Bug 1181562 - Update fallback whitelist. r=keeler
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Wed, 22 Jul 2015 20:35:26 +0900
changeset 254138 624abe520677fa1200514c7dbf40afd141ed5b49
parent 254137 df2c4d64382042e7a5f16c28835552239d29e65d
child 254139 a3b6daa308f2495ddb554fcd89a3eeeb284a3dbe
push id29090
push userryanvm@gmail.com
push dateWed, 22 Jul 2015 20:34:12 +0000
treeherdermozilla-central@8650fe82f1cd [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler
bugs1181562
milestone42.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1181562 - Update fallback whitelist. r=keeler
security/manager/ssl/IntolerantFallbackList.inc
security/manager/ssl/nsNSSIOLayer.cpp
--- a/security/manager/ssl/IntolerantFallbackList.inc
+++ b/security/manager/ssl/IntolerantFallbackList.inc
@@ -14,17 +14,16 @@ static const char* const kIntolerantFall
   "aa.com.do", // bug 1141604
   "aa.com.pe", // bug 1141604
   "aa.com.ve", // bug 1141604
   "aacoprod.aacounty.org",
   "aavacations.com", // bug 1141604
   "access.boekhuis.nl", // bug 1151580
   "account.61.com.tw",
   "acs.sia.eu", // RC4
-  "actiononline.stpete.org",
   "adman.you.gr",
   "adminweb.uthscsa.edu",
   "airportwifi.com", // bug 1116891
   "allbankonline.in", // bug 1156441
   "allyours.virginmedia.com", // bug 1129887
   "altitude.aircanada.com", // bug 1143325
   "american-airlines.co.kr", // bug 1141604
   "american-airlines.nl", // bug 1141604
@@ -42,20 +41,20 @@ static const char* const kIntolerantFall
   "americanairlines.hu", // bug 1141604
   "americanairlines.ie", // bug 1141604
   "americanairlines.in", // bug 1141604
   "americanairlines.jp", // bug 1141604
   "amss.mobilicity.ca",
   "ap.meitetsuunyu.co.jp",
   "apply.hkbn.net", // bug 1138451
   "apps.amerch.com",
-  "apps.fpcu.org",
   "apps.sasken.com",
   "apps.state.or.us", // bug 1130472
   "appsrv.restat.com",
+  "arcgames.com", // bug 1182932
   "ascii.jp",
   "asko.fi", // bug 1158584
   "b2b.feib.com.tw",
   "baybloorradio.com", // bug 1173661
   "beehive.miit.ru",
   "bettertrades.com",
   "bgw.wangyin.com", // bug 1145521
   "bianmin.chinapay.com", // bug 1137983
@@ -65,119 +64,106 @@ static const char* const kIntolerantFall
   "blogwatcher.co.jp",
   "bonds.euronext.com", // bug 1136091
   "books.wwnorton.com", // bug 1116891
   "bredbandsbolaget.se", // bug 1158755
   "bursar.ou.edu",
   "buttons.verticalresponse.com",
   "c2g.jupiter.fl.us",
   "canadaca.geotrust.com", // bug 1137677
+  "car2go.com", // bug 1185080
   "cbsfnotes1.blood.org.tw",
   "central.acadiau.ca", // bug 1152377
   "cherry.de", // bug 1141521
   "civilization.com", // bug 1156004
-  "click2gov.sanangelotexas.us",
   "clientes.chilectra.cl",
   "club.guosen.com.cn",
   "coagov.aurora-il.org",
   "codem.codemasters.com",
   "commerce.cashnet.com", // bug 1164009
   "comune.milano.it",
   "corporbank.nbcb.com.cn",
   "crm.et2008.com",
   "crossroads.schneider.com",
   "cs.tokai-tv.com",
   "cualerts.dupaco.com", // bug 1116892
   "customers.logistafrance.fr", // bug 1153951
