commit c2b2eab6f2932e847772bc1036a762b50a7b82cb
parent daf62512e6dfcf7170938d2c61fc4894f42ecdc2
Author: groovecoder <71928+groovecoder@users.noreply.github.com>
Date: Tue, 28 Oct 2025 12:45:48 +0000
Bug 1996336 - fix(relay): remove flawed universal TLD matching from isOriginInList r=credential-management-reviewers,mtigley
The universal TLD matching logic attempted to match domains across different
country-code TLDs (e.g., google.com matching google.com.ar), but this approach
was fundamentally flawed:
- Only covered 5 TLDs (.com, .org, .net, .edu, .gov), missing country-code
TLDs like .fr, .pt, .ca, .ar, .co.uk, etc.
- Violated PSL principles by assuming organizational ownership across TLDs
that can be owned by different entities
- Caused inconsistent behavior: leroymerlin.fr didn't block leroymerlin.pt,
and dominos.ca didn't block dominos.tt
Remove this logic and rely solely on exact host matching and PSL-aware
subdomain matching for consistent, predictable behavior.
For legitimate cross-TLD organizational matching, we should integrate
Related Realms instead (see bug 1996332).
Differential Revision: https://phabricator.services.mozilla.com/D270275
Diffstat:
2 files changed, 5 insertions(+), 17 deletions(-)
diff --git a/toolkit/components/satchel/integrations/FirefoxRelay.sys.mjs b/toolkit/components/satchel/integrations/FirefoxRelay.sys.mjs
@@ -514,7 +514,7 @@ async function getListCollection({
| www.google.com | https://www.google.com | True |
| google.com.ar | https://accounts.google.com.ar | True |
| google.com.ar | https://google.com | False |
- | google.com | https://google.com.ar | True |
+ | google.com | https://google.com.ar | False |
| mozilla.org | https://vpn.mozilla.org | True |
| vpn.mozilla.org | https://vpn.mozilla.org | True |
| substack.com | https://hunterharris.substack.com | True |
@@ -525,6 +525,9 @@ async function getListCollection({
| google.com.ar | https://mail.google.com.br | False |
+---------------------------+-----------------------------------+--------+
*
+ * Note: Cross-TLD matching (e.g., google.com matching google.com.ar) requires
+ * explicit list entries or Related Realms integration. See bug 1996332.
+ *
* @param {Array} list Array of {domain: ...} records. Each domain is a string.
* @param {string} origin Origin URL (e.g., https://www.google.com.ar).
* @returns {boolean}
@@ -560,21 +563,6 @@ function isOriginInList(list, origin) {
return true;
}
- // 3. Special case: "universal" domain match, e.g. allowlist has "google.com" and origin is "google.com.ar"
- // Only apply for domains ending with common one-level TLDs
- const UNIVERSAL_TLDS = [".com", ".org", ".net", ".edu", ".gov"];
- for (const record of list) {
- for (const tld of UNIVERSAL_TLDS) {
- if (
- record.domain.endsWith(tld) &&
- host.length > record.domain.length &&
- host.startsWith(record.domain + ".")
- ) {
- return true;
- }
- }
- }
-
return false;
}
diff --git a/toolkit/components/satchel/test/unit/test_isOriginInList.js b/toolkit/components/satchel/test/unit/test_isOriginInList.js
@@ -18,7 +18,7 @@ const TESTS = [
["www.google.com", "https://www.google.com", true],
["google.com.ar", "https://accounts.google.com.ar", true],
["google.com.ar", "https://google.com", false],
- ["google.com", "https://google.com.ar", true],
+ ["google.com", "https://google.com.ar", false],
["mozilla.org", "https://vpn.mozilla.org", true],
["vpn.mozilla.org", "https://vpn.mozilla.org", true],
["substack.com", "https://hunterharris.substack.com", true],
