[webkit-help] App Store rejection because of private APIs in embedded WebKit

Daniel R. Schneider drs at digital-lifestyle.ch
Wed Dec 29 07:29:09 PST 2010


I submitted a browser application (Safe Exam Browser) to the Mac App Store which is using an embedded WebKit (frameworks JavaScriptCore, JavaScriptGlue, WebCore and WebKit, build from the WebKit source tree). The reason for using a private embedded copy of WebKit is that the secure browser should be independent from the systems' WebKit which can get updated anytime by Safari updates and therefore could change the rendering of existing web content used for exams.

Apple didn't mind that (until now, maybe they just didn't realize), but they found that my application seems to use these private APIs:
"_NSPopUpCarbonMenu3,_CFBundleSetDefaultLocalization,kCAContextPortNumber and dispatch_source_mig_create that are included in your application comes from the following private Apple frameworks - AppKit.framework, CoreFoundation.framework,QuartzCore.framework and libSystem.B.dylib."

I'm sure I'm not using any private APIs in my own code, it seems the WebKit build is using those somewhere. I tried to search the WebKit source, but also didn't find any of the mentioned APIs.

Does anybody have an idea why Apple's App scanning shows these APIs to be used? If I would know where in WebKit these APIs are used it would maybe be possible to replace them with public APIs(?)...

I would be thankful for any help or idea. Greetings Daniel 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3936 bytes
Desc: not available
URL: <http://lists.webkit.org/pipermail/webkit-help/attachments/20101229/fc73ef36/attachment.bin>

More information about the webkit-help mailing list