Validate origins when generating subdomain tokens
Subdomain tokens will match against any subdomains of the given origin.
This relaxed matching should not be applied when subdomains represent
separate logical sites (e.g. <user>.github.io). Thus, subdomain tokens
are not to be issued for such domains. For more detail, see the last
question in the Origin Trials developer guide:
https://github.com/jpchase/OriginTrials/blob/gh-pages/developer-guide.md
This CL adds a utility to validate that a origin is not found in the
Public Suffix List. The token generation script will now call the
utility to check the origin, only for subdomain tokens. The utility
is used when the generation script is manually run by the origin
trials team to issue tokens. The intent is to automate the origin
checks, to reduce the number of manual steps in issuing tokens.
BUG=658856
Review-Url: https://codereview.chromium.org/2456053004
Cr-Commit-Position: refs/heads/master@{#440554}
8 files changed
