🐛 BUG: Wrangler is still listening on the wildcard address even with --ip localhost #4430

Lekensteyn · 2023-11-12T12:57:30Z

Which Cloudflare product(s) does this pertain to?

Wrangler core

What version(s) of the tool(s) are you using?

3.15.0

What version of Node are you using?

21.1.0

What operating system are you using?

Mac

Describe the Bug

When running wrangler dev, a lot of services are listening on the wildcard address. On machines without a firewall that could cause unnecessarily exposure.

Ports in question:

node: port 9229 and 6284 and a random port (56547),
workerd: port 8787

$ lsof -nPiTCP -sTCP:LISTEN
COMMAND   PID USER   FD   TYPE            DEVICE SIZE/OFF NODE NAME
node    51399  pwu   33u  IPv6 0xe8478a1f17ba37f      0t0  TCP *:9229 (LISTEN)
node    51399  pwu   37u  IPv4 0xe8478b51682305f      0t0  TCP *:56781 (LISTEN)
node    51399  pwu   38u  IPv6 0xe8478a1f17bab7f      0t0  TCP *:6284 (LISTEN)
workerd 51401  pwu   11u  IPv4 0xe8478b515f2f98f      0t0  TCP 127.0.0.1:56779 (LISTEN)
workerd 51401  pwu   12u  IPv6 0xe8478a1f17bb37f      0t0  TCP [::1]:56779 (LISTEN)
workerd 51401  pwu   14u  IPv4 0xe8478b5166e64ff      0t0  TCP *:8787 (LISTEN)

With wrangler dev --ip localhost, this improves such that workerd is no longer listening on the wildcard address:

$ lsof -nPiTCP -sTCP:LISTEN
COMMAND   PID USER   FD   TYPE            DEVICE SIZE/OFF NODE NAME
node    51416  pwu   36u  IPv6 0xe8478a1e7bdd37f      0t0  TCP *:9229 (LISTEN)
node    51416  pwu   37u  IPv6 0xe8478a1f161c37f      0t0  TCP [::1]:56788 (LISTEN)
node    51416  pwu   38u  IPv6 0xe8478a1e7bddb7f      0t0  TCP *:6284 (LISTEN)
workerd 51418  pwu   11u  IPv4 0xe8478b515f2f98f      0t0  TCP 127.0.0.1:56786 (LISTEN)
workerd 51418  pwu   12u  IPv6 0xe8478a1f17f5b7f      0t0  TCP [::1]:56786 (LISTEN)
workerd 51418  pwu   14u  IPv4 0xe8478b51682305f      0t0  TCP 127.0.0.1:8787 (LISTEN)
workerd 51418  pwu   15u  IPv6 0xe8478a1f17f537f      0t0  TCP [::1]:8787 (LISTEN)

Ports are defined here:

workers-sdk/packages/wrangler/src/index.ts

Lines 62 to 63 in 3637d97

    
           export const DEFAULT_LOCAL_PORT = 8787; 
        
           export const DEFAULT_INSPECTOR_PORT = 9229;

Port 9229 is used for the inspector here:

workers-sdk/packages/wrangler/src/dev/inspect.ts

Lines 859 to 865 in 3637d97

    
           export const openInspector = async ( 
        
           	inspectorPort: number, 
        
           	worker: string | undefined 
        
           ) => { 
        
           	const query = new URLSearchParams(); 
        
           	query.set("theme", "systemPreferred"); 
        
           	query.set("ws", `localhost:${inspectorPort}/ws`);

workers-sdk/packages/wrangler/src/dev/inspect.ts

Line 255 in 3637d97

server.listen(props.port);

As you can see there is no reason it should listen on the wildcard given that it is only used locally. Let's change that to listen on localhost, https://nodejs.org/api/net.html#serverlisten

- server.listen(props.port);
+ server.listen(props.port, 'localhost');

Port 6284 appears to be used for a "service registry":

workers-sdk/packages/wrangler/src/dev-registry.ts

Lines 13 to 14 in 3637d97

    
           const DEV_REGISTRY_PORT = "6284"; 
        
           const DEV_REGISTRY_HOST = `http://localhost:${DEV_REGISTRY_PORT}`;

workers-sdk/packages/wrangler/src/dev-registry.ts

Lines 83 to 85 in 3637d97

    
           server = http.createServer(app); 
        
           terminator = createHttpTerminator({ server }); 
        
           server.listen(DEV_REGISTRY_PORT);

Again, it only appears to be used on localhost, so we should be able to change that as well?

