Oops, yes fixed. Thanks for catching that!
On Mon, Sep 8, 2025 at 10:20 AM Mike Taylor <miketa...@chromium.org> wrote: > On 9/4/25 3:23 p.m., Chromestatus wrote: > > Contact emails hc...@chromium.org > > Explainer > https://github.com/WICG/local-network-access/blob/main/explainer.md#websockets > > Specification None > > Summary > > Restricts the ability to make requests to the user's local network using > WebRTC, gated behind a permission prompt. A local network request is any > request from a public website to a local IP address or loopback, or from a > local website (e.g. intranet) to loopback. Gating the ability for websites > to perform these requests behind a permission reduces the ability of sites > to use these requests to fingerprint the user's local network. This > permission is restricted to secure contexts. This work is adding to the > Local Network Access Restrictions work here: > https://chromestatus.com/feature/5152728072060928 > > I assume the mention of WebRTC here is a typo. Could we update the > Chromestatus to mention WebSockets instead? > > > > Blink component Blink>SecurityFeature>LocalNetworkAccess > <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3ESecurityFeature%3ELocalNetworkAccess%22> > > Motivation > > Local WebSockets connections are subject to many of the same attacks that > the original LNA proposal are designed to solve. This would add the same > controls that were implemented in the original LNA proposal to WebSockets > > > Initial public proposal None > > TAG review None > > TAG review status Pending > > Risks > > > Interoperability and Compatibility > > None > > > *Gecko*: No signal > > *WebKit*: No signal > > *Web developers*: No signals > > *Other signals*: > > WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > None > > > Debuggability > > None > > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ? No > > Flag name on about://flags None > > Finch feature name LocalNetworkAccessChecksWebSockets > > Requires code in //chrome? False > > Tracking bug https://crbug.com/421156866 > > Estimated milestones > > No milestones specified > > > Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5197681148428288?gate=5182539509661696 > > This intent message was generated by Chrome Platform Status > <https://chromestatus.com>. > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/68b9e717.050a0220.3291f8.09fe.GAE%40google.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/68b9e717.050a0220.3291f8.09fe.GAE%40google.com?utm_medium=email&utm_source=footer> > . > > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHEiSH08P%2B%3DqN3ncrLK98AsjDvMa8_qjvyaSKWqz1Lk5z6oDHA%40mail.gmail.com.
