In MDN's proxy example, I have seen that they use 127.0.0.1:65535 as an invalid url
(link to the source):
const allow = "DIRECT";
const deny = "PROXY 127.0.0.1:65535";
...
function FindProxyForURL(url, host) {
if (blockedHosts.indexOf(host) != -1) {
browser.runtime.sendMessage(`Proxy-blocker: blocked ${url}`);
return deny;
}
return allow;
}
Is there anything special about port 65535? Is it safe to assume that no process will ever listen to that port?
In the documentation of Proxy Auto-Configuration (PAC) files, I did not see a straightforward way to block requests otherwise. For instance, there is DIRECT, PROXY, SOCKS but no REJECT or DENY. I assume that PROXY 127.0.0.1:65535 is the official way to deny requests.
Is it safe to assume that sending requests to 127.0.0.1:65535 will reject them?
Is it safe to assume that sending requests to 127.0.0.1:65535 will reject them?
No, it's not safe.
It's just the very last port on the local machine. I'm perfectly able to open it without any special privileges and send data to it.
They are simply using it as a valid address but a port that's unlikely to be used. Not the best solution, but probably good enough for example code.
There's no special stipulation and 65535 a valid port for a proxy. If you just happen to run a valid proxy there the example will fail to block.