Hi,
I am writing an iOS App that includes an App Proxy Provider Network Extension. I would like to route all traffic from the containing iOS App to go through the App Proxy Provider. I can do this for my own testing by adding the NETestAppMapping key to the Info.plist file of the App. Given that the App and its network extension come from the same developer and belong to the same App Group, would it be possible to achieve this without involving an MDM?
Thanks
would it be possible to achieve this without involving an MDM?
No. Assuming distribution signing, the container app is not privileged when it comes to accessing the app proxy.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Thanks Quinn! How about the SafariDomains field of the Per-App VPN Payload? Does it have to be set via an MDM as well?
How about the
SafariDomainsfield of the Per-App VPN Payload? Does it have to be set via an MDM as well?
This is kinda subtle:
VPNUUID and SafariDomains are both part of the configuration profile payload.
You can install that configuration profile in any number of ways, including MDM.
However, you’ll still see different behaviours. For VPNUUID, the only way to associated an app with that value is via MDM [1].
But SafariDomains is already associated with an app, Safari, so it doesn’t need the profile to be installed by MDM.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] Except:
On macOS, where you have com.apple.vpn.managed.appmapping.
In Development-signed apps, where you have NETestAppMapping.
