[GH-ISSUE #7000] Respect the Access-Control-Allow-Private-Network in Chrome #30194

Open
opened 2026-04-22 09:43:04 -05:00 by GiteaMirror · 1 comment
Owner

Originally created by @PaulKinlan on GitHub (Sep 27, 2024).
Original GitHub issue: https://github.com/ollama/ollama/issues/7000

What is the issue?

I'm testing ollama from an environment hosted on repl.it running in the browser. I have a local version of ollama running with the OLLAMA_HOST=*, https://48a38c67-3eda-41cf-804b-e04fba963d55-00-14tthqngapcgy.worf.replit.dev (other variations result in the same error).

It looks like the new Access-Control-Allow-Private-Network is starting to be enforced when accessing the ollama server from a non-localhost origin.

Chrome: 129.0.6668.58 - Works
Chrome: 131.0.6742.0 - Fails with the error Access to fetch at 'http://127.0.0.1:11434/api/generate' from origin 'https://48a38c67-3eda-41cf-804b-e04fba963d55-00-14tthqngapcgy.worf.replit.dev' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Private-Network' header was present in the preflight response for this private network request targeting the local address space.

It looks like somewhere between these two versions, we (Chrome) started to enforce requiring the response from locally hosted ollama servers to require Access-Control-Allow-Private-Network: true HTTP Header.

OS

Linux, macOS, Windows

GPU

Apple

CPU

Apple

Ollama version

0.3.12

Originally created by @PaulKinlan on GitHub (Sep 27, 2024). Original GitHub issue: https://github.com/ollama/ollama/issues/7000 ### What is the issue? I'm testing ollama from an environment hosted on repl.it running in the browser. I have a local version of ollama running with the `OLLAMA_HOST=*, https://48a38c67-3eda-41cf-804b-e04fba963d55-00-14tthqngapcgy.worf.replit.dev` (other variations result in the same error). It looks like the new `Access-Control-Allow-Private-Network` is starting to be enforced when accessing the ollama server from a non-localhost origin. Chrome: 129.0.6668.58 - Works Chrome: 131.0.6742.0 - Fails with the error `Access to fetch at 'http://127.0.0.1:11434/api/generate' from origin 'https://48a38c67-3eda-41cf-804b-e04fba963d55-00-14tthqngapcgy.worf.replit.dev' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Private-Network' header was present in the preflight response for this private network request targeting the `local` address space.` It looks like somewhere between these two versions, we (Chrome) started to enforce requiring the response from locally hosted ollama servers to require `Access-Control-Allow-Private-Network: true` HTTP Header. ### OS Linux, macOS, Windows ### GPU Apple ### CPU Apple ### Ollama version 0.3.12
GiteaMirror added the bug label 2026-04-22 09:43:04 -05:00
Author
Owner

@G4Zz0L1 commented on GitHub (Mar 11, 2025):

Any news for this?
I'm on chrome 134.0.6998.35, this setting is preventing ollama to work with host http://localhost:11434, from other addresses.

<!-- gh-comment-id:2712259313 --> @G4Zz0L1 commented on GitHub (Mar 11, 2025): Any news for this? I'm on chrome 134.0.6998.35, this setting is preventing ollama to work with host http://localhost:11434, from other addresses.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/ollama#30194