Closed
Bug 1432905
Opened 6 years ago
Closed 6 years ago
Add pref to prevent localhost DNS lookup in nsProfileLock.cpp
Categories
(Toolkit :: Startup and Profile System, enhancement)
Toolkit
Startup and Profile System
Tracking
()
RESOLVED
DUPLICATE
of bug 1448783
People
(Reporter: arthur, Unassigned)
References
(Blocks 2 open bugs)
Details
(Whiteboard: [tor 18800])
Attachments
(1 file)
For Tor Browser, we patch nsProfileLock.cpp to prevent bypass of the Tor proxy. Here's the patch: https://torpat.ch/18800 And the original ticket: https://trac.torproject.org/18800 We'd like to propose uplifting this patch, behind a pref.
|
Reporter | |
Updated•6 years ago
|
Blocks: ProxyBypass, meta_tor
|
|
Reporter | |
Comment 1•6 years ago
|
||
Here's a patch for review, using the --enable-proxy-bypass-protection flag we recently added.
Attachment #8948851 -
Flags: review?(robert.strong.bugs)
|
||
Updated•6 years ago
|
Component: General → Startup and Profile System
Product: Core → Toolkit
|
|
||
Comment 2•6 years ago
|
||
Comment on attachment 8948851 [details] [diff] [review] 0001-Bug-1432905-Stop-localhost-DNS-lookup-with-enable-pr.patch I'm not the best person to review this so I changed the review to someone that I think is.
Attachment #8948851 -
Flags: review?(robert.strong.bugs) → review?(mh+mozilla)
|
||
Comment 3•6 years ago
|
||
Comment on attachment 8948851 [details] [diff] [review] 0001-Bug-1432905-Stop-localhost-DNS-lookup-with-enable-pr.patch Review of attachment 8948851 [details] [diff] [review]: ----------------------------------------------------------------- Why do you care about this DNS lookup? First and foremost, on most systems, I expect this actually doesn't lead to an actual DNS lookup. Second, this is entirely unrelated to browsing.
Attachment #8948851 -
Flags: review?(mh+mozilla)
|
|
Reporter | |
Comment 4•6 years ago
|
||
My understanding is this patch is a defense in depth, to make sure Tor Browser never bypasses the proxy. Adding mcs and brade in case they have any further comment on this.
|
||
Comment 5•6 years ago
|
||
(In reply to Arthur Edelstein (Tor Browser dev) [:arthuredelstein] from comment #4) > My understanding is this patch is a defense in depth, to make sure Tor > Browser never bypasses the proxy. Adding mcs and brade in case they have any > further comment on this. "Defense in depth" is my understanding as well.
|
|
Reporter | |
Comment 6•6 years ago
|
||
Mike, what's your view? Is this a patch you would accept for the reason given? Thanks.
Flags: needinfo?(mh+mozilla)
|
|
||
Comment 7•6 years ago
|
||
I'm afraid "defense in depth" as an answer to comment 3 is incomplete and hand-wavy. It seems to me this is only a change for the sake of it.
Flags: needinfo?(mh+mozilla)
|
||
Comment 8•6 years ago
|
||
I don't think we should add a preference for this, but there is value in always avoiding the native lookup to improve startup performance. Even if this bug is not an exact duplicate, we should consolidate these efforts in bug 1448783.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•