search

brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.
https://brave.com
Mozilla Public License 2.0
17.82k stars 2.33k forks source link

Support Unstoppable Domains via DoH behind a feature flag #14099

Closed yrliou closed 3 years ago

yrliou commented 3 years ago

Support the name resolution of unstoppable domains via https://resolver.unstoppable.io/dns-query endpoint when the feature is enabled in brave://flags and user set the resolve method to public DoH server.

Settings

settings

Under brave://settings/extensions, a new dropdown box setting for unstoppable domain resolution will be added, and the default value will be “Ask”.

Onboarding

interstitial

(Above screenshot is an initial version of the interstitial page, it will be updated to match design spec.) When the unstoppable domain resolution setting is “Ask”, an interstitial page will be shown when users try to visit .crypto domains for users to opt in. If users choose to proceed, the setting will be changed to “Public DNS over HTTPS server”, and the page will be reloaded and resolved using the DNS gateway, future navigations to .crypto domains will be resolved using the same DNS gateway. If users click “Don’t ask again”, the setting will be set to disabled.

DNS gateway

When a user input an address with a known TLD from unstoppable domains (ex: .crypto domains) in the browser URL bar, the domain name will be resolved through a DNS gateway which supports the resolution of unstoppable domains. Brave will use https://resolver.unstoppable.io/dns-query endpoint provided by Unstoppable Domains, which is a proxy to https://eth.resolver.cloudflare-eth.com/dns-query, as the DNS gateway. It will be responsible for making calls to Ethereum smart contracts using the Ethereum JSON RPC to resolve the address. This DNS gateway will be added into the browser's DNS over HTTPS providers, but will only be used for resolving known TLD from Unstoppable Domains. Because this method requires DNS over HTTPS support, we will not resolve Unstoppable Domains if DoH is disabled either by user or by policy regardless of the value of user setting for Unstoppable Domain resolution. Using DNS gateway is a simpler method which could be used by default for all our users without introducing overhead of making calls to Ethereum, and is using the protocols (HTTP, DNS) which are well supported by the browser. However, it does come with a downside that the decentralization is decreased due to the introduction of the hosted DNS gateway, so in the future we will also provide the option to resolve via ethereum directly to users.

Recognizing TLDs from unstoppable domains

In order to make URLs with known TLDs from unstoppable domains to be categorized as URL when users input them in the location bar, we will treat these TLDs as known TLDs from the public suffix list. With this, the first entry in the dropdown list will be URL as shown below.

Screen Shot 2021-02-10 at 3 09 16 PM
stephendonner commented 3 years ago

Verified FIXED using nightly with the testplan from https://github.com/brave/brave-core/pull/7702 on

Brave 1.23.19 Chromium: 89.0.4389.72 (Official Build) nightly (x86_64)
Revision 3f345f156bfd157bd1bea06310e55f3fb2490359-refs/branch-heads/4389@{#1393}
OS macOS Version 11.2.2 (Build 20D80)

  1. Open Brave and visit brave.crypto, it should show error page saying This site can’t be reached.

    screenshot Screen Shot 2021-03-04 at 2 51 36 PM

  2. Go to settings, search for unstoppable, there should be no unstoppable domains resolve method setting.

screenshot Screen Shot 2021-03-04 at 2 54 09 PM
  1. Go to brave://flags and search for unstoppable and enable the feature flag.
screenshot Screen Shot 2021-03-04 at 2 55 13 PM
  1. Restart browser and go to brave.crypto should now should the interstitial for users to opt-in unstoppable domains support.
screenshot Screen Shot 2021-03-04 at 2 56 19 PM
  1. Click Disable, should now see site can't be reached and Method to resolve unstoppable domains in brave://settings should now be Disabled.
screenshots Screen Shot 2021-03-04 at 2 57 51 PM | Screen Shot 2021-03-04 at 2 59 19 PM
  1. Change the resolve method setting back to ask and visit brave.crypto again.
screenshot Screen Shot 2021-03-04 at 2 59 33 PM
  1. Opt-in interstitial should be shown again, and this time click Proceed using Cloudflare server.
  2. Page should be loaded now. (Note that there will be a brief moment that it is showing site is not reached while the page is loading, this is a known and will be addressed in a new issue.)
screenshot Screen Shot 2021-03-04 at 3 01 52 PM
  1. Method to resolve unstoppable domains in brave://settings should now be Public DNS over HTTP server.
screenshot Screen Shot 2021-03-04 at 3 03 02 PM
  1. Open a new tab and visit brad.crypto, page should be loaded normally without any interstitial pages.
screenshot Screen Shot 2021-03-04 at 3 03 39 PM

Additionally, I filed https://github.com/brave/brave-browser/issues/14478 for the cropped Public DNS over HTTPS serv text in the select widget.

Verification passed on

Brave | 1.22.65 Chromium: 89.0.4389.90 (Official Build) (64-bit)
-- | --
Revision | 62eb262cdaae9ef819aadd778193781455ec7a49-refs/branch-heads/4389@{#1534}
OS | Windows 10 OS Version 2004 (Build 19041.867)
  1. Open Brave and visit brave.crypto and ensured opt-in interstitial page is opened (as per the issue description https://github.com/brave/brave-browser/issues/14488#issue-822797722)
screenshot ![image](https://user-images.githubusercontent.com/38657976/111815792-162e3900-8902-11eb-802d-18a2bdd2a504.png)
  1. Go to settings, search for unstoppable, there is Method to resolve Unstoppable Domains settings set to Ask by default
    screenshot

image

  1. Ensured that open http://brave.crypto/ in normal tab is showing up This site can’t be reached page when Method to resolve Unstoppable Domains is set to Disable in brave://settings
    screenshot

image

6,7 and 8. Set the Method to resolve Unstoppable Domains is set to Ask again in brave://settings and ensured reload the page http://brave.crypto/ opens up an interstitial page and click on proceed opens up the http://brave.crypto/ page

screenshot ![image](https://user-images.githubusercontent.com/38657976/111964138-4b14d880-8b1a-11eb-8fac-7d117eecc6e6.png) ![image](https://user-images.githubusercontent.com/38657976/111964216-641d8980-8b1a-11eb-8513-e6cec5866eb7.png)
  1. Ensured Method to resolve unstoppable domains in brave://settings is set to Public DNS over HTTP server
screenshot ![image](https://user-images.githubusercontent.com/38657976/111964460-a47d0780-8b1a-11eb-8bd9-d2b2daceba67.png)
  1. Ensured open a new tab and visit brave.crypto page loads normally without any interstitial pages.

Verification passed on

Brave 1.22.66 Chromium: 89.0.4389.90 (Official Build) (64-bit)
Revision 62eb262cdaae9ef819aadd778193781455ec7a49-refs/branch-heads/4389@{#1534}
OS Ubuntu 18.04 LTS
  1. Open Brave and visit brave.crypto and ensured opt-in interstitial page is opened (as per the issue description https://github.com/brave/brave-browser/issues/14488#issue-822797722)
screenshot ![image](https://user-images.githubusercontent.com/34715963/111986358-261a6880-8b0e-11eb-9b0e-935378783c4c.png)
  1. Go to settings, search for unstoppable, there is Method to resolve Unstoppable Domains settings set to Ask by default
    screenshot

image

  1. Ensured that open http://brave.crypto/ in normal tab is showing up This site can’t be reached page when Method to resolve Unstoppable Domains is set to Disable in brave://settings
    screenshot

image

6,7 and 8. Set the Method to resolve Unstoppable Domains is set to Ask again in brave://settings and ensured reload the page http://brave.crypto/ opens up an interstitial page and click on proceed opens up the http://brave.crypto/ page

screenshot ![image](https://user-images.githubusercontent.com/34715963/111986649-87dad280-8b0e-11eb-8665-f7a9bd148bfa.png) ![image](https://user-images.githubusercontent.com/34715963/111986693-94f7c180-8b0e-11eb-921c-fa64515fa863.png)
  1. Ensured Method to resolve unstoppable domains in brave://settings is set to Public DNS over HTTP server
screenshot ![image](https://user-images.githubusercontent.com/34715963/111986951-dab48a00-8b0e-11eb-8663-cb7fc15d89cd.png)
  1. Ensured open a new tab and visit brave.crypto page loads normally without any interstitial pages.