Skip to content

Commit

Permalink
updated the checks for the receipt signature so that they only run if…
Browse files Browse the repository at this point in the history
… we can't verify the environment from the receipt itself
  • Loading branch information
aboedo committed May 8, 2024
1 parent 8438f5f commit e1df30d
Showing 1 changed file with 10 additions and 3 deletions.
13 changes: 10 additions & 3 deletions Sources/Misc/SandboxEnvironmentDetector.swift
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,14 @@ final class BundleSandboxEnvironmentDetector: SandboxEnvironmentDetector {
}

#if os(macOS) || targetEnvironment(macCatalyst)
return !self.isProductionReceipt || !self.isMacAppStore
// this relies on an undocumented field in the receipt that provides the Environment.
// if it's not present, we go to a secondary check.
if let isProductionReceipt = self.isProductionReceipt {
return !isProductionReceipt
} else {
return !self.isMacAppStore
}

#else
return path.contains("sandboxReceipt")
#endif
Expand All @@ -73,12 +80,12 @@ extension BundleSandboxEnvironmentDetector: Sendable {}

private extension BundleSandboxEnvironmentDetector {

var isProductionReceipt: Bool {
var isProductionReceipt: Bool? {
do {
return try self.receiptFetcher.fetchAndParseLocalReceipt().environment == .production
} catch {
Logger.error(Strings.receipt.parse_receipt_locally_error(error: error))
return false
return nil
}
}

Expand Down

0 comments on commit e1df30d

Please sign in to comment.