Investigate potential DNS leak on Windows when using SSPI
Firefox supports the "negotiate" auth method which, it seems, may lead to a DNS request bypassing the proxy settings in: https://mxr.mozilla.org/mozilla-esr24/source/extensions/auth/nsAuthSSPI.cpp#122. This is somewhat mitigated as it does not affect the majority of Windows users due to
network.negotiate-auth.trusted-uris
being empty and
network.negotiate-auth.allow-non-fqdn
being set to "false" by default. Might be worth investigating further and fixing if this preliminary analysis is sound.