[dns-operations] [Ext] Browser Public suffixes list

John Levine johnl at taugh.com
Fri Aug 26 22:59:56 UTC 2022


It appears that Paul Hoffman <paul.hoffman at icann.org> said:
>-=-=-=-=-=-
>-=-=-=-=-=-
>
>On Aug 26, 2022, at 2:43 PM, Meir Kraushar via dns-operations <dns-operations at dns-oarc.net> wrote:
>> So bottom line, browser behavior is not based on DNS resolving, nor by any IANA list, but rather on the PSL.
>
>This is interesting info, thanks! The PSL is used by browsers for things like preventing cross-site scripting, but should not be
>relied on for "is it really a TLD". 

The browser makeers would disagree with you:

https://publicsuffix.org/learn/

These are some of the uses of the list we know about. ,,,

Firefox

Restricting cookie setting
Restricting the setting of the document.domain property
Sorting in the download manager
Sorting in the cookie manager
Searching in history
--> Domain highlighting in the URL bar

Chromium/Google Chrome (pre-processing, DAFSA builder, parser)

Restricting cookie setting
--> Determining whether entered text is a search or a website URL
Determining whether wildcard subdomains are allowed in Origin Trial tokens

Internet Explorer

Restricting cookie setting
--> Domain highlighting in the URL bar
--> Zone determination
ActiveX opt-in list security restriction


I'm not saying they're right, but it's been like this for a long time.

R's,
John


More information about the dns-operations mailing list