search

brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.
https://brave.com
Mozilla Public License 2.0
17.61k stars 2.29k forks source link

Patch chrome.dns.resolve to support canonical_name flag #7117

Open jonathansampson opened 4 years ago

jonathansampson commented 4 years ago

Description

Chromium presently supports IP address resolution:

chrome.dns.resolve('www.brave.com', response => {
  console.log(response.address)
})

In order to combat CNAME-trackers, uBO and others are evaluating Firefox's implementation of the DNS API, which supports passing optional flags:

chrome.dns.resolve('www.brave.com', ['canonical_name']).then( response => {
  console.log(response.canonicalName)
})

There are many other optional flags, but CNAME appears to be the most necessary for now.

Note: Chromium expects a callback as the second argument. Firefox, however, returns a promise.

ryanbr commented 4 years ago

Related Ubo CNAME issues: https://github.com/easylist/easylist/issues/5039

pes10k commented 4 years ago

re uBO+FF CNAME blocking: https://github.com/gorhill/uBlock/wiki/Advanced-settings#cnameignorelist

Looks like no special syntax is needed (though there is syntax to opt out of CNAME filtering), but that uBO just follows the CNAME chain and reapplies for each host, replacing it in the URL.

So the algo would be keep going through CNAMEs until you find an important or an exception rule, and if the result is that any of the URLs in the chain are blocked, then block.

antonok-edm commented 3 years ago

I think the primary use-case here was adblocking, which was just addressed with https://github.com/brave/brave-core/pull/6640. Are there any other kinds of extensions which might benefit from having this API available?

pes10k commented 3 years ago

@antonok-edm the idea here is that it might be worth exposing for other extensions that might do adblocking in other ways than brave-core does (folks might want to do disconnect or uBO on top of adblock-rust).

I think it'd be a nice to expose the capability to other extensions if it was easy to do, but if its a medium-to-big lift (say, more than 1-2 days work) its prob not worth doing

antonok-edm commented 3 years ago

FWIW uBlock Origin only even bothers to check for the presence of browser.dns on Firefox. It just assumes it doesn't exist on Chromium, so it won't even work out of the box.

https://github.com/gorhill/uBlock/blob/11d24abea01fdb1c7070a2940dfda6e43cfe0c2c/platform/firefox/vapi-webrequest.js#L53

hackademix commented 2 years ago

FWIW uBlock Origin only even bothers to check for the presence of browser.dns on Firefox. It just assumes it doesn't exist on Chromium, so it won't even work out of the box.

https://github.com/gorhill/uBlock/blob/11d24abea01fdb1c7070a2940dfda6e43cfe0c2c/platform/firefox/vapi-webrequest.js#L53

It wouldn't work anyway: even if uBlock could leverage this API, it couldn't be useful on Chromium because webRequest there doesn't support asynchronous responses and dns.resolve() is asynchronous in nature.