Flutter app references private classes on iOS

[aj-dt]

Flutter apps reference private classes __UIVisualEffectBackdropView and __UIVisualEffectSubview on iOS.

Although this has so far not resulted in app rejections, it is a risk factor for anyone relying on the Flutter platform given Apple's notoriously opaque app submission process.

Steps to Reproduce

This is visible directly in the code, e.g. FlutterPlatformViews_Internal.mm:

UIView* view = visualEffectView.subviews[i];
if ([view isKindOfClass:NSClassFromString(@"_UIVisualEffectBackdropView")]) {
  ...
}

Or, if one unpacks a flutter-built ipa:

flutter create private_repro1
cd private_repro1
flutter build ipa --release
cd build/ios/ipa
unzip private_repro1.ipa
cd private_repro1
strings Frameworks/Flutter.framework/Flutter| grep UIVisualEffect

Expected results:

There would be no reference to private iOS classes

Actual results:

As of flutter 3.7.8 there are references to two private classes:

strings Frameworks/Flutter.framework/Flutter| grep UIVisualEffect
_UIVisualEffectBackdropView
_UIVisualEffectSubview

Code sample

Logs

[exaby73]

Hello @aj-dt. Could you link to Apple docs specifying that private classes should not be used?

[aj-dt]

Hi @exaby73,
Apple's Developer License Agreement[1], section 3.3.1:

Applications may only use Documented APIs in the manner prescribed by Apple and must not use or call any private APIs

Although it does not reference classes directly, Apple are not exactly known for their laissez faire interpretation of their own rules. While this usage has apparently been tolerated, it represents a risk that could start causing rejections at any time.

[1] https://developer.apple.com/support/downloads/terms/apple-developer-program/Apple-Developer-Program-License-Agreement-20220606-English.pdf

[exaby73]

This seems very vague to me. It doesn't really specify what the meaning of a "private API" is. I'll leave this for interpretation and label this issue

[leighajarett]

Thanks for flagging this! These APIs were used to add blurs on Platform Views (#43902).

In the design doc, we called out some risks and a future plan to migrate to use SwiftUI. For now, we will keep this as a lower priority, but we will continue to investigate the migration for the future.

[hellohuanlin]

I wouldn't worry about it - it's not invoking any private methods

[EthanArbuckle]

Hello!

I wouldn't worry about it - it's not invoking any private methods

Any references to such APIs (which includes selectors, classes, or symbols) all fall into the category of "using a non-public API".

Applications may only use Documented APIs in the manner prescribed by Apple and must not use or call any private APIs

This seems very vague to me. It doesn't really specify what the meaning of a "private API" is

I agree Apple could have been more clear here; they have a known history of not documenting their "blockers" very well (likely on purpose to avoid people finding workarounds). However, their language is more verbose when you actually receive one of the blockers. I'll include some real examples below, but i'd first like to note why I believe this symbol to be non-public:

1. The class is prefixed with _, a well-known indicator of something being non-public. Examples of this are Class Clusters, such as __NSDictionaryIor __NSCFString (you've likely seen these show up in crashes/stacktraces before, but you'll find no public documentation from Apple on them because they are non-public and should not be used directly).

2. No header exists for the _UIVisualEffectSubview class. If an API is excluded from the public SDK, and can only be accessed by doing dynamic class lookups (NSClassFromString()), Apple did not intend for you to access it.

3. The UIKit binary that implements this class is located in a directory named PrivateFrameworks:

Now, for some examples of real-world rejection Apple has issued regarding Non-Public API Usage. Apple's internal ID for Non-Public API Usage blockers is ITMS-90338 -- searching around for this will yield many examples of rejections developers have received. The language varies slightly between some of them so I'll highlight a couple different ones i've encountered.

1. ITMS-90338: Non-public API usage - The app references non-public selectors:

The app references non-public selectors. If method names in your source code match the private Apple APIs listed above, altering your method names will help prevent this app from being flagged in future submissions. In addition, note that one or more of the above APIs may be located in a static library that was included with your app. If so, they must be removed.

Real examples of developers being blocked:

• IOS publish facebook/react-native#31507 (comment)
• https://developercommunity.visualstudio.com/t/apple-rejects-ios-app-itms-90338-non-public-api-us/1162371

2. ITMS-90338: Non-public API usage - The app references non-public symbols:

The app references non-public symbols in APP NAME: _SSL_CTX_set_options, _SSL_session_reused. If method names in your source code match the private Apple APIs listed above, altering your method names will help prevent this app from being flagged in future submissions.

Real examples of developers being blocked:

• https://developer.apple.com/forums/thread/88193
• https://stackoverflow.com/questions/74681508/react-native-68-5-ios-archive-upload-itms-90338-non-public-api-usage-ssl-c?rq=1
• flutter build ios --release may use a debug Flutter.framework by mistake #37850

You'll see that the last example was on this repo. Flutter was referencing a private symbol, and the Flutter team had to remove it to stay compliant with Apple's rules.

Given the precedence of apps being blocked for simply referencing non-public APIs, and the history of the Flutter team recognizing that private APIs should not be used, I'd hope for this issue to be considered higher priority than what I feel it is currently assessed at.

Please let me know if you have any questions or if you'd like me to further clarify any of the points I made.

I appreciate you taking the time to consider this.

Thanks!
EA

[github-actions]

This thread has been automatically locked since there has not been any recent activity after it was closed. If you are still experiencing a similar issue, please open a new bug, including the output of flutter doctor -v and a minimal reproduction of the issue.