Closed Bug 1556238 Opened 6 years ago Closed 6 years ago

Block direct IP loading

Categories

(Core :: Networking, enhancement, P2)

Product:
Core
Component:
Networking
Version:
69 Branch
Type:
enhancement

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: auroraofearth, Unassigned)

Details

(Whiteboard: [necko-triaged])

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:69.0) Gecko/20100101 Firefox/69.0

Expected results:

Add an option in the about:config page to disable direct loading of websites through their IPs.

Severity: normal → minor
Type: defect → enhancement
Component: Untriaged → General
OS: Unspecified → All
Hardware: Unspecified → All

One of the use cases is as a security precaution in a sensitive environment where the admin needs to enforce DNS-level manipulation but direct IP addresses would just bypass it.

It could also be added to the enterprise policies with an enabled lock.

I should mention that some of the analytics|tracking networks out there are using direct IP addresses instead of domain names for their malicious purposes.

I am not sure if we should do this.
Maybe we should talk to product people first.

Nhi, could you help to forward this feature request?

Flags: needinfo?(nhnguyen)
Priority: -- → P3
Whiteboard: [necko-triaged]

:mconca, could you have a look at this feature request? Thanks!

Flags: needinfo?(nhnguyen) → needinfo?(mconca)

(In reply to Nhi Nguyen (:nhi) from comment #4)

:mconca, could you have a look at this feature request? Thanks!

Talking with the enterprise team, there does not seem to be any demand for this type of feature. In addition, the Anti-Tracking team is aware that some trackers are using IP addresses to bypass blockers, but the blockers are responding to this (anti-tracking is an on-going war of attrition, so this is not unexpected).

That said, I don't have any specific objections to this, particularly if it is behind a pref. But it is a very low priority.

Flags: needinfo?(mconca)
Priority: P3 → P5

(In reply to Kershaw Chang [:kershaw] from comment #3)

I am not sure if we should do this.
Maybe we should talk to product people first.

Nhi, could you help to forward this feature request?

It is indeed a criticial feature. As I know many Intelligence agencies also use direct IP address for their spying endpoints; and Firefox's shy tracker blocking features is not gonna stop them.

Severity: minor → normal
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
Severity: normal → major
Priority: P5 → P2
You need to log in before you can comment on or make changes to this bug.