Hacker News new | ask | show | jobs
by whalesalad 90 days ago
we have dev.our-root-domain.com in public DNS pointing to 127.0.0.1
1 comments
stock_toaster 90 days ago
I've run into resolvers that filter things like that to prevent dns rebinding attacks. And localhost (the hostname) does not work for CORS.

Best option is probably to set dev.our-root-domain.com in /etc/hosts

[1]: https://en.wikipedia.org/wiki/DNS_rebinding

link
whalesalad 89 days ago
Haven't had an issue yet, with a team scattered across US, Canada and UK. I'm sure it's possible - but so far we've been using this for about 3 years with no hiccups.
link
stock_toaster 88 days ago
Definitely more common on corporate networks.

I guess most home users (remote employees) are probably either using their ISP's resolvers, or browser DoH (Dns-Over-HTTPS).

link