Connections to HTTP, HTTPS or FTP servers on ports 5060 or 5061 will fail. This is a mitigation for the slipstream attack: https://samy.pl/slipstream/. It helps developers by keeping the web platform safe for users.
Safari, Firefox and Chrome have coordinated to fix this issue, so interoperability risk is small. Existing web servers on ports 5060 and 5061 will no longer be accessible. Since it is not common practice to run servers on these ports, the impact is expected to be small.
This is a mitigation for a known attack. The underlying issue of NAT devices being tricked into creating port forwards cannot be fixed in the browser. WebRTC-related vulnerabilities are being addressed separately.
All Blink platforms use the same network stack where this is implemented.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAC_ixdwFas33EZ%2BgNcko-NoQi5aTwEZ-CVJOvb9jKEtC%3D5RR-w%40mail.gmail.com.