Closed
Bug 1396485
Opened 7 years ago
Closed 7 years ago
FindProxyForURL().type should be able to return new value "pac"
Categories
(WebExtensions :: Request Handling, defect, P2)
WebExtensions
Request Handling
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1443259
People
(Reporter: ericjung, Unassigned)
References
(Depends on 1 open bug, Blocks 1 open bug)
Details
(Whiteboard: [proxy])
This return type enables addons to delegate proxy decisions to PAC scripts external to the addon (https://, http://, file://). Its only requirement is a URL.
Examples:
{
type: "pac",
url: "https://mozilla.com/foo.pac"
}
{
type: "pac",
url: "http://mozilla.com/foo.bar"
}
{
type: "pac",
url: "file://tmp/foo.baz"
}
There should not be any restriction on the file extension. .pac is only a convention.
netwerk/base/ProxyAutoConfig.cpp and netwerk/base/nsPACMan.cpp are the tools to do this.
See https://gist.github.com/ericjung/77844ccda80feb5def66339dac0b1bcc for an example of implementing nsIProxyAutoConfig.
|
Reporter | |
Comment 1•7 years ago
|
||
One Use Case:
Proxy addon running inside an enterprise organization which uses a corporate proxy server. Such organizations typically configure workstations inside their firewall to use a PAC script hosted on a corporate intranet server. That PAC script directs intranet URLs through DIRECT (no proxy) and everything else through one or more corporate proxy servers. For example:
function FindProxyForURL(url, host) {
// If a URL hosted inside our firewall, don't use a proxy server
if (dnsDomainIs(host, "hr.acmecorp") || dnsDomainIs(host, "legal.acmecorp") || dnsDomainIs(host, "central.acmecorp")
return "DIRECT";
// If the URL is on an internal network, don't use a proxy server
if (isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0") ||
isInNet(dnsResolve(host), "172.16.0.0", "255.240.0.0") ||
isInNet(dnsResolve(host), "192.168.0.0", "255.255.0.0") ||
isInNet(dnsResolve(host), "127.0.0.0", "255.255.255.0"))
return "DIRECT";
// Everything else, go through proxy servers
return "PROXY 192.168.1.1:3128; PROXY 192.168.1.2:3128"
}
Our proxy addon will likely specify its own proxy servers for domains blocked by the enterprise (e.g. NSFW for domains or at some organizations social media websites). However, for all other URLs, it wants to delegate the proxy decision to the above PAC.
|
|
Reporter | |
Comment 3•7 years ago
|
||
Capturing IRC discussion with :mixedpuppy
Firefox uses nsIProxyAutoConfig to handle remote PAC scripts. We probably cannot use that unless it's changed because it's a singleton; i.e. if addons are using multiple, different PAC scripts, then nsIProxyAutoConfig won't work as it is. Firefox has no ability in its UI for a user to specify more than one external PAC script, so it's not a problem for Firefox. Legacy FoxyProxy solved it by implementing its own nsIProxyAutoConfig: https://pastebin.mozilla.org/9072763
It's worth looking home Chrome did it, too. They do it differently than returning a PAC URL from a callback. In their case, the addon author has to specify up-front just a single external PAC *or* an internal addon function like what we have. It's not possible to resolve external PAC scripts from the internal addon function. It's not as flexible as the solution proposed here, but it works.
Is this a problem for extensions changing the PAC script over time? Or just multiple PAC scripts at the same time? I need the former.
|
|
Reporter | |
Comment 5•7 years ago
|
||
This is a problem for addons using external PAC scripts anytime, anywhere, one or multiple. Currently, addons cannot use external PAC scripts at all. By "external", I mean a PAC script that is not bundled with the addon itself.
Mozilla, please fix this bug please as soon as possible, without foxy proxy and similar web-extensions use your browser completely impossible.
If you have already decided to use web-extensions, then make like on Chrome. Chrome does not have this problem.
Thanks.
| Comment hidden (off-topic) |
Hello. We have seven proxies in our Enterprise Environment, two official PAC files, and another 6 PAC files used for development and testing.
We need a way to easily switch between them. That used to be FoxyProxy Basic, but the extension can no long do what it needs to do due to excessive limitations in the new WebExtension API. I know you are planning to open up new features in 58. Please try to include a way for extensions like FoxyProxy to use PAC files.
|
||
Comment 9•7 years ago
|
||
Given the new async api we will deprecate the non-complaint pac script initially done for webextensions.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
|
||
Updated•6 years ago
|
Product: Toolkit → WebExtensions
|
||
Comment 10•5 years ago
|
||
Feel very sad. firefox going dead. no one care user wanted.
We need support pac via extension.
|
||
Comment 11•3 years ago
|
||
This ticket is not a duplicate of #1443259; This ticket required 1443259 to be fixed, before this could be implemented. Consider re-opening so this bug is worked on
This feature would be specially helpful for this project, btw: https://github.com/honoki/burp-pac-server
Flags: needinfo?(mixedpuppy)
|
|
||
Comment 12•3 years ago
|
||
The reason for closing this is essentially outlined in comment 3. Extensions can set the auto config url (pac script) value, but the system doesn't support the functionality described.
Flags: needinfo?(mixedpuppy)
You need to log in
before you can comment on or make changes to this bug.
Description
•