Document reasoning to block DNS to 127.0.0.1 · Issue #16372 · easylist/easylist · GitHub

Domains (including wildcarded domains) pointing to 127.0.0.1 are a commonly used developer feature. Some domains which use this are *.lndo.site, *.nip.io, *.xip.io, *.localho.st etc.

Blocking DNS for those developer tools in this list affects developers who are using those tools (requiring them to override the domains) and affects the OOTB experience for users of tools like Lando, DDev etc.

Recent update to the blocklist has caused issues for a few such tools, including Lando (#16343 #16353) and nip.io (#16352). Those two are now partially addressed by $third-party flag, which I believe means “3rd-party tracking: Hosted by another provider, which hosts a tracking script, but not actually a tracking company.”

These domains point to 127.0.0.1, and aren’t hosting tracking scripts (ignoring the edge case of “developers working on tracking scripts” I guess 😆).

In https://github.com/search?q=repo%3Aeasylist%2Feasylist+localhost&type=commits we can see a few commits which introduce blocking of domains that point to 127.0.0.1, but the reasoning for this isn’t explicit. I don’t see this listed in the README or on https://easylist.to either, so it’s hard to establish the criteria for blocking those domains. This means that responses such as “still not acceptable” do not provide clear criteria for what is or is not acceptable.

We could guess at the reasoning, but it would be great to clarify the exact reasoning for blocking such domains, so that the tools / domains know the right way to engage this (eg, clarify their purpose, or document, or something else).

Does Easylist block the host localhost, which these public DNS entries behave similarly to?

Is there abuse of such DNS entries?

(If I’m missing it in https://github.com/easylist/easylist#easylist please help me see it!)


Source link