Y
Hacker News
new
|
ask
|
show
|
jobs
by
benchaney
3076 days ago
No, the "vuln" is assuming that only users on the machine can access localhost. This is a completely reasonable assumption, and it is on the browsers for invalidating it.