
Chrome: CORS restrictions on internet-to-intranet connections - zspitzer
https://www.chromestatus.com/feature/5733828735795200
======
zspitzer
Firefox was also working on this problem, but progress seems to have stalled
since mid 2014

Mitigate CSRF attacks against internal networks (block rfc 1918 local
addresses from non-local addresses)
[https://bugzilla.mozilla.org/show_bug.cgi?id=354493](https://bugzilla.mozilla.org/show_bug.cgi?id=354493)

