-
Notifications
You must be signed in to change notification settings - Fork 15k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: suppress insecure resource warning for more local hostnames #30885
Conversation
const isLocal = (url: URL): boolean => | ||
['localhost', '127.0.0.1', '[::1]', ''].includes(url.hostname); | ||
const isInsecure = (url: URL): boolean => | ||
['http:', 'ftp:'].includes(url.protocol) && !isLocal(url); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ftp
urls will no longer resolve in main since #30503 :)
https://bugs.chromium.org/p/chromium/issues/detail?id=333943
No Release Notes |
I have automatically backported this PR to "13-x-y", please check out #31035 |
I have automatically backported this PR to "15-x-y", please check out #31036 |
I have automatically backported this PR to "14-x-y", please check out #31037 |
Description of Change
Suppress security warnings for 127.0.0.1, [::1] and about:blank in addition to
'localhost'. Closes #30880.
Checklist
npm test
passesRelease Notes
Notes: none