Gerv, Can you please update: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDService#getPublicSuffix%28%29 To have some more detailed information? In particular: [09:56am] mkaply: OK, dumb question. Why does the effective eTLD.getPublicSuffixFromHost for “a.b.c.thisisnotadomain” return thisisnotadomain instead of null? Is there any API that can be used to validate domains against the base domain list? [10:00am] gerv: mkaply: Answer: [10:01am] gerv: because the Public Suffix List algorithm has an implicit "*" rule. [10:01am] gerv: So, if you ask for the public suffix of "foo.intranet" [10:01am] mastizada1 left the chat room. (Ping timeout: 121 seconds) [10:01am] gerv: the answer is "intranet". [10:01am] gerv: This is used e.g. for cookie setting, or base domain highlighting. [10:01am] mkaply: gerv: Is there anyway to avoid that rule? We should have a flag or something. [10:01am] mkaply: Chrome doesn’t do that [10:01am] gerv: Well indeed, [10:01am] gerv: and it causes problems. [10:02am] gerv: Particularly if you are using a list which is not current. [10:02am] gerv: So say someone inserts ".flowers" as a TLD in the DNS. [10:02am] gerv: Chrome uses the PSL to determine what's a search and what's a domain name [10:02am] gerv: type in "mum.flowers" and you'll get a search, not a website [10:02am] gerv: That's bad. [10:02am] gerv: Which is why the PSL is not recommended for such uses. [10:02am] gerv: Given the flux in the TLD space, [10:03am] gerv: and the existence of intranets, it is not recommended that software hard-codes what is and what is not a valid domain. [10:03am] gerv: Intranets may or may not use private names, [10:03am] gerv: and they may use names which were private when assigned but, due to flux in the TLD space, are now also
Added some notes at the top. Feel like reviewing? :-) Gerv
Summary: Update nsIEffectiveTLDService docs to talk about how the PLS works → Update nsIEffectiveTLDService docs to talk about how the PSL works
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.