   "cwu.edu",
   "dbank.hxb.com.cn",
   "dealer.autobytel.com",
-  "dealer.autoc-one.jp",
   "dheb.delavska-hranilnica.si",
   "digibet.com",
   "digitalsecurity.intel.com", // bug 1148744
   "dream-prize.com",
   "dwwsyw.bjgjj.gov.cn",
   "eatm.scsb.com.tw",
   "eb.bankcomm.com.hk", // bug 1141742
   "ebank-public.hzbank.com.cn",
   "ebank.hxb.com.cn",
   "ebank.hzbank.com.cn",
   "ebank.rcbcy.com", // bug 1146755
   "ebanking.ocbcwhhk.com", // bug 1141746
   "ebill2.virginmedia.com", // bug 1129887
   "ebpp.airtel.lk",
   "ebspay.boc.cn", // bug 1155567
   "ec-line.cn",
-  "ecams.geico.com", // bug 1138613
   "echo.com",
   "echotrak.com",
   "ecom.morethangourmet.com",
   "ecourses.uthscsa.edu",
-  "egov.leaguecity.com",
   "egov.town-menasha.com", // bug 1157536
   "emaildvla.direct.gov.uk", // bug 1116891
-  "embroiderydesignsplus.com",
   "epicreg.com",
   "eremit.sbising.com",
-  "escrowrefills.com",
   "eservices.palomar.edu",
   "essentialsupplies.com",
   "event.kasite.net",
   "extranet.eurocontrol.int",
   "ez.cityofchesapeake.net",
   "ezpay.com.tw",
   "fallback.test", // Used by gtest
   "fastcheck.sita.aero", // bug 1174974
   "fastlane.echo.com",
   "fhsaa.org",
   "fibi-online.co.il", // bug 1165580
   "finance.car.com",
   "friends.freshandeasy.com",
   "fubar.com",
   "gateway.halton.gov.uk",
   "gbe-bund.de",
-  "geico.com", // bug 1138613
   "gestionesytramites.madrid.org",
   "giftcertificates.com",
-  "hbk.bb.com.br", // bug 1135966
   "hercle.com",
   "hpshop.gr",
   "ibusiness.shacombank.com.hk", // bug 1141989
   "identity.virginmedia.com", // bug 1129887
   "ifund.allianzglobalinvestors.com.tw",
   "ig1.i-grasp.com", // bug 1167894
   "ig4.i-grasp.com", // bug 1167894
   "ihr.suburbanpropane.com",
   "images.bankofthewest.com", // bug 1127204
   "inside.i-med.ac.at",
   "its.bocmacau.com",
   "jbclick.jaxbchfl.net", // bug 1158465
   "jifenpay.com",
   "jst.doded.mil", // bug 1152627
-  "juror.fairfaxcounty.gov",
   "keirin.jp",
   "kjp.keinet.ne.jp",
   "kjp.oo.kawai-juku.ac.jp",
-  "learn.ou.edu",
-  "learn.swosu.edu",
   "lewisham.gov.uk",
   "lm-order.de",
   "login.chicagopolice.org",
   "login.ermis.gov.gr",
   "m.e-hon.ne.jp",
-  "macif.fr", // bug 1167893
+  "m.safari.cwu.edu", // bug 1143035
   "mail.izhnet.ru",
   "map.infonavit.org.mx",
-  "marketday.com", // bug 1092998
-  "matkahuolto.fi", // bug 1174957
   "mchrono.com",
   "mecsumai.com",
   "member.edenredticket.com",
-  "mercernet.fr", // bug 1147649
   "merchant.edenredticket.com",
   "meta-ehealth.com",
   "mobile.aa.com", // bug 1141604
   "mobile.dream-prize.com",
   "mon-ulb.ulb.ac.be",
   "my-csprd.ea.cwu.edu", // bug 1143035
   "my-csrenprd.ea.cwu.edu", // bug 1143035
   "my-fsprd.ea.cwu.edu", // bug 1143035
@@ -188,113 +174,97 @@ static const char* const kIntolerantFall
   "my.cwu.edu", // bug 1143035
   "my.if.com", // bug 1173592
   "my.kyivstar.ua",
   "my.miit.ru",
   "myaccount.allstate.com", // bug 1143031
   "myaccount3.westnet.com.au", // bug 1157139
   "mybank.nbcb.com.cn",
   "myhancock.hancockcollege.edu",
-  "myntc.ntc.edu",
   "myuws.uws.edu.au",
   "mywebreservations.com",
   "na.aiononline.com", // bug 1139782
   "national.virginmedia.com", // bug 1129887
   "nbank.hxb.com.cn",
   "netbanking.yesbank.co.in", // bug 1146090
   "niche.endsleigh.co.uk",
   "nmsmp.alsok.co.jp",
   "no1.nipponrentacar.co.jp",
   "obos1.obos.no",
   "officials.fhsaa.org",
   "online.newindia.co.in",
   "online.sainsburysbank.co.uk",
   "openwebosproject.org", // bug 1151990
-  "opi.emersonclimate.com",
   "opus.pinellascounty.org",
   "owa.byui.edu",
   "ozone.ou.edu",
   "parents.ou.edu",
   "partnerweb.vmware.com", // bug 1142187
-  "paslists.com", // for port 9211, bug 1155712
   "payment.condor.com", // bug 1152347
   "payment.safepass.cn",
   "payments.virginmedia.com", // bug 1129887
   "poezd.rw.by",
   "portal.eztec.com.br",
   "portal.questonline.gr",
   "portal.uem.es",
   "profiles.uthscsa.edu",
   "publicacionesoficiales.boe.es",
   "publicjobs.ie",
   "publicrecords.com",
   "racenet.codemasters.com", // bug 1163716
+  "rapidscansecure.com", // bug 1177212
   "recoup.com",
   "registration.o2.co.uk",
   "regonline.com", // bug 1139783
   "renewals.cipd.co.uk",
   "repair.kuroneko-kadendr.jp", // bug 1128366
   "repairmb.kuroneko-kadendr.jp", // bug 1128366
   "reputation.com",
   "research-report.uws.edu.au",
   "reservations.usairways.com", // bug 1165400
-  "rezstream.net",
   "rietumu.lv",
-  "rotr.com",
   "roxyaffiliates.com",
   "sales.newchinalife.com",
   "sbank.hxb.com.cn",
   "sboseweb.mcpsweb.org",
-  "school.keystoneschoolonline.com",
   "secure-checkout.t-mobile.com", // bug 1133648
   "secure.bg-mania.jp",
   "secure.crbonline.gov.uk", // bug 1166644
   "secure.fortisbc.com",
   "secure.ncsoft.com", // bug 1139782
   "secure.smartcart.com",
-  "secure2.i-doxs.net", // bug 1140876
-  "secure3.i-doxs.net", // bug 1140876
-  "secure4.i-doxs.net", // bug 1140876
-  "secure6.i-doxs.net", // bug 1140876
-  "secure7.i-doxs.net", // bug 1140876
-  "secure8.i-doxs.net", // bug 1140876
   "secureonline.dwp.gov.uk",
   "sems.hrd.ccsd.net",
-  "service.autoc-one.jp",
   "services.apvma.gov.au",
   "services.geotrust.com", // bug 1137677
   "servizionline.infogroup.it",
-  "shop.autoc-one.jp",
   "shop.kagome.co.jp",
   "shop.nanairo.coop", // bug 1128318
   "shop.wildstar-online.com", // bug 1139782
-  "sisweb.ucd.ie",
   "slovanet.sk",
   "smartcart.com",
-  "smarticon.geotrust.com", // bug 1137677
   "socialclub.rockstargames.com", // bug 1138673
   "soeasy.sodexo.be", // bug 1117157
   "ss2.sfcollege.edu",
   "ss5.sfcollege.edu",
   "ssb.okbu.edu", // for port 8910, bug 1153749
   "sso.acadiau.ca", // bug 1152377
   "starbucks.com", // bug 1167190
   "stenhouse.com",
   "store.moxa.com",
   "svrch13.sugarlandtx.gov",
+  "swdownloads.blackberry.com", // bug 1182997
   "syzygy.co.uk",
   "tarjetacencosud.cl",
   "tele2.hr",
   "tienda.boe.es",
   "tiendas.mediamarkt.es",
-  "trueblue.jetblue.com",
   "uralsg.megafon.ru", // bug 1153168
   "usacycling.org", // bug 1163791
