A couple of weeks ago, I have added the ports mentioned above to the
existing list of blocked ports.
The additional port blocking is in response to an improvement of last
year's "NAT slipstreaming" attack, see footnote [1] for more.
Again, we acknowledge that this stops an instance of the attack rather
than solving the problem, which will have to happen elsewhere.

This announcement was delayed for the sake of coordinated disclosure
with other vendors.

Bugs: 1677940 and 1677047

Standard: If all goes well, this will be in fetch

Platform coverage: on all paltforms

Preference: We can revert this using the existing
network.security.ports.banned.override pref

DevTools bug: N/A

Other browsers: Blink shipped

web-platform-tests: Coming.


dev-platform mailing list

Reply via email to