--- private-target bypass candidates: vulnerable vs patched --- vulnerable=true reg=true send=BLOCKED(dns:127.0.0.1) | http://127.0.0.1/ vulnerable=true reg=true send=BLOCKED(dns:[::1]) | http://[::1]/ vulnerable=true reg=true send=BLOCKED(dns:169.254.169.254) | http://169.254.169.254/latest/meta-data vulnerable=true reg=true send=BLOCKED(dns:localhost) | http://localhost/ vulnerable=true reg=true send=BLOCKED(dns:2130706433) | http://2130706433/ vulnerable=true reg=true send=BLOCKED(dns:0177.0.0.1) | http://0177.0.0.1/ vulnerable=true reg=true send=BLOCKED(dns:0x7f000001) | http://0x7f000001/ vulnerable=true reg=true send=BLOCKED(syntax) | http://127.1/ vulnerable=true reg=true send=BLOCKED(syntax) | http://127.0.1/ vulnerable=true reg=true send=BLOCKED(syntax) | http://0x7f.0.0.1/ vulnerable=true reg=true send=BLOCKED(syntax) | http://0x7f.1/ vulnerable=true reg=true send=BLOCKED(dns:[0:0:0:0:0:0:0:1]) | http://[0:0:0:0:0:0:0:1]/ vulnerable=true reg=true send=BLOCKED(dns:[0000:0000:0000:0000:0000:0000:0000:0001]) | http://[0000:0000:0000:0000:0000:0000:0000:0001]/ vulnerable=true reg=true send=BLOCKED(dns:[::127.0.0.1]) | http://[::127.0.0.1]/ vulnerable=true reg=true send=BLOCKED(dns:[::0:127.0.0.1]) | http://[::0:127.0.0.1]/ vulnerable=true reg=true send=BLOCKED(dns:[0:0:0:0:0:ffff:127.0.0.1]) | http://[0:0:0:0:0:ffff:127.0.0.1]/ vulnerable=true reg=true send=BLOCKED(dns:[::ffff:0:127.0.0.1]) | http://[::ffff:0:127.0.0.1]/ vulnerable=true reg=true send=BLOCKED(dns:[::ffff:7f00:1]) | http://[::ffff:7f00:1]/ vulnerable=true reg=true send=BLOCKED(dns:[64:ff9b::7f00:1]) | http://[64:ff9b::7f00:1]/ vulnerable=true reg=true send=BLOCKED(dns:[64:ff9b::a9fe:a9fe]) | http://[64:ff9b::a9fe:a9fe]/ vulnerable=true reg=true send=BLOCKED(dns:[fe80::1%25lo0]) | http://[fe80::1%25lo0]/ vulnerable=true reg=true send=BLOCKED(dns:[::1%25lo0]) | http://[::1%25lo0]/ vulnerable=true reg=false send=BLOCKED(dns:Webhook host resolves to a non-public address. host=127.0.0.1.nip.io, address=127.0.0.1) | http://127.0.0.1.nip.io/ vulnerable=true reg=false send=BLOCKED(dns:Webhook host resolves to a non-public address. host=127-0-0-1.nip.io, address=127.0.0.1) | http://127-0-0-1.nip.io/ vulnerable=true reg=false send=BLOCKED(dns:Webhook host resolves to a non-public address. host=127.0.0.1.xip.io, address=127.0.0.1) | http://127.0.0.1.xip.io/ vulnerable=true reg=false send=BLOCKED(dns:Webhook host resolves to a non-public address. host=example.localhost.com, address=127.0.0.1) | http://example.localhost.com/ vulnerable=true reg=false send=BLOCKED(dns:Webhook host resolves to a non-public address. host=localhost.example.com, address=127.0.0.1) | http://localhost.example.com/ --- public-control URLs: should remain allowed --- vulnerable=true reg=false send=ALLOWED allowed=true | http://8.8.8.8/ vulnerable=true reg=false send=ALLOWED allowed=true | http://example.com/ vulnerable=true reg=false send=ALLOWED allowed=true | https://[2606:4700:4700::1111]/ --- summary --- Private target candidates: 27 accepted by vulnerable validator: 27 blocked by patched validator/DNS: 27 not blocked by patched code: 0 Public control URLs: 3 still allowed by patched code: 3 RESULT: no bypass found; patch blocks all private-target variants