From bd35e7e1decefa692332f3af06bb658c983acdbc Mon Sep 17 00:00:00 2001 From: Mike West Date: Mon, 4 Jun 2018 10:37:55 +0200 Subject: [PATCH] fixup more feedback. --- url.bs | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/url.bs b/url.bs index d953235f..b42bdfc8 100644 --- a/url.bs +++ b/url.bs @@ -284,9 +284,10 @@ U+005C (\), or U+005D (]). host. [[!PSL]]. -

A host's registrable domain is a domain that could -be registered at a registry. To obtain host's registrable domain, run -these steps: +

A host's registrable domain is a domain formed by +the most specific public suffix, along with the domain label immediately preceeding it. If no such +label is available, the registrable domain is null. To obtain host's +registrable domain, run these steps:

  1. If host's public suffix is null or host's @@ -384,7 +385,11 @@ these steps:

    Specifications should avoid relying on "public suffix", "registrable domain", and "same site". The public suffix list will diverge -from client to client, and cannot be relied-upon to provide a hard security boundary.

    +from client to client, and cannot be relied-upon to provide a hard security boundary. Specifications +which ignore this advice are encouraged to carefully consider whether URLs' schemes ought to be +incorporated into any decision made based upon whether or not two hosts are same +site. HTML's same origin-domain concept is a reasonable example of this consideration in +practice.

    IDNA