�j"1LAnZuoQdcKCkpDBKQMCgziGMoPC4VQUckM<div class="post"><div class="quoteheader"><a href="https://bitcointalk.org/index.php?topic=55.msg1597#msg1597">Quote from: lachesis on June 16, 2010, 06:14:05 AM</a></div><div class="quote">I think you're misunderstanding the issue. My browser will always be able to go to 127.0.0.1 (barring some strange IE settings or a virus). If I type the address into the URL bar or click a link, it will work fine. However, it isn't possible to use Javascript to complete POST requests between domains (or ports on the same domain).<br/></div>That's what I thought too.<br/><br/><div class="quoteheader"><a href="https://bitcointalk.org/index.php?topic=55.msg1598#msg1598">Quote from: sirius-m on June 16, 2010, 08:26:14 AM</a></div><div class="quote">Yeah, I meant to say that cross-domain javascript calls are forbidden, so you can't call 127.0.0.1 from a javascript that doesn't reside in 127.0.0.1. Come to think of it, it would be quite funny if browsers allowed malicious cross-domain javascript to change people's Facebook pages etc.<br/></div>Now I'm hearing a report that it IS possible for javascript to do a cross-domain POST request to 127.0.0.1. Not other domains, but just specifically to that one. Great...<br/><br/>If this is the case, then do not use the -server switch or bitcoind on a system where you do web browsing.<br/><br/>I'll get started on adding the password field.<br/></div> text/html
https://whatsonchain.com/tx/f976ea7dc7b679bd47d054d2d27fe1c5ce2ec3bc93c79a0f2bcbeb3a181e8cb3