Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zimbatm/hostnames-and-usernames-to-reserve

Blacklist of hostnames and users all PaaS should use
https://github.com/zimbatm/hostnames-and-usernames-to-reserve

Last synced: about 2 months ago
JSON representation

Blacklist of hostnames and users all PaaS should use

Host: GitHub
URL: https://github.com/zimbatm/hostnames-and-usernames-to-reserve
Owner: zimbatm
Created: 2015-11-28T14:27:51.000Z (almost 9 years ago)
Default Branch: master
Last Pushed: 2023-12-15T11:48:32.000Z (9 months ago)
Last Synced: 2024-01-23T09:04:18.060Z (8 months ago)
Language: HTML
Homepage: https://zimbatm.github.io/hostnames-and-usernames-to-reserve/
Size: 14.6 KB
Stars: 61
Watchers: 5
Forks: 4
Open Issues: 1
Metadata Files:
- Readme: README.adoc

Awesome Lists containing this project

README

        = Hostnames and usernames to reserve

If you're developing or installing a service with accounts,

this is a list of hostnames and usernames that you should deny.

All the credit goes to Geoffrey Thomas who also gives a good explanation of

why you should adopt such list in his blog post:

https://ldpreload.com/blog/names-to-reserve

Please make sure to read that to understand that this blacklist is only one part of the protection needed to avoid issues like domain-level cookies.

If you see any omission in the list, send me a https://github.com/zimbatm/hostnames-and-usernames-to-reserve/pulls[PR].

== The username format

For the sake of forward-compatiblity (and keeping the blacklist small), all usernames should only allow ASCII-only hostname-like names.

In regexp format: `/^[a-z]([a-z0-9-]*[a-z0-9])?$/`

== The list file format

Each line is either an empty line, a comment or a username.

A comment line starts with a # character.

Usernames can also be duplicated if they belong to different categories.

Or if you want to import the list programmatically here is the

https://en.wikipedia.org/wiki/Extended_Backus%E2%80%93Naur_Form[EBNF] format:

[source,ebnf]

----

cr = "\n";

not-cr = all characters - cr;

comment = "#", { not-cr } ;

username = all characters - "#" , { not-cr } ;

line = ( comment | username | ), cr ;

grammar = { line } ;

----

== The list

link:names-to-reserve.txt[Link because Github doesn't support asciidoc includes]

[source,ruby]

----

include::names-to-reserve.txt[]

----

== License

Copyright and related rights waived via https://creativecommons.org/publicdomain/zero/1.0/[CC0]