The best part is that *.*.localhost is also supported, so you can finally just replace *.com for your prod domains with *.localhost.

ArchiveBox now uses this feature by default in the latest version to finally offer unique per-snapshot domain isolation, so we can safely replay archived JS without risking compromise of your whole archive.

Such an awesome feature, the barrier to do this used to be prohibitively high but now it "just works".

Good tip, I didn't realize the browser would automatically resolve any subdomain of localhost to 127.0.0.1/::1 as well these days.

I tested on Chrome but I assume this is true for Safari as well?

Just tried it on my Mac and sadly it doesn’t seem like it. I’m still on Sequoia, so possibly it does it on Tahoe, but probably unlikely. That’s a shame.

It’d be nice if someone on the Safari team added this though to match Chrome and Firefox!

It works in Tahoe.

> But that only really helps you when you're dealing with websites in a browser, and when you want the address to resolve back to your local machine. So it wont help you with other programs like python/wget/etc or any calls you make to getaddrinfo()

It works for me on Tahoe.

Yeah I've been doing this as well. I know it's a minor nit, but I wish that TLD was shorter. I've used *.local in the past but that has bitten me too many times.

we have dev.our-root-domain.com in public DNS pointing to 127.0.0.1

I've run into resolvers that filter things like that to prevent dns rebinding attacks. And localhost (the hostname) does not work for CORS.

Best option is probably to set dev.our-root-domain.com in /etc/hosts

[1]: https://en.wikipedia.org/wiki/DNS_rebinding

Haven't had an issue yet, with a team scattered across US, Canada and UK. I'm sure it's possible - but so far we've been using this for about 3 years with no hiccups.

Definitely more common on corporate networks.

I guess most home users (remote employees) are probably either using their ISP's resolvers, or browser DoH (Dns-Over-HTTPS).