[galaxy_gas]

1. Buy domain for your service

2. Make wildcard record to point to 127.0.0.1

3. User can apply any.thing.here.yourcompanyinternal.xxx

[g4cg54g54]

https://en.wikipedia.org/wiki/DNS_rebinding protection will stop this from working "hopefully" ;)

but `--host-resolver-rules` may work, https://chromium.googlesource.com/chromium/src/+/main/net/ba... @terry_hc

[bawolff]

> https://en.wikipedia.org/wiki/DNS_rebinding protection will stop this from working "hopefully" ;)

Does anyone actually ban 127 resolution to stop dns rebinding? I feel like that would probably break a lot of things while not actually preventing dns rebinding.

[galaxy_gas]

https://docs.google.com/document/d/1QQkqehw8umtAgz5z0um7THx-... is in Beta channel now

[bawolff]

As far as i understand, that does not ban resolving dns addresses to localhost.

[DougN7]

_Someone_ must have already done this, right?

[galaxy_gas]

Only your domain ! You would not want to use other people. They can see what you request from their DNS server. Since they own the domain they can also get valid certificate ..

Look they are requesting owa.mydomain Why don't I replace it with internet accessible phishing for outlook page ? Why it's bad idea

[NationOfJoe]

*.lndo.site 127.0.0.1

This domain is used by https://lando.dev/ which is a docker/docker-compose wrapper for local development.

[pacifika]

Would it be a problem to disclose it, in terms of it getting shutdown?

[k1t]

  *.fbi.com