AdguardForiOS icon indicating copy to clipboard operation
AdguardForiOS copied to clipboard

Published 20 hours ago verified publisher icon AdguardTeam

Do HTTPS filtering like Surge.

Open lancelot-moon opened this issue 4 years ago • 8 comments

On iOS, the paid function (MitM) of Surge can do system-wide HTTPS filtering. Need to install its CA certificate first. https://apps.apple.com/tw/app/surge-4/id1442620678

https://github.com/search?p=2&q=.sgmodule&type=Commits

Of course, this feature request isn't hurried. Hope it can be realized after most other features are done.

lancelot-moon avatar Jun 18 '20 18:06 lancelot-moon

I am 100% sure that Apple won't allow us to do that for content blocking. Web debugging proxy is a different kind of product and they made an exception for them, they will never make it for us.

I'll keep this feature request open, though. Maybe one day in the future after all anti-Apple antitrusts this will be possible.

ameshkov avatar Jun 19 '20 14:06 ameshkov

Quantumlt X app has the same feature but only needs to buy 1 time without paying each month like Surge

bigdargon avatar Jun 19 '20 15:06 bigdargon

It would be nice to have this implemented even if behind a feature-flag that disables it before submitting the app to Apple. This would allow people to build the app by themselves and install directly on their devices with the feature enabled.

t0rr3sp3dr0 avatar Jun 21 '20 16:06 t0rr3sp3dr0

@ameshkov, could using a Configuration Profile for a trusted HTTPS certificate be allowed since there is a focus on device security?

From their guidelines: https://developer.apple.com/app-store/review/guidelines/#mobile-device-management

Mobile Device Management Apps that offer Mobile Device Management (MDM) services must request this capability from Apple. Such apps may only be offered by commercial enterprises (such as business organizations, educational institutions, or government agencies), and in limited cases, companies using MDM for parental control services or device security.

[...]

Apps offering configuration profiles must also adhere to these requirements. Apps that do not comply with this guideline will be removed from the App Store and you may be removed from the Apple Developer Program.

And now that Apple allows developers to challenge the App Store rules, you may have more luck 🤞 https://www.apple.com/newsroom/2020/06/apple-reveals-new-developer-technologies-to-foster-the-next-generation-of-apps/

Additionally, two changes are coming to the app review process and will be implemented this summer. First, developers will not only be able to appeal decisions about whether an app violates a given guideline of the App Store Review Guidelines, but will also have a mechanism to challenge the guideline itself. Second, for apps that are already on the App Store, bug fixes will no longer be delayed over guideline violations except for those related to legal issues. Developers will instead be able to address the issue in their next submission.

ghost avatar Jul 02 '20 00:07 ghost

Wouldn't it be possible to 'camouflage' this feature? Like the current DNS firewall, where filters must be imported by the user.

ThracianKnight1907 avatar Aug 30 '20 19:08 ThracianKnight1907

@ameshkov

Another new iOS app by Chinese for MITM attack (system-wide HTTPS filtering), including adblock, like Surge app. https://apps.apple.com/tw/app/stash/id1596063349

https://github.com/STASH-NETWORKS-LIMITED/stash-example/blob/main/mitm-reject-ad.yaml

lancelot-moon avatar Feb 11 '22 18:02 lancelot-moon

Hope one day this will be possible

michael1900 avatar May 20 '22 22:05 michael1900

I do wonder, has there been any further discussion regarding this?

ghost avatar Jul 26 '22 10:07 ghost