Hosts file localhost loopback failure for 127.0.0.1 twitter.com

Description of the issue:
hosts file entry
127.0.0.1 twitter.com
127.0.0.1 mobile.twitter.com

Twitter site should not load in browser but does.

brave://net-internals/#dns
DNS lookup
Resolved IP addresses of “twitter.com”: [“127.0.0.1”].
No data on which protocols are supported.

However twitter web page still loads into browser.
With https://twitter.com/ in the address bar.

How can this issue be reproduced?

1. add the following to the hosts file

127.0.0.1 twitter.com
127.0.0.1 mobile.twitter.com

2. flush DNS cache,
   from Brave
   brave://net-internals/#dns

from the CMD line
ipconfig/flushdns

3. wait until the hosts file changes are activated (10 to 20 min)?

Expected result:
Domain cannot be reached. The HTTP request is not sent to the server at the domain. No domain response resource (web page) is displayed in the browser.

One of the following messages is displayed.

This site can’t be reached twitter.com refused to connect.

Try:

Checking the connection

Checking the proxy and the firewall

ERR_CONNECTION_REFUSED

Sometimes this message is displayed

This site can’t be reached
The web page at https://twitter.com might be temporarily down or it may have moved permanently to a new web address.

ERR_FAILED

or

This site can’t be reached twitter.com’s DNS address could not be found. Diagnosing the problem.
DNS_PROBE_POSSIBLE

Brave Version( check About Brave):
Desktop
Release Notes v1.48.158 (Feb 7, 2023)

Additional Information:
All other localhost loopbacks seem to work.
Added one today to an online publication and it is blocked.

I don’t properly understand the browser hosts file entries interaction. Please provide a documentation reference of the Brave view of this interaction on a Windows laptop?

A UML interaction diagram view perhaps a sequence diagram or two?
A context diagram view perhaps also?
Some explanatory text please?

Many thanks
York

Under brave://settings/socialBlocking do you have Allow Twitter embedded tweets enabled or disabled?

Under brave://settings/security do you have Use secure DNS enabled? If so, what values are set there?

Please note. Twitter had previously been blocked. Twitter had been blocked for some days certainly more than one week.

A couple of days ago I commented the twitter line in the hosts file with a hash/pound sign. Experimental reasons. When I removed the comment an hour or so later Twitter page continued to be served.

I have checked again today and they are still being served.

Please note I also have facebook similarly blocked but that remains blocked. I have not uncommented the facebook entry in the hosts file however. Same also for Instagram and YouTube. All three of these throw exception.

ERR_CONNECTION_REFUSED

I can’t remember what exception was thrown when Twitter was blocked.

The three exception error messages listed above have been returned from some localhost loopback 127.0.0.1 entry in the hosts file at some point in the last couple of weeks. I saw the last one listed, DNS_PROBE_POSSIBLE , for the first time, I believe, after updating to the current Brave version yesterday, 13/02/2023, or the day before. This was for a different domain name, not twitter.

Not directly related to this there is some latency which appears variable between hosts file entries and Brave ‘acknowledgement’ . Unclear why this is. It would be nice to know where this arises in Brave interaction flow between hosts entry and Brave exception handling to blocked domain.

It would also be interesting to know what the ecosystem state, variants and invariants, for the throwing of the three different exceptions listed above.

Hope that helps.

image1747×672 38 KB

image1694×700 44 KB

Are you using a proxy or a VPN?

Is anything set in brave://flags ? (Anything with a non-default setting will be sorted to the top, and will have a blue dot next to it.)

Does anything change if you do the following?

1. Turn both of those settings completely off
2. Close Brave
3. At a Windows command prompt, run ipconfig /flushdns
4. Reboot the system

Done as requested with changes and rebooted.

The issue remains. Twitter page still loads.

brave://net-internals/#dns
Resolved IP addresses of “twitter.com”: [“127.0.0.1”].
No data on which protocols are supported.

Not using a VPN or proxy.

The only thing in experiments is vertical tabs. I have lost all my tabs and tab groups after closing Brave.

image1836×336 23.9 KB

I have been using vertical tabs for more than a week and had no difficulties before.

image1731×679 38.1 KB

image1709×318 23.7 KB

Microsoft Windows [Version 10.0.19045.2486]
(c) Microsoft Corporation. All rights reserved.

C:\Users\yorke>ipconfig/flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Thanks.

