Bug 1195789 - Update fallback whitelist. r=cykesiopka, a=ritu a=sylvestre
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Wed, 02 Sep 2015 00:44:04 +0900
changeset 289108 6a1945ebef4166ab8517d765a06657d749e3805d
parent 289107 1cb1b8329d35a3896ffcbdc00d9ff889ad91eb52
child 289109 422d0883290ede7f6853b1a148cb24b45e20cb44
push id5067
push userraliiev@mozilla.com
push dateMon, 21 Sep 2015 14:04:52 +0000
treeherdermozilla-beta@14221ffe5b2f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerscykesiopka, ritu, sylvestre
bugs1195789
milestone42.0a2
Bug 1195789 - Update fallback whitelist. r=cykesiopka, a=ritu a=sylvestre
security/manager/ssl/IntolerantFallbackList.inc
security/manager/ssl/nsNSSIOLayer.cpp
--- a/security/manager/ssl/IntolerantFallbackList.inc
+++ b/security/manager/ssl/IntolerantFallbackList.inc
@@ -37,89 +37,79 @@ static const char* const kIntolerantFall
   "americanairlines.com.au", // bug 1141604
   "americanairlines.com.ru", // bug 1141604
   "americanairlines.es", // bug 1141604
   "americanairlines.fr", // bug 1141604
   "americanairlines.hu", // bug 1141604
   "americanairlines.ie", // bug 1141604
   "americanairlines.in", // bug 1141604
   "americanairlines.jp", // bug 1141604
-  "amss.mobilicity.ca",
   "ap.meitetsuunyu.co.jp",
   "apply.hkbn.net", // bug 1138451
   "apps.amerch.com",
   "apps.sasken.com",
   "apps.state.or.us", // bug 1130472
   "appsrv.restat.com",
   "arcgames.com", // bug 1182932
-  "ascii.jp",
   "asko.fi", // bug 1158584
   "b2b.feib.com.tw",
   "baybloorradio.com", // bug 1173661
   "beehive.miit.ru",
-  "bettertrades.com",
   "bgw.wangyin.com", // bug 1145521
   "bianmin.chinapay.com", // bug 1137983
   "bigflix.com",
   "blackboard.tru.ca",
   "blastam.com",
   "blogwatcher.co.jp",
   "bonds.euronext.com", // bug 1136091
   "books.wwnorton.com", // bug 1116891
-  "bredbandsbolaget.se", // bug 1158755
   "bursar.ou.edu",
   "buttons.verticalresponse.com",
   "c2g.jupiter.fl.us",
   "canadaca.geotrust.com", // bug 1137677
-  "car2go.com", // bug 1185080
   "cbsfnotes1.blood.org.tw",
   "central.acadiau.ca", // bug 1152377
   "cherry.de", // bug 1141521
   "civilization.com", // bug 1156004
   "clientes.chilectra.cl",
   "club.guosen.com.cn",
   "coagov.aurora-il.org",
   "codem.codemasters.com",
-  "commerce.cashnet.com", // bug 1164009
   "comune.milano.it",
   "corporbank.nbcb.com.cn",
   "crm.et2008.com",
-  "crossroads.schneider.com",
-  "cs.tokai-tv.com",
   "cualerts.dupaco.com", // bug 1116892
   "customers.logistafrance.fr", // bug 1153951
   "cwu.edu",
   "dbank.hxb.com.cn",
   "dealer.autobytel.com",
   "dheb.delavska-hranilnica.si",
   "digibet.com",
   "digitalsecurity.intel.com", // bug 1148744
   "dream-prize.com",
   "dwwsyw.bjgjj.gov.cn",
   "eatm.scsb.com.tw",
   "eb.bankcomm.com.hk", // bug 1141742
   "ebank-public.hzbank.com.cn",
   "ebank.hxb.com.cn",
   "ebank.hzbank.com.cn",
   "ebank.rcbcy.com", // bug 1146755
-  "ebanking.ocbcwhhk.com", // bug 1141746
   "ebill2.virginmedia.com", // bug 1129887
   "ebpp.airtel.lk",
   "ebspay.boc.cn", // bug 1155567
   "ec-line.cn",
   "echo.com",
   "echotrak.com",
   "ecom.morethangourmet.com",
   "ecourses.uthscsa.edu",
   "egov.town-menasha.com", // bug 1157536
   "emaildvla.direct.gov.uk", // bug 1116891
   "epicreg.com",
   "eremit.sbising.com",
   "eservices.palomar.edu",
-  "essentialsupplies.com",
   "event.kasite.net",
   "extranet.eurocontrol.int",
   "ez.cityofchesapeake.net",
   "ezpay.com.tw",
   "fallback.test", // Used by gtest
   "fastcheck.sita.aero", // bug 1174974
   "fastlane.echo.com",
   "fhsaa.org",
@@ -128,145 +118,117 @@ static const char* const kIntolerantFall
   "friends.freshandeasy.com",
   "fubar.com",
   "gateway.halton.gov.uk",
   "gbe-bund.de",
   "gestionesytramites.madrid.org",
   "giftcertificates.com",
   "hercle.com",
   "hpshop.gr",
-  "ibusiness.shacombank.com.hk", // bug 1141989
   "identity.virginmedia.com", // bug 1129887
   "ifund.allianzglobalinvestors.com.tw",
   "ig1.i-grasp.com", // bug 1167894
   "ig4.i-grasp.com", // bug 1167894
   "ihr.suburbanpropane.com",
-  "images.bankofthewest.com", // bug 1127204
   "inside.i-med.ac.at",
   "its.bocmacau.com",
   "jbclick.jaxbchfl.net", // bug 1158465
-  "jifenpay.com",
   "jst.doded.mil", // bug 1152627
   "keirin.jp",
+  "king-solarman.com", // bug 1190706
   "kjp.keinet.ne.jp",
   "kjp.oo.kawai-juku.ac.jp",
   "lewisham.gov.uk",
   "lm-order.de",
   "login.chicagopolice.org",
   "login.ermis.gov.gr",
   "m.e-hon.ne.jp",
-  "m.safari.cwu.edu", // bug 1143035
   "mail.izhnet.ru",
   "map.infonavit.org.mx",
   "mchrono.com",
-  "mecsumai.com",
   "member.edenredticket.com",
   "merchant.edenredticket.com",
   "meta-ehealth.com",
   "mobile.aa.com", // bug 1141604
   "mobile.dream-prize.com",
   "mon-ulb.ulb.ac.be",
-  "my-csprd.ea.cwu.edu", // bug 1143035
-  "my-csrenprd.ea.cwu.edu", // bug 1143035
-  "my-fsprd.ea.cwu.edu", // bug 1143035
-  "my-fsrenprd.ea.cwu.edu", // bug 1143035
-  "my-fsrpt.ea.cwu.edu", // bug 1143035
-  "my-hrprd.ea.cwu.edu", // bug 1143035
-  "my-hrrenprd.ea.cwu.edu", // bug 1143035
-  "my.cwu.edu", // bug 1143035
   "my.if.com", // bug 1173592
   "my.kyivstar.ua",
   "my.miit.ru",
   "myaccount.allstate.com", // bug 1143031
-  "myaccount3.westnet.com.au", // bug 1157139
   "mybank.nbcb.com.cn",
   "myhancock.hancockcollege.edu",
-  "myuws.uws.edu.au",
   "mywebreservations.com",
   "na.aiononline.com", // bug 1139782
   "national.virginmedia.com", // bug 1129887
   "nbank.hxb.com.cn",
   "netbanking.yesbank.co.in", // bug 1146090
-  "niche.endsleigh.co.uk",
+  "new.fibi-online.co.il", // bug 1187242
   "nmsmp.alsok.co.jp",
   "no1.nipponrentacar.co.jp",
   "obos1.obos.no",
   "officials.fhsaa.org",
+  "online.bankotsar.co.il", // bug 1187242
   "online.newindia.co.in",
   "online.sainsburysbank.co.uk",
   "openwebosproject.org", // bug 1151990
-  "opus.pinellascounty.org",
   "owa.byui.edu",
   "ozone.ou.edu",
   "parents.ou.edu",
   "partnerweb.vmware.com", // bug 1142187
   "payment.condor.com", // bug 1152347
   "payment.safepass.cn",
   "payments.virginmedia.com", // bug 1129887
-  "poezd.rw.by",
   "portal.eztec.com.br",
   "portal.questonline.gr",
   "portal.uem.es",
   "profiles.uthscsa.edu",
-  "publicacionesoficiales.boe.es",
   "publicjobs.ie",
   "publicrecords.com",
   "racenet.codemasters.com", // bug 1163716
-  "rapidscansecure.com", // bug 1177212
   "recoup.com",
   "registration.o2.co.uk",
-  "regonline.com", // bug 1139783
   "renewals.cipd.co.uk",
   "repair.kuroneko-kadendr.jp", // bug 1128366
   "repairmb.kuroneko-kadendr.jp", // bug 1128366
   "reputation.com",
-  "research-report.uws.edu.au",
   "reservations.usairways.com", // bug 1165400
   "rietumu.lv",
   "roxyaffiliates.com",
   "sales.newchinalife.com",
   "sbank.hxb.com.cn",
   "sboseweb.mcpsweb.org",
-  "secure-checkout.t-mobile.com", // bug 1133648
   "secure.bg-mania.jp",
   "secure.crbonline.gov.uk", // bug 1166644
   "secure.fortisbc.com",
   "secure.ncsoft.com", // bug 1139782
   "secure.smartcart.com",
   "secureonline.dwp.gov.uk",
   "sems.hrd.ccsd.net",
   "services.apvma.gov.au",
   "services.geotrust.com", // bug 1137677
   "servizionline.infogroup.it",
   "shop.kagome.co.jp",
   "shop.nanairo.coop", // bug 1128318
   "shop.wildstar-online.com", // bug 1139782
   "slovanet.sk",
   "smartcart.com",
-  "socialclub.rockstargames.com", // bug 1138673
   "soeasy.sodexo.be", // bug 1117157
-  "ss2.sfcollege.edu",
   "ss5.sfcollege.edu",
   "ssb.okbu.edu", // for port 8910, bug 1153749
   "sso.acadiau.ca", // bug 1152377
-  "starbucks.com", // bug 1167190
   "stenhouse.com",
-  "store.moxa.com",
-  "svrch13.sugarlandtx.gov",
   "swdownloads.blackberry.com", // bug 1182997
   "syzygy.co.uk",
   "tarjetacencosud.cl",
   "tele2.hr",
-  "tienda.boe.es",
   "tiendas.mediamarkt.es",
   "uralsg.megafon.ru", // bug 1153168
   "usacycling.org", // bug 1163791
-  "userdoor.com",
   "utradehub.or.kr",
-  "vod.skyperfectv.co.jp",
   "watch.sportsnet.ca", // bug 1144769
   "web.asta.org",
   "webapps.ou.edu",
   "webatm.landbank.com.tw",
   "webmail.iyte.edu.tr",
   "websiti.cnbv.gob.mx",
   "webtv.tv2.no",
   "weddings.realresorts.com",
@@ -275,18 +237,16 @@ static const char* const kIntolerantFall
   "www.aa.co.uk", // bug 1141604
   "www.aa.com", // bug 1141604
   "www.aa.com.br", // bug 1141604
   "www.aa.com.do", // bug 1141604
   "www.aa.com.pe", // bug 1141604
   "www.aa.com.ve", // bug 1141604
   "www.aavacations.com", // bug 1141604
   "www.accessingram.com",
-  "www.acgov.org",
-  "www.acteonline.org",
   "www.aeroplan.com", // bug 1137543
   "www.allbankonline.in", // bug 1156441
   "www.allinpay.com",
   "www.alphashirt.com",
   "www.american-airlines.co.kr", // bug 1141604
   "www.american-airlines.nl", // bug 1141604
   "www.americanairlines.be", // bug 1141604
   "www.americanairlines.ch", // bug 1141604
@@ -314,165 +274,146 @@ static const char* const kIntolerantFall
   "www.asko.fi", // bug 1158584
   "www.auroragov.org",
   "www.bancocredichile.cl",
   "www.bankcomm.com.hk", // bug 1141742
   "www.bankhapoalim.co.il", // bug 1138231
   "www.bauschonline.com",
   "www.baybloorradio.com", // bug 1173661
   "www.bbsfonline.com",
-  "www.bettertrades.com",
   "www.bigflix.com",
   "www.blastam.com",
   "www.blogwatcher.co.jp",
   "www.blueprintonline.co.za",
-  "www.boe.es",
   "www.boostmobilesales.com", // bug 1112178
   "www.borsaitaliana.it",
   "www.bottegaverde.es",
   "www.bottegaverde.it",
   "www.bottegaverde.pt",
-  "www.bredbandsbolaget.se", // bug 1158755
   "www.businessdirect.bt.com",
   "www.cafedumonde.jp",
-  "www.car2go.com", // bug 1185080
   "www.careers.asio.gov.au",
   "www.cherry.de", // bug 1141521
   "www.chinapay.com", // bug 1137983
   "www.cipd.co.uk",
   "www.civilization.com", // bug 1156004
   "www.club-animate.jp",
   "www.codan.dk",
   "www.contraloria.cl",
   "www.credem.it",
   "www.crediscotia.com.mx",
   "www.creditagricole.info",
   "www.css-club.net",
   "www.ctfeshop.com.cn",
-  "www.cwu.edu",
+  "www.cwu.edu", // bug 1143035
   "www.dabs.com",
   "www.dabs.ie",
   "www.dabs4work.ie",
   "www.derayah.com",
   "www.digibet.com",
   "www.drcsurveys.com",
   "www.dream-prize.com",
   "www.duskin.co.jp",
   "www.duskin.jp",
   "www.ec-line.cn",
   "www.echo.com",
   "www.echotrak.com",
   "www.epicreg.com",
   "www.ermis.gov.gr",
   "www.esadealumni.net",
   "www.esavingsaccount.co.uk",
-  "www.escrowrefills.com",
