MobileIron does not wrap the iOS extensions

I am sorry for the spoiler in the title. But we discover that the iOS extensions do not work properly after wrap an app with MobileIron and we did not found any information about it on MobileIron documentation and neither on Internet. Because of that we choose to use this title in order to help other developers that have the same issue that we had.

MobileIron is a MDM (Mobile device management). A platform that allows to distribute apps inside a company and also add to that apps an extra security layer (passcode, remote wipe, secure tunneling…).
Is one of the most used MDM.

At this time we found that  a mobile app wrapped with the Mobil Iron Wrapper that use “Secure Tunneling” to access to a internal server have problems.
If we use the main app it works fine and the app can access to the internal network but is we try to use the Share In extension the app can not access to the internal network.

Mobile Iron Wrapper

Using a proxy (Charles or Mitproxy) we saw the network request and we discover that the Wrapper of MobileIron change the URL of the request on the fly.

If the app have to connect with (internal server not accessible from internet) the URL is changed to (external server) that it is the MobileIron server who make the tunneling. Because of that all the request that have to go to first at all pass for and are redirected to

But on the Share In extension it does not happens. The URL never change and always the app tried to connect with So the request never comes to their destiny. Also we saw that the Passcode was never asked on the Share In extension. Because of that we thought that the Wrapper did not wrap the extensions.

With all those information we wrote to the MobileIron support team and they confirmed our theory.

The MobileIron Wrapper do not wrap the extensions because the extension can not read the policies. When we open the wrapped app this app automatically open Mobile@Work that it is a MobileIron app that read the policies and apply it on the wrapped app.

When we use an extension that “flip” between apps it is possible because the extensions work in a different process so MobileIron can not open Mobile@Work and come back to the extension.

The extensions use to have small functionalities be that functionalities could allow to a user access to restricted information so it is very important to know it in order to not have a security issue on our wrapped apps.

Leave a Comment

¿Necesitas una estimación?

Calcula ahora

Privacy Preference Center

Own cookies

__unam, gdpr 1P_JAR, DV, NID, _icl_current_language

Analytics Cookies

This cookies help us to understand how users interact with our site

_ga, _gat_UA-42883984-1, _gid, _hjIncludedInSample,

Subscription Cookies

These cookies are used to execute functions of the Web, such as not displaying the advertising banner and / or remembering the user's settings within the session.

tl_3832_3832_2 tl_5886_5886_12 tve_leads_unique