A
Story
uBlock Origin Lite in Apple App Store
I’ve been using uBlock Origin Lite on iOS for several months now, but one shortcoming I see with the newer WebExtensions implementation in Safari is that WebExtensions can’t be used with the in-app Safari views, meaning extensions such as this one don’t work with in-app Safari views. There was an older Safari content blocker API that did work with the in-app Safari views, but it seems like apps are being updated to stop using it. As a workaround, I’ve been trying to set my apps to open the Safari app for links where possible, but I would have preferred to use the in-app Safari views.
As a side note, I personally HATE apps that opens links in an in-app web view (apps like Instagram, Facebook, etc). I really wish Apple could have a system wide preference where it could force in-app web views to open in the browser.
It has frustrated me for a LONG time that we have all collectively seemingly decide to break links.

It used to be that you could click a link in an app, it opens in your web browser where you're already logged in to the relevant service, so you get to see the content the link points to.

These days, you click a link in an app, it opens in an in-app web view where you're not logged in, so you just see a login screen.

Not even the "open in Safari" button works, since by the time you have the opportunity to click it, you've already been redirected to the login page. You literally have to long-press on the link, copy it, switch to your browser, and paste it in to the omni-bar. I don't understand how this god forsaken industry's UX "experts" have all agreed that this should be the universal user experience.

It's especially bad in apps like Slack, where 99% of the links I'm ever interested in are links to our internal gitlab, some internal knowledge base article, some internal tool, or some other thing that requires being logged in to view any of the content. Links just plain do not work almost ever in Slack without the manual long-press -> copy -> switch to Safari -> paste dance.

  • ptk
  • ·
  • 1 day ago
  • ·
  • [ - ]
This behavior (as far as I can tell) has broken the Expensify iOS app for us at work. We have a conditional access policy that requires a “compliant” device to succeed the SSO login. However, only the iOS Edge browser can prove compliance and Expensify refuses to hand over that login process to the Edge browser preferring to use its own built-in browser. So login fail and as far as I can tell there is nothing we can do about it except for exempt that app from the conditional access policies.
The reason Expensify does that is because they want/need access to the cookies from the login flow. The in app browser provides the hosting application access to those, but they can't access Safari's cookiejar. The modern way of doing it is to put the login in Safari (or iOS's dedicated "in app browser for logins") and then redirect to something like expensify://login_complete?token=xxxxxx, which pops back over to the app. This is mostly tech debt on Expensify's part, but it might not solve the Edge vs. Safari issue.
I wonder what iOS Edge does which iOS Safari doesn't do, considering both are just UIs over WebKit...

Not that it matters, it's still an excellent example of stuff not working because links don't work as links anymore.

> I wonder what iOS Edge does which iOS Safari doesn't do

Being a "Managed App" through MDM/Intune. Typically it's used when installing corporate apps in a BYOD scenario. The managed apps are isolated from information sharing with unmanaged apps, e.g. policies can be applied preventing copy/paste, access to Files.app, etc. It (and it's isolated storage) can also be remote wiped without nuking the whole device. Edge.app still uses the Safari rendering engine, etc. like is generally the case with 3rd party browsers on iOS.

You can't do this with Safari.app unless the whole device is managed, which doesn't work well for BYOD.

We have this policy at work and it’s infuriating. I had to install edge once to access some work resource and immediately uninstalled it. I can’t even access our GitHub without it, even through the official app.
Maybe what breaks that process is what Edge does not do and Safari does. There is more to a browser than the rendering engine. Furthermore, does Safari still uses an optimized JS engine that the other browsers cannot use?
> I wonder what iOS Edge does which iOS Safari doesn't do

I don’t know whether that’s right, but I read “We have a conditional access policy that requires a “compliant” device to succeed the SSO login. However, only the iOS Edge browser can prove compliance” as “our access policy does not allow logging in from Safari”. If that’s true, it’s not something Edge or Safari does or doesn’t do.

> I wonder what iOS Edge does which iOS Safari doesn't do, considering both are just UIs over WebKit...

"just" is not an appropriate word here. There's a ton of functionality in the native UI and non-WebKit code.

I hate in-app browsers, too, but there is a Slack setting that will let you open in Chrome or Safari (choosing Safari opens whatever your default iOS browser is).

You can change the Browser Application setting under Preferences after tapping on your Avatar in the Slack app.

  • ·
  • 1 day ago
  • ·
  • [ - ]
> you click a link in an app, it opens in an in-app web view where you're not logged in

But you could be. You could log in from the in-app web view, and it would be remembered and compartmentalised in that app, so that next time you click a link you’re logged in.

  • mh-
  • ·
  • 1 day ago
  • ·
  • [ - ]
Nowadays most providers (and IT teams managing SSO) log out stale sessions quickly, so by the time he clicked another link to it in Slack he'd probably be logged out, again.

It really is a bad user experience all around.

If it happened that fast, then logging in outside the in-app browser wouldn’t make much of a difference, you’d have to be constantly doing it anyway.
I could be, but I'm not. And I don't want to compartmentalize logins to Slack.
To be clear, what I meant is that the logins inside the in-app browser do not affect the other in-app browsers and the main browser. I understand this is not your preferred solution, but it is a way to make the situation suck less.
This sounds like a fantastic way to get phished.
That makes no sense. Are you getting phished from clicking a link someone you know posted in your internal company Slack? And use a password manager, those make sure the domain is correct.
Every app and their mom uses the webview bullshit - it's not just your work slack.

Now you're logging into the same thing in multiple different places. Obviously, the odds of you getting phished go up significantly.

I also love that app sizes get super bloated (several gigs per app) due to cached safari data from the in-app web view. Seems the only way to clear it is to go into settings and wipe the website data for safari entirely. I don't believe app developers can clear this themselves either, despite it appearing as their app taking up so much space when really it's just due to safari cache that seemingly doesn't clear on its own.
THAT is the source for the bloat? Oh dear. Absolutely shambolic. It is embarrassing that iOS gives no way to just completely nuke an app's cache, short of reinstalling the app.
Some apps have a setting to clear data and I swear I’ve seen cached data in that before but I could be mistaken
I know they do, but the effectiveness of these "clear data" settings varies wildly and it's mildly infuriating. For instance, in my experience Telegram's works pretty well, X's not at all.
I get more frustrated from when they go the other direction. Google Maps, for instance. When I go to the website, it asks if I'd like to use the app instead, with the usual dark pattern of having the "no" button greyed out. But after I tell it no, as soon as I touch the search bar, it automatically opens the app anyway. I wish there was a setting in Safari that disabled websites from opening apps.
  • ljm
  • ·
  • 1 day ago
  • ·
  • [ - ]
Add to that list:

- showing focus-stealing modals when loading the page/app, which breaks the quick look functionality on iOS

- interrupting your workflow with tutorial popups (especially multi-step ones that point to different parts the screen) that demo or upsell a new feature, requiring you to dismiss them to continue

- not having an option saying "I'm a power user, stop explaining shit I already know"

To be honest, if the concept of growth hacking was erased from the universe, pretty much none of this crap would exist. Atlassian, Browserstack: I'm looking at you.

> I wish there was a setting in Safari that disabled websites from opening apps.

This has been one of my biggest iOS peeves for a long time—I really wish that installing an app wasn’t a commitment to letting it handle all of the links it wants to.

It’s particularly annoying because a lot of apps are terrible at actually handling the link: the app will show a login screen or some kind of interstitial and then just forget where you were going. That stupid behavior isn’t limited to web links either, it’s really great when it’s the app’s own push notification (thus irretrievable once tapped), but which the app will not even open properly 100% of the time.

There are a couple of imperfect workarounds (long pressing, incognito), but mostly I’d just rather have an option to limit or disable this behavior entirely—in the absence of that I’ve actually just uninstalled all of the worst offenders, I’m sick of having a million damn apps.

Not sure about iOS Firefox, but on Android you can disable that altogether. Turn off "open links in apps".
> letting it handle all of the links it wants to

It doesn’t. App developers have to verify that they own the corresponding domain names that they want to handle with their apps: https://developer.apple.com/documentation/xcode/supporting-a...

I understand that, what I was getting at is more that I, as a user, have little insight or control around when or where my phone will decide to open an app when I click a link, vs continue to work like a normal browser. The app developers declare their associations and url patterns and that's it.
I agree, it’s pretty obnoxious… But there is the same problem on Android, app handlers for verified domains cannot be disabled there, only the handlers for unverified domains (which are unticked by default, so opt-in).
From what I can tell, Kagi’s Orion browser will let you control app launching.
My favourite part is when it opens a form or something to fill out but if you navigate away from this in-app web view to another app and back (say to get a password) you lose the session. It’s incredibly frustrating
That's generally annoying though — web sites that can't preserve your session if you should click a link and then try to go back.
Yeah Gmail does this on Android. Super annoying. You basically have to remember to always click "open in chrome". It's not like it even does anything different because it's already open in chrome, just in a tab that it will throw away at the drop of a hat.
I couldn’t agree more.

I find gmail to be the absolute worst offender in this category.

1. They dark pattern you into downloading their browser (they give three options, two of which are chrome)

2. In not launching iOS, I’m not logged into the session I may already have open in safari. Which is incredibly painful for any product that sends notifications via email, which id like to action.

And if I do login, and it asks for an email verification code… fail. I can’t access it in gmail without closing the browser…

3. Their in app browser (or the way they re-write links?) doesn’t seem to play nice with opening the corresponding app. Never seems to work.

Incredibly user hostile.

Is there a better alternative mail client I can use with gsuite?

  • mh-
  • ·
  • 1 day ago
  • ·
  • [ - ]
I use the Gmail app and just have it set to always use the default browser?

Gmail app -> hamburger menu (top left), scroll down to settings, Default apps, Browser = "Default browser app (Configure in iOS settings)".

I think I must be misreading your concern - if so, not intentional.

What does "better" mean to you? The native Apple Mail app works with Gsuite.
I’d think it was about tracking if I didn’t know that the ios api most apps use gives no access to what the user is doing. I feel like it must be some folk wisdom among app developers about “keeping people in the app”. It’s especially bad since the implementation always seems to struggle hard with self-links, eg if you open a web link in X then follow a link in the story to a tweet you get a broken result in most apps.
The main point of it is to force ads and tracking links. It's just anti-privacy. Any app that does it without a permanent way to disable it doesn't respect its users.
I wouldn’t mind if it didn’t break OAuth flows on _some_ webviews on _some_ operating systems. Miserable rabbit holes mitigating all the edge cases.
Gmail insists on doing this and always screws it up.
On iOS I have the chrome and gmail app installed and it always opens my links in chrome. Does it use the built-in browser if you don't have chrome?
Yes I don’t have Chrome just Safari and it used to still insist on doing this. So it had none of my passwords saved etc. and was some brain dead Gmail browser.

I just tried again and it opened Safari, so maybe at some point they enabled a way to tell it to not do that? I see in the Gmail settings I have a setting checked for use default browser app.

So if you fixed this Gmail or iOS people thank you!

Gmail is the worst for this
This small technical annoyance is one of the biggest issues… of modern society. They do that deliberately to keep users within their apps to drive up engagement. Which in turn drives down exposure to different opinions by keeping the user within the app driven by the same algorithm uninterrupted. If they to change default opening of web links as you would expect it, their revenue numbers would drop dramatically.

The lawmakers should be competent enough to recognise this problem and have laws against keeping people within the apps for no reason. (The only reason may be to use the web sign-in).

Imagine on desktop computer os, you click a link within WhatsApp app and it opens a window within that app and load the webpage there, without your login cookies, and makes you login if you need using mouse with on-screen keyboard only…

Same thing in Android... I'd just prefer to launch the default browser (Brave in my case).
Not the same thing.

Every link I click on my Android phone opens up and uses my preferred browser; Firefox.

What are you seeing different?

By default in X, Facebook and even Google News, you get an in-app browser by default.. you can change the behavior, but it's definitely the default. Just switched to a new phone and have been updating a lot of the settings as I notice them.
  • uxjw
  • ·
  • 1 day ago
  • ·
  • [ - ]
Meta uses the in app browsers to inject trackers on every site you visit. https://krausefx.com//blog/ios-privacy-instagram-and-faceboo...

