Create an on-device network content filter.
An on-device network content filter examines user network content as it passes through the network stack and determines if that content should be blocked or allowed to pass on to its final destination. You might create a content filter and sell it to organizations, like schools and businesses, that want to prevent users from accessing specific Internet content.
A content filter consists of two providers that work in close cooperation:
A filter data provider receives user network content and examines that content to determine whether to block or allow it.
A filter control provider passes configuration information to the filter data provider to allow that provider to do its job.
This separation exists to guarantee user privacy. The filter data provider runs in a very restrictive sandbox that prevents user network content from escaping that provider. The filter control provider has a less restrictive sandbox but doesn’t have access to user network content. By combining these providers, your content filter has access to the network but cannot use that access to export user network content.
For example, your filter control provider might download a set of filtering rules and save them to a shared app group. Your filter data provider has read-only access to that app group, allowing it use those rules to filter content but still preventing it from exporting user network content.
Content filter providers are only supported on supervised iOS devices.