We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Rohkem teavet

Blocking Onion Websites with no user advisory other than "Can't Connect"

  • 4 vastust
  • 3 on selline probleem
  • 3 views
  • Viimati vastas beerrnot

more options

Have spent most of the day troubleshooting my Tor server/router as when I go to visit any .onion URL Firefox says the ubiquitous "Can't connect ..."

I finally found the reason, the developers have created a new setting: network.dns.blockDotOnion which outright blocks all onion URLs and is enabled by default!

Surely this setting should be disabled by default? And why block Onion websites?

Have spent most of the day troubleshooting my Tor server/router as when I go to visit any .onion URL Firefox says the ubiquitous "Can't connect ..." I finally found the reason, the developers have created a new setting: network.dns.blockDotOnion which outright blocks all onion URLs and is enabled by default! Surely this setting should be disabled by default? And why block Onion websites?

All Replies (4)

more options

hi, setting this to true by default seems to conform with the rfc standards put forward by tor developers:

Applications that do not implement the Tor protocol SHOULD generate an error upon the use of .onion and SHOULD NOT perform a DNS lookup.

https://tools.ietf.org/html/rfc7686#section-2

more options

Thanks for the reply Phillip, I can see you're right re rfc7686 but wondering if Mozilla has implemented it properly? or that Tor need to alter their code?

There is a setting in torrc config file "AutomapHostsSuffixes .exit, .onion" which resolves .onion URLs but now that FF blocks .onion this doesn't work anymore.

Anyway thanks for the prompt reply. Cheers, Richie

more options

i'm not sure if i fully understand the background to your question. if you want to access the internet through the tor network, it is strongly recommended to use the purpose-built tor-browser bundle (that is based on firefox but contains a number of configuration changes), where .onion addresses work out of the box i would expect. if not, then thy should add the network.dns.blockDotOnion preference to their modifications for sure.

the tor project is strongly discouraging using tor in conjunction with other browsers: https://www.torproject.org/docs/faq.html.en#CompatibleApplications

Muudetud philipp poolt

more options

Thanks again Phillip, cheers. Richie