Hi all,
I'm working on a small PoC to get Content Filtering (FilterDataProvider) working on macOS without any user interaction.
So far, I've pushed two payloads to my machine using user-approved MDM enrollment:
com.apple.system-extension-policycom.apple.webcontent-filter
The application containing the network extension is present in /Applications.
The installation of the profiles both succeed and I can see a Content Filter is created in the Network section of System Settings. Even the status says "Enabled", but the dot remains orange.
Inspecing the system logs (specifically: filtering on process:neagent) shows me the following error:
1. Failed to find a com.apple.networkextension.filter-data extension inside of app com.my.app.containing.the.ext
Only when I submit an activation request using OSSystemExtensionRequest.activationRequest, the network extension starts (without prompts, as expected) and everything works.
Is this expected behaviour? Do I need to submit an activation request through code regardless of the fact that MDM pre-approved the System Extension prompts and created the Content Filter in the System Settings?