Public Suffix List

View the Public Suffix List

The list is kept in source code control at mozilla.org. Top-level domains are listed in alphabetical order. You can read more information on the format the list uses below. Please note that the list is encoded using UTF-8.

The copy on publicsuffix.org, linked below, is updated daily from mozilla.org's source code management system. If you wish to make your app download an updated list periodically, please use this URL and have your app download the list no more than once per day. (The list usually changes a few times per month; more frequent downloading is pointless and hammers our servers.)

To be kept informed of changes to the list, you can subscribe to an Atom change feed in your favourite feed reader.

List format

A public suffix is a set of DNS names or wildcards concatenated with dots. It represents the part of a domain name which is not under the control of the individual registrant.

Specification

Example

Here is an example (incomplete) list section. The rules are numbered, but the numbers would not appear in the real file:

            1. com
            
            2. *.jp
            // Hosts in .hokkaido.jp can't set cookies below level 4...
            3. *.hokkaido.jp
            4. *.tokyo.jp
            // ...except hosts in pref.hokkaido.jp, which can set cookies at level 3.
            5. !pref.hokkaido.jp
            6. !metro.tokyo.jp
        

The example above would be interpreted as follows, in the case of cookie-setting, and using "foo" and "bar" as generic hostnames:

  1. Cookies may be set for foo.com.
  2. Cookies may be set for foo.bar.jp.
    Cookies may not be set for bar.jp.
  3. Cookies may be set for foo.bar.hokkaido.jp.
    Cookies may not be set for bar.hokkaido.jp.
  4. Cookies may be set for foo.bar.tokyo.jp.
    Cookies may not be set for bar.tokyo.jp.
  5. Cookies may be set for pref.hokkaido.jp because the exception overrides the previous rule.
  6. Cookies may be set for metro.tokyo.jp, because the exception overrides the previous rule.

Formal algorithm

Here is an algorithm for determining the Public Suffix of a domain. (Note: it may not be the most efficient algorithm.) The domain and all rules must be canonicalized in the normal way for hostnames - lower-case, Punycode (RFC 3492).

Definitions

Algorithm

  1. Match domain against all rules and take note of the matching ones.
  2. If no rules match, the prevailing rule is "*".
  3. If more than one rule matches, the prevailing rule is the one which is an exception rule.
  4. If there is no matching exception rule, the prevailing rule is the one with the most labels.
  5. If the prevailing rule is a exception rule, modify it by removing the leftmost label.
  6. The public suffix is the set of labels from the domain which directly match the labels of the prevailing rule (joined by dots).
  7. The registered or registrable domain is the public suffix plus one additional label.

Test Data

There is a short set of test data available. There is a short set of test data available. You will need to define a checkPublicSuffix()samp> function which takes as parameter a domain name and the registrable part of the domain, runs your implementation on the domain name and checks the result is the registrable domain expected. Thanks to Rob Stradling of Comodo for providing this test data.