Archive for August 28, 2015

Friday, August 28, 2015

Live Help Menu Searching via NSUserInterfaceItemSearching

Gus Mueller (tweet):

When rendering the documentation (542MB of it, 1.22GB pre-render!), FMWrite also creates a SQLite index (1MB) of all the text content, which I then copy into Acorn’s resources folder at build time. Acorn then ships with this SQLite file.

You don’t really need to build your own documentation app. But you do need an index of your documentation to ship with your app. SQLite worked great for us.

Step 2: Let me introduce you to NSUserInterfaceItemSearching, which is a class which shipped in 10.6 but I didn’t notice till about six months ago. It’s a pretty simple protocol—you just register a class which conforms to it, and you’re asked for entries when the user searches for something via the Help menu.

Note that you don’t have to implement your own index and conform to this protocol to get live searching in the Help menu. You get that for free if you’re using Apple Help and have an hiutil index. The protocol is for when you want to search the help locally but host it on your server.

Type Profiling and Code Coverage Profiling for JavaScript

Saam Barati:

Web Inspector now has two great tools designed to make debugging JavaScript programs easier: the Code Coverage Profiler and the Type Profiler. The Code Coverage Profiler visually displays exactly which sections of your JavaScript program have executed. The Type Profiler visually annotates important variables with the collected set of type information for those variables. Both tools make understanding and debugging your JavaScript programs in Web Inspector better than ever.


The Type Profiler updates in real time. As new information is introduced in your program, the Type Profiler updates its annotations. As you see in the video, when the announceAnimal function is called a second time, the type displayed for the animal parameter updates from Dog to Animal. This happens because the Type Profiler tracks the inheritance chain for values it profiles. The Type Profiler also shows other aggregate types in an intelligent way. As you use the Type Profiler, you’ll see that the types it shows you are both intuitive and helpful.


Because the type profiling machinery is compiled into JSC’s bytecode, JSC is then able to utilize its multi-tiered compiler infrastructure to optimize the overhead of type profiling. JSC’s DFG JIT is able to successfully optimize JavaScript code in large part due to the tendency that most JavaScript code is written with specific types in mind. Because of this, the DFG JIT can speculatively transform its IR based on gathered profiling information. Then, when executing this speculative code, if it finds that an assumption is broken at runtime, the DFG will OSR exit back into JSC’s baseline JIT. The bytecode operation op_profile_type is a very expensive operation and it appears with high frequency when the Type Profiler is enabled. When we transform this bytecode operation into DFG IR, we’re often able to optimize away the overhead of ProfileType by completely removing it from the executing code. We’re able to do this because by the time we decide to DFG compile the bytecode stream, it is likely that the types which were profiled in the Baseline JIT and the LLInt are the same types that the DFG will speculatively compile against.

AWS Privilege Separation

Michael Wittig (comments):

  1. You have AWS access credentials for your IAM user in the bastion account on your machine (usually in ~/.aws/ or in your environment variables). You make a call to the AWS API to get temporary credentials by providing a MFA token. If the MFA token is valid, you’ve created a temporary session for your IAM user in the bastion account.

  2. You receive temporary credentials to authenticate as your IAM user.

  3. With the temporary credentials, you can assume a role in another account (this wasn’t possible before, because assuming a role is only allowed for this user if the user is authenticated with MFA). To assume a role in another account, the role must explicitly be allowed to be used with your account! The maximum permissions a role should have is PowerUserAccess. Don’t allow the role to interact with IAM!

  4. You receive temporary credentials and can begin working with your AWS account.

Shipping an App With App Transport Security

Tim Ekl (tweet):

This article is aimed at a different purpose: to look at the different speed bumps that can show up while building an app alongside ATS, and to explain how to get around them. There are lots of great little tricks that have only cropped up in OS X release notes or on Stack Overflow, or that can only be discovered by building a sample app.


With this more extensive ATS dictionary in our app’s Info.plist, we turn the “allows insecure HTTP loads” flag back off for the domain and all its subdomains. When our app makes any connection to a host in that domain, then, we’ll be receiving the full protection of ATS.

This exception mechanism can handle even more complex scenarios. For example, consider what might happen if most servers in were correctly secured with HTTPS, but one server – say, – wasn’t yet fully ATS-compatible. We can handle this by defining another more specific exception for just that host[…]


In both of these error cases, we can set the environment variable CFNETWORK_DIAGNOSTICS to 1 in order to get more information on the console about the failure. After turning this variable on in our app’s scheme, you’ll notice a new log line with a path to a diagnostic file; this file, in turn, is filled with information about all the actions the CFNetwork layer is taking on behalf of your app’s networking code.


If you have access to an OS X machine running 10.11 or later, the command-line utility nscurl provides some basic ATS debugging capabilities.

Tristan Emrich:

While Google remains committed to industry-wide adoption of HTTPS, there isn’t always full compliance on third party ad networks and custom creative code served via our systems. To ensure ads continue to serve on iOS9 devices for developers transitioning to HTTPS, the recommended short term fix is to add an exception that allows HTTP requests to succeed and non-secure content to load successfully.

Note that this allows all HTTP requests to succeed, not just ones pertaining to Google ads.

Nick Heer:

So in a year where malware-laden ads are becoming increasingly frequent, Google’s response is not to convert their ad network to HTTPS, but rather to tell developers to reduce the security of their apps.

Google update:

To be clear, developers should only consider disabling ATS if other approaches to comply with ATS standards are unsuccessful.

Previously: App Transport Security.

Update (2015-09-23): Keith Harrison:

So did Apple change the ATS policy between the public and GM releases? It sure seems like it. Luckily I have the CFNetwork debug logs from the device for both the failing GM test and the successful public release test. I have filed a bug (22763438) with Apple to see if they can explain what is happening. If I learn something that changes how we need to use ATS I will update here.


A clue to what might be happening is in this Apple Developer forum thread. It seems there is/was a bug where setting NSExceptionRequiresForwardSecrecy had a side effect of relaxing the SHA-256 signature requirement. Maybe Apple has relaxed the requirement so as not to break any Apps that now depend on the undocumented side effect of disabling forward secrecy.

Update (2015-10-13): Tim Ekl:

ATS requirements apply at every step of a redirect. If you have a server rewriting URLs or otherwise redirecting to a different location, both that redirector and the new destination must meet ATS’s requirements.

It’s not possible to add dynamic ATS exceptions. Every exception must be given in your app’s Info.plist up front.

Playgrounds and SFSafariViewController both ignore ATS. The latter can be a great way to show user-generated Web content, such as in a social media app.

The Facebook App’s 18,000 Classes


Recently someone on reddit asked “How on earth is the Facebook app size so large ?”. The person asking the question realized that the ~100Mb compressed App Store archive wasn’t all assets - a very large portion was the application binary.

Note that you don’t have to jailbreak your device to see the contents of an app. You can just download the .ipa file to your Mac with iTunes.

And if you ever wonder about JavaScript slowing sites down, just try scrolling the linked blog in Safari.