Comment on 0.0.0.0 Day - 18 Yr Old Vulnerability Let Attackers Bypass All Browser Security
TehPers@beehaw.org 4 months agoWhile I agree, it makes connecting to localhost as easy as http://0:8080/
(for port 8080, but omit for port 80)
Comment on 0.0.0.0 Day - 18 Yr Old Vulnerability Let Attackers Bypass All Browser Security
TehPers@beehaw.org 4 months agoWhile I agree, it makes connecting to localhost as easy as http://0:8080/
(for port 8080, but omit for port 80)
dan@upvote.au 4 months ago
The thing is that it’s not supposed to work, so it’s essentially relying N undefined behaviour. Typing
[::1]:8080
is nearly as easy.I haven’t seen the PRs, but IP comparison should really be using the binary form of the IPv4 address (a 32-bit number), not the human-friendly form.