Wervice 🦀Btw any website can basically make a request to your localhost from the browser using a simple fetch. This includes in-dev or untested applications. To prevent this, the application should use proper CORS. I have #noscript installed in my browser as well and denied LAN for any website, even trusted ones. I think this is a fairly scary browser default.