Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Blocking Onion Websites with no user advisory other than "Can't Connect"

  • 4 antwoorden
  • 3 hebben dit probleem
  • 1 weergave
  • Laatste antwoord van beerrnot

more options

Have spent most of the day troubleshooting my Tor server/router as when I go to visit any .onion URL Firefox says the ubiquitous "Can't connect ..."

I finally found the reason, the developers have created a new setting: network.dns.blockDotOnion which outright blocks all onion URLs and is enabled by default!

Surely this setting should be disabled by default? And why block Onion websites?

Have spent most of the day troubleshooting my Tor server/router as when I go to visit any .onion URL Firefox says the ubiquitous "Can't connect ..." I finally found the reason, the developers have created a new setting: network.dns.blockDotOnion which outright blocks all onion URLs and is enabled by default! Surely this setting should be disabled by default? And why block Onion websites?

Alle antwoorden (4)

more options

hi, setting this to true by default seems to conform with the rfc standards put forward by tor developers:

Applications that do not implement the Tor protocol SHOULD generate an error upon the use of .onion and SHOULD NOT perform a DNS lookup.

https://tools.ietf.org/html/rfc7686#section-2

more options

Thanks for the reply Phillip, I can see you're right re rfc7686 but wondering if Mozilla has implemented it properly? or that Tor need to alter their code?

There is a setting in torrc config file "AutomapHostsSuffixes .exit, .onion" which resolves .onion URLs but now that FF blocks .onion this doesn't work anymore.

Anyway thanks for the prompt reply. Cheers, Richie

more options

i'm not sure if i fully understand the background to your question. if you want to access the internet through the tor network, it is strongly recommended to use the purpose-built tor-browser bundle (that is based on firefox but contains a number of configuration changes), where .onion addresses work out of the box i would expect. if not, then thy should add the network.dns.blockDotOnion preference to their modifications for sure.

the tor project is strongly discouraging using tor in conjunction with other browsers: https://www.torproject.org/docs/faq.html.en#CompatibleApplications

Bewerkt door philipp op

more options

Thanks again Phillip, cheers. Richie