← Back to release summary

Local network access restrictions for WebSockets

Category

Security

Type

New or changed feature

Status

Proposed (Chrome Proposed)

Intent stage

None

Summary

Local Network Access(LNA) restrictions are being expanded to include WebSockets. WebSockets connections to local address will now start triggering permission prompts. All of the current LNA enterprise policies will still apply to the LNA WebSockets restrictions (LocalNetworkAccessAllowedForUrls, LocalNetworkAccessBlockedForUrls, and LocalNetworkAccessRestrictionsTemporaryOptOut). More information about LNA can be found at https://developer.chrome.com/blog/local-network-access

Motivation

Local WebSockets connections are subject to many of the same attacks that the original LNA proposal are designed to solve. This would add the same controls that were implemented in the original LNA proposal to WebSockets

Standards & signals

• Specification: https://wicg.github.io/local-network-access/#integration-with-websockets
• Firefox: No signal
• Safari: No signal
• Web developers: No signals
• Tracking bug: https://crbug.com/421156866

Samples: https://lna-testing.notyetsecure.com

Explainers: https://github.com/WICG/local-network-access/blob/main/explainer.md#websockets

View on chromestatus.com