DNS Rebinding
A browser attack that bypasses the same-origin policy by changing a hostname's DNS answer from an attacker-controlled IP to an internal IP after the page loads.
DNS rebinding tricks a browser into treating a malicious site and an internal service as the same origin. The attacker serves `attacker.com` from a public IP with a short TTL, the victim's browser loads JavaScript, and on the next lookup the same hostname resolves to `192.168.1.1` or another internal address. Because the origin (scheme + host + port) has not changed, the script can now talk to the local router, printer, or IoT device. Mitigations live at multiple layers: DNS rebinding protection in resolvers (dnsmasq, pfBlockerNG), HTTPS plus HSTS on internal services, host-header validation, and CSRF tokens.