Closed Bug 550220 Opened 14 years ago Closed 8 years ago

Unresolved URLs lead to unnecessary DNS lookup for stopbadware.org

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: mweinstein, Unassigned)

References

(
URL
)

Details

Maxim Weinstein

Reporter

Description

•

14 years ago

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6 (.NET CLR 3.5.30729)

[This is likely cross-platform, but I only tested on the x86 version under Win XP.]

If you run a network sniffer and use Firefox to navigate to a host that will not resolve via DNS (or set your computer to use a DNS server that doesn't exist, which has the same effect), you will see attempts to resolve the requested host, followed by an attempt to resolve stopbadware.org. This happens even though the "host not found" error page in Firefox does not load any content from stopbadware.org. (No additional requests for data are made to stopbadware.org after the hostname is resolved.)

Reproducible: Always

Steps to Reproduce:
1. Start a packet sniffer, such as wireshark
2. Start Firefox
3. Browse to a host that won't resolve via DNS
4. Check sniffer log
Actual Results:  
Shows a query for an A record for stopbadware.org

Expected Results:  
should not query stopbadware.org

Johnathan Nightingale [:johnath]

Comment 1

•

14 years ago

I suspect this is DNS pre-fetch twigging off the fact that our strings for the neterror page include one that links to stopbadware, even though those strings are removed shortly after the page is loaded. 

http://mxr.mozilla.org/mozilla-central/source/browser/locales/en-US/chrome/overrides/netError.dtd#157

Given that we use about:blocked for our safebrowsing error pages instead of neterror, we should just change those strings in the browser override dtd to not contain links. (We can't just delete them, since it will lead to undefined entities when the error page is loaded, in the split-second before those strings are removed.

Status: UNCONFIRMED → NEW

Component: General → Phishing Protection

Ever confirmed: true

QA Contact: general → phishing.protection

Nobody; OK to take it and work on it

Assignee

Updated

•

10 years ago

Product: Firefox → Toolkit

Comment hidden (spam)

Thanks for post this helpful post - Please visit for More information about -
Packers and Movers Bangalore @ 
http://www.expert5th.in/packers-and-movers-bangalore/
Packers and Movers Mumbai @ 
http://www.expert5th.in/packers-and-movers-mumbai/
Packers and Movers Chennai @ 
http://www.expert5th.in/packers-and-movers-chennai/

François Marier [:francois]

Comment 3

•

8 years ago

We no longer link to stopbadware.org from these pages, so I think that's no longer an issue.

Status: NEW → RESOLVED

Closed: 8 years ago

OS: Windows XP → Unspecified

Priority: -- → P5

Hardware: x86 → Unspecified

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Unresolved URLs lead to unnecessary DNS lookup for stopbadware.org

Categories

(Toolkit :: Safe Browsing, defect, P5)

Tracking

()

People

(Reporter: mweinstein, Unassigned)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Comment 2

Comment 3