Release Notes for Safari Technology Preview 47

Safari Technology Preview Release 47 is now available for download for macOS Sierra and macOS High Sierra. If you already have Safari Technology Preview installed, you can update from the Mac App Store’s Updates tab. This release covers WebKit revisions 225841-226358.

This release contains the Spectre mitigations released in iOS 11.2.2, the High Sierra 10.13.2 supplemental update, and Safari 11.0.2 reissue released on Monday, January 8. For more information about Spectre, see What Spectre and Meltdown Mean For WebKit.

Storage Access API

This is a newly proposed API (WhatWG issue) that can be enabled in the Develop menu under Experimental Features. Cookies partitioned by Safari’s Intelligent Tracking Prevention can be accessed in an iframe loaded from the cookie’s domain by calling document.requestStorageAccess() in a click event handler. When the returned promise resolves, the first-party cookies in that iframe will be accessible. There is also the convenience function document.hasStorageAccess() available that doesn’t require a click.

  • Enabled allowing requests from non-sandboxed <iframes> (r226244)
  • Implemented frame-specific access in the document.cookie layer (r225934)
  • Made document.hasStorageAccess() retrieve the current status from the network process (r226016)
  • Refactored XPC for access removal to go straight from the web process to the network process (r226389)

Service Workers

  • Added support for response blob given to fetch events (r226066)
  • Changed extracting a body of type Blob to set the Content-Type to null instead of an empty string (r226162)
  • Changed to use “error” redirect mode for fetching service worker scripts (r226087)
  • Changed the Service Worker script fetch request to set the Service-Worker header (r225996)
  • Changed Service Worker to not clean HTTP headers added by the application or by Fetch specification before Service Worker interception (r226126)
  • Fixed the default scope used when registering a service worker (r226096)
  • Fixed the Service Worker Registration promise sometimes not getting rejected when the script load fails (r225975)
  • Fixed Service Worker served response tainting to keep its tainting (r226090)
  • Fixed scopeURL to start with the provided scriptURL (r226141)
  • Fixed self.importScripts() to obey updateViaCache inside service workers (r225940)
  • Fixed Fetch handling to wait for the Service Worker’s state to become activated (r226136)
  • Fixed SameOrigin and CORS fetch to fail on opaque responses served from a Service Worker (r226084)
  • Fixed memory cache to not reuse resources with a different credential fetch option (r226333)
  • Prevented searching for service worker registration for non-HTTP navigation loads (r226185, r226200)
  • Supported Service Worker interception of a request with blob body (r226191)

Media

  • Enabled picture-in-picture from an inline element on suspend (r226217)
  • Fixed playing media elements which call “pause(); play()” getting the play promise rejected (r226059, r226150)
  • Implemented <iframe allow="camera; microphone"> (r225963)

Rendering

  • Fixed elements animated on-screen that are sometimes missing (r225983)
  • Fixed setting the fePointLights color (r226317)
  • Fixed the color of the bottom right pixel of feDiffuseLighting (r226316)
  • Fixed SVG lighting colors to be converted into linearSRGB (r226315)
  • Updated the SVG use element’s shadow trees explicitly before the style recall (r225868)

Web Inspector

  • Enabled the Canvas Tab by default (r225979)
  • Improved open time performance when enumerating system fonts (r226352)
  • Fixed Command-Option-R (⌘⌥R) in the docked inspector causing Web Inspector to reload instead of the inspected page (r225907)
  • Fixed the URL filter in the Network Tab to be case-insensitive like filter bars in other tabs (r225939)
  • Fixed mis-sized waterfall graphs in the Network Tab after closing the detail view (r226070)
  • Redesigned the waterfall popover showing timing data in the Network Tab table (r226158)
  • Updated the Time column in the Network Tab table to include the total duration not just the download duration (r226151)
  • Added an inline swatch for CSS variables in the Styles sidebar (r226079)
  • Added support for typing a semicolon at the end of a value to move to the next property in the Styles sidebar (r226149)
  • Enabled Command-S (⌘S) to save changes in the matching CSS resource in the Styles sidebar (r226082)
  • Fixed selecting text in the Styles sidebar to not add new properties (r225945)
  • Implemented clicking above the selector to prepend a new property in the Styles sidebar (r225968)

Clipboard API

  • Fixed isSafari runtime check to enable custom clipboard types and clipboard data sanitization in Safari Technology Preview (r226215)
  • Fixed not being able to paste images on Gmail (r226173)
  • Reverted blob URL conversions in pasted contents for LegacyWebKit clients (r226156)

Bug Fix

  • Avoided waking plugin process up unnecessarily (r225984)

Storage Access API: Refactor XPC for access removal to go straight from the web process to the network process (r226389)