Canary domain use-application-dns.net with NOERROR response
Categories
(Core :: Networking: DNS, enhancement, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox95 | --- | fixed |
People
(Reporter: pe1chl, Assigned: nhnt11)
References
(Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged][trr])
Attachments
(1 file)
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Steps to reproduce:
Please enhance the handling of use-application-dns.net queries as a DoH canary domain.
Some routers with simple DNS resolver allowing static domain entries can only return records with NOERROR and a fixed A and/or AAAA value in their replies.
As it is now, only NOERROR records without A and AAAA are accepted as an indication that DoH should not be used, which is not possible with those routers.
Please add to that: a reply with NOERROR and a defined A or AAAA record, e.g. 127.0.0.2 or similar.
Comment 1•4 years ago
•
|
||
This seems fine to me. Taking a look at https://en.wikipedia.org/wiki/Reserved_IP_addresses it'd be good to get some of our standards people to weigh in on which range might be best to use.
I feel good about treating any "local" IP address as a trigger.
The IP checks are done here and we can use nsIIOService.hostnameIsLocalIPAddress to check it in the addon/platform.
Updated•4 years ago
|
Is there any update on this? Would you consider 0.0.0.0
as "local" as well?
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Comment 4•3 years ago
|
||
This allows certain routers to signal us to disable DoH when they are not capable of
responding with NXDOMAIN or no A records.
Pushed by nhnt11@gmail.com: https://hg.mozilla.org/integration/autoland/rev/83ed6619c2ea Trip Canary heuristic when canonical lookup contains only local addresses. r=necko-reviewers,valentin
Comment 6•3 years ago
|
||
Backed out for causing multiple bc failures.
Failure log bc fails on browser_cleanFlow.js
Failure log bc fails on browser_connection_dnsoverhttps.js
Pushed by nhnt11@gmail.com: https://hg.mozilla.org/integration/autoland/rev/6ed00b7f71c2 Trip Canary heuristic when canonical lookup contains only local addresses. r=necko-reviewers,valentin
Comment 8•3 years ago
|
||
bugherder |
Assignee | ||
Updated•3 years ago
|
Description
•