From 00fa6c7145f232e35595f71cebaa3d378f40d847 Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 18:31:07 -0700 Subject: [PATCH 1/8] gh-137586: Add MacOSX browser class using /usr/bin/open, deprecate MacOSXOSAScript Add a new MacOSX class that opens URLs via subprocess.run(['/usr/bin/open', ...]) instead of piping AppleScript to osascript. For named browsers, /usr/bin/open -a is used; for the default browser, /usr/bin/open defers directly to the OS URL handler. MacOSXOSAScript is deprecated with a DeprecationWarning pointing users to MacOSX. register_standard_browsers() is updated to use MacOSX for all macOS registrations. osascript is a general-purpose scripting interpreter that is routinely blocked on managed endpoints due to its abuse potential, causing webbrowser.open() to fail silently. /usr/bin/open is Apple's purpose-built URL-opening primitive and carries no such restrictions. This also eliminates the PATH-injection vector in the existing os.popen("osascript", "w") call. --- Lib/webbrowser.py | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/Lib/webbrowser.py b/Lib/webbrowser.py index 9ead2990e818e5..0d703aa2d4621e 100644 --- a/Lib/webbrowser.py +++ b/Lib/webbrowser.py @@ -491,10 +491,10 @@ def register_standard_browsers(): _tryorder = [] if sys.platform == 'darwin': - register("MacOSX", None, MacOSXOSAScript('default')) - register("chrome", None, MacOSXOSAScript('google chrome')) - register("firefox", None, MacOSXOSAScript('firefox')) - register("safari", None, MacOSXOSAScript('safari')) + register("MacOSX", None, MacOSX('default')) + register("chrome", None, MacOSX('google chrome')) + register("firefox", None, MacOSX('firefox')) + register("safari", None, MacOSX('safari')) # macOS can use below Unix support (but we prefer using the macOS # specific stuff) @@ -613,8 +613,27 @@ def open(self, url, new=0, autoraise=True): # if sys.platform == 'darwin': + class MacOSX(BaseBrowser): + """Launcher class for macOS browsers, using /usr/bin/open.""" + + def open(self, url, new=0, autoraise=True): + sys.audit("webbrowser.open", url) + self._check_url(url) + if self.name == 'default': + cmd = ['/usr/bin/open', url] + else: + cmd = ['/usr/bin/open', '-a', self.name, url] + proc = subprocess.run(cmd, stderr=subprocess.DEVNULL) + return proc.returncode == 0 + class MacOSXOSAScript(BaseBrowser): def __init__(self, name='default'): + import warnings + warnings.warn( + "MacOSXOSAScript is deprecated, use MacOSX instead.", + DeprecationWarning, + stacklevel=2, + ) super().__init__(name) def open(self, url, new=0, autoraise=True): From f697cd583cb4caa37404a58209cbe64b530482be Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 18:31:16 -0700 Subject: [PATCH 2/8] gh-137586: Add tests for MacOSX browser class and MacOSXOSAScript deprecation Add MacOSXTest covering default browser open, named browser open, and failure case (non-zero returncode). Add MacOSXOSAScriptDeprecationTest verifying that instantiating MacOSXOSAScript emits a DeprecationWarning. All tests mock subprocess.run. --- Lib/test/test_webbrowser.py | 43 +++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/Lib/test/test_webbrowser.py b/Lib/test/test_webbrowser.py index d5bb1400d2717a..94787bc39b8f7b 100644 --- a/Lib/test/test_webbrowser.py +++ b/Lib/test/test_webbrowser.py @@ -323,6 +323,49 @@ def close(self): return None +@unittest.skipUnless(sys.platform == "darwin", "macOS specific test") +@requires_subprocess() +class MacOSXTest(unittest.TestCase): + + def test_default_open(self): + browser = webbrowser.MacOSX('default') + with mock.patch('subprocess.run') as mock_run: + mock_run.return_value = mock.Mock(returncode=0) + result = browser.open(URL) + mock_run.assert_called_once_with( + ['/usr/bin/open', URL], + stderr=subprocess.DEVNULL, + ) + self.assertTrue(result) + + def test_named_open(self): + browser = webbrowser.MacOSX('safari') + with mock.patch('subprocess.run') as mock_run: + mock_run.return_value = mock.Mock(returncode=0) + result = browser.open(URL) + mock_run.assert_called_once_with( + ['/usr/bin/open', '-a', 'safari', URL], + stderr=subprocess.DEVNULL, + ) + self.assertTrue(result) + + def test_open_failure(self): + browser = webbrowser.MacOSX('default') + with