Loading…
security feature request: verify domain records #1267
3 participants
How would uBlock "verify" the domain? uBlock (as a browser extension) doesn't have access to the DNS records.
i'm not sure, is the short answer, that's why i asked if it were possible - a quick search reveals several "whois" services that have an API though:
https://www.google.com//search?output=search&q=whois+api
https://www.robowhois.com/docs/api/v1/whois/
so on the 1st visit to a host, potentially uB could get a bit of info that can be compared later to determine if the domain status has changed and, if so, either prompt the user or auto-delete the rules for the domain
again, this should probably not happen on every visit, but the check could be run by the user or at timed intervals
That particular WHOIS service closed on 1 January this year: https://www.robowhois.com/discontinued
these all appear to offer a free service...
https://www.arin.net/resources/whoisrws/whois_api.html
http://whoiz.herokuapp.com/ - looks easy to use, but the longevity of this service may be in question - see info here: http://jasonormand.com/2012/06/10/a-free-whois-api/
http://hackertarget.com/whois-lookup/ - 50 requests/day
http://wikileaks.dotnul.org/whois-lookup/
https://whois.apitruck.com/
most services that offer a free service are limited in some way
i don't know if the time to implement this is worth the payoff - just an idea
whether running NoScript or allowing uB to filter scripts, one thing that has always bothered me is that you can allow scripts for a host which may then sell the domain to another, potentially malicious party, so now you risk "doom" when revisiting that domain
i am wondering if is possible to create a database containing a bare minimum of domain registration info that could be checked manually, or at timed intervals (once/day/wk/mo) to verify that all domains for which rules were set are still owned by the same owner and, if not, auto-delete any noop/allow rules for that domain