Bug 1181562 - Update fallback whitelist. r=keeler, a=lmandel
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Thu, 23 Jul 2015 03:07:00 -0400
changeset 275430 3a5c5b34a7d58a5f547357a15490df9c050c4059
parent 275429 e52fe64a174f4070ba38ab94c26fe3156ff2202a
child 275431 446ad5aa6877e06b40760f729a030436e4927312
push id863
push userraliiev@mozilla.com
push dateMon, 03 Aug 2015 13:22:43 +0000
treeherdermozilla-release@f6321b14228d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskeeler, lmandel
bugs1181562
milestone40.0
Bug 1181562 - Update fallback whitelist. r=keeler, a=lmandel
security/manager/ssl/src/IntolerantFallbackList.inc
security/manager/ssl/src/nsNSSIOLayer.cpp
--- a/security/manager/ssl/src/IntolerantFallbackList.inc
+++ b/security/manager/ssl/src/IntolerantFallbackList.inc
@@ -14,17 +14,16 @@ static const char* const kIntolerantFall
   "aa.com.do", // bug 1141604
   "aa.com.pe", // bug 1141604
   "aa.com.ve", // bug 1141604
   "aacoprod.aacounty.org",
   "aavacations.com", // bug 1141604
   "access.boekhuis.nl", // bug 1151580
   "account.61.com.tw",
   "acs.sia.eu", // RC4
-  "actiononline.stpete.org",
   "adman.you.gr",
   "adminweb.uthscsa.edu",
   "airportwifi.com", // bug 1116891
   "allbankonline.in", // bug 1156441
   "allyours.virginmedia.com", // bug 1129887
   "altitude.aircanada.com", // bug 1143325
   "american-airlines.co.kr", // bug 1141604
   "american-airlines.nl", // bug 1141604
@@ -42,20 +41,20 @@ static const char* const kIntolerantFall
   "americanairlines.hu", // bug 1141604
   "americanairlines.ie", // bug 1141604
   "americanairlines.in", // bug 1141604
   "americanairlines.jp", // bug 1141604
   "amss.mobilicity.ca",
   "ap.meitetsuunyu.co.jp",
   "apply.hkbn.net", // bug 1138451
   "apps.amerch.com",
-  "apps.fpcu.org",
   "apps.sasken.com",
   "apps.state.or.us", // bug 1130472
   "appsrv.restat.com",
+  "arcgames.com", // bug 1182932
   "ascii.jp",
   "asko.fi", // bug 1158584
   "b2b.feib.com.tw",
   "baybloorradio.com", // bug 1173661
   "beehive.miit.ru",
   "bettertrades.com",
   "bgw.wangyin.com", // bug 1145521
   "bianmin.chinapay.com", // bug 1137983
@@ -65,119 +64,106 @@ static const char* const kIntolerantFall
   "blogwatcher.co.jp",
   "bonds.euronext.com", // bug 1136091
   "books.wwnorton.com", // bug 1116891
   "bredbandsbolaget.se", // bug 1158755
   "bursar.ou.edu",
   "buttons.verticalresponse.com",
   "c2g.jupiter.fl.us",
   "canadaca.geotrust.com", // bug 1137677
+  "car2go.com", // bug 1185080
   "cbsfnotes1.blood.org.tw",
   "central.acadiau.ca", // bug 1152377
   "cherry.de", // bug 1141521
   "civilization.com", // bug 1156004
-  "click2gov.sanangelotexas.us",
   "clientes.chilectra.cl",
   "club.guosen.com.cn",
   "coagov.aurora-il.org",
   "codem.codemasters.com",
   "commerce.cashnet.com", // bug 1164009
   "comune.milano.it",
   "corporbank.nbcb.com.cn",
   "crm.et2008.com",
   "crossroads.schneider.com",
   "cs.tokai-tv.com",
   "cualerts.dupaco.com", // bug 1116892
   "customers.logistafrance.fr", // bug 1153951
   "cwu.edu",
