diff options
Diffstat (limited to 'netwerk/dns')
-rw-r--r-- | netwerk/dns/DNS.cpp | 34 | ||||
-rw-r--r-- | netwerk/dns/PlatformDNSAndroid.cpp | 4 | ||||
-rw-r--r-- | netwerk/dns/PlatformDNSUnix.cpp | 4 | ||||
-rw-r--r-- | netwerk/dns/PlatformDNSWin.cpp | 7 | ||||
-rw-r--r-- | netwerk/dns/TRRService.cpp | 7 | ||||
-rw-r--r-- | netwerk/dns/TRRService.h | 2 | ||||
-rw-r--r-- | netwerk/dns/TRRServiceBase.cpp | 3 | ||||
-rw-r--r-- | netwerk/dns/TRRServiceBase.h | 1 | ||||
-rw-r--r-- | netwerk/dns/effective_tld_names.dat | 650 | ||||
-rw-r--r-- | netwerk/dns/nsDNSService2.cpp | 18 | ||||
-rw-r--r-- | netwerk/dns/nsDNSService2.h | 2 | ||||
-rw-r--r-- | netwerk/dns/nsHostResolver.cpp | 14 | ||||
-rw-r--r-- | netwerk/dns/nsHostResolver.h | 2 | ||||
-rw-r--r-- | netwerk/dns/nsIDNSByTypeRecord.idl | 6 | ||||
-rw-r--r-- | netwerk/dns/nsIDNSRecord.idl | 4 | ||||
-rw-r--r-- | netwerk/dns/nsIDNSService.idl | 4 |
16 files changed, 406 insertions, 356 deletions
diff --git a/netwerk/dns/DNS.cpp b/netwerk/dns/DNS.cpp index 91730989db..31d910851b 100644 --- a/netwerk/dns/DNS.cpp +++ b/netwerk/dns/DNS.cpp @@ -21,36 +21,6 @@ namespace mozilla { namespace net { -const char* inet_ntop_internal(int af, const void* src, char* dst, - socklen_t size) { -#ifdef XP_WIN - if (af == AF_INET) { - struct sockaddr_in s; - memset(&s, 0, sizeof(s)); - s.sin_family = AF_INET; - memcpy(&s.sin_addr, src, sizeof(struct in_addr)); - int result = getnameinfo((struct sockaddr*)&s, sizeof(struct sockaddr_in), - dst, size, nullptr, 0, NI_NUMERICHOST); - if (result == 0) { - return dst; - } - } else if (af == AF_INET6) { - struct sockaddr_in6 s; - memset(&s, 0, sizeof(s)); - s.sin6_family = AF_INET6; - memcpy(&s.sin6_addr, src, sizeof(struct in_addr6)); - int result = getnameinfo((struct sockaddr*)&s, sizeof(struct sockaddr_in6), - dst, size, nullptr, 0, NI_NUMERICHOST); - if (result == 0) { - return dst; - } - } - return nullptr; -#else - return inet_ntop(af, src, dst, size); -#endif -} - // Copies the contents of a PRNetAddr to a NetAddr. // Does not do a ptr safety check! void PRNetAddrToNetAddr(const PRNetAddr* prAddr, NetAddr* addr) { @@ -135,7 +105,7 @@ bool NetAddr::ToStringBuffer(char* buf, uint32_t bufSize) const { } struct in_addr nativeAddr = {}; nativeAddr.s_addr = addr->inet.ip; - return !!inet_ntop_internal(AF_INET, &nativeAddr, buf, bufSize); + return !!inet_ntop(AF_INET, &nativeAddr, buf, bufSize); } if (addr->raw.family == AF_INET6) { if (bufSize < INET6_ADDRSTRLEN) { @@ -143,7 +113,7 @@ bool NetAddr::ToStringBuffer(char* buf, uint32_t bufSize) const { } struct in6_addr nativeAddr = {}; memcpy(&nativeAddr.s6_addr, &addr->inet6.ip, sizeof(addr->inet6.ip.u8)); - return !!inet_ntop_internal(AF_INET6, &nativeAddr, buf, bufSize); + return !!inet_ntop(AF_INET6, &nativeAddr, buf, bufSize); } #if defined(XP_UNIX) if (addr->raw.family == AF_LOCAL) { diff --git a/netwerk/dns/PlatformDNSAndroid.cpp b/netwerk/dns/PlatformDNSAndroid.cpp index 171797b938..7875ea7dec 100644 --- a/netwerk/dns/PlatformDNSAndroid.cpp +++ b/netwerk/dns/PlatformDNSAndroid.cpp @@ -5,6 +5,7 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "GetAddrInfo.h" +#include "mozilla/glean/GleanMetrics.h" #include "mozilla/net/DNSPacket.h" #include "nsIDNSService.h" #include "mozilla/Maybe.h" @@ -71,6 +72,7 @@ nsresult ResolveHTTPSRecordImpl(const nsACString& aHost, uint16_t aFlags, } LOG("resolving %s\n", host.get()); + TimeStamp startTime = TimeStamp::Now(); // Perform the query rv = packet.FillBuffer( [&](unsigned char response[DNSPacket::MAX_SIZE]) -> int { @@ -118,6 +120,8 @@ nsresult ResolveHTTPSRecordImpl(const nsACString& aHost, uint16_t aFlags, return len - 8; }); + mozilla::glean::networking::dns_native_https_call_time.AccumulateRawDuration( + TimeStamp::Now() - startTime); if (NS_FAILED(rv)) { LOG("failed rv"); return rv; diff --git a/netwerk/dns/PlatformDNSUnix.cpp b/netwerk/dns/PlatformDNSUnix.cpp index c7f57fcdda..8a328f3da5 100644 --- a/netwerk/dns/PlatformDNSUnix.cpp +++ b/netwerk/dns/PlatformDNSUnix.cpp @@ -5,6 +5,7 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "GetAddrInfo.h" +#include "mozilla/glean/GleanMetrics.h" #include "mozilla/net/DNSPacket.h" #include "nsIDNSService.h" #include "mozilla/Maybe.h" @@ -55,6 +56,7 @@ nsresult ResolveHTTPSRecordImpl(const nsACString& aHost, uint16_t aFlags, rv = packet.FillBuffer( [&](unsigned char response[DNSPacket::MAX_SIZE]) -> int { int len = 0; + TimeStamp startTime = TimeStamp::Now(); #if defined(HAVE_RES_NINIT) len = res_nquery(sThreadRes.get(), host.get(), ns_c_in, nsIDNSService::RESOLVE_TYPE_HTTPSSVC, response, @@ -65,6 +67,8 @@ nsresult ResolveHTTPSRecordImpl(const nsACString& aHost, uint16_t aFlags, response, DNSPacket::MAX_SIZE); #endif + mozilla::glean::networking::dns_native_https_call_time + .AccumulateRawDuration(TimeStamp::Now() - startTime); if (len < 0) { LOG("DNS query failed"); } diff --git a/netwerk/dns/PlatformDNSWin.cpp b/netwerk/dns/PlatformDNSWin.cpp index 42f1483ec3..93e936f4dc 100644 --- a/netwerk/dns/PlatformDNSWin.cpp +++ b/netwerk/dns/PlatformDNSWin.cpp @@ -5,6 +5,7 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "GetAddrInfo.h" +#include "mozilla/glean/GleanMetrics.h" #include "mozilla/net/DNSPacket.h" #include "nsIDNSService.h" #include "mozilla/Maybe.h" @@ -39,9 +40,15 @@ nsresult ResolveHTTPSRecordImpl(const nsACString& aHost, uint16_t aFlags, return NS_ERROR_UNKNOWN_HOST; } + TimeStamp startTime = TimeStamp::Now(); + DNS_STATUS status = DnsQuery_A(host.get(), nsIDNSService::RESOLVE_TYPE_HTTPSSVC, DNS_QUERY_STANDARD, nullptr, &result, nullptr); + + mozilla::glean::networking::dns_native_https_call_time.AccumulateRawDuration( + TimeStamp::Now() - startTime); + if (status != ERROR_SUCCESS) { LOG("DnsQuery_A failed with error: %ld\n", status); return NS_ERROR_UNKNOWN_HOST; diff --git a/netwerk/dns/TRRService.cpp b/netwerk/dns/TRRService.cpp index fbaa67ee14..4599e7b5c0 100644 --- a/netwerk/dns/TRRService.cpp +++ b/netwerk/dns/TRRService.cpp @@ -170,7 +170,7 @@ static void EventTelemetryPrefChanged(const char* aPref, void* aData) { StaticPrefs::network_trr_confirmation_telemetry_enabled()); } -nsresult TRRService::Init() { +nsresult TRRService::Init(bool aNativeHTTPSQueryEnabled) { MOZ_ASSERT(NS_IsMainThread(), "wrong thread"); if (mInitialized) { return NS_OK; @@ -189,6 +189,7 @@ nsresult TRRService::Init() { sTRRServicePtr = this; + mNativeHTTPSQueryEnabled = aNativeHTTPSQueryEnabled; ReadPrefs(nullptr); mConfirmation.HandleEvent(ConfirmationEvent::Init); @@ -1021,7 +1022,9 @@ bool TRRService::IsExcludedFromTRR_unlocked(const nsACString& aHost) { return true; } if (mDNSSuffixDomains.Contains(subdomain)) { - LOG(("Subdomain [%s] of host [%s] Is Excluded From TRR via pref\n", + LOG( + ("Subdomain [%s] of host [%s] Is Excluded From TRR via DNSSuffix " + "domains\n", subdomain.BeginReading(), aHost.BeginReading())); return true; } diff --git a/netwerk/dns/TRRService.h b/netwerk/dns/TRRService.h index 3283a8ea06..4c757bd90f 100644 --- a/netwerk/dns/TRRService.h +++ b/netwerk/dns/TRRService.h @@ -42,7 +42,7 @@ class TRRService : public TRRServiceBase, bool OnWritingThread() const override { return NS_IsMainThread(); } - nsresult Init(); + nsresult Init(bool aNativeHTTPSQueryEnabled); nsresult Start(); bool Enabled(nsIRequest::TRRMode aRequestMode = nsIRequest::TRR_DEFAULT_MODE); bool IsConfirmed() { return mConfirmation.State() == CONFIRM_OK; } diff --git a/netwerk/dns/TRRServiceBase.cpp b/netwerk/dns/TRRServiceBase.cpp index 943edc41dd..31d09f3720 100644 --- a/netwerk/dns/TRRServiceBase.cpp +++ b/netwerk/dns/TRRServiceBase.cpp @@ -163,8 +163,9 @@ void TRRServiceBase::OnTRRModeChange() { } static bool readHosts = false; + // When native HTTPS query is enabled, we need to read etc/hosts. if ((mMode == nsIDNSService::MODE_TRRFIRST || - mMode == nsIDNSService::MODE_TRRONLY) && + mMode == nsIDNSService::MODE_TRRONLY || mNativeHTTPSQueryEnabled) && !readHosts) { readHosts = true; ReadEtcHostsFile(); diff --git a/netwerk/dns/TRRServiceBase.h b/netwerk/dns/TRRServiceBase.h index a7f85fc95d..f79e31cdb3 100644 --- a/netwerk/dns/TRRServiceBase.h +++ b/netwerk/dns/TRRServiceBase.h @@ -82,6 +82,7 @@ class TRRServiceBase : public nsIProxyConfigChangedCallback { Atomic<bool, Relaxed> mURISetByDetection{false}; Atomic<bool, Relaxed> mTRRConnectionInfoInited{false}; DataMutex<RefPtr<nsHttpConnectionInfo>> mDefaultTRRConnectionInfo; + bool mNativeHTTPSQueryEnabled{false}; }; } // namespace net diff --git a/netwerk/dns/effective_tld_names.dat b/netwerk/dns/effective_tld_names.dat index fdcaca41d5..d4886d518b 100644 --- a/netwerk/dns/effective_tld_names.dat +++ b/netwerk/dns/effective_tld_names.dat @@ -6710,7 +6710,7 @@ org.zw // newGTLDs -// List of new gTLDs imported from https://www.icann.org/resources/registries/gtlds/v2/gtlds.json on 2024-05-04T15:12:50Z +// List of new gTLDs imported from https://www.icann.org/resources/registries/gtlds/v2/gtlds.json on 2024-05-31T15:16:08Z // This list is auto-generated, don't edit it manually. // aaa : American Automobile Association, Inc. // https://www.iana.org/domains/root/db/aaa.html @@ -8976,7 +8976,7 @@ lotte // https://www.iana.org/domains/root/db/lotto.html lotto -// love : Merchant Law Group LLP +// love : Waterford Limited // https://www.iana.org/domains/root/db/love.html love @@ -11387,9 +11387,9 @@ auth-fips.us-west-2.amazoncognito.com // Amazon EC2 // Submitted by Luke Wells <psl-maintainers@amazon.com> // Reference: 4c38fa71-58ac-4768-99e5-689c1767e537 +*.compute.amazonaws.com.cn *.compute.amazonaws.com *.compute-1.amazonaws.com -*.compute.amazonaws.com.cn us-east-1.amazonaws.com // Amazon EMR @@ -12288,26 +12288,26 @@ ju.mp // CentralNic : http://www.centralnic.com/names/domains // Submitted by registry <gavin.brown@centralnic.com> -ae.org +za.bz br.com cn.com -com.de -com.se de.com eu.com -gb.net -hu.net -jp.net jpn.com mex.com ru.com sa.com -se.net uk.com -uk.net us.com -za.bz za.com +com.de +gb.net +hu.net +jp.net +se.net +uk.net +ae.org +com.se // No longer operated by CentralNic, these entries should be adopted and/or removed by current operators // Submitted by Gavin Brown <gavin.brown@centralnic.com> @@ -12328,8 +12328,8 @@ gr.com // Radix FZC : http://domains.in.net // Submitted by Gavin Brown <gavin.brown@centralnic.com> -in.net web.in +in.net // US REGISTRY LLC : http://us.org // Submitted by Gavin Brown <gavin.brown@centralnic.com> @@ -12367,7 +12367,10 @@ discourse.team // Clever Cloud : https://www.clever-cloud.com/ // Submitted by Quentin Adam <noc@clever-cloud.com> +cleverapps.cc +*.services.clever-cloud.com cleverapps.io +cleverapps.tech // Clerk : https://www.clerk.dev // Submitted by Colin Sidoti <systems@clerk.dev> @@ -12398,8 +12401,8 @@ cloudaccess.net // cloudControl : https://www.cloudcontrol.com/ // Submitted by Tobias Wilken <tw@cloudcontrol.com> -cloudcontrolled.com cloudcontrolapp.com +cloudcontrolled.com // Cloudera, Inc. : https://www.cloudera.com/ // Submitted by Kedarnath Waikar <security@cloudera.com> @@ -12439,11 +12442,11 @@ co.cz // Submitted by Jan Krpes <jan.krpes@cdn77.com> cdn77-storage.com rsc.contentproxy9.cz -cdn77-ssl.net r.cdn77.net -ssl.origin.cdn77-secure.org +cdn77-ssl.net c.cdn77.org rsc.cdn77.org +ssl.origin.cdn77-secure.org // Cloud DNS Ltd : http://www.cloudns.net // Submitted by Aleksander Hristov <noc@cloudns.net> & Boyan Peychev <boyan@cloudns.net> @@ -12506,8 +12509,8 @@ test.ru // COSIMO GmbH : http://www.cosimo.de // Submitted by Rene Marticke <rmarticke@cosimo.de> dyn.cosidns.de -dynamisches-dns.de dnsupdater.de +dynamisches-dns.de internet-dns.de l-o-g-i-n.de dynamic-dns.info @@ -12561,9 +12564,9 @@ cyon.site // Danger Science Group: https://dangerscience.com/ // Submitted by Skylar MacDonald <skylar@dangerscience.com> +platform0.app fnwk.site folionetwork.site -platform0.app // Daplie, Inc : https://daplie.com // Submitted by AJ ONeal <aj@daplie.com> @@ -12693,6 +12696,26 @@ dy.fi tunk.org // DynDNS.com : http://www.dyndns.com/services/dns/dyndns/ +dyndns.biz +for-better.biz +for-more.biz +for-some.biz +for-the.biz +selfip.biz +webhop.biz +ftpaccess.cc +game-server.cc +myphotos.cc +scrapping.cc +blogdns.com +cechire.com +dnsalias.com +dnsdojo.com +doesntexist.com +dontexist.com +doomdns.com +dyn-o-saur.com +dynalias.com dyndns-at-home.com dyndns-at-work.com dyndns-blog.com @@ -12707,64 +12730,14 @@ dyndns-server.com dyndns-web.com dyndns-wiki.com dyndns-work.com -dyndns.biz -dyndns.info -dyndns.org -dyndns.tv -at-band-camp.net -ath.cx -barrel-of-knowledge.info -barrell-of-knowledge.info -better-than.tv -blogdns.com -blogdns.net -blogdns.org -blogsite.org -boldlygoingnowhere.org -broke-it.net -buyshouses.net -cechire.com -dnsalias.com -dnsalias.net -dnsalias.org -dnsdojo.com -dnsdojo.net -dnsdojo.org -does-it.net -doesntexist.com -doesntexist.org -dontexist.com -dontexist.net -dontexist.org -doomdns.com -doomdns.org -dvrdns.org -dyn-o-saur.com -dynalias.com -dynalias.net -dynalias.org -dynathome.net -dyndns.ws -endofinternet.net -endofinternet.org -endoftheinternet.org est-a-la-maison.com est-a-la-masion.com est-le-patron.com est-mon-blogueur.com -for-better.biz -for-more.biz -for-our.info -for-some.biz -for-the.biz -forgot.her.name -forgot.his.name from-ak.com from-al.com from-ar.com -from-az.net from-ca.com -from-co.net from-ct.com from-dc.com from-de.com @@ -12777,10 +12750,8 @@ from-il.com from-in.com from-ks.com from-ky.com -from-la.net from-ma.com from-md.com -from-me.org from-mi.com from-mn.com from-mo.com @@ -12793,7 +12764,6 @@ from-nh.com from-nj.com from-nm.com from-nv.com -from-ny.net from-oh.com from-ok.com from-or.com @@ -12811,45 +12781,18 @@ from-wa.com from-wi.com from-wv.com from-wy.com -ftpaccess.cc -fuettertdasnetz.de -game-host.org -game-server.cc getmyip.com -gets-it.net -go.dyndns.org gotdns.com -gotdns.org -groks-the.info -groks-this.info -ham-radio-op.net -here-for-more.info hobby-site.com -hobby-site.org -home.dyndns.org -homedns.org -homeftp.net -homeftp.org -homeip.net homelinux.com -homelinux.net -homelinux.org homeunix.com -homeunix.net -homeunix.org iamallama.com -in-the-band.net is-a-anarchist.com is-a-blogger.com is-a-bookkeeper.com -is-a-bruinsfan.org is-a-bulls-fan.com -is-a-candidate.org is-a-caterer.com -is-a-celticsfan.org is-a-chef.com -is-a-chef.net -is-a-chef.org is-a-conservative.com is-a-cpa.com is-a-cubicle-slave.com @@ -12858,31 +12801,25 @@ is-a-designer.com is-a-doctor.com is-a-financialadvisor.com is-a-geek.com -is-a-geek.net -is-a-geek.org is-a-green.com is-a-guru.com is-a-hard-worker.com is-a-hunter.com -is-a-knight.org is-a-landscaper.com is-a-lawyer.com is-a-liberal.com is-a-libertarian.com -is-a-linux-user.org is-a-llama.com is-a-musician.com is-a-nascarfan.com is-a-nurse.com is-a-painter.com -is-a-patsfan.org is-a-personaltrainer.com is-a-photographer.com is-a-player.com is-a-republican.com is-a-rockstar.com is-a-socialist.com -is-a-soxfan.org is-a-student.com is-a-teacher.com is-a-techie.com @@ -12894,92 +12831,158 @@ is-an-anarchist.com is-an-artist.com is-an-engineer.com is-an-entertainer.com -is-by.us is-certified.com -is-found.org is-gone.com is-into-anime.com is-into-cars.com is-into-cartoons.com is-into-games.com is-leet.com -is-lost.org is-not-certified.com -is-saved.org is-slick.com is-uberleet.com -is-very-bad.org -is-very-evil.org -is-very-good.org -is-very-nice.org -is-very-sweet.org is-with-theband.com isa-geek.com -isa-geek.net -isa-geek.org isa-hockeynut.com issmarterthanyou.com +likes-pie.com +likescandy.com +neat-url.com +saves-the-whales.com +selfip.com +sells-for-less.com +sells-for-u.com +servebbs.com +simple-url.com +space-to-rent.com +teaches-yoga.com +writesthisblog.com +ath.cx +fuettertdasnetz.de isteingeek.de istmein.de -kicks-ass.net -kicks-ass.org -knowsitall.info -land-4-sale.us lebtimnetz.de leitungsen.de -likes-pie.com -likescandy.com +traeumtgerade.de +barrel-of-knowledge.info +barrell-of-knowledge.info +dyndns.info +for-our.info +groks-the.info +groks-this.info +here-for-more.info +knowsitall.info +selfip.info +webhop.info +forgot.her.name +forgot.his.name +at-band-camp.net +blogdns.net +broke-it.net +buyshouses.net +dnsalias.net +dnsdojo.net +does-it.net +dontexist.net +dynalias.net +dynathome.net +endofinternet.net +from-az.net +from-co.net +from-la.net +from-ny.net +gets-it.net +ham-radio-op.net +homeftp.net +homeip.net +homelinux.net +homeunix.net +in-the-band.net +is-a-chef.net +is-a-geek.net +isa-geek.net +kicks-ass.net +office-on-the.net +podzone.net +scrapper-site.net +selfip.net +sells-it.net +servebbs.net +serveftp.net +thruhere.net +webhop.net merseine.nu mine.nu +shacknet.nu +blogdns.org +blogsite.org +boldlygoingnowhere.org +dnsalias.org +dnsdojo.org +doesntexist.org +dontexist.org +doomdns.org +dvrdns.org +dynalias.org +dyndns.org +go.dyndns.org +home.dyndns.org +endofinternet.org +endoftheinternet.org +from-me.org +game-host.org +gotdns.org +hobby-site.org +homedns.org +homeftp.org +homelinux.org +homeunix.org +is-a-bruinsfan.org +is-a-candidate.org +is-a-celticsfan.org +is-a-chef.org +is-a-geek.org +is-a-knight.org +is-a-linux-user.org +is-a-patsfan.org +is-a-soxfan.org +is-found.org +is-lost.org +is-saved.org +is-very-bad.org +is-very-evil.org +is-very-good.org +is-very-nice.org +is-very-sweet.org +isa-geek.org +kicks-ass.org misconfused.org -mypets.ws -myphotos.cc -neat-url.com -office-on-the.net -on-the-web.tv -podzone.net podzone.org readmyblog.org -saves-the-whales.com -scrapper-site.net -scrapping.cc -selfip.biz -selfip.com -selfip.info -selfip.net selfip.org -sells-for-less.com -sells-for-u.com -sells-it.net sellsyourhome.org -servebbs.com -servebbs.net servebbs.org -serveftp.net serveftp.org servegame.org -shacknet.nu -simple-url.com -space-to-rent.com stuff-4-sale.org -stuff-4-sale.us -teaches-yoga.com -thruhere.net -traeumtgerade.de -webhop.biz -webhop.info -webhop.net webhop.org +better-than.tv +dyndns.tv +on-the-web.tv worse-than.tv -writesthisblog.com +is-by.us +land-4-sale.us +stuff-4-sale.us +dyndns.ws +mypets.ws // ddnss.de : https://www.ddnss.de/ // Submitted by Robert Niedziela <webmaster@ddnss.de> ddnss.de dyn.ddnss.de dyndns.ddnss.de -dyndns1.de dyn-ip24.de +dyndns1.de home-webserver.de dyn.home-webserver.de myhome-server.de @@ -12987,8 +12990,8 @@ ddnss.org // Definima : http://www.definima.com/ // Submitted by Maxence Bitterli <maxence@definima.com> -definima.net definima.io +definima.net // DigitalOcean App Platform : https://www.digitalocean.com/products/app-platform/ // Submitted by Braxton Huggins <psl-maintainers@digitalocean.com> @@ -13153,6 +13156,11 @@ us-2.evennode.com us-3.evennode.com us-4.evennode.com +// Expo : https://expo.dev/ +// Submitted by James Ide <psl@expo.dev> +expo.app +staging.expo.app + // eDirect Corp. : https://hosting.url.com.tw/ // Submitted by C.S. chang <cschang@corp.url.com.tw> twmail.cc @@ -13251,8 +13259,6 @@ u.channelsdvr.net edgecompute.app fastly-edge.com fastly-terrarium.com -fastlylb.net -map.fastlylb.net freetls.fastly.net map.fastly.net a.prod.fastly.net @@ -13260,6 +13266,8 @@ global.prod.fastly.net a.ssl.fastly.net b.ssl.fastly.net global.ssl.fastly.net +fastlylb.net +map.fastlylb.net // Fastmail : https://www.fastmail.com/ // Submitted by Marc Bradshaw <marc@fastmailteam.com> @@ -13329,8 +13337,8 @@ flutterflow.app // fly.io: https://fly.io // Submitted by Kurt Mackey <kurt@fly.io> fly.dev -edgeapp.net shw.io +edgeapp.net // Flynn : https://flynn.io // Submitted by Jonathan Rudenberg <jonathan@flynn.io> @@ -13419,6 +13427,8 @@ aliases121.com // GDS : https://www.gov.uk/service-manual/technology/managing-domain-names // Submitted by Stephen Ford <hostmaster@digital.cabinet-office.gov.uk> +campaign.gov.uk +service.gov.uk independent-commission.uk independent-inquest.uk independent-inquiry.uk @@ -13426,8 +13436,6 @@ independent-panel.uk independent-review.uk public-inquiry.uk royal-commission.uk -campaign.gov.uk -service.gov.uk // CDDO : https://www.gov.uk/guidance/get-an-api-domain-on-govuk // Submitted by Jamie Tanna <jamie.tanna@digital.cabinet-office.gov.uk> @@ -13615,71 +13623,64 @@ ro.im goip.de // Google, Inc. -// Submitted by Eduardo Vela <evn@google.com> -*.run.app -web.app -*.0emm.com -appspot.com -*.r.appspot.com -codespot.com -googleapis.com -googlecode.com -pagespeedmobilizer.com -publishproxy.com -withgoogle.com -withyoutube.com -*.gateway.dev -cloud.goog -translate.goog -*.usercontent.goog -cloudfunctions.net +// Submitted by Shannon McCabe <public-suffix-editors@google.com> blogspot.ae blogspot.al blogspot.am +*.hosted.app +*.run.app +web.app +blogspot.com.ar +blogspot.co.at +blogspot.com.au blogspot.ba blogspot.be blogspot.bg blogspot.bj +blogspot.com.br +blogspot.com.by blogspot.ca blogspot.cf blogspot.ch blogspot.cl -blogspot.co.at -blogspot.co.id -blogspot.co.il -blogspot.co.ke -blogspot.co.nz -blogspot.co.uk -blogspot.co.za -blogspot.com -blogspot.com.ar -blogspot.com.au -blogspot.com.br -blogspot.com.by blogspot.com.co -blogspot.com.cy -blogspot.com.ee -blogspot.com.eg -blogspot.com.es -blogspot.com.mt -blogspot.com.ng -blogspot.com.tr -blogspot.com.uy +*.0emm.com +appspot.com +*.r.appspot.com +blogspot.com +codespot.com +googleapis.com +googlecode.com +pagespeedmobilizer.com +publishproxy.com +withgoogle.com +withyoutube.com blogspot.cv +blogspot.com.cy blogspot.cz blogspot.de +*.gateway.dev blogspot.dk +blogspot.com.ee +blogspot.com.eg +blogspot.com.es blogspot.fi blogspot.fr +cloud.goog +translate.goog +*.usercontent.goog blogspot.gr blogspot.hk blogspot.hr blogspot.hu +blogspot.co.id blogspot.ie +blogspot.co.il blogspot.in blogspot.is blogspot.it blogspot.jp +blogspot.co.ke blogspot.kr blogspot.li blogspot.lt @@ -13687,10 +13688,14 @@ blogspot.lu blogspot.md blogspot.mk blogspot.mr +blogspot.com.mt blogspot.mx blogspot.my +cloudfunctions.net +blogspot.com.ng blogspot.nl blogspot.no +blogspot.co.nz blogspot.pe blogspot.pt blogspot.qa @@ -13704,9 +13709,13 @@ blogspot.si blogspot.sk blogspot.sn blogspot.td +blogspot.com.tr blogspot.tw blogspot.ug +blogspot.co.uk +blogspot.com.uy blogspot.vn +blogspot.co.za // Goupile : https://goupile.fr // Submitted by Niels Martignene <hello@goupile.fr> @@ -13739,8 +13748,8 @@ conf.se // Handshake : https://handshake.org // Submitted by Mike Damm <md@md.vc> -hs.zone hs.run +hs.zone // Hashbang : https://hashbang.sh hashbang.sh @@ -13813,6 +13822,10 @@ ie.ua // HostyHosting (hostyhosting.com) hostyhosting.io +// Hypernode B.V. : https://www.hypernode.com/ +// Submitted by Cipriano Groenendal <security@nl.team.blue> +hypernode.io + // Häkkinen.fi // Submitted by Eero Häkkinen <Eero+psl@Häkkinen.fi> häkkinen.fi @@ -13833,8 +13846,8 @@ iliadboxos.it // Impertrix Solutions : <https://impertrixcdn.com> // Submitted by Zhixiang Zhao <csuite@impertrix.com> -impertrixcdn.com impertrix.com +impertrixcdn.com // Incsub, LLC: https://incsub.com/ // Submitted by Aaron Edwards <sysadmins@incsub.com> @@ -13851,10 +13864,10 @@ in-berlin.de in-brb.de in-butter.de in-dsl.de -in-dsl.net -in-dsl.org in-vpn.de +in-dsl.net in-vpn.net +in-dsl.org in-vpn.org // info.at : http://www.info.at/ @@ -14029,13 +14042,13 @@ jotelulu.cloud // JouwWeb B.V. : https://www.jouwweb.nl // Submitted by Camilo Sperberg <tech@webador.com> -jouwweb.site webadorsite.com +jouwweb.site // Joyent : https://www.joyent.com/ // Submitted by Brian Bennett <brian.bennett@joyent.com> -*.triton.zone *.cns.joyent.com +*.triton.zone // JS.ORG : http://dns.js.org // Submitted by Stefan Keim <admin@js.org> @@ -14077,8 +14090,8 @@ oya.to // Katholieke Universiteit Leuven: https://www.kuleuven.be // Submitted by Abuse KU Leuven <abuse@kuleuven.be> -kuleuven.cloud ezproxy.kuleuven.be +kuleuven.cloud // .KRD : http://nic.krd/data/krd/Registration%20Policy.pdf co.krd @@ -14086,8 +14099,8 @@ edu.krd // Krellian Ltd. : https://krellian.com // Submitted by Ben Francis <ben@krellian.com> -krellian.net webthings.io +krellian.net // LCube - Professional hosting e.K. : https://www.lcube-webhosting.de // Submitted by Lars Laehn <info@lcube.de> @@ -14121,8 +14134,8 @@ co.technology // linkyard ldt: https://www.linkyard.ch/ // Submitted by Mario Siegenthaler <mario.siegenthaler@linkyard.ch> -linkyard.cloud linkyard-cloud.ch +linkyard.cloud // Linode : https://linode.com // Submitted by <security@linode.com> @@ -14177,11 +14190,9 @@ lugs.org.uk // Lukanet Ltd : https://lukanet.com // Submitted by Anton Avramov <register@lukanet.com> barsy.bg -barsy.co.uk -barsyonline.co.uk +barsy.club barsycenter.com barsyonline.com -barsy.club barsy.de barsy.eu barsy.in @@ -14200,6 +14211,8 @@ barsy.shop barsy.site barsy.support barsy.uk +barsy.co.uk +barsyonline.co.uk // Magento Commerce // Submitted by Damien Tournoud <dtournoud@magento.cloud> @@ -14230,8 +14243,8 @@ mcpe.me // Submitted by Evgeniy Subbotin <e.subbotin@mchost.ru> mcdir.me mcdir.ru -mcpre.ru vps.mcdir.ru +mcpre.ru // Mediatech : https://mediatech.by // Submitted by Evgeniy Kozhuhovskiy <ugenk@mediatech.by> @@ -14280,10 +14293,9 @@ co.pl // Microsoft Azure : https://home.azure *.azurecontainer.io azure-api.net +azure-mobile.net azureedge.net azurefd.net -azurewebsites.net -azure-mobile.net azurestaticapps.net 1.azurestaticapps.net 2.azurestaticapps.net @@ -14297,6 +14309,7 @@ eastasia.azurestaticapps.net eastus2.azurestaticapps.net westeurope.azurestaticapps.net westus2.azurestaticapps.net +azurewebsites.net cloudapp.net trafficmanager.net blob.core.windows.net @@ -14335,8 +14348,8 @@ pp.ru // Mythic Beasts : https://www.mythic-beasts.com // Submitted by Paul Cammish <kelduum@mythic-beasts.com> hostedpi.com -customer.mythic-beasts.com caracal.mythic-beasts.com +customer.mythic-beasts.com fentiger.mythic-beasts.com lynx.mythic-beasts.com ocelot.mythic-beasts.com @@ -14418,6 +14431,10 @@ noop.app // Submitted by Laurent Pellegrino <security@noticeable.io> noticeable.news +// Notion Labs, Inc : https://www.notion.so/ +// Submitted by Jess Yao <trust-core-team@makenotion.com> +notion.site + // Now-DNS : https://now-dns.com // Submitted by Steve Russell <steve@now-dns.com> dnsking.ch @@ -14453,91 +14470,91 @@ nerdpol.ovh // No-IP.com : https://noip.com/ // Submitted by Deven Reza <publicsuffixlist@noip.com> +mmafan.biz +myftp.biz +no-ip.biz +no-ip.ca +fantasyleague.cc +gotdns.ch +3utilities.com