Probably others doing the same. I always open pages in full safari and use NextDns to block trackers in all apps.

This is heavily dependent on whether the app is using a WKWebView, in which the app developer has almost total control over the experience or SFSafariViewController, which essentially provides a mini-Safari with back/forward/reload/reader mode buttons with a button in the lower right hander corner that takes you to full Safari. In the latter case, the app developer has very little customization and cannot see or really control what is happening inside of the web view.
You have it backwards: whether an app injects tracking is not a result of whether they use WKWebView of SFSafariViwController. Rather, if they want to inject tracking, they _will_ use WKWebView.
Apparently iOS 26 adds new APIs that allow filtering everywhere, including in all apps. Wipr added this functionality.
You mean URL filters? This isn't part of WebExtensions, so I don't think uBlock Origin Lite is going to support it any time soon. But since URL filters appear to operate independently from browser level blocking, perhaps apps providing this functionality could coexist with uBlock Origin Lite.

Also, as the name implies, this just looks at the URLs. So it's more comparable to DNS level blocking.

https://developer.apple.com/documentation/networkextension/u...

But then I have to upgrade to iOS 26… The cure is worse than the disease!

For now I am using wireguard+pihole on a cheap VPS for all my devices. It’s not perfect (data center IP so some places block it) but it’s good enough for now. When I’m forced to update to 26 will definitely look at Wipr since I tested that out and it was really good other than the in-app issue.

  • thiht
  • ·
  • 1 day ago
  • ·
  • [ - ]
Or just do the 26 upgrade, the Liquid Glass changes are grossly overstated, it's not a drastic change...
True. macOS Tahoe is far worse. It looks like a poorly designed Linux variant.
Without having any experience with the APIs to back up my claim, I believe that the WebExtensions API is more powerful in the sense that it allows more complex blocking rules. AdGuard seems to include both options simultaneously, where you have "advanced protection" (WebExtensions API) that only works in Safari and separate blocking lists (old API) that work in both Safari and WebView. This is precisely what keeps me from using uBlock Origin Lite.
> I believe that the WebExtensions API is more powerful in the sense that it allows more complex blocking rules.

This is not really accurate.

The Safari content blocking API and the WebExtensions DeclarativeNetRequest API are comparable. The difference is that WebExtensions are JavaScript and can run in the context of the web page. With WebExtensions, you get DNR plus arbitrary JS, whereas the Safari content blocker API is native code and doesn't run in the context of the web page. The arbitrary runtime JS is what allows you to do things that you can't do with declarative content blocking rules.

You could also have a Safari content blocker with an optional WebExtension for additional functionality with no usage of DeclarativeNetRequest.

> You could also have a Safari content blocker with an optional WebExtension for additional functionality with no usage of DeclarativeNetRequest.

That’s exactly what AdGuard and some other content blockers do. The result is that content blocking works everywhere, but it’s most effective in Safari. As a user, I prefer that over the approach of uBlock Origin Lite, which is a pure WebExtension and doesn’t do anything outside of Safari. Too bad, because I prefer using uBlock Origin on other platforms.

I agree, and I feel it’s worth mentioning that in-app web views bypass private browsing, so they store cookies even if you run Safari in private browsing 100% of the time. PITA to clear them, buried in settings.
> There was an older Safari content blocker API that did work with the in-app Safari views, but it seems like apps are being updated to stop using it.

Which apps are being updated to stop using it?

The difference is simply that the Safari content blocker API is Apple-specific, so it can be used only on iOS and macOS, whereas uBlock Origin Lite uses the cross-platform DeclarativeNetRequest API, because uBlock Origin Lite is itself cross-platform.

Adblock Plus did so on iOS in version 3.0.0. I haven’t used ABP on other platforms in years but for awhile it was only of the few decent free options I knew of on Safari.
Ah yes, I see in the release notes, "Rebuilt with WebExtension technology for improved ad blocking performance".

I'm not sure why they did that or whether it's actually improved, but the Apple-specific content blocker API is certainly not deprecated or anything like that.

The biggest difference is that the Safari content blocker API is native, in other words, Swift or Objective-C, whereas DeclarativeNetRequest (invented by Google) is a JavaScript API.

In-app views can't really have DNR unless they also have full browser extensions too.

We already have Wipr 2 (https://kaylees.site/wipr2.html) on the App store which is a pretty dang great ad blocker and well worth the price.
Is it better than Wipr 1? Because I paid for that one and it's kinda ... unsatisfactory.

Edit: at least compared to full uBlock Origin on desktop Firefox. No idea how good or bad are the other mobile solutions.

Most of the time i solve my mobile ad blocking needs by ... not browsing on mobile.

Yes. I used to use Wipr 1 and also found it underwhelming, eventually settling on 1Blocker. Eventually I decided to give Wipr 2 a shot and it’s much improved.

It also now allows blocking even outside of Safari. Though that requires iOS/macOS 26, which I have no intention of installing any time soon, so can’t speak for how effective that is.

https://kaylees.site/wipr-filtr.html

  • rckt
  • ·
  • 2 days ago
  • ·
  • [ - ]
I've been using Wipr for a long time. Both on iOS and macOS and it works perfectly. I don't see any ads. When I happen to use or see other people's devices I'm amazed by the amount of ads on the screen.
Adguard works well and is free. I did pay for Wipr 1 but now switched to Adguard.
Yeah AdGuard seems to work great for me. Any reason to switch to unlock Origin Lite?
As someone who is using AdGuard on Safari and uBlock origin on Firefox, no. Both equally good IMO. I'm not seeing any ads!
*uBlock
  • 404mm
  • ·
  • 1 day ago
  • ·
  • [ - ]
Doesn’t look like it supports Family Sharing, is that right?
I'm not sure I know what that is. It's a single purchase for a lifetime multi device license.
  • jjice
  • ·
  • 1 day ago
  • ·
  • [ - ]
I use both Wipr 2 and Adguard Pro. $15 total and well worth it. Adguard is mostly just to run custom rules for blocking elements.
  • ·
  • 1 day ago
  • ·
  • [ - ]
  • ·
  • 1 day ago
  • ·
  • [ - ]
[dead]
[flagged]
Yeah, the ad situation really is so horrible it is worth paying to get out of it. Also supporting an inde dev to provide a useful app with the equivalent of a nice cup of coffee doesn't feel all that bad.
Well, it's a $5 app on the App Store. ~$3.20 will go towards paying the indie dev, and most of the remaining ~$1.50 will go directly into Apple's coffers as a reward for doing such a good job locking down their operating system.

