Ref T6755. I'll add some notes there about specifics.
- Maniphest Tasks
- T6755: Allow more granular configuration of `security.allow-outbound-http`
- Restricted Diffusion Commit
rP40fb0f98df6c: Mostly defuse DNS rebinding attack for outbound requests
- Made connections to HTTP and HTTPS URIs.
- Added some debugging code to verify that HTTP URIs were pre-resolved.