[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] Overly permissive hostname matching
From: |
Jeffrey Walton |
Subject: |
Re: [Bug-wget] Overly permissive hostname matching |
Date: |
Wed, 19 Mar 2014 11:55:29 -0400 |
On Wed, Mar 19, 2014 at 11:38 AM, Daniel Kahn Gillmor
<address@hidden> wrote:
> On 03/19/2014 11:26 AM, Jeffrey Walton wrote:
>
>> wget "http://publicsuffix.org/list/effective_tld_names.dat" -O $MOZILLA_LIST
>
> I recommend using the following HTTPS URL instead, so that you have some
> level of cryptographic verification of the data before loading it:
>
> https://hg.mozilla.org/mozilla-central/raw-file/tip/netwerk/dns/effective_tld_names.dat
>
> (this is what i use to update the debian publicsuffix package)
Also, be careful of where you are pulling the list from. I got burned
by pulling a list that was not being updated
(https://bugzilla.mozilla.org/show_bug.cgi?id=968064).
The Mozilla folks state the canonical list is at
http://publicsuffix.org/list/effective_tld_names.dat. See Comment 11
at https://bugzilla.mozilla.org/show_bug.cgi?id=968064#c11.
Jeff
- Re: [Bug-wget] Overly permissive hostname matching, (continued)
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Daniel Stenberg, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Ángel González, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Daniel Kahn Gillmor, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching,
Jeffrey Walton <=
- Re: [Bug-wget] Overly permissive hostname matching, Daniel Kahn Gillmor, 2014/03/19
- Re: [Bug-wget] Overly permissive hostname matching, Tim Rühsen, 2014/03/20
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/20
- Re: [Bug-wget] Overly permissive hostname matching, Tim Ruehsen, 2014/03/21
- Re: [Bug-wget] Overly permissive hostname matching, Daniel Stenberg, 2014/03/20
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/20
- Re: [Bug-wget] Overly permissive hostname matching, Ángel González, 2014/03/20
- Re: [Bug-wget] Overly permissive hostname matching, Jeffrey Walton, 2014/03/20
- Re: [Bug-wget] Overly permissive hostname matching, Daniel Stenberg, 2014/03/20
- Re: [Bug-wget] Overly permissive hostname matching, Ángel González, 2014/03/20