Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
CORS-RFC1918 Support
See original GitHub issueIs your feature request related to a problem? Please describe. I’ve not seen this mentioned before (apologies if it has come up).
Chrome will soon implement this and block any public to private requests (public domain to 127.0.0.1).
See https://chromestatus.com/feature/5436853517811712
Describe the solution you’d like Update the cors package / add an option directly in the socket.io constructor to set the new CORS header. https://wicg.github.io/private-network-access/#headers
Describe alternatives you’ve considered I could host a centralized server, but I’d rather not do this for my users.
Additional context
Chrome’s current warning message
This now appears in chrome:
[Deprecation] The website requested a subresource from a network that it could only access because of its users' privileged network position. These requests expose non-public devices and servers to the internet, increasing the risk of a cross-site request forgery (CSRF) attack, and/or information leakage. To mitigate these risks, Chrome deprecates requests to non-public subresources when initiated from non-secure contexts, and will start blocking them in Chrome 92 (July 2021). See https://chromestatus.com/feature/5436853517811712 for more details.
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Of course, my apologies! Will do now!
Closed due to inactivity, please reopen if needed.