+1 for the potential usage It allows website operator setup their own RDNS proxy to work around the ad-injection hijack risk which is getting popular. DNS resolution inside some app also will not rely on the users’ DNS path in their ISP’s networks.
Davey > 在 2016年7月18日,14:13,Shane Kerr <[email protected]> 写道: > > Hello, > > tl;dr DNS over HTTP in JavaScript implementation done. Demo here: > http://blij.tk:8888/ > > I decided to see how much trouble it would be to use the DNS over HTTP > protocol from JavaScript. I did this over the IETF 96 Hackathon, with > some extra time this morning. > > While at first I thought that it made no sense - in fact it seemed > crazy - on reflection there are several good reasons for this. > > First, unlike a higher-level API, doing the packet munging yourself > means never having to wait for an API to support the newest, craziest > DNS features. > > Second, you have access to the full contents of the DNS packets. That > means getting TTL, seeing full CNAME chains, and so on. > > Third, you can do DNSSEC validation if that's what you want. > > The demo page explains the details, but I will cover them here for > posterity. (Also I'm not sure how long I will keep the demo up. I have > no plans to turn it off, but it's running on an aging VPS which will > probably need to be revamped at some point.) > > ---- > > On the browser side, a JavaScript program builds a DNS wire-format > packet, and then submits it to the server side via a HTTP POST. The > program uses the native-dns-packet JavaScript library combined with the > code using the Browserify tool: > > $ npm install native-dns-packet > $ npm install buffercursor > $ browserify test.js -o dnsoverhttpjsdemo.js > > The test.js code works with the HTML form and the native-dns-packet > stuff to do the actual work. > > On the server side, the DNS over HTTP server proxy written in Go is > run, with a couple of modifications: > > * It was modified to act as an HTTP server when > the /.well-known/dns-wireformat URL is not used. This allows it to > serve HTML documents, which is necessary since JavaScript requires > that all communication is with the same server that the script itself > comes from. > > * The type specifying the DNS transport requested was changed to > X-Proxy-DNS-Transport since the browser will not add unknown header > fields when sending a POST command. > > Source for the server proxy can be found at: > > https://github.com/shane-kerr/DNSoverHTTPinGO/tree/ietf96hackathon. > > It will be merged into the main DNS over HTTP in Go repository soon. > > See you at the dnsop session soon! :) > > -- > Shane > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop --------------------------- Davey Song(宋林健) BII Lab [email protected]
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
