Devs love to host their Webserver on localhost and think it’s probably okay since it’s localhost.https://twitter.com/taviso/status/955540415263907840 …
also has fun implications for local servers that speak text-based protocols that are sufficiently error-tolerant
-
-
More thoughts, I think this is a fundamental problem in the design level, maybe there should be some proposal on the browser side like “browsers should not be allowed to talk to localhost”.
@taviso -
I mean, no matter how secure/weak the services are, allowing to talk to the listening ports is a problem at the 1st place.
- 1 more reply
New conversation -
-
- 1 more reply
New conversation
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.