Project

General

Profile

Actions

Feature #11155

open

SafeSearch AAAA

Added by Viktor Gurov 12 months ago. Updated 10 months ago.

Status:
Feedback
Priority:
Normal
Assignee:
Category:
pfBlockerNG
Target version:
-
Start date:
12/11/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

SafeSearch DNS redirection doesn't work for AAAA queries,

must be added/fixed:

forcesafesearch.google.com - 2001:4860:4802:32::78 (https://www.reddit.com/r/ipv6/comments/8y5yfh/googles_lock_safesearch_advanced_feature_now_has/)

safe.duckduckgo.com - no AAAA record, but it must use CNAME instead of static IP, see https://www.reddit.com/r/pfBlockerNG/comments/inat95/new_ip_address_for_safeduckduckgocom_old_ip/

strict.bing.com - no AAAA record

yandex.ru - ?

safesearch.pixabay.com - 2606:4700::6812:14b7, 2606:4700::6812:15b7

it's better to use CNAME instead of static A/AAAA entries,
see https://gist.github.com/johannrichard/a645b32c75646b1f56813b517eb6cc8b for example

Original SafeSearch feature request: #9874

Actions #1

Updated by Viktor Gurov 12 months ago

Google, Youtube and Pixabay IPv6 (AAAA) SafeSearch:
https://github.com/pfsense/FreeBSD-ports/pull/1005

Actions #2

Updated by Renato Botelho 12 months ago

  • Status changed from New to Feedback
  • Assignee set to Viktor Gurov

PR haws been merged. Thanks!

Actions #3

Updated by Viktor Gurov 11 months ago

  • Status changed from Feedback to New
Actions #4

Updated by Danilo Zrenjanin 11 months ago

Added description regarding IPv4/IPv6 redirect support by search engines.
https://github.com/pfsense/FreeBSD-ports/pull/1019

Actions #5

Updated by Jim Pingle 11 months ago

  • Status changed from New to Pull Request Review
Actions #6

Updated by BBcan177 . 11 months ago

Do we need to use a redirect/local-zone for these CNAMES?

Are there any other sub-domains other than the "www." variant that should not be redirected?

Maybe it would be better to add two local-data entries for each domain (with/without 'www.') ?

Also adding a 300 TTL would be appropriate.

local-data: "duckduckgo.com 300 IN CNAME safe.duckduckgo.com" 
local-data: "pixabay.com 300 IN CNAME safesearch.pixabay.com" 

Actions #7

Updated by Renato Botelho 10 months ago

  • Status changed from Pull Request Review to Feedback

PR has been merged. Thanks!

Actions #8

Updated by Renato Botelho 10 months ago

Renato Botelho wrote:

PR has been merged. Thanks!

PR 1035 containing this change has been merged. Thanks!

Actions

Also available in: Atom PDF