'How to use no_proxy on Linux machines - wildcards, leading dots

I am puzzled by the no_proxy environment variable on Linux.

There are many instructions on the internet that show leading dots for example .localdomain.com https://stackoverflow.com/a/19719875/202576

export no_proxy="localhost,127.0.0.1,localaddress,.localdomain.com"

This example is used in relation to using wget. I can't however confirm that this works. For example on Ubuntu 18.04 I have remove the leading dot to get it to work. Note I am using a sub domain for example wget mysite.localdomain.com.

export no_proxy="localhost,127.0.0.1,localaddress,localdomain.com"

When I use a curl it will work with a leading dot.

So it seems that the way no_proxy should be configured depends on the tool? It is different for curl and wget.

Is there a convention for no_proxy that will work for all tools?

I suppose writing out each and every full domain name will work.



Solution 1:[1]

There is no standard, that I'm aware of, so what you need to set/use depends on the implementation of the tool you use. Curl will work with a leading dot as it strips it whereas wget won't work (doesn't strip it).

Read some detailed analysis at https://about.gitlab.com/blog/2021/01/27/we-need-to-talk-no-proxy/:

Excerpt from that article:

However, if there is a leading . in the no_proxy setting, the behavior varies. For example, curl and wget behave differently. curl will always strip the leading . and match against a domain suffix. This call bypasses the proxy:

$ env https_proxy=http://non.existent/ no_proxy=.gitlab.com curl https://gitlab.com
<html><body>You are being <a> href="https://about.gitlab.com/">redirected</a>.</body></html>

However, wget does not strip the leading . and performs an exact string match against a hostname. As a result, wget attempts to use a proxy if a top-level domain is used:

$ env https_proxy=http://non.existent/ no_proxy=.gitlab.com wget https://gitlab.com
Resolving non.existent (non.existent)... failed: Name or service not known.
wget: unable to resolve host address 'non.existent' ```

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Praveen Lobo