Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DoH: allow configuration of HTTP header #7900

appliedprivacy opened this issue Jun 10, 2019 · 3 comments · Fixed by #8148

DoH: allow configuration of HTTP header #7900

appliedprivacy opened this issue Jun 10, 2019 · 3 comments · Fixed by #8148


Copy link

appliedprivacy commented Jun 10, 2019

  • Program: dnsdist
  • Issue type: Feature request


RFC8484 states:

also allowing web applications
to access DNS information via existing browser APIs in a safe way
consistent with Cross Origin Resource Sharing (CORS)

This usecase requires CORS headers otherwise browsers will not allow it.

dnsdist does not yet set the CORS header:

HTTP/2 200 
server: h2o/2.2.5
date: Mon, 10 Jun 2019 11:12:24 GMT
content-type: application/dns-message
content-length: 80

This feature request is about allowing operators to add HTTP headers to dnsdist's HTTP responses to allow the described usecase and potentially others. One obvious usecase is CORS

  • Access-Control-Allow-Origin: *

but this feature should allow the operator to configure arbitrary HTTP header (i.e. also HSTS).
Some exceptions may apply, for example the server header is already set via serverTokens #7894.

HTTP header should be configurable per frontend and per SNI.


Copy link

Habbie commented Jun 10, 2019

With reference to, perhaps adding 'headers' to the options, taking a table, might make sense. I'm assuming that we can easily deal with tables in that place.

Copy link

Agreed, we already do something like that for the internal webserver:

@rgacogne rgacogne added this to the dnsdist-1.4.0 milestone Jun 11, 2019
Copy link

For transparency, I'm going to work on this for this week. I'll keep you posted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging a pull request may close this issue.

4 participants