Intent to Ship: Block HTTP(s) requests to SIP ports 5060, 5061

244 views
Skip to first unread message

Frederik Braun

unread,
Nov 3, 2020, 3:55:52 AM11/3/20
to dev-platform
Hi,


Summary: Adding ports 5060,5061 to the existing list of blocked ports

The intent for this block is to stop the specific attack of "NAT
slipstreaming". We acknowledge that this stops an instance of the attack
rather than solving the problem, which will happen later.


Bug: 1674735

Standard: If all goes well, this will be in fetch
<https://github.com/whatwg/fetch/issues/1108>

Platform coverage: on all paltforms

Preference: We can revert this using the existing
network.security.ports.banned.override pref

DevTools bug: N/A

Other browsers: No public signs yet, expecting feedback in the fetch
issue linked above.

web-platform-tests: Existing wpt are being updated as part of this commit


Thanks,
Freddy
Reply all
Reply to author
Forward
0 new messages