DNS rebinding against a local-dev TLS proxy used by 70k repos

The proxy's CORS check accepts any host that resolves to 127.0.0.1 at request time. Rebind the A record between the preflight and the body and the browser will happily POST cross-origin JSON at the developer's keychain.