I have an Electron app that needs access to the camera. On Windows it works fine but on MacOS it doesn't and even crashes when I try to ask permisson.
When I call the routine to check the permission status (shown bellow) it gives me a not-determined answer.
systemPreferences.getMediaAccessStatus('camera')
Then, to ask for permission (and hopefully show the allow/deny pop-up) I use the following:
const { systemPreferences } = require('electron')
systemPreferences.askForMediaAccess('camera')
But when I do, it instantaneously crashes the app and gives me a long detailed crash report that, among other things, says this:
This app has crashed because it attempted to access privacy-sensitive data without a usage description.
The app's Info.plist must contain an com.apple.security.device.camera key with a string value explaining to the user how the app uses this data.
Additionally, the Info.plist generated in the root of the app instalation has all of the entries needed. I even included the hardenedRuntime as true.
<key>NSCameraUsageDescription</key>
<string>This app needs access to the Camera</string>
<key>com.apple.security.device.camera</key>
<true/>
<key>hardenedRuntime</key>
<true/>
Some final notes...
I was struggling with app signing and finally made it to use a valid certificate to sign during the build. Before that the app did not crash when I asked for the permission. It simply did nothing at all. The crashing started as soon as I managed to sign the App.
I'm using electron-builder to build the .dmg and installing from that. npm run electron:build. When I run the app in dev mode through npm run electron:serve it works perfectly and doesn't even pop the permission pop-up. The access status returns as granted.
Shouldn't com.apple.security.device.camera be a boolean? Everywhere I read about it it is a Boolean. Although the error message asks me to define a string with a description. (which I already tried and did not change anything)
Any ideas on how to solve that?
I already tried to change the Info.plist mannualy. Didn't work. How can I make sure I'm working on the right Info.plist file. There are a few. The one I was using is the largest and seems to be the main one. The others are helpers.
I also tried to manage the permission in the MacOS System Preferences. Did not work either.
Try to add "com.apple.security.cs.allow-unsigned-executable-memory": true
mac: {
....
extendInfo: {
"NSCameraUsageDescription": "some description",
"com.apple.security.device.camera": true,
"com.apple.security.cs.allow-unsigned-executable-memory": true
}
}
Related
To preface, I haven't changed any code or entitlements in my app. It always built and worked great but now all of a sudden I am getting this error.
12/8/15 10:05:45.388 AM appleeventsd[51]: A
sandboxed application with pid 2414, "XXX" checked in with
appleeventsd, but its code signature could not be read and validated
by appleeventsd, and so it cannot receive AppleEvents targeted by
name, bundle id, or signature. Install the application in
/Applications/ or some other world readable location to resolve this
issue. Error=ERROR: #100013 {
"NSDescription"="SecCodeCopySigningInformation() returned 100013, -."
} (handleMessage()/appleEventsD.cp #2098) com.apple.root.default-qos
I have tried the following
Install the app in "Applications" as the error suggest.
Restart the computer.
Delete the container and empty the trash.
Killing off cfprefsd. Both root and user.
Re-installing Xcode.
Removing the "Developer" folder in my Library.
Running the app in a virtual machine with a brand new install of my app.
Recreate all my developer certificates, provisioning profiles, etc...
None of the above works.
I have also tried all suggestions in the following links
Mac sandbox created but no NSUserDefaults plist
Error while implementing Sandbox: "deny file-read-metadata /Library"
Can't code sign helper app properly
Error in Sandboxed App, When loading Helper (LoginItems), code signing issue
And nothing has resolved the issue. My app, all of a sudden stopped working.
I think I figured it out. I re-wrote the code for creating a security scoped bookmark... all is working again. I couldn't find any differences but I think it was something in my code.
I'm developing an iOS App with Facebook API. The app was working fine but I started to get the below error;
"There was an error:fbplatse:{"message": "No Bundle ID has been set on the server" }. Please tap Cancel to return to APPNAME and try again."
Actually I don't think I made any changes to the server. Can you please help me to fix this?
Thanks,
E.
Ok, I solved this problem.
add your app's bundle ID into the 'Native iOS App' tab under 'developers.facebook.com/apps'
Your app's bundle ID should be the same with the one above (Facebook developer page)
After I added up my bundle ID, I started to receive 'com.facebook.sdk error code=2' messages. It is good to check this link which explains everything step by step about the error code and how to get rid of it.
So, in my specific situation following worked; Device's Settings => Facebook and then log in with the credentials.
I spent too much time on that but now it works!
Facebook has updated it's documentation since this post in 2013. They have provided a screenshot showing where to get the bundle identifier. It's not the code with the variable in it from the Info.plist in Supporting Files directory. Rather, tap on the project file in Xcode (the topmost file in the directory) and see General tab (which is open by default).
I've attached a screen grab. Hopefully this helps someone.
I'm trying to get out of this problem (I hope it's the last!)
Briefly, I have one status bar app, which needs to start at login.
I followed this tutorial http://blog.timschroeder.net/2012/07/03/the-launch-at-login-sandbox-project/
Everything it's working, but when it's time for testing the app in a real contest, outside xcode, I end up with this message in the console system.log:
appleeventsd[52]: <rdar://problem/11489077> A sandboxed application with pid 1258, "xxxxx" checked in with appleeventsd, but its code signature could not be validated ( either because it was corrupt, or could not be read by appleeventsd ) and so it cannot receive AppleEvents targeted by name, bundle id, or signature. Error=ERROR: #-67061 { "NSDescription"="SecCodeCheckValidity() returned -67061, <SecCode 0x7fb0ea714300 [0x7fff71381e10]>." } (handleMessage()/appleEventsD.cp #2072) client-reqs-q
What i did was checking the code signature with this command: spctl --assess --type execute AppName
The result was code signature ok for both the Main app, and the Helper app.
As you can see in the tutorial the helper app project is kept inside the main app project. Maybe this is the cause?
I've tried different Signing profiles, now i'm using "Mac Distribuition"
I'm using OsX Mavericks DP6 And Xcode 5 beta ..
Any ideas?
For anyone else finding this post, I believe the answer is here: Can't code sign helper app properly
Try running from /Applications and see if you still get the message in the console.
Check the permissions of the application bundle ( and the path to the bundle ) to insure that the appleeventsd and/or securityd daemons can read the executable.
Try to run the helper itself (from Xcode or Finder) to see that everything is fine with that.
In my case it did not run, because the appdelegate object was missing from xib.
After I fixed that it run fine and launched my app from the Application folder
I have been developing an OSX app with Delphi XE3 and running into various problems. The latest one is with the sanboxed version built for the Apple Appstore.
The user has to select an arbitrary folder and the app needs to get access to it. Since there is a problem with the OpenDialog, I had to turn to drag-drop functionality instead.
The user drags a folder to the app, the sandbox gives the app temporary access to it and all works properly.
To preserve the access to this folder when the app is restarted I have to use the so-called "security-scoped bookmarks"
I am having two issues with them:
1) How to add the "com.apple.security.files.bookmarks.app-scope" entitlement to an XE3 firemonkey app? It is not available in the Project Options->Entitlements. If I add it manually in the ".entitlements" file it gets overwritten when the app is built.
So is there a way to add a custom entitlement that is not in the list in the project options?
2) To create the bookmark I should use the NSURL.bookmarkDataWithOptions method. I think it should be used like this, but I am not sure of the exact syntax:
var
URL: NSURL;
Err: NSError;
Data: NSData;
...
URL := TNSURL.Create;
Data := URL.bookmarkDataWithOptions(NSURLBookmarkCreationWithSecurityScope, nil, #Err);
...
Maybe there should be a call to Wrap(...) instead of Create.
I have not yet experimented with it, because it is pointless without the answer to issue 1).
It seems no one has written anything about these problems for Delphi, but I hope someone here has experience with that.
Thanks in advance.
Edit:
For problem 1) I tried to add edit manually the ".entitlements" file in the OSX32 folder and set it to read-only to prevent it from being overwritten. It was too easy to be true of course, because the linker complained that the file can not be modified...
OK, I finally found the way to manually add entitlements that are not available in the Project Options > Entitlements.
Instead of selecting the "App Store" build in the Project Manager you have to select a Normal release build and deploy the application as usual.
The application gets deployed in the PAServer scratch-dir as APP package. Inside this package there is an "Entitlements.plist" file, which is in XML format and can be edited with a text editor. It is quite obvious how to add new entitlements once you open the file.
After it is edited, the app has to be code-signed manually and a package has to be prepared. It is slightly more complicated than using the Delphi IDE, but there are instructions about it on the Embarcadero and Apple websites and it actually went without problems.
Still haven't tried the bookmarkDataWithOptions functions.
An alternative could be to deactivate the checkbox for the entitlements-file in the deployment page.
But attention: Evry time you change between Build/Release or App Store/Normal, delphi activates the checkbox. That means you have to deactivate it again in the deplayment-page, to avoid the transfer of this file to the mac PC.
By the way: Do you have tryed meanwhile the StartAccessingSecurityScopedResource function?
In the MacApi.Foundation unit the function is not declared in the NSURL interface.
Do you have found a way to use this function?
I have an app with a crash reporter that autofills in the user email address by getting it from ABAddressBook. I'm trying to get an informative message of intent in the dialog that 10.8 displays asking the user for permission. Following the advice at http://www.red-sweater.com/blog/2672/can-i-get-your-address , I've added the following to the app's Info.plist:
<key>NSContactsUsageDescription</key>
<string>blah blah blah</string>
Unfortunately, this is not working. The dialog still asks, but it does not display my description text. I've tried:
Putting this in the crash reporter framework's Info.plist instead of the app's.
Signing the app with my Developer ID cert.
But, alas, no luck. Anyone gotten this to work that can give me a tip as to what I'm doing wrong?
[UPDATE] I found the real reason why restarting helps. It kills the tccd process, which looks like the culprit in charge of displaying the message on that dialog.
So, just open Activity Monitor and kill the tccd process and your new message should just show up next time the dialog shows.
[Old Answer]
I was running into the same problem and wasn't really sure why (I was doing exactly what the documentation said to do). I finally got it working after:
Deleting the container my app was living in (~/Library/Containers/com.company-name.app-name)
Cleaning the build (In Xcode: Product -> Clean)
Restarting my machine (seems a little cargo-cultish, but I think this is what fixed the problem)
Building and running my app
The next time my app tried to access the Address Book API I was presented with the dialog that included my message.
I think Apple must be caching that message somewhere (either the message you want, or an empty string if you ran your code before you had a message to show), and the only way to clear it out is to restart. I tried the first 2 steps many times with no change in the message, even after I got the message working and then tried to change it.
Solution is to run this command in the Terminal:
tccutil reset AddressBook
Source: https://developer.apple.com/library/archive/qa/qa1906/_index.html