httpx icon indicating copy to clipboard operation
httpx copied to clipboard

Published 20 hours ago • verified publisher icon encode

Disallow setting Cookies on domains suffixes on the Public Suffix List

Open sethmlarson opened this issue 6 years ago • 3 comments
trafficstars

This feature prevents putting a cookie on a domain prefix that multiple parties are capable of registering sub-domains with.

Public Suffix List: https://publicsuffix.org

There are two libraries in existence already (publicsuffix and publicsuffixlist) however they both are in the same boat of not providing a sans-I/O way of updating the list when it's too old and also don't update their pre-packaged list very often.

My proposed solution is to create a library with automated deployments similar to hstspreload and then also providing a mechanism that any HTTP library can update the packaged list via their own fetching mechanism.

sethmlarson avatar Sep 21 '19 16:09 sethmlarson

The "psl" package has been published to PyPI. After a successful automated deploy I'll be moving the package under the python-http org.

GitHub: https://github.com/sethmlarson/psl PyPI: https://pypi.org/project/psl

sethmlarson avatar Sep 26 '19 03:09 sethmlarson

Okay, that's interesting. Not entirely obvious to me that we need to treat this as a requirement, but possibly.

lovelydinosaur avatar Sep 27 '19 10:09 lovelydinosaur

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Feb 20 '22 15:02 stale[bot]

Okay, gonna close this one off pending any further feedback / prodding from users.

lovelydinosaur avatar Nov 17 '22 13:11 lovelydinosaur