mdns-discovery-proxy
private-network-access | mdns-discovery-proxy | |
---|---|---|
14 | 2 | |
50 | 2 | |
- | - | |
7.5 | 0.0 | |
3 days ago | over 2 years ago | |
HTML | Python | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
private-network-access
-
Why does server exit with body over certain length?
// man getsockname // Get client address int sockn = getsockname(request, (struct sockaddr*)&client_addr, (socklen_t*)&client_addrlen); if (sockn < 0) { JS_ThrowInternalError(ctx, "server error (getsockname): %s", strerror(errno)); continue; } char buffer[BUFFER_SIZE]; // man 2 read // Read from the socket int readable = read(request, buffer, BUFFER_SIZE); if (readable < 0) { JS_ThrowInternalError(ctx, "server error (read): %s", strerror(errno)); continue; } // man sscanf // man inet_ntoa // man ntohs // Read the request char method[128], uri[128], version[128]; sscanf(buffer, "%s %s %s", method, uri, version); // ... if (!strcmp(method, "QUERY") || !strcmp(method, "POST")) { // https://developer.chrome.com/blog/private-network-access-preflight/ // https://wicg.github.io/local-network-access/ char response[] = "HTTP/1.1 200 OK\r\n" "Server: webserver-c\r\n" "Cross-Origin-Opener-Policy: unsafe-none\r\n" "Connection: keepalive\r\n" "Cross-Origin-Embedder-Policy: unsafe-none\r\n" "Access-Control-Allow-Headers: cache-control\r\n" "Access-Control-Allow-Methods: OPTIONS,POST,GET,HEAD,QUERY\r\n" "Access-Control-Allow-Credentials: true\r\n" "Cache-Control: no-store\r\n" "Access-Control-Allow-Origin: *\r\n" "Content-type: text/plain\r\n" "Access-Control-Allow-Private-Network: true\r\n\r\n"; char* body_signal = strstr(buffer, "\r\n\r\n"); char* body = body_signal + 4; status(ctx, argv[1], body); uint8_t writable[65536]; int writer = write(request, response, strlen(response)); if (writer < 0) { return JS_ThrowInternalError(ctx, "server error (write): %s", strerror(errno)); } // man popen FILE* pipe = popen(body, "r"); if (pipe == NULL) { return JS_ThrowInternalError(ctx, "server error (popen): %s", strerror(errno)); } for (;;) { // man fread size_t count = fread(writable, 1, sizeof(writable), pipe); int stream = write(request, writable, count); if (stream < 0 || count == 0) { // man pclose pclose(pipe); status(ctx, argv[1], "aborted"); break; } } close(request); for (int i = 0; i < sizeof(buffer) - 1; i++) { buffer[i] = '\0'; }
-
Basic HTML/JS page is able to access a webservice on my intranet, when run locally - but is unable to access my web-service when hosted as a static S3 bucket site.
Because browsers make a distinction between private networks and public networks.
-
Chrome v107 (Releasing 10/25) Impact on Contact Center Applications
Has anyone done any testing/mitigation in regards to Chrome v107 and Cisco UC/CCE applications in regards to the Private Network Access changes?
- Private Network Access web standard
- Private Network Access Specification
-
LAN-port-scan forbidder, browser addon to protect private network
See also: https://wicg.github.io/private-network-access/
-
What does 2022 have in store for cybersecurity and cloud security specialists?
Browser are also working to add IE6's zones* feature back in: https://wicg.github.io/private-network-access/
* I'm not actually sure if that did anything regarding cross-zone requests or if it was just "yeah, ActiveX is totally super-fine with me, as long as it comes from a trusted zone".
- Private Network Access
-
Chrome may start restricting requests to private networks
Yes. It's in the doc: https://wicg.github.io/private-network-access/
Of course one obvious workaround is to misconfigure your router to allocate from a non-private but unused/reserved address space. That way your internal network is also on the "outside".
mdns-discovery-proxy
-
Chrome may start restricting requests to private networks
> Since there's still no mdns (resolution of .local domains) in android nor in chromium despite long standing feature requests…
If you run your own DNS resolver for your local network, you can use a Discovery Proxy (RFC 8766) to allow unicast DNS resolution of multicast DNS records. I'm using mdns-discovery-proxy[0] (slightly modified to support a newer version of the zeroconf Python library) with a forward-only zone rule in bind9 so that xyz.local is mirrored in unicast DNS as xyz.home.arpa. The latter address will work for any program on the network regardless of mDNS support.
[0] https://github.com/nybble41/mdns-discovery-proxy
- IPv6 Progress Top Sites 2021
What are some alternatives?
neocities - Neocities.org - the web site. The entire thing. Yep, we're completely open source.
filter-lists - Additional Filters for AdGuard on iOS and uBlock Origin on Google Chrome
acme.sh - A pure Unix shell script implementing ACME client protocol
filter-lists - Personal uBO filter lists
Node RED - Low-code programming for event-driven applications
LAN-port-scan-forbidder - Forbid untrusted webs to access localhost or LAN. An anti-scan protection 🛡️🏡
webserver-c - A simple HTTP webserver written in C.
node-red-contrib-sqlstring - Format SQL-Queries to avoid SQL-Injections - For Node-RED
enso - Hybrid visual and textual functional programming.