←back to thread

Google flags Immich sites as dangerous

(immich.app)
1281 points janpio | 1 comments | 22 Oct 25 20:53 UTC | HN request time: 1.073s | source
Show context
arccy ◴[22 Oct 25 23:30 UTC] No.45676475[source]
If you're going to host user content on subdomains, then you should probably have your site on the Public Suffix List https://publicsuffix.org/list/ . That should eventually make its way into various services so they know that a tainted subdomain doesn't taint the entire site....
replies(16): >>45676781 #>>45676818 #>>45677023 #>>45677080 #>>45677130 #>>45677226 #>>45677274 #>>45677297 #>>45677341 #>>45677379 #>>45677725 #>>45677758 #>>45678975 #>>45679154 #>>45679258 #>>45679802 #
0xbadcafebee ◴[23 Oct 25 02:02 UTC] No.45677379[source]

  In the past, browsers used an algorithm which only denied setting wide-ranging cookies for top-level domains with no dots (e.g. com or org). However, this did not work for top-level domains where only third-level registrations are allowed (e.g. co.uk). In these cases, websites could set a cookie for .co.uk which would be passed onto every website registered under co.uk.

  Since there was and remains no algorithmic method of finding the highest level at which a domain may be registered for a particular top-level domain (the policies differ with each registry), the only method is to create a list. This is the aim of the Public Suffix List.
  
  (https://publicsuffix.org/learn/)
So, once they realized web browsers are all inherently flawed, their solution was to maintain a static list of websites.

God I hate the web. The engineering equivalent of a car made of duct tape.

replies(14): >>45677442 #>>45678161 #>>45678382 #>>45678520 #>>45678922 #>>45679006 #>>45679642 #>>45680322 #>>45680711 #>>45680859 #>>45681349 #>>45682208 #>>45682457 #>>45683675 #
modeless ◴[23 Oct 25 04:24 UTC] No.45678161[source]
Show me a platform not made out of duct tape and I'll show you a platform nobody uses.
replies(2): >>45678422 #>>45678958 #
vincnetas ◴[23 Oct 25 05:25 UTC] No.45678422[source]
regular cars?
replies(2): >>45678466 #>>45681401 #
MonaroVXR ◴[23 Oct 25 05:34 UTC] No.45678466[source]
The Honda issue where setting a certain radio station, would brick the infotainment? That good enough?
replies(2): >>45678915 #>>45679494 #
dgoldstein0 ◴[23 Oct 25 06:46 UTC] No.45678915[source]
Never heard of this. Link please?
replies(2): >>45679453 #>>45679516 #
1. shakna ◴[23 Oct 25 08:15 UTC] No.45679453[source]
Don't know about Honda, but there is this Mazda one [0] (Would not be surprised if it affected multiple vendors!)

[0] https://www.soundandvision.com/content/remembering-time-when...