Open Bug 1481298 (local-network-access) Opened 7 years ago Updated 3 hours ago

[meta] Local Network Access

Categories

(Core :: DOM: Networking, enhancement, P5)

Product:
Core
Component:
DOM: Networking
Type:
enhancement

Tracking

()

Tracking Flags:
Tracking Status
relnote-firefox --- 147+

People

(Reporter: mrbkap, Unassigned)

References

(Depends on 21 open bugs, Blocks 1 open bug,
URL
)

Details

(Keywords: meta, Whiteboard: [necko-triaged])

Bug 1475445 was filed because there's a mochitest testing that we have an implementation of [1]. We don't seem to implement it and I can't find an existing bug on file to do so. Anne, Is this something we want to do? [1] https://wicg.github.io/cors-rfc1918/
Flags: needinfo?(annevk)
I'm not sure, I don't think we've really discussed it thus far. It seems reasonable, if Chrome can somehow prove it to work, but there's a lot of legacy local network hardware that'd be impacted as I understand it. Maybe mt has thoughts?
Flags: needinfo?(annevk) → needinfo?(martin.thomson)
The operating principle here is that "local" things might somehow use the fact that a client is also local to privilege that client. That is, a server might use the fact a client is on the local network or local link to somehow authorize that client. This is reasonable on the face of it, and the increase in complexity for fetch is minor. However, I think that it creates the wrong incentives. We've been very careful to tell people not to use access to a network as a signal like this. That is, we tell people that they need to implement good access control, no matter what they assume about their network environment (if a browser is deployed to that network, imagine what else could be there!). Implementing a feature like this would - at some level - legitimize bad practice. We have also left bug 354493 unfixed for a very long time now (this spec is mentioned there). The last attempt bounced four years ago. This is a less disruptive change, but I suspect that it will still cause breakage. mcmanus might know more.
Flags: needinfo?(martin.thomson)
See Also: → 354493
Priority: -- → P5
Component: DOM → DOM: Core & HTML
Component: DOM: Core & HTML → DOM: Networking
Whiteboard: [necko-triaged]
URL: https://wicg.github.io/private-networ...
See Also: → https://github.com/mozilla/standards-positions/issues/143
Summary: Do something with CORS rfc 1918 → Do something with Private Network Access
See Also: → 1607494, CVE-2019-17026, 1608102
Depends on: utility-process
Blocks: 354493
Alias: private-network-access
Blocks: 1731778
No longer depends on: utility-process
No longer blocks: 1731778
Severity: normal → S3
Alias: private-network-access → local-network-access
URL: https://wicg.github.io/private-networ...https://wicg.github.io/local-network-...
Keywords: meta
Summary: Do something with Private Network Access → [meta] Local Network Access
Duplicate of this bug: 1640449
Depends on: 1842593

Update: This feature is on the Necko roadmap. We will probably schedule some implementation effort in 2024.

Alias: local-network-access → private-network-access
URL: https://wicg.github.io/local-network-...https://wicg.github.io/private-networ...
Summary: [meta] Local Network Access → [meta] Private Network Access
Duplicate of this bug: 1870605
No longer duplicate of this bug: 1870605
Summary: [meta] Private Network Access → [meta] (Local) Private Network Access
Duplicate of this bug: 1910935
No longer duplicate of this bug: 1910935
Depends on: 1937486
Depends on: 1937493
Depends on: 1937496
Depends on: 1937501
Depends on: 1937504
Depends on: 1944548
Alias: private-network-access → local-network-access
Summary: [meta] (Local) Private Network Access → [meta] Local Network Access

Google is not implementing private-network-access.
Instead, they are planning permission based local network access.
Our implementation will follow a similar approach.

No longer depends on: 1937504
Depends on: 1960616
Depends on: 1960630
Depends on: 1960640
No longer depends on: 1937493
No longer depends on: 1937496
Depends on: 1969916

See https://localmess.github.io/ why this is a priority.

Depends on: 1971096
Depends on: 1971290
Depends on: 1974029
Depends on: 1974457
Depends on: 1974504
Depends on: 1980302
Depends on: 1981514
Depends on: 1982645
Depends on: 1983386
Depends on: 1984089
Depends on: 1984105
No longer depends on: 1981514
Depends on: 1984359
Depends on: 1984023
Depends on: 1986098
No longer blocks: 1910935
URL: https://wicg.github.io/private-networ...https://wicg.github.io/local-network-...
No longer depends on: 1937501
See Also: 354493
Depends on: 1988152
Depends on: 1988278
Depends on: 1988693
Depends on: 1989004
Depends on: 1989873
Depends on: 1991917
Depends on: 1992180
Depends on: 1993708
Depends on: 1993938
Depends on: 1994288
Depends on: 1996551
Depends on: 1997694
Depends on: lna-allow-list
Depends on: 2002648
Depends on: 2002810
Depends on: 2003559
Depends on: 1980697
Depends on: 2005990
Depends on: 2007599
Depends on: 2008859

Ryan we will be enabling this feature gradually via nimbus experiment to firefox users having etp strict enabled in 147.
Confirming with you if we need to mention this in the release notes.
Release Note Request (optional, but appreciated)
[Why is this notable]: Our users will see a new permission prompt
[Affects Firefox for Android]: No
[Suggested wording]: Starting with Firefox 147, users with Enhanced Tracking Protection (ETP) set to Strict will have local network access restrictions enabled by default. Firefox will prompt users to explicitly allow public websites to access local network resources.

relnote-firefox: --- → ?
Flags: needinfo?(ryanvm)
relnote-firefox: ?147+
Flags: needinfo?(ryanvm)
Depends on: 2014694
Depends on: 2017207
Depends on: 2017249
Depends on: 2017712
Depends on: 2017732
Duplicate of this bug: 2016976
Depends on: 2030990
You need to log in before you can comment on or make changes to this bug.