Hello everyone,
I am new to MacOS app development and I'm currently working on implementing an HTTP/S interceptor in my application. I would like to know if there are any available APIs or network events that I can listen to in order to intercept HTTP/S calls made by all the applications installed in my MacOS, read their headers and body, and have the ability to block or allow those calls.
Any guidance or suggestions would be greatly appreciated.
Thank you, Venkata Sesha Phani.
Yes and no.
You can use various Network Extension providers (content filter or transparent proxy) to intercept network connections. However, most HTTP requests are protected by TLS and your NE provider can’t see inside that [1]. A transparent proxy can get around that using TLS interception [2] but many clients use certificate pinning to protect themselves from such malarkey.
You can achieve much of the same result, with much of the same limitations, by implementing an HTTP proxy and then changing the macOS default proxy settings to point to your proxy.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] This is different on iOS btw, where the filter data provider does have access to plaintext HTTP requests made by WebKit.
[2] The Wikipedia info on that is pretty limited, but there’s lots of other info out there on the ’net that covers this, for example:
https://www.cloudflare.com/en-gb/learning/security/what-is-https-inspection/
Just dropped you an email :)
-
—
PhaniVVS
Add a CommentJust to add more clarification. I want to intercept all the http/s calls made by all other applications installed in MacOS.