[cookiengineer]

While I think that I somewhat agree with their reasoning, someone must also say that we are quickly in multicast territory here.

Should websites be allowed to resolve airprint or airdrop based devices, given the history of CSRF vulnerabilities in consumer routers? Probably not.

Devs seem to confuse that most humans are not developers, and therefore easylist's decision to do so has that kind of context.

The point of those lists is to block away access to local domains so a malicious website that got through the filters isn't able to pwn your whole network.

And if we are discussing whether or not websites should be allowed to access the local network, then you are probably someone who doesn't give a damn about securing those devices anyways.