Justin Mason wrote: > To be honest, I intended them as a whitelist ;) > > If a message never touched an untrusted host (ALL_TRUSTED), in > a correctly-configured trust setup, is that not safe to whitelist? > > Only if the trust-path auto-detector code works perfectly, for all sites. Which is impossible.
- Re: localhost bypass? Matt Kettler
- Re: localhost bypass? Justin Mason
- Re: localhost bypass? Matt Kettler
