Closed Bug 1634246 Opened 1 year ago Closed 17 days ago

Add option to disallow connections to localhost while in offline mode

Categories

(Core :: Networking, enhancement, P3)

enhancement

Tracking

()

RESOLVED FIXED
94 Branch
Tracking Status
firefox94 --- fixed

People

(Reporter: whimboo, Assigned: nhnt11)

References

Details

(Whiteboard: [necko-triaged])

Attachments

(1 file)

For the Remote Agent (partial implementation of CDP - the Chrome devtools protocol) we would need the option to also disallow localhost connections while the browser is in offline mode. See bug 1553849. Given by Honza this is not possible at the moment:

No API, no pref:
https://searchfox.org/mozilla-central/rev/7fd1c1c34923ece7ad8c822bee062dd0491d64dc/netwerk/base/nsSocketTransport2.cpp#1291

What would be the preferred way in getting this implemented?

(In reply to Henrik Skupin (:whimboo) [⌚️UTC+2] from comment #0)

What would be the preferred way in getting this implemented?

Honza, can you answer this?

Flags: needinfo?(honzab.moz)
Priority: -- → P2
Whiteboard: [necko-triaged]

Add a new static bool pref, perhaps network.disable-localhost-when-offline. At the code referred in comment 0 check that pref and if true ignore the !isLocal bit - always disallow.

Flags: needinfo?(honzab.moz)

I think we may also need to tear down existing localhost connections here, again - ignore result of IsLocal when the pref is on:
https://searchfox.org/mozilla-central/rev/7fd1c1c34923ece7ad8c822bee062dd0491d64dc/netwerk/base/nsSocketTransportService2.cpp#1187

(In reply to Honza Bambas (:mayhemer) from comment #2)

Add a new static bool pref, perhaps network.disable-localhost-when-offline. At the code referred in comment 0 check that pref and if true ignore the !isLocal bit - always disallow.

Honza, where (in the source code) would one go about and add such a static-bool pref?

Henrik pointed me to browser/app/profile/firefox.js, but made the remark that it's possibly not what we want here. What did you have in mind, specifically?

Flags: needinfo?(honzab.moz)

I think Ii got it. I assume it would be in https://searchfox.org/mozilla-central/source/modules/libpref/init/all.js. firefox.js only holds the defaults for Firefox. But lets wait for the feedback from Honza.

(In reply to Henrik Skupin (:whimboo) [⌚️UTC+2] from comment #5)

I think Ii got it. I assume it would be in https://searchfox.org/mozilla-central/source/modules/libpref/init/all.js. firefox.js only holds the defaults for Firefox. But lets wait for the feedback from Honza.

No. The right place is here:
https://searchfox.org/mozilla-central/source/modules/libpref/init/StaticPrefList.yaml

Flags: needinfo?(honzab.moz)

Do we still need this?

Flags: needinfo?(hskupin)

Yes, it would still be good to have to match the behavior of CDP which also disables localhost connections in offline mode. I assume that the current remote connection (websocket, tcp) to control the browser will not be affected.

Flags: needinfo?(hskupin)
Assignee: nobody → nhnt11
Status: NEW → ASSIGNED
Priority: P2 → P3
Pushed by nhnt11@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/37996bf2e978
Add option to disallow connections to localhost while in offline mode. r=necko-reviewers,valentin
Status: ASSIGNED → RESOLVED
Closed: 17 days ago
Resolution: --- → FIXED
Target Milestone: --- → 94 Branch
You need to log in before you can comment on or make changes to this bug.