mock.patch('subprocess.run') as mock_run: + mock_run.return_value = mock.Mock(returncode=1) + result = browser.open(URL) + self.assertFalse(result) + + +@unittest.skipUnless(sys.platform == "darwin", "macOS specific test") +@requires_subprocess() +class MacOSXOSAScriptDeprecationTest(unittest.TestCase): + + def test_deprecation_warning(self): + with self.assertWarns(DeprecationWarning): + webbrowser.MacOSXOSAScript('default') + + @unittest.skipUnless(sys.platform == "darwin", "macOS specific test") @requires_subprocess() class MacOSXOSAScriptTest(unittest.TestCase): From 77810331ec8cf82b6c217aa57b23a7d37c45eba2 Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 18:31:21 -0700 Subject: [PATCH 3/8] gh-137586: Document MacOSXOSAScript deprecation in webbrowser docs --- Doc/library/webbrowser.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Doc/library/webbrowser.rst b/Doc/library/webbrowser.rst index 389648d4f393e4..ff9e0627c18d16 100644 --- a/Doc/library/webbrowser.rst +++ b/Doc/library/webbrowser.rst @@ -205,6 +205,13 @@ Notes: (4) Only on iOS. +.. deprecated:: 3.14 + :class:`!MacOSXOSAScript` is deprecated in favour of :class:`!MacOSX`. + Using :program:`/usr/bin/open` instead of :program:`osascript` is a + security and usability improvement: :program:`osascript` may be blocked + on managed systems due to its abuse potential as a general-purpose + scripting interpreter. + .. versionadded:: 3.2 A new :class:`!MacOSXOSAScript` class has been added and is used on Mac instead of the previous :class:`!MacOSX` class. From 60662214f7c8cfc9b36ede6dbc611f137a0deff4 Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 18:42:25 -0700 Subject: [PATCH 4/8] gh-137586: Add NEWS entries for MacOSX webbrowser change --- .../Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst | 3 +++ .../Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst | 4 ++++ 2 files changed, 7 insertions(+) create mode 100644 Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst create mode 100644 Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst diff --git a/Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst b/Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst new file mode 100644 index 00000000000000..9903fdf93eaae2 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst @@ -0,0 +1,3 @@ +Add :class:`MacOSX` to :mod:`webbrowser` for macOS, which opens URLs via +``/usr/bin/open`` instead of piping AppleScript to ``osascript``. +Deprecate :class:`MacOSXOSAScript` in favour of :class:`MacOSX`. diff --git a/Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst b/Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst new file mode 100644 index 00000000000000..bfeecfcee0d1fc --- /dev/null +++ b/Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst @@ -0,0 +1,4 @@ +Fix a PATH-injection vulnerability in :mod:`webbrowser` on macOS where +``osascript`` was invoked without an absolute path. The new :class:`MacOSX` +class uses ``/usr/bin/open`` directly, eliminating the dependency on +``osascript`` entirely. From d54293f0a1906757d88fb5feed5c7aed3746eea0 Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 18:47:22 -0700 Subject: [PATCH 5/8] gh-137586: Fix NEWS entry class references with ! prefix to suppress Sphinx lookup --- .../Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst | 4 ++-- .../Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst b/Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst index 9903fdf93eaae2..bac380811f8275 100644 --- a/Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst +++ b/Misc/NEWS.d/next/Library/2026-03-26-01-42-20.gh-issue-137586.KmHRwR.rst @@ -1,3 +1,3 @@ -Add :class:`MacOSX` to :mod:`webbrowser` for macOS, which opens URLs via +Add :class:`!MacOSX` to :mod:`webbrowser` for macOS, which opens URLs via ``/usr/bin/open`` instead of piping AppleScript to ``osascript``. -Deprecate :class:`MacOSXOSAScript` in favour of :class:`MacOSX`. +Deprecate :class:`!MacOSXOSAScript` in favour of :class:`!MacOSX`. diff --git a/Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst b/Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst index bfeecfcee0d1fc..640d4caf4f732f 100644 --- a/Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst +++ b/Misc/NEWS.d/next/Security/2026-03-26-01-42-15.gh-issue-137586.j3SkOm.rst @@ -1,4 +1,4 @@ Fix a PATH-injection vulnerability in :mod:`webbrowser` on macOS where -``osascript`` was invoked without an absolute path. The new :class:`MacOSX` +``osascript`` was invoked without an absolute path. The new :class:`!MacOSX` class uses ``/usr/bin/open`` directly, eliminating the dependency on ``osascript`` entirely. From 080197ecd7ceef50d667ff7c8984eb36f58db14a Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 19:09:35 -0700 Subject: [PATCH 6/8] gh-137586: Fix MacOSXOSAScriptTest for MacOSX registration change - Add test_default to MacOSXTest asserting webbrowser.get() returns MacOSX - Remove test_default from MacOSXOSAScriptTest (no longer the registered default) - Suppress DeprecationWarning in MacOSXOSAScriptTest setUp and test_explicit_browser using warnings.catch_warnings() so tests for OSAScript behaviour still run cleanly - Add warnings import --- Lib/test/test_webbrowser.py | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/Lib/test/test_webbrowser.py b/Lib/test/test_webbrowser.py index 94787bc39b8f7b..827d26eddba271 100644 --- a/Lib/test/test_webbrowser.py +++ b/Lib/test/test_webbrowser.py @@ -5,6 +5,7 @@ import subprocess import sys import unittest +import warnings import webbrowser from test import support from test.support import force_not_colorized_test_class @@ -327,6 +328,11 @@ def close(self): @requires_subprocess() class MacOSXTest(unittest.TestCase): + def test_default(self): + browser = webbrowser.get() + self.assertIsInstance(browser, webbrowser.MacOSX) + self.assertEqual(browser.name, 'default') + def test_default_open(self): browser = webbrowser.MacOSX('default') with mock.patch('subprocess.run') as mock_run: @@ -377,16 +383,14 @@ def setUp(self): env.unset("BROWSER") support.patch(self, os, "popen", self.mock_popen) + self.enterContext(warnings.catch_warnings()) + warnings.simplefilter("ignore", DeprecationWarning) self.browser = webbrowser.MacOSXOSAScript("default") def mock_popen(self, cmd, mode): self.popen_pipe = MockPopenPipe(cmd, mode) return self.popen_pipe - def test_default(self): - browser = webbrowser.get() - assert isinstance(browser, webbrowser.MacOSXOSAScript) - self.assertEqual(browser.name, "default") def test_default_open(self): url = "https://python.org" @@ -413,7 +417,9 @@ def test_default_browser_lookup(self): self.assertIn(f'open location "{url}"', script) def test_explicit_browser(self): - browser = webbrowser.MacOSXOSAScript("safari") + with warnings.catch_warnings(): + warnings.simplefilter("ignore", DeprecationWarning) + browser = webbrowser.MacOSXOSAScript("safari") browser.open("https://python.org") script = self.popen_pipe.pipe.getvalue() self.assertIn('tell application "safari"', script) From fdd664965f21bf8eb79812c995a0f990eff6743c Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 20:01:44 -0700 Subject: [PATCH 7/8] gh-137586: Use bundle IDs in MacOSX to prevent file injection via OS handler For non-http(s) URLs (e.g. file://), /usr/bin/open dispatches via the OS file handler, which would launch an .app bundle rather than open it in a browser. Fix this by routing non-http(s) URLs through the browser explicitly using /usr/bin/open -b . Named browsers use a static bundle ID map (Chrome, Firefox, Safari, Chromium, Opera, Edge). Unknown named browsers fall back to -a. For the default browser, the bundle ID is resolved at runtime via the Objective-C runtime using NSWorkspace.URLForApplicationToOpenURL, the same lookup MacOSXOSAScript performed via AppleScript. Falls back to direct open if ctypes is unavailable. http/https URLs with the default browser continue to use /usr/bin/open directly, as macOS always routes these to the registered browser. --- Lib/test/test_webbrowser.py | 49 +++++++++++++++++-- Lib/webbrowser.py | 98 +++++++++++++++++++++++++++++++++++-- 2 files changed, 141 insertions(+), 6 deletions(-) diff --git a/Lib/test/test_webbrowser.py b/Lib/test/test_webbrowser.py index 827d26eddba271..d0ca2c53338bce 100644 --- a/Lib/test/test_webbrowser.py +++ b/Lib/test/test_webbrowser.py @@ -333,7 +333,8 @@ def test_default(self): self.assertIsInstance(browser, webbrowser.MacOSX) self.assertEqual(browser.name, 