# Streaming from online.tivo.com doesnt work in chrome



## Jeremybme (Sep 30, 2003)

All of a sudden this morning online.tivo.com will not stream in chrome. I've deleted all my browsing data, ive tried two different computers with chrome. It works in safari, and in IE on the 2nd computer. When i try in chrome i get an error that says

We are unable to detect your TiVo streaming device from this location. If you are currently away from home, streaming video is not supported at this time.


----------



## Jeremybme (Sep 30, 2003)

upon further investigation chrome dev tools reveals

*Access to XMLHttpRequest at 'http://(MYIP):49152/sysinfo/json/svcinfo' from origin 'http://online.tivo.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `private`.
*
After researching that i found this link
Chrome CORS error on request to localhost dev server from remote site

it went into a bit about how 
"Chrome has implemented CORS-RFC1918, which prevents public network resources from requesting private-network resources - unless the public-network resource is secure (HTTPS) and the private-network resource provides appropriate (yet-undefined) CORS headers."

So basically a public network "online.tivo.com" cannot access my local network (where my tivo is) due to this new CORS-RFC1918 standard.

The is a fix to disable this behavior for now
chrome://flags/#block-insecure-private-network-requests

I set the first one "Block insecure private network requests." to disable. restarted chrome and now my online.tivo.com can stream shows again.

Hope this helps someone else.
*
*


----------



## Mover480 (Jan 15, 2006)

Yes! Thanks for the help.


----------



## tampa8 (Jan 26, 2016)

Jeremybme said:


> upon further investigation chrome dev tools reveals
> 
> *Access to XMLHttpRequest at 'http://(MYIP):49152/sysinfo/json/svcinfo' from origin 'http://online.tivo.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `private`.
> *
> ...


THANK-YOU!


----------



## dublatte (Feb 22, 2008)

Jeremybme said:


> The is a fix to disable this behavior for now
> chrome://flags/#block-insecure-private-network-requests
> 
> I set the first one "Block insecure private network requests." to disable. restarted chrome and now my online.tivo.com can stream shows again.


This was perfect! Thanks. I guess we are re-opening a security vulnerability that Chrome was trying to keep closed by default... but within a private network... I'll risk it.


----------



## rbronco21 (Nov 1, 2005)

This is the registry key I changed. It will only open up chrome to tivo.com. I added it manually, but put this in a tivo.reg text file and run it to enter it automatically.

```
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Policies\Google\Chrome\InsecurePrivateNetworkRequestsAllowedForUrls]
"1"="online.tivo.com"
```
I googled that key and found all the Chrome registry options!




__





Manage Chrome policies with Windows registry - Chrome Enterprise and Education Help


Applies to Windows users who sign in to a managed account on Chrome browser. As an administrator, you can configure Chrome Browser settings on Microsoft® Windows® computers by modifying t



support.google.com


----------



## mets18 (3 mo ago)

rbronco21 said:


> This is the registry key I changed. It will only open up chrome to tivo.com. I added it manually, but put this in a tivo.reg text file and run it to enter it automatically.
> 
> ```
> Windows Registry Editor Version 5.00
> ...


Is this still working for you? I cannot get it to work even by disabling it globally in the chrome flags.


----------

