Thank you!
Including ‘Content-Type’: ‘application/json’

I just looked at an Angular project that I’ve worked on (v17) and a production build has hashes in the file names. The index.html references the JS files with hashes. So, every time a build is created, the index.html gets updated with the new hashes.

I would guess that your problem is just with your index.html file being cached.

For Capacitor you’ll have to update to 5.7.4 or newer

If your problem is with the native Firebase SDK, why the AngularFire version matters? isn’t that just the javascript framework?

New plugins now include a Package.swift file where you can add swift packages as dependencies, but it will only work if users are using the Capacitor’s SPM template.

If you want to use CocoaPods, I found this package that allows to specify SPM dependencies inside the podspec file, but users will have to install that package for it to work.

Thanks for the response.
Yep looking to update to Capacitor 5.7.4 initially as that is an easy update.

You raise an interesting point with Firebase native vs JS, I’m not really sure how to connect them to know which SDKs listed by the app store relate to which packages in my project.

If I am not updating Firebase to 10.22.0 I will need to manually create a privacy manifest to cover all those SDKs, correct?

For example how would I find the correct info to add to the privacy manifest for Frameworks/FirebaseMessaging.framework/FirebaseMessaging or Frameworks/FBLPromises.framework/FBLPromises?

I can’t even find the text “FBLPromises” in my project. I guess I’ll need to search the native project in Xcode?

One option might be to create a new project and install the latest versions of all of these packages that automatically generate a privacy manifest and then copy that manifest to my project…

"@angular/fire": "^6.1.5",
"@capacitor-community/fcm": "^5.0.2",
"@capacitor-community/firebase-analytics": "^5.0.1",
"@capacitor-community/stripe": "^5.2.0",
"@capacitor/android": "^5.4.2",
"@capacitor/app": "^5.0.6",
"@capacitor/core": "^5.4.2",
"@capacitor/device": "^5.0.6",
"@capacitor/ios": "^5.4.2",
"@capacitor/keyboard": "^5.0.6",
"@capacitor/network": "^5.0.6",
"@capacitor/push-notifications": "^5.1.0",
"@capacitor/screen-orientation": "^5.0.7",
"@capacitor/splash-screen": "^5.0.6",
"@capacitor/status-bar": "^5.0.6",
"@pantrist/capacitor-firebase-dynamic-links": "^5.0.1",
"es6-promise-plugin": "^4.2.2",
"firebase": "^8.2.5",

devDependencies:
"@firebase/testing": "^0.20.11",

Try adding cache-busting techniques like appending a version query (?v=1.2.3) to file URLs or setting cache-control headers in your server (Cache-Control: no-cache, no-store, must-revalidate). This should force browsers to load the latest version.

In my Ionic app, I have an element I want to make sticky. Once the user scrolls the element into view, I want it to stay at the top of the screen no matter how far down the user scrolls.

I can’t get position: sticky to work.

I saw a thread on keeping content at the top, but the solution in that thread relies on ion-list. Is there a way to use sticky without using ion-list? Currently, my page consists of several divs and ion-toggle; the content I am trying to make sticky is a div tag that contains a single p tag and one line of text.

I’ve got a pretty complicated page structure and I hope to avoid rebuilding it to use ion-list just to make one thing sticky.

Check this website https://2scan.net/ I think will help you

Update:
I have manually created a privacy manifest file (PrivacyInfo.xcprivacy) but I am getting exactly the same issues for the same packages from App Store Connect.
Is it not recognizing the privacy manifest or is it incorrectly formated?

I added the privacy manifest in Xcode like so:

1. Selected my App/App folder in the project navigator
2. Selected File → New → File from the menu.
3. Selected App Privacy File type under Resources.
4. Checked my app target in the Targets list.
5. Clicked Create. This created a PrivacyInfo.xcprivacy file next to the Info.plist file.
6. Copied my manually created PrivacyInfo.xcprivacy content into this file in VSCode.

When I generate a Privacy Report from the organizer it seems to work.