   "userdoor.com",
-  "uslugi.beeline.am",
   "utradehub.or.kr",
   "vod.skyperfectv.co.jp",
   "watch.sportsnet.ca", // bug 1144769
   "web.asta.org",
   "webapps.ou.edu",
   "webatm.landbank.com.tw",
   "webmail.iyte.edu.tr",
   "websiti.cnbv.gob.mx",
@@ -335,16 +305,17 @@ static const char* const kIntolerantFall
   "www.americanairlines.ie", // bug 1141604
   "www.americanairlines.in", // bug 1141604
   "www.americanairlines.it", // bug 1141604
   "www.americanairlines.jp", // bug 1141604
   "www.amica.com", // bug 1139563
   "www.ancelutil.com.uy",
   "www.animate-onlineshop.jp", // bug 1126652
   "www.apeasternpower.com",
+  "www.arcgames.com", // bug 1182932
   "www.asko.fi", // bug 1158584
   "www.auroragov.org",
   "www.bancocredichile.cl",
   "www.bankcomm.com.hk", // bug 1141742
   "www.bankhapoalim.co.il", // bug 1138231
   "www.bauschonline.com",
   "www.baybloorradio.com", // bug 1173661
   "www.bbsfonline.com",
@@ -357,20 +328,20 @@ static const char* const kIntolerantFall
   "www.boostmobilesales.com", // bug 1112178
   "www.borsaitaliana.it",
   "www.bottegaverde.es",
   "www.bottegaverde.it",
   "www.bottegaverde.pt",
   "www.bredbandsbolaget.se", // bug 1158755
   "www.businessdirect.bt.com",
   "www.cafedumonde.jp",
+  "www.car2go.com", // bug 1185080
   "www.careers.asio.gov.au",
   "www.cherry.de", // bug 1141521
   "www.chinapay.com", // bug 1137983
-  "www.cihi.ca",
   "www.cipd.co.uk",
   "www.civilization.com", // bug 1156004
   "www.club-animate.jp",
   "www.codan.dk",
   "www.contraloria.cl",
   "www.credem.it",
   "www.crediscotia.com.mx",
   "www.creditagricole.info",
@@ -384,117 +355,97 @@ static const char* const kIntolerantFall
   "www.digibet.com",
   "www.drcsurveys.com",
   "www.dream-prize.com",
   "www.duskin.co.jp",
   "www.duskin.jp",
   "www.ec-line.cn",
   "www.echo.com",
   "www.echotrak.com",
-  "www.embroiderydesignsplus.com",
   "www.epicreg.com",
   "www.ermis.gov.gr",
   "www.esadealumni.net",
   "www.esavingsaccount.co.uk",
   "www.escrowrefills.com",
   "www.essentialsupplies.com",
-  "www.euronext.com", // bug 1136091
   "www.everyd.com",
   "www.ezpay.com.tw",
   "www.fhsaa.org",
   "www.fibi-online.co.il", // bug 1165580
   "www.fj96336.com",
   "www.fontainebleau.com",
   "www.foundersc.com",
   "www.fubar.com",
-  "www.fundsupermart.co.in",
   "www.gamers-onlineshop.jp", // bug 1126654
   "www.gbe-bund.de",
   "www.giftcertificates.com",
-  "www.golfersland.net",
   "www.gtja.com",
-  "www.hankyu-club.com",
   "www.haynes.co.uk",
   "www.hercle.com",
   "www.hn.10086.cn",
-  "www.hotel-story.ne.jp",
   "www.hpshop.gr",
   "www.hsbank.cc",
   "www.hx168.com.cn",
   "www.ingramentertainment.com",
   "www.interpark.com",
   "www.isracard.co.il", // bug 1165582
   "www.jaf.or.jp",
   "www.jifenpay.com",
   "www.kasite.net",
   "www.khan.co.kr",
-  "www.komatsu-kenki.co.jp",
-  "www.komatsu.co.jp",
-  "www.komatsu.com",
   "www.kredodirect.com.ua", // bug 1095507
   "www.law888.com.tw",
   "www.lewisham.gov.uk",
   "www.lib.cwu.edu",
