webrtc-pc icon indicating copy to clipboard operation
webrtc-pc copied to clipboard

Published 20 hours ago verified publisher icon w3c

Expansion of port blocking?

Open annevk opened this issue 3 years ago • 3 comments

Per email to blink-dev it sounds like Chrome will block more ports than just those listed in Fetch:

Starting in Chrome 91, and possibly backporting into earlier versions as we verify that it doesn't break things, we intend to only permit connecting to port 443 and port numbers above 1024.

Ideally that would be tested and standardized...

annevk avatar Feb 25 '21 14:02 annevk

Note - this new restriction is for TURN servers only.

alvestrand avatar Feb 25 '21 14:02 alvestrand

Okay, so if we address #2613 I suspect this would best be done before invoking "obtain a connection" as maintaining a large blocklist that's TURN-specific in Fetch seems a tad odd. The way the failure is exposed should still be identical so we can move things around as needed.

annevk avatar Mar 17 '21 08:03 annevk

Chrome has now unblocked port 80 and port 53 as well. Apparently along with 443 these are commonly used for firewall traversal.

ricea avatar Mar 17 '21 08:03 ricea