Re: [secure-contexts] `*.localhost` + DNS

On Wed, May 4, 2016 at 8:59 AM, Adrian Hope-Bailie
<> wrote:
>> This violates expectations for users:
> What users and on what basis?
> If the "users" are developers then are you suggesting they don't understand
> that there is a difference between localhost and
> We always need to balance good security approaches with pandering to the
> stupidity of users and I think that line can be drawn in a different place
> when the users are explicitly Web developers.

I don't think we need to call people "stupid" for not realizing that
localhost and can be different. We also don't need to
satisfy every expectation when there are good reasons not to.


Received on Wednesday, 4 May 2016 16:54:52 UTC