How can the Public Suffix List be used to determine valid subdomains in PHP?

The Public Suffix List can be used in PHP to determine valid subdomains by checking if a given domain or subdomain is a public suffix. This can help prevent security vulnerabilities such as cookie injection attacks. By comparing the domain or subdomain against the entries in the Public Suffix List, we can ensure that only valid subdomains are accepted.

// Load the Public Suffix List
$publicSuffixList = file_get_contents(&#039;https://publicsuffix.org/list/public_suffix_list.dat&#039;);
$publicSuffixes = explode(&quot;\n&quot;, $publicSuffixList);

// Function to check if a subdomain is valid
function isValidSubdomain($subdomain) {
    global $publicSuffixes;
    
    $subdomainParts = explode(&#039;.&#039;, $subdomain);
    $subdomainPartsCount = count($subdomainParts);
    
    for ($i = 0; $i &lt; $subdomainPartsCount; $i++) {
        $checkSubdomain = implode(&#039;.&#039;, array_slice($subdomainParts, $i));
        
        if (in_array($checkSubdomain, $publicSuffixes)) {
            return true;
        }
    }
    
    return false;
}

// Example usage
$subdomain = &#039;subdomain.example.com&#039;;
if (isValidSubdomain($subdomain)) {
    echo &#039;Valid subdomain&#039;;
} else {
    echo &#039;Invalid subdomain&#039;;
}

Keywords

Public Suffix List subdomains PHP validation domain parsing

How can the Public Suffix List be used to determine valid subdomains in PHP?

Keywords

Related Questions