6 Replies
      Latest reply: Dec 1, 2016 4:36 AM by iOSerKi RSS
      iOSerKi Level 1 Level 1 (0 points)

        I want to use vpn do some clever thing in my app. And I found that when connecting vpn in first time, system showed alert view and than jump to the "Setting" after you pressing the "allow" button.

        So I have a worry, is it allow? can pass the review?

         

        Also, which way is better for adding vpn function?  The code or the configuration profile?

         

        Thx for answering !

        • Re: Is that allow add Personal VPN function in my non-vpn app?
          eskimo Apple Staff Apple Staff (7,550 points)

          And I found that when connecting vpn in first time, system showed alert view and than jump to the "Setting" after you pressing the "allow" button.

          Indeed.  That’s expected behaviour.  As VPN providers can ‘see’ all traffic on the system, the user must explicitly approve their use, and that involves a ‘bounce’ through Settings.

          Also, which way is better for adding vpn function?  The code or the configuration profile?

          There’s no way to bypass this bounce when you setup VPN programmatically; if there were, that’d be considered a security bug.

          You can certainly set up VPN via a configuration profile, but that also requires explicitly approval by the user.

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"

            • Re: Is that allow add Personal VPN function in my non-vpn app?
              iOSerKi Level 1 Level 1 (0 points)

              Thx for answering !

              That Indicates adding VPN function in a non-VPN app(my app) can pass the review? ?

              I'm very worried about it....

                • Re: Is that allow add Personal VPN function in my non-vpn app?
                  eskimo Apple Staff Apple Staff (7,550 points)

                  I can’t give you definitive answers about what will or won’t pass App Review; only App Review can do that.

                  At a technical level, my experience is that doing ‘clever’ things with APIs — that is, using them for purposes which they weren’t originally designed for — is generally not a good idea.  APIs and their implementations tends to evolve over time; this evolution is guided by the intended uses of the API and thus doesn’t take into account your ‘clever’ misuse.

                  If you’d post more details about what you’re doing, I can offer a more specific technical opinion.

                  Finally, on a personal note, if I installed an app and it unexpected asked for VPN privileges, I’d immediately uninstall it.

                  Share and Enjoy

                  Quinn “The Eskimo!”
                  Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                  let myEmail = "eskimo" + "1" + "@apple.com"

                    • Re: Is that allow add Personal VPN function in my non-vpn app?
                      iOSerKi Level 1 Level 1 (0 points)

                      You're right. But I have no choice.

                      I don't know how to decribe exactly the "clever thing" to you. en...I try. 

                      My app is a tool that extends a LAN game in a WAN, so the player can enjoy with other players all over the world. For realizing funciton, the first way I choose "Audio background mode" to keep app running in order to transmits data, but rejected..

                      And now, I guess the "Personal VPN" maybe a feasible way: no need background mode, also transmits data.

                      Maybe that's all...

                        • Re: Is that allow add Personal VPN function in my non-vpn app?
                          eskimo Apple Staff Apple Staff (7,550 points)

                          And now, I guess the "Personal VPN" maybe a feasible way …

                          Have you tried it?  Does it work?

                          It’s easy to prototype this because the Personal VPN API (NEVPNManager) is simply a programmatic way to set up the built-in VPN transports.  Thus, you can create a prototype by setting up the built-in VPN transport yourself, either manually or via a configuration profile.

                          Share and Enjoy

                          Quinn “The Eskimo!”
                          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                          let myEmail = "eskimo" + "1" + "@apple.com"