# Description
The proxy server does not check for link-local IPv6 addresses
In https://github.com/jgraph/drawio/blob/dev/src/main/java/com/mxgraph/online/ProxyServlet.java#L255L257, it checks for local IP addresses. It is missing the link-local IPv6 address check –
[https://docs.oracle.com/javase/7/docs/api/java/net/InetAddress.html#isLinkLocalAddress()](https://docs.oracle.com/javase/7/docs/api/java/net/InetAddress.html#isLinkLocalAddress())
# Proof of Concept
1: Setup Wireshark
2: In your local copy of the DrawIO webapp open:
https://localhost:8080/draw/proxy?url=%68%74%74%70%3a%2f%2f%5b%66%65%38%30%3a%3a%31%5d
3: The server, takes a while as it attempts to connect to [fe80::1], the default gateway (seen from Wireshark logs) – denoting that fe80:: link-local IPv6 addresses are not being filtered.