sknebelon localhost, you potentially could talk to e.g. a database using a non-HTTP protocol, there have been weird vulnerabilities where creative HTTP requests then are interpreted as commands. especially relevant if you accept HTTP urls including port numbers
