You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
(I'll send a PR, just creating an issue to assign myself to remember for now and start discussion)
The Same-Origin security boundaries implied by the public suffix list (for things like cookies, domain lowering, etc) are built into browsers, and they are discoverable by resources, but there is not a simple and straightforward way to perform a test or determine the boundary. It would be great if there was a way to simply ask a browser for a given URL what it's view of the first delegated name is. (e.g. for "https://www.google.com" or "https://abc.xyz.www.google.com" it is "https://google.com", for "https://test.parseapp.com" it is "https://test.parseapp.com", for "file:///anythingatall" it is null.
The text was updated successfully, but these errors were encountered:
cc: @equalsJeffH
(I'll send a PR, just creating an issue to assign myself to remember for now and start discussion)
The Same-Origin security boundaries implied by the public suffix list (for things like cookies, domain lowering, etc) are built into browsers, and they are discoverable by resources, but there is not a simple and straightforward way to perform a test or determine the boundary. It would be great if there was a way to simply ask a browser for a given URL what it's view of the first delegated name is. (e.g. for "https://www.google.com" or "https://abc.xyz.www.google.com" it is "https://google.com", for "https://test.parseapp.com" it is "https://test.parseapp.com", for "file:///anythingatall" it is null.
The text was updated successfully, but these errors were encountered: