Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem with amazonaws.com #16

Open
UnveilTech opened this issue Nov 2, 2022 · 12 comments
Open

Problem with amazonaws.com #16

UnveilTech opened this issue Nov 2, 2022 · 12 comments

Comments

@UnveilTech
Copy link

Hi,
is that normal that none of amazonaws.com hosts are found ?
ex: kinesis.us-east-1.amazonaws.com
each time it gives NULL

bye Fred
@Pascal76
Copy link

Pascal76 commented Jan 1, 2023
edited
Loading

same issue (s3.amazonaws.com) :(

  • Deprecated: strlen(): Passing null to parameter nb 1 ($string) of type string is deprecated in <...>/registered-domain-libs/regDomain.class.php on line 69
  • I have to strtolower the domain before ... is it expected ?(try on Rfitvintage.com)

(on php 8.1)

@usrflo
Copy link
Owner

usrflo commented Feb 5, 2023
edited
Loading

@UnveilTech : I tried all 3 implementations with kinesis.us-east-1.amazonaws.com and the results look good to me:

registered-domain-libs/PHP $ php test-regDomain.php kinesis.us-east-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
registered-domain-libs/PHP $ php test-regDomain.php test.kinesis.us-east-1.amazonaws.com
kinesis.us-east-1.amazonaws.com

registered-domain-libs/Perl $ perl -I. test-regDomain.pl kinesis.us-east-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
registered-domain-libs/Perl $ perl -I. test-regDomain.pl test.kinesis.us-east-1.amazonaws.com
kinesis.us-east-1.amazonaws.com

registered-domain-libs/C $ ./test-regdom kinesis.us-east-1.amazonaws.com
kinesis.us-east-1.amazonaws.com: kinesis.us-east-1.amazonaws.com
registered-domain-libs/C $ ./test-regdom test.kinesis.us-east-1.amazonaws.com
test.kinesis.us-east-1.amazonaws.com: kinesis.us-east-1.amazonaws.com

What exactly fails with NULL?

(on PHP 8.1.2 and perl 5, version 34)

@usrflo
Copy link
Owner

usrflo commented Feb 5, 2023
edited
Loading

same issue (s3.amazonaws.com) :(

@Pascal76: as s3.amazonaws.com is listed in https://publicsuffix.org/list/public_suffix_list.dat and is considered to be a public suffix according to the definition at https://publicsuffix.org/ : 'A "public suffix" is one under which Internet users can (or historically could) directly register names'.

This regdom-lib allows to detect registered domain names equal to the subdomain below a public suffix.
Because of the list record s3.amazonaws.com you get as a result:

  • s3.amazonaws.com is no registered domain
  • sub.s3.amazonaws.com could be a registered domain

Looking at the request of an Amazon employee in publicsuffix/list#105 to add s3.amazonaws.com to the public suffix list I think Amazon may have had a different requirement: as you can see at https://publicsuffix.org/learn/ in section "Uses" browsers e.g. restrict cookie settings with these public suffixes. It may be Amazon tried to force some restrictions with their detailed list of suffixes. And this may break the detection of the registered domain that in my view should be amazonaws.com in case of s3.amazonaws.com.

@lawells: you were the one that requested publicsuffix/list#105 back in 2016. Could you please clarify why Amazon had the need to have these detailed *.amazonaws.com public suffixes published?

@Pascal76
Copy link

Pascal76 commented Feb 5, 2023
edited
Loading

public function validDomainPart($domPart) {
// see http://www.register.com/domain-extension-rules.rcmx
$len = strlen($domPart);

There should be a check to avoid NULL for $domPart

@usrflo
Copy link
Owner

usrflo commented Feb 6, 2023

There should be a check to avoid NULL for $domPart

I just added it in ee64e44

@UnveilTech
Copy link
Author

Hi,

$szDom is NULL, it should be "amazonaws.com"

bye Fred

@UnveilTech
Copy link
Author

$szHost = "kinesis.us-east-1.amazonaws.com";
$szDom = getRegisteredDomain($szHost);

@usrflo
Copy link
Owner

usrflo commented Feb 6, 2023

$szDom is NULL, it should be "amazonaws.com"

$szDom is "kinesis.us-east-1.amazonaws.com" according to the explanation in #16 (comment).

Maybe it would be more precise to differ between
a) registered domain like amazonaws.com or dyndns.org
b) domain that can be used to restrict cookie settings for. Otherwise sites at *.amazonaws.com or *.dyndns.org could all collide/access cookies at amazonaws.com/dyndns.org

What's your use-case for getRegisteredDomain(...) ?

@UnveilTech
Copy link
Author

What's your use-case for getRegisteredDomain(...) ?

$szDom = getRegisteredDomain("kinesis.us-east-1.amazonaws.com");
result is NULL for $szDom

@usrflo
Copy link
Owner

usrflo commented Feb 6, 2023

Are you sure you're using the latest implementation?

$registeredDomain = getRegisteredDomain("kinesis.us-east-1.amazonaws.com", $tldTree);
--> the result in $registeredDomain is "kinesis.us-east-1.amazonaws.com"

@UnveilTech
Copy link
Author

Hi,
latest implementation does not return NULL anymore, that's good.
but it should return the master domain "amazonaws.com" instead of "kinesis.us-east-1.amazonaws.com", no ?

bye Fred

@usrflo
Copy link
Owner

usrflo commented Feb 10, 2023

but it should return the master domain "amazonaws.com" instead of "kinesis.us-east-1.amazonaws.com", no ?

@UnveilTech : yes, sure. Can you confirm that my explanation for this issue in #16 (comment) makes the problem clear?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@usrflo @UnveilTech @Pascal76