-  "www.essentialsupplies.com",
   "www.everyd.com",
   "www.ezpay.com.tw",
   "www.fhsaa.org",
   "www.fibi-online.co.il", // bug 1165580
   "www.fj96336.com",
-  "www.fontainebleau.com",
   "www.foundersc.com",
   "www.fubar.com",
   "www.gamers-onlineshop.jp", // bug 1126654
   "www.gbe-bund.de",
   "www.giftcertificates.com",
   "www.gtja.com",
-  "www.haynes.co.uk",
   "www.hercle.com",
   "www.hn.10086.cn",
   "www.hpshop.gr",
   "www.hsbank.cc",
   "www.hx168.com.cn",
   "www.ingramentertainment.com",
   "www.interpark.com",
   "www.isracard.co.il", // bug 1165582
   "www.jaf.or.jp",
-  "www.jifenpay.com",
   "www.kasite.net",
   "www.khan.co.kr",
+  "www.king-solarman.com", // bug 1190706
   "www.kredodirect.com.ua", // bug 1095507
   "www.law888.com.tw",
   "www.lewisham.gov.uk",
-  "www.lib.cwu.edu",
   "www.libraryvideo.com",
   "www.lm-order.de",
   "www.londonstockexchange.com",
   "www.matkahuolto.info",
   "www.matrics.or.jp",
   "www.mchrono.com",
-  "www.mecsumai.com",
   "www.meta-ehealth.com",
   "www.misterdonut.jp",
   "www.mp2.aeroport.fr",
   "www.mpay.co.th",
   "www.mtsindia.in", // RC4
   "www.my.airdo.jp", // bug 1129773
   "www.myagent.gov.ab.ca", // bug 1152827
-  "www.mynpcdata.net",
   "www.mywebreservations.com",
   "www.ncsoft.com", // bug 1139782
   "www.nec-nexs.com",
   "www.newchinalife.com",
-  "www.nishi.or.jp",
   "www.ocbcwhhk.com", // bug 1141746
   "www.openwebosproject.org", // bug 1151990
   "www.pen-kanagawa.ed.jp",
   "www.polla.cl",
   "www.publicjobs.ie",
   "www.publicrecords.com",
   "www.pwcrecruiting.com",
-  "www.rapidscansecure.com", // bug 1177212
   "www.razorgator.com",
   "www.recoup.com",
-  "www.regonline.com", // bug 1139783
   "www.renaultcredit.com.ar",
   "www.reputation.com",
   "www.rietumu.lv",
   "www.rimac.com.pe",
-  "www.riversendtrading.com",
   "www.roxyaffiliates.com",
   "www.s-book.net",
   "www.safepass.cn",
   "www.session.ne.jp",
   "www.shacomsecurities.com.hk", // bug 1141989
   "www.shop.bt.com",
   "www.slovanet.sk",
   "www.smartcart.com",
-  "www.smartoffice.jp",
   "www.sokamocka.com",
-  "www.starbucks.com", // bug 1167190
   "www.stenhouse.com",
   "www.sunderland.gov.uk",
   "www.syzygy.co.uk",
   "www.tarjetacencosud.cl",
   "www.tealife.co.jp",
   "www.tele2.hr",
   "www.tetsudo.com",
   "www.trkd.thomsonreuters.com", // bug 1172793
   "www.u-gakugei.ac.jp",
   "www.uccard.co.jp",
   "www.ur-net.go.jp",
   "www.usacycling.org", // bug 1163791
   "www.usairways.com", // bug 1142703
-  "www.userdoor.com",
   "www.utradehub.or.kr",
   "www.virgin.net",
   "www.wavecable.com",
   "www.wingarc.com",
   "www.yakult.co.kr",
   "www.zenfolio.com",
   "www.zoominfo.com",
   "www1.aeroplan.com", // bug 1137543
   "www1.isracard.co.il", // bug 1165582
   "www2.aeroplan.com", // bug 1137543
   "www2.wou.edu",
   "www3.aeroplan.com", // bug 1137543
   "www3.ibac.co.jp",
   "www3.taiheiyo-ferry.co.jp",
   "www4.aeroplan.com", // bug 1137543
-  "wwws.kadokawa.co.jp",
   "xyk.cebbank.com", // bug 1145524
   "zenfolio.com",
   "zoominfo.com",
 };
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@@ -1731,16 +1731,17 @@ struct FallbackListComparator
   }
 
 private:
   const char* mTarget;
 };
 
 static const char* const kFallbackWildcardList[] =
 {
+  ".eur.xerox.com", // bug 1187215
   ".kuronekoyamato.co.jp", // bug 1128366
   ".wildcard.test",
 };
 
 bool
 nsSSLIOLayerHelpers::isInsecureFallbackSite(const nsACString& hostname)
 {
   size_t match;