PrivacyInfo.xcprivacy:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <!-- Global Tracking Settings -->
    <key>NSPrivacyTracking</key>
    <false/>
    <key>NSPrivacyTrackingDomains</key>
    <array/>
    
    <!-- Collected Data Types -->
    <key>NSPrivacyCollectedDataTypes</key>
    <array>
      <!-- NSPrivacyCollectedDataTypeOtherDiagnosticData -->
      <dict>
        <key>NSPrivacyCollectedDataType</key>
        <string>NSPrivacyCollectedDataTypeOtherDiagnosticData</string>
        <key>NSPrivacyCollectedDataTypeLinked</key>
        <false/>
        <key>NSPrivacyCollectedDataTypeTracking</key>
        <false/>
        <key>NSPrivacyCollectedDataTypePurposes</key>
        <array>
          <!-- From Firestore, Installations, GoogleDataTransport -->
          <string>NSPrivacyCollectedDataTypePurposeAnalytics</string>
          <!-- From Messaging -->
          <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
        </array>
      </dict>
      <!-- NSPrivacyCollectedDataTypeDeviceID from Messaging -->
      <dict>
        <key>NSPrivacyCollectedDataType</key>
        <string>NSPrivacyCollectedDataTypeDeviceID</string>
        <key>NSPrivacyCollectedDataTypeLinked</key>
        <false/>
        <key>NSPrivacyCollectedDataTypeTracking</key>
        <false/>
        <key>NSPrivacyCollectedDataTypePurposes</key>
        <array>
          <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
        </array>
      </dict>
      <!-- NSPrivacyCollectedDataTypeOtherDataTypes from Messaging and Dynamic Links -->
      <dict>
        <key>NSPrivacyCollectedDataType</key>
        <string>NSPrivacyCollectedDataTypeOtherDataTypes</string>
        <key>NSPrivacyCollectedDataTypeLinked</key>
        <false/>
        <key>NSPrivacyCollectedDataTypeTracking</key>
        <false/>
        <key>NSPrivacyCollectedDataTypePurposes</key>
        <array>
          <string>NSPrivacyCollectedDataTypePurposeAnalytics</string>
          <string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
        </array>
      </dict>
    </array>
    
    <!-- Accessed API Types -->
    <key>NSPrivacyAccessedAPITypes</key>
    <array>
      <!-- NSPrivacyAccessedAPICategoryFileTimestamp from Dynamic Links and GoogleUtilities -->
      <dict>
        <key>NSPrivacyAccessedAPIType</key>
        <string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
        <key>NSPrivacyAccessedAPITypeReasons</key>
        <array>
          <string>C617.1</string>
        </array>
      </dict>
      <!-- NSPrivacyAccessedAPICategoryUserDefaults from Firebase Core, Dynamic Links, and GoogleUtilities -->
      <dict>
        <key>NSPrivacyAccessedAPIType</key>
        <string>NSPrivacyAccessedAPICategoryUserDefaults</string>
        <key>NSPrivacyAccessedAPITypeReasons</key>
        <array>
          <string>CA92.1</string>
          <string>1C8F.1</string>
          <string>C56D.1</string>
        </array>
      </dict>
    </array>
  </dict>
</plist>

Email:

Please correct the following issues and upload a new binary to App Store Connect.

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/Capacitor.framework/Capacitor”, which includes Capacitor, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/Cordova.framework/Cordova”, which includes Cordova, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/FBLPromises.framework/FBLPromises”, which includes FBLPromises, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/FirebaseCore.framework/FirebaseCore”, which includes FirebaseCore, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/FirebaseCoreDiagnostics.framework/FirebaseCoreDiagnostics”, which includes FirebaseCoreDiagnostics, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/FirebaseDynamicLinks.framework/FirebaseDynamicLinks”, which includes FirebaseDynamicLinks, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/FirebaseInstallations.framework/FirebaseInstallations”, which includes FirebaseInstallations, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/FirebaseMessaging.framework/FirebaseMessaging”, which includes FirebaseMessaging, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/GoogleDataTransport.framework/GoogleDataTransport”, which includes GoogleDataTransport, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/GoogleUtilities.framework/GoogleUtilities”, which includes GoogleUtilities, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

