is there any chance to disable the complete ban for RFC1918 addresses, aka local?
FFX at least gives an option button to “go ahead on my own risk”. Brave doesn’t.
As an AV-Systems Integrator I have to commission/configure new gear constantly which currently cannot be done with Brave. I have to divert to FFX which warns but at least gives the option to proceed loading the page.
For RFC1918 addresses this is totally fine.
And it doesn’t make any sense to import the invalid device cert just to be able to configure it, update the cert etc.
Attackers might be trying to steal your information from **192.168.0.116** (for example, passwords, messages, or credit cards).
NET::ERR_CERT_INVALID
For sure there are no hackers wanting to steal my data when connecting to a local host. Or I’d have other problems if there were…
We block localhost/127.0.0.1 requests from 3rd parties by default (defeats port scans by websites). Blocking other ip’s may cause issues? but they would still need to get past the localhost block first to get further access
What does localhost have to do with RFC1918 which is by definition:
10.0.0.0 /8 and
172.16.0.0 /12 and
192.168.0.0 /16
only.
Blocking is not the issue, not being able to view a locally hosted page (usually on a new device) is the problem. Because of an invalid certificate. And to correct this I need to login to the WebUI of the device in question but Brave holds me back. Why?
Maybe I’m just on the wrong playground.
What does Adblocking have to do with an invalid certificate?
Can you please point me to a more appropriate place to ask this question or hand this over to someone with knowledge about certificate problems. Thank you!
We don’t modify any cert changes/requirements (or ip) from Chrome/Chromium. For security, any fixes regarding something like this would come from them directly.