From 9ce8c424554dd6b7d34263ff2e5139c769be1d2b Mon Sep 17 00:00:00 2001 From: Dave Date: Sat, 5 Sep 2020 12:35:34 +0100 Subject: [PATCH] Documenting use of publicsuffix list --- service-providers/simple-socks5/src/allowed_hosts.rs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/service-providers/simple-socks5/src/allowed_hosts.rs b/service-providers/simple-socks5/src/allowed_hosts.rs index a4c65b7b4e..b9ae58fa75 100644 --- a/service-providers/simple-socks5/src/allowed_hosts.rs +++ b/service-providers/simple-socks5/src/allowed_hosts.rs @@ -15,6 +15,11 @@ use std::path::PathBuf; /// This may be handy for service provider node operators who want to be able to look in the /// `unknown_hosts` file and allow new hosts (e.g. if a wallet has added a new outbound request /// which needs to be allowed). +/// +/// We rely on the list of domains at https://publicsuffix.org/ to figure out what the root +/// domain is for a given request. This allows us to distinguish all the rules for e.g. +/// .com, .co.uk, .co.jp, uk.com, etc, so that we can distinguish correct root-ish +/// domains as allowed. That list is loaded once at startup from the network. pub(crate) struct OutboundRequestFilter { allowed_hosts: HostsStore, unknown_hosts: HostsStore,