Feature or enhancement
Proposal:
We should modernize the macOS implementation of webbrowser.open() by replacing the legacy osascript-based code with Apple’s purpose-built /usr/bin/open utility.
Current Issues
The existing MacOSXOSAScript class builds a short AppleScript and executes it via osascript.
Usability Concerns
On managed enterprise Macs (using MDM/EDR tools such as CrowdStrike, SentinelOne, Jamf, or Santa), osascript is often monitored or restricted due to its abuse in malware campaigns. When this happens, webbrowser.open() fails silently or with unclear errors, breaking a simple, commonly used API for developers and applications.
Security Risk
osascript is a general-purpose scripting interpreter and a classic Living-Off-the-Land binary (LOOBin). It was part of the macOS payload in the recent Axios npm supply-chain attack (March 31, 2026). Even after the PATH-lookup fix, it still requires constructing and executing AppleScript, a more powerful mechanism than needed just to open a URL. This increases the stdlib attack surface and ties Python to a binary that security teams frequently treat with caution.
Proposed Change
PR #146439 implements a cleaner alternative:
- Introduces a new
MacOSX class that uses /usr/bin/open (absolute path) via subprocess.run with a safe argument list.
- Uses
open -b <bundle-id> (e.g., com.google.Chrome) for known browsers to explicitly target the intended application.
- Safely handles non-HTTP(S) URLs to avoid unintended OS file-handler behavior.
- Completely removes AppleScript construction.
- Deprecates the old
MacOSXOSAScript class with a clear DeprecationWarning.
The change maintains full backward compatibility (including named browser support) and simplifies the code.
Why This Is Worth Doing
This is a low-risk improvement that:
- Improves reliability for enterprise and security-conscious users.
- Reduces the security footprint by eliminating dependency on a general-purpose scripting tool.
- Aligns the stdlib with modern macOS practices.
Next Steps
Has this already been discussed elsewhere?
I have already discussed this feature proposal on Discourse
Links to previous discussion of this feature:
https://discuss.python.org/t/security-and-usability-improvement-for-webbrowser-open-on-macos-replace-osascript-with-usr-bin-open/106943
Feature or enhancement
Proposal:
We should modernize the macOS implementation of
webbrowser.open()by replacing the legacyosascript-based code with Apple’s purpose-built/usr/bin/openutility.Current Issues
The existing
MacOSXOSAScriptclass builds a short AppleScript and executes it viaosascript.Usability Concerns
On managed enterprise Macs (using MDM/EDR tools such as CrowdStrike, SentinelOne, Jamf, or Santa),
osascriptis often monitored or restricted due to its abuse in malware campaigns. When this happens,webbrowser.open()fails silently or with unclear errors, breaking a simple, commonly used API for developers and applications.Security Risk
osascriptis a general-purpose scripting interpreter and a classic Living-Off-the-Land binary (LOOBin). It was part of the macOS payload in the recent Axios npm supply-chain attack (March 31, 2026). Even after the PATH-lookup fix, it still requires constructing and executing AppleScript, a more powerful mechanism than needed just to open a URL. This increases the stdlib attack surface and ties Python to a binary that security teams frequently treat with caution.Proposed Change
PR #146439 implements a cleaner alternative:
MacOSXclass that uses/usr/bin/open(absolute path) viasubprocess.runwith a safe argument list.open -b <bundle-id>(e.g.,com.google.Chrome) for known browsers to explicitly target the intended application.MacOSXOSAScriptclass with a clearDeprecationWarning.The change maintains full backward compatibility (including named browser support) and simplifies the code.
Why This Is Worth Doing
This is a low-risk improvement that:
Next Steps
MacOSXOSAScriptclass in Python 3.15 or 3.16.Has this already been discussed elsewhere?
I have already discussed this feature proposal on Discourse
Links to previous discussion of this feature:
https://discuss.python.org/t/security-and-usability-improvement-for-webbrowser-open-on-macos-replace-osascript-with-usr-bin-open/106943