0xRustlang
commented
3 years ago Or if it is hard to do this in webview, at least please look into adding an option to completely block access to LAN IPs from browser so we can enable it and if we needed to access LAN, we can temporarily disable it.
Also same with localhost will be great.
Thank you very much.
Currently i can block access completely in firefox using ublock origin's advanced mode with these rules.
- 127.0.0.1 * block
- 192.168.0.x * block
- 192.168.1.x * block
- 192.168.43.x * block
Although these addresses only blocks access to my router web panel.
CookieJarApps
stale[bot]
please add an option to completely block access of any third party website to LAN
Also chrome is trying to add it in their browser (now they added the option to block access from insecure website
As recent malicious activities against router login pages that are exist for several years this optional option will be great.
Also an option to block localhost also will be great addition.
Thanks.
more sources: https://blog.nem.ec/2020/05/24/ebay-port-scanning
https://www.ghacks.net/2020/05/25/ebay-is-port-scanning-your-system-when-you-load-the-webpage/?amp
https://security.stackexchange.com/questions/177486/can-websites-access-computers-in-lan-localhost-through-browser-how-to-block-th
https://github.com/uBlockOrigin/uBlock-issues/issues/1070
Block insecure private network requests.
Prevents non-secure contexts from making sub-resource requests to more-private IP addresses. An IP address IP1 is more private than IP2 if 1) IP1 is localhost and IP2 is not, or 2) IP1 is private and IP2 is public.
"This is a first step towards full enforcement of CORS-RFC1918: https://wicg.github.io/cors-rfc1918"
Thank you very much