A couple of quick points:
"Localhost is hard to protect" says "may be possible to exploit to "port-scan" the particular hosts". I think that needs a slight rewording.

I had never heard of WHATWG - perhaps a link to https://daniel.haxx.se/blog/tag/whatwg/ (etc) might be helpful.

Pete
--------------------------------------------
On Tue, 6/2/18, Daniel Stenberg <daniel_at_haxx.se> wrote:

 Subject: "URLs are dangerous things"
 To: "libcurl hacking" <curl-library_at_cool.haxx.se>
 Date: Tuesday, 6 February, 2018, 7:24
 
 Hi friends,
 
 Every now and then we get security
 problems reported to us that are really
 just various types of attacks you can
 do if you can either A) modify the url
 your curl application is using and/or
 B) have a server respond with a
 perfectly fine protocol-wise but
 malicious response to curl.
 
 Letting users freely set the URL, or
 parts of the URL, for your curl-using
 application can get consequences.
 
 I've started to document exactly what
 consequences and how:
 
 https://gist.github.com/bagder/c22b31fab3bf9e21ff82f872bd5bd372#file-urls-in-curl-md
 
 I'm interested in feedback and help in
 polishing it up to actually be helpful.
 
 --
 
   / daniel.haxx.se
 -------------------------------------------------------------------
 Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
 Etiquette:  https://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-02-07