Firefox - DNS leak when using proxy extensions since version 129.
Categories
(Core :: Networking: DNS, defect, P2)
Tracking
()
People
(Reporter: Alexey104, Unassigned)
References
(Blocks 1 open bug, Regression)
Details
(Keywords: regression, Whiteboard: [necko-triaged][necko-priotity-review])
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0
Steps to reproduce:
- Install FoxyProxy or any similar proxy extension (SmartProxy, for example).
- Set the extension to use SOCKS5 proxy, check the
Proxy DNS
option. - Browse the web.
Actual results:
In Firefox 129/130 both the proxy and the ISP DNS are used, that can be a problem if the ISP blocks some DNS requests due to local censorship. If the same SOCKS5 proxy is set in native Firefox network settings with Proxy DNS when using SOCKS v5
checked, no DNS leak occurred. Also, downgrading to 128 and below solves the problem with proxy extensions leaking DNS.
Expected results:
The option Proxy DNS
should work correctly in FoxyProxy and other proxy extensions, all DNS requests should be proxied through SOCKS5 and the system DNS should not be used.
I forgot to mention that I am aware of an issue with the UblockOrigin Uncloak canonical names
option, and this is not the case. I keep this option disabled, and the issue is reproducible with clean profile with no other extensions installed except for a proxy extension.
Comment 2•12 days ago
|
||
The Bugbug bot thinks this bug should belong to the 'WebExtensions::Untriaged' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
See also: bug 1882276
Hi, thanks for the report. Unfortunately, I can't reproduce, so I can't investigate what is wrong. How do you know that the DNS queries are leaking? I only see DNS request on the network (via Wireshark) when unchecking the "Proxy DNS" option in either FoxyProxy or SmartProxy.
When disabling the ProxyDNS setting, I start to see DNS queries on the network.
My steps to reproduce:
- Run Tor browser in the background to have a valid SOCKS5 proxy running (any socks5 proxy should work)
- In Firefox (132.0a1) install FoxyProxy
- Add proxy
Type: SOCKS5
,Hostname 127.0.0.1
,Port 9150
. Keep the optionProxy DNS
in the enabled state - Click on FoxyProxy extension to switch to the Tor proxy
- Go to https://mullvad.net/en/check
- Watch Wireshark for incoming DNS queries
I also don't see DNS leaks when having no SOCKS5 proxy server running in the same configuration.
I tried reproducing in Stable 130 (instead of the previoius nightly) and I did indeed HTTPS DNS requests. Not sure why I didn't see the dns requests on my Nightly version.
Comment 6•12 days ago
|
||
This could be fixed by bug 1910593.
Could you try to use Firefox Nightly version and see if you can still reproduce this?
Thanks.
Updated•12 days ago
|
Thank you for responding!
I tried Nightly (132.0a1), and I am unable to reproduce the problem with it, all DNS requests are proxied properly, no leaks happen.
Updated•11 days ago
|
Description
•