Add heiyu.space

[snyh]

Public Suffix List (PSL) Pull Request (PR) Template

Each PSL PR needs to have a description, rationale, indication of DNS validation and syntax checking, as well as a number of acknowledgements from the submitter. This template must be included with each PR, and the submitting party MUST provide responses to all of the elements in order to be considered.

Checklist of required steps

• [x] Description of Organization

• [x] Robust Reason for PSL Inclusion

• [x] DNS verification via dig

• [x] Run Syntax Checker (make test)

• [x] Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _PSL txt record in place in the respective zone(s) in the affected section

Submitter affirms the following:

• [x] We are listing any third-party limits that we seek to work around in our rationale such as those between IOS 14.5+ and Facebook (see Issue #1245 as a well-documented example)

• [x] This request was not submitted with the objective of working around other third-party limits

• [x] The Guidelines were carefully read and understood, and this request conforms
• [x] The submission follows the guidelines on formatting and sorting

---

For Private section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

• [x] Yes, I understand. I could break my organization's website cookies etc. and the rollback timing, etc is acceptable. Proceed.

Description of Organization

We are a software and hardware manufacturer that provides private cloud services in ordinary homes. I'm an IT administrator within an organization.

Organization Website: https://lazycat.cloud

Reason for PSL Inclusion

Our customers run our home cloud application. We provide each customer with a unique subdomain of heiyu.space. We want our customers apps to be isolated from each other (cookies, etc.) We want to prevent setting cookies on the private domains.

Please note that for reasons of security and home network restrictions, xxx.heiyu.space can only be accessed if the proprietary client (VPN) is running. However, user access is still by entering the domain name through a normal browser.

Number of users this request is being made to serve: Expected millions of users, currently thousands

DNS Verification via dig

dig +short TXT _psl.heiyu.space
"https://github.com/publicsuffix/list/pull/1980"

Results of Syntax Checker (make test)

Result:

``` [snyh@yoga-x1 list]$ make test cd linter; \ ./pslint_selftest.sh; \ ./pslint.py ../public_suffix_list.dat; test_allowedchars: OK test_dots: OK test_duplicate: OK test_exception: OK test_NFKC: OK test_punycode: OK test_section1: OK test_section2: OK test_section3: OK test_section4: OK test_spaces: OK test_wildcard: OK test -d libpsl || git clone --depth=1 https://github.com/rockdaboot/libpsl; \ cd libpsl; \ git pull; \ echo "EXTRA_DIST =" > gtk-doc.make; \ echo "CLEANFILES =" >> gtk-doc.make; \ autoreconf --install --force --symlink; Already up to date. autopoint: using AM_GNU_GETTEXT_REQUIRE_VERSION instead of AM_GNU_GETTEXT_VERSION libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, 'build-aux'. libtoolize: linking file 'build-aux/ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'm4'. libtoolize: linking file 'm4/libtool.m4' libtoolize: linking file 'm4/ltoptions.m4' libtoolize: linking file 'm4/ltsugar.m4' libtoolize: linking file 'm4/ltversion.m4' libtoolize: linking file 'm4/lt~obsolete.m4' configure.ac:1: warning: file `version.txt' included several times configure.ac:4: warning: file `version.txt' included several times aclocal.m4:833: AM_INIT_AUTOMAKE is expanded from... configure.ac:4: the top level configure.ac:383: warning: file `version.txt' included several times configure.ac:10: installing 'build-aux/compile' configure.ac:4: installing 'build-aux/missing' fuzz/Makefile.am: installing 'build-aux/depcomp' cd libpsl && ./configure -q -C --enable-runtime=libicu --enable-builtin=libicu --with-psl-file=/home/snyh/snyh-code/list/public_suffix_list.dat --with-psl-testfile=/home/snyh/snyh-code/list/tests/tests.txt && make -s clean && make -s check -j4 configure: WARNING: --enable-builtin=libicu is deprecated, use --enable-builtin (enabled by default) config.status: creating po/POTFILES config.status: creating po/Makefile Making clean in po Making clean in include Making clean in src rm -f ./so_locations Making clean in tools rm -f psl Making clean in fuzz rm -f libpsl_icu_fuzzer libpsl_icu_load_fuzzer libpsl_icu_load_dafsa_fuzzer Making clean in tests rm -f test-is-public test-is-public-all test-is-cookie-domain-acceptable test-is-public-builtin test-registrable-domain Making clean in msvc Making check in po Making check in include Making check in src CC libpsl_la-psl.lo CC libpsl_la-lookup_string_in_fixed_set.lo CCLD libpsl.la Making check in tools CC psl.o CCLD psl Making check in fuzz CC libpsl_fuzzer.o CC main.o CC libpsl_load_fuzzer.o CC libpsl_load_dafsa_fuzzer.o CCLD libpsl_icu_fuzzer CCLD libpsl_icu_load_fuzzer CCLD libpsl_icu_load_dafsa_fuzzer PASS: libpsl_icu_load_dafsa_fuzzer PASS: libpsl_icu_fuzzer PASS: libpsl_icu_load_fuzzer ============================================================================ Testsuite summary for libpsl 0.21.2 ============================================================================ # TOTAL: 3 # PASS: 3 # SKIP: 0 # XFAIL: 0 # FAIL: 0 # XPASS: 0 # ERROR: 0 ============================================================================ Making check in tests CC test-is-public.o CC test-is-public-all.o CC test-is-cookie-domain-acceptable.o CC test-is-public-builtin.o CC test-registrable-domain.o CCLD test-is-cookie-domain-acceptable CCLD test-is-public-builtin CCLD test-is-public CCLD test-is-public-all CCLD test-registrable-domain PASS: test-is-public-builtin PASS: test-is-public PASS: test-is-cookie-domain-acceptable PASS: test-registrable-domain PASS: test-is-public-all ============================================================================ Testsuite summary for libpsl 0.21.2 ============================================================================ # TOTAL: 5 # PASS: 5 # SKIP: 0 # XFAIL: 0 # FAIL: 0 # XPASS: 0 # ERROR: 0 ============================================================================ Making check in msvc ```

[snyh]

Sorry, I accidentally closed the previous PR (#1850), here is a resubmission.

lazycat.cloud is a Chinese company and is expected to launch global sales in 2025, during which time it will be internationalized. heiyu.space is a module in this product. It mainly assigns an independent ipv6 private address segment to each customer after establishing a VPN channel and binds it to an independent heiyu.space subdomain name. There is complete isolation between different customers. Therefore, we need the form of publicsuffix to avoid cross-domain security issues between different user domain names.

@simon-friedberger

[simon-friedberger]

• [x] Expiration (Note: Must STAY >2y at all times)
  • [x] heiyu.space expires 2031-11-04
• [x] DNS _psl entries (Note: Must STAY in place)
• [x] Tests pass
• [x] Sorting
• [x] Reasoning/Organization description

[snyh]

@simon-friedberger the _psl entry has been updated.