Note that for those running wrangler in Docker with port-forwarding, it should probably still listen on the wildcard in that special case. Maybe the --ip option can be used to influence the above listen options?

Historical note: the dev server used to listen on localhost, but this was changed to listen on wildcard in #1605 which also added the --ip option.

Also related: security concerns about listening on external interfaces, #2036 (closed in favor of #4239).

Please provide a link to a minimal reproduction

No response

Please provide any relevant error logs

No response

The text was updated successfully, but these errors were encountered:

jspspike · 2023-11-13T16:15:26Z

@Lekensteyn Thanks for doing this debugging and submitting this bug. I agree that the dev registry and inspector should follow the --ip option. I will mark this issue for future work

The `wrangler dev` port availability check triggers a firewall prompt on macOS while it briefly opens and closes the listener. The OAuth callback server from `wrangler login` has the same issue. Fix both cases by listening on the loopback address only. Relates to cloudflare#4430

The `wrangler dev` port availability check triggers a firewall prompt on macOS while it briefly opens and closes listeners. The OAuth callback server from `wrangler login` has the same issue. Fix both cases by listening on the loopback address only. Relates to cloudflare#4430

The `wrangler dev` port availability check triggers a firewall prompt on macOS while it briefly opens and closes listeners. The OAuth callback server from `wrangler login` has the same issue. Fix both cases by listening on the loopback address only by default. Relates to cloudflare#4430

The `wrangler dev` port availability check triggers a firewall prompt on macOS while it briefly opens and closes listeners. The OAuth callback server from `wrangler login` has the same issue. Fix both cases by listening on the loopback address only by default. Fixed some new test failures by using locally available IP addresses: wrangler:test: ● wrangler dev › ip › should use to `ip` from `wrangler.toml`, if available wrangler:test: listen EADDRNOTAVAIL: address not available 1.2.3.4:8787 wrangler:test: wrangler:test: ● wrangler dev › ip › should use --ip command line arg, if provided wrangler:test: listen EADDRNOTAVAIL: address not available 5.6.7.8:8787 Relates to cloudflare#4430

…gin (#4830) The `wrangler dev` port availability check triggers a firewall prompt on macOS while it briefly opens and closes listeners. The OAuth callback server from `wrangler login` has the same issue. Fix both cases by listening on the loopback address only by default. Fixed some new test failures by using locally available IP addresses: wrangler:test: ● wrangler dev › ip › should use to `ip` from `wrangler.toml`, if available wrangler:test: listen EADDRNOTAVAIL: address not available 1.2.3.4:8787 wrangler:test: wrangler:test: ● wrangler dev › ip › should use --ip command line arg, if provided wrangler:test: listen EADDRNOTAVAIL: address not available 5.6.7.8:8787 Relates to #4430

