Firefox does not appear to support IPv6 link-local addresses
Categories
(Core :: Networking, defect, P5)
Tracking
()
People
(Reporter: kerlyn, Unassigned)
References
(Blocks 2 open bugs, )
Details
(Keywords: regression, Whiteboard: [ipv6][necko-triaged])
Comment 3•13 years ago
|
||
Comment 4•13 years ago
|
||
Comment 5•13 years ago
|
||
Comment 6•13 years ago
|
||
Reporter | ||
Comment 7•13 years ago
|
||
Comment 8•12 years ago
|
||
Reporter | ||
Comment 9•12 years ago
|
||
Comment 10•11 years ago
|
||
Comment 11•11 years ago
|
||
Updated•11 years ago
|
Comment 12•10 years ago
|
||
Comment 13•10 years ago
|
||
Comment 14•10 years ago
|
||
Comment 15•10 years ago
|
||
Reporter | ||
Comment 16•10 years ago
|
||
Comment 17•10 years ago
|
||
Comment 18•10 years ago
|
||
Comment 19•10 years ago
|
||
Reporter | ||
Comment 20•10 years ago
|
||
Comment 21•10 years ago
|
||
Comment 22•10 years ago
|
||
Reporter | ||
Comment 23•10 years ago
|
||
Comment 24•10 years ago
|
||
Updated•10 years ago
|
Comment 25•10 years ago
|
||
Comment 26•10 years ago
|
||
Comment 27•10 years ago
|
||
Comment 28•9 years ago
|
||
Updated•9 years ago
|
Comment 29•9 years ago
|
||
Reporter | ||
Comment 30•9 years ago
|
||
Comment 31•9 years ago
|
||
Comment 32•9 years ago
|
||
Comment 33•9 years ago
|
||
Comment 34•9 years ago
|
||
Comment 35•9 years ago
|
||
Comment 36•9 years ago
|
||
Comment 37•8 years ago
|
||
Comment 38•8 years ago
|
||
Comment 39•8 years ago
|
||
Comment 40•8 years ago
|
||
Comment 41•8 years ago
|
||
Comment 42•8 years ago
|
||
Comment 43•8 years ago
|
||
Comment 44•8 years ago
|
||
Comment 45•6 years ago
|
||
Comment 46•5 years ago
|
||
The really sad part is:
Microsoft Edge (as well as Microsoft Explorer) works well with link local IPV6 addresses.
So, for the past 2 years were are saying to our customers:
"if you want to use IPV4 address recovery functionality, you have to use Microsoft Edge..."
And I can bet - there is a lot of other companies working with IoT devices that are telling the same to their customers as well...
Comment 47•5 years ago
|
||
It is now even worse than before, when I type: http://[fe80::201:2eff:fe6c:1234%enp66s0]/ into Firefox's address bar, it immediately send me to Google and searches for "http://[fe80::201:2eff:fe6c:1234%enp66s0]/". That is a bit sad.
Comment 49•4 years ago
|
||
(In reply to Witold Baryluk from comment #47)
It is now even worse than before, when I type: http://[fe80::201:2eff:fe6c:1234%enp66s0]/ into Firefox's address bar, it immediately send me to Google and searches for "http://[fe80::201:2eff:fe6c:1234%enp66s0]/". That is a bit sad.
Frankly that's catastrophic and led me to the only sensible solution of setting keyword.enabled = false
in the advanced config.
Please reconsider supporting this.
Comment 50•4 years ago
|
||
Good morning,
as more and more devices come without IPv4 addresses and the only way to connect to them is via IPv6 link local, I was wondering if this bug report can be reopened.
I agree with the previous writers that this functionality is mostly of interesting for developers/IoT users and as such does not need to come with all bells and whistles, but it should be in firefox so that Linux users don't have to install Windows to configure their IoT devices.
Dear Mozilla team, can you re-open this bug and work together with the community to get this fixed? It's been 9 (!) years since this bug was opened; I think it is more than very late to address this issue.
Comment 51•4 years ago
|
||
The browser implements the URL spec, which intentionally omits zone identifiers:
https://url.spec.whatwg.org/#concept-ipv6
https://github.com/whatwg/url/issues/392
Please make your case in the github issue.