I’m pretty sure that when Secure DNS is disabled, the browser just offloads resolution to the operating system, and it doesn’t consult the hosts file directly.

But I’m still not sure exactly what’s happening.

Can you open DevTools (Ctrl+Shift+I); go to the Network tab; make sure the ‘Domain’ and ‘Remote Address’ columns are enabled (right-click the header row); then attempt to load mobile.twitter.com and show us what appears in the DevTools section?

In particular, wondering what this row looks like on your end:

image1544×159 9.72 KB

Not used DevTools before so you will have to bear with me as I orient myself and familiarise myself with the tool. Looking at the google documentation now.

Would you recommend any other documentation sources?

Will get back to you hopefully later today.

FYI. Twitter is still loading in browser.

Not really, that one should be good. But maybe also look for a few YouTube videos of people using it, particularly the ‘Network’ tab, that might help.

Thanks for the feedback.

Not had the bandwidth today to look at this further. Let me know when you find a solution.

One of the main points of the hosts file entries is not to look at the open sewer that is social media. YouTube is one of the worst examples. It stokes division with fake news and misinformation and disinformation. I won’t be looking at YouTube again anytime soon.

The topics raised in regard to this in other posts point to a solution. The ability to filter the webs content. A shift to the user and client being in control of interaction with web content not the server and owner originator.

I will attempt to put aside some time to work through the documentation. To that end I may look at any YouTube imbedded videos.

The open sewer that is twitter and its effluent content unfortunately continues to flow into view.

New message from hosts file entry. First time this has been shown.

No internet connection
Please check your connection and try again.

This is a hosts file entry for a news organisation. The entry was not added today so may have been in hosts file for a few days or a week or more.

brave://net-internals/#dns
Resolved IP addresses of “www.cbsnews.com”: [“127.0.0.1”].
No data on which protocols are supported.

Please note. This is not to single out CBS. Many other household name news organisations have been added to the hosts file as a localhost loopback.

For example inter alia;

www.aljazeera.com
www.bbc.com
www.channel4.com
www.channelnewsasia.com
www.foxnews.com
www.rt.com

all return.

ERR_CONNECTION_REFUSED

The internet connection though remains connected and secured.

FYI. Twitter still loading.

That is interesting but getting the behavior seen in DevTools would be very informative.

Another thing might be to see if the issue occurs if you create a new profile and try it in that profile. (Make sure your original profile does not have any open windows; only the new profile should be open.) Creating and testing a new profile will not affect your original/existing profile(s).

Does this happen with Chrome? Firefox? Chromium? Any other browsers on the system?

1 Check other browsers.
2 Will try new profile for Brave.
3 Then work on documentation.

Microsoft Edge
Version 110.0.1587.46 (Official build) (64-bit)

https://twitter.com
ERR_FAILED

https://twitter.com/?lang=en-gb
ERR_CONNECTION_REFUSED

https://www.cbsnews.com/
Same result as Brave
No internet connection
Please check your connection and try again.

Firefrox
110.0 (64-bit)

https://twitter.com
https://twitter.com/?lang=en-gb
https://www.cbsnews.com/
Unable to connect

An error occurred during a connection to twitter.com.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.

Opera
Version:95.0.4635.46
Opera is up to date
Update stream:Stable
System:Windows 10 64-bit
Chromium version:109.0.5414.120

https://twitter.com
ERR_FAILED

https://twitter.com/?lang=en-gb
https://www.cbsnews.com
ERR_CONNECTION_REFUSED

https://twitter.com
https://twitter.com/?lang=en-gb
http://www.cbsnews.com
ERR_CONNECTION_REFUSED

2023-02-16T00:00:00Z
Brave
Current profile
Before updating Brave

https://twitter.com/?lang=en-gb
ERR_CONNECTION_REFUSED

https://twitter.com/
Twitter page loads

2023-02-16T00:00:00Z
Brave
Current profile
Brave is up to date

Version 1.48.164 Chromium: 110.0.5481.100 (Official Build) (64-bit)

https://twitter.com/?lang=en-gb
ERR_CONNECTION_REFUSED

https://twitter.com/
Twitter page loads

https://www.cbsnews.com/
No internet connection
Please check your connection and try again.

Google Chrome

Chrome is up to date

Version 110.0.5481.100 (Official Build) (64-bit)

https://twitter.com/?lang=en-gb
ERR_CONNECTION_REFUSED

https://twitter.com/
ERR_FAILED

https://www.cbsnews.com/
No internet connection
Please check your connection and try again.

