Home > tough-cookie > getPublicSuffix
Returns the public suffix of this hostname. The public suffix is the shortest domain name upon which a cookie can be set.
Signature:
export declare function getPublicSuffix(domain: string, options?: GetPublicSuffixOptions): string | undefined;|
Parameter |
Type |
Description |
|---|---|---|
|
domain |
string |
the domain attribute of a cookie |
|
options |
(Optional) optional configuration for controlling how the public suffix is determined |
string | undefined
A "public suffix" is a domain that is controlled by a public registry, such as "com", "co.uk", and "pvt.k12.wy.us". This step is essential for preventing attacker.com from disrupting the integrity of example.com by setting a cookie with a Domain attribute of "com". Unfortunately, the set of public suffixes (also known as "registry controlled domains") changes over time. If feasible, user agents SHOULD use an up-to-date public suffix list, such as the one maintained by the Mozilla project at http://publicsuffix.org/. (See RFC6265 - Section 5.3)
getPublicSuffix('www.example.com') === 'example.com'
getPublicSuffix('www.subdomain.example.com') === 'example.com'