Hacker News new | ask | show | jobs
by jffry 1577 days ago
Yes, and what the parent post was suggesting was that GitHub would have you use a CNAME to point your DNS entry to a unique FQDN (that it can tie back to your specific repo) instead of an IP, which would centrally prevent this issue without relying upon every single user to act perfectly.
2 comments
bombcar 1577 days ago
A CNAME like the ones AWS load balancers give you would also give GitHub the flexibility to change IPs as necessary.
link
RKearney 1576 days ago
They would need a unique IP for every single repo. While this isn't a problem for IPv6, it is completely unrealistic for IPv4.

When github.example.com is configured as a CNAME to my-gh-page.my-repo.github.com, the IP that is returned will have no idea that it's my-gh-page.my-repo.github.com that is being requested as github.example.com will be what is sent in the Host header and part of the TLS SNI.

EDIT: I misunderstood what OP was suggesting. Pointing a CNAME to a repo specific domain name would work only if that name is removed after the repo goes away. As previously mentioned, this should not be Github's responsibility and it is a domain owners responsibility to properly maintain their records.

link
01acheru 1576 days ago
> They would need a unique IP for every single repo

I don't think this is true. If your CNAME myghpage.example.com points to <somerandomstuff>.github.com which then routes you appropriately, all Github has to do is remove that <somerandomstuff> subdomain when you delete the page and that's it, myghpage.example.com will fail to resolve and you're safe.

This would work even if Github only had a single public IP address.

edit: The issue with Github pages is that they make you point your CNAME to something.github.io not something.youraccount.github.io, so anyone can recreate something.github.io after you delete it. If they simply created the pages as something.youraccount.github.io you would be safer, unless you lose your account name. That's why the random subdomain is preferable.

link
loo 1576 days ago
That's not the case. Generate a unique ID on activation. Ask us to CNAME => <unique-id>.pages.github.tld. Drop the record when page is deactivated. Sorted.
link