top | item 28206747

(no title)

yc12340 | 4 years ago

This sounds like it might help against DNS rebinding attacks, — at the cost of breaking interchangeability between DNS names and IP addresses.

Not sure, if such policy is a good idea, especially if the permission prompt automatically appears upon network activity without explicit developer intention. This will simply condition users to click "OK" without understanding what's going on.

discuss

No comments yet.