[Webkit-unassigned] [Bug 207984] New: [WPE][GTK] googleapis.com is a public suffix, defeating isGoogle() check in UserAgentQuirks.cpp

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Feb 19 19:12:01 PST 2020 

https://bugs.webkit.org/show_bug.cgi?id=207984

            Bug ID: 207984
           Summary: [WPE][GTK] googleapis.com is a public suffix,
                    defeating isGoogle() check in UserAgentQuirks.cpp
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at gnome.org
                CC: bugs-noreply at webkitgtk.org

At first I thought this was a URLParser bug, but no, for whatever ungodly reason, googleapis.com has been added to the public suffix list: https://github.com/publicsuffix/list/blob/7922d7c20e246552be418e8f72e577899fd30d99/public_suffix_list.dat#L11922

So while, for example, soup_tld_domain_is_public_suffix() would normally only return TRUE for values like "org", "com", "co.uk", etc., it will also return TRUE for "googleapis.com". Notably, this means that the base domain of "fonts.googleapis.com" is actually "fonts.googleapis.com", not "googleapis.com" as one would naively expect. Our base domain test in UserAgentQuirks.cpp is broken. I think we need to change it from:

    if (baseDomain.startsWith("google."))
        return true;
    if (baseDomain == "gstatic.com")
        return true;
    if (baseDomain == "googleapis.com")
        return true;
    if (baseDomain == "googleusercontent.com")
        return true;

To:

    if (baseDomain.startsWith("google."))
        return true;
    if (baseDomain == "gstatic.com")
        return true;
    if (baseDomain.endsWith("googleapis.com"))
        return true;
    if (baseDomain == "googleusercontent.com")
        return true;

Requires testing.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200220/174028ad/attachment-0001.htm>

More information about the webkit-unassigned mailing list