This starts to look like a Brave specific issue given all other browsers tested return no connection or similar.

Might this be a hard coded value somewhere in the code. Perhaps a constant, properties file entry, or maybe a conditional statement or a control flow switch statement using said value?

Edge, Opera, and Google Chrome all return.

It begins to look like it might the the ERR_FAILED exception handling. Or code execution not reaching the ERR_FAI:LD exception handling. Where other browsers return exception ERR_FAILED Brave returns the web page instead.

At least for the Twitter.com domain URI without a query string appended.
https://www.w3.org/Addressing/URL/4_URI_Recommentations.html

The query string, the question mark (“?”, ASCII 3F hex), would point to a possible URI parsing defect. Twitter URI with query string Brave behaves like other Chromium browsers.

As a specific Twitter resource like @brave with no query string

https://twitter.com/brave
Twitter page loads

As does Twitter domain default resource

https://twitter.com/
Twitter page loads

And

https://twitter.com/search?q=cheese&src=typed_query
Twitter page loads

Which is query sting appended to Twitter search resource.

And now

https://mobile.twitter.com/search
ERR_FAILED

And

https://twitter.com/login/
ERR_FAILED

And

https://twitter.com/search?q=twitter
ERR_FAILED

2023-02-16T00:00:00Z
Well done! Don’t know what changed but now

https://twitter.com/
ERR_FAILED

And

https://twitter.com/brave
ERR_FAILED

Grateful Brave now responding as expected whatever has changed.
Can you please inform what has changed?

For experimentation sake tempted, but resistant to, comment out Twitter localhost loopback in hosts file again with hash/pound sign.

Just to see if the error reoccurs. Perhaps another day.

Thank you for your help.

Brave works as expected, the problem is that you, like many people believe DNS is some kind of adblocker, when it is not, it is just resolving DNS, the ‘blocking’ part is by doing what you do, but that doesn’t mean it should work as you please only because you made a change. That’s not what DNS resolvers are suppose to do, especially in browsers… or better say Brave, which even has its own DNS resolver.

I would first ask, why do you need to change hosts file? You can already use (like I told you many weeks ago) Brave adblocker with ||twitter.com^$document or ||twitter.com^ to block domains that way. In fact, the way Brave works is better because it sees the URL and doesn’t even try to resolve the site, Brave adblocker will block it before that, you won’t even see a request in DNS server logs.

But you should understand how DNS works, which is the point of my comment.
Only because because you do ipconfig /flushdns and you clear the DNS in brave://net-internals/#dns doesn’t mean you can just go to the site you already accessed and somehow the browser will not be resolved, and pretend there are not caches in place and all that.

When you do a DNS change, you pretty much have to go a ipconfig /release and ipconfig /renew or restart your browser to make it work. In sites like Twitter, even if the nothing gets resolved after that, you should even take into account Browser storages, where pages or scripts or images will get caches so they don’t get downloaded eveytime you go to a websites.

The reason why other browsers worked is because, I suppose, the fact that they don’t have a DNS resolver like Brave does probably makes them easier for a DNS change, but also, you probably opened them after you made the hosts changes.

Did you visit Twitter before doing DNS changes in those browsers? Because like I said, you have to take into account also the Browser storages, cache, service workers, and ect etc.
If you visited a page, elements will be cached and only because you change DNS doesn’t mean somehow the already downloaded elements will not be fetched from the disk, which is a problem some people don’t understand sometimes when making changes to DNS, they expect everything to get blocked and that’s not how it works, because it is not meant to do that, especially on Windows where DNS is managed by a service and one which is not even possible to disable by normal methods.

For twitter, pretty much you have to clear DNS, do the ipconfig release/renew and then clear the browser’s storage for Twitter either by going to brave://settings/content/all or Devtools -> application -> Storage and then click "clear site data" If not the site will still load from the “ServiceWorkers” which you can see in Devtools Network tab, but it will not really work because all it is doing is fetching files from it so it looks like it loaded and got ‘resolved’ but no.
It’s the browser doing cache things.

Thanks for that.

It would be good to have some Brave documentation regarding this topic. Let me know when it has been completed and post the link to this thread please.

For completeness. Things that changed, the delta, exploring this issue.