* ci: only deploy Workers when pushing to special branches (#4848) Previously every push to `main` that contained changes to a Worker package would cause that Worker to be deploy "to production". This meant that we had to be very careful about merging PRs that touch these Workers files. Now production deployment is only run for a Worker on a push to its special deployment branch (e.g. `deploy-worker/playground-preview-worker`). This allows us to land PRs to `main` and then collect up changes to release in a single go by updating the special deployment branch in a controlled way. Moreover it is also easy to see what changes will be released by looking at the difference between `main` and the deployment branch for the Worker package directory. The three workers in this repo now follow this pattern: - edge-preview-authenticated-proxy - format-errors - playground-preview-worker In addition, the Playground Preview Worker has end-to-end tests that are run on every push to the `main` branch, and also any PRs that have the "playground-worker" label. For these tests the Worker is deployed to the testing environment before running the tests against this deployment. * C3: bump `create-next-app` and handle new `next.config.mjs` defaults (#4863) * bump create-next-app from 14.0.4 to 14.1.0 * C3: handle new next.config.mjs default files * [wrangler] Support ai bindings in getBindingsProxy (#4869) * Retain AI service binding from miniflare options * Update changeset * chore: bump `workerd` to `1.20240129.0` (#4874) * [C3] Bump create-vue from 3.9.1 to 3.9.2 in /packages/create-cloudflare/src/frameworks (#4870) * [C3] Bump create-vue in /packages/create-cloudflare/src/frameworks Bumps [create-vue](https://github.com/vuejs/create-vue) from 3.9.1 to 3.9.2. - [Release notes](https://github.com/vuejs/create-vue/releases) - [Commits](vuejs/create-vue@v3.9.1...v3.9.2) --- updated-dependencies: - dependency-name: create-vue dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * [C3] Update frameworks cli dependencies --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wrangler automated PR updater <wrangler@cloudflare.com> * Exclude standardPricingWarning from dryrun (#4880) * Exclude standardPricingWarning from dryrun That way we do not need authentication for dryrun, again. * fixup! Exclude standardPricingWarning from dryrun * fixup! Exclude standardPricingWarning from dryrun --------- Co-authored-by: petero-dk <2478689+petero-dk@users.noreply.github.com> * Implements Python support in miniflare. (#4873) * Fix changesets (#4885) * fix dario-piotrowicz's changesets * fix existing C3 changesets and amend the changeset text in the creation logic * Version Packages (#4854) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * [C3] Bump create-qwik from 1.4.2 to 1.4.3 in /packages/create-cloudflare/src/frameworks (#4881) * [C3] Bump create-qwik in /packages/create-cloudflare/src/frameworks Bumps [create-qwik](https://github.com/BuilderIO/qwik/tree/HEAD/packages/create-qwik) from 1.4.2 to 1.4.3. - [Release notes](https://github.com/BuilderIO/qwik/releases) - [Commits](https://github.com/BuilderIO/qwik/commits/v1.4.3/packages/create-qwik) --- updated-dependencies: - dependency-name: create-qwik dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * [C3] Update frameworks cli dependencies --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wrangler automated PR updater <wrangler@cloudflare.com> * [wrangler] fix: listen on loopback for wrangler dev port check and login (#4830) The `wrangler dev` port availability check triggers a firewall prompt on macOS while it briefly opens and closes listeners. The OAuth callback server from `wrangler login` has the same issue. Fix both cases by listening on the loopback address only by default. Fixed some new test failures by using locally available IP addresses: wrangler:test: ● wrangler dev › ip › should use to `ip` from `wrangler.toml`, if available wrangler:test: listen EADDRNOTAVAIL: address not available 1.2.3.4:8787 wrangler:test: wrangler:test: ● wrangler dev › ip › should use --ip command line arg, if provided wrangler:test: listen EADDRNOTAVAIL: address not available 5.6.7.8:8787 Relates to #4430 * remove outdated and no longer valid miniflare development section from CONTRIBUTING.md (#4893) * [C3] Bump @angular/create from 17.1.1 to 17.1.2 in /packages/create-cloudflare/src/frameworks (#4892) * [C3] Bump @angular/create in /packages/create-cloudflare/src/frameworks Bumps [@angular/create](https://github.com/angular/angular-cli) from 17.1.1 to 17.1.2. - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@17.1.1...17.1.2) --- updated-dependencies: - dependency-name: "@angular/create" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * [C3] Update frameworks cli dependencies --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wrangler automated PR updater <wrangler@cloudflare.com> * [Stream] WebRTC Template Improvements (#4157) * Add port numbers to fix stackblitz automatic startup * Pull the variables up and show clear instructions * fixup! Pull the variables up and show clear instructions --------- Co-authored-by: Peter Bacon Darwin <pbacondarwin@cloudflare.com> * fix: return 4xx error from playground preview worker on invalid tokens (#4904) Previously, we were passing user-controllable token inputs (`X-CF-Token` header, `user` search param, `token` cookie) directly to the `DurableObjectNamespace#idFromString()` function. This validated the token to be a valid Durable Object ID, but threw a reportable `TypeError`, generating a 500 response and increasing the errored request count. This is a user error, so shouldn't be reported. This change wraps calls to `idFromString()` inside `try`/`catch`es, and