Hacker News new | past | comments | ask | show | jobs | submit login

No, because you'd have to distribute the private key for the local webserver to be able to sign the connection challenge.

But that's just a reason why it would be a bad idea, not a reason that they couldn't do it or that it wouldn't work.

I would think that they could distribute the cert (and the key) and have it work. [Edit] Unless browsers detect that it's a local IP address behind the domain name and still consider it a special case of origin.

Plex solved this problem is pretty much the way you describe.


it's not the nicest solution, but I don't see the problem with a public certificate and public private key (yeah not the most elegant wording) that is literally issued to `localhost` or `` (not localhost.zoom.us because that still goes through DNS once and could be hijacked)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact