Re: [Bug-wget] Overly permissive hostname matching

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] Overly permissive hostname matching

From:	Jeffrey Walton
Subject:	Re: [Bug-wget] Overly permissive hostname matching
Date:	Wed, 19 Mar 2014 11:47:46 -0400

On Wed, Mar 19, 2014 at 11:42 AM, Jeffrey Walton <address@hidden> wrote:
> On Wed, Mar 19, 2014 at 11:38 AM, Daniel Kahn Gillmor
> <address@hidden> wrote:
>> On 03/19/2014 11:26 AM, Jeffrey Walton wrote:
>>
>>> wget "http://publicsuffix.org/list/effective_tld_names.dat"; -O $MOZILLA_LIST
>>
>> I recommend using the following HTTPS URL instead, so that you have some
>> level of cryptographic verification of the data before loading it:
>>
>> https://hg.mozilla.org/mozilla-central/raw-file/tip/netwerk/dns/effective_tld_names.dat
>>
>> (this is what i use to update the debian publicsuffix package)
> Ah, good point. I did not even notice that.
OK, here's the reason for that:

$ ./eff_tld_names.sh
--2014-03-19 12:46:20--  https://publicsuffix.org/list/effective_tld_names.dat
Resolving publicsuffix.org (publicsuffix.org)... 63.245.217.181
Connecting to publicsuffix.org
(publicsuffix.org)|63.245.217.181|:443... failed: Connection refused.

(It sucks getting old. I should have remembered that there's no HTTPS
access t that list).

Jeff

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Bug-wget] Overly permissive hostname matching, (continued)

Prev by Date: Re: [Bug-wget] Overly permissive hostname matching
Next by Date: Re: [Bug-wget] Overly permissive hostname matching
Previous by thread: Re: [Bug-wget] Overly permissive hostname matching
Next by thread: Re: [Bug-wget] Overly permissive hostname matching
Index(es):
- Date
- Thread