blogsyte.com -brasilia.me -cable-modem.org ciscofreak.com -collegefan.org -couchpotatofries.org damnserver.com -ddns.me +ddnsking.com ditchyourip.com -dnsfor.me dnsiskinky.com -dvrcam.info dynns.com -eating-organic.net -fantasyleague.cc geekgalaxy.com -golffan.us health-carereform.com homesecuritymac.com homesecuritypc.com -hopto.me -ilovecollege.info -loginto.me -mlbfan.org -mmafan.biz myactivedirectory.com -mydissent.net -myeffect.net -mymediapc.net -mypsx.net mysecuritycamera.com -mysecuritycamera.net -mysecuritycamera.org +myvnc.com net-freaks.com -nflfan.org -nhlfan.net -no-ip.ca -no-ip.co.uk -no-ip.net -noip.us onthewifi.com -pgafan.net point2this.com -pointto.us -privatizehealthinsurance.net quicksytes.com -read-books.org securitytactics.com +servebeer.com +servecounterstrike.com serveexchange.com +serveftp.com +servegame.com +servehalflife.com +servehttp.com servehumour.com +serveirc.com +servemp3.com servep2p.com +servepics.com +servequake.com servesarcasm.com stufftoread.com -ufcfan.org unusualperson.com workisboring.com -3utilities.com -bounceme.net -ddns.net -ddnsking.com -gotdns.ch -hopto.org -myftp.biz -myftp.org -myvnc.com -no-ip.biz +dvrcam.info +ilovecollege.info no-ip.info -no-ip.org +brasilia.me +ddns.me +dnsfor.me +hopto.me +loginto.me noip.me +webhop.me +bounceme.net +ddns.net +eating-organic.net +mydissent.net +myeffect.net +mymediapc.net +mypsx.net +mysecuritycamera.net +nhlfan.net +no-ip.net +pgafan.net +privatizehealthinsurance.net redirectme.net -servebeer.com serveblog.net -servecounterstrike.com -serveftp.com -servegame.com -servehalflife.com -servehttp.com -serveirc.com serveminecraft.net -servemp3.com -servepics.com -servequake.com sytes.net -webhop.me +cable-modem.org +collegefan.org +couchpotatofries.org +hopto.org +mlbfan.org +myftp.org +mysecuritycamera.org +nflfan.org +no-ip.org +read-books.org +ufcfan.org zapto.org +no-ip.co.uk +golffan.us +noip.us +pointto.us // NodeArt : https://nodeart.io // Submitted by Konstantin Nosov <Nosov@nodeart.io> @@ -14557,6 +14574,7 @@ prvcy.page // Observable, Inc. : https://observablehq.com // Submitted by Mike Bostock <dns@observablehq.com> +observablehq.cloud static.observableusercontent.com // Octopodal Solutions, LLC. : https://ulterius.io/ @@ -14577,25 +14595,25 @@ omniwe.site // One.com: https://www.one.com/ // Submitted by Jacob Bunk Nielsen <jbn@one.com> -123hjemmeside.dk -123hjemmeside.no -123homepage.it -123kotisivu.fi -123minsida.se -123miweb.es -123paginaweb.pt -123siteweb.fr 123webseite.at -123webseite.de 123website.be +simplesite.com.br 123website.ch +simplesite.com +123webseite.de +123hjemmeside.dk +123miweb.es +123kotisivu.fi +123siteweb.fr +simplesite.gr +123homepage.it 123website.lu 123website.nl +123hjemmeside.no service.one -simplesite.com -simplesite.com.br -simplesite.gr simplesite.pl +123paginaweb.pt +123minsida.se // One Fold Media : http://www.onefoldmedia.com/ // Submitted by Eddie Jones <eddie@onefoldmedia.com> @@ -14645,8 +14663,8 @@ outsystemscloud.com // OVHcloud: https://ovhcloud.com // Submitted by Vincent Cassé <vincent.casse@ovhcloud.com> -*.webpaas.ovh.net *.hosting.ovh.net +*.webpaas.ovh.net // OwnProvider GmbH: http://www.ownprovider.com // Submitted by Jan Moennich <jan.moennich@ownprovider.com> @@ -14699,8 +14717,8 @@ zakopane.pl // Pantheon Systems, Inc. : https://pantheon.io/ // Submitted by Gary Dylina <gary@pantheon.io> -pantheonsite.io gotpantheon.com +pantheonsite.io // Peplink | Pepwave : http://peplink.com/ // Submitted by Steve Leung <steveleung@peplink.com> @@ -14736,9 +14754,9 @@ platterp.us // Plesk : https://www.plesk.com/ // Submitted by Anton Akhtyamov <program-managers@plesk.com> +pleskns.com pdns.page plesk.page -pleskns.com // Pley AB : https://www.pley.com/ // Submitted by Henning Pohl <infra@pley.com> @@ -14869,8 +14887,8 @@ g.vbrplsbx.io // Rancher Labs, Inc : https://rancher.com // Submitted by Vincent Fiduccia <domains@rancher.com> -*.on-k3s.io *.on-rancher.cloud +*.on-k3s.io *.on-rio.io // Read The Docs, Inc : https://www.readthedocs.org @@ -14883,8 +14901,8 @@ rhcloud.com // Render : https://render.com // Submitted by Anurag Goel <dev@render.com> -app.render.com onrender.com +app.render.com // Repl.it : https://repl.it // Submitted by Lincoln Bergeson <psl@repl.it> @@ -15029,8 +15047,8 @@ sandcats.io // SBE network solutions GmbH : https://www.sbe.de/ // Submitted by Norman Meilick <nm@sbe.de> -logoip.de logoip.com +logoip.de // Scaleway : https://www.scaleway.com/ // Submitted by Rémy Léone <rleone@scaleway.com> @@ -15119,6 +15137,10 @@ biz.ua co.ua pp.ua +// Sheezy.Art : https://sheezy.art +// Submitted by Nyoom <admin@sheezy.art> +sheezy.games + // Shift Crypto AG : https://shiftcrypto.ch // Submitted by alex <alex@shiftcrypto.ch> shiftcrypto.dev @@ -15223,8 +15245,8 @@ stackit.zone // Staclar : https://staclar.com // Submitted by Q Misell <q@staclar.com> -musician.io // Submitted by Matthias Merkel <matthias.merkel@staclar.com> +musician.io novecore.site // staticland : https://static.land @@ -15336,8 +15358,8 @@ su.paba.se // Symfony, SAS : https://symfony.com/ // Submitted by Fabien Potencier <fabien@symfony.com> -*.s5y.io *.sensiosite.cloud +*.s5y.io // Syncloud : https://syncloud.org // Submitted by Boris Rybalkin <syncloud@syncloud.it> @@ -15359,14 +15381,14 @@ dsmynas.net familyds.net dsmynas.org familyds.org -vpnplus.to direct.quickconnect.to +vpnplus.to // Tabit Technologies Ltd. : https://tabit.cloud/ // Submitted by Oren Agiv <oren@tabit.cloud> -tabitorder.co.il -mytabit.co.il mytabit.com +mytabit.co.il +tabitorder.co.il // TAIFUN Software AG : http://taifun-software.de // Submitted by Bjoern Henke <dev-server@taifun-software.de> @@ -15407,11 +15429,11 @@ telebit.io reservd.com thingdustdata.com cust.dev.thingdust.io +reservd.dev.thingdust.io cust.disrec.thingdust.io +reservd.disrec.thingdust.io cust.prod.thingdust.io cust.testing.thingdust.io -reservd.dev.thingdust.io -reservd.disrec.thingdust.io reservd.testing.thingdust.io // ticket i/O GmbH : https://ticket.io @@ -15473,8 +15495,6 @@ tuxfamily.org // TwoDNS : https://www.twodns.de/ // Submitted by TwoDNS-Support <support@two-dns.de> dd-dns.de -diskstation.eu -diskstation.org dray-dns.de draydns.de dyn-vpn.de @@ -15485,6 +15505,8 @@ my-wan.de syno-ds.de synology-diskstation.de synology-ds.de +diskstation.eu +diskstation.org // Typedream : https://typedream.com // Submitted by Putri Karunia <putri@typedream.com> @@ -15496,15 +15518,15 @@ pro.typeform.com // Uberspace : https://uberspace.de // Submitted by Moritz Werner <mwerner@jonaspasche.com> -uber.space *.uberspace.de +uber.space // UDR Limited : http://www.udr.hk.com // Submitted by registry <hostmaster@udr.hk.com> hk.com -hk.org -ltd.hk inc.hk +ltd.hk +hk.org // UK Intis Telecom LTD : https://it.com // Submitted by ITComdomains <to@it.com> @@ -15525,8 +15547,8 @@ org.yt // United Gameserver GmbH : https://united-gameserver.de // Submitted by Stefan Schwarz <sysadm@united-gameserver.de> -virtualuser.de virtual-user.de +virtualuser.de // Upli : https://upli.io // Submitted by Lenny Bakkalian <lenny.bakkalian@gmail.com> @@ -15541,6 +15563,11 @@ dnsupdate.info // Submitted by Ed Moore <Ed.Moore@lib.de.us> lib.de.us +// Val Town, Inc : https://val.town/ +// Submitted by Tom MacWright <security@val.town> +express.val.run +web.val.run + // VeryPositive SIA : http://very.lv // Submitted by Danko Aleksejevs <danko@very.lv> 2038.io @@ -15586,10 +15613,10 @@ webflowtest.io // WebHotelier Technologies Ltd: https://www.webhotelier.net/ // Submitted by Apostolos Tsakpinis <apostolos.tsakpinis@gmail.com> -reserve-online.net -reserve-online.com bookonline.app hotelwithflight.com +reserve-online.com +reserve-online.net // WebWaddle Ltd: https://webwaddle.com/ // Submitted by Merlin Glander <hostmaster@webwaddle.com> @@ -15605,21 +15632,33 @@ wedeploy.sh // Submitted by Jung Jin <jungseok.jin@wdc.com> remotewd.com +// Whatbox Inc. : https://whatbox.ca/ +// Submitted by Anthony Ryan <servers@whatbox.ca> +box.ca + // WIARD Enterprises : https://wiardweb.com // Submitted by Kidd Hustle <kiddhustle@wiardweb.com> pages.wiardweb.com // Wikimedia Labs : https://wikitech.wikimedia.org // Submitted by Arturo Borrero Gonzalez <aborrero@wikimedia.org> -wmflabs.org toolforge.org wmcloud.org +wmflabs.org // WISP : https://wisp.gg // Submitted by Stepan Fedotov <stepan@wisp.gg> panel.gg daemon.panel.gg +// Wix.com, Inc. : https://www.wix.com +// Submitted by Shahar Talmi / Alon Kochba <publicsuffixlist@wix.com> +wixsite.com +wixstudio.com +editorx.io +wixstudio.io +wix.run + // Wizard Zines : https://wizardzines.com // Submitted by Julia Evans <julia@wizardzines.com> messwithdns.com @@ -15645,13 +15684,6 @@ weeklylottery.org.uk wpenginepowered.com js.wpenginepowered.com -// Wix.com, Inc. : https://www.wix.com -// Submitted by Shahar Talmi <shahar@wix.com> -wixsite.com -editorx.io -wixstudio.io -wix.run - // XenonCloud GbR: https://xenoncloud.net // Submitted by Julian Uphoff <publicsuffixlist@xenoncloud.net> half.host @@ -15707,6 +15739,10 @@ za.org // Submitted by Julian Alker <security@zap-hosting.com> zap.cloud +// Zeabur : https://zeabur.com/ +// Submitted by Zeabur Team <contact@zeabur.com> +zeabur.app + // Zine EOOD : https://zine.bg/ // Submitted by Martin Angelov <martin@zine.bg> bss.design diff --git a/netwerk/dns/nsDNSService2.cpp b/netwerk/dns/nsDNSService2.cpp index 68a76a0c1f..b688daadc9 100644 --- a/netwerk/dns/nsDNSService2.cpp +++ b/netwerk/dns/nsDNSService2.cpp @@ -874,7 +874,7 @@ nsDNSService::Init() { do_GetService("@mozilla.org/network/oblivious-http-service;1")); mTrrService = new TRRService(); - if (NS_FAILED(mTrrService->Init())) { + if (NS_FAILED(mTrrService->Init(mResolver->IsNativeHTTPSEnabled()))) { mTrrService = nullptr; } @@ -975,6 +975,15 @@ nsresult nsDNSService::PreprocessHostname(bool aLocalDomain, return NS_OK; } +bool nsDNSService::IsLocalDomain(const nsACString& aHostname) const { + bool localDomain = mLocalDomains.Contains(aHostname); + if (StringEndsWith(aHostname, "."