resolves the host/domain to a different address than the HTTP it was
from, it becomes a method to bypass same-origin / CORS restrictions.
That's an unfortunate misunderstanding.
All protocols that use SRV records maintain the target domain.
So a ws://example.com/xyz would still send a Host header of "example.com",
whether SRV or not, so there is no impact on same origin policy, CORS, etc.
Good to know, thank you.
Actually....I wasn't talking about the Host: header - that is totally
spoofable...I was concerned about:
1. Browser client resolves example.com via old style DNS to x.x.x.x and
2. Received HTML starts JS which starts WS connection
3. WS resolves example.com via DNS SRV to y.y.y.y and opens
4. WS now has access outside origin.
Please note, I did not specify why DNS SRV resolved differently than old
style DNS - could be malicious, could be an simple mistake. I am
assuming the DNS SRV and old DNS might be answered from different servers.
Do browsers restrict origin / cross-site access based on name or on address?
Ietf mailing list