In a form, I would like to make sure that only a “localhost” url is allowed. So what should I look for? http://127.0.1.1 and http://localhost? Is that all? I’ve seen numbers after “localhost” sometimes ("localhost:****) so I’m not so sure if I have to check for those or not.
Is there a regexp to validate localhost? Should I simply allow everything that doesn’t end with a “.soemthing” as it seems that you can map any name to your local machine?
So you leave all that localhost stuff in the production code? My solution is better…I run the code as it will run on the production server, under a proper domain, and server configuration (not in a sub-directory).
With Apache I use VirtualHost to create multiple distinct web sites. IIS is the same but uses different configuration methodologies. Combined with using “hosts” to create domain names. (An actual DNS server can also be used.)