_ns)) { + localDomain = localDomain || mLocalDomains.Contains(Substring( + aHostname, 0, aHostname.Length() - 1)); + } + return localDomain; +} + nsresult nsDNSService::AsyncResolveInternal( const nsACString& aHostname, uint16_t type, nsIDNSService::DNSFlags flags, nsIDNSAdditionalInfo* aInfo, nsIDNSListener* aListener, @@ -996,7 +1005,8 @@ nsresult nsDNSService::AsyncResolveInternal( res = mResolver; idn = mIDN; - localDomain = mLocalDomains.Contains(aHostname); + + localDomain = IsLocalDomain(aHostname); } if (mNotifyResolution) { @@ -1076,7 +1086,7 @@ nsresult nsDNSService::CancelAsyncResolveInternal( res = mResolver; idn = mIDN; - localDomain = mLocalDomains.Contains(aHostname); + localDomain = IsLocalDomain(aHostname); } if (!res) { return NS_ERROR_OFFLINE; @@ -1212,7 +1222,7 @@ nsresult nsDNSService::ResolveInternal( MutexAutoLock lock(mLock); res = mResolver; idn = mIDN; - localDomain = mLocalDomains.Contains(aHostname); + localDomain = IsLocalDomain(aHostname); } if (mNotifyResolution) { diff --git a/netwerk/dns/nsDNSService2.h b/netwerk/dns/nsDNSService2.h index 11f22c038e..523abcb613 100644 --- a/netwerk/dns/nsDNSService2.h +++ b/netwerk/dns/nsDNSService2.h @@ -83,6 +83,8 @@ class nsDNSService final : public mozilla::net::DNSServiceBase, nsresult PreprocessHostname(bool aLocalDomain, const nsACString& aInput, nsIIDNService* aIDN, nsACString& aACE); + bool IsLocalDomain(const nsACString& aHostname) const; + nsresult AsyncResolveInternal( const nsACString& aHostname, uint16_t type, nsIDNSService::DNSFlags flags, nsIDNSAdditionalInfo* aInfo, nsIDNSListener* aListener, diff --git a/netwerk/dns/nsHostResolver.cpp b/netwerk/dns/nsHostResolver.cpp index b74b974041..4dcdb3ac79 100644 --- a/netwerk/dns/nsHostResolver.cpp +++ b/netwerk/dns/nsHostResolver.cpp @@ -455,7 +455,8 @@ already_AddRefed<nsHostRecord> nsHostResolver::InitLoopbackRecord( return rec.forget(); } -static bool IsNativeHTTPSEnabled() { +// static +bool nsHostResolver::IsNativeHTTPSEnabled() { if (!StaticPrefs::network_dns_native_https_query()) { return false; } @@ -527,6 +528,7 @@ nsresult nsHostResolver::ResolveHost(const nsACString& aHost, bool excludedFromTRR = false; if (TRRService::Get() && TRRService::Get()->IsExcludedFromTRR(host)) { flags |= nsIDNSService::RESOLVE_DISABLE_TRR; + flags |= nsIDNSService::RESOLVE_DISABLE_NATIVE_HTTPS_QUERY; excludedFromTRR = true; if (!aTrrServer.IsEmpty()) { @@ -1182,8 +1184,14 @@ nsresult nsHostResolver::NameLookup(nsHostRecord* rec, (rec->mEffectiveTRRMode == nsIRequest::TRR_FIRST_MODE && (rec->flags & nsIDNSService::RESOLVE_DISABLE_TRR || serviceNotReady || NS_FAILED(rv)))) { - if (!IsNativeHTTPSEnabled() && !rec->IsAddrRecord()) { - return rv; + if (!rec->IsAddrRecord()) { + if (!IsNativeHTTPSEnabled()) { + return NS_ERROR_UNKNOWN_HOST; + } + + if (rec->flags & nsIDNSService::RESOLVE_DISABLE_NATIVE_HTTPS_QUERY) { + return NS_ERROR_UNKNOWN_HOST; + } } #ifdef DEBUG diff --git a/netwerk/dns/nsHostResolver.h b/netwerk/dns/nsHostResolver.h index 02e6a343f8..15ab3a7349 100644 --- a/netwerk/dns/nsHostResolver.h +++ b/netwerk/dns/nsHostResolver.h @@ -339,6 +339,8 @@ class nsHostResolver : public nsISupports, public AHostResolver { * Called by the networking dashboard via the DnsService2 */ void GetDNSCacheEntries(nsTArray<mozilla::net::DNSCacheEntries>*); + + static bool IsNativeHTTPSEnabled(); }; #endif // nsHostResolver_h__ diff --git a/netwerk/dns/nsIDNSByTypeRecord.idl b/netwerk/dns/nsIDNSByTypeRecord.idl index 13290e260e..89829c5c2a 100644 --- a/netwerk/dns/nsIDNSByTypeRecord.idl +++ b/netwerk/dns/nsIDNSByTypeRecord.idl @@ -32,7 +32,7 @@ native TypeResult(mozilla::net::TypeRecordResultType); native MaybePort(mozilla::Maybe<uint16_t>); native MaybeAlpnTuple(mozilla::Maybe<std::tuple<nsCString, mozilla::net::SupportedAlpnRank>>); -[scriptable, uuid(5d13241b-9d46-448a-90d8-77c418491026)] +[scriptable, builtinclass, uuid(5d13241b-9d46-448a-90d8-77c418491026)] interface nsIDNSByTypeRecord : nsIDNSRecord { /** @@ -43,10 +43,10 @@ interface nsIDNSByTypeRecord : nsIDNSRecord [noscript] readonly attribute TypeResult results; }; -[scriptable, uuid(2a71750d-cb21-45f1-9e1c-666d18dd7645)] +[scriptable, builtinclass, uuid(2a71750d-cb21-45f1-9e1c-666d18dd7645)] interface nsIDNSTXTRecord : nsISupports { - CStringArrayRef getRecords(); + [noscript] CStringArrayRef getRecords(); /* * Return concatenated strings. diff --git a/netwerk/dns/nsIDNSRecord.idl b/netwerk/dns/nsIDNSRecord.idl index 27df2e28be..ebe8869c60 100644 --- a/netwerk/dns/nsIDNSRecord.idl +++ b/netwerk/dns/nsIDNSRecord.idl @@ -26,12 +26,12 @@ interface nsINetAddr; * like an enumerator, allowing the caller to easily step through the * list of IP addresses. */ -[scriptable, uuid(f92228ae-c417-4188-a604-0830a95e7eb9)] +[scriptable, builtinclass, uuid(f92228ae-c417-4188-a604-0830a95e7eb9)] interface nsIDNSRecord : nsISupports { }; -[scriptable, uuid(cb260e20-943f-4309-953b-78c90d3a7638)] +[scriptable, builtinclass, uuid(cb260e20-943f-4309-953b-78c90d3a7638)] interface nsIDNSAddrRecord : nsIDNSRecord { /** diff --git a/netwerk/dns/nsIDNSService.idl b/netwerk/dns/nsIDNSService.idl index c1aecccd8c..8ceb8f3958 100644 --- a/netwerk/dns/nsIDNSService.idl +++ b/netwerk/dns/nsIDNSService.idl @@ -91,9 +91,11 @@ interface nsIDNSService : nsISupports // If set, the DNS service will pass a DNS record to // OnLookupComplete even when there was a resolution error. RESOLVE_WANT_RECORD_ON_ERROR = (1 << 16), + // If set, the native HTTPS query is not allowed. + RESOLVE_DISABLE_NATIVE_HTTPS_QUERY = (1 << 17), // Bitflag containing all possible flags. - ALL_DNSFLAGS_BITS = ((1 << 17) - 1), + ALL_DNSFLAGS_BITS = ((1 << 18) - 1), }; cenum ConfirmationState : 8 { |