we have dev.our-root-domain.com in public DNS pointing to 127.0.0.1
I've run into resolvers that filter things like that to prevent dns rebinding attacks. And localhost (the hostname) does not work for CORS.
Best option is probably to set dev.our-root-domain.com in /etc/hosts
[1]: https://en.wikipedia.org/wiki/DNS_rebinding
alt Hacker News
I've run into resolvers that filter things like that to prevent dns rebinding attacks. And localhost (the hostname) does not work for CORS.
Best option is probably to set dev.our-root-domain.com in /etc/hosts
[1]: https://en.wikipedia.org/wiki/DNS_rebinding