Bug 1195789 - Update fallback whitelist. r=cykesiopka
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Wed, 02 Sep 2015 00:44:04 +0900
changeset 260427 6273b5918d6c5667dda02c0386f695736dcd237b
parent 260426 40101a28f532d4bd5e7310905994a457e45236e3
child 260428 10b4169ea9d2017d5dccbdf69f38f3081fb74e02
push id29311
push usercbook@mozilla.com
push dateWed, 02 Sep 2015 11:53:18 +0000
treeherdermozilla-central@1b687fcb5213 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerscykesiopka
bugs1195789
milestone43.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1195789 - Update fallback whitelist. r=cykesiopka
security/manager/ssl/IntolerantFallbackList.inc
security/manager/ssl/nsNSSIOLayer.cpp
--- a/security/manager/ssl/IntolerantFallbackList.inc
+++ b/security/manager/ssl/IntolerantFallbackList.inc
@@ -37,89 +37,79 @@ static const char* const kIntolerantFall
   "americanairlines.com.au", // bug 1141604
   "americanairlines.com.ru", // bug 1141604
   "americanairlines.es", // bug 1141604
   "americanairlines.fr", // bug 1141604
   "americanairlines.hu", // bug 1141604
   "americanairlines.ie", // bug 1141604
   "americanairlines.in", // bug 1141604
   "americanairlines.jp", // bug 1141604
-  "amss.mobilicity.ca",
   "ap.meitetsuunyu.co.jp",
   "apply.hkbn.net", // bug 1138451
   "apps.amerch.com",
   "apps.sasken.com",
   "apps.state.or.us", // bug 1130472
   "appsrv.restat.com",
   "arcgames.com", // bug 1182932
-  "ascii.jp",
   "asko.fi", // bug 1158584
   "b2b.feib.com.tw",
   "baybloorradio.com", // bug 1173661
   "beehive.miit.ru",
-  "bettertrades.com",
   "bgw.wangyin.com", // bug 1145521
   "bianmin.chinapay.com", // bug 1137983
   "bigflix.com",
   "blackboard.tru.ca",
   "blastam.com",
   "blogwatcher.co.jp",
   "bonds.euronext.com", // bug 1136091
   "books.wwnorton.com", // bug 1116891
-  "bredbandsbolaget.se", // bug 1158755
   "bursar.ou.edu",
   "buttons.verticalresponse.com",
   "c2g.jupiter.fl.us",
   "canadaca.geotrust.com", // bug 1137677
-  "car2go.com", // bug 1185080
   "cbsfnotes1.blood.org.tw",
   "central.acadiau.ca", // bug 1152377
   "cherry.de", // bug 1141521
   "civilization.com", // bug 1156004
   "clientes.chilectra.cl",
   "club.guosen.com.cn",
   "coagov.aurora-il.org",
   "codem.codemasters.com",
-  "commerce.cashnet.com", // bug 1164009
   "comune.milano.it",
   "corporbank.nbcb.com.cn",
   "crm.et2008.com",
-  "crossroads.schneider.com",
-  "cs.tokai-tv.com",
   "cualerts.dupaco.com", // bug 1116892
   "customers.logistafrance.fr", // bug 1153951
   "cwu.edu",
   "dbank.hxb.com.cn",
   "dealer.autobytel.com",
   "dheb.delavska-hranilnica.si",
   "digibet.com",
   "digitalsecurity.intel.com", // bug 1148744
   "dream-prize.com",
   "dwwsyw.bjgjj.gov.cn",
   "eatm.scsb.com.tw",
   "eb.bankcomm.com.hk", // bug 1141742
   "ebank-public.hzbank.com.cn",
   "ebank.hxb.com.cn",
   "ebank.hzbank.com.cn",
   "ebank.rcbcy.com", // bug 1146755
-  "ebanking.ocbcwhhk.com", // bug 1141746
   "ebill2.virginmedia.com", // bug 1129887
   "ebpp.airtel.lk",
   "ebspay.boc.cn", // bug 1155567
   "ec-line.cn",
   "echo.com",
   "echotrak.com",
   "ecom.morethangourmet.com",
   "ecourses.uthscsa.edu",
   "egov.town-menasha.com", // bug 1157536
   "emaildvla.direct.gov.uk", // bug 1116891
   "epicreg.com",
   "eremit.sbising.com",
   "eservices.palomar.edu",
-  "essentialsupplies.com",
   "event.kasite.net",
   "extranet.eurocontrol.int",
   "ez.cityofchesapeake.net",
   "ezpay.com.tw",
