diff --git a/lib/build/utils.js b/lib/build/utils.js
index f24fba2d7..1363e2355 100644
--- a/lib/build/utils.js
+++ b/lib/build/utils.js
@@ -319,8 +319,18 @@ function getTopLevelDomainForSameSiteResolution(url) {
         // we treat these as the same TLDs since we can use sameSite lax for all of them.
         return "localhost";
     }
-    let parsedURL = tldts_1.parse(hostname);
+    // Before `tldts`, `psl` was being used and that library automatically
+    // handled parsing private domains. With `tldts`, `allowPrivateDomains` is
+    // required to be passed to handle that.
+    //
+    // This is important for parsing ec2 public URL's that were initially
+    // reported to be breaking in the following issue:
+    // https://github.com/supertokens/supertokens-python/issues/394
+    let parsedURL = tldts_1.parse(hostname, { allowPrivateDomains: true });
     if (!parsedURL.domain) {
+        // If the URL is an AWS public URL, return the entire URL since it is
+        // considered a suffix entirely (instead of just amazonaws.com). This
+        // was initially reported in https://github.com/supertokens/supertokens-python/issues/394
         if (hostname.endsWith(".amazonaws.com") && parsedURL.publicSuffix === hostname) {
             return hostname;
         }
diff --git a/lib/ts/utils.ts b/lib/ts/utils.ts
index 694b8bfd7..a19cba132 100644
--- a/lib/ts/utils.ts
+++ b/lib/ts/utils.ts
@@ -345,8 +345,18 @@ export function getTopLevelDomainForSameSiteResolution(url: string): string {
         return "localhost";
     }
 
-    let parsedURL = parse(hostname);
+    // Before `tldts`, `psl` was being used and that library automatically
+    // handled parsing private domains. With `tldts`, `allowPrivateDomains` is
+    // required to be passed to handle that.
+    //
+    // This is important for parsing ec2 public URL's that were initially
+    // reported to be breaking in the following issue:
+    // https://github.com/supertokens/supertokens-python/issues/394
+    let parsedURL = parse(hostname, { allowPrivateDomains: true });
     if (!parsedURL.domain) {
+        // If the URL is an AWS public URL, return the entire URL since it is
+        // considered a suffix entirely (instead of just amazonaws.com). This
+        // was initially reported in https://github.com/supertokens/supertokens-python/issues/394
         if (hostname.endsWith(".amazonaws.com") && parsedURL.publicSuffix === hostname) {
             return hostname;
         }
diff --git a/package-lock.json b/package-lock.json
index b8fec03d5..2b3538590 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6,7 +6,7 @@
     "packages": {
         "": {
             "name": "supertokens-node",
-            "version": "20.1.2",
+            "version": "20.1.3",
             "license": "Apache-2.0",
             "dependencies": {
                 "buffer": "^6.0.3",