diff --git a/url.bs b/url.bs index b42bdfc8..d5c0f23b 100644 --- a/url.bs +++ b/url.bs @@ -273,8 +273,8 @@ U+0020 SPACE, U+0023 (#), U+0025 (%), U+002F (/), U+003A (:), U+003F (?), U+0040 U+005C (\), or U+005D (]).
A host's public suffix is the portion of a -host which is included on the Public Suffix List [[!PSL]]. To obtain -host's public suffix, run these steps: +host which is included on the Public Suffix List. To obtain +host's public suffix, run these steps: [[!PSL]]
If host is not a domain, then return null. @@ -285,9 +285,8 @@ U+005C (\), or U+005D (]).
A host's registrable domain is a domain formed by -the most specific public suffix, along with the domain label immediately preceeding it. If no such -label is available, the registrable domain is null. To obtain host's -registrable domain, run these steps: +the most specific public suffix, along with the domain label immediately preceeding it, if any. To +obtain host's registrable domain, run these steps:
If host's public suffix is null or host's
@@ -295,7 +294,7 @@ label is available, the registrable domain is null. To obtain Return the registrable domain obtained by executing the
algorithm defined by the Public Suffix List on
- host. [[!PSL]].
+ host. [[!PSL]]
A equals B, and A's registrable - domain is not null. +
A equals B and A's + registrable domain is non-null.
A's registrable domain is B's - registrable domain and is not null. + registrable domain and is non-null.
Assuming that suffix.example
is a public suffix, and that
+
Assuming that suffix.example
is a public suffix and that
example.com
is not:
example.com
, sub.example.com
, other.example.com
,
sub.sub.example.com
, and sub.other.example.com
are all same site
- with each other (and themselves), as each host's registrable domain is
+ with each other (and themselves), as each their registrable domain is
example.com
.
registrable.suffix.example
, sub.registrable.suffix.example
,
other.registrable.suffix.example
, sub.sub.registrable.suffix.example
,
and sub.other.registrable.suffix.example
are all same site with each other
- (and themselves), as each host's registrable domain is
+ (and themselves), as each their registrable domain is
registrable.suffix.example
.
-
example.com
and registrable.suffix.example
are not same
- site with each other, as their registrable domains differ.
+
example.com
and registrable.suffix.example
are not
+ same site with each other, as their registrable domains differ.
suffix.example
is not same site with suffix.example
, as
- it is a public suffix, and therefore has a null registrable
- domain.
+ it is a public suffix, and therefore has a null
+ registrable domain.
Specifications should avoid relying on "public suffix", +
Specifications should avoid depending on "public suffix", "registrable domain", and "same site". The public suffix list will diverge from client to client, and cannot be relied-upon to provide a hard security boundary. Specifications which ignore this advice are encouraged to carefully consider whether URLs' schemes ought to be -incorporated into any decision made based upon whether or not two hosts are same -site. HTML's same origin-domain concept is a reasonable example of this consideration in -practice. +incorporated into any decision made based upon whether or not two hosts are +same site. HTML's same origin-domain concept is a reasonable example of this +consideration in practice.