Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS leaks on socks proxy #2248

Closed
Yoskaldyr opened this issue Dec 21, 2021 · 6 comments
Closed

DNS leaks on socks proxy #2248

Yoskaldyr opened this issue Dec 21, 2021 · 6 comments

Comments

@Yoskaldyr
Copy link

  • Multi-Account Containers Version: 8.0.4
  • Operating System + Version: All versions
  • Firefox Version: All supported versions
  • Other installed Add-ons + Version + Enabled/Disabled-Status:

Actual behavior

DNS leaks exist with socks servers :(

Expected behavior

No DNS leaks

Steps to reproduce

  1. Just use any socks proxy for container

Notes

It can be fixed just one line of code
in file src\js\background\assignManager.js
change

    if (!result.proxy.mozProxyEnabled) {
        return result.proxy;
    }

    // Let's add the isolation key.
    return [{ ...result.proxy, connectionIsolationKey: "" + MozillaVPN_Background.isolationKey }];

to

    if (!result.proxy.mozProxyEnabled) {
        return [{ ...result.proxy, proxyDNS: true }];
    }

    // Let's add the isolation key.
    return [{ ...result.proxy, connectionIsolationKey: "" + MozillaVPN_Background.isolationKey, proxyDNS: true }];
@groovecoder
Copy link
Member

Thanks for the issue report. Fix in #2258.

@bakulf bakulf closed this as completed in 53e9d24 Jan 1, 2022
bakulf added a commit that referenced this issue Jan 1, 2022
@bakulf
Merge pull request #2258 from mozilla/proxy-dns-2248
cb31410 
fix #2248: proxy DNS too
@firefox4ever
Copy link

@groovecoder DNS leaks are still present even with proxyDNS: true when firefox proxy settings set to any value except manual proxy settings with socks proxy set and DNS over Socks enabled. Looks like firefox ignores proxyDNS flag from webextension API when global DNS over Socks setting disabled. Issue exist on latest relese version and latest esr version.

I think this is firefox webextension proxy API issue. Because DNS leaks are present in all other similar addons.

@firefox4ever firefox4ever mentioned this issue Jan 7, 2022
Open
@groovecoder
Copy link
Member

@firefox4ever - are you running this merged branch of the add-on? Or still running 8.0.4? We haven't been able to release yet.

@firefox4ever
Copy link

firefox4ever commented Jan 7, 2022
edited
Loading

@groovecoder Yes, I tested latest version of main branch with latest commits using web-ext
I develop own container proxifier addon and found similar issue. And I decided to check all other addons with similar functions.
I think it firefox issue, but I'm not sure. Looks like some conflicts between firefox settings and proxy webextension api

@wishbone1138 wishbone1138 mentioned this issue Feb 2, 2022
Closed
@Lem
Copy link

Lem commented Feb 4, 2022

As already mentioned in the other issue, this issue seems to break the "Advanced Proxy Settings" in 8.0.5.

@Jee-Hex Jee-Hex mentioned this issue Aug 24, 2022
Closed
@lxgr
Copy link

lxgr commented Apr 1, 2023
edited
Loading

This is still (or again) happening in 8.1.2. What's strange is that Firefox somehow uses both the host and the SOCKS to resolve hostnames! Could this be some interaction with DoH fallbacks to local DNS?

Update: Aparently this is some negative interaction with uBlock! After disabling that, it only uses the SOCKS tunnel for name resolution as expected. I've raised a ticket for this here, but maybe somebody here knows whether there is actually any API for third-party extensions to detect per-container proxying, so that they can (as in uBlock's case) adapt their own network requests, or ideally have them pass through the same proxy as those of the visited site?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@groovecoder @Lem @lxgr @Yoskaldyr @firefox4ever