid. Thanks for reviewing!