TODO: hardcode the "localhost" addresses

author: Daniel Stenberg <daniel@haxx.se> 2018-01-25 17:23:06 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2018-01-25 17:23:06 +0100
commit: 03ae81097ebfbdd274910da98caef172c5856af7 (patch)
tree: 96ec5794ee9762bf3a2deea94e282ecdd862bafb
parent: fd9f20737e36697a423eff3929150103b1e51abd (diff)
download: curl-03ae81097ebfbdd274910da98caef172c5856af7.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/docs/TODO b/docs/TODO
index e36017c75..5cb37c923 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -41,6 +41,7 @@
  1.24 TCP Fast Open for windows
  1.25 Expose tried IP addresses that failed
  1.26 CURL_REFUSE_CLEARTEXT
+ 1.27 hardcode the "localhost" addresses
 
  2. libcurl - multi interface
  2.1 More non-blocking
@@ -402,6 +403,17 @@
  variable can then help users to block all libcurl-using programs from
  accessing the network using unsafe protocols.
 
+1.27 hardcode the "localhost" addresses
+
+ There's this new spec getting adopted that says "localhost" should always and
+ unconditionally be a local address and not get resolved by a DNS server. A
+ fine way for curl to fix this would be to simply hard-code the response to
+ 127.0.0.1 and/or ::1 (depending on what IP versions that are requested). This
+ is what the browsers probably will do with this hostname.
+
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1220810
+
+ https://tools.ietf.org/html/draft-ietf-dnsop-let-localhost-be-localhost-02
 
 2. libcurl - multi interface
author	Daniel Stenberg <daniel@haxx.se>	2018-01-25 17:23:06 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2018-01-25 17:23:06 +0100
commit	03ae81097ebfbdd274910da98caef172c5856af7 (patch)
tree	96ec5794ee9762bf3a2deea94e282ecdd862bafb
parent	fd9f20737e36697a423eff3929150103b1e51abd (diff)
download	curl-03ae81097ebfbdd274910da98caef172c5856af7.tar.gz