Local Listener, sans-admin

Topics: Web Api
Feb 2, 2012 at 12:00 AM

I'm using self-hosted Web API, via HttpServiceHost.

When I ask it to listen on http://localhost:4445, it actually tries to listen on http://+:4445. That's a wildcard in HTTP.sys terminology, which means it's trying to listen to remote connections as well. This then requires admin rights, or a pre-granted ACL via netsh.

I get the same problem for http://127.0.0.1:4445.

Is there a way to get Web API to not translate my request for a local listener into a wildcard?

(Personally, I think this is a security bug. If I ask for a local listener, it should be local. If I want to listen to remote connections, I'll ask for it.)

Feb 2, 2012 at 1:51 AM

http://mymachinename:4445 produces the same issue: it is expanded to http://+:4445 against my will.