Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Other internal ranges: Agreed. We should probably put a formal list somewhere (maybe on webhooks.org) that all developers can refer to. Of course, there may be times when you do want internal targets to work as well. I want to say the problem should be something that people in charge of operations need to be aware of, and webhook-sending apps need configuration options to specify ranges. Then it's up to the expertise of the operator to make the right decisions. This doesn't feel very satisfactory though.

IPv6: Good question. I don't know enough about how it handles address spaces.



Fortunately, formally listing all of the internal IP ranges is a solved problem:

http://www.ietf.org/rfc/rfc1918.txt http://www.ietf.org/rfc/rfc4193.txt

I have a feeling that IPv6 is going to be a lot more complex than simply blocking FC00::/7. I seem to recall that one of the benefits of IPv6 was that NAT-ing would be a thing of the past and every system would have a public address.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: