mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

feat: add app.configureHostResolver (#30576)

Browse source
This commit is contained in:
Jeremy Rose 2021-08-31 11:55:30 -07:00 committed by GitHub
parent 3b2db5f168
commit dd7aeda6fb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 292 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

55
docs/api/app.md
View file

@ -1061,6 +1061,61 @@ Imports the certificate in pkcs12 format into the platform certificate store.
`callback` is called with the `result` of import operation, a value of `0`
indicates success while any other value indicates failure according to Chromium [net_error_list](https://source.chromium.org/chromium/chromium/src/+/master:net/base/net_error_list.h).
### `app.configureHostResolver(options)`
* `options` Object
* `enableBuiltInResolver` Boolean (optional) - Whether the built-in host
resolver is used in preference to getaddrinfo. When enabled, the built-in
resolver will attempt to use the system's DNS settings to do DNS lookups
itself. Enabled by default on macOS, disabled by default on Windows and
Linux.
* `secureDnsMode` String (optional) - Can be "off", "automatic" or "secure".
Configures the DNS-over-HTTP mode. When "off", no DoH lookups will be
performed. When "automatic", DoH lookups will be peformed first if DoH is
available, and insecure DNS lookups will be performed as a fallback. When
"secure", only DoH lookups will be performed. Defaults to "automatic".
* `secureDnsServers` String[] (optional) - A list of DNS-over-HTTP
server templates. See [RFC8484 § 3][] for details on the template format.
Most servers support the POST method; the template for such servers is
simply a URI. Note that for [some DNS providers][doh-providers], the
resolver will automatically upgrade to DoH unless DoH is explicitly
disabled, even if there are no DoH servers provided in this list.
* `enableAdditionalDnsQueryTypes` Boolean (optional) - Controls whether additional DNS
query types, e.g. HTTPS (DNS type 65) will be allowed besides the
traditional A and AAAA queries when a request is being made via insecure
DNS. Has no effect on Secure DNS which always allows additional types.
Defaults to true.
Configures host resolution (DNS and DNS-over-HTTPS). By default, the following
resolvers will be used, in order:
1. DNS-over-HTTPS, if the [DNS provider supports it][doh-providers], then
2. the built-in resolver (enabled on macOS only by default), then
3. the system's resolver (e.g. `getaddrinfo`).
This can be configured to either restrict usage of non-encrypted DNS
(`secureDnsMode: "secure"`), or disable DNS-over-HTTPS (`secureDnsMode:
"off"`). It is also possible to enable or disable the built-in resolver.
To disable insecure DNS, you can specify a `secureDnsMode` of `"secure"`. If you do
so, you should make sure to provide a list of DNS-over-HTTPS servers to use, in
case the user's DNS configuration does not include a provider that supports
DoH.
```js
app.configureHostResolver({
secureDnsMode: 'secure',
secureDnsServers: [
'https://cloudflare-dns.com/dns-query'
]
})
```
This API must be called after the `ready` event is emitted.
[doh-providers]: https://source.chromium.org/chromium/chromium/src/+/main:net/dns/public/doh_provider_entry.cc;l=31?q=%22DohProviderEntry::GetList()%22&ss=chromium%2Fchromium%2Fsrc
[RFC8484 § 3]: https://datatracker.ietf.org/doc/html/rfc8484#section-3
### `app.disableHardwareAcceleration()`
Disables hardware acceleration for current app.