AppStore / iOS apps and interpreted code - where do they draw the line?

Question

Apple\'s iOS developer guidelines state:

3.3.2 — An Application may not itself install or launch other executable code by any means, including without lim

Answer 1

Based on 3.3.2, they could reject an app for this. However, the scarier thing is that you could create the app, get it approved, have it be downloaded and used by many users, and then Apple could pull the app from the store.

Did you ever publish the app you described?

Answer 2

You should take a look at what Apple has enabled in iOS7. It is now allowed to download and run JavaScript within your app.

Answer 3

There's a major difference between the Guidelines and actual practice by the App Review team.

The current Guidelines state:

2.7 Apps that download code in any way or form will be rejected

2.8 Apps that install or launch other executable code will be rejected

So, the old ban on interpreted code is gone, and replaced by a ban on apps that could be considered to be IDEs or self-modifying.

However in practice there are a number of apps which do this, hence the difference between theoria and praxis.

Answer 4

All I can tell you is I've released products which use XML to script behavior within the app and Apple has always approved them.

Answer 5

I think what Apple means is your application should not depend in another module, compiled product or executable in order to work that will be downloaded from a website/server and that compiled add-on was not reviewed by Apple.

Basically when I asked something similar they told me something like: "If your application will download another executable compiled code that such a ftp downloader, key decryption tool or something of this kind that was not approved my Apple. You are available to download data or files (such as XML, HTML, PDF files, images) that does not represents an application.

Answer 6

Update as of WWDC 2017

Programming tools such as Codea mentioned below are now explicitly allowed to download code. The App Store Guidelines currently say (emphasis mine):

2.5.2 Apps should be self-contained in their bundles, and may not read or write data outside the designated container area, nor may they download, install, or execute code, including other apps. Apps designed to teach, develop, or test executable code may, in limited circumstances, download code provided that such code is not used for other purposes. Such apps must make the source code provided by the Application completely viewable and editable by the user.

There is also this tweet citing more details on the relaxed clauses.

Original

Does your interpreted download allow the user to write infinite loops or recursion?

Apple allow Javascript because they provide the interpreter and can kill your code. I have a feeling I've read that it's a 10 second limit but I couldn't find it on the site with a few minutes searching. (Yes, my self-imposed timeout for writing an answer kicked in.)

I think you're pretty safe if what you do is declarative and doesn't allow obvious looping in the interpreter.

I would also avoid the use of the word "interpreter" in any descriptions visible to Apple including public discussion. Maybe "parser" would be safer.

Codea have skated along the edge of these definitions with their Lua environment and cannot download code. They had to remove a feature for downloading new packages as ".codea" files.