DNS leak (HTTPS RR / SVCB) with WebExtension Proxy in Firefox #487
Description
Description
When using proxy in Firefox using a WebExtension-based proxy manager, a DNS leak occurs. I've tried SmartProxy / ZeroOmega.
Specifically, the domain names of the websites visited leak via type65 DNS queries to the system's local DNS server. (type65 is HTTPS RR / SVCB)
This issue does not occur when the proxy is configured using Firefox's built-in proxy settings
Steps to Reproduce
- On a Linux machine, run the following command to monitor DNS traffic:
sudo tcpdump -l -i any -n 'dst port 53 and (udp)' - Perform the following tests with Firefox (I use v140):
- No Proxy Set: You will observe
A,AAAA, andtype65queries being sent to the local DNS server. - Using Firefox's Built-in Proxy Settings: No DNS queries will be visible in the TCP dump.
- Using a WebExtension-based Proxy:
type65queries are visibly leaking to the local DNS server.
- No Proxy Set: You will observe
Notes:
- In Firefox settings, setting DNS over HTTPS to Off may help reproducing the issue
- Firefox doesn't do the HTTPS RR DNS query for every website. Try several different websites to reproduce
- Use new profile. You may need to clear all caches and datas and restart, in case of the HTTP RR data is cached locally, which prevent you from reproducing
Which browsers did you test this on?
Firefox
Affected browser versions
140
Affected SmartProxy versions
latest
Screenshots of the problems or steps to reproduce
No response
Any additional context
- The issue only occurs with WebExtension-based proxy managers.
- The DNS queries being leaked are specifically of
type65, which corresponds toHTTPS RR/ SVCB. More onHTTPS RR: MDN: HTTPS Resource Record.
When using a WebExtension-based proxy manager with a full proxy, DNS queries (including type65) should be routed exclusively through the proxy, not leaked to the local DNS server.
Please investigate the handling of type65 queries when using WebExtension-based proxy configurations. Thank you.