Comment 52•4 years ago
|
||
(In reply to Valentin Gosu [:valentin] (he/him) from comment #51)
The browser implements the URL spec, which intentionally omits zone identifiers
If so, the resolution of this bug should be "INVALID" rather than "WONTFIX", no?
Comment 53•4 years ago
|
||
" The browser implements the URL spec, which intentionally omits zone identifiers
If so, the resolution of this bug should be "INVALID" rather than "WONTFIX", no?"
That would be circular. The last time I looked at the WHATWG site, which purports to provide a URL spec, they had decided to ignore the official URI spec and not implement the Zone ID feature, but they cited this Bugzilla thread as the justification for that choice. So it is not invalid according to the URI syntax, it's a bug, so WONTFIX is honest.
If you think the URI syntax is wrong, go tell it to the IETF. If you think it's right, go tell it to WHATWG.
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment 56•3 years ago
|
||
(In reply to Andrew Cady from comment #55)
Just the idea that the developer of a work of network software has personal discretion to break IP connectivity that exists on the underlying OS.
Just the audacity of that.
The hostility of this code base to its users.
Much as I wish Firefox would implement this feature per RFC6874, the reason for the WONTFIX is nothing to do with comments #54 and #55 and is purely for technical reasons (which I disagreee with).
Comment 57•3 years ago
|
||
I've subscribed to this bug some time ago, because Firefox is essentially preventing to configure newer network devices. I'll elaborate shortly and I ask for clarification from the Mozilla team how to handle this:
- newer devices all support IPv6 and configure link local addresses
- Using the multicast address ff02::1 it is possible to find out the link local address of any directly connected device
Given this background, we often have the situation of devices coming back from customers with any kind of IP configuration. The only plausible way to find the device is using above link local discovery. The IPv4 addresses are often unknown or undiscoverable.
- Some devices can only be configured via http (i.e. ssh, telnet, tftp are off)
So we are basically in the situation that the link local address is the only reliable address that can be used to configure a whole class of devices.
I often hear the argument that with link-local addresses it would be possible to do Javascript based LAN scanning. I am not denying that, however the same is true for IPv4 - you can easily scan 192.168.x.y/24.
Even with this inconsistent security claim in mind, I ask the mozilla developers to at least include support for link local with something on the line of about:config->ipv6-allow-link-local: [false,true] to not stop all network engineers from working.
Can we reopen this bug or create a new one for realising this?
Comment 58•3 years ago
|
||
At stake is:
Which group of humans gets the power to choose the meaning of the location bar:
CAB Forum
or
OS developers ?
Statement of interest: I side with OS developers because I use free software and modify the OS myself.
I configured many hardware devices according to IPv6 spec and, in debugging IPv6 issues, traced the bug all the way up to the politics that keep Firefox from getting fixed. So ironically even though I'm tagged as advocacy, and intend to engage in some, I'm actually talking about the politics of this because I consider this entire technical and approach it from a technical mindset.
I am willing to treat all people involved as being themselves computers -- whose inputs include not just words but money, and who can be much more easily reprogrammed by one than the other, unfortunately it's by the expensive one.
Goal is IP connectivity and understanding true nature of the bug that breaks connectivity. I claim ultimate source of bug is inside Mozilla social organization and financial interests, as a technical diagnosis.
If my diagnosis is correct the bug can't be fixed by inputting only technical information into the organization. Because technical information cannot change financial interests. Solution is to alter Mozilla's interests. (Hard yes, but possible.)
Right now, as documented, Chromium and Firefox teams consider it more important to match each other's name semantics than to match up with the underlying OS name semantics.
The browsers have chosen to re-reimplement the name resolution functions of the OS.
The re-implemenation is:
- Incompatible with standards.
- Incompatible with the OS way of resolving.
- Incompatible with local system administrator policy as might be defined unpredictably (and that's OK and what standards are for).
- Incompatible, even, with the constraint of simply maintaining connectivity in the application layer that the OS provides at the IP layer.
Firefox is trying to edge out OS developers and impose a single global view of the location bar. Abolishing local names.
Local names don't make anyone money!
Most people don't even understand that namespaces are big money. It's niche information.
CAB Forum is filled with people making millions of dollars from artificial scarcity in global namespaces. Pure coincidence? Maybe.
I think getting this bug fixed is going to require big political organization and mobilization, as much as was required to force browsers to accept LetsEncrypt.
