Connections to HTTP, HTTPS or FTP servers of ports 989 and 990 will fail. These ports are used by the FTPS protocol, which has never been implemented in Chrome. However, FTPS servers can be attacked in a cross-protocol attack by malicious web pages using carefully-crafted HTTPS requests. This is a mitigation for the ALPACA attack. See https://alpaca-attack.com/.

Specification

Specification link


Unknown standards status - check spec link for status

Status in Chromium

Internals>Network


Enabled by default

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • Shipped/Shipping
  • No signal
  • No signal
  • Mixed signals

Owner

Comments

Ports were added in PR https://github.com/whatwg/fetch/pull/1250.

Last updated on 2021-09-16