I'm new to OS X application development, so bear with me.....I've got an OS X application that extensively uses a WebView to provide the user with a video conference/screensharing feature which relies on a browser plugin. The video plugin works when I have sandboxing disabled, but we'd like to distribute our app in the OS X App Store and need to get it to work with a sandboxed WebView.
My question is, how can I enable sandboxing and have my sandboxed WebView include the browser plugin? Can I bundle the plugin with the app and initialize the WebView with the plugin included? Is there an example of this somewhere in the Apple developer docs or somewhere on the Interwebs?
Simple answer: run as 32-bit.
Longer answer: On 10.7, you can load bundled plugins (from your bundle's Content/Plugins folder) within the sandbox provided you add a temporary mach-lookup exception for com.apple.WebKit.PluginAgent, and this works on both 32- and 64-bit binaries. On 10.8, when run as 64-bit, the plugin is reported as available, but will never load, and nothing is logged to the console to indicate the cause (or that anything has gone wrong). Presumably the plugin agent lacks sandbox permissions to start the plugin process and fails silently. When run in 32-bit, the plugin is run in-process, under the host applications sandbox entitlements.
I filed Apple bug #11900695 to report this back in July 2012, requesting to either make it work, or report the plugin as unavailable and log something. At this point it is still open.
Hope that helps!