And that's worth it because (re-)establishing internet p2p connectivity will enable entirely new ways of using computers to communicate and collaborate and so push global human society forward. It will raise the collective intelligence of humanity. Earth's total collective processing power (brain+silicon) will be much more greater because it is so much more internally connected. The leap from NAT-over-LAN to real internet access will be huge -- once software starts getting built on it.
You need to have some vision to see that connectivity is just a foundation. These people talking about "niche" don't have it, don't want it.
Comment 59•3 years ago
|
||
(In reply to Valentin Gosu [:valentin] (he/him) from comment #51)
The browser implements the URL spec, which intentionally omits zone identifiers:
https://url.spec.whatwg.org/#concept-ipv6
https://github.com/whatwg/url/issues/392Please make your case in the github issue.
The main reason the zone identifier is not supported in Firefox is that parsing URLs is hard.
You'd think we can just pass whatever string to the system API and it will work or fail depending on whether it's valid or not, but that's not the case. In bug 1199430 for example it was apparent that we need to make sure that the hostname string is really valid before passing it to the OS.
I have no reason to oppose zone identifiers in URLs as long as the URL spec defines how to parse them.
As such, I encourage you to engage with the standard at https://github.com/whatwg/url/issues/392 instead of here.
Thank you!
Comment 60•3 years ago
|
||
As this bug is not only related to Firefox and has a lot of cross references, I took the time to summarise them on https://ungleich.ch/u/blog/ipv6-link-local-support-in-browsers/ - in case you find any mistakes or have updates, please let me know.
Comment 61•3 years ago
|
||
(In reply to Valentin Gosu [:valentin] (he/him) from comment #59)
(In reply to Valentin Gosu [:valentin] (he/him) from comment #51)
The browser implements the URL spec, which intentionally omits zone identifiers:
https://url.spec.whatwg.org/#concept-ipv6
https://github.com/whatwg/url/issues/392Please make your case in the github issue.
As I recall, that issue is entirely circular because it cites this Firefox WONTFIX as the source for saying it's too hard. And anyway, whatwg is not the relevant standard. The URI spec is the relevant standard for what goes on the wire, and the URI spec as updated by https://www.rfc-editor.org/rfc/rfc6874.html defines how link locals are specified in a URI.
If you disagree with RFC6874 that's an IETF issue for the 6man WG - you can write to ipv6@ietf.org to make the case. But for now, Firefox says WONTFIX for a missing feature of the official URI syntax.
As a co-author of RFC6874, I agree with the criticism that "An HTTP client, proxy, or other intermediary MUST remove any ZoneID attached to an outgoing URI, as it has only local significance at the sending host." is really messy to implement. I offered 4 years ago to work to get this and another annoying MUST downgraded to a SHOULD, which allows implementers to ignore it where justified. Nobody seemed interested.
Putting this defect in the too hard bucket is a cop-out IMHO, since you will find several descriptions of use cases up thread.
The main reason the zone identifier is not supported in Firefox is that parsing URLs is hard.
You'd think we can just pass whatever string to the system API and it will work or fail depending on whether it's valid or not, but that's not the case. In bug 1199430 for example it was apparent that we need to make sure that the hostname string is really valid before passing it to the OS.
If you pass a non-existent interface ID to a socket, you get an error code.
I have no reason to oppose zone identifiers in URLs as long as the URL spec defines how to parse them.
As such, I encourage you to engage with the standard at https://github.com/whatwg/url/issues/392 instead of here.
whatwg is not the relevant standards organization for URI syntax, which is the basis for URL syntax.
Thank you!
Comment 62•3 years ago
|
||
@Brian: thanks a lot for the clarification. I also have the impression that this bug is rather circular.
Team firefox: can we discuss the bug in a different medium or different way on how to get it restarted with some fresh eyes on it?
Comment 63•3 years ago
|
||
Our team does not have a lot of resources to spend on this. If this were properly specified and had good web-platform tests I'd be happy to implement it. That's why the starting point is the whatwg issue.
Comment 64•3 years ago
|
||
You don't have to implement it. You just have to agree that you'd accept a patch.
By the way, you need to send the interface ID back over the wire unchanged. You need to treat the URL as an opaque string and never edit it. So that part of the spec is a bug.
