这2天在折腾内网端口转发,frp 、ngrok,参考网上资料端口中填了一个熟悉的端口10080 ,跑起来才想起哪里不对,浏览器报错 ERR_UNSAFE_PORT,翻了一下半年前的笔记。
当时这么记录的,查看访问失败的页面,有 “ERR_UNSAFE_PORT ” 字样,这种是浏览器自身屏蔽了,这是一个特殊的端口 10080. 在 2020.11 月被 谷歌和火狐开始拦截了。
解决方法如下:
1, 不要使用这种特殊端口,修改为正常的 8080 或 80,或者大一点的端口。
2,修改浏览器不安全端口范围, 参见 https://thegeekpage.com/err-unsafe-port/
As this vulnerability only works on specific ports monitored by a router's Application Level Gateway (ALG), browser developers have been blocking vulnerable ports that do not receive a lot of traffic.
Currently, Google Chrome is blocking FTP, HTTP, and HTTPS access on ports 69, 137, 161, 554, 1719, 1720, 1723, 5060, 5061, and 6566.
Today, Google has stated that they intend to block TCP port 10080 in Chrome, which Firefox has already blocked since November 2020.
In discussions regarding whether the port should be blocked, browser developers determined that the Amanda backup software and VMWare vCenter utilize the port but would not be affected by the block.
The most concerning point regarding blocking port 10080 is that some developers may utilize it as an alternative to port 80.
本地做了几组测试,10080确实被拦截,用户换成10081或10088等非特殊端口都可以通过的,问题解决。
文章评论