Chrome LNA update 28-10-2025

In this document the impact of the Google Chrome update of 28-10-2025 on the Trust1Connector is discussed. Apart from the impact for service desks and end-users you will also find all necessary information to adapt your configuration.

What was updated?

Chrome has updated its Local Network Access Restrictions.

What is Local Network Access?

Local Network Access restricts the ability of websites to send requests to servers on a user's local network (including servers running locally on the user's machine), requiring the user grant the site permission before such requests can be made. The ability to request this permission is restricted to secure contexts.

Why does Local Network Access needs restrictions?

Chrome is adding a new permission prompt for sites that make connections to a user's local network as part of the Local Network Access specification. The aim is to protect users from cross-site request forgery (CSRF) attacks targeting routers and other devices on private networks, and to reduce the ability of sites to use these requests to fingerprint the user's local network.

More technical information and official release notes of Google can be found here.

Why is the Trust1Connector impacted?

The Trust1Connector is using the local system of the user. This is one of the fundaments of the Trust1Connector. It runs decentralized in the userspace of the computer.

The new update of Chrome is preventing the browser to connect to the local system except if security policies are respected and previous security were done. Malicious websites are not able to address the connector from a browser. Trust1Team has of course implemented these updates already.

End-user impact

The end-user will get a pop-up that requests permission for local access. Just click ‘allow’ and the connector will run smoothly.

Impact for service desks and partners

There is NO need for a new version starting from version 3.8.x and up. As always we advise you to update to the latest version of the Trust1Connector which is version 3.8.8. If you are using the default version of the Trust1Connector then all clients are automatically updated with the latest version via our Distribution Server.

There is an impact if you work with iframes. Please read the following release note in which the problem and resolutions are described.