I recently began implementing Mac App Store sandboxing (ugh) and noticed that saved HTML archives loaded into a WebView do not render referenced resources. For example, a saved webpage, MyPage.html, can reference styles.css, image.jpg, and script.js in a corresponding MyPage_files folder (Google Chrome's save "Webpage, Complete" convention):
However, after loading the MyPage.html file into a WebView, the Console.app reports errors like this:
sandboxd: deny file-read-data /Users/user/Desktop/MyPage_files/styles.css
sandboxd: deny file-read-data /Users/user/Desktop/MyPage_files/image.jpg
sandboxd: deny file-read-data /Users/user/Desktop/MyPage_files/script.js
Should this be considered a bug, or is it something that is just a limitation of WebViews within the sandbox?
This is a limitation of the original sandbox design, but it's one that Apple has (at least partially) fixed.
Apple engineers have discussed the new solution in at least two places, but unfortunately, I believe they're both "prerelease" information sources that nobody outside of Apple is allowed to talk about in public places like this.
If you have a paid Mac Developer Program membership, go to the Application Sandboxing forum.
I believe "The OS X App Sandbox" video from The WWDC 2012 videos is available without a paid Mac Developer Program membership.
Also, keep in mind that you will need some kind of fallback, unless you're willing to require all of your users to upgrade to a new version of OS X. You should definitely file a bug with Apple explaining what you need, and post about it on the forums. You can post about it on the non-prerelease forums, because you're asking how to do this on Lion, which doesn't involve any confidential information.
One last point: if you're creating the archives yourself, you can save them so that there's a MyPage bundle with the .html file and _files subdirectory inside it; then, when the user selects your bundle, you'll have access to everything. But of course this won't work if you're trying to open, e.g., archives created by Safari.