2.12.1 beta

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

In the previous version of AdGuard for Mac, some users encountered the issue when the “AdGuard wants to make changes” prompt appeared after every system reboot. In AdGuard v2.12.1 for Mac, we’ve fixed this bug and updated CoreLibs and DnsLibs.

Changelog

Fixes

• AdGuard constantly asks to enter administrator password after reboot #1307
• In 'have-result' state the connection has timed out #1180
• AdGuard blocks all the requests to a .local domain when you use 127.0.0.1 local rule #207

CoreLibs

• Updated CoreLibs to v1.12.78 #1308

DnsLibs

• Updated DnsLibs to v2.2.36 #1314

How to install AdGuard for MAC

• Standalone build, release channel
• Standalone build, beta channel
• Standalone build, nightly channel

2.12

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

We are happy to announce the release of AdGuard v2.12 for Mac! This time we have worked a lot to improve your privacy and user experience. Please note that this version of AdGuard for Mac no longer supports macOS High Sierra 10.13 and Mojave 10.14. If you are currently using an older version of Mac, please download the previous version of AdGuard.

AdGuard v2.12 for Mac beta boasts significant improvements. Before AdGuard for Mac could only filter HTTP/1 and HTTP/2 traffic. In v2.12 we have updated CoreLibs so now users can enable HTTP/3 filtering. HTTP/3 (HTTP-over-QUIC) is the latest version of the HTTP protocol that uses QUIC instead of TCP. The QUIC network protocol has a lot of advantages over the TCP transport layer protocol. It provides increased privacy and security, a more stable and faster Internet connection, etc. Enabling HTTP/3 filtering allows you not just to use all the advantages of QUIC protocol, but also block advertisements and trackers! Now our users can enjoy fast Internet connection without any disturbance.

Currently, HTTP/3 filtering is an experimental feature. Also, due to a browser-specific bug, this feature is now broken in Chrome. However, it should work fine in Safari and Firefox. To use HTTP/3 filtering, go to Advanced → Advanced Settings → network.https.filter.http3.enabled.

We have also fixed compatibility issues with WARP, updated Scriptlets, CoreLibs and DnsLibs.

Changelog

Features

• Experimental HTTP/3 filtering support #1253

Fixes

• AdGuard is not blocking ads in "Web Apps" on macOS Sonoma by default #1292
• The pointer does not change when hovering over the update button #1244
• The app is installed with one non-recommended annoyances filter instead of 5 recommended ones #1263

Important for filter maintainers

Features

• Added $method modifier for basic rules #1713
• Allowed $stealth rules with empty pattern #1762

Fixes

• $jsonprune, $replace, $hls do not work with non-GET-POST HTTP methods #1743
• $path modifier does not work on the path market.yandex.ru/? #1726
• $jsonprune modifier should be able to handle quotes for jsonp #1734
• $network rules does not work on macOS with kext #1773
• Consider :has(), :not(), :is() as a standard pseudo-class if ExtendedCss usage is not forced by #?# rule marker #1683

Scriptlets

Scriptlets updated to v1.9.62

Features

• Added API method to convert redirects based on their name #346
• Improved trusted-replace-fetch-response/trusted-replace-xhr-response — add ability to replace all matched content #303
• Added new scriptlet evaldata-prune #322
• Added new scriptlet remove-node-text #318
• Added new scriptlet trusted-replace-node-text #319

Fixes

• Added new way for returning supported values of set-constant scriptlet #316
• cannot apply rule message removed for logging scriptlets #313
• AdGuard takes commas into account when converting rules to uBO rules #343
• Improved prevent-xhr scriptlet #347
• log-addEventListener — a lot of errors are printed to console #335
• Scriptlets prevent-fetch, prevent-xhr do not help if a request/domain is blocked by DNS filtering #334
• Added Accept and Reject values for set-cookie #336
• Made case-insensitive values for set-cookie #342
• Modified google-ima3 to avoid conflict with the DAI SDK #331
• Modified storage item scriptlets to add ability to remove item by key #338
• Mock getResponseHeader() and getAllResponseHeaders() methods for prevent-xhr and trusted-replace-xhr-response #295
• Fixed issue with pruning when addEventListener was used before calling send() method in m3u-prune and xml-prune scriptlets #315
• Added ability for prevent-element-src-loading scriptlet to prevent inline onerror and match link tag #276
• trusted-set-cookie-reload — website is not reloaded if $now$ value is used #291
• Cookie setting scriptlets — name and value encoding problem #311
• Instance properties of Response issue in scriptlet and redirect #297
• Value encoding problem with trusted-set-cookie and trusted-set-cookie-reload scriptlets #320
• Fixed googletagservices-gpt — updateTargetingFromMap() #293
• Scriptlets should handle escaped quotes correctly #286
• The application now reflects the version from which scriptlets or redirects are supported #273
  ​

