https://bugzilla.novell.com/show_bug.cgi?id=819763 https://bugzilla.novell.com/show_bug.cgi?id=819763#c0 Summary: Firefox connects to own system when two CNAME records are used to get to an IP address Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: x86-64 OS/Version: openSUSE 12.3 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: f.de.kruijf@gmail.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0 I received an email with links to link.newsletters.philips.com and image.newsletters.philips.com. The images are displayed OK in KMail. Clicking on the link which shows link.newsletters.philips.com and at the same time capturing packets with wireshark and analyzing these packets shows that somehow Firefox does not use the IP addresses returned from the DNS, but uses the global IPv4 address of my router to make the connection. As connections to my router to port 80 are rerouted to the http server on my workstation. I get a 403 error. Both names above appear to have a CNAME to another CNAME record, which is against the rules in the DNS RFC. However it appears that the HTML code in the email message also contains these same names to point to images which are displayed in KMail. image.newsletters.philips.com. 300 IN CNAME img.bo3.ed4.net.edgesuite.net. img.bo3.ed4.net.edgesuite.net. 20560 IN CNAME a733.g.akamai.net. a733.g.akamai.net. 20 IN A 82.94.229.33 a733.g.akamai.net. 20 IN A 82.94.229.42 link.newsletters.philips.com. 3600 IN CNAME philips.ed10.net. philips.ed10.net. 300 IN CNAME redirect.bo3.ed10.net.akadns.net. redirect.bo3.ed10.net.akadns.net. 30 IN A 208.94.20.19 I also get this behavior on other links in email messages. I recall that I have seen the two CNAME records before, however I did not analyze that behavior at that time. The actual link is: http://link.newsletters.philips.com/r/YHH766I/XO82M/K5CFF8/NSUFH5/41B7N/QU/h?a=may&b=1348104 I have the same result when using konqueror. Reproducible: Always Steps to Reproduce: 1.Start Firefox or konqueror using the above link 2. 3. Actual Results: The connection is made to my own http server using the global IP address of my router. Expected Results: A connection to the server in the link. My system is behind a VDSL router a FritzBox 7360. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.