Body
Starting with Chrome version 142, Google has introduced a Local Network Access (LNA) permission prompt. This means that websites trying to connect to devices on your home or office network, like printers, routers, or smart devices, will now ask for your permission first. This change helps protect you from security risks like cross-site request forgery (CSRF) and prevents websites from identifying your network setup without your knowledge. More info is available at https://developer.chrome.com/blog/local-network-access.
What You’ll See
When a website tries to connect to a local device, Chrome will show a prompt like: "Look for and connect to any device on your local network."
You can choose to Allow or Block the request.
Why It Matters
Many websites and apps, especially those used for setting up smart devices or accessing local services, need to talk to devices on your network. This new permission ensures that you stay in control of which sites can do that.
This issue directly affects applications like Box Tools that rely on local network access to interact with desktop environments or local devices. Users may experience blocked connections or failed operations when accessing local resources from web-based interfaces. To ensure continued functionality, administrators should verify that the affected services are served over HTTPS, configure appropriate CORS headers and, if necessary, implement a Permissions Policy header to explicitly allow local network access from trusted origins.
What You Need to Do
If You Trust the Site:
- Click Allow when prompted.
- This gives the site permission to connect to your local devices.
If You Don’t Recognize the Site:
- Click Block to deny access.
- This helps protect your network from unwanted or suspicious activity.
Tips for Smooth Experience
- Use Chrome in Secure Mode: Make sure the website is using HTTPS (secure connection). Chrome only allows local network access from secure sites.
- Look for .local or IP addresses: Sites using addresses like 192.168.x.x or router.local are usually trying to reach devices on your network.
- Don’t worry about mixed content warnings: Chrome now allows these local requests even if they’re not secure, as long as it knows they’re going to your local network.
Want to Test It?
You can try it out yourself:
1. Open Chrome.
2. Go to chrome://flags/#local-network-access-check.
3. Set it to “Enabled (Blocking)”.
4. Visit https://lna-testing.notyetsecure.com/ to see how the permission prompt works.
For Work or School Devices
If you're using a managed device (like one from your campus unit), your IT team may control which sites are allowed to access your local network. You might not see the prompt at all if the permission is pre-approved or blocked.
Feedback
If you use websites that connect to local devices and something isn’t working, let the site’s support team know. They may need to update their site to work with Chrome’s new permission system.