Friday
Hello everyone,
After looking around for a little bit, borrowing from a few forums to make a script that adds exceptions to the popup portion of Safari's settings. I thought I would include this for anyone who would want to add it. Keep in mind this particular script is made to run on check-in. During my testing i was running through self service or a custom trigger via terminal and i came across errors trying to get terminal to call the custom trigger. Custom triggers + this policy will not work unless you grant terminal Full disk access.
#!/bin/zsh
# Quit Safari to ensure the database is not locked
killall Safari
# Add or update site entries in Safari's PerSitePreferences.db
addOrUpdateSiteEntries() {
for site in "${PUsites[@]}"; do
# Check if the site already exists in the database
existingEntry=$(sudo -u "$loggedInUser" sqlite3 "$db" "SELECT preference_value FROM preference_values WHERE domain='${site}' AND preference='PerSitePreferencesPopUpWindow';")
if [[ -n "$existingEntry" ]]; then
# If the site exists, update the preference to allow pop-ups
sudo -u "$loggedInUser" sqlite3 "$db" "UPDATE preference_values SET preference_value='2' WHERE domain='${site}' AND preference='PerSitePreferencesPopUpWindow';"
if [[ $? -eq 0 ]]; then
echo "Site $site preference updated to allow pop-ups."
else
echo "Failed to update site $site preference."
fi
else
# If the site does not exist, insert a new entry
sudo -u "$loggedInUser" sqlite3 "$db" "INSERT INTO preference_values (id, domain, preference, preference_value) VALUES (NULL,'${site}', 'PerSitePreferencesPopUpWindow', '2');"
if [[ $? -eq 0 ]]; then
echo "Site $site has been added to allow pop-ups."
else
echo "Failed to add site $site."
fi
fi
done
}
# List of sites to allow pop-ups, ensure they're in an array
PUsites=("websitenamehere.com" "websitenamehere2.com")
# Get the logged-in user
loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
# Database location
db="/Users/$loggedInUser/Library/Safari/PerSitePreferences.db"
# Ensure the database file exists
if [[ ! -f "$db" ]]; then
echo "Database file $db does not exist. Exiting script."
exit 1
fi
# Add or update the site entries
addOrUpdateSiteEntries