[G_o_D]

Browser should just allow per-site settings or global allow/deny all to allow deny permission to localhost

So thats user will be in control

cant just write a extension that blocks access to domains based on origin

So user can just add facebook.com as origin to block all facebook* sites from sending any request to any registered url in these case localhost/127.0.0.1 domains

DNR api allows blocking based on initiatorDomains