Manton’s recent post about omg.lol indirectly got me thinking about the Public Suffix List… I’m not sure what’s involved or if the juice is worth the squeeze but would it make sense to try and get micro.blog added to the Public Suffix List?
Own your own domain is encouraged but for those who don’t, could someone include code in example.micro.blog to hijack cookies from or perform cross site scripting attacks on other micro.blog subdomains (such as example2.micro.blog or help.micro.blog)?
I’ve got no real clue… just flagging it for smarter minds than me to think about
I looked at this a couple years ago but couldn’t decide if there were any drawbacks, for example if we want to have a shared commenting system between blogs that might need cookies. However, in that example, we’d need it to work with custom domains anyway, so perhaps it’s not an issue.
Another aspect I was confused about is why popular blog hosts like Tumblr and WordPress.com aren’t on the list. Maybe if I knew the answer to that I’d be more confident about making the change.