Kinda feels like Apple is deliberately making it horrible so you view paying them as the only ethical solution. For example, I don't have to do this song-and-dance to block ads on non-monopolized platforms.

> Well, it's a $5 app on the App Store. ~$3.20 will go towards paying the indie dev, and most of the remaining ~$1.50 will go directly into Apple's coffers as a reward for doing such a good job locking down their operating system.

This is not a defense but merely a correction: The small developer program is 85%/15% rather than 70%/30% for anyone making less than $1 million per year.

The small developer program is opt-in, AFAIK the developer will be charged the full 30% by-default unless they explicitly apply.
You can rest assured that professional App Store developers have enrolled.
I think this is sarcastic?

I mean I pay on several websites to not see ads, so it (paying to remove ads) seems like the normalest thing. And it should be the normalest thing.

The only weird thing here is that we pay a party that is not the one serving the ads, so the primary misses income from ads and potentially paying customers.

But I suspect that is what you meant with your remark.

Moreover, paying on every website is just insane overkill and very expense compared to the value you get from occasional visits (the sites I subscribe to I visit multiple times a day and they provide business value).

Something like Alby [0] could solve this though. But Crypto currency has become a dirty word around here ;) (Alby does allow fractions of cents to be transferred, like a stream, on website visits, it (among others) also powers per-second paying for Podcasts streams, splitting revenue between multiple podcast hosts, the podcast app and the central index if set up that way. It's hard to set up though, something fiat-currency, based with 0 overhead would be nice...).

[0] https://getalby.com/

No. Not having ads is the "normalest" thing. I would never pay. I would use an ad blocker, and if that does not work, I would not use the website at all. This is the "normalest" thing to do, not giving them money for using ads.

You are enabling them and paying them for using ads. How is that the "normalest" or even normal thing to do? How do you expect them to stop showing ads if not only the ads themselves work, but even the ones who don't click ads pay them for having ads (to not show them, but ultimately it is for them having ads)?

I think you misunderstood. I'm saying The normalest thing is to offer value for value. Value for the gathered information, as money, or you let them influence you via ads.

It is not normal to expect something for free. You do not have the right to someone else's productivity on your terms, you have it on theirs.

I got this far down in the comments before I realized that this subject was such a big deal to everyone because, for them, their phones are what they use to interact with websites. It's bizarre. Last year I needed to watch a video to do a simple furnace repair, and I could not watch it on my phone... I'd have to keep going back to my desk to watch it there, and then return to do the fix.

Even the laptop's difficult to do much on unless I have it plugged into the dock and the two monitors.

I'm not sure when everyone and myself diverged, but it feels pretty strange.

I do not watch videos on my phone either. I have never visited YouTube on my phone, for example. In fact, I rarely use my phone.
It's been normal for thousands of years to pay for services which you use.
Cool, no one argued against that.

I will not contribute to an ad-ridden world (whether by paying or using), but you do you.

But, I was talking about contributing to a world with less ads… I feel like something is going wrong here.
If that is the case, then I misunderstood you.
If I pay I expect not to see ads. If I would, I would not pay and stop the subscription.
Right. My problem is that we have to pay to not see ads (which enables them to show ads unless paid), or we do not pay and we see ads, but ultimately in either case we are paying for ads or because of ads, which means ads are going to stay here forever.
Ok, but what is the alternative?
Collectively not using the service, but I know it is just a dream. For the time being, adblockers and not paying for ads is a start?
You realize Hacker News is marketing for YC right?
Hacker News is shoving ads down your throat? I have no idea how you could compare it to what websites are typically doing, or what YouTube is doing.
I paid a one time lifetime fee of $6 for 1Blocker over 10 years ago for iOS.

They have a new version that is now $40 for a lifetime license. But the old version still works.

Better than viewing ads.
I mean… putting the app onto the store costs a yearly fee + development costs. I don’t think the dev should pay that out of their own pocket.
[flagged]
Imagine asking the browser on my hardware to do things I don’t want it to do, and acting shocked when I tell it not to.
https://news.ycombinator.com/item?id=45749983
Yeah, sorry, I realized after I commented.
Imagine there's a business that can't really enforce whether you walk out without providing compensation. You realize you have the home court advantage on enforcement and guess what, you don't want to pay. It's your browser/wallet and that's your prerogative. But what does that mean about how tempting their goods are? Do we have prerogative to these goods?

Should we live in a world where we only permit business models that require customers pay directly or don't enter at all?

Of course there is a means to enforce payment, paywalls. Ads are a particular model for monetization, it does not mean it is the only one. How about when you want to see a movie, nobody will let you in unless you have bought a ticket. Now of course theaters know that you have paid, but they still say, hey, here are 30 minutes of ads to go with your movie, but then it is then fair for us to show up late.
You know, I do not actually know that a website had ads before clicking on a link to it; I would be happy to only visit websites without ads.

It’s scummy to shove ads in my face without at least warning me and giving me a chance to leave, I think.

Fair point. There should be a header to reveal whether the payload has ads. Then you can refuse right there.
https://news.ycombinator.com/item?id=45177601
My reply was about not willing to pay for an ad blocker.

The state of ads on the web is abysmal, but I'm not beyond paying someone for the work they do to create, test and update the extension that gets rid of them

  • mlok
  • ·
  • 2 days ago
  • ·
  • [ - ]
The lack of proper adblocker on iOS is what convinced me to use the Brave browser instead of Firefox or Safari. An adblocker is included by default.

And as a bonus : possibility to keep music videos playing while changing app. (A parameter has to be switched for that though)

Brave has also been great here. It even blocks google/reddit login/gps/<insert annoyance> popups.

With brave you can uninstall the native Reddit app and just use the webapp instead, without ads and stupid-ass "It's better in the app!" or "instead of taking a screenshot, use the share button!" messages.

