Avatar for Username

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Learn More

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Can't get Firefox working with custom Dns-Over-Https server

  • 6 antwoorden
  • 1 heeft dit probleem
  • 161 weergaven
  • Laatste antwoord van Ryan

Ryan
Ryan
more options

Greetings,

I have a custom DoH server that I'm trying to get working with Firefox's DoH mode. Looking at the traffic, Firefox is sending an initial NS query type to the server, and the server is sending back what looks like a valid response in Wireshark, but Firefox seems to give up on sending further DoH queries after this.

Is there a debug mode I can enable in Firefox to glean what about the response it doesn't like? I couldn't find any console in the Web Developer tools to display diagnostics on the DoH handshaking.

Thanks, Ryan

Greetings, I have a custom DoH server that I'm trying to get working with Firefox's DoH mode. Looking at the traffic, Firefox is sending an initial NS query type to the server, and the server is sending back what looks like a valid response in Wireshark, but Firefox seems to give up on sending further DoH queries after this. Is there a debug mode I can enable in Firefox to glean what about the response it doesn't like? I couldn't find any console in the Web Developer tools to display diagnostics on the DoH handshaking. Thanks, Ryan

Gekozen oplossing

Hi Roland,

There were two issues at play here.

One is a known bug that's been fixed in Firefox beta, but hasn't been officially released (as of last week): https://bugzilla.mozilla.org/show_bug.cgi?id=1618042.

The other is an issue with our server where we weren't setting the content type in the HTTP header in the response that you mentioned above.

Thanks, Ryan

Dit antwoord in context lezen 👍 0

Alle antwoorden (6)

Roland Tanglao
Roland Tanglao
  • Moderator
more options

Hi chiacow

I asked Firefox developers and they said: "about:networking logging might be useful"

Here's how to turn on logging: https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging

And then file a bugzilla bug with the log attached and post a link here

or

put the log somewhere e.g. dropbox, google drive and post a link to it here.

Cheers!

...Roland

Ryan
Ryan Vraageigenaar
more options

Hi Roland,

Thanks for the quick response.

I've filed a bug with bugzilla here with a Wireshark capture and the Firefox log Dropbox link attached to the bug:

https://bugzilla.mozilla.org/show_bug.cgi?id=1630736

Thanks, Ryan

Roland Tanglao
Roland Tanglao
  • Moderator
more options

Great, thanks Ryan!

Could you please add me (:roland is my bugzilla nickname) to the CC: list of the bug so I can see it?

Right now I get access denied.

Thanks for taking the time to do this!

Cheers! ...Roland

Ryan
Ryan Vraageigenaar
more options

Looks like you've already been added to the CC list already for that bug report. If you still need to be added let me know.

Thanks, Ryan

Roland Tanglao
Roland Tanglao
  • Moderator
more options

Hi Ryan:

Looks like your problem was solved in the bugzilla bug . It's not clear to me but I think the workaround was as follows (please reply and correct me if I got it wrong so that others can benefit in the future):

  1. set content type for the DoH response to: application/dns-message
  2. in Firefox, set network.notify.dnsSuffixList to false

Cheers!

...Roland

Ryan
Ryan Vraageigenaar
more options

Gekozen oplossing

Hi Roland,

There were two issues at play here.

One is a known bug that's been fixed in Firefox beta, but hasn't been officially released (as of last week): https://bugzilla.mozilla.org/show_bug.cgi?id=1618042.

The other is an issue with our server where we weren't setting the content type in the HTTP header in the response that you mentioned above.

Thanks, Ryan