Sending the interface ID over the wire is fine on a link-local network! It's guaranteed to be over the same link, so the network ID is always correct when the web server sends the string back to the web client.
The client NEEDS that interface idea and to receive it over the fe80 link.
Comment 65•3 years ago
|
||
Just ignore the bug in the spec, and implement it the only possible way that will work, by making the entire domain string an opaque string.
If you don't do that, it won't ever work, because the server won't know how to send a link to itself back to the client.
Comment 66•3 years ago
|
||
(In reply to Andrew Cady from comment #64)
You don't have to implement it. You just have to agree that you'd accept a patch.
Given that we'd have to maintain it in the future, if we were to accept a patch it would need to:
- Not regress any of the existing web platform tests (or any other tests for that matter)
- Include thorough tests for this feature (zoneid containing percent encoded characters, unicode characters, control characters, special characters, etc)
- Be concise, readable, modern C++ (I am reluctant to accept any C-style string parsing code)
Comment 67•3 years ago
|
||
Can you clarify that those three conditions are SUFFICIENT and not merely necessary?
Comment 68•3 years ago
|
||
I would say it's a fairly high bar alread, but I think it's sufficient 🙂
Comment 69•3 years ago
|
||
You think. So you don't really commit to anything.
It's not a high bar to get very high quality code written from very high quality programmers. A lot of people all around the world are trying to make IPv6 work and putting in thousands of hours of volunteer effort already. This bug is a major break in global IPv6 connectivity.
Code is easy to come by. Permission to get that code onto real IPv6 nodes is much harder.
Permission is what we need here. Permission, from you, to fix those computers.
We don't have unambiguous permission yet. So it's MUCH harder to get anybody willing to write code for free or donate money for code.
Comment 70•3 years ago
|
||
(In reply to Andrew Cady from comment #64)
You don't have to implement it. You just have to agree that you'd accept a patch.
By the way, you need to send the interface ID back over the wire unchanged. You need to treat the URL as an opaque string and never edit it. So that part of the spec is a bug.
Andrew, that is your opinion. It is not a bug in the RFC; it was intentional. Agreed, that requirement in the RFC breaks your use case. It isn't for Mozilla or whatwg to address that, because it's an IETF issue. I will re-open this discussion at ipv6@ietf.org, because if updating the RFC is the way to get whatwg and Mozilla to revisit the issue, we need to do that. In fact whatwg does matter because this affects all browsers, not just Firefox.
Brian
Sending the interface ID over the wire is fine on a link-local network! It's guaranteed to be over the same link, so the network ID is always correct when the web server sends the string back to the web client.
The client NEEDS that interface idea and to receive it over the fe80 link.
Comment 71•3 years ago
|
||
(In reply to Brian E Carpenter from comment #70)
(In reply to Andrew Cady from comment #64)
You don't have to implement it. You just have to agree that you'd accept a patch.
By the way, you need to send the interface ID back over the wire unchanged. You need to treat the URL as an opaque string and never edit it. So that part of the spec is a bug.
Andrew, that is your opinion.
In my opinion, it's a mathematical fact.
It is not a bug in the RFC; it was intentional.
Being intentional isn't the same thing as not being a bug.
Agreed, that requirement in the RFC breaks your use case.
It breaks HTTP's required assumptions for client-server connectivity over that URL. That's why it's a bug.
If connectivity cannot be achieved when code meets the spec, but CAN achieve connectivity when code does NOT meet the spec, then the spec has a bug. Even if spec was deliberately chosen that way because of evil desire to break connectivity. Still a bug.
Just like, if the spec says to use some eliptic curve, but the curve is compromised, then the spec has a bug. Whether intentional or not.
It isn't for Mozilla or whatwg to address that,
It doesn't make sense for them to wait for a standard to fix a bug, before they fix their own code base.
Especially since there is a whole dev branch to put it in first. You could literally implement both versions, give them to WHATWG people to download, and they can verify that the only "advantage" of doing it the spec way is to break some connections.
your use case
It's not some special use case. It's just basic assumptions about how HTTP works. Firefox wants to violate these assumptions introducing special cases. Remove all the special cases because the general solution is what we want anyway.
