Safari Web Archive and Malware Security

I sometimes save an article, in one of my online newspapers subscriptions, as a web archive for reading offline, or sometimes to print
I notice most notably in Monterey, see screenshot.
However, these archives can be dropped onto an open page in Safari, and be opened.

I’m not too surprised. A webarchive should be treated as an application, because it may contain scripts that could be malicious.

Anything a web browser downloads on macOS is saved with a Quantine flag indicating that it contains downloaded content. When double-clicked, Gatekeeper audits it before it can be opened.

Objects that have no digitial signature or where the signature can’t be validated (like the webarchive in your example) can’t be automatically opened with a double-click. This is to force you to be aware of the fact that it was downloaded from an unknown source.

You can, however, open it from within an app (as you did). You should also be able to right-click it and select “Open” from the popup menu (at which point Gatekeeper will ask for administrative authentication and then remove the quarantine flag).

2 Likes