Versions

• Updated CoreLibs to v1.12.75 #1294
• Updated DnsLibs to v2.2.27 #1299
  ​

CoreLibs

Features

• Added support for HTTP/3 (IETF QUIC) ("h3" protocol) #487
• Migrated to the new XPC interprocess communication system #1675
• Added $to modifier #1714
• Added $referrerpolicy modifier #135
  ​

Fixes

• uBO media queries are not supported #1707​
• WARP gets an error "unable to connect" if AdGuard is already running #1234
• A few seconds delay when visiting ipTIME home routers #1756
• AdGuard desktop version with ECH setting blocks access to domains if VPN extension is enabled #1751
• AdGuard slows down WebPage loading time #1522
• Exception rules interfere with each other #1749
• Hide referer with "Hide your search queries" option enabled if request made by click #1766
• Cosmetic rules don't work at mypikpak.com #1767
• When the network.https.ech.enabled setting is enabled, ECH GREASE is enabled for sites that do not support ECH #1781
• Error when processing script text decryption key not found #1750
• Sometimes DNS fallbacks helper returns 127.0.0.1 instead of provider's servers #1687
• TCP/IP: Added new reject mode - ICMP administratively prohibited #1774
• UDP timeout is too small in TcpIpStack #1796
• User script SaveFrom helper gives an error when downloading video from ok.ru site #1776

DnsLibs

Features

• Add "lb._dns-sd._udp.*.in-addr.arpa" to the default list of exclusions #194

Fixes

• DoH tries to use stale connection too much time #200
• sdns:// cert pinning is incorrect #205
• Do not direct 127.0.0.1 into outbound proxy #195

UserscriptsWrapper

UserscriptsWrapper updated to v1.2.20

Fixes

• User scr...

2.12 beta 2

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

The release of AdGuard v2.12 for Mac is right around the corner, but first, we have a small update to make the app more stable.

Changelog

Versions

• Updated DnsLibs to v2.2.27 #1299

How to install AdGuard for MAC

• Standalone build, release channel
• Standalone build, beta channel
• Standalone build, nightly channel

2.12 beta

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

We are happy to announce the release of AdGuard v2.12 for Mac beta! This time we have worked a lot to improve your privacy and user experience. Please note that this version of AdGuard for Mac no longer supports macOS High Sierra 10.13 and Mojave 10.14. If you are currently using an older version of Mac, please download the previous version of AdGuard.

AdGuard v2.12 for Mac beta boasts significant improvements. Before AdGuard for Mac could only filter HTTP/1 and HTTP/2 traffic. In v2.12 we have updated CoreLibs so now users can enable HTTP/3 filtering. HTTP/3 (HTTP-over-QUIC) is the latest version of the HTTP protocol that uses QUIC instead of TCP. The QUIC network protocol has a lot of advantages over the TCP transport layer protocol. It provides increased privacy and security, a more stable and faster Internet connection, etc. Enabling HTTP/3 filtering allows you not just to use all the advantages of QUIC protocol, but also block advertisements and trackers! Now our users can enjoy fast Internet connection without any disturbance.

Currently, HTTP/3 filtering is an experimental feature, and we’ll evaluate its stability during the beta phase. Also, due to a browser-specific bug, this feature is now broken in Chrome. However, it should work fine in Safari and Firefox. To use HTTP/3 filtering, go to Advanced → Advanced Settings → network.https.filter.http3.enabled.

We have also fixed compatibility issues with WARP, updated Scriptlets, CoreLibs and DnsLibs.

Changelog

Features

• Experimental HTTP/3 filtering support #1253

Fixes

• AdGuard is not blocking ads in "Web Apps" on macOS Sonoma by default #1292
• The pointer does not change when hovering over the update button #1244
• The app is installed with one non-recommended annoyances filter instead of 5 recommended ones #1263

Important for filter maintainers

​

Features

• Added $method modifier for basic rules #1713
• Allowed $stealth rules with empty pattern #1762

Fixes

• $jsonprune, $replace, $hls do not work with non-GET-POST HTTP methods #1743
• $path modifier does not work on the path market.yandex.ru/? #1726
• $jsonprune modifier should be able to handle quotes for jsonp #1734
• $network rules does not work on macOS with kext #1773
• Consider :has(), :not(), :is() as a standard pseudo-class if ExtendedCss usage is not forced by #?# rule marker #1683

