App Detail » Endless Browser

What's New

Endless now requires iOS 10.0 at a minimum for optimal security.

Lots of new features in 1.0:
- Adds a donation page at the bottom of the settings menu where you can support development of this app with an in-app purchase - your continued support is greatly appreciated!
- Optional dark mode interface, other minor UI improvements
- Keyboard shortcuts on iPad (hold down Command key to see them)
- Add custom home page setting to override search engine homepage
- Host-specific settings menu (persistent cookies, TLS version, etc.)
- Add per-host mixed-mode content policy to allow overrides for things like RSS readers
- Add per-host content policy settings to disable Javascript, media, etc. on certain hosts
- Remove SSLv3 support (iOS 9 did this for us), disable weak TLS ciphers by default
- Add IPv6 support to "block external LAN requests" functionality
- Make UA string more like Safari
- More analytics hosts added to block list
- Update to https-everywhere 5.2.9
- Replace 'Open in Safari' menu option with a generic 'Share URL' option, which also includes Safari
- Add optional crash reporting through Crashlytics (disabled by default)
- Enable iTunes file sharing so you can download (and later re-upload) your per-host setting files

Bug fixes:
- Improved stability and greatly reduced memory usage
- Fix occasional UI layout bugs when closing tabs
- Fix blocking of redirected URLs
- Fix injected Javascript for hosts doing non-standard window.open() calls
- Update location bar with proper URL early, when upgraded by HTTPS Everywhere or HSTS rules
- Handle HTTP 303 redirects
- Find more localstorage files to delete when doing auto-sweep

App Description

Endless is a free, open source web browser built with privacy and security in mind.

- Multiple tabs with automatic blocking of non-touch-initiated popups

- Keyboard shortcuts for iPad (hold Command key to see a list)

- Integrated full HTTPS Everywhere ruleset to do on-the-fly URL rewriting to force requests over SSL where supported, including setting the secure bit on received cookies and auto-detection of redirection loops

- Auto-destroys non-whitelisted cookies and local storage (even within the same tab) that has not been accessed by any other tab within a configurable amount of time (defaults to 30 minutes) to improve privacy after browsing within a long-running tab

- Per-host configuration for blocking Javascript, external connections (websockets, media, etc.), fonts

- Disables SSLv2 and SSLv3 by default, supports a configurable minimum TLS or SSL version to require (defaults to TLS 1.2)

- HTTP Strict Transport Security (RFC6797) implementation with Chromium's large preload list

- Integrated URL blocker with a small included ruleset of behavior-tracking advertising, analytics, and social networking widgets (this list is intended for enhancing privacy and not to be an AdBlock-style comprehensive ad-blocking list)

- Blocks non-whitelisted mixed-content requests (HTTP elements on an HTTPS page), shows broken padlock

- Blocks pages loaded from non-local networks (i.e., the internet) from trying to load sub-requests (e.g., images, iframes, ajax) from hosts that are on local networks such as routers and other insecure devices

- Integrated SSL certificate viewer by tapping on padlock icon, highlighting weak SSL certificate signature algorithms

- Optional sending of Do-Not-Track header on all requests

- Integrated 1Password support to quickly fill login and password information from your 1Password store (requires 1Password iOS app to be installed)

Download source code and contribute at https://github.com/jcs/endless

App Changes

• July 02, 2015 Initial release
• July 15, 2015 New version 0.95
• August 26, 2015 New version 0.96
• January 05, 2017 New version 1.0