I really only want to get the title of the page.
The URL will at least be available via NEFilterFlow
if the network request was created via WebKit.
Regarding:
If I open a page via an HTTP request I can easily see the html for the page including the title if it exists.
Right.
Regarding:
It seems HTTPS requests provide the data still encrypted but I can't find any information about that in the documentation or anywhere on the web.
Yes it does, this is a safety mechanism so that all traffic on a device cannot just be consumed by someone that should not be doing so. The idea is that if your filter has a cache of known IPs, URLs, or even SNIs that are known to be malicious then these items can be filtered upon and blocked.
Regarding:
The next question will be (of course) Is there an easy way to get that data decrypted?
As you mentioned this data will be encrypted for cases where a NEFilterDataProvider
is just running standalone on a machine/device. The exception as you also mentioned is things like standard HTTP
, FTP
, or other TCP port 80 traffic. If you are looking for a way to make filtering decisions in this environment, take a look at building a URL, IP, or SNI cache to make filtering decisions based upon your business rules.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com