[1] MIX: Block private resources from public resources. · d635094 · w3c/webappsec ( ( 版)) https://github.com/w3c/webappsec/commit/d635094f4e6f6a27fd565f63c9570858de27172b
[2] Issue 378566 - chromium - Block sub-resource loads from the web to private networks and localhost - An open-source project to help move the web forward. - Google Project Hosting ( 版) https://code.google.com/p/chromium/issues/detail?id=378566
[3] CORS and RFC1918 ( 版) https://mikewest.github.io/cors-rfc1918/
[4] Limiting requests from the internet to the intranet. (Mike West 著, 版) https://lists.w3.org/Archives/Public/public-webappsec/2016Jan/0000.html
[5] Issue 378566 - chromium - Block sub-resource loads from the web to private networks and localhost - An open-source project to help move the web forward. - Google Project Hosting ( 版) https://code.google.com/p/chromium/issues/detail?id=378566
[6] Issue 693 - google-security-research - TrendMicro node.js HTTP server listening on localhost can execute commands - Google Security Research - Google Project Hosting ( 版) https://code.google.com/p/google-security-research/issues/detail?id=693
[7] [MIX] Carveout for `127.0.0.1`? (Mike West 著, 版) https://lists.w3.org/Archives/Public/public-webappsec/2016Apr/0044.html
[13] GitHub - WICG/private-network-access, https://github.com/WICG/private-network-access