Skip to content

[CF1] private IP and BISO limit #22244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 7, 2025
Merged

[CF1] private IP and BISO limit #22244

merged 4 commits into from
May 7, 2025
+7 −1

Conversation

deadlypants1973
Copy link
Contributor

Summary

PCX-16607

Screenshots (optional)

Documentation checklist

  • The documentation style guide has been adhered to.
  • If a larger change - such as adding a new page- an issue has been opened in relation to any incorrect or out of date information that this PR fixes.
  • Files which have changed name or location have been allocated redirects.

@deadlypants1973 deadlypants1973 requested review from maxvp, ranbel, a team and kennyj42 as code owners May 6, 2025 14:15
@hyperlint-ai Hyperlint AI
Copy link
Contributor

hyperlint-ai bot commented May 6, 2025

Howdy and thanks for contributing to our repo. The Cloudflare team reviews new, external PRs within two (2) weeks. If it's been two weeks or longer without any movement, please tag the PR Assignees in a comment.

We review internal PRs within 1 week. If it's something urgent or has been sitting without a comment, start a thread in the Developer Docs space internally.

PR Change Summary

Updated documentation regarding private IP usage and Browser Isolation compatibility.

  • Clarified that private hostnames are only available over port 443 with valid SNI.
  • Added a note that using private IPs on non-443 ports with Browser Isolation will result in a Gateway block page.
  • Introduced a recommendation to configure a private network application for non-443 port usage.

Modified Files

  • src/content/docs/cloudflare-one/applications/non-http/self-hosted-private-app.mdx
  • src/content/docs/cloudflare-one/policies/browser-isolation/known-limitations.mdx
How can I customize these reviews?

Check out the Hyperlint AI Reviewer docs for more information on how to customize the review.

If you just want to ignore it on this PR, you can add the hyperlint-ignore label to the PR. Future changes won't trigger a Hyperlint review.

Note specifically for link checks, we only check the first 30 links in a file and we cache the results for several hours (for instance, if you just added a page, you might experience this). Our recommendation is to add hyperlint-ignore to the PR to ignore the link check for this PR.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented May 6, 2025
edited
Loading

Preview URL: https://1ae500fc.preview.developers.cloudflare.com
Preview Branch URL: https://kate-fixes-443limit.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link Updated Link
https://developers.cloudflare.com/cloudflare-one/policies/browser-isolation/known-limitations/ https://kate-fixes-443limit.preview.developers.cloudflare.com/cloudflare-one/policies/browser-isolation/known-limitations/
https://developers.cloudflare.com/cloudflare-one/applications/non-http/self-hosted-private-app/ https://kate-fixes-443limit.preview.developers.cloudflare.com/cloudflare-one/applications/non-http/self-hosted-private-app/

GreenStage
GreenStage reviewed May 6, 2025
View reviewed changes
src/content/docs/cloudflare-one/policies/browser-isolation/known-limitations.mdx Outdated

## Browser Isolation is not compatible with private IPs on non-`443` ports

Browser Isolation is not compatible with [self-hosted private applications](/cloudflare-one/applications/non-http/self-hosted-private-app/) that use private IP addresses on ports other than `443`. Trying to access an application with this configuration will result in a Gateway block page.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with self-hosted applications defined by private ips on ports other than 443

@deadlypants1973 deadlypants1973 merged commit 8bd4803 into production May 7, 2025
12 checks passed
@deadlypants1973 deadlypants1973 deleted the kate/fixes-443limit branch May 7, 2025 16:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@GreenStage GreenStage GreenStage left review comments

@marciocloudflare marciocloudflare marciocloudflare approved these changes

@maxvp maxvp Awaiting requested review from maxvp maxvp is a code owner

@ranbel ranbel Awaiting requested review from ranbel ranbel is a code owner

@kennyj42 kennyj42 Awaiting requested review from kennyj42 kennyj42 is a code owner

Assignees

@maxvp maxvp

@kennyj42 kennyj42

@ranbel ranbel

Labels
product:cloudflare-one size/xs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@deadlypants1973 @GreenStage @marciocloudflare @maxvp @kennyj42 @ranbel