[GH-ISSUE #197] fix dns subdomain blocking #62

New issue

Closed

opened 2026-03-04 01:34:31 +03:00 by kerem · 3 comments

kerem commented

2026-03-04 01:34:31 +03:00

Owner

Originally created by @lts-rad on GitHub (Sep 29, 2023).
Original GitHub issue: https://github.com/spr-networks/super/issues/197

Originally assigned to: @lts-rad on GitHub.

if a site such as docs.logrocket.com is blcoked, adding a permit rule is insufficient, as the blocklist may contain logrocket.com which shorcuts it

thanks @0vercl0k for reporting

Originally created by @lts-rad on GitHub (Sep 29, 2023). Original GitHub issue: https://github.com/spr-networks/super/issues/197 Originally assigned to: @lts-rad on GitHub. if a site such as docs.logrocket.com is blcoked, adding a permit rule is insufficient, as the blocklist may contain logrocket.com which shorcuts it thanks @0vercl0k for reporting

kerem

2026-03-04 01:34:31 +03:00

closed this issue
added the
bug

p2
labels

kerem commented

2026-03-04 01:34:32 +03:00

Author

Owner

@0vercl0k commented on GitHub (Sep 29, 2023):

lemme know if you want me to run experiments / test the fix 🫡

On Fri, Sep 29, 2023 at 2:11 PM Alex Rad @.***> wrote:

if a site such as docs.logrocket.com is blcoked, adding a permit rule is
insufficient, as the blocklist may contain logrocket.com which shorcuts it

thanks @0vercl0k https://github.com/0vercl0k for reporting

—
Reply to this email directly, view it on GitHub
https://github.com/spr-networks/super/issues/197, or unsubscribe
https://github.com/notifications/unsubscribe-auth/AALIORKT5VYYEQFRZKYFEB3X442RBANCNFSM6AAAAAA5NAAFQA
.
You are receiving this because you were mentioned.Message ID:
@.***>

@0vercl0k commented on GitHub (Sep 29, 2023): lemme know if you want me to run experiments / test the fix 🫡 On Fri, Sep 29, 2023 at 2:11 PM Alex Rad ***@***.***> wrote: > if a site such as docs.logrocket.com is blcoked, adding a permit rule is > insufficient, as the blocklist may contain logrocket.com which shorcuts it > > thanks @0vercl0k <https://github.com/0vercl0k> for reporting > > — > Reply to this email directly, view it on GitHub > <https://github.com/spr-networks/super/issues/197>, or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AALIORKT5VYYEQFRZKYFEB3X442RBANCNFSM6AAAAAA5NAAFQA> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> >

kerem commented

2026-03-04 01:34:32 +03:00

Author

Owner

@lts-rad commented on GitHub (Sep 29, 2023):

https://github.com/spr-networks/coredns-block/blob/master/block.go#L345C4-L350C4

=https://github.com/spr-networks/coredns-block/blob/master/block.go#L170

block checks for an exact match. but a block entry of x.com will block a.x.com, and the permit override for a.x.com will not work.

this is likely because the block check is recursive and so a.x.com hits the x.com block without seeing the a.x.com override
https://github.com/spr-networks/coredns-block/blob/master/block.go#L375

the fix for this should propagate the original full domain name in the looped call to checkblock to catch the override

@lts-rad commented on GitHub (Sep 29, 2023): https://github.com/spr-networks/coredns-block/blob/master/block.go#L345C4-L350C4 =https://github.com/spr-networks/coredns-block/blob/master/block.go#L170 block checks for an exact match. but a block entry of x.com will block a.x.com, and the permit override for a.x.com will not work. this is likely because the block check is recursive and so a.x.com hits the x.com block without seeing the a.x.com override https://github.com/spr-networks/coredns-block/blob/master/block.go#L375 the fix for this should propagate the original full domain name in the looped call to checkblock to catch the override

kerem commented

2026-03-04 01:34:32 +03:00

Author

Owner

@lts-po commented on GitHub (Oct 11, 2023):

Fixed in 0.2.23: github.com/spr-networks/coredns-block@1a42b262de

@lts-po commented on GitHub (Oct 11, 2023): Fixed in 0.2.23: https://github.com/spr-networks/coredns-block/commit/1a42b262deec81dbad9e848e60da14b9623db3ed

kerem referenced this issue

2026-03-04 01:36:04 +03:00

[PR #62] [MERGED] Virtual SPR improvements #282