Simplify the DoH native fallback warning detection and application
Categories
(Firefox :: Security, enhancement, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox115 | --- | fixed |
People
(Reporter: acreskey, Assigned: valentin)
References
(Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged])
Attachments
(1 file)
In Bug 1806412 we introduced the native fallback warning.
It's a rather complex system and this bug is to look for opportunities to simplify it.
The complexities:
• Normally when the DoH heuristics are tripped we disable DoH. With the fallback warning in place we need to stay in mode 2 so that we can detect that DoH is desired. This changes the behaviour of the DoHController in an unanticipated way.
• The logical conditions to support native fallback warning in nsHostResolver::NameLookup are quite complex. If a heuristic is tripped, we don't want to use a TRR. And on the other hand we don't want to fallback to native under certain scenarios.
Ideally we could find a way to contain this logic outside of the common codepath in nsHostResolver::NameLookup.
The addition of tests to native fallback, bug 1810005, should help this work.
| Assignee | ||
Comment 1•2 years ago
|
||
This patch reverts the fallback warning behaviour when a canary heuristic
was tripped. Instead of enabling TRR and failing DNS resolves if skip reason
is a canary code, we now leave it disabled and instead fail DNS resolves
that would have otherwise used TRR if it had been enabled.
Updated•2 years ago
|
Comment 3•2 years ago
|
||
| bugherder | ||
Description
•