Connections to HTTP, HTTPS or FTP servers on port 554 will fail. This is a mitigation for the NAT Slipstream 2.0 attack. It helps developers by keeping the web platform safe for users. Chrome briefly blocked port 554 before, but it was unblocked due to complaints from enterprise users. However, we have now achieved rough consensus at https://github.com/whatwg/fetch/pull/1148 to block 554.
Firefox and Safari are already blocking this port, so interoperability risk is not significant. This will inescapably cause problems for developers running servers on port 554. They will have to move to a different port. We strongly recommend using port 80 for HTTP and 443 for HTTPS to avoid the risk of future blocks.
No impact.
None needed.
This is a security improvement. The main risk is that we will have to block more ports in future.
Not needed.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAC_ixdyV8TjpkrsvL8dkBb-5N0aOE5sUcnVjvhWz%3DuWjZi1JkA%40mail.gmail.com.
LGTM2
Not 100% happy about the enterprise situation, but considering
the security implications of keeping it open and that the port is
already blocked in other browsers, I'm ok with it.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALjhuidC_qGPLiutomRqhg%3Dkti0wyP84QZ8fmHmKM68B1iajog%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/e9da9280-f385-0c7f-c7e1-42947f10d00a%40gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CACj%3DBEiYzqAT13x%3DFGgGc9FazJRb%3DyDW%3D1j_UBiEGJ3VdL%3DzyA%40mail.gmail.com.