It seems that pgs.sh relies entirely on DNS records to figure out which project to serve for a custom domain. This means that, given a site hosted on pgs.sh, anyone can:
- Run
dig the.domain.com to confirm that a CNAME record indeed points to pgs.sh,
- Run
dig _pgs.the.domain.com TXT to obtain the username and project name for that site,
- Create their own domain (such as
i-am-a-bad-person.com) with matching records to point at the target project (per pgs.sh docs), then
- Misdirect users to their domain instead of the canonical one.
Is this permissiveness intentional?
If not, or if there is some utility in allow-listing specific domains for the project (I'm no expert, but it seems misleading domain names could be a concern), could such a mechanism be added? Perhaps a special .domains or _domains file, with a list of valid canonical domains separated by newlines, similar to Codeberg Pages?
It seems that pgs.sh relies entirely on DNS records to figure out which project to serve for a custom domain. This means that, given a site hosted on pgs.sh, anyone can:
dig the.domain.comto confirm that aCNAMErecord indeed points topgs.sh,dig _pgs.the.domain.com TXTto obtain the username and project name for that site,i-am-a-bad-person.com) with matching records to point at the target project (per pgs.sh docs), thenIs this permissiveness intentional?
If not, or if there is some utility in allow-listing specific domains for the project (I'm no expert, but it seems misleading domain names could be a concern), could such a mechanism be added? Perhaps a special
.domainsor_domainsfile, with a list of valid canonical domains separated by newlines, similar to Codeberg Pages?