diff --git a/url.bs b/url.bs index 831a890d..11b0390e 100644 --- a/url.bs +++ b/url.bs @@ -272,6 +272,124 @@ for further processing. U+0020 SPACE, U+0023 (#), U+0025 (%), U+002F (/), U+003A (:), U+003F (?), U+0040 (@), U+005B ([), U+005C (\), or U+005D (]). +
A host's public suffix is the portion of a +host which is included on the Public Suffix List. To obtain +host's public suffix, run these steps: [[!PSL]] + +
If host is not a domain, then return null. + +
Return the public suffix obtained by executing the + algorithm defined by the Public Suffix List on + host. [[!PSL]]. +
A host's registrable domain is a domain formed by +the most specific public suffix, along with the domain label immediately preceeding it, if any. To +obtain host's registrable domain, run these steps: + +
If host's public suffix is null or host's + public suffix equals host, then return null. + +
Return the registrable domain obtained by executing the + algorithm defined by the Public Suffix List on + host. [[!PSL]] +
Host input + | Public suffix + | Registrable domain + |
---|---|---|
com
+ | com
+ | null + |
example.com
+ | com
+ | example.com
+ |
www.example.com
+ | com
+ | example.com
+ |
sub.www.example.com
+ | com
+ | example.com
+ |
EXAMPLE.COM
+ | com
+ | example.com
+ |
github.io
+ | github.io
+ | null + |
whatwg.github.io
+ | github.io
+ | whatwg.github.io
+ |
إختبار
+ | xn-kgbechtv
+ | null + |
example.إختبار
+ | xn-kgbechtv
+ | example.xn-kgbechtv
+ |
sub.example.إختبار
+ | xn-kgbechtv
+ | example.xn-kgbechtv
+ |
Two hosts, A and B are said to be +same site with each other if either of the following statements are true: + +
A equals B and A's + registrable domain is non-null. + +
A's registrable domain is B's + registrable domain and is non-null. +
Assuming that suffix.example
is a public suffix and that
+ example.com
is not:
+
+
example.com
, sub.example.com
, other.example.com
,
+ sub.sub.example.com
, and sub.other.example.com
are all same site
+ with each other (and themselves), as their registrable domains are
+ example.com
.
+
+
registrable.suffix.example
, sub.registrable.suffix.example
,
+ other.registrable.suffix.example
, sub.sub.registrable.suffix.example
,
+ and sub.other.registrable.suffix.example
are all same site with each other
+ (and themselves), as their registrable domains are
+ registrable.suffix.example
.
+
+
example.com
and registrable.suffix.example
are not
+ same site with each other, as their registrable domains differ.
+
+
suffix.example
is not same site with suffix.example
, as
+ it is a public suffix, and therefore has a null
+ registrable domain.
+
Specifications should avoid depending on "public suffix", +"registrable domain", and "same site". The public suffix list will diverge +from client to client, and cannot be relied-upon to provide a hard security boundary. Specifications +which ignore this advice are encouraged to carefully consider whether URLs' schemes ought to be +incorporated into any decision made based upon whether or not two hosts are +same site. HTML's same origin-domain concept is a reasonable example of this +consideration in practice. +