1 Troubleshooting problem with @JimB1, see thread contents above, including inter alia; Brave settings changes, close Brave, cmd ipconfig/flushdns, reboot,
2 Brave version update, see updated version below.
3 Windows OS, auto reboot. But winver seems to report same OS version.

Soon after Brave update yesterday the issue seems to have been remediated but likely not solved. The behaviour expected, hosts file localhost loopback 127.0.0.1 entries, blocking access to web domains was working as expected last night and continues this morning. But there continue to be inconsistencies in exception error messages and other response types,

https://twitter.com/
https://twitter.com/brave
https://mobile.twitter.com/
https://twitter.com/search?q=cheese&src=typed_query
ERR_FAILED

https://twitter.com/?lang=en-gb
ERR_CONNECTION_REFUSED

https://www.cbsnews.com/
No internet connection
Please check your connection and try again

Note. See thread above for screen grab image.

https://inews.co.uk/
You’re currently offline.
Please check your network connection and try again

image759×464 13.8 KB

https://www.aljazeera.com/
https://www.bbc.com/
https://www.bbc.co.uk/
https://www.channel4.com/
https://www.channelnewsasia.com/
https://www.foxnews.com/
https://www.rt.com/
ERR_CONNECTION_REFUSED

Have not been able to reproduce the DNS_PROBE_POSSIBLE response. This might be due to not doing exhaustive testing of all entries in the hosts file that may have caused the initial exception being thrown. The delta caused by changes to Brave settings while trouble shooting, Brave version update, and Windows auto reboot causing other unknown ecosystem changes.
DNS_PROBE_POSSIBLE

There have been a number of other posts which raise the hosts file issues. Not sure how to quantify exactly how many, someone with more expertise in the desktop support ticketing system might be able to collate a complete listing. Adding a list of links to past hosts file support requests to this thread would help consolidate that view.

Release Notes v1.48.164 (Feb 15, 2023)

• Upgraded Chromium to 110.0.5481.100. (#28515) (Changelog for 110.0.5481.100)

Microsoft Windows [Version 10.0.19045.2604]
(c) Microsoft Corporation. All rights reserved.

A Brave documentation view of this topic would be good as mentioned in other places in this thread. Brave having its own DNS resolver, as mentioned by @anon57438784 , adds a further layer of complexity to an already complex set of ecosystem dependencies. Dependencies including caches of different types amongst other things.

Additional information

C:\Users\yorke>ping twitter.com

Pinging twitter.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

brave://net-internals/#dns
DNS lookup
Resolved IP addresses of “twitter.com”: [“127.0.0.1”].
No data on which protocols are supported.

C:\Users\yorke>ping www.cbsnews.com

Pinging www.cbsnews.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

brave://net-internals/#dns
Resolved IP addresses of “www.cbsnews.com”: [“127.0.0.1”].
No data on which protocols are supported.

C:\Users\yorke>ping www.aljazeera.com

Pinging www.aljazeera.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

brave://net-internals/#dns
Resolved IP addresses of “www.aljazeera.com”: [“127.0.0.1”].
No data on which protocols are supported.

Control

C:\Users\yorke>ping brave.com

Pinging brave.com [2600:9000:23d3:3c00:6:d0d2:780:93a1] with 32 bytes of data:
Reply from 2600:9000:23d3:3c00:6:d0d2:780:93a1: time=8ms
Reply from 2600:9000:23d3:3c00:6:d0d2:780:93a1: time=10ms
Reply from 2600:9000:23d3:3c00:6:d0d2:780:93a1: time=9ms
Reply from 2600:9000:23d3:3c00:6:d0d2:780:93a1: time=8ms

Ping statistics for 2600:9000:23d3:3c00:6:d0d2:780:93a1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 10ms, Average = 8ms

brave://net-internals/#dns
Resolved IP addresses of “brave.com”: [“2600:9000:23d3:5800:6:d0d2:780:93a1”,“2600:9000:23d3:f600:6:d0d2:780:93a1”,“2600:9000:23d3:6200:6:d0d2:780:93a1”,“2600:9000:23d3:8800:6:d0d2:780:93a1”,“2600:9000:23d3:d600:6:d0d2:780:93a1”,“2600:9000:23d3:3a00:6:d0d2:780:93a1”,“2600:9000:23d3:8600:6:d0d2:780:93a1”,“2600:9000:23d3:be00:6:d0d2:780:93a1”,“18.165.201.103”,“18.165.201.50”,“18.165.201.2”,“18.165.201.43”].
No data on which protocols are supported.