WinINet and WinHTTP IPv6 Support in Web Proxy Auto-Discovery (WPAD) scripts enabled in Windows Vista

Hi, my name is Jonathan Silvera and I am the WinINet and WinHTTP Program Manager. Today I would like to talk to you about changes we have made to add IPv6 support in the WinINet and WinHTTP WPAD helper functions.

The explosion of the Internet in the late 1990’s has caused an unexpected scarcity of IPv4 addresses, with the pool depleting on a daily basis. IPv6 provides a solution to this problem and although it is currently not widely deployed, its use will definitely become more prevalent in the future. WPAD is a protocol that allows web clients to automatically detect what the correct proxy configuration should be for their outgoing traffic. This is very useful for corporate deployments because it allows IT administrators to setup complex scripts that can route traffic for all clients to specific proxies based on the target server the clients are attempting to connect to. WinINet and WinHTTP support WPAD helper functions as defined by the Navigator Proxy Auto-Config (PAC) File Format specification, which has become a defacto standard. Unfortunately this specification was written in 1996 and does not define what the function behaviors should be when a WPAD script is deployed in an IPv6 capable network.

Here at Microsoft we are aware that IPv6 is the wave of the future and as part of a Windows wide push, we have required that all of our components support dual stack (IPv4 and IPv6) and IPv6 only networks. The first customer to approach us asking for IPv6 support in WPAD was our internal IT department after encountering issues with the IPv4 script dependency of their current deployment. When designing a solution to enable this scenario for Windows Vista, our team recognized the importance of providing a backwards compatible solution for IT administrators in order to avoid breaking the large number of existing corporate deployments with IPv4 script dependencies.

In order to meet our customer’s needs and support IPv6 without affecting existing deployment, we have added 6 new helper class functions as an extension to the Navigator Proxy Auto-Config (PAC) File Format specification and also added a new IPv6 capable function called FindProxyForURLEx that administrators can implement in the WPAD script.

New Proxy Helper API Definitons:

In order to take advantage of the IPv6 enabled functions, IT administrators must define within their WPAD script a function called FindProxyForURLEx (url, host) which will replace the legacy FindProxyForUrl (url, host) function. Only from the new FindProxyForURLEx function will administrators be able to execute the new functions.

We also attempted to simplify work for developers, by aligning our functions to return different types of IP addresses in the same order of preference as other networking components, specifically IPv6 addresses followed by IPv4 addresses (i.e. current behavior for Winsock’s getaddrinfo(..) function).

The following tables explain the differences between the new WPAD helper functions and the legacy WPAD helper functions. The new functions are marked with a *

 

Functions	Input	Output	Reason for change
sortIPAddressList*	List of IPv6/IPv4 addresses	Sorted List of IPv6/IPv4 addresseslist of IPv6/IPv4 addresses	There is no counterpart legacy function because legacy functions only returned a single IPv4 address, therefore there was no need to sort

Functions	Input	Output	Reason for change
getClientVersion*	None	WPAD engine version number	Currently this function returns version 1.0. We added this function to allow IT administrators to update their WPAD to work with different versions of the WPAD engine without causing breaks to their existent deployment.

Again, see the extension spec for more details.

We are truly proud of our work extending the Navigator Proxy Auto-Config (PAC) File Format specification to work with IPv6 addresses while ensuring backwards compatibility, as we believe these changes will prove useful current and future IPv6 users. These changes are available for WinINet/WinHTTP in Windows Vista starting in Beta 2, for WinINet on XP and Windows 2003 through IE7 starting in Beta 2 and will be available in a future release of the .Net Framework’s system.net. We would love to hear feedback from the community regarding these changes and if you are planning to deploy a WPAD script in an IPv6 network please let us know about your experience.

Thanks
-Jonathan Silvera

Comments

• Anonymous
  May 10, 2007
  PingBack from http://squidproxy.wordpress.com/2007/05/11/wpad-proxypac-and-general-proxy-autodetection/

• Anonymous
  March 31, 2008
  Hi, I have a quick question on the part that states: "IT administrators must define within their WPAD script a function called FindProxyForUrlEx (url, host) which will replace the legacy FindProxyForUrl (url, host) function"   If I just replace the legacy function in the script, wouldn't that cause non-upgraded platforms to fail?  Or do you mean to 'add' the function so WinINet/WinHTTP on Vista and Server 2008 will use that and ignore the legacy FindProxyForUrl function?  I'm assuming the latter since you've keyed in on the important topic of backwards compatibility! Thanks, Martin

• Anonymous
  March 31, 2008
  Hi, Nevermind, I just tested ADDING the FindProxyForUrlEx() function to an existing proxy.pac file.  In Vista IE7, the settings under FindProxyForUrlEx() took affect.  In XP IE6, the settings under FindProxyForUrl() took affect. Thanks, Martin

• Anonymous
  July 10, 2008
  Hi, I would like to note that case seems to matter (at least for WinINet). So, the case sensitive names of these functions appear to be: FindProxyForURLEx isResolvableEx myIpAddressEx isInNetEx sortIpAddressList Thanks, Vadasz I think I got them all fixed, Thanks -- Ari"

• Anonymous
  September 04, 2008
  And what about if Iwant to disable wpad over wininet using code.

• Anonymous
  August 15, 2010
  In IE7 and IE8, the IsPlainHostname function always returns TRUE for an IPV6 literal hostname, while it should always return false. This can be easily fixed by the proxy configuration script author by having them manually check for multiple colon characters within the hostname.

• Anonymous
  January 18, 2014
  With laptop or computer communities, a proxy server is really a server that will functions as an intermediary with regard to asks through customers seeking methods through various other hosting space. Litigant links towards the proxy server, asking for several program, for instance a report, connection, web page, as well as various other learning resource offered from a different server and the proxy server measures this demand as a way to simplify and command the difficulty. Proxies were being created to include construction and encapsulation to help spread devices.http://canadawebproxy.com