   "www.libraryvideo.com",
   "www.lm-order.de",
   "www.londonstockexchange.com",
-  "www.macif.fr", // bug 1167893
-  "www.marketday.com", // bug 1092998
-  "www.matkahuolto.fi", // bug 1174957
   "www.matkahuolto.info",
   "www.matrics.or.jp",
   "www.mchrono.com",
   "www.mecsumai.com",
-  "www.mercatoneuno.com",
-  "www.mercernet.fr", // bug 1147649
   "www.meta-ehealth.com",
   "www.misterdonut.jp",
-  "www.mizuno.jp",
-  "www.monclick.it",
   "www.mp2.aeroport.fr",
   "www.mpay.co.th",
   "www.mtsindia.in", // RC4
   "www.my.airdo.jp", // bug 1129773
   "www.myagent.gov.ab.ca", // bug 1152827
   "www.mynpcdata.net",
   "www.mywebreservations.com",
   "www.ncsoft.com", // bug 1139782
   "www.nec-nexs.com",
   "www.newchinalife.com",
   "www.nishi.or.jp",
   "www.ocbcwhhk.com", // bug 1141746
   "www.openwebosproject.org", // bug 1151990
-  "www.paslists.com", // for port 9211, bug 1155712
   "www.pen-kanagawa.ed.jp",
   "www.polla.cl",
   "www.publicjobs.ie",
   "www.publicrecords.com",
   "www.pwcrecruiting.com",
+  "www.rapidscansecure.com", // bug 1177212
   "www.razorgator.com",
   "www.recoup.com",
   "www.regonline.com", // bug 1139783
   "www.renaultcredit.com.ar",
   "www.reputation.com",
-  "www.rezstream.net",
   "www.rietumu.lv",
   "www.rimac.com.pe",
   "www.riversendtrading.com",
-  "www.rotr.com",
   "www.roxyaffiliates.com",
   "www.s-book.net",
   "www.safepass.cn",
   "www.session.ne.jp",
-  "www.shacombank.com.hk", // bug 1141989
   "www.shacomsecurities.com.hk", // bug 1141989
   "www.shop.bt.com",
   "www.slovanet.sk",
   "www.smartcart.com",
   "www.smartoffice.jp",
   "www.sokamocka.com",
-  "www.sports-nakama.com",
   "www.starbucks.com", // bug 1167190
   "www.stenhouse.com",
   "www.sunderland.gov.uk",
   "www.syzygy.co.uk",
   "www.tarjetacencosud.cl",
   "www.tealife.co.jp",
   "www.tele2.hr",
   "www.tetsudo.com",
@@ -510,22 +461,18 @@ static const char* const kIntolerantFall
   "www.wavecable.com",
   "www.wingarc.com",
   "www.yakult.co.kr",
   "www.zenfolio.com",
   "www.zoominfo.com",
   "www1.aeroplan.com", // bug 1137543
   "www1.isracard.co.il", // bug 1165582
   "www2.aeroplan.com", // bug 1137543
-  "www2.bancobrasil.com.br", // bug 1135966
   "www2.wou.edu",
-  "www28.bb.com.br", // bug 1135966
   "www3.aeroplan.com", // bug 1137543
   "www3.ibac.co.jp",
   "www3.taiheiyo-ferry.co.jp",
   "www4.aeroplan.com", // bug 1137543
-  "www41.bb.com.br", // bug 1135966
-  "www73.bb.com.br", // bug 1135966
   "wwws.kadokawa.co.jp",
   "xyk.cebbank.com", // bug 1145524
   "zenfolio.com",
   "zoominfo.com",
 };
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -1732,17 +1732,16 @@ struct FallbackListComparator
 
 private:
   const char* mTarget;
 };
 
 static const char* const kFallbackWildcardList[] =
 {
   ".kuronekoyamato.co.jp", // bug 1128366
-  ".userstorage.mega.co.nz", // bug 1133496
   ".wildcard.test",
 };
 
 bool
 nsSSLIOLayerHelpers::isInsecureFallbackSite(const nsACString& hostname)
 {
   size_t match;
   if (mUseStaticFallbackList) {