Disable DNSResolver option #5945
Labels
help wanted
Seeking public contribution on this issue
kind/enhancement
A net-new feature or improvement to an existing feature
Not sure what the best way to handle this is, but the issue is if a user is using Tor, say, the DNSResolver in the name system may leak their IP. As far as I can tell it looks like the resolver does an
IsDomain
check and exits if it's not a domain name without actually doing the DNS query.So if they don't try to resolve a domain name it shouldn't leak but if they do then it would leak their IP.
I'm currently gating the
Resolve
function in my own code with aIsDomain
check to make sure it's not allowing domains to be passed in but it might be nice to be more explicit about this as a consumer may inadvertently pass in a domain name while trying to remain private.Possibly a resolve option to skip the dnsrolver.
I can submit a PR if you guys think that's the way to go.
The text was updated successfully, but these errors were encountered: