Subscribe to our newsletter:

Endless Browser

iPhone / iPad
  • Utilities
I want this app
Download from AppStore

Endless is a free, open source web browser built with privacy and security in mind.

- Multiple tabs with automatic blocking of non-touch-initiated popups

- Integrated 1Password support to quickly fill login and password information from your 1Password store (requires 1Password iOS app to be installed)

- Integrated full HTTPS Everywhere ruleset to do on-the-fly URL rewriting to force requests over SSL where supported, including setting the secure bit on received cookies and auto-detection of redirection loops

- Defaults to only accepting cookies and local storage for the duration of the session (until the last tab accessing that data closes) with an editable whitelist of hosts from which non-session data will be saved

- Auto-destroys non-whitelisted cookies and local storage (even within the same tab) that has not been accessed by any other tab within a configurable amount of time (defaults to 30 minutes) to improve privacy after browsing within a long-running tab

- Cookie and localStorage database listing and deletion per-host

- Disables SSLv2 and SSLv3 by default, supports a configurable minimum TLS or SSL version to require (defaults to TLS 1.2)

- HTTP Strict Transport Security (RFC6797) implementation with Chromium's large preload list

- Integrated URL blocker with a small included ruleset of behavior-tracking advertising, analytics, and social networking widgets (this list is intended for enhancing privacy and not to be an AdBlock-style comprehensive ad-blocking list)

- Blocks mixed-content requests (http elements on an https page), shows broken padlock

- Blocks pages loaded from non-local networks (i.e., the internet) from trying to load sub-requests (e.g., images, iframes, ajax) from hosts that are on local RFC3330 networks such as routers and other insecure devices

- Shows organization name in URL bar for sites with EV SSL certs

- Integrated SSL certificate viewer by tapping on padlock icon, highlighting weak SSL certificate signature algorithms

- Optional sending of Do-Not-Track header on all requests

Download source code and contribute at