Consider replacing www.yahoo.com with yahoo.com in the Content category

[englehardt]

Right now the Content category contains www.yahoo.com along with a bunch of other subdomains. Similar to #101, it seems safer to include yahoo.com instead.

Here's an example: https://www.etnet.com.hk/www/tc/home/index.php loads a resource from https://pr.ybp.yahoo.com/bw/adx/imp/.... pr.ybp.yahoo.com is not on the blocklist. However, the request contains a high-entropy cookie: e.g., A3=d=AQABBPVRxV4CEFgB4rAa...... This cookie is scoped to .yahoo.com so it will be send to any subdomain not included on this list.

[patjack]

Hi @englehardt - thanks for the issue. It definitely makes sense to use yahoo.com instead of the various subdomains. We're also adding ybp.yahoo.com as an advertising tracker. We'll be pushing an update shortly.