Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add myshopify.com #1179

Merged
merged 1 commit into from
Jan 8, 2021
Merged

Add myshopify.com #1179

merged 1 commit into from
Jan 8, 2021

Conversation

richter-alex
Copy link

@richter-alex richter-alex commented Jan 7, 2021
edited
Loading

  • Description of Organization

  • Reason for PSL Inclusion

  • DNS verification via dig

  • Run Syntax Checker (make test)

  • Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration.

Description of Organization

Organization Website: https://www.shopify.com

My name is Alex, I'm an Application Security Engineer at Shopify.

Shopify is an e-commerce organization. We provide merchants with tools and services to sell their products online and/or in-person, with the ultimate goal of making commerce better for everyone.

Reason for PSL Inclusion

In addition to allowing merchants to purchase and/or connect their domain name to their shops, we provision all new merchants with a *.myshopify.com subdomain. Because of this, requests between shops using *.myshopify.com domains are considered to be samesite, leaving them open to CSRF.

We're looking to add myshopify.com to the Public Suffix List to improve cookie security for all of our merchants who do not yet make use of a custom domain.

DNS Verification via dig

> dig +short TXT _psl.myshopify.com
"https://github.com/publicsuffix/list/pull/1179"

make test

Tests passed OK.

@richter-alex richter-alex marked this pull request as ready for review January 7, 2021 19:16
@dnsguru dnsguru self-assigned this Jan 8, 2021
dnsguru
dnsguru approved these changes Jan 8, 2021
View reviewed changes
Copy link
Member

@dnsguru dnsguru left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • description accepted
  • test passes
  • no conflict with base
  • dns authentication ok

APPROVE

@dnsguru dnsguru merged commit 12bf809 into publicsuffix:master Jan 8, 2021
@jonrburns jonrburns mentioned this pull request Apr 12, 2021
Open
@dnsguru
Copy link
Member

dnsguru commented Apr 21, 2021

#1245

@dnsguru dnsguru added the IOS-FB? PR related to Issue #1245 / needs https://www.facebook.com/help/contact/474057987130813 label May 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dnsguru dnsguru dnsguru approved these changes

Assignees

@dnsguru dnsguru

Labels
IOS-FB? PR related to Issue #1245 / needs https://www.facebook.com/help/contact/474057987130813
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@richter-alex @dnsguru