What about downloading videos? I think it's the only thing holding me back from switching from the app, since I don't wanna share reddits posts, but the videos themselves.

Off-topic but damn how shitty of them to add their own watermark when you download an image from a post, and then they dare to say "Better to use the share button!" if you take a screenshot of it instead.

What do you mean by “lack of proper adblocker”? I use Adguard and Ghostery and never see an ad. Ghostery also auto-dismisses cookie popups.

Regarding playing music videos (I guess you’re referring to YouTube), while the playback pauses when you switch away from Safari or lock the phone, you can unpause it via Control Center while in an other app, or on the lock screen.

I've been using Orion for the same reason. It supports chrome/firefox extensions too so you can install uBlock origin, though it's built-in ad-block is quite good but its still cool being able to install other extensions.
Yep, been on Orion for a few months now, not looking back. Safari was awful.
+1 for Orion.
I’ve been using Ad Block Pro with safari on iOS for awhile and works perfectly. Even blocks YouTube ads (I watch YT via Safari)
  • 404mm
  • ·
  • 1 day ago
  • ·
  • [ - ]
That was my setup until recently. The ads are YT blocked well on iOS but it kept having hiccups on iPadOS. I switched to uBlock in safari and it works well. I wish it showed what is being blocked on each page instead of the little counter in the icon.
I recently switched to trying iOS after all of Google's recent Android nonsense and tried all the options. Brave didn't make the cut as it failed to block all the embedded ads on reddit (my personal litmus test). The Orion browser, OTOH, did a great job at it.. and it also supports the full version of ublock-origin if I need even better ad-blocking. It has a few rough edges, but is working out to be a nice default web browser for the phone.
Every time I read this I ask for example of which web pages do you see ads using 1Blocker that uses th4 content blocking framework that has been around for a decade.
iOS Safari has adblock support; I've been using AdGuard for years. It's a little bit of a hack, but you can also get system-level ad-block in every app by using Lockdown. Lockdown works by registering itself as a VPN that works kinda like an on-device PiHole.
Doesn’t AdGuard (pro) have this too? Why use both AdGuard and Lockdown?
What? iOS has had "proper adblockers" for years now. It's literally why I switched to iOS. Android was forcing ads in all sorts of places, and forcing things into webviews that had no adblocking. Being able to install adblock that even works in webviews was a huge advantage of iOS to me.
  • gaws
  • ·
  • 1 day ago
  • ·
  • [ - ]
Orion on iOS allows you to install extensions, including uBlock Origin.
  • 404mm
  • ·
  • 1 day ago
  • ·
  • [ - ]
Does it work on YouTube ads?
Yes
Have you tried AdGuard?
I had been wishing for uBlock Origin for Safari for years, but now that it’s here (I’ve been using it since the betas), I’m disappointed. It’s really ugly to look at (even the icon in the toolbar looks out of place), configuration is awkward and resets itself unless you give it full permissions for every website from the get go, and it doesn’t seem to be more effective than other popular blockers. Additionally, pretty much every other blocker includes several extensions to overcome the well-known 150K rule limit, but uBlock Origin only includes one, meaning it can’t be blocking as much.
And it doesn't work anymore when you swipe back. The phone shows the previous page but without any adblocking.

I too hoped for a ublock origin with filters lists, kind of what we have on Firefox or even the lite version for chrome but it's not nearly as good.

And we can't say it's apple fault because other adblockers like Adguard does allow customs lists and custom rules.

uBlock Origin Lite on Safari has been improving since the first release. It has more filter lists, and there is support for custom rules and an element picker to help make those rules.

I also have the same issue with the back button, where that obnoxiously large Google login prompt show up whenever I navigate back to a Stack Overflow page. But it's definitely not all ads that show up when I navigate back. Looking at GitHub issues, it's only Javascript-based blocking that's affected.

https://github.com/uBlockOrigin/uBOL-home/issues/518#issueco...

It works for me, but not as good as the ones based on content list filters. It's also brings odd problems: google.com breaks on first search request, but ipv6.google.com does not.
  • ·
  • 2 days ago
  • ·
  • [ - ]
In all these years I haven’t found a better solution than DNS blocking with NextDNS on iOS. The only place I get ads is YT (but for that I have an Albanian VPN)
If you're in Europe, there's the newly launched DNS4EU project which is free for personal use, and also includes adblocking at the DNS level like NextDNS.

I use it in conjunction with Adguard and secure DNS, but they also publish configuration profiles for iOS.

https://www.joindns4.eu/

https://www.joindns4.eu/dns-guidelines

Woah, that looks like an great effort! Never seen before, wonder why they're not making more noise about it and/or use it for more services, probably would have come across it while poking at various EU services DNS configs if so, but haven't so far.

Anyone happen to know exactly what the "Protective" option is for/does? I see there is one "Unfiltered", and lots of "Protective + Something" options, which is kind of clear what they do, but just "Protective", what does that mean in practice? Couldn't find any concrete information except "It protects you".

Its fairly new, as in June/July 2025, so I imagine they want to iron out the bugs before letting opening the floodgates.

If you check dns0.eu (free dns service for EU provided by the company behind NextDNS), it says they’ve closed down, and refer to DNS4EU or NextDNS.

As for what the different categories cover, they have the block lists they use linked “somewhere” on their page.

Did some research on this DNS since it seemed promising. Apparently they rely on non-EU services? https://cybernews.com/security/european-independent-dns-reli...
Interesting article, i will have to dig around some more.

I want to say though, that the initiative is sponsored by the EU and has privacy preservation as one of it's main objectives, so until proven, i will assume that this is all circumstantial.

For me at least, it solves exactly the use case i was previously using NextDNS for, which was basically DNS level ad blocking, and while i still have a NextDNS subscription, my previous months of testing have proven DNS4EU to be more stable and slightly faster responding than NextDNS (for my usage).

EU? Sponsoring privacy preservation? I’m skeptical, to say the least.
Humm they only mention wifi. Can't do it on [3-4-5]G?
of course it can, it's all TCP/IP anyway, and the DNS has no clue about your transport layer.
I did look at iOS and couldn't find DNS settings for the [3-5]G connection, that's why I'm asking...
  • rsync
  • ·
  • 1 day ago
  • ·
  • [ - ]
You don’t need to be in Europe.