   "fallback.test", // Used by gtest
   "fastcheck.sita.aero", // bug 1174974
   "fastlane.echo.com",
   "fhsaa.org",
@@ -128,145 +118,117 @@ static const char* const kIntolerantFall
   "friends.freshandeasy.com",
   "fubar.com",
   "gateway.halton.gov.uk",
   "gbe-bund.de",
   "gestionesytramites.madrid.org",
   "giftcertificates.com",
   "hercle.com",
   "hpshop.gr",
-  "ibusiness.shacombank.com.hk", // bug 1141989
   "identity.virginmedia.com", // bug 1129887
   "ifund.allianzglobalinvestors.com.tw",
   "ig1.i-grasp.com", // bug 1167894
   "ig4.i-grasp.com", // bug 1167894
   "ihr.suburbanpropane.com",
-  "images.bankofthewest.com", // bug 1127204
   "inside.i-med.ac.at",
   "its.bocmacau.com",
   "jbclick.jaxbchfl.net", // bug 1158465
-  "jifenpay.com",
   "jst.doded.mil", // bug 1152627
   "keirin.jp",
+  "king-solarman.com", // bug 1190706
   "kjp.keinet.ne.jp",
   "kjp.oo.kawai-juku.ac.jp",
   "lewisham.gov.uk",
   "lm-order.de",
   "login.chicagopolice.org",
   "login.ermis.gov.gr",
   "m.e-hon.ne.jp",
-  "m.safari.cwu.edu", // bug 1143035
   "mail.izhnet.ru",
   "map.infonavit.org.mx",
   "mchrono.com",
-  "mecsumai.com",
   "member.edenredticket.com",
   "merchant.edenredticket.com",
   "meta-ehealth.com",
   "mobile.aa.com", // bug 1141604
   "mobile.dream-prize.com",
   "mon-ulb.ulb.ac.be",
-  "my-csprd.ea.cwu.edu", // bug 1143035
-  "my-csrenprd.ea.cwu.edu", // bug 1143035
-  "my-fsprd.ea.cwu.edu", // bug 1143035
-  "my-fsrenprd.ea.cwu.edu", // bug 1143035
-  "my-fsrpt.ea.cwu.edu", // bug 1143035
-  "my-hrprd.ea.cwu.edu", // bug 1143035
-  "my-hrrenprd.ea.cwu.edu", // bug 1143035
-  "my.cwu.edu", // bug 1143035
   "my.if.com", // bug 1173592
   "my.kyivstar.ua",
   "my.miit.ru",
   "myaccount.allstate.com", // bug 1143031
-  "myaccount3.westnet.com.au", // bug 1157139
   "mybank.nbcb.com.cn",
   "myhancock.hancockcollege.edu",
-  "myuws.uws.edu.au",
   "mywebreservations.com",
   "na.aiononline.com", // bug 1139782
   "national.virginmedia.com", // bug 1129887
   "nbank.hxb.com.cn",
   "netbanking.yesbank.co.in", // bug 1146090
-  "niche.endsleigh.co.uk",
+  "new.fibi-online.co.il", // bug 1187242
   "nmsmp.alsok.co.jp",
   "no1.nipponrentacar.co.jp",
   "obos1.obos.no",
   "officials.fhsaa.org",
+  "online.bankotsar.co.il", // bug 1187242
   "online.newindia.co.in",
   "online.sainsburysbank.co.uk",
   "openwebosproject.org", // bug 1151990
-  "opus.pinellascounty.org",
   "owa.byui.edu",
   "ozone.ou.edu",
   "parents.ou.edu",
   "partnerweb.vmware.com", // bug 1142187
   "payment.condor.com", // bug 1152347
   "payment.safepass.cn",
   "payments.virginmedia.com", // bug 1129887
-  "poezd.rw.by",
   "portal.eztec.com.br",
   "portal.questonline.gr",
   "portal.uem.es",
   "profiles.uthscsa.edu",
-  "publicacionesoficiales.boe.es",
   "publicjobs.ie",
   "publicrecords.com",
   "racenet.codemasters.com", // bug 1163716
-  "rapidscansecure.com", // bug 1177212
   "recoup.com",
   "registration.o2.co.uk",
-  "regonline.com", // bug 1139783
   "renewals.cipd.co.uk",
   "repair.kuroneko-kadendr.jp", // bug 1128366
   "repairmb.kuroneko-kadendr.jp", // bug 1128366
   "reputation.com",
-  "research-report.uws.edu.au",
   "reservations.usairways.com", // bug 1165400
   "rietumu.lv",
   "roxyaffiliates.com",
   "sales.newchinalife.com",
   "sbank.hxb.com.cn",
   "sboseweb.mcpsweb.org",
-  "secure-checkout.t-mobile.com", // bug 1133648
   "secure.bg-mania.jp",
   "secure.crbonline.gov.uk", // bug 1166644
   "secure.fortisbc.com",
   "secure.ncsoft.com", // bug 1139782
   "secure.smartcart.com",
   "secureonline.dwp.gov.uk",
   "sems.hrd.ccsd.net",
   "services.apvma.gov.au",
   "services.geotrust.com", // bug 1137677
   "servizionline.infogroup.it",
   "shop.kagome.co.jp",
   "shop.nanairo.coop", // bug 1128318
   "shop.wildstar-online.com", // bug 1139782
   "slovanet.sk",
   "smartcart.com",
-  "socialclub.rockstargames.com", // bug 1138673
   "soeasy.sodexo.be", // bug 1117157
-  "ss2.sfcollege.edu",
   "ss5.sfcollege.edu",
   "ssb.okbu.edu", // for port 8910, bug 1153749
   "sso.acadiau.ca", // bug 1152377
-  "starbucks.com", // bug 1167190
   "stenhouse.com",
-  "store.moxa.com",
-  "svrch13.sugarlandtx.gov",
   "swdownloads.blackberry.com", // bug 1182997
   "syzygy.co.uk",
   "tarjetacencosud.cl",
   "tele2.hr",
-  "tienda.boe.es",
   "tiendas.mediamarkt.es",
   "uralsg.megafon.ru", // bug 1153168
   "usacycling.org", // bug 1163791
-  "userdoor.com",
   "utradehub.or.kr",
-  "vod.skyperfectv.co.jp",
   "watch.sportsnet.ca", // bug 1144769
   "web.asta.org",
   "webapps.ou.edu",
   "webatm.landbank.com.tw",
   "webmail.iyte.edu.tr",
   "websiti.cnbv.gob.mx",
   "webtv.tv2.no",
   "weddings.realresorts.com",
@@ -275,18 +237,16 @@ static const char* const kIntolerantFall
   "www.aa.co.uk", // bug 1141604
   "www.aa.com", // bug 1141604
   "www.aa.com.br", // bug 1141604
   "www.aa.com.do", // bug 1141604
   "www.aa.com.pe", // bug 1141604
   "www.aa.com.ve", // bug 1141604
   "www.aavacations.com", // bug 1141604
   "www.accessingram.com",
-  "www.acgov.org",
-  "www.acteonline.org",
   "www.aeroplan.com", // bug 1137543
   "www.allbankonline.in", // bug 1156441
   "www.allinpay.com",
   "www.alphashirt.com",
   "www.american-airlines.co.kr", // bug 1141604
   "www.american-airlines.nl", // bug 1141604
   "www.americanairlines.be", // bug 1141604
   "www.americanairlines.ch", // bug 1141604
@@ -314,165 +274,146 @@ static const char* const kIntolerantFall
   "www.asko.fi", // bug 1158584
   "www.auroragov.org",
   "www.bancocredichile.cl",
   "www.bankcomm.com.hk", // bug 1141742
   "www.bankhapoalim.co.il", // bug 1138231
   "www.bauschonline.com",
   "www.baybloorradio.com", // bug 1173661
   "www.bbsfonline.com",
-  "www.bettertrades.com",
   "www.bigflix.com",
   "www.blastam.com",
   "www.blogwatcher.co.jp",
   "www.blueprintonline.co.za",
-  "www.boe.es",
   "www.boostmobilesales.com", // bug 1112178
   "www.borsaitaliana.it",
   "www.bottegaverde.es",
   "www.bottegaverde.it",
   "www.bottegaverde.pt",
-  "www.bredbandsbolaget.se", // bug 1158755
   "www.businessdirect.bt.com",
   "www.cafedumonde.jp",
-  "www.car2go.com", // bug 1185080
   "www.careers.asio.gov.au",
   "www.cherry.de", // bug 1141521
   "www.chinapay.com", // bug 1137983
   "www.cipd.co.uk",
   "www.civilization.com", // bug 1156004
   "www.club-animate.jp",
   "www.codan.dk",
   "www.contraloria.cl",
   "www.credem.it",
   "www.crediscotia.com.mx",
   "www.creditagricole.info",
   "www.css-club.net",
   "www.ctfeshop.com.cn",
-  "www.cwu.edu",
+  "www.cwu.edu", // bug 1143035
   "www.dabs.com",
   "www.dabs.ie",
   "www.dabs4work.ie",
   "www.derayah.com",
   "www.digibet.com",
   "www.drcsurveys.com",
   "www.dream-prize.com",
   "www.duskin.co.jp",
   "www.duskin.jp",
   "www.ec-line.cn",
   "www.echo.com",
   "www.echotrak.com",
   "www.epicreg.com",
   "www.ermis.gov.gr",
   "www.esadealumni.net",
   "www.esavingsaccount.co.uk",
-  "www.escrowrefills.com",
