can send http request from network extension?

Hi,


Is anybody know that whether I can send http request from network extension or not?

the idea is that I want to check the inbound/outbound data before deciding allow or drop them, so I have 2 questions here:

1. In the NEFilterDataProvider class description, it says "The sandbox prevents the Filter Data Provider extension from moving network content outside of its address space by blocking all network access, IPC, and disk write operations." that means I cannot send the network content to the server or other process for checking?

2. if I just want to send http request from network extension, is it possible?


thanks in advance.

Replies

Is anybody know that whether I can send http request from network extension or not?

What platform are you working on?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

I am working on macOS10.15.

A filter data provider on iOS has a very restricted sandbox, and it relies on the filter control provider to do any networking. This is the source of the documentation quotes you referenced.

The architecture on macOS is very different. Indeed, there is no filter control provider on macOS. I believe that the sandbox for macOS is very liberal, and thus you’ll be able to make outbound network connections just fine. However, I must admit that I’ve not actually tried it.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"