250339 – Local Network Access: Apply Secure Context Restriction to private IPv6 address space

Bug 250339 - Local Network Access: Apply Secure Context Restriction to private IPv6 address space

Summary: Local Network Access: Apply Secure Context Restriction to private IPv6 addres...

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:	250607
	Show dependency tree / graph

Reported:	2023-01-09 14:30 PST by Ryan Reno
Modified:	2023-01-18 13:09 PST (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ryan Reno 2023-01-09 14:30:08 PST

We don't presently or as of webkit.org/b/250330 block non-secure public contexts from accessing resources in the IPv6 private address space. We only check against private IPv4 addresses.

Comment 1 Radar WebKit Bug Importer 2023-01-09 14:30:50 PST

<rdar://problem/104045830>