-  "www.essentialsupplies.com",
   "www.everyd.com",
   "www.ezpay.com.tw",
   "www.fhsaa.org",
   "www.fibi-online.co.il", // bug 1165580
   "www.fj96336.com",
-  "www.fontainebleau.com",
   "www.foundersc.com",
   "www.fubar.com",
   "www.gamers-onlineshop.jp", // bug 1126654
   "www.gbe-bund.de",
   "www.giftcertificates.com",
   "www.gtja.com",
-  "www.haynes.co.uk",
   "www.hercle.com",
   "www.hn.10086.cn",
   "www.hpshop.gr",
   "www.hsbank.cc",
   "www.hx168.com.cn",
   "www.ingramentertainment.com",
   "www.interpark.com",
   "www.isracard.co.il", // bug 1165582
   "www.jaf.or.jp",
-  "www.jifenpay.com",
   "www.kasite.net",
   "www.khan.co.kr",
+  "www.king-solarman.com", // bug 1190706
   "www.kredodirect.com.ua", // bug 1095507
   "www.law888.com.tw",
   "www.lewisham.gov.uk",
-  "www.lib.cwu.edu",
   "www.libraryvideo.com",
   "www.lm-order.de",
   "www.londonstockexchange.com",
   "www.matkahuolto.info",
   "www.matrics.or.jp",
   "www.mchrono.com",
-  "www.mecsumai.com",
   "www.meta-ehealth.com",
   "www.misterdonut.jp",
   "www.mp2.aeroport.fr",
   "www.mpay.co.th",
   "www.mtsindia.in", // RC4
   "www.my.airdo.jp", // bug 1129773
   "www.myagent.gov.ab.ca", // bug 1152827
-  "www.mynpcdata.net",
   "www.mywebreservations.com",
   "www.ncsoft.com", // bug 1139782
   "www.nec-nexs.com",
   "www.newchinalife.com",
-  "www.nishi.or.jp",
   "www.ocbcwhhk.com", // bug 1141746
   "www.openwebosproject.org", // bug 1151990
   "www.pen-kanagawa.ed.jp",
   "www.polla.cl",
   "www.publicjobs.ie",
   "www.publicrecords.com",
   "www.pwcrecruiting.com",
-  "www.rapidscansecure.com", // bug 1177212
   "www.razorgator.com",
   "www.recoup.com",
-  "www.regonline.com", // bug 1139783
   "www.renaultcredit.com.ar",
   "www.reputation.com",
   "www.rietumu.lv",
   "www.rimac.com.pe",
-  "www.riversendtrading.com",
   "www.roxyaffiliates.com",
   "www.s-book.net",
   "www.safepass.cn",
   "www.session.ne.jp",
   "www.shacomsecurities.com.hk", // bug 1141989
   "www.shop.bt.com",
   "www.slovanet.sk",
   "www.smartcart.com",
-  "www.smartoffice.jp",
   "www.sokamocka.com",
-  "www.starbucks.com", // bug 1167190
   "www.stenhouse.com",
   "www.sunderland.gov.uk",
   "www.syzygy.co.uk",
   "www.tarjetacencosud.cl",
   "www.tealife.co.jp",
   "www.tele2.hr",
   "www.tetsudo.com",
   "www.trkd.thomsonreuters.com", // bug 1172793
   "www.u-gakugei.ac.jp",
   "www.uccard.co.jp",
   "www.ur-net.go.jp",
   "www.usacycling.org", // bug 1163791
   "www.usairways.com", // bug 1142703
-  "www.userdoor.com",
   "www.utradehub.or.kr",
   "www.virgin.net",
   "www.wavecable.com",
   "www.wingarc.com",
   "www.yakult.co.kr",
   "www.zenfolio.com",
   "www.zoominfo.com",
   "www1.aeroplan.com", // bug 1137543
   "www1.isracard.co.il", // bug 1165582
   "www2.aeroplan.com", // bug 1137543
   "www2.wou.edu",
   "www3.aeroplan.com", // bug 1137543
   "www3.ibac.co.jp",
   "www3.taiheiyo-ferry.co.jp",
   "www4.aeroplan.com", // bug 1137543
-  "wwws.kadokawa.co.jp",
   "xyk.cebbank.com", // bug 1145524
   "zenfolio.com",
   "zoominfo.com",
 };
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -1718,16 +1718,17 @@ struct FallbackListComparator
   }
 
 private:
   const char* mTarget;
 };
 
 static const char* const kFallbackWildcardList[] =
 {
+  ".eur.xerox.com", // bug 1187215
   ".kuronekoyamato.co.jp", // bug 1128366
   ".wildcard.test",
 };
 
 bool
 nsSSLIOLayerHelpers::isInsecureFallbackSite(const nsACString& hostname)
 {
   size_t match;