ITMS-91061: Missing privacy manifest - Your app includes “Frameworks/nanopb.framework/nanopb”, which includes nanopb, an SDK that was identified in the documentation as a commonly used third-party SDK. If a new app includes a commonly used third-party SDK, or an app update adds a new commonly used third-party SDK, the SDK must include a privacy manifest file. Please contact the provider of the SDK that includes this file to get an updated SDK version with a privacy manifest. For more details about this policy, including a list of SDKs that are required to include signatures and manifests, visit: Page Not Found - Apple Developer

So GPT seems to think that each SDK needs its own file which means manually creating a manifest is a waste of time.

Anyone have any experience with this?

It looks like as of 12 Feb 2025 all SDKs require their own privacy manifest and signature.

Therefore it seems the manually creating a master privacy manifest is no longer possible and updating all packages / SDKs is the only option.

The rejection means that Apple isn’t recognizing your app’s combined privacy manifest as fulfilling the requirement—each third‑party SDK must include its own privacy manifest file inside its framework bundle.

What’s happening?
Apple’s guidelines require that every commonly used third‑party SDK (such as Capacitor, Cordova, FirebaseCore, etc.) embeds a PrivacyInfo.xcprivacy file in its own bundle. Adding one combined file at the app level (even if it covers all SDKs) isn’t sufficient. The error messages indicate that these frameworks don’t have their own embedded privacy manifests.

Ok, I found a way to make it work without ion-list. It was as simple as <div class='sticky'> and this CSS:

.sticky {
  position: sticky;
  top: 0;
  z-index: 100;
  // We must set the background so that text that rolls underneath isn't shown.
  background-color: var(--ion-background-color);
  border-bottom: 0.1rem dotted var(--ion-color-tertiary);
}

Not sure how this makes sense. In a default project, variables.scss is empty.

I’m trying to figure out how to always have light mode, regardless of the system setting. Currently, the ionic app switches between light and dark in accordance with the ios or android setting.

In the docs, there’s instructions on how to force dark mode, but not light. There’s an implication of that the light mode will be the default regardless of the system, but that’s not true at all.

Try adding this to global.scss:

scss

CopyEdit

body.camera-active {
  --background: transparent;
  --ion-background-color: transparent;
}

Then, add the class when the camera is active:

typescript

CopyEdit

document.body.classList.add('camera-active');

It should resolve the black screen issue.

Does anyone know what pricing or costs we might have if using Ionic Portals? The pricing does not seem to be very clear and we would like to know what we might be looking at if we decided to use Portals.

Corrected Version

Thanks,

Regarding Index.html, every time I run an Ionic build or use ionic build --prod, it always generates the same HTML file. How do I ensure there are new hash in the file?

Regarding the server, we are doing the following via the .htaccess file:

# Enable URL rewriting
RewriteEngine On

# Redirect all HTTP requests to HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Allow access to existing files and directories
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]

# Redirect all other requests to index.html
RewriteRule ^ index.html [L]

<IfModule mod_headers.c>
Header set Cache-Control "private"
</IfModule>

You can’t buy it anymore, see Important Announcement: The Future of Ionic’s Commercial Products - Ionic Blog

“fixed” it by setting padding-top: 20px on <ion-header> … if you’re using both mobile and web you can use Capacitor to check for the current platform and add or don’t a css class to the <ion-header> (in Vue you can do it with :class)

In regards to your index.html file, you aren’t seeing any hashes for JS file includes in the production build? If you see hashes, they aren’t necessarily going to change if you just rebuild without changing any code. Can you share what the file looks like, both the dev/raw version and the built/compiled version?

And for your .htaccess, I think you want the following instead of private (assuming that you have right syntax):

Header set Cache-Control "no-store"

Hi! Did you find a solution?