Deprecate 0.0.0.0 for Private Network Access

&gt; Chrome&#x27;s PNA protection can be bypassed using the IP address 0.0.0.0 to access services listening on the localhost on macOS and Linux.<p>It seems they&#x27;re saying if you have a service listening to localhost (private), Chrome is supposed to not resolve 0.0.0.0 (public) to localhost, yet it currently does so.<p>So seems to me they&#x27;re solving a security bug. But if I got this right, it&#x27;s surprising how it got like that in the first place, doesn&#x27;t make sense in any scenario I can think of to resolve 0.0.0.0 to localhost? Why would a browser try to resolve 0.0.0.0 to anything in the first place?

No mention of [::]? Maybe they&#x27;ll discover that one in a couple years.

Related: <a href="https:&#x2F;&#x2F;www.oligo.security&#x2F;blog&#x2F;0-0-0-0-day-exploiting-localhost-apis-from-the-browser" rel="nofollow">https:&#x2F;&#x2F;www.oligo.security&#x2F;blog&#x2F;0-0-0-0-day-exploiting-local...</a>

Shouldn&#x27;t they instead add 0.0.0.0&#x2F;8 to the list of private networks, because it&#x27;s possible that 0.0.0.0&#x2F;8 might be private?

I can’t tell from reading the Chrome page (<a href="https:&#x2F;&#x2F;developer.chrome.com&#x2F;blog&#x2F;private-network-access-preflight&#x2F;" rel="nofollow">https:&#x2F;&#x2F;developer.chrome.com&#x2F;blog&#x2F;private-network-access-pre...</a>) or the linked WICG draft: do these new protections apply to the usual CORS-bypassing requests: form submissions and ordinary navigation?

pls excuse my aged brain, now with a new blood clot.<p>IIRC adding 0.0.0.0 0.0.0.0 to your hosts file helps ???<p>On macOS;<p>% ping 0.0.0.0 PING 0.0.0.0 (0.0.0.0): 56 data bytes ping: sendto: Socket is not connected ping: sendto: Socket is not connected Request timeout for icmp_seq 0 ping: sendto: Socket is not connected Request timeout for icmp_seq 1 ping: sendto: Socket is not connected Request timeout for icmp_seq 2 ping: sendto: Socket is not connected Request timeout for icmp_seq 3<p>% ping 0 PING 0 (0.0.0.0): 56 data bytes ping: sendto: Socket is not connected<p>ping: sendto: Socket is not connected Request timeout for icmp_seq 0 ping: sendto: Socket is not connected Request timeout for icmp_seq 1 ping: sendto: Socket is not connected Request timeout for icmp_seq 2 ping: sendto: Socket is not connected Request timeout for icmp_seq 3 ping: sendto: Socket is not connected<p>Is this correct ???