'default') - def test_default_open(self): + def test_default_http_open(self): + # http/https URLs use /usr/bin/open directly — no bundle ID needed. browser = webbrowser.MacOSX('default') with mock.patch('subprocess.run') as mock_run: mock_run.return_value = mock.Mock(returncode=0) @@ -344,17 +345,59 @@ def test_default_open(self): ) self.assertTrue(result) - def test_named_open(self): + def test_default_non_http_uses_bundle_id(self): + # Non-http(s) URLs (e.g. file://) must be routed through the browser + # via -b to prevent OS file handler dispatch. + file_url = 'file:///tmp/test.html' + browser = webbrowser.MacOSX('default') + with mock.patch('webbrowser._macos_default_browser_bundle_id', + return_value='com.apple.Safari'), \ + mock.patch('subprocess.run') as mock_run: + mock_run.return_value = mock.Mock(returncode=0) + result = browser.open(file_url) + mock_run.assert_called_once_with( + ['/usr/bin/open', '-b', 'com.apple.Safari', file_url], + stderr=subprocess.DEVNULL, + ) + self.assertTrue(result) + + def test_default_non_http_fallback_when_no_bundle_id(self): + # If the bundle ID lookup fails, fall back to /usr/bin/open without -b. + file_url = 'file:///tmp/test.html' + browser = webbrowser.MacOSX('default') + with mock.patch('webbrowser._macos_default_browser_bundle_id', + return_value=None), \ + mock.patch('subprocess.run') as mock_run: + mock_run.return_value = mock.Mock(returncode=0) + browser.open(file_url) + mock_run.assert_called_once_with( + ['/usr/bin/open', file_url], + stderr=subprocess.DEVNULL, + ) + + def test_named_known_browser_uses_bundle_id(self): + # Named browsers with a known bundle ID use /usr/bin/open -b. browser = webbrowser.MacOSX('safari') with mock.patch('subprocess.run') as mock_run: mock_run.return_value = mock.Mock(returncode=0) result = browser.open(URL) mock_run.assert_called_once_with( - ['/usr/bin/open', '-a', 'safari', URL], + ['/usr/bin/open', '-b', 'com.apple.Safari', URL], stderr=subprocess.DEVNULL, ) self.assertTrue(result) + def test_named_unknown_browser_falls_back_to_dash_a(self): + # Named browsers not in the bundle ID map fall back to -a. + browser = webbrowser.MacOSX('lynx') + with mock.patch('subprocess.run') as mock_run: + mock_run.return_value = mock.Mock(returncode=0) + browser.open(URL) + mock_run.assert_called_once_with( + ['/usr/bin/open', '-a', 'lynx', URL], + stderr=subprocess.DEVNULL, + ) + def test_open_failure(self): browser = webbrowser.MacOSX('default') with mock.patch('subprocess.run') as mock_run: diff --git a/Lib/webbrowser.py b/Lib/webbrowser.py index 0d703aa2d4621e..ef8947122bfb90 100644 --- a/Lib/webbrowser.py +++ b/Lib/webbrowser.py @@ -613,16 +613,108 @@ def open(self, url, new=0, autoraise=True): # if sys.platform == 'darwin': + def _macos_default_browser_bundle_id(): + """Return the bundle ID of the default web browser via NSWorkspace. + + Uses the Objective-C runtime directly to call + NSWorkspace.sharedWorkspace().URLForApplicationToOpenURL() with a + probe https:// URL, then reads the bundle identifier from the + resulting NSBundle. Returns None if ctypes is unavailable or the + lookup fails for any reason. + """ + try: + from ctypes import cdll, c_void_p, c_char_p + from ctypes.util import find_library + + objc = cdll.LoadLibrary(find_library('objc')) + objc.objc_getClass.restype = c_void_p + objc.sel_registerName.restype = c_void_p + objc.objc_msgSend.restype = c_void_p + + def cls(name): + return objc.objc_getClass(name) + + def sel(name): + return objc.sel_registerName(name) + + # Build probe NSURL for "https://python.org" + NSString = cls(b'NSString') + objc.objc_msgSend.argtypes = [c_void_p, c_void_p, c_char_p] + ns_str = objc.objc_msgSend( + NSString, sel(b'stringWithUTF8String:'), b'https://python.org' + ) + + NSURL = cls(b'NSURL') + objc.objc_msgSend.argtypes = [c_void_p, c_void_p, c_void_p] + probe_url = objc.objc_msgSend(NSURL, sel(b'URLWithString:'), ns_str) + + # Ask NSWorkspace which app handles https:// + NSWorkspace = cls(b'NSWorkspace') + objc.objc_msgSend.argtypes = [c_void_p, c_void_p] + workspace = objc.objc_msgSend(NSWorkspace, sel(b'sharedWorkspace')) + + objc.objc_msgSend.argtypes = [c_void_p, c_void_p, c_void_p] + app_url = objc.objc_msgSend( + workspace, sel(b'URLForApplicationToOpenURL:'), probe_url + ) + + # Get bundle identifier from that app's NSBundle + NSBundle = cls(b'NSBundle') + bundle = objc.objc_msgSend(NSBundle, sel(b'bundleWithURL:'), app_url) + + objc.objc_msgSend.argtypes = [c_void_p, c_void_p] + bundle_id_ns = objc.objc_msgSend(bundle, sel(b'bundleIdentifier')) + + objc.objc_msgSend.restype = c_char_p + bundle_id_bytes = objc.objc_msgSend(bundle_id_ns, sel(b'UTF8String')) + return bundle_id_bytes.decode() if bundle_id_bytes else None + except Exception: + return None + class MacOSX(BaseBrowser): - """Launcher class for macOS browsers, using /usr/bin/open.""" + """Launcher class for macOS browsers, using /usr/bin/open. + + For http/https URLs with the default browser, /usr/bin/open is called + directly; macOS routes these to the registered browser. + + For all other URL schemes (e.g. file://) and for named browsers, + /usr/bin/open -b is used so that the URL is always passed + to a browser application rather than dispatched by the OS file handler. + This prevents file injection attacks where a file:// URL pointing to an + executable bundle could otherwise be launched by the OS. + + Named browsers with known bundle IDs use -b; unknown names fall back + to -a. + """ + + _BUNDLE_IDS = { + 'google chrome': 'com.google.Chrome', + 'firefox': 'org.mozilla.firefox', + 'safari': 'com.apple.Safari', + 'chromium': 'org.chromium.Chromium', + 'opera': 'com.operasoftware.Opera', + 'microsoft edge': 'com.microsoft.Edge', + } def open(self, url, new=0, autoraise=True): sys.audit("webbrowser.open", url) self._check_url(url) if self.name == 'default': - cmd = ['/usr/bin/open', url] + proto, sep, _ = url.partition(':') + if sep and proto.lower() in {'http', 'https'}: + cmd = ['/usr/bin/open', url] + else: + bundle_id = _macos_default_browser_bundle_id() + if bundle_id: + cmd = ['/usr/bin/open', '-b', bundle_id, url] + else: + cmd = ['/usr/bin/open', url] else: - cmd = ['/usr/bin/open', '-a', self.name, url] + bundle_id = self._BUNDLE_IDS.get(self.name.lower()) + if bundle_id: + cmd = ['/usr/bin/open', '-b', bundle_id, url] + else: + cmd = ['/usr/bin/open', '-a', self.name, url] proc = subprocess.run(cmd, stderr=subprocess.DEVNULL) return proc.returncode == 0 From 8e1eef4b96c595ab818cec6c8909c801157d169f Mon Sep 17 00:00:00 2001 From: Jeffrey Lyon Date: Wed, 25 Mar 2026 20:06:27 -0700 Subject: [PATCH 8/8] gh-137586: Load AppKit before NSWorkspace lookup in _macos_default_browser_bundle_id NSWorkspace is an AppKit class and is not registered in the ObjC runtime until AppKit is loaded. Without the explicit LoadLibrary call, objc_getClass returns nil for NSWorkspace, causing the entire lookup to silently fall back to /usr/bin/open without -b. --- Lib/webbrowser.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Lib/webbrowser.py b/Lib/webbrowser.py index ef8947122bfb90..5722916daec5b5 100644 --- a/Lib/webbrowser.py +++ b/Lib/webbrowser.py @@ -626,6 +626,10 @@ def _macos_default_browser_bundle_id(): from ctypes import cdll, c_void_p, c_char_p from ctypes.util import find_library + # NSWorkspace is an AppKit class; load AppKit to register it. + cdll.LoadLibrary( + '/System/Library/Frameworks/AppKit.framework/AppKit' + ) objc = cdll.LoadLibrary(find_library('objc')) objc.objc_getClass.restype = c_void_p objc.sel_registerName.restype = c_void_p @@ -652,18 +656,26 @@ def sel(name): NSWorkspace = cls(b'NSWorkspace') objc.objc_msgSend.argtypes = [c_void_p, c_void_p] workspace = objc.objc_msgSend(NSWorkspace, sel(b'sharedWorkspace')) + if not workspace: + return None objc.objc_msgSend.argtypes = [c_void_p, c_void_p, c_void_p] app_url = objc.objc_msgSend( workspace, sel(b'URLForApplicationToOpenURL:'), probe_url ) + if not app_url: + return None # Get bundle identifier from that app's NSBundle NSBundle = cls(b'NSBundle') bundle = objc.objc_msgSend(NSBundle, sel(b'bundleWithURL:'), app_url) + if not bundle: + return None objc.objc_msgSend.argtypes = [c_void_p, c_void_p] bundle_id_ns = objc.objc_msgSend(bundle, sel(b'bundleIdentifier')) + if not bundle_id_ns: + return None objc.objc_msgSend.restype = c_char_p bundle_id_bytes = objc.objc_msgSend(bundle_id_ns, sel(b'UTF8String'))