Skip to content
Blame History Permalink
  • Nick Mathewson's avatar
    r14227@Kushana: nickm | 2007-08-27 11:33:28 -0400 · d3224bad
    Nick Mathewson authored 
     Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address.  This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort.  Also clarify behavior in some comments.  Backport candiate?


svn:r11287
    d3224bad