It works everywhere.

If you're in the EU
Tried using it from outside EU (even from outside Europe ooho) and seems to work just fine. Where are you getting the "only in the EU" from?
I wrote “if you’re in the EU” because the project only has resolvers in the EU, so accessing it from the rest of the world will likely not be worth it over local alternatives.

As for the legality, the following text is from their website:

> Yes, our DNS4EU Public Service is completely free for citizens. Although primarily intended for users within the European Union due to our infrastructure's geographic distribution, we impose no restrictions on users from other locations.

Parent initially wrote "If you're in Europe" and you tried to correct them with "If you're in the EU" which is an irrelevant correction really, the revolvers are in Europe (and EU) so obviously makes sense for anyone in Europe or nearby to use it. And for others, as secondary/verification. And yes, primarily usage is obviously for Europeans/people within EU, makes sense.
  • Havoc
  • ·
  • 2 days ago
  • ·
  • [ - ]
Thanks for pointing this out
I read that if/when Google find out that you’re not actually Albanian they’ll immediately band your entire account. So I wouldn’t recommend doing this trick for your main Google account that has your email and Google drive stuff….etc. you likely want to create a burner account just for this.

Also do you connect to the Albanian VPN all the time? That would mean all the websites you connect to now think your in Albania

Google DGAF. And I don’t use their other services. Especially not email.

I use their WireGuard endpoint with the WireGuard app in iOS. I have the WireGuard app icon next to YT and toggle it as I start using and stop using YT. I’ve set mullvad dns to also block ads etc so if I forget to turn the VPN off it’s not a big deal.

I tried selective routing but it’s impossible to figure out the YT IPs. They overlap with GCP infra and a lot of apps block connections from Albania so they break and the VPN has to be toggled.

If someone knows of a list that only includes YT servers I’d love that because wireguard lets you do routing easily if you have CIDR blocks.

The to be honest for me toggling on and off the VPN every time I want to watch YT is just too annoying. I’m happy just watching YT as free in safari with ad block installed.
I block YouTube ads on iOS by watching in the browser (with no YouTube app installed) and using AdGuard.
YT in the browser on iOS is torture.
It's fine if you use Vinegar [0]. No ads and you can even lock your phone and keep listening to the videos.

[0] https://apps.apple.com/us/app/vinegar-tube-cleaner/id1591303...

Thanks will check it out
How so? I also use adguard and yt on browser in ios works brilliantly.
Rewinding the video by double tapping left or skipping ahead by double tapping right, enabling subtitles, watching in 2x speed, full screen, toggling back and forth without losing your place in the video.

You get no ads but everything else sucks. I haven’t tried sibling’s suggestion for vinegar though, I’m taking about stock with a dns blocker.

Why not just pay for a subscription instead of VPN?
I did use to have an subscription to YouTube, but they kept increasing the pricing, and once they've 4x'd the original price, I felt like it wasn't worth it anymore, and they'll just continue raising the prices indefinitely, and that's not a business strategy I'd like to support by continue subscribing.

People always say "vote with your wallet" and that's pretty much why people go any other way than "Subscribe and pay Google money" today with YouTube.

Because I don’t want to give google any money. And mullvad has many other uses besides blocking YT ads.
  • ·
  • 1 day ago
  • ·
  • [ - ]
How does the Albanian VPN help? No ad revenue in Albania?
For some reason there are no YT ads in Albania. It’s refreshing.
The CPM difference in US vs. rest of the world is huge. If Albania has cpm near zero, it's not worth to show ads there.
Why not pay for YouTube premium instead of paying for an Albanian VPN? Then your money goes to the video makers you watch.
I abhor google and don’t want to give them money.
>Then your money goes to the video makers you watch.

It does not actually, a large chunk of the money goes to Youtube.

And actually, I would happily pay for either the creator or myself to fund the content hosting. I pay for Nebula for example.

What I refuse to pay for is a company who has routinely fucked over innocent creators doing nothing wrong, and a company who has threatened to burn those people's livelihoods to the ground for triggering false positives in terribly made automated systems that Google leans on to have a higher profit margin.

What I refuse to pay for is a company who uses their absolute control of the platform to enforce a system of Clickbait thumbnails and titles, by insisting on an adversarial system of surfacing content. I am subscribed to a creator, but if I don't click on their next video one of the first times google shows it to me, google will stop showing me content from that creator that I am still subscribed to. If enough people do not click on it in the first couple impressions, google will not show that video to anyone.

Google will also punish users who make such awful and deplorable content as... War history (accurate or not), until recently swearing, videos about aircraft (somehow ended up labeled as a content mill), An end of year summary and highlights video that is exclusively crafted out of content that exists already live on your channel and is not demonitized but when you release that highlight reel it immediately gets demonitized so since you are a big ish channel you ask your account rep wtf and they tell you oh its a mistake it wont happen again. And then, next year, it happens exactly the same, with the added bonus of this time all the content on your channel that wasn't previously demonitized also gets demonitized to go with it, even though your rep once again says this is a mistake.

Remember how youtube used to have so much small time animation, and some of it was great? Notice how it's gone now? Youtube changed what they were prioritizing in the algorithm, and that killed the entire business of small time animation. An entire era of internet media that started before youtube and drove the power and influence of Newgrounds was just wiped out because it wasn't profitable enough. This was separate from the time that youtube also cut ad rates in half without warning.

I will pay for youtube when they demonstrate that they want good content on their platform. I will pay for youtube when, instead of platforming and supporting and paying big bucks for Mr Beast and his awful empty content, they support channels like Applied Science, and Breaking Taps, and NileRed, and Explosions&Fire, and Thought Emporium, and Stuff Made Here, and BPS.Space, and Jeff Geerling, and Dave from EEVBlog, and Brandon F, and Technology Connections, and Practical Engineering, and How to Cook That, and Ze Frank, and AvE, and the other Mountains of people who make great content that is high quality and well made and carefully done and not feeding into gross addiction systems.

But their hard work does not match Youtube's desire to be a constant churn 24/7 watching ad delivery platform, so google punishes them and rewards the people literally trying to scam children instead.

That is why not pay for Youtube Premium.

Safari ads are not blocked when using NextDNS. Is it just me?
Safari does not respect the operating system’s DNS settings, it uses its own. I have seen several reports online that you can disable this behaviour by turning off iCloud Private Relay or disabling Advanced Tracking and Fingerprint Protection, but was never able to do so with various combinations.
> Safari does not respect the operating system’s DNS settings, it uses its own.

I have known this for a long time, and still find it shocking. I run Graphene on a Pixel now (with my own DNS server), so I don't really care, but I feel bad for the hundreds of millions of Apple users who think that Apple is a "privacy-respecting" company.

I don't think this behavior is expected. When I've tested it, I was able to get DNS to behave in the expected manner. Apple does make design decisions that can be frustrating, but in most cases I find 1) there's a way to work around it or 2) the decision was the lesser of two evils.

Absolutely love GOS as well. What are you using for your DNS server?

How are you setting DNS and on which platform? I've tested this extensively and it does work in my experience.
iCloud Private Relay is the only thing that stops Safari using your NextDNS config, turn that off and you're golden. I've been using NextDNS since it launched, I love it.
> iCloud Private Relay is the only thing that stops Safari using your NextDNS config

Maybe that’s true for the NextDNS configuration—I don’t know, I haven’t tested, so I’ll take your word for it—but not true for DNS settings in general.

> turn that off and you're golden.

Unless you want iCloud Private Relay, in which case you’re not.

It’s is.
It’s not, and a basic “Safari DNS” web search shows you it’s not.
Is this legitimate? I can’t find any reference to this on Raymond Hill’s github or ublock’s web site.
https://github.com/uBlockOrigin/uBOL-home mentions it.
  • ·
  • 2 days ago
  • ·
  • [ - ]
  • ·
  • 2 days ago
  • ·
  • [ - ]
  • joak
  • ·
  • 2 days ago
  • ·
  • [ - ]
The normal uBlock origin extension can be installed on Orion browser for iOS

Orion is webkit and can be set as default browser.

Unfortunately uBlock Origin on Orion is a bit flaky. Also, the phone heats up a bit, but that might be due to Orion itself.
  • islon
  • ·
  • 2 days ago
  • ·
  • [ - ]
Yeah, I have the same problem. Had to stop using Orion because it always heated up the phone too much. A shame. Hopefully they fix it.
  • ilt
  • ·
  • 1 day ago
  • ·
  • [ - ]
How does Orion manages to run chrome and firefox extensions when even iOS chrome and firefox browsers can’t?
Personally I’ve been using Brave browser on desktop and iOS. It has some of the best adblocking on mobile. Also use adguard pro which provides dns level filtering.
Vivaldi is mine as it blocks YouTube ads and lets me play yt videos with the screen locked.
Why do you need AdGuard Pro and Brave blocking? Isn’t that duplicative?
I wanted uBlock Origin Lite to win, but based on my personal experience with uBlock Origin Lite, 1Blocker, and Wipr, I find that 1Blocker blocks far more on the sites I visit. uBlock Origin Lite and Wipr are roughly equal in second place. YMMV.

It helps to run everything by Cover Your Tracks[1], too.

1. https://coveryourtracks.eff.org/

A more native open-source version:

https://github.com/0xCUB3/wBlock

I’ve been using wBlock and it is fantastic. It supports nearly identical functionality as compared to uBlock Origin Lite.
  • beala
  • ·
  • 1 day ago
  • ·
  • [ - ]
Scrolling through the comments reading about all the adblockers that folks recommend makes my head spin. Why exactly should I trust any of these to have full access to my browser? Looking through the app store I see so many that are clearly trying to impersonate the well known ones by using similar names. It sounds like uBlock Origin Lite is trusted by many, but watch out for Ublock and 1Block, which are also top App Store results. Going off memory, the the chrome store is even worse. The whole situation is extremely sketchy. This is not even to mention supply chain attacks which could hijack even honest projects.

Personally I’ve settled on blocking at the DNS level with unbound and a blocklist. It’s not perfect but it limits the blast radius.

  • gruez
  • ·
  • 1 day ago
  • ·
  • [ - ]
>Why exactly should I trust any of these to have full access to my browser?

Content blockers on iOS don't have "full access". Most adblocking apps provide both a content blocker and an extension, the latter of which is used to work around stuff that content blockers can't block, or bugs that result as of blocking scripts from loading, but they're not needed. You can get 95% of the functionality by just using content blockers.

  • beala
  • ·
  • 1 day ago
  • ·
  • [ - ]
I guess my head is still spinning.

I took a second look at ad blockers on the app store, and many report that they collect various bits of data. Are you saying that there's a special content blocker component to all of these that can't collect data because they're isolated by iOS? I'm not sure how anyone who isn't a iOS developer is supposed to navigate this. To uBlock's credit, their App Store page reports that they collect no data, but is this enforced by iOS? Or just a checkbox that the developer clicked?

  • gruez
  • ·
  • 1 day ago
  • ·
  • [ - ]
>I took a second look at ad blockers on the app store, and many report that they collect various bits of data.

Because the "app privacy" disclosures that apple only contains broad categories about what data the app can possibly collect. If the app collects analytics in the UI itself (ie. the part where you select filters or whatever), it has to say the app collects analytics. It's not possible to say "we only collect analytics on your usage of the app, not what your browsing history is".

>Are you saying that there's a special content blocker component to all of these that can't collect data because they're isolated by iOS?

Yes.

> but watch out for Ublock and 1Block, which are also top App Store results.

Honestly this is more of an App Store issue than an Adblock one. For all of Apple's purported talents in curation, they really cannot seem to filter out the odd trojan horses: https://blog.lastpass.com/posts/warning-fraudulent-app-imper...

There are dubious results for "uBlock" as well on browser extension stores. If it's not breaking rules (copyright violation, malware) it's precarious for companies to take action. It's obvious to me that uBlock Origin is the "correct" result, but how would a company determine that at scale?

The app was removed a day after your article was posted. The app name, developer, icon, and images are all different. It's absolutely a problem, but it was addressed.

If Apple aggressively took action against this with a high error rate, the headlines would probably be about anti-competition, censorship, and upset developers.

