HolgerJeromin
commented
2 years ago If the services are running on the same host (192.168.x.y) as the webpage everything is fine. If you access the services from another host (say a page from example.org uses resources from 192.168.x.y) the request will be rejected.
I had the situation with http://example.org fetching http://192.168.0.1 stuff. This is rejected in current chrome based browsers.
Another situation is https://example.org fetching https://192.168.0.1 stuff. This is working right now in current browsers (you need to handle tls certificates). https://192.168.0.1 fetching https://192.168.0.1 stuff should be always working. http://192.168.0.1 fetching http://192.168.0.1 stuff should be always working but with more and more ugly address bars due to missing encryption.
letitz
BenjamenMeyer
How does this effect private networks? Does one need to make policies for their networks and distribute them? Or would this not effect them at all?
I know my personal case is more unique - I run a full network at home using the 192.168.x.y address space, and host my own services. On the face of it, this sounds like it could be a big issue, but reading over it it doesn't seem to be, though it's unclear.
Note: Docker usually uses the 172.16.x.y address space on Linux so most any developer will run into some cross network situations even without VPN involved.
It would be helpful to have a small example of a situation like mine, which wouldn't be that different from most small companies BTW, to bring clarity for end users and network administrators.