Public Suffix List private domains
I recently learned that
publicsuffix-ruby raises an error for some domains:
PublicSuffix::DomainNotAllowed: `s3.amazonaws.com` is not allowed according to Registry policy
ignore_private: true, and this goes away, but what is it? They have some info about private domains on the
publicsuffix-ruby README, but not much.
Turns out there’s a
BEGIN PRIVATE DOMAINS section of their bundled public suffix list. This comes from the Mozilla Public Suffix List which has slightly more information:
In addition, owners of privately-registered domains who themselves issue subdomains to mutually-untrusting parties may wish to be added to the PRIVATE section of the list.
From my reading of it, this is referring to services that give untrusted users a subdomain like “foo.herokuapp.com” or “foo.s3.amazonaws.com”. It’s new to me that there’s a registry of these, and good to know about.
See also: Learn more about the Public Suffix List