|
|
|
|
|
|
by upofadown
3083 days ago
|
|
|
Isn't there just the one flaw here? That random websites can make connections to localhost through a browser? Are we now going to enumerate every possible thing that accepts connections on localhost without authentication? >"I regularly encounter users who don't accept that websites can access services on localhost or their intranet," That seems to be a very reasonable thing to not accept... |
|
|
The other related issue is that communicating with localhost over https is very hard for an app. I wonder if there is a potential way to kill two birds with one stone here with some browser changes.