User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Firefox/45.0 Build ID: 20160303134406 Steps to reproduce: This is just 1 of many workflows I've accidentally stumbled into that lead to this issue: 1. Run a local HTTP server (e.g., on port 8000) 2. Do something on the server that takes a while (e.g., 5 seconds) to respond 3. Visit localhost:8000 in Firefox and receive an HTTP response 4. Refresh the tab that has previously loaded port localhost:8000 and shut down the server while Firefox is waiting for a response 5. Watch all the private information in your localhost URL forwarded for free to whoever owns localhost.com Actual results: Firefox redirects (in a few cases - the one I mentioned is just one example) to www.localhost.com Expected results: Firefox should never ever... EVER make a DNS lookup or send any HTTP data over the network when I make a request to localhost. Imagine you're at chase.com/SecretThatGivesAccessToYourMoney/ and Firefox redirected you to chasecom.com/SecretThatGivesAccessToYourMoney/... Doesn't that seem like a glaring security issue? Leaking localhost requests is much more critical than that, considering how many applications install an HTTP server for local access via a browser. This is from /etc/hosts, indicating that this isn't a networking issue on my machine: 127.0.0.1 localhost Firefox 45.0 with default settings / OS X El Capitan 10.11.3

Is this type of thing handled in the frontend code?

This is not the code that's dealing with it - nor should it have to deal with random redirects. This is the same as #1087380.