Comment 72•3 years ago
|
||
(In reply to Andrew Cady from comment #71)
(In reply to Brian E Carpenter from comment #70)
(In reply to Andrew Cady from comment #64)
You don't have to implement it. You just have to agree that you'd accept a patch.
By the way, you need to send the interface ID back over the wire unchanged. You need to treat the URL as an opaque string and never edit it. So that part of the spec is a bug.
Andrew, that is your opinion.
In my opinion, it's a mathematical fact.
It is not a bug in the RFC; it was intentional.
Being intentional isn't the same thing as not being a bug.
Agreed, that requirement in the RFC breaks your use case.
It breaks HTTP's required assumptions for client-server connectivity over that URL. That's why it's a bug.
This point in the HTTP spec is rather subtle. https://www.rfc-editor.org/rfc/rfc7230#section-5.4 defines that HTTP must carry a Host: header which includes a uri-host that (if you follow the breadcrumbs via RFC3986) may be an IP address literal as defined in RFC6874. So since RFC6874 formally updates RFC3986, it indirectly updates RFC7230. This may or may not be a mistake but that doesn't make it a bug.
If connectivity cannot be achieved when code meets the spec, but CAN achieve connectivity when code does NOT meet the spec, then the spec has a bug. Even if spec was deliberately chosen that way because of evil desire to break connectivity. Still a bug.
Can you try to stay a bit professional in your choice of language, please? Also, your comment is inconsistent with the nature of IPv6 "Zone IDs" as defined in RFC4007 and used in RFC6874. The precise reason that RFC6874 forbids sending the Zone ID on the wire is that it is by definition meaningless outside the host. Example: if it's %eth0 and it happens to arrive in a remote host on the interface known there as %eth99, it won't work there and might even accidentally point to a third host.
[I've written code dealing with IPv6 link-locals and it's quite a lot of bother to keep track of interface identifiers for incoming messages, but one thing you never, never rely on is the interface identifier used in the remote host.]
We will, I think, reopen the RFC in the IETF WG. You can subscribe via https://datatracker.ietf.org/wg/6man/about/
Just like, if the spec says to use some eliptic curve, but the curve is compromised, then the spec has a bug. Whether intentional or not.
It isn't for Mozilla or whatwg to address that,
It doesn't make sense for them to wait for a standard to fix a bug, before they fix their own code base.
Especially since there is a whole dev branch to put it in first. You could literally implement both versions, give them to WHATWG people to download, and they can verify that the only "advantage" of doing it the spec way is to break some connections.
your use case
It's not some special use case. It's just basic assumptions about how HTTP works. Firefox wants to violate these assumptions introducing special cases. Remove all the special cases because the general solution is what we want anyway.
Comment 73•3 years ago
|
||
It is definitely alright to echo a local name back and forth over a TCP link, which is guaranteed to route such a message to a host where it is meaningful. So "meaningless by definition" just implies the definition is wrong.
Example: if it's %eth0 and it happens to arrive in a remote host on the interface known there as %eth99
To be clear: whether it's on a server or a client, the address is always the server from the client's perspective and interface specifier always contains the client's interface name. The server's interface name is never sent over the wire.
The HTTP client does not accept a response coming from another interface than the one on which it made the request.
(If somehow the ongoing TCP connection could be migrated between interfaces, even then, the link would merely be stale, not meaningless.)
[I've written code dealing with IPv6 link-locals and it's quite a lot of bother to keep track of interface identifiers for incoming messages, but one thing you never, never rely on is the interface identifier used in the remote host.]
The entire principle of HTTP is to rely on the remote host to tell you where to go.
The server can send you to any IP it chooses.
The server knows how to send back the same string that the client sent -- when it wants to keep the client on the same link.
The server chooses whether to send back the string you sent it. It can send any other string.
There is no need or benefit on the client to censor the string and not supply the server with the exact name it actually used to access the server.
The principle of HTTP1.1 is that the client tells the server its own name for the session. The name of the server on the server is only supposed to be meaningful from the perspective of the client. For example, the server could be given a name for itself that is a different IP than it's listening on from a network perspective, and that name would be the IP address that the client uses, from its perspective, to reach the server.
If the client redirects IP 127.0.0.2 on their own machine to a google IP, and visits that way, then the google web server will be told that its name is "127.0.0.2" and google will be able to send that IP back to clients if they choose. And the users will be able to actually connect to google through that meaningless (to google) IP.