re-throws non-reportable user errors that generate 4xx responses. We could just validate that the tokens were 64 hex digits before calling `idFromString()`, but this approach ensures the IDs are for the `UserSession` object by validating the signature encoded in the ID too. * chore: rename deprecated Vitest `TestContext.meta` properties to `TestContext.task` (#4897) This is a precursor to updating to latest Vitest. * [wrangler] fix: stop rebuild attempts when sources are missing (#3886) (#4877) * [wrangler] fix: stop rebuild attempts when sources are missing (#3886) * fixup! [wrangler] fix: stop rebuild attempts when sources are missing (#3886) * fixup! [wrangler] fix: stop rebuild attempts when sources are missing (#3886) * fixup! [wrangler] fix: stop rebuild attempts when sources are missing (#3886) * Update .changeset/hip-files-count.md Co-authored-by: Pete Bacon Darwin <pete@bacondarwin.com> * !fixup: [wrangler] fix: stop rebuild attempts when sources are missing (#3886) * !fixup: [wrangler] fix: stop rebuild attempts when sources are missing (#3886) --------- Co-authored-by: Peter Bacon Darwin <pbacondarwin@cloudflare.com> Co-authored-by: Pete Bacon Darwin <pete@bacondarwin.com> * [C3] Bump create-remix from 2.5.1 to 2.6.0 in /packages/create-cloudflare/src/frameworks (#4903) * [C3] Bump create-remix in /packages/create-cloudflare/src/frameworks Bumps [create-remix](https://github.com/remix-run/remix/tree/HEAD/packages/create-remix) from 2.5.1 to 2.6.0. - [Release notes](https://github.com/remix-run/remix/releases) - [Changelog](https://github.com/remix-run/remix/blob/main/packages/create-remix/CHANGELOG.md) - [Commits](https://github.com/remix-run/remix/commits/create-remix@2.6.0/packages/create-remix) --- updated-dependencies: - dependency-name: create-remix dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * [C3] Update frameworks cli dependencies --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wrangler automated PR updater <wrangler@cloudflare.com> * fix: ensure that the Pages dev proxy server does not change the Host header (#4888) * fix: ensure that the Pages dev proxy server does not change the Host header Previously, when configuring `wrangler pages dev` to use a proxy to a 3rd party dev server, the proxy would replace the Host header, resulting in problems at the dev server if it was checking for cross-site scripting attacks. Now the proxy server passes through the Host header unaltered making it invisible to the 3rd party dev server. Fixes #4799 * fixup! fix: ensure that the Pages dev proxy server does not change the Host header * fixup! fix: ensure that the Pages dev proxy server does not change the Host header * fixup! fix: ensure that the Pages dev proxy server does not change the Host header * fix: fallback to returning stack trace if `format-errors` broken (#4908) * expose cf object from Miniflare instances (#4905) * expose cf object from Miniflare instances --------- Co-authored-by: MrBBot <bcoll@cloudflare.com> * Add a `ctx` field to the `getBindingsProxy` result (#4922) * split get-bindings-proxy fixture tests in multiple files * add ctx to getBindingsProxy * add ctx tests to get-bindings-proxy fixture --------- Co-authored-by: MrBBot <bcoll@cloudflare.com> * fix(d1): intercept and stringify errors thrown in --json mode (#4872) * fix(d1): intercept and stringify errors thrown in --json mode * fix: add light parsing on d1 execute error message * add test * wip * implement JsonFriendlyFatalError * address PR feedback * fix: don't report invalid `format-errors` input (#4911) * [D1] Add user friendly D1 validation error messages for `dev --remote` and `deploy` (#4914) * chore: refactor user friendly errors and add 10063 code handling * chore: add user friendly error message to deployments * chore: lint * chore: cleanup directory * chore: fix remote error handling * chore: add patch change set * chore: move ABORT_ERR logic out of the user friendly error handler * chore: fix syntax * Update .changeset/fair-shoes-melt.md Co-authored-by: Pete Bacon Darwin <pete@bacondarwin.com> --------- Co-authored-by: Pete Bacon Darwin <pete@bacondarwin.com> * [D1] teach wrangler how to fetch insights about D1's queries (#4909) * [D1] teach wrangler how to fetch insights about D1's queries * add options for sorting and number of results * add a means of filtering the datetime geq/leq * add more options, fix tests * add wrangler banner, add warning text * add changeset * rename last to timePeriod * use string format over numbers as >1mo's data could be possible * Update red-icons-flow.md * make it possible to order by count * Update red-icons-flow.md * PR feedback * Update .changeset/red-icons-flow.md Co-authored-by: Pete Bacon Darwin <pete@bacondarwin.com> * address PR feedback --------- Co-authored-by: Pete Bacon Darwin <pete@bacondarwin.com> * [wrangler] test: fix E2E tests (#4907) * ci: ensure E2E tests failures not reported as successes #4458 accidentally left `continue-on-error: true` in the workflow. This meant that E2E test failures weren't reported as check failures. * test: remove redundant `deploy.test.ts` E2E test This test was a strict subset of `deployments.test.ts`, and wasn't providing any additional value. * test: remove standard pricing warning from E2E test output This warning may not be shown if an account has opted-in to standard pricing. This change normalises output to remove it, meaning tests can be run on any account, regardless of opt-in state. * test: update format of writing logs message in E2E tests * test: use `fallback` instead of `default` in E2E tests #4571 updated the message logged in non-interactive contexts for default values to use the word `fallback` instead of `default`. * fix: ensure `--log-level` argument applied immediately Some messages were being logged before the `--log-level` argument was applied. In particular, this meant the "writing logs to" message at `debug` level, was not output when using `--log-level=debug`. * test: improve reliability of `dev.test.ts` E2E test This change makes a few improvements to `dev.test.ts`: - Shorter timeouts for `fetch()` retries - Replaces `get-port` with native port `0` implementation - Waits for stdout handlers to be registered before starting `wrangler dev` - Ignores errors if we failed to find a proccess to kill (assumes the process was already killed) * fix: throw `UserError`s for R2 object/bucket not-found errors These errors should not be reported to Sentry. * global install * Ensure internal workers listen on ipv4 only * shorter timeouts --------- Co-authored-by: Samuel Macleod <smacleod@cloudflare.com> * Python support (#4901) * Implements wrangler deploy/dev support for Python. * Migrate to `--no-bundle` approach * Basic support for `requirements.txt` * address review comments * Strip package versions * Support deploying * Address comments * Fix tests --------- Co-authored-by: Dominik Picheta <dominik@cloudflare.com> * Version Packages (#4891) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * [C3] Add `getBindingsProxy` support to qwik template (#4927) * Split package.json update into multiple phases * Add getBindingsProxy to qwik template * Add support for testing dev scripts in c3 e2e tests * Refactor framework e2e verification helpers * Add support for verifying build script in framework e2es * Refactor e2e helpers * Refactor workers e2e tests to re-align with frameworks tests * Refactor RunnerConfig in e2e tests * Fixing cli e2e tests * changeset * remove leftover test value * Fix issue with npm tests & fix e2e logging * Addressing PR feedback * [playground-preview-worker] fix: don't report invalid upload input (#4937) * fix: don't report invalid `edge-preview-authenticated-proxy` URLs (#4939) * [D1] print wrangler banner at the start of every D1 command (#4938) * fix: make the entrypoint optional for the `types` command (#4931) --------- Co-authored-by: MrBBot <bcoll@cloudflare.com> * add a `cf` field to the `getBindingsProxy` result (#4926) --------- Co-authored-by: James Culveyhouse <jculveyhouse@cloudflare.com> * Improve DX with `node:*` modules (#4499) * Turn node build failures into warnings * Allow files to suppress warnings for specific modules * Remove comment-based allow-listing * Add changeset * Update .changeset/chatty-balloons-impress.md Co-authored-by: James M Snell <jasnell@gmail.com> * Pass through `defineNavigatorUserAgent` * Add tests * lockfile * Linting * fix tests --------- Co-authored-by: James M Snell <jasnell@gmail.com> * improve(r2): Update Sippy endpoint request payloads to match new schema (#4928) * fix(r2): update Sippy API request payloads * improve(r2): rename sippy flags for clarity * improve(r2): stricter existence in Sippy * [C3] Bump create-qwik from 1.4.3 to 1.4.4 in /packages/create-cloudflare/src/frameworks (#4935) * [C3] Bump create-qwik in /packages/create-cloudflare/src/frameworks Bumps [create-qwik](https://github.com/BuilderIO/qwik/tree/HEAD/packages/create-qwik) from 1.4.3 to 1.4.4. - [Release notes](https://github.com/BuilderIO/qwik/releases) - [Commits](https://github.com/BuilderIO/qwik/commits/v1.4.4/packages/create-qwik) --- updated-dependencies: - dependency-name: create-qwik dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * [C3] Update frameworks cli dependencies --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wrangler automated PR updater <wrangler@cloudflare.com> * fix: allow `port` option to be specified with `unstable_dev()` (#4953) * Extend error handling of proxy request errors in ProxyWorker (#4867) * ignore stale proxy errors * attempt to recover from ProxyWorker fetch errors by requeuing the request (only if it is GET or HEAD) * add test * add changeset * refactor to flatten nested if-else blocks * requeue request for retry at front of queue * sort batch of requests in queue by order of arrival * Revert "sort batch of requests in queue by order of arrival" This reverts commit 3329f19. * Revert "requeue request for retry at front of queue" This reverts commit f0377b7. * prioritise requests being retried over requests being proxied for the first time * better comments * update changeset to match recommeded format * Update five-cooks-share.md (#4956) * Version Packages (#4934) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Pete Bacon Darwin <pete@bacondarwin.com> Co-authored-by: Dario Piotrowicz <dario@cloudflare.com> Co-authored-by: James Culveyhouse <jculveyhouse@cloudflare.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wrangler automated PR updater <wrangler@cloudflare.com> Co-authored-by: petero-dk <2478689+petero-dk@users.noreply.github.com> Co-authored-by: Dominik Picheta <dominikpicheta@googlemail.com> Co-authored-by: workers-devprod@cloudflare.com <116369605+workers-devprod@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Peter Wu <peter@lekensteyn.nl> Co-authored-by: Taylor Smith <tsmith@tsmith.com> Co-authored-by: Peter Bacon Darwin <pbacondarwin@cloudflare.com> Co-authored-by: Magnus Dahlstrand <magnusdahlstrand@users.noreply.github.com> Co-authored-by: Max Rozen <3822106+rozenmd@users.noreply.github.com> Co-authored-by: Nora Söderlund <norasoderlund@icloud.com> Co-authored-by: Samuel Macleod <smacleod@cloudflare.com> Co-authored-by: Dominik Picheta <dominik@cloudflare.com> Co-authored-by: James M Snell <jasnell@gmail.com> Co-authored-by: Siddhant <siddhant@cloudflare.com> Co-authored-by: Rahul Sethi <5822355+RamIdeas@users.noreply.github.com>

