I don’t know an exact scenario, but hacking a class name in an archive is a trivial way of substituting a malicious class type for any other type. It will negate whatever protections secure coding

Yes, I understand that writing the class name into the archive bypasses what secure coding is supposed to accomplish, though it adds a small extra hoop to jump through for a would-be

This sounds so right. But unfortunately doesn’t work for __NSCFConstantString, which returns that, and not NSString. I haven’t yet tried on other classes, but most of the time it’ll be a

I think you’re Doing It Wrong™. Your solution is effectively disabling secure coding, which solves your run-time error, but leaves you with the exact security vulnerability that secure coding is

In respect of this particular issue, I think if you call `classForCoder` rather than `class` on the object of interest, you'll get the portable class name ("NSString") you're looking for. -ben

Well, I figured out a solution, though I’m not sure — it seems slightly smelly, even though it looks neat from the outside and is easy to use. Would appreciate any feedback. Basically, I walk up

Hi Glenn, This seemed like a perfectly fine idea in this case, so I tried it. Now I get a new message spewed to the log: 2022-02-24 20:50:13.158117+1100 GCSimpleContainers[26354:31119213] [general]

A suggestion? Archive the class name as a part of your archiving process, then get the class instance by NSClassFromString. You can then use that as the parameter for decodeObjectOfClass:forKey:. It's

Hi all, I was working on some demo code investigating the use of secure archiving, since I guess we all have to adopt that if we can. I have a simple container class (a linked list) that I decided to

Xcode 13.1, iOS 25 SDK I have a UICollectionView (with a custom UICollectionViewLayout) which I am updating with a DiffableDataSource. This CollectionView displays a particular data object (with a

[I'd sent this to cocoa-dev@..., but ISTR that list is deprecated. Resending here.] I am working on a document storage format that consists of logical zones that nest. You can think of

Laurent, Have you tried -setCharactersToBeSkipped: Set that to skip new line, carriage return… Maybe that will work for you? Sandor

Anybody uses the Scanner class? I’m using an instance to extract some data from a string received from a web server. If I have a string that is “45\nBlah”, read the “45”, the scanner

I have a macOS app I’d like to embed an executable from a swift package. However, while I can add the swift package under the app target’s “Frameworks, Libraries, and Embedded Content”

also you can enlargen your screen resolution: apple->system prefs->displays->display resolution: scaled, click "more space" on the far right -dave

In a UIKit context, has anyone had experience/success in using async/await to synchronize a modal dialog with other logic? I've tried it a bit without success. I.e, given a presented dialog, I want to

I don’t know. I was at MorphoTrust in 2014 when we worked on what would become the Apple Drivers’ Licence app. I did the first iOS working prototype with Dan, Ted and Clayton. Our PM was Steve

Louisiana has had a driver’s license app for several years. Is that your work, Alex? Jack

My olden app has finally hit the market. https://www.macrumors.com/2021/09/01/apple-shares-us-states-adopting-wallet-ids/ It’s only taken 7 years since I worked on it. : ) Cheers to everyone

Has anyone found a workaround for the crash of WKWebKit under the above configuration? Xcode reposts “Error acquiring assertion” trying to display any webpage. A workaround to prevent the screen