Public Suffix List (PSL) - Quick Reference
Key Rule: PSL entries CANNOT set cookies
example.com in PSL:
-
Who can set cookies: Only subdomains (
a.example.com,b.example.com) - Cookie sharing: None (each subdomain isolated)
- Think: "Each apartment rents independently, no shared lobby"
*.example.com in PSL:
-
Who can set cookies:
- ✅
example.com(shares to ALL descendants) - ❌
a.example.com,b.example.com(they're public suffixes) - ✅
child.a.example.com,child.b.example.com(but only for themselves)
- ✅
-
Cookie sharing: Everyone reads
example.com's cookies, but children can't share with each other - Think: "Hotel owner controls lobby, guests can't set room rules, but guests' visitors can"
Memory trick:
-
No
*= Subdomains are independent owners -
With
*= Parent owns everything, subdomains are just public spaces (but their children can own again)
Bottom line: PSL creates a "cookie boundary" - determines who gets to host vs who just receives.
Top comments (0)