> but how would a company determine that at scale?

Two-way signature validation. Apple distributes unique developer IDs; make the dev sign the app locally before uploading it, like Google does for the Play Store. If those trojan horses still make it through Apple's manual inspection process, then they need to fire everyone working for the App Store and replace them with AI.

> If Apple aggressively took action against this with a high error rate

They need to take action. Apple's entire argument for an App Store monopoly is that they curate apps individually before they're uploaded to ensure a baseline of quality. When they stop vetting apps and allow the App Store to become like every other store, their argument in favor of monopoly control evaporates.

So yes, it would be anti-competitive censorship, but that's nothing Apple hasn't done before. The real issue is that their "premium" store interface is getting shown-up by the Google Play services. At the going rate there won't be anti-competitive behavior to complain about since Apple will be forced to accept competing storefronts - and they have no one to blame but themselves.

Semi-OT: you can use Wireguard through a home network (with dynamic dns) that has a PiHole or similar setup if you want more broad ad blocking for all apps while away from your home network.
EasyPrivacy has too many false positives, and no way to report them. If you are a techie who understands what the messages mean, and can click the button to proceed to a site on a false positive, then it's fine to have it turned on. But if you are setting up ad blocking for a non-technical user, I would recommend turning EasyPrivacy off.
Meanwhile firefox with full adblock and adguard dns/pihole if you like to selfhost, never seen an ad on my samsung phone.
  • prrar
  • ·
  • 1 day ago
  • ·
  • [ - ]
Wipr 2 is my adblocker for all iDevices. It works flawlessly. EDIT: other extensions are Hush and Sponsorblock.
How does it compare to AdBlock Plus?
What's the advantage of a macOS app over a browser extension? (currently I use the latter)
  • ge96
  • ·
  • 2 days ago
  • ·
  • [ - ]
I use lite on firefox android it's great

It's funny my Motorolla phone keeps installing random games on it like ugh...

  • ffsm8
  • ·
  • 2 days ago
  • ·
  • [ - ]
Why use lite on Firefox/android, considering the normal one is available too?
  • ge96
  • ·
  • 2 days ago
  • ·
  • [ - ]
Oh yeah my bad I mis-rememebered, I use lite on chrome pc and the regular mobile firefox
So you are using Firefox on Android which is frankly janky but not on computer where it actually shines ?
  • ge96
  • ·
  • 1 day ago
  • ·
  • [ - ]
Still primarily Chrome but use Firefox for other accounts
I believe the parent means proper full-fat uBlock Origin. Not the neutered lite WebExtension Manifest v3 versions. Using real Firefox with uBlock Origin on Windows, macOS, and Android with sync is simple to set up and works great.
Which model is that? I have a single "Moto" app on mine that is un-removable and that is all bloat I can find.
  • ge96
  • ·
  • 1 day ago
  • ·
  • [ - ]
Moto G Power 5G 2024

It is a cheap phone I think I got it new at $160 and that's the thing it has 8GB of RAM, the pictures are subpar (blurring) but other than that it works for me, multi-app non-game

This is on Verizon but yeah it'll just install new games and say "Enjoy these new apps" I'm like wtf I think most recently one of the games it installed is Mahjong

edit: apparently it's MotoApps doing it

If MotoApps are doing this, it is impressive they can also do that on Samsung phones:

https://community.verizon.com/t5/Mobile-Network-Archive/Game...

How? Mozilla famously refused to add uBlock Origin lite to extension store
  • ge96
  • ·
  • 1 day ago
  • ·
  • [ - ]
I was mis-remembering, elbatorated in another comment, I'm using regular UBO on android firefox
uBo paired with 1Blocker and Hush has my safari running at 100% blocked on all the adblock test sites. I was only at 84% with Adguard. Its a small improvement, but I'll take it.
Those "adblock test" sites misinform people, they should never be used as they lead people to make bad decisions regarding their choice of content blockers.[1]

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1985170#c3

TIL direct from GOAThill

Good read: adblock test sites can be wildly inaccurate (alerting to connections that never made it, given redirect to the local shim resource) and can easily be gamed.

I'm wondering which ad blocker you've had success with...specifically I'm wondering:

- Does this also block ads on Youtube (in the browser)?

- Can this block Youtube Shorts (they're way too addictive for me)?

I don't know about YT Shorts but Vinegar [0] blocks ads.

[0] https://apps.apple.com/us/app/vinegar-tube-cleaner/id1591303...

  • insin
  • ·
  • 1 day ago
  • ·
  • [ - ]
Control Panel for YouTube[^1] can block ads and Shorts in the browser

[^1]: https://soitis.dev/control-panel-for-youtube

The best way to block YouTube Shorts is using a modified APK on Android. Plus, you don't get ads.

I'd almost use the "real" YouTube app with ads on, if I could disable Shorts entirely.

  • SG-
  • ·
  • 2 days ago
  • ·
  • [ - ]
yes this blocks YouTube ads in the browser.
I use NextDNS on my iphone. It works well but be warned it can break some apps so you'll need to do some allow-listing
My biggest issue has been with captive portals for open WiFi networks. Allowlisting has helped some I think but not perfect
Would it work with Firefox iOS?
No, that browser does not support extensions.
One annoying thing I have is, when I want to disable Adblock on some website (suspecting Adblock impair functionality, or where Adblock is not needed), I need to grant the extension full access before I can disable it.

Is there some trick I am missing?

I can'e even imagine browsing the web without ublock origin. How and Why Apple users endured it, I fail to comprehend.
Not everyone uses Safari. But even so there are plenty of capable ad blockers for it, uBlock Origin is far from the only option.
Why not use a phone that allows you to use the full version ublock? Ios is everything that is wrong with software today in one package.
Because I choose my phone based on hundreds of different factors.

Whether it can use uBlock is just one factor.

Other phones have their own downsides.

Care to elaborate what is so wrong with it?
No sideloading, forced safari, locked os apis to cripple 3rd party accessories and apps (like watches or cloud software), updates crippling performance, massive number of bugs, especially if you don't use iCloud (i lost data multiple times after the update), to mention a few.
It doesn't allow you to use the full version of uBlock.