Open source Firefox extension to control cross-site requests.

Risk of Trusting Subdomains

The general risk is based around the fact that it is possible for a site to direct traffic for a subdomain of theirs to a different company's IP address.

This could be used to send client request for to a content distribution network used by, or to direct traffic for to a company that serves ads for This situation appears to be fairly uncommon at the current time. This is a real threat to privacy and is currently in use on various popular sites.

Aside from possible privacy issues, attackers can also use this technique. For example, if you visit, there may be attacks launched from that site which target your private network (the network behind your router and likely within your firewall). It could do this by using a subdomain such as whose IP address resolves as a private network address such as

The same technique could be used to attack sites not on your local network by pointing a subdomain to the IP address of another server not affiliated with In such a case, your browser will not send along cookies that belong to the other site because the name being used is rather than the name of other other site. This makes the attack less useful in most situations.

RequestPolicy will likely implement protection against such attacks on a local network in a future release even without the need to use stricter domain classification than registered domain name.

© 2008-2012 Justin Samuel