Re: [Bug 12965] New: Problem: I want to perform DNS queries from a HTML5 app, but the networking functions available are too restrictive to build a stub resolver. Why: DNS is not just for machines - zones may contain extremely useful and rich informa

On Wed, Jun 15, 2011 at 11:32 PM, timeless <timeless@gmail.com> wrote:
> Some computers live behind proxies which do not provide for client
> based dns lookups. instead a client tells the proxy "i would like to
> talk to <host>" or "i would like to get <url>" and the proxy says
> "here's a connection for <host>" or "here's the data for <url>".

You mean there are clients that don't have access to any DNS, only
HTTP proxies?  I haven't heard of that, but it wouldn't surprise me.

> An API for doing DNS work will not work in such situations. What you
> will probably have is something that "usually works" but fails on any
> interesting corporate network, which is unfortunate.

Such a network would also fail for WebSockets, SPDY, or lots of other
interesting things.  That's not a reason to not create such features.
Some features aren't going to work for some users.

> This is the general reason that DNS APIs aren't exposed. The other
> reason is that DNS can easily include private information and browsers
> aren't particularly good at understanding what is private and
> shouldn't be exposed to web apps.

That's my bigger concern.  Internal corporate DNS could have lots of
interesting info.  You might also be able to leverage this for some
type of cache poisoning, although I can't think of a specific scenario
off the top of my head.

Received on Thursday, 16 June 2011 18:21:43 UTC