Querying DNS must ALWAYS occur over SSL. However, Firefox will block some HTTP content from loading in a page with HTTPS enabled.
Thus, in order to isolates DNS from possible malicious MTM attacks
- https://speech.is -> webWorker :
{lookup:urn}
- https://speech.is <- webWorker :
{name:urn, value:{http:FQDN}}
- https://speech.is:
load(record.value.http)
...
function load(FQDN){
if (isHttps(FQDN)){
iframeLoad(FQDN);
} else {
forward self to "http://speech.is#!destination=" + FQDN;
}
}
- http://speech.is#!destination=example.com:
if(location.hash.beginsWith('!destination='){
//load http://example.com
} else {
//load https://speech.is + window.location.hash
}
Querying DNS must ALWAYS occur over SSL. However, Firefox will block some HTTP content from loading in a page with HTTPS enabled.
Thus, in order to isolates DNS from possible malicious MTM attacks
{lookup:urn}{name:urn, value:{http:FQDN}}load(record.value.http)...