[PR #2921] [MERGED] Prevent DNS leak when icon regex is configured #3185

New issue

Closed

opened 2026-03-03 09:41:47 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 09:41:47 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/2921
Author: @BlackDex
Created: 11/14/2022
Status: ✅ Merged
Merged: 11/27/2022
Merged by: @dani-garcia

Base: main ← Head: issue-2909

📝 Commits (1)

0d2399d Prevent DNS leak when icon regex is configured

📊 Changes

2 files changed (+14 additions, -11 deletions)

View changed files

📝 src/api/icons.rs (+14 -11)
📝 src/static/images/fallback-icon.png (+0 -0)

📄 Description

When a icon blacklist regex was configured to not check for a domain, it still did a DNS lookup first. This could cause a DNS leakage for these regex blocked domains.

This PR resolves this issue by first checking the regex, and afterwards the other checks.

Fixes #2909

Also updated the fallback icon to the latest version used by Bitwarden it self.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/2921 **Author:** [@BlackDex](https://github.com/BlackDex) **Created:** 11/14/2022 **Status:** ✅ Merged **Merged:** 11/27/2022 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `issue-2909` --- ### 📝 Commits (1) - [`0d2399d`](https://github.com/dani-garcia/vaultwarden/commit/0d2399d485e7933ba08dc354200e545fa03f3d90) Prevent DNS leak when icon regex is configured ### 📊 Changes **2 files changed** (+14 additions, -11 deletions) <details> <summary>View changed files</summary> 📝 `src/api/icons.rs` (+14 -11) 📝 `src/static/images/fallback-icon.png` (+0 -0) </details> ### 📄 Description When a icon blacklist regex was configured to not check for a domain, it still did a DNS lookup first. This could cause a DNS leakage for these regex blocked domains. This PR resolves this issue by first checking the regex, and afterwards the other checks. Fixes #2909 Also updated the fallback icon to the latest version used by Bitwarden it self. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>