Scriptlets updated to v1.9.62

Features

• Added API method to convert redirects based on their name #346
• Improved trusted-replace-fetch-response/trusted-replace-xhr-response — add ability to replace all matched content #303
• Added new scriptlet evaldata-prune #322
• Added new scriptlet remove-node-text #318
• Add new scriptlet — trusted-replace-node-text #319

Fixes

• Added new way for returning supported values of set-constant scriptlet #316
• cannot apply rule message removed for logging scriptlets #313
• Escaped commas in the params during conversion to uBO rules #343
• Improved prevent-xhr scriplet #347
• log-addEventListener — a lot of errors are printed to console #335
• Scriptlets prevent-fetch, prevent-xhr do not help if a request/domain is blocked by DNS filtering #334
• Added Accept and Reject values for set-cookie #336
• Made case-insensitive values for set-cookie #342
• Modified google-ima3 to avoid conflict with the DAI SDK #331
• Modified storage item scriptlets to add ability to remove item by key #338
• Mock getResponseHeader() and getAllResponseHeaders() methods for prevent-xhr and trusted-replace-xhr-response #295
• Fixed issue with pruning when addEventListener was used before calling send() method in m3u-prune and xml-prune scriptlets #315
• Added ability for prevent-element-src-loading scriptlet to prevent inline onerror and match link tag #276
• trusted-set-cookie-reload — website is not reloaded if $now$ value is used #291
• Cookie setting scriptlets — name and value encoding problem #311
• Instance properties of Response issue in scriptlet and redirect #297
• Value encoding problem with trusted-set-cookie and trusted-set-cookie-reload scriptlets #320
• Fixed googletagservices-gpt — updateTargetingFromMap() #293
• Scriptlets should handle escaped quotes correctly #286
• The version that declares support for scriptlets or redirect is specified #273
  ​

Versions

• Updated CoreLibs to v1.12.75 #1294
• Updated DnsLibs to v2.2.24 #1291
  ​

CoreLibs

​

Features

• Added support for HTTP/3 (IETF QUIC) ("h3" protocol) #487
• Migrated to the new XPC interprocess communication system #1675
• Added $to modifier #1714
• Added $referrerpolicy modifier #135
  ​

Fixes

• uBO media queries are not supported #1707​
• WARP gets an error "unable to connect" if AdGuard is already running #1234
• A few seconds delay when visiting ipTIME home routers #1756
• AdGuard desktop version with ECH setting blocks access to domains if VPN extension is enabled #1751
• AdGuard slows down WebPage loading time #1522
• Exception rules interfere with each other #1749
• Hide referer with "Hide your search queries" option enabled if request made by click #1766
• Cosmetic rules don't work at mypikpak.com #1767
• When the network.https.ech.enabled setting is enabled, ECH GREASE is enabled for sites that do not support ECH #1781
• Error when processing script text decryption key not found #1750
• Sometimes DNS fallbacks helper returns 127.0.0.1 instead of provider's servers #1687
• TCP/IP: Added new reject mode - ICMP administratively prohibited #1774
• UDP timeout is too small in TcpIpStack #1796
• User script SaveFrom helper gives an error when downloading video from ok.ru site #1776

DnsLibs

Features

• Add "lb._dns-sd._udp.*.in-addr.arpa" to the default list of exclusions #194

Fixes

• DoH tries to use stale connection too much time #200
• sdns:// cert pinning is incorrect #205
• Do not direct 127.0.0.1 into outbound proxy #195

UserscriptsWrapper

UserscriptsWrapper updated to v1.2.20

...

2.11

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

In this version we've made it easier to navigate the Advanced settings: they are sorted in alphabetical order, their names can be copied, and column width can be adjusted. Plus, now there is a link to the dedicated Knowledge base article. Besides, we've fixed a few bugs and updated Dnslibs.

Changelog

Features

• Improved Advanced settings #1222
• Added Vietnamese localization #1224

Fixes

• Browser Assistant icon randomly turns gray in v2.10.1 #1247
• Can't select items to block on baidu.com in Safari #1246
• Can't export settings while using outbound proxy #1249
• Typo in the About section in Czech #1225

Versions

• Updated DnsLibs to v2.2.5 #1243

How to install AdGuard for MAC

• Standalone build, release channel
• Standalone build, beta channel
• Standalone build, nightly channel

2.11 beta

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

In this beta we've made it easier to navigate the Advanced settings: they are sorted in alphabetical order, their names can be copied, and column width can be adjusted. Plus, now there is a link to the dedicated Knowledge base article. Besides, we've fixed a few bugs and updated Dnslibs.

Changelog

Features

• Improved Advanced settings #1222
• Added Vietnamese localization #1224

Fixes

• Browser Assistant icon randomly turns gray in v2.10.1 #1247
• Can't select items to block on baidu.com in Safari #1246
• Can't export settings while using outbound proxy #1249
• Typo in the About section in Czech #1225

Versions

• Updated DnsLibs to 2.2.5 #1243

How to install AdGuard for MAC

• Standalone build, release channel
• Standalone build, beta channel
• Standalone build, nightly channel

2.10.1

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

With this patch, we've fixed a bug that caused some userscripts with unicode in the name of the main userscript not to work. We've also made some changes to the experimental support for Encrypted ClientHello (ECH) to ensure that it now works in Kext and Automatic Proxy filtering modes. Finally, as usual, we have updated CoreLibs and DNSLibs.

Changelog

Fixes

• The ECH feature does not work with Kext and PAC filtering mode #1226
• The path modifier does not work on yandex.ru/images #1738
• Custom userscripts do not work after updating to v2.10 #1229

Important for filter maintainers

• $permissions now use Structured Field Values syntax instead of CSP syntax #1748

Versions

• Updated CoreLibs to v1.11.98 #1237
• Updated DnsLibs to v2.1.38 #1236

How to install AdGuard for MAC

• Standalone build, release channel
• Standalone build, beta channel
• Standalone build, nightly channel

2.10.1 beta

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

With this beta, we've fixed a bug that caused some userscripts with unicode in the name of the main userscript not to work. We've also made some changes to the experimental support for Encrypted ClientHello (ECH) to ensure that it now works in Kext and Automatic Proxy filtering modes. Finally, as usual, we have updated CoreLibs and DNSLibs.

Changelog

Fixes

• The ECH feature does not work with Kext and PAC filtering mode #1226
• The path modifier does not work on yandex.ru/images #1738
• Custom userscripts do not work after updating to v2.10 #1229

Important for filter maintainers

• $permissions now use Structured Field Values syntax instead of CSP syntax #1748

Versions

• Updated CoreLibs to v1.11.98 #1237
• Updated DnsLibs to v2.1.38 #1236

How to install AdGuard for MAC

• Standalone build, release channel
• Standalone build, beta channel
• Standalone build, nightly channel

2.10

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

AdGuard v2.10 for Mac brings many new features and various changes.

DNS filtering enabled by default

DNS protection is now enabled by default for all users. If you are not using any DNS server, the system DNS server with the AdGuard DNS filter will be automatically selected. This change was partially necessary to implement another important feature: experimental support for Encrypted ClientHello (ECH).

Experimental Encrypted ClientHello support

What is Encrypted ClientHello?

Nowadays, almost every HTTPS connection is encrypted and no one can see what’s inside it. However, the very first packet of the connection, called ClientHello, indicates the name of the server you are connecting to. Say you want to open www.google.com, your ISP cannot see what exactly you send and receive from it, but they know what website you are communicating with. This is where Encrypted ClientHello (ECH) comes in handy. It encrypts this last bit of unencrypted information, making your HTTPS connection fully encrypted. This means that third parties, such as your ISP, will not be able to see what is inside the connection or which site the connection was made to.

AdGuard is not the only one working to support ECH. Browsers such as Chrome and Firefox are also in the process of adding ECH support. However, AdGuard has a significant advantage.

Assuming that Chrome has added support for ECH, it means it only works within Chrome and does not extend to other apps and browsers. In contrast, AdGuard's ECH support automatically works in all apps and browsers that AdGuard filters. Therefore, you don't have to wait for operating systems or apps to support this feature, as it is automatically available in your pocket with AdGuard.

How to enable ECH support

To enable ECH support, follow these steps:

1. Make sure that DNS protection is on. ECH relies on data obtained through DNS, so in order for AdGuard to receive this data and enable ECH globally for users, DNS filtering is necessary.

2. Check if the dns.proxy.block.encrypted.client.hello.response.parameters option is turned off in the Advanced settings, as it may interfere with this feature.

3. Go to Advanced Settings and turn on network.https.ech.enabled.

To make sure ECH is working, use one of the following methods:

1. Go to https://crypto.cloudflare.com/cdn-cgi/trace/ and check if it says sni=encrypted.

2. Go to https://defo.ie/ech-check.php and check if it says SSL_ECH_STATUS: success.

Limitations and issues

ECH is a new technology, so you may encounter some issues when using it.

1. ECH support may slow down your browsing speed a bit. However, we are already working on improving this!

2. ECH support must be implemented on both sides. AdGuard supporting it is not enough; the server must also support it. Currently, these servers are few, because the technology is new and has not yet been finalized. However, the number of servers supporting ECH is expected to grow.

