From d75995e17b64f076bb24a819bde3d54969909d32 Mon Sep 17 00:00:00 2001 From: Nihanth Subramanya Date: Wed, 23 Sep 2020 06:36:10 +0000 Subject: [PATCH] Bug 1666676 - Use fully-qualified names for all lookups performed by DoH heuristics. r=valentin Differential Revision: https://phabricator.services.mozilla.com/D91091 --- browser/components/doh/DoHHeuristics.jsm | 22 +++++++++++----------- browser/components/doh/TRRPerformance.jsm | 10 ++++++++-- 2 files changed, 19 insertions(+), 13 deletions(-) diff --git a/browser/components/doh/DoHHeuristics.jsm b/browser/components/doh/DoHHeuristics.jsm index 2a0751a6e4cc..c818f301b216 100644 --- a/browser/components/doh/DoHHeuristics.jsm +++ b/browser/components/doh/DoHHeuristics.jsm @@ -43,7 +43,7 @@ ChromeUtils.defineModuleGetter( "resource://gre/modules/Preferences.jsm" ); -const GLOBAL_CANARY = "use-application-dns.net"; +const GLOBAL_CANARY = "use-application-dns.net."; const NXDOMAIN_ERR = "NS_ERROR_UNKNOWN_HOST"; @@ -261,19 +261,19 @@ async function safeSearch() { const providerList = [ { name: "google", - unfiltered: ["www.google.com", "google.com"], - safeSearch: ["forcesafesearch.google.com"], + unfiltered: ["www.google.com.", "google.com."], + safeSearch: ["forcesafesearch.google.com."], }, { name: "youtube", unfiltered: [ - "www.youtube.com", - "m.youtube.com", - "youtubei.googleapis.com", - "youtube.googleapis.com", - "www.youtube-nocookie.com", + "www.youtube.com.", + "m.youtube.com.", + "youtubei.googleapis.com.", + "youtube.googleapis.com.", + "www.youtube-nocookie.com.", ], - safeSearch: ["restrict.youtube.com", "restrictmoderate.youtube.com"], + safeSearch: ["restrict.youtube.com.", "restrictmoderate.youtube.com."], }, ]; @@ -300,7 +300,7 @@ async function safeSearch() { } async function zscalerCanary() { - const ZSCALER_CANARY = "sitereview.zscaler.com"; + const ZSCALER_CANARY = "sitereview.zscaler.com."; let { addresses } = await dnsLookup(ZSCALER_CANARY); for (let address of addresses) { @@ -355,7 +355,7 @@ async function providerSteering() { if (!Preferences.get(kProviderSteeringEnabledPref, false)) { return null; } - const TEST_DOMAIN = "doh.test"; + const TEST_DOMAIN = "doh.test."; // Array of { name, canonicalName, uri } where name is an identifier for // telemetry, canonicalName is the expected CNAME when looking up doh.test, diff --git a/browser/components/doh/TRRPerformance.jsm b/browser/components/doh/TRRPerformance.jsm index b47963724b69..6ced2c33e467 100644 --- a/browser/components/doh/TRRPerformance.jsm +++ b/browser/components/doh/TRRPerformance.jsm @@ -68,7 +68,7 @@ XPCOMUtils.defineLazyPreferenceGetter( this, "kCanonicalDomain", "doh-rollout.trrRace.canonicalDomain", - "firefox-dns-perf-test.net" + "firefox-dns-perf-test.net." ); // The number of random subdomains to resolve per TRR. @@ -89,7 +89,13 @@ XPCOMUtils.defineLazyPreferenceGetter( val => val ? val.split(",").map(t => t.trim()) - : ["google.com", "youtube.com", "amazon.com", "facebook.com", "yahoo.com"] + : [ + "google.com.", + "youtube.com.", + "amazon.com.", + "facebook.com.", + "yahoo.com.", + ] ); function getRandomSubdomain() {