[DNSOP] JavaScript implementation of DNS over HTTP wire format draft

Mon, 18 Jul 2016 05:15:41 -0700 

Hello,

tl;dr DNS over HTTP in JavaScript implementation done. Demo here:
      http://blij.tk:8888/

I decided to see how much trouble it would be to use the DNS over HTTP
protocol from JavaScript. I did this over the IETF 96 Hackathon, with
some extra time this morning.

While at first I thought that it made no sense - in fact it seemed
crazy - on reflection there are several good reasons for this.

First, unlike a higher-level API, doing the packet munging yourself
means never having to wait for an API to support the newest, craziest
DNS features.

Second, you have access to the full contents of the DNS packets. That
means getting TTL, seeing full CNAME chains, and so on.

Third, you can do DNSSEC validation if that's what you want.

The demo page explains the details, but I will cover them here for
posterity. (Also I'm not sure how long I will keep the demo up. I have
no plans to turn it off, but it's running on an aging VPS which will
probably need to be revamped at some point.)

----

On the browser side, a JavaScript program builds a DNS wire-format
packet, and then submits it to the server side via a HTTP POST. The
program uses the native-dns-packet JavaScript library combined with the
code using the Browserify tool:

   $ npm install native-dns-packet
   $ npm install buffercursor
   $ browserify test.js -o dnsoverhttpjsdemo.js

The test.js code works with the HTML form and the native-dns-packet
stuff to do the actual work.

On the server side, the DNS over HTTP server proxy written in Go is
run, with a couple of modifications:

* It was modified to act as an HTTP server when
  the /.well-known/dns-wireformat URL is not used.   This allows it to
  serve HTML documents, which is necessary since JavaScript requires
  that all communication is with the same server that the script itself
  comes from. 

* The type specifying the DNS transport requested was changed to
  X-Proxy-DNS-Transport since the browser will not add unknown header
  fields when sending a POST command. 

Source for the server proxy can be found at:

    https://github.com/shane-kerr/DNSoverHTTPinGO/tree/ietf96hackathon. 

It will be merged into the main DNS over HTTP in Go repository soon.

See you at the dnsop session soon! :)

--
Shane

Attachment: pgpcdwJ5r5fWN.pgp
Description: OpenPGP digital signature

_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to