iOS - How to filter web traffic based on HTML content?

Platform - iOS 9+


My Customer Requirement for iOS: For security reasons, block iOS user from logging in to any website on the device (logging into specific apps are allowed)


1. User clicks on a link (from anywhere, say, email, app, SMS etc)

2. Link opens in the user's default browser (Safari/Chrome/anything)

3. I want to "look" at all the incoming HTML content of all such HTTP(S) traffic

4. If the HTML DOM of the requested page contains type="password" element in it, I want to block the user from visiting the page with a customizable message (that the customer will provide)


I recently came across NEFilterBrowserFlow but cannot find any sample code anywhere.


Questions:

1. Is NEFilterBrowserFlow the right class to accomplish my above usecase? If not, can anyone help with any suggestions of how to do this?

2. Can someone help with any sample code of how I can do this?

3. Can you share links to any sample code of NEFilterBrowserFlow?

Up vote post of suvarnais Down vote post of suvarnais
2.3k views
Posted by
suvarnais
Reply
Add a Comment

Replies

I recently came across 

NEFilterBrowserFlow
but cannot find any sample code anywhere.

That class is part of a much larger concept, namely a NetworkExtension content filter provider. You can find a short summary of what these are and what they can do on this page.

1. Is 

NEFilterBrowserFlow
the right class to accomplish my above usecase?

Perhaps. It depends on whether your use case is compatible with the restrictions imposed by the content filter provider.

2. Can someone help with any sample code of how I can do this?

3. Can you share links to any sample code of NEFilterBrowserFlow?

The only official content filter sample code is embedded within the SimpleTunnel sample code. This has not been updated in a long time, so the actual code probably isn’t much use to you, but all of the core concepts still apply.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thank you Quinn!


Btw, is the concept even possible? I mean - do any of the classes (such as NEFilterBrowserFlow or any others) provide access to the HTML/CSS/JS in real-time when the content is being loaded by any webkit-based browser?

Posted by
suvarnais
Up vote reply of suvarnais Down vote reply of suvarnais
Add a Comment 
NEFilterBrowserFlow
will let you filter plaintext HTTP content, although there are some restrictions in practice. The most critical of these is that it only works on a supervised device. If you’re OK with that then my advice is that you create a simple prototype to flesh out any other potential restrictions before committing to a product.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment