Blocking Onion Websites with no user advisory other than "Can't Connect"
Have spent most of the day troubleshooting my Tor server/router as when I go to visit any .onion URL Firefox says the ubiquitous "Can't connect ..."
I finally found the reason, the developers have created a new setting: network.dns.blockDotOnion which outright blocks all onion URLs and is enabled by default!
Surely this setting should be disabled by default? And why block Onion websites?
All Replies (4)
hi, setting this to true by default seems to conform with the rfc standards put forward by tor developers:
Applications that do not implement the Tor protocol SHOULD generate an error upon the use of .onion and SHOULD NOT perform a DNS lookup.
Thanks for the reply Phillip, I can see you're right re rfc7686 but wondering if Mozilla has implemented it properly? or that Tor need to alter their code?
There is a setting in torrc config file "AutomapHostsSuffixes .exit, .onion" which resolves .onion URLs but now that FF blocks .onion this doesn't work anymore.
Anyway thanks for the prompt reply. Cheers, Richie
i'm not sure if i fully understand the background to your question. if you want to access the internet through the tor network, it is strongly recommended to use the purpose-built tor-browser bundle (that is based on firefox but contains a number of configuration changes), where .onion addresses work out of the box i would expect. if not, then thy should add the network.dns.blockDotOnion preference to their modifications for sure.
the tor project is strongly discouraging using tor in conjunction with other browsers: https://www.torproject.org/docs/faq.html.en#CompatibleApplications
philipp moo ko soppali ci
Thanks again Phillip, cheers. Richie