Hi!
I recently had an idea to build an iOS app that allows users to create a system-level block of specified web domains by curating a "blacklist" on their device.
If the user, for instance, inputs "*example.com" to their list, their iPhone would be blocked from relaying that network traffic to their ISP/DNS, and hence return an error message ("iPhone can't open the page because the address is invalid") instead of successfully fetching the response from example.com's servers.
The overarching goal of this app would be to allow users to time-block their use of specified websites/apps and grant them greater agency over their technology consumption, and I thought that an app that blocks traffic at the network level, combined with the ability to control when to/not to allow access, would be a powerful alternative to the existing implementations out there that work more on the browser-level (eg. via Safari extension, which is isolated to the scope of user's Safari browser) or via Screen Time (which can be easy to bypass by inputting one's passcode).
Another thing to mention is that since the app would serve as a local DNS proxy (instead of relying on a third party DNS resolver), none of their internet activity will be collected/transmitted off-device and be used for commercial purposes. I feel particularly driven to create a privacy-centered app in this way, since no user data needs to be harvested to implement this kind of filtering. I'd also love to get suggestions for a transparent privacy policy that respects users control over their device.
With all this said, I found that the Network Extension APIs may be the only way that an app like this could be built on iOS and, I wanted to ask if the above-mentioned use case of Network Extension would be eligible to be granted access to its entitlement before I go ahead and purchase the $99/year Apple Developer Program membership.
Happy to provide further information, and I'd also particularly be open to any mentions of existing solutions out there (since I might have missed some in my search). Maybe something like this already exists, in which case it'd be great to know in any case! :).
Thank you so much in advance!
Thanks for opening a forums thread about this.
When you talk about “accepted use cases” there are two things to consider:
-
What does DTS support?
-
What will App Review allow on the store?
I work for DTS, so I’m going to focus on that side of things. I can’t comment on App Review policy. I recommend that you read the publish App Review Guidelines.
From a DTS perspective, the go-to document for this is TN3120 Expected use cases for Network Extension packet tunnel providers. In short, we see a lot of folks try to use an NE packet tunnel for content filtering. That generally doesn’t end well, and so it’s not something that DTS supports. We recommend that you implement content filtering using an NE content filter.
Most folks don’t want to use an NE content filter on iOS because of their strict deployment limits. For info about those limits, see TN3134 Network Extension provider deployment. I’m sympathetic to that viewpoint but that doesn’t change DTS’s support policy. DTS is here to help developers create products that work now and will continue to work in the future. When you try to use an NE packet tunnel for content filtering, you inevitably run into wacky edge cases and binary compatibility problems, and so this is not a path we can follow you down.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
