New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 904889 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Nov 14
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 3
Type: Bug



Sign in to add a comment

Treat "loopback" as a localhost address (for proxy bypass)

Project Member Reported by eroman@chromium.org, Nov 13

Issue description

Name resolution on Windows 10 internally resolves "loopback" to a loopback address, similarly to "localhost". This is not a common idiom on other platforms, and in places where we give special treatment to localhost URLs (i.e. net::IsLocalhost()), "loopback" is not currently being considered.

One place where this makes a difference is the implicit proxy bypass rules [1]. We don't consider "loopback" as localhost whereas WinInet does. Minimally, I think we need to deal with "loopback" at the proxy layer, if not more generally.

[1] https://chromium.googlesource.com/chromium/src/+/7cd86402981670794dc2e68f4e57bedcda087116/net/proxy_resolution/proxy_bypass_rules.cc#425
 
Summary: Treat "loopback" as a localhost address (for proxy bypass) (was: Treat "loopback" as a localhost address)
Description: Show this description
Labels: -OS-iOS
Cc: mkwst@chromium.org
Some other contexts where it matters:

* Hard-coded host resolver bypass list that always resolves to 127.0.0.1 / ::1.
* When using the async resolver (Bypass list would take precedence over this, anyways...mostly).
* security_origin uses HostStringIsLocalHost.
* A bunch of random consumers use net::IsLocalhost().
* Consumers that just use IPAddress::IsPubliclyRoutable() should be fine, since it uses IP addresses instead of hostname.
Cc: elawrence@chromium.org
As far as I can tell, this is a non-specified Microsoft deviation. Localhost-and-friends at least had well-defined specifications. I'm curious if this is some ancient Microsoft deviation (much like octal IP addresses or permissive resolution APIs) that just got carried forward.

I definitely don't think we should 'add' loopback to the special names list, which is generally used to grant more permissions than fewer. It may be best just to address it add the proxy.

Adding elawrence@ in case he still monitors bugmail, and since he previously introduced "<-loopback>" to IE9's proxy resolution logic :)
Cc: ericorth@chromium.org
From the HostResolver perspective:
I'm not a fan of directly adding special handling for anything like this without a well-defined spec.  Too much danger Microsoft fixes it or we don't understand all the rules and cornercases, leaving us out as the odd spec deviant.  

Something we could consider is to detect such hostnames and, on Windows, always resolve them via getaddrinfo rather than async resolver.  Then we'll always be at least as conforming as the platform.  This is similar to what we do for *.local hostnames where by spec they should always be resolved via MDNS but not all platforms do so.
Owner: eroman@chromium.org
Status: Started (was: Untriaged)
Here is a proposal to just special-case it for proxy resolution:

  https://chromium-review.googlesource.com/c/chromium/src/+/1333906

We can expand the scope later if needed based on feedback.
Given we've apparently had 0 feedback on this in the 5-6 years I've been watching the proxy label, I think we can probably count that as no feedback.  :)
#9: I was referring to broader feedback on how "loopback" is used and defined on Windows. I certainly agree that the proxy resolving compatibility case shouldn't be too interesting.
Project Member

Comment 11 by bugdroid1@chromium.org, Nov 14

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7aeea3a2da27e2bf566cf11e75f960124061c79c

commit 7aeea3a2da27e2bf566cf11e75f960124061c79c
Author: Eric Roman <eroman@chromium.org>
Date: Wed Nov 14 02:11:23 2018

Bypass the proxy implicitly for "loopback" (on Windows only).

Bug:  904889 
Change-Id: I52e5b4cc2bff0cff0b1c7d6ec55d26b01924c288
Reviewed-on: https://chromium-review.googlesource.com/c/1333906
Commit-Queue: Eric Roman <eroman@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#607855}
[modify] https://crrev.com/7aeea3a2da27e2bf566cf11e75f960124061c79c/net/proxy_resolution/proxy_bypass_rules.cc
[modify] https://crrev.com/7aeea3a2da27e2bf566cf11e75f960124061c79c/net/proxy_resolution/proxy_bypass_rules_unittest.cc

Status: Fixed (was: Started)

Sign in to add a comment