python script - is the connection http or https ?

Dysmas_de_Lassus · February 8, 2020, 12:36pm

Hello,

we are using unbound an Internet filter, which is a critical applacation now to protect children (and not only...) from some dangers of Internet. The filter is working fine, thanks for the help already received. There is still a desired improvement.

When a domain is forbidden, the python script replies with a valid DNS answer, directed to an error page. No problem in http. But in https, the result is a warning from the browser since it receives a certificate which is not valid for the requested domain. It is better in this case to return a NXDOMAIN.

Now my question : is it possible to know if the connection is http or https ? It would allow to choose the best option for each case.

Thanks

Dysmas

A_Schulze · February 8, 2020, 12:40pm

no, you can't even say which application generated the dns query.

Andreas

Stuart_Henderson · February 8, 2020, 12:48pm

It is not.

What you could do is not answer https on the error page, then rather than
having an TLS error there will just be a "site can't be reached" error.

yvoinov · February 8, 2020, 3:10pm

Better to use approproate tool for such cases.

To protect somebody's from big and evil internet usually uses http(s)
proxies. Not DNS recursors. Its more complex task, but much efficient.

08.02.2020 18:36, dy1977--- via Unbound-users пишет: