[Webkit-unassigned] [Bug 171934] Content from loopback addresses (e.g. 127.0.0.1) should not be considered mixed content

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu May 11 11:01:56 PDT 2017


https://bugs.webkit.org/show_bug.cgi?id=171934

--- Comment #6 from Alexey Proskuryakov <ap at webkit.org> ---
I don't see any explanation in the linked issues of why it's desirable for non-local pages to access localhost. It's incredibly unlikely to be a legitimate use of web technology.

> I wonder how frequent it is for services accessible through the local loop to not be accessible from the LAN.

That's pretty normal. Even when accessible from LAN, that's still a different security domain than any random webpage with random ad scripts.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170511/18412da9/attachment-0001.html>


More information about the webkit-unassigned mailing list