Am 21.11.2017 um 15:27 schrieb Tony Finch:
Reindl Harald <h.rei...@thelounge.net> wrote:
Am 21.11.2017 um 14:42 schrieb G.W. Haywood via bind-users:
The address for localhost (127.0.0.1) should be in /etc/hosts,
not in your zone file, and very probably it already is
that part is not true
https://tools.ietf.org/html/rfc1537 says:
Note that all domains that contain hosts should have a "localhost" A record in
them
That advice is no longer a good idea. "localhost" in the DNS can lead to
problems with the web browser same-origin security policy.
http://seclists.org/bugtraq/2008/Jan/270
interesting - but however "administrators often mistakenly drop the
trailing dot" is nonsense because "Note that all domains that contain
hosts should have a localhost A record" says exactly that
______________________
from that webpage:
It's a common and sensible practice to install records of the form
"localhost. IN A 127.0.0.1" into nameserver configurations, bizarrely
however, administrators often mistakenly drop the trailing dot,
introducing an interesting variation of Cross-Site Scripting (XSS) I
call Same-Site Scripting
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
