localhost bypass not working

foxyproxy / browser-extension

Version 8 and above. Browser extension source code for Firefox, Chrome, and other Chromium-based browsers

GNU General Public License v2.0

198 stars 29 forks source link

localhost bypass not working #134

Closed Explorare closed 1 month ago

Explorare commented 1 month ago

[ENV] Firefox Dev v127.0b1 FoxyProxy v8.9 Windows 10 22H2 v19045.4412

[ISSUE] The requests made by Firefox extensions (Zotero Connector, Eagle) to localhost clients are proxied through SOCKS5 proxy, and the proxy server is flooded by the error message for the requests to the "local" ports.

288	[warning]	[TCP] dial DIRECT (match RuleSet/Lan) 192.168.0.2:40946 --> 127.0.0.1:41595 error: connect failed: dial tcp 127.0.0.1:41595: connect: connection refused
287	[warning]	[TCP] dial DIRECT (match RuleSet/Lan) 192.168.0.2:40947 --> 127.0.0.1:41595 error: connect failed: dial tcp 127.0.0.1:41595: connect: connection refused
286	[warning]	[TCP] dial DIRECT (match RuleSet/Lan) 192.168.0.2:40946 --> 127.0.0.1:41595 error: connect failed: dial tcp 127.0.0.1:41595: connect: connection refused
285	[warning]	[TCP] dial DIRECT (match RuleSet/Lan) 192.168.0.2:40946 --> 127.0.0.1:41595 error: connect failed: dial tcp

I've tried the same settings in MS Edge and it works just right. I've tried to add *://127.0.0.1/* and *://localhost/* into exclude list but it didn't make any difference.

While my proxy server is flooded by the error message, there is nothing captured related in the FoxyProxy log.

erosman commented 1 month ago

The requests made by Firefox extensions (Zotero Connector, Eagle) to localhost clients are proxied through SOCKS5 proxy, and the proxy server is flooded by the error message for the requests to the "local" ports.

I cant comment about other extensions.

I've tried the same settings in MS Edge and it works just right.

Generally, connections to localhost, 127.0.0.1/8, and ::1 are never proxied (by the browser).

FoxyProxy 6-7 on Firefox allowed proxying localhost
On Chrome (and Chromium based browsers) localhost is always bypassed when proxying
Initially, FoxyProxy 8 was released and localhost was bypassed on both Firefox & Chrome
Subsequent to great demand, "Removed localhost & local network passthrough in Firefox (#50, #63, #64, #66, #71)" in version 8.4

I've tried to add *://127.0.0.1/* and *://localhost/* into exclude list but it didn't make any difference.

Try the following in the Global Exclude and see if that solves the issue.

localhost, 127.0.0.1/8

While my proxy server is flooded by the error message, there is nothing captured related in the FoxyProxy log.

FoxyProxy log can only show HTTP/S connections.

elandorr commented 1 month ago

Same here.

'unblock host' button is useless - what it adds does not unproxy localhost

localhost, 127.0.0.1/8 works, and only this exact string

FF ESR

Explorare commented 1 month ago

Thanks for your help. I've tried the localhost, 127.0.0.1/8 but still didn't fix the issue. And here is my settings for FoxyProxy.

{
  "mode": "192.168.0.11:7891",
  "sync": false,
  "autoBackup": false,
  "passthrough": "localhost, 127.0.0.1/8",
  "theme": "",
  "container": {
    "incognito": "",
    "container-1": "",
    "container-2": "",
    "container-3": "",
    "container-4": ""
  },
  "commands": {
    "setProxy": "",
    "setTabProxy": "",
    "quickAdd": ""
  },
  "data": [
    {
      "active": true,
      "title": "HP",
      "type": "socks5",
      "hostname": "192.168.0.11",
      "port": "7891",
      "username": "",
      "password": "",
      "cc": "",
      "city": "",
      "color": "#0080ff",
      "pac": "",
      "pacString": "",
      "proxyDNS": true,
      "include": [],
      "exclude": [
        {
          "type": "regex",
          "title": "127.*.*.*",
          "pattern": "^(http|ws)s?://127(\\.\\d+){3}(\\:\\d+)?/",
          "active": true
        },
        {
          "type": "regex",
          "title": "192.168.*.*",
          "pattern": "^(http|ws)s?://192\\.168(\\.\\d+){2}/",
          "active": true
        },
        {
          "type": "regex",
          "title": "172.16.*.*",
          "pattern": "^(http|ws)s?://172\\.16(\\.\\d+){2}(\\:\\d+)?/",
          "active": true
        },
        {
          "type": "wildcard",
          "title": "Localhost",
          "pattern": "*://localhost(\\:\\d+)?/*",
          "active": true
        },
        {
          "type": "wildcard",
          "title": "moz-extension",
          "pattern": "moz-extension://",
          "active": true
        }
      ]
    },
    {
      "active": true,
      "title": "localhost",
      "type": "http",
      "hostname": "127.0.0.1",
      "port": "7890",
      "username": "",
      "password": "",
      "cc": "",
      "city": "",
      "color": "#ffefd5",
      "pac": "",
      "pacString": "",
      "proxyDNS": true,
      "include": [],
      "exclude": []
    }
  ]
}

erosman commented 1 month ago

"mode": "192.168.0.11:7891",

In "Individual Proxy" mode, the include/exclude patterns are irrelevant. Patterns are only relevant in "Proxy by Patterns".

In this case, all Firefox networks connections will by forwarded to "192.168.0.11:7891" with the exception of "localhost, 127.0.0.1/8" i.e. ://localhost/ and 127.0.0.1 to 127.255.255.254.

[TCP] dial DIRECT (match RuleSet/Lan) 192.168.0.2:40946 --> 127.0.0.1:41595 error: connect failed: dial tcp 127.0.0.1:41595: connect: connection refused

The error does not show which application is making the request. Furthermore, FoxyProxy forwards to the IP 192.168.0.11 and port 7891 while the error relates to the IP 192.168.0.2 and ports 40946 & 40947.

Explorare commented 1 month ago

The error log is from my proxy server running in 192.168.0.11:7891. The browser having issue with is running at the computer with IP 192.168.0.2, the requests from port 40946 should be sent to 41595 at localhost, where the client application is running. But while the proxy is ON, the localhost requests were also sent through it, and been refused by the firewall in the proxy server itself. I think it's a Firefox only issue because it works fine with the same settings in MS Edge. It's not a big issue to me because I have also set up a proxy server in localhost, and it can redirect the requests to localhost correctly. If you are busying in other things or lack information to nail down the cause of the issue, we can close it and wait for more reports. It might just my FF settings are fked up in the past few years.

ericjung commented 1 month ago

I think FoxyProxy is behaving as expected. Here’s why:

You added “localhost, 127.0.0.1/8“ to global exclude, so localhost connections are going through the proxy server at 192.168.0.11:7891 based on the “mode” in the first line of the settings you provided.

Maybe temporarily disable the firewall on 192.168.0.11 to see if it that allows the connections succeed. If they do, tweak the firewall rules.

If you want localhost connections to go to localhost:41595 (your last comment is confusing because it mentions both this and 192.168.0.11), then you need to change the proxy server defined in FoxyProxy to localhost:41595.

I’d really like to help but your last comment had conflicting information.

Explorare commented 1 month ago

The issue is fixed by adding http://localhost:* to global exclude list. It works just fine without this tweak for MS Edge. So there must be something making this different behavior but since there is a work around, I will close the issue. Thanks for your help.