2019-05-06 UTC
# sknebel (basic example: if I host a public thing from inside a protected network, and only have a hole for that thing poked into the firewall, someone being able to coerce it into accessing internal URLs and "helpfully" reporting error responses isn't wanted. If I run a bunch of e.g. known instances in a university network it'd be a shame if they didn't talk to each other because "internal network, not secure")