The company I work for has a legitimate service that runs on the loopback (it provides our web apps APIs for some device integration) hopefully its just as simple as the user accepting the prompt else we'll be drowning in support.
We had to go the path of the local service because they killed NPAPI. I've been thinking about using web serial as an alternative but Firefox doesn't support it.
That being said, I think this is an overall win, hopefully Firefox implements it in a consistent manner as well.
It would be the job of the operating system to give or take away the ability of your browser to access your local network. But you can run your browser in a container/vm and disable localhost. (And use a separate browser for localhost only if you need it.)
Chrome is already in the process of killing it https://developer.chrome.com/blog/local-network-access
The company I work for has a legitimate service that runs on the loopback (it provides our web apps APIs for some device integration) hopefully its just as simple as the user accepting the prompt else we'll be drowning in support. We had to go the path of the local service because they killed NPAPI. I've been thinking about using web serial as an alternative but Firefox doesn't support it.
That being said, I think this is an overall win, hopefully Firefox implements it in a consistent manner as well.
How is your company's service started on the loopback interface? You bundle a web server that is installed alongside a native app?
2 replies →
Enable "Block Outsider Intrusion into LAN" filter list in uBlock Origin.
Thank you!
You should actually harden your browser or PC... to block any unwanted requests. Apparently some browser extensions can do that.
It would be the job of the operating system to give or take away the ability of your browser to access your local network. But you can run your browser in a container/vm and disable localhost. (And use a separate browser for localhost only if you need it.)