Meaningfulness here, on both client and server, is defined from the client's perspective. So it's fine. It's meaningful.
Comment 74•3 years ago
|
||
The whole point of the Host: header is to give the server a piece of the client's perspective.
So a rule that forbids sharing because it leaks the client's perspective is inapplicable in this case.
Comment 75•3 years ago
|
||
You'd think we can just pass whatever string to the system API and it will work or fail depending on whether it's valid or not,
You can.
but that's not the case. In bug 1199430 for example it was apparent that we need to make sure that the hostname string is really valid before passing it to the OS.
That was a bug in the developer who failed to understand the API. It was not a bug in the API. (So it goes.)
The developer believed the parser from the API would match against the end of the string but in truth it matched against the end of the word.
You only need to properly validate the input to the API. Not to re-implement any of its internal functionality.
The crucial thing here is not technical details, but that there be a sacred covenant between the programmer who creates the web client and the user who inputs a name that the program will faithfully deliver the name to the web server.
A covenant that the browser, recognizing its own power over both user and server (being positioned as man-in-the-middle), will never filter nor break any name. Recognizing the danger of this power, and promising restraint, to guarantee full agency to the user.
Valentin, can Mozilla agree to that principle?
Comment 76•3 years ago
|
||
Comment 77•3 years ago
|
||
And the draft has been updated, with live discussion planned at the upcoming IETF meeting.
Comment 78•3 years ago
|
||
The draft has been updated again following the IETF discussion. In particular, two open issues have been highlighted and they need feedback from the implementation side.
Once again, a diff from the previous version is available.
Comment 79•3 years ago
|
||
I'm running into this too from time to time. Does anybody happen to know of a workaround at least?
Comment 80•3 years ago
|
||
Julius, I'm not aware of a workaround except using Internet Explorer as long as it still exists - it does support RFC6874 syntax, e.g. [fe80::abcd%257], but of course it's only Windows and a very outdated browser in other respects.
If you want support in wget() I patched it: https://github.com/becarpenter/wget6
Comment 81•3 years ago
|
||
Nico Schottelius's link above https://ungleich.ch/u/blog/ipv6-link-local-support-in-browsers/ has a couple of workaround, including a LD_PRELOAD
library and an iptables
trick.
After bumping into this problem, I also made a workaround in the form of a SOCKS5 proxy server, that rewrites a "magic escape sequence" host name into IPv6 address literals. This should work on a variety of browsers and operating systems. https://github.com/twisteroidambassador/prettysocks/tree/ipv6-literal
Comment 82•3 years ago
|
||
I think this bug was closed on the wrong premises. It requests supporting connecting to IPv6 link-local addresses. However it was closed due to a particular URL syntax that's commonly used for such addresses being unsupportable.
I think supporting these URLs is not that important, but at least having the ability to connect to hosts on their link-local addresses is. Especially in a home network sometimes the only address available to reach a device is its link-local address (for instance a wireless access point with a missing uplink won't have any other reachable address).
Hopefully such use cases can still be supported despite the lack of support for those particular URLs. Maybe the interface that needs to be used could be specified in a different way?
Comment 83•3 years ago
|
||
Julius, it is not really the syntax details that cause the reluctance to implement this, it is the complexity of actually doing the work on the URL parsers of the browsers. As noted above, the fix for wget is rather easy, but we (the IETF authors involved) have reached out to the browser developers, and I've personally spent a few days looking at the Firefox code. Bottom line: this is a non-trivial amount of work for the mainstream browsers and a lot more pressure from the user side will be needed for it to happen.
All the same, watch out for a new version of our draft; it will show up here within a week.
Comment 84•3 years ago
|
||
Brian, thanks a lot for the response and also great that a new draft is coming up! Hopefully this bug can be reopened soon with a good standard way in place!
None the less, for the sake of this bug, I think it's important to distinguish between "accessing through a URL, working non-relative links, etc." and "supporting connections to link-local addresses". Although it might seem even harder, theoretically one could establish a connection without any concept of a URL :)
Hopefully a full solution can be built, but otherwise it would be good to think a bit more out of the box on this one, because it would be super-useful to have this functionality!!
Comment 85•3 years ago
|
||
The new draft is at https://www.ietf.org/archive/id/draft-carpenter-6man-rfc6874bis-03.html.
Comment 86•3 years ago
|
||
I landed here because I am working on the administration of IPv6 only networks. I am very surprised that such a fundamental function is not (any more) implemented in Firefox, and hope it will be soon.
Comment 87•3 years ago
|
||
The IETF 6MAN WG has just formally adopted our document draft-ietf-6man-rfc6874bis-00. All we need is a developer who understands all the places where URLs are parsed (there are several) and where the actual socket calls are made. I'm glad to help if such a developer contacts me.
Comment 89•3 years ago
|
||
@Dan Weiss, in bug 1759739 you said:
In Windows 10, a WSD printer will have with a URL like this: http://[fe80::822b:f9ff:fe6a:d7de%10]:80/WebServices/Device
According to https://superuser.com/questions/99746/why-is-there-a-percent-sign-in-the-ipv6-address, this is caused by Windows adding a percent sign (%) and a number to identify which network the link-local address corresponds to. But Firefox doesn't accept this kind of URL with a percent sign (%), and instead opens a web search.If I remove the "%10" from the URL, Firefox visits the page fine. It seems that the only web browser that accepts this kind of URL is Microsoft Internet Explorer.
Actual results: Firefox gets confused by the percent sign % in the URL and opens a web search instead of accessing the printer's web interface.
Expected results: Firefox should ignore or discard the percent sign % and local network identifier number if it appears after a link-local IPV6 address.
That's not quite right. On a host with two interfaces active, e.g. WiFi and Ethernet, %10 is necessary to select one or the other. See the above mentioned draft for details.
Comment 90•3 years ago
|
||
New version of the draft published: https://www.ietf.org/archive/id/draft-ietf-6man-rfc6874bis-01.html.
Among other things it adds the Microsoft use case flagged by @Dan Weiss.
Comment 91•3 years ago
|
||
All we need is a developer who understands all the places where URLs are parsed (there are several) and where the actual socket calls are made.
Would it not help in attracting a developer, to re-open this issue as an open bug so that someone could find it and fix it?
Comment 92•3 years ago
|
||
@Ian!, I agree, but perhaps we should wait until the IETF draft is approved to become an RFC. Comments on the draft are more than welcome, preferably directed at the mailing list.
Comment 93•2 years ago
|
||
Note that the IETF working group has reached consensus on the latest version: https://www.ietf.org/archive/id/draft-ietf-6man-rfc6874bis-02.html and it is now under review by the appropriate IETF Area Director. Comments still very welcome at ipv6@ietf.org.
Comment 94•2 years ago
|
||
Thank you for all the great work, Brian!
I'll reopen the bug for future work into supporting this.
It would be nice if we could restart discussions in https://github.com/whatwg/url/issues/392 to ensure webcompat, but I don't think that's a blocker.
Updated•2 years ago
|
Comment 95•2 years ago
|
||
Not going to work on this right away.
Comment 96•2 years ago
|
||
The severity field for this bug is relatively low, S3. However, the bug has 20 votes.
:valentin, could you consider increasing the bug severity?
For more information, please visit auto_nag documentation.
Comment 97•2 years ago
|
||
The URI syntax update is now in IETF Last Call, i.e. the last opportunity for public comments: https://mailarchive.ietf.org/arch/msg/ietf-announce/BqBF9qvZ8qZR4ZPlawPvQSe0WbU/
Updated•2 years ago
|
Updated•2 years ago
|
Comment 98•2 years ago
|
||
Worth mentioning that the draft has been updated following Last Call comments: https://www.ietf.org/archive/id/draft-ietf-6man-rfc6874bis-03.html.
Comment 99•2 years ago
|
||
According to the comments in bug 392428 this was regressed by bug 504014 in Firefox 7.
Comment 100•2 years ago
|
||
(In reply to Mathew Hodson from comment #99)
According to the comments in bug 392428 this was regressed by bug 504014 in Firefox 7.
Ancient history. The [xxx] syntax is only for IPv6 literals.
Comment 101•2 years ago
|
||
Another (very minor) update to the draft at https://www.ietf.org/archive/id/draft-ietf-6man-rfc6874bis-04.html#name-change-log
Comment 102•2 years ago
|
||
An important gotcha is at https://github.com/whatwg/url/issues/392#issuecomment-1297293843
Comment 103•2 years ago
|
||
It is good to see that finally (after 11 years) there will probably be a fix.