Lekensteyn added the bug Something that isn't working label Nov 12, 2023

jspspike self-assigned this Nov 13, 2023

jspspike mentioned this issue Nov 13, 2023

Change dev registry and inspector server to use 127.0.0.1 instead of all interfaces #4437

Merged

6 tasks

jspspike closed this as completed in #4437 Nov 16, 2023

Lekensteyn mentioned this issue Nov 29, 2023

🚀 Feature Request: Limit local network access in wrangler dev server #4239

Closed

Lekensteyn mentioned this issue Jan 24, 2024

[wrangler] fix: listen on loopback for wrangler dev port check and login #4830

Merged

6 tasks

workers-devprod mentioned this issue Feb 1, 2024

Version Packages #4891

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🐛 BUG: Wrangler is still listening on the wildcard address even with --ip localhost #4430

🐛 BUG: Wrangler is still listening on the wildcard address even with --ip localhost #4430

Lekensteyn commented Nov 12, 2023 •

edited

Loading

jspspike commented Nov 13, 2023

🐛 BUG: Wrangler is still listening on the wildcard address even with --ip localhost #4430

🐛 BUG: Wrangler is still listening on the wildcard address even with --ip localhost #4430

Comments

Lekensteyn commented Nov 12, 2023 • edited Loading

Which Cloudflare product(s) does this pertain to?

What version(s) of the tool(s) are you using?

What version of Node are you using?

What operating system are you using?

Describe the Bug

Please provide a link to a minimal reproduction

Please provide any relevant error logs

jspspike commented Nov 13, 2023

Lekensteyn commented Nov 12, 2023 •

edited

Loading