   "dbank.hxb.com.cn",
   "dealer.autobytel.com",
-  "dealer.autoc-one.jp",
   "dheb.delavska-hranilnica.si",
   "digibet.com",
   "digitalsecurity.intel.com", // bug 1148744
   "dream-prize.com",
   "dwwsyw.bjgjj.gov.cn",
   "eatm.scsb.com.tw",
   "eb.bankcomm.com.hk", // bug 1141742
   "ebank-public.hzbank.com.cn",
   "ebank.hxb.com.cn",
   "ebank.hzbank.com.cn",
   "ebank.rcbcy.com", // bug 1146755
   "ebanking.ocbcwhhk.com", // bug 1141746
   "ebill2.virginmedia.com", // bug 1129887
   "ebpp.airtel.lk",
   "ebspay.boc.cn", // bug 1155567
   "ec-line.cn",
-  "ecams.geico.com", // bug 1138613
   "echo.com",
   "echotrak.com",
   "ecom.morethangourmet.com",
   "ecourses.uthscsa.edu",
-  "egov.leaguecity.com",
   "egov.town-menasha.com", // bug 1157536
   "emaildvla.direct.gov.uk", // bug 1116891
-  "embroiderydesignsplus.com",
   "epicreg.com",
   "eremit.sbising.com",
-  "escrowrefills.com",
   "eservices.palomar.edu",
   "essentialsupplies.com",
   "event.kasite.net",
   "extranet.eurocontrol.int",
   "ez.cityofchesapeake.net",
   "ezpay.com.tw",
   "fallback.test", // Used by gtest
   "fastcheck.sita.aero", // bug 1174974
   "fastlane.echo.com",
   "fhsaa.org",
   "fibi-online.co.il", // bug 1165580
   "finance.car.com",
   "friends.freshandeasy.com",
   "fubar.com",
   "gateway.halton.gov.uk",
   "gbe-bund.de",
-  "geico.com", // bug 1138613
   "gestionesytramites.madrid.org",
   "giftcertificates.com",
-  "hbk.bb.com.br", // bug 1135966
   "hercle.com",
   "hpshop.gr",
   "ibusiness.shacombank.com.hk", // bug 1141989
   "identity.virginmedia.com", // bug 1129887
   "ifund.allianzglobalinvestors.com.tw",
   "ig1.i-grasp.com", // bug 1167894
   "ig4.i-grasp.com", // bug 1167894
   "ihr.suburbanpropane.com",
   "images.bankofthewest.com", // bug 1127204
   "inside.i-med.ac.at",
   "its.bocmacau.com",
   "jbclick.jaxbchfl.net", // bug 1158465
   "jifenpay.com",
   "jst.doded.mil", // bug 1152627
-  "juror.fairfaxcounty.gov",
   "keirin.jp",
   "kjp.keinet.ne.jp",
   "kjp.oo.kawai-juku.ac.jp",
-  "learn.ou.edu",
-  "learn.swosu.edu",
   "lewisham.gov.uk",
   "lm-order.de",
   "login.chicagopolice.org",
   "login.ermis.gov.gr",
   "m.e-hon.ne.jp",
-  "macif.fr", // bug 1167893
+  "m.safari.cwu.edu", // bug 1143035
   "mail.izhnet.ru",
   "map.infonavit.org.mx",
-  "marketday.com", // bug 1092998
-  "matkahuolto.fi", // bug 1174957
   "mchrono.com",
   "mecsumai.com",
   "member.edenredticket.com",
-  "mercernet.fr", // bug 1147649
   "merchant.edenredticket.com",
   "meta-ehealth.com",
   "mobile.aa.com", // bug 1141604
   "mobile.dream-prize.com",
   "mon-ulb.ulb.ac.be",
   "my-csprd.ea.cwu.edu", // bug 1143035
   "my-csrenprd.ea.cwu.edu", // bug 1143035
   "my-fsprd.ea.cwu.edu", // bug 1143035
@@ -188,113 +174,97 @@ static const char* const kIntolerantFall
   "my.cwu.edu", // bug 1143035
   "my.if.com", // bug 1173592
   "my.kyivstar.ua",
   "my.miit.ru",
   "myaccount.allstate.com", // bug 1143031
   "myaccount3.westnet.com.au", // bug 1157139
   "mybank.nbcb.com.cn",
   "myhancock.hancockcollege.edu",
-  "myntc.ntc.edu",
   "myuws.uws.edu.au",
   "mywebreservations.com",
   "na.aiononline.com", // bug 1139782
   "national.virginmedia.com", // bug 1129887
   "nbank.hxb.com.cn",
   "netbanking.yesbank.co.in", // bug 1146090
   "niche.endsleigh.co.uk",
   "nmsmp.alsok.co.jp",
   "no1.nipponrentacar.co.jp",
   "obos1.obos.no",
   "officials.fhsaa.org",
   "online.newindia.co.in",
   "online.sainsburysbank.co.uk",
   "openwebosproject.org", // bug 1151990
-  "opi.emersonclimate.com",
   "opus.pinellascounty.org",
   "owa.byui.edu",
   "ozone.ou.edu",
   "parents.ou.edu",
   "partnerweb.vmware.com", // bug 1142187
-  "paslists.com", // for port 9211, bug 1155712
   "payment.condor.com", // bug 1152347
   "payment.safepass.cn",
   "payments.virginmedia.com", // bug 1129887
   "poezd.rw.by",
   "portal.eztec.com.br",
   "portal.questonline.gr",
   "portal.uem.es",
   "profiles.uthscsa.edu",
   "publicacionesoficiales.boe.es",
   "publicjobs.ie",
   "publicrecords.com",
   "racenet.codemasters.com", // bug 1163716
+  "rapidscansecure.com", // bug 1177212
   "recoup.com",
   "registration.o2.co.uk",
   "regonline.com", // bug 1139783
   "renewals.cipd.co.uk",
   "repair.kuroneko-kadendr.jp", // bug 1128366
   "repairmb.kuroneko-kadendr.jp", // bug 1128366
   "reputation.com",
   "research-report.uws.edu.au",
   "reservations.usairways.com", // bug 1165400
-  "rezstream.net",
   "rietumu.lv",
-  "rotr.com",
   "roxyaffiliates.com",
   "sales.newchinalife.com",
   "sbank.hxb.com.cn",
   "sboseweb.mcpsweb.org",
-  "school.keystoneschoolonline.com",
   "secure-checkout.t-mobile.com", // bug 1133648
   "secure.bg-mania.jp",
   "secure.crbonline.gov.uk", // bug 1166644
   "secure.fortisbc.com",
   "secure.ncsoft.com", // bug 1139782
   "secure.smartcart.com",
-  "secure2.i-doxs.net", // bug 1140876
-  "secure3.i-doxs.net", // bug 1140876
-  "secure4.i-doxs.net", // bug 1140876
-  "secure6.i-doxs.net", // bug 1140876
-  "secure7.i-doxs.net", // bug 1140876
-  "secure8.i-doxs.net", // bug 1140876
   "secureonline.dwp.gov.uk",
   "sems.hrd.ccsd.net",
-  "service.autoc-one.jp",
   "services.apvma.gov.au",
   "services.geotrust.com", // bug 1137677
   "servizionline.infogroup.it",
-  "shop.autoc-one.jp",
   "shop.kagome.co.jp",
   "shop.nanairo.coop", // bug 1128318
   "shop.wildstar-online.com", // bug 1139782
-  "sisweb.ucd.ie",
   "slovanet.sk",
   "smartcart.com",
-  "smarticon.geotrust.com", // bug 1137677
   "socialclub.rockstargames.com", // bug 1138673
   "soeasy.sodexo.be", // bug 1117157
   "ss2.sfcollege.edu",
   "ss5.sfcollege.edu",
   "ssb.okbu.edu", // for port 8910, bug 1153749
   "sso.acadiau.ca", // bug 1152377
   "starbucks.com", // bug 1167190
   "stenhouse.com",
   "store.moxa.com",
   "svrch13.sugarlandtx.gov",
+  "swdownloads.blackberry.com", // bug 1182997
   "syzygy.co.uk",
   "tarjetacencosud.cl",
   "tele2.hr",
   "tienda.boe.es",
   "tiendas.mediamarkt.es",
-  "trueblue.jetblue.com",
   "uralsg.megafon.ru", // bug 1153168
   "usacycling.org", // bug 1163791
   "userdoor.com",
-  "uslugi.beeline.am",
   "utradehub.or.kr",
   "vod.skyperfectv.co.jp",
   "watch.sportsnet.ca", // bug 1144769
   "web.asta.org",
   "webapps.ou.edu",
   "webatm.landbank.com.tw",
   "webmail.iyte.edu.tr",
   "websiti.cnbv.gob.mx",
@@ -335,16 +305,17 @@ static const char* const kIntolerantFall
   "www.americanairlines.ie", // bug 1141604
   "www.americanairlines.in", // bug 1141604
   "www.americanairlines.it", // bug 1141604
   "www.americanairlines.jp", // bug 1141604
   "www.amica.com", // bug 1139563
   "www.ancelutil.com.uy",
   "www.animate-onlineshop.jp", // bug 1126652
   "www.apeasternpower.com",
+  "www.arcgames.com", // bug 1182932
   "www.asko.fi", // bug 1158584
   "www.auroragov.org",
   "www.bancocredichile.cl",
   "www.bankcomm.com.hk", // bug 1141742
   "www.bankhapoalim.co.il", // bug 1138231
   "www.bauschonline.com",
   "www.baybloorradio.com", // bug 1173661
   "www.bbsfonline.com",
@@ -357,20 +328,20 @@ static const char* const kIntolerantFall
   "www.boostmobilesales.com", // bug 1112178
   "www.borsaitaliana.it",
   "www.bottegaverde.es",
   "www.bottegaverde.it",
   "www.bottegaverde.pt",
   "www.bredbandsbolaget.se", // bug 1158755
   "www.businessdirect.bt.com",
   "www.cafedumonde.jp",
+  "www.car2go.com", // bug 1185080
   "www.careers.asio.gov.au",
   "www.cherry.de", // bug 1141521
   "www.chinapay.com", // bug 1137983
-  "www.cihi.ca",
   "www.cipd.co.uk",
   "www.civilization.com", // bug 1156004
   "www.club-animate.jp",
   "www.codan.dk",
   "www.contraloria.cl",
   "www.credem.it",
   "www.crediscotia.com.mx",
   "www.creditagricole.info",
@@ -384,117 +355,97 @@ static const char* const kIntolerantFall
   "www.digibet.com",
   "www.drcsurveys.com",
   "www.dream-prize.com",
   "www.duskin.co.jp",
   "www.duskin.jp",
   "www.ec-line.cn",
   "www.echo.com",
   "www.echotrak.com",
-  "www.embroiderydesignsplus.com",
   "www.epicreg.com",
   "www.ermis.gov.gr",
   "www.esadealumni.net",
   "www.esavingsaccount.co.uk",
   "www.escrowrefills.com",
   "www.essentialsupplies.com",
-  "www.euronext.com", // bug 1136091
   "www.everyd.com",
   "www.ezpay.com.tw",
   "www.fhsaa.org",
   "www.fibi-online.co.il", // bug 1165580
   "www.fj96336.com",
   "www.fontainebleau.com",
   "www.foundersc.com",
   "www.fubar.com",
-  "www.fundsupermart.co.in",
   "www.gamers-onlineshop.jp", // bug 1126654
   "www.gbe-bund.de",
   "www.giftcertificates.com",
-  "www.golfersland.net",
   "www.gtja.com",
-  "www.hankyu-club.com",
   "www.haynes.co.uk",
   "www.hercle.com",
   "www.hn.10086.cn",
-  "www.hotel-story.ne.jp",
   "www.hpshop.gr",
   "www.hsbank.cc",
   "www.hx168.com.cn",
   "www.ingramentertainment.com",
   "www.interpark.com",
   "www.isracard.co.il", // bug 1165582
   "www.jaf.or.jp",
   "www.jifenpay.com",
   "www.kasite.net",
   "www.khan.co.kr",
-  "www.komatsu-kenki.co.jp",
-  "www.komatsu.co.jp",
-  "www.komatsu.com",
   "www.kredodirect.com.ua", // bug 1095507
   "www.law888.com.tw",
   "www.lewisham.gov.uk",
   "www.lib.cwu.edu",
   "www.libraryvideo.com",
   "www.lm-order.de",
   "www.londonstockexchange.com",
-  "www.macif.fr", // bug 1167893
-  "www.marketday.com", // bug 1092998
-  "www.matkahuolto.fi", // bug 1174957
   "www.matkahuolto.info",
   "www.matrics.or.jp",
   "www.mchrono.com",
   "www.mecsumai.com",
-  "www.mercatoneuno.com",
-  "www.mercernet.fr", // bug 1147649
   "www.meta-ehealth.com",
   "www.misterdonut.jp",
-  "www.mizuno.jp",
-  "www.monclick.it",
   "www.mp2.aeroport.fr",
   "www.mpay.co.th",
   "www.mtsindia.in", // RC4
   "www.my.airdo.jp", // bug 1129773
   "www.myagent.gov.ab.ca", // bug 1152827
   "www.mynpcdata.net",
   "www.mywebreservations.com",
   "www.ncsoft.com", // bug 1139782
   "www.nec-nexs.com",
   "www.newchinalife.com",
   "www.nishi.or.jp",
   "www.ocbcwhhk.com", // bug 1141746
   "www.openwebosproject.org", // bug 1151990
-  "www.paslists.com", // for port 9211, bug 1155712
   "www.pen-kanagawa.ed.jp",
   "www.polla.cl",
   "www.publicjobs.ie",
   "www.publicrecords.com",
   "www.pwcrecruiting.com",
+  "www.rapidscansecure.com", // bug 1177212
   "www.razorgator.com",
   "www.recoup.com",
   "www.regonline.com", // bug 1139783
   "www.renaultcredit.com.ar",
   "www.reputation.com",
-  "www.rezstream.net",
   "www.rietumu.lv",
   "www.rimac.com.pe",
   "www.riversendtrading.com",
-  "www.rotr.com",
   "www.roxyaffiliates.com",
   "www.s-book.net",
   "www.safepass.cn",
   "www.session.ne.jp",
-  "www.shacombank.com.hk", // bug 1141989
   "www.shacomsecurities.com.hk", // bug 1141989
   "www.shop.bt.com",
   "www.slovanet.sk",
   "www.smartcart.com",
   "www.smartoffice.jp",
   "www.sokamocka.com",
-  "www.sports-nakama.com",
   "www.starbucks.com", // bug 1167190
   "www.stenhouse.com",
   "www.sunderland.gov.uk",
   "www.syzygy.co.uk",
   "www.tarjetacencosud.cl",
   "www.tealife.co.jp",
   "www.tele2.hr",
   "www.tetsudo.com",
@@ -510,22 +461,18 @@ static const char* const kIntolerantFall
   "www.wavecable.com",
   "www.wingarc.com",
   "www.yakult.co.kr",
   "www.zenfolio.com",
   "www.zoominfo.com",
   "www1.aeroplan.com", // bug 1137543
   "www1.isracard.co.il", // bug 1165582
   "www2.aeroplan.com", // bug 1137543
-  "www2.bancobrasil.com.br", // bug 1135966
   "www2.wou.edu",
-  "www28.bb.com.br", // bug 1135966
   "www3.aeroplan.com", // bug 1137543
   "www3.ibac.co.jp",
   "www3.taiheiyo-ferry.co.jp",
   "www4.aeroplan.com", // bug 1137543
-  "www41.bb.com.br", // bug 1135966
-  "www73.bb.com.br", // bug 1135966
   "wwws.kadokawa.co.jp",
   "xyk.cebbank.com", // bug 1145524
   "zenfolio.com",
   "zoominfo.com",
 };
--- a/security/manager/ssl/src/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/src/nsNSSIOLayer.cpp
@@ -1730,17 +1730,16 @@ struct FallbackListComparator
 
 private:
   const char* mTarget;
 };
 
 static const char* const kFallbackWildcardList[] =
 {
   ".kuronekoyamato.co.jp", // bug 1128366
-  ".userstorage.mega.co.nz", // bug 1133496
   ".wildcard.test",
 };
 
 bool
 nsSSLIOLayerHelpers::isInsecureFallbackSite(const nsACString& hostname)
 {
   size_t match;
   if (mUseStaticFallbackList) {