While maybe 5-10 years ago it was not that important or common, having support for link local autoconfiguration addressess in web browsers (other that Microsoft) is important for network management, and increasingly important for configuration of home devices via a web interface.
There has been RFC6874 for a long time, so any argument that "there is no standard for it" disappeared a long time ago.
The new, about to be finalised, RFC874bis provides an even simpler specification, limiting the scope of required changes (although all URL handling will need updating).
Note that it is also important to ensure the support includes default zone (i.e. zone 0), as specified in RFC4007 https://datatracker.ietf.org/doc/html/rfc4007
This allows devices to include something like a QR code with "http://[fe80::2001:db8:1234:abcd%0]" and then a mobile phone will be able to scan and reach the device. (Just "http://[fe80::2001:db8:1234:abcd]" should probably also work, if default zone is correctly handled)
For network management, it also becomes easy to access upstream router/gateway via "http://[fe80::1]" (with the default zone)
Comment 104•2 years ago
|
||
As far as I can tell, Linux itself doesn't support the default zone, and Windows does. That can't be fixed by the browser, which makes the fix even more important for Linux.
If you want Linux to support zone 0, that needs to be raised elsewehere.
(I don't know the situation for BSD etc.)
Comment 105•2 years ago
|
||
Yes, good point.
Ultimately support for default zone depends on the underlying OS, although a test case is that "http://[fe80::1%0]" should have the same result as "http://[fe80::1]".
i.e. on an OS with default zone support, it will show the device (if it exists and has a web UI), or on an OS with no support (or where it does not exist) it will give a timeout with no response.
What is should NOT do is an Internet search for the string "http://[fe80:1%0]"
Supporting on desktop/laptop Linux is useful for network administrators, but for home users it is probably more important to have it supported on mobile browsers, e.g. the scenario where a user points a phone at a QR code.
Comment 106•2 years ago
|
||
New version of the draft today : https://www.ietf.org/archive/id/draft-ietf-6man-rfc6874bis-05.html
There's one change, adding a note that zone IDs with upper case letters won't work.
(That's an issue we can't fix, due to a shortfall in RFC4007.)
Updated•2 years ago
|
Comment 107•2 years ago
|
||
Worth noting the the draft has been significantly updated following initial IESG review; we are now waiting for further IESG review. In particular we now cross-reference the W3C community work on CORS.
https://www.ietf.org/archive/id/draft-ietf-6man-rfc6874bis-08.html
The more important recent changes:
- Added NMEA use case.
- Clearly explained cut-and-paste requirement.
- Clarified character set restrictions and the applicability of numeric identifiers as a work-around.
- Updated ABNF to require lower case (due to host component case normalization)
- Mentioned .local as another case of locally significant URIs.
- Expanded text on handling of zone ID at server.
- Added discussion of CORS.
- Noted parsing fragility re % sign.
- Noted potential exposure of MAC addresses in zone IDs.
Comment 109•1 year ago
|
||
And in other news, the IETF draft is now at version 9, https://www.ietf.org/archive/id/draft-ietf-6man-rfc6874bis-09.html, but still held up from approval as an RFC even though version 9 responds to the remaining objections. If you really want to see this sausage being made, https://datatracker.ietf.org/doc/draft-ietf-6man-rfc6874bis/ballot/
Comment 110•1 year ago
|
||
@scunnane@mozilla.com : http://[fe80::58bc:daff:fe86:ba71%2525]/
is valid under RFC6874 but http://[fe80::58bc:daff:fe86:ba71%25]/
is valid under the replacement draft, i.e. percent-encoding not needed inside the square brackets. Yes, it's a syntax change but since no browser currently supports RFC6874 we can change it.
Updated•1 year ago
|
Updated•11 months ago
|
Comment 111•10 months ago
|
||
As far as I can tell, none of the other browser engines have expressed an interest in supporting IPv6 link-local addresses.
While that doesn't mean it will never happen, the amount of engineering effort to handle this corner case compared to the relatively minor benefit of this feature means that we're unlikely add this to Gecko at the moment.
If this becomes part of the URL standard I'm open to reopening this conversation.
Description
•