Open
Bug 468868
Opened 16 years ago
Updated 1 day ago
network.proxy.socks_remote_dns preference doesn't work with PAC files.
Categories
(Core :: Networking: Proxy, defect, P5)
Tracking
()
NEW
Tracking | Status | |
---|---|---|
firefox57 | - | --- |
People
(Reporter: bugs, Unassigned)
Details
(Whiteboard: [necko-would-take])
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4 This may be related to, but is not a duplicate of bug 458303. Reproducible: Always Steps to Reproduce: I need to use a SOCKS proxy server to access a network resource, a resource that is not DNS resolvable by public DNS. Access works as expected when configuring Firefox to use a SOCKS proxy (and only a SOCKS proxy) and after setting network.proxy.socks_remote_dns to true. However, utilizing a Proxy Auto-Configuration (PAC) file to return the same information fails. I've verified that the PAC file is queried, and an embedded alert statement indicates that it is returning the same SOCKS information. However, Firefox still appears to attempt a local DNS lookup, then fails with an "Address Not Found" error.
Confirming with Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2a1pre) Gecko/20090219 Minefield/3.2a1pre STR: 1. set network.proxy.socks_remote_dns to true 2. use a PAC file 3. have that PAC file return SOCKS Expected results: The DNS lookup happens on the SOCKS server Actual results: DNS lookup failure Other notes: It's probably permissible for IsHostInNet to make no sense, but if the PAC file never calls it or does anything else other than string comparisons against the host, it would be preferable to delay DNS lookup to after the proxy was determined.
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows Vista → All
Comment 2•13 years ago
|
||
Related: bug 474824,
Comment 3•13 years ago
|
||
Fwiw, I did investigate how this should work with the original fix. See bug 134105 comment 55 https://bugzilla.mozilla.org/show_bug.cgi?id=134105#c55 . In an ideal world, the PAC would describe how to interact with proxy servers - that's its role in life, after all. It would seem strange and confusing if one PAC will be interpreted differently by multiple clients. Also consider that the PAC format is cross-browser. I did at one point have a change which allowed a PAC to specify mode, but the interop issues were very large. I don't mean to imply that nothing should be done here, just that honoring the pref seems like a band-aid that won't fix the entire issue. If an enterprise needs to push down custom FireFox configs, then perhaps they didn't need a PAC anyway...
Comment 4•12 years ago
|
||
Two notes: 1) This seems only to happen with local PAC files. If you have a remote one specifying a SOCKS proxy everything works fine for me. 2) You may use FoxyProxy that works even in the case of local PAC files (as a disclaimer: I'm one of the devs).
Updated•8 years ago
|
Whiteboard: [necko-would-take]
[Tracking Requested - why for this release]: As the proxy API for WebExtension uses PAC, this bug causes DNS leaks for all users who wish to use extensions to manage their proxy settings in Firefox 57.
tracking-firefox57:
--- → ?
Updated•7 years ago
|
Comment 6•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P5
Updated•2 years ago
|
Severity: normal → S3
Comment 7•2 months ago
|
||
Moving bug to Core/Networking: Proxy.
Component: Networking → Networking: Proxy
You need to log in
before you can comment on or make changes to this bug.
Description
•