Last Comment Bug 676359 - Add !www.ck and !www.gt to PSL
: Add !www.ck and !www.gt to PSL
Status: RESOLVED FIXED
[qa-]
:
Product: Core
Classification: Components
Component: Networking: Domain Lists (show other bugs)
: unspecified
: x86 Mac OS X
: -- normal (vote)
: mozilla13
Assigned To: Jothan Frakes
:
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-08-03 13:29 PDT by joat222
Modified: 2012-03-29 12:44 PDT (History)
5 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
fixed
fixed


Attachments

Description joat222 2011-08-03 13:29:36 PDT
User Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/533.21.1 (KHTML, like Gecko) Version/5.0.5 Safari/533.21.1

Steps to reproduce:

i surfed to www.ck


Actual results:

it brought up the website www.ck


Expected results:

According to the public suffixes list at http://mxr.mozilla.org/mozilla-central/source/netwerk/dns/effective_tld_names.dat?raw=1, www.ck should not be a valid domain

I think .ck should be changed as follows:
// ck : http://en.wikipedia.org/wiki/.ck
*.ck
!www.ck
Comment 1 joat222 2011-08-03 13:38:44 PDT
Actually I also discovered the www.gt works, so I think that its public suffix entry should be changed in a similar manner to .ck outlined already
Comment 2 Christian :Biesinger (don't email me, ping me on IRC) 2011-08-03 16:11:18 PDT
FWIW, this is not how the public suffix list works. You will always be able to browse to these hosts; public suffix only affects cookies and the like.
Comment 3 joat222 2011-08-03 16:50:52 PDT
I am not primarily concerned with navigating to that site.  I just want to be aware that such a domain is valid.
Comment 4 Jo Hermans 2011-08-03 17:48:26 PDT
It still is - the main problem for them is that they're not able to set a cookie on their own webserver (which they don't actually). And the color in the locationbar is a bit wrong.

The reason is that their name (www) looks like a top-level domain, which is supposed to be out of their control. A hypothetical example.co.ck website is allowed to place cookies on example.co.ck (for use by www1.example.co.ck or www2.example.co.ck), but not on co.ck itself. That's because *.ck (all second level domains) are declared a top-level-domain. That's why www.ck can't place a cookie on ww.ck itself.

Gerv: maybe we should make a general exception for websites that look like a complete top-level domain. There's not even a website name here. Granted, this scheme seems only to be used by the main portal of the domain (often 'www') and/or the nic.
Comment 5 Gervase Markham [:gerv] 2011-08-15 09:07:41 PDT
I think we should make exceptions where we know about exceptions :-) if www.ck and www.gt exist, we should add them as exceptions - and any others people find.

Gerv
Comment 6 Jothan Frakes 2011-09-30 09:27:19 PDT
There is a lot of variance on the use of www itself in the manner that the .CK or .GT are doing.  There are others, and I also would suggest that the majority of the upcoming .brand new TLDs would want this functionality.  

They will also desire the ability to directly type the brand into the location bar as the URL, and have cookies set or treat the string as an apex.
Comment 7 Gervase Markham [:gerv] 2011-10-26 08:25:24 PDT
Let's not open that can of worms yet. In the mean time, if www.ck and www.gt need exceptions, can you please produce a patch to add them?

Gerv
Comment 8 Gervase Markham [:gerv] 2012-02-21 09:07:11 PST
https://hg.mozilla.org/integration/mozilla-inbound/rev/8ce5ae7b065b

Gerv
Comment 9 Ed Morley [:emorley] 2012-02-22 10:51:17 PST
https://hg.mozilla.org/mozilla-central/rev/8ce5ae7b065b
Comment 11 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-03-05 16:40:26 PST
Is there anything QA can do to verify this fix?

Note You need to log in before you can comment on or make changes to this bug.