Closed Bug 1920399 Opened 12 days ago Closed 11 days ago

Firefox - DNS leak when using proxy extensions since version 129.

Categories

(Core :: Networking: DNS, defect, P2)

Product:
Core
Component:
Networking: DNS
Version:
Firefox 130
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1910593

People

(Reporter: Alexey104, Unassigned)

References

(Blocks 1 open bug, Regression)

Details

(Keywords: regression, Whiteboard: [necko-triaged][necko-priotity-review])

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0

Steps to reproduce:

  1. Install FoxyProxy or any similar proxy extension (SmartProxy, for example).
  2. Set the extension to use SOCKS5 proxy, check the Proxy DNS option.
  3. Browse the web.

Actual results:

In Firefox 129/130 both the proxy and the ISP DNS are used, that can be a problem if the ISP blocks some DNS requests due to local censorship. If the same SOCKS5 proxy is set in native Firefox network settings with Proxy DNS when using SOCKS v5 checked, no DNS leak occurred. Also, downgrading to 128 and below solves the problem with proxy extensions leaking DNS.

Expected results:

The option Proxy DNS should work correctly in FoxyProxy and other proxy extensions, all DNS requests should be proxied through SOCKS5 and the system DNS should not be used.

I forgot to mention that I am aware of an issue with the UblockOrigin Uncloak canonical names option, and this is not the case. I keep this option disabled, and the issue is reproducible with clean profile with no other extensions installed except for a proxy extension.

The Bugbug bot thinks this bug should belong to the 'WebExtensions::Untriaged' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Product: Firefox → WebExtensions

See also: bug 1882276

Hi, thanks for the report. Unfortunately, I can't reproduce, so I can't investigate what is wrong. How do you know that the DNS queries are leaking? I only see DNS request on the network (via Wireshark) when unchecking the "Proxy DNS" option in either FoxyProxy or SmartProxy.

When disabling the ProxyDNS setting, I start to see DNS queries on the network.

My steps to reproduce:

  1. Run Tor browser in the background to have a valid SOCKS5 proxy running (any socks5 proxy should work)
  2. In Firefox (132.0a1) install FoxyProxy
  3. Add proxy Type: SOCKS5, Hostname 127.0.0.1, Port 9150. Keep the option Proxy DNS in the enabled state
  4. Click on FoxyProxy extension to switch to the Tor proxy
  5. Go to https://mullvad.net/en/check
  6. Watch Wireshark for incoming DNS queries

I also don't see DNS leaks when having no SOCKS5 proxy server running in the same configuration.

Blocks: 1882276
Flags: needinfo?(Alexey104)

I tried reproducing in Stable 130 (instead of the previoius nightly) and I did indeed HTTPS DNS requests. Not sure why I didn't see the dns requests on my Nightly version.

Component: Untriaged → Networking: DNS
Flags: needinfo?(Alexey104)
Keywords: regression
Product: WebExtensions → Core
Regressed by: 1906239

This could be fixed by bug 1910593.

Could you try to use Firefox Nightly version and see if you can still reproduce this?
Thanks.

Flags: needinfo?(Alexey104)
Severity: -- → S3
Priority: -- → P2
Whiteboard: [necko-triaged][necko-priotity-review]

Thank you for responding!
I tried Nightly (132.0a1), and I am unable to reproduce the problem with it, all DNS requests are proxied properly, no leaks happen.

Flags: needinfo?(Alexey104)
Depends on: 1910593
Status: UNCONFIRMED → RESOLVED
Closed: 11 days ago
Duplicate of bug: 1910593
Resolution: --- → DUPLICATE
No longer depends on: 1910593
You need to log in before you can comment on or make changes to this bug.