.@mikewest re https://wicg.github.io/cors-rfc1918/ : see https://blog.lizzie.io/exploiting-CVE-2016-8606.html … (by @l_zzi_) - cross-protocol RCE via request path
I was talking about @mikewest's suggestion for forcing CORS on requests to rfc1918 addresses (linked in first tweet)
-
-
I see.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.