218557 – Consider blocking ports 5060 and 5061

Bug 218557 - Consider blocking ports 5060 and 5061

Summary: Consider blocking ports 5060 and 5061

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Page Loading (show other bugs)
Version:	WebKit Local Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	youenn fablet

URL:
Keywords:	InRadar

Depends on:
Blocks:	218617
	Show dependency tree / graph

Reported:	2020-11-04 03:45 PST by youenn fablet
Modified:	2023-05-17 20:45 PDT (History)
CC List:	13 users (show)

See Also:

Attachments
Patch (52.68 KB, patch) 2020-11-04 05:42 PST, youenn fablet	no flags	Details \| Formatted Diff \| Diff
Patch for landing (39.85 KB, patch) 2020-11-05 08:19 PST, youenn fablet	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description youenn fablet 2020-11-04 03:45:47 PST

See https://github.com/whatwg/fetch/pull/1109 and https://bugzilla.mozilla.org/show_bug.cgi?id=1674735.

Comment 1 Radar WebKit Bug Importer 2020-11-04 03:46:14 PST

<rdar://problem/71031479>

Comment 2 youenn fablet 2020-11-04 05:42:46 PST

Created attachment 413156 [details]
Patch

Comment 3 EWS Watchlist 2020-11-04 05:43:41 PST

This patch modifies the imported WPT tests. Please ensure that any changes on the tests (not coming from a WPT import) are exported to WPT. Please see https://trac.webkit.org/wiki/WPTExportProcess

Comment 4 youenn fablet 2020-11-04 05:49:10 PST

Uploaded https://github.com/web-platform-tests/wpt/pull/26392 for the specific required changes to upstream.

Comment 5 youenn fablet 2020-11-05 08:17:46 PST

As per WPT discussion, there is hope to move to using onerror instead of throwing in constructor. This seems nicer indeed but has failed to be implemented in browsers so far.
I'll change WebSocket tests accordingly.

Comment 6 youenn fablet 2020-11-05 08:19:17 PST

Created attachment 413300 [details]
Patch for landing

Comment 7 EWS 2020-11-05 08:56:17 PST

Committed r269436: <https://trac.webkit.org/changeset/269436>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 413300 [details].

Comment 8 Hersita Keereb 2023-03-17 21:55:02 PDT Comment hidden (spam)

When it comes to safeguarding your network and data, there's no room for compromise. With the ever-evolving landscape of cyber threats, it's important to stay vigilant and consider all available options to secure your network. One such measure to consider is blocking ports 5060 and 5061, which can provide an added layer of protection against malicious attack. In this blog https://thevacuumwizard.co.uk/product-category/model/dysonv15/ post, we'll explore the implications of blocking these ports, and discuss the potential benefits and drawbacks of doing so.