Skip to content

Make the no Proxy List more flexible #540

Description

@Jolly5

Related Problem

Currently, DEV_DSF_PROXY_NOPROXY can only exclude individual hosts or all direct subhosts of a hostname from being accessed via a configured proxy. For larger internal networks with a proxy on the edge to the internet, this is not practical, since you must manually add every host you communicate with on the internal network to the no-proxy list.

Describe the Solution You’d Like

I request two new features:

  1. Wildcard ('*') matching for the no-proxy list. (i.e., myserver.internal.network.tum.de matches the entry *.tum.de on the no-proxy list)
  2. IP CIDR Block matching (i.e., 10.0.0.0/8 excludes the entire subnet from access via proxy).

Notably, I do not expect domain names to be resolved to IP addresses before they are subjected to the filter. The IP filter only applies if the host is specified via IP rather than a hostname.

Describe Alternatives You’ve Considered

Only feature 1 would already be a big help, should there be reasons to not implement CIDR block matching.
Essentially, this kind of issue falls in line with the anarchy that is the NO_PROXY variable. While CIDR block matching is not broadly supported, wildcard matching is more common and also applies to the way Java interprets the http.nonProxyHosts variable.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions