List format
A public suffix is a set of DNS names or wildcards concatenated with dots. It represents the part of a domain name which is not under the control of the individual registrant.
The format of the list is as follows:
- The list is a set of rules, with one rule per line.
- Each line is only read up to the first whitespace; entire lines can also be commented using //.
- Each rule lists a public suffix, with the subdomain portions separated by dots (.) as usual. A leading dot is optional.
- The wildcard character * (asterisk) matches any valid sequence of characters in a hostname part. (Note: the list uses Unicode, not Punycode forms, and is encoded using UTF-8.)
- Wildcards may only be used to wildcard an entire level. That is, they must be surrounded by dots (or implicit dots, at the beginning of a line).
- If a hostname matches more than one rule in the file, the longest matching rule (the one with the most levels) will be used.
- An exclamation mark (!) at the start of a rule marks an exception to a previous wildcard rule. An exception rule takes priority over any other matching rule.
Here is an example (incomplete) list section. The rules are numbered, but the numbers would not appear in the real file:
1. com
2. *.jp
// Hosts in .hokkaido.jp can't set cookies below level 4...
3. *.hokkaido.jp
4. *.tokyo.jp
// ...except hosts in pref.hokkaido.jp, which can set cookies at level 3.
5. !pref.hokkaido.jp
6. !metro.tokyo.jp
The example above would be interpreted as follows, in the case of cookie-setting, and using "foo" and "bar" as generic hostnames:
- Cookies may be set for foo.com.
- Cookies may be set for foo.bar.jp.
Cookies may not be set for bar.jp. - Cookies may be set for foo.bar.hokkaido.jp.
Cookies may not be set for bar.hokkaido.jp. - Cookies may be set for foo.bar.tokyo.jp.
Cookies may not be set for bar.tokyo.jp. - Cookies may be set for pref.hokkaido.jp because the exception overrides the previous rule.
- Cookies may be set for metro.tokyo.jp, because the exception overrides the previous rule.