New Advanced Settings

In the Advanced settings you'll find a bunch of new features that can be divided into 4 categories:

• Anti-DPI options allow low-level modification of filtering requests to protect user traffic from Deep Packet Inspection (DPI)

  • stealth.antidpi.clienthello.split.fragment.size
  • stealth.antidpi.http.space.juggling
  • stealth.antidpi.http.split.fragment.size

• Keepalive options let you configure settings for working with Keepalive connections

  • network.tcp.keepalive.enabled
  • network.tcp.keepalive.interval.seconds
  • network.tcp.keepalive.timeout.seconds

• DNS-related options help you fine-tune DNS settings
  network.https.ech.enabled

  • dns.proxy.fallback.on.upstreams.failure.enabled
  • dns.proxy.http3.enabled
  • dns.proxy.parallel.upstream.queries.enabled
  • dns.proxy.servfail.on.upstreams.failure.enabled

• Certificate security options allow you to check the certificates of websites and web services by various criteria

  • network.https.enforce.certificate.transparency

CoreLibs, DnsLibs, Scriptlets, and ExtendedCSS have undergone many changes. Furthermore, the Ukrainian filter has been added.

Changelog

Features

• DNS filtering and system DNS are enabled by default for all users #1217
• Added Tor Browser support #1045
• Added Arc Browser support #1188
• When reporting in Safari, a new tab opens by default instead of a window #1100

Fixes

• Export fails when object names contain invalid characters for a file system #1198
• Network service is not connected if the app starts with Filter update check interval disabled #1190
• The number of remaining days of the license period on the main screen and the License screen does not match #1177
• The filtering service crashes when reading the system certificate store on MacOS 13 #1151

Versions

CoreLibs

• Updated CoreLibs to v1.11.79 #1221
• Encrypted ClientHello support #1565
• Added exact match syntax for HTTPS exclusions #1691
• Implemented "Protect from DPI" for plain HTTP #1629
• Improved failure detection when starting network extension due to "no network" #1679
• "Protect from DPI" allows to configure HTTPS fragmentation #1649
• Added signed Certificate Timestamps (SCT) support #1529
• Netbiosd process starts using a lot of CPU when pausing AdGuard #937
• Fixed dropped TCP/HTTP connections #1658
• Ads are not blocked by Brook #1641
• Using NEAppProxyFlow.networkInterface, if installed, instead of RouteResolver #1677
• Fixed incorrect work of the @match field for userscripts #1650
• HTTPS filtration breaks trading.finam.ru #1724
• elearning.ual.pt doesn't open with "Protect from DPI" enabled #4451
• Filtering does not work on websites with dot at the end #1741
• path modifier does not work on yandex.ru/images/ #1738

DnsLibs

• Updated DnsLibs to v2.1.27 #1211
• Added tplinkdeco.net to fallback domains #175
• Added tplinkextender.net to fallback domains #183
• Crash in IPv6-only networks on Android #182
• Timing out DNS upstream leads to many requests pending #40

Scriptlets

• Updated Scriptlets to v1.9.1
• Added new m3u-prune scriptlet #277
• Added more possible values in the set-attr scriptlet
  #283
• Improved 'adjust-setTimeoutandadjust-setInterval` scriptlets #262
• Improved json-prune scriptlet #282
• Fixed compatibility for the noopcss redirect #299
• Fixed compatibility issue for the google-ima redirect #272
• Fixed compatibility issue between prevent-addEventListener and userscripts #271
• Fixed error in prevent-element-src-loading #270
• Fixed xml-prune-related errors #289

ExtendedCss

• Updated ExtendedCss to v2.0.51
• The content' property in style' in IAffectedElement is now optional
  #163

Important for filter maintainers

• Added $permissions modifier #419
• Added regexp support for $domain modifier [#1550](https://github.com/AdguardTeam/CoreLi...

2.10 beta 2

Disclaimer Adguard for Mac is not an open-source project. We use GitHub as an open bug tracker for users to see what developers are working on.

A new beta version of AdGuard for Mac is now available! We've made some improvements and fixed a few pesky bugs, so you can expect the app to run even more smoothly now. Plus, we've updated CoreLibs to enhance filtering.

Changelog

Versions

CoreLibs

• Updated CoreLibs to v1.11.79 #1221
• $jsonprune modifier is now able to handle jsonp #1717
• Filtering did not work on websites with dot at the end #1741

How to install AdGuard for MAC

• Standalone build, release channel
• Standalone build, beta channel
• Standalone build, nightly channel