Ever since Mv3 came into enforcement I've been using a local DNS blocklist in /etc/hosts (UHB more specifically) for locking the browser down as much as possible. Unfortunately this has lead to some major issues when browsing, i.e. 5-10 second latency for every single request that goes through the browser. Can't completely stop using some Chromium-browser since I need to test my work on the browser at some point.
I'm suspecting it's due to the browser waiting for some telemetry endpoint, or trying to get around the block through some other means (which won't work since outgoing DNS via anything else but the gateway is blocked in the firewall), and giving up after a specified time. At this point I've narrowed the issue down to the full version of UHB, as when toggling this off the requests no longer hang before going through. Firefox doesn't suffer from the same issues – every Chromium-derived platform suffers, though, including Electron applications like VSCode. Toggling async DNS off hasn't helped (which previously supposedly has helped some), neither has turning secure DNS (read Google's system DNS sinkhole workaround) off.
Out of curiosity, has anyone else encountered the same issue or is using a version of Chromium that's not suffering from the same issues? This is getting a bit infuriating, and though I've already moved my browsing on Firefox, it's still bothersome to run e.g. UI tests when every fetch operation takes 10 s. This even happens when connecting to stuff running on localhost or LAN addresses.
You're using software to do something it wasn't designed to do. So this comment is beyond meaningless. There's no value whatsoever in it.
So then why would you even think to do something like this? Like....why?
well if you would bother to read what they have written.. oh I see, then you couldn't be so condescending
As such, Chrome isn't exactly following the best practices either – if you want to reinvent the wheel at least improve upon the original instead of making it run worse. True, it's not the intended method of use, but resource-wise it shouldn't cause issues – at this point one would've needed active work to make it run this poorly.
As I said, due to company VPN enforcing their own DNS for intranet resources etc. Technically I could override it with a single rule in configuration, but this would also technically be a breach of guidelines as opposed to the more moderate rules-lawyery approach I attempt here.
If it was up to me the employer should just add some blocklist to their own forwarder for the benefit of everyone working there...
But guess I'll settle for local dnsmasq on the laptop for now. Thanks for the discussion 👌🏼