How we built it

CORS restrictions on internet-to-intranet connections.

We'll begin requiring servers on a user's machine ( or intranet (as defined by RFC1918) to explicitly opt-in to connections originating from the public internet. Hopefully, this will mitigate the risks associated with unintentional exposure of devices and servers on a client’s internal network to the web at large.


Editor's draft

Status in Chromium

In development (launch bug)

Consensus & Standardization

  • No public signals
  • No public signals
  • No public signals
  • No signals


Last updated on 2016-02-29