[pgs.sh] Any domain may serve any project

[AverageHelper]

It seems that pgs.sh relies entirely on DNS records to figure out which project to serve for a custom domain. This means that, given a site hosted on pgs.sh, anyone can:

1. Run dig the.domain.com to confirm that a CNAME record indeed points to pgs.sh,
2. Run dig _pgs.the.domain.com TXT to obtain the username and project name for that site,
3. Create their own domain (such as i-am-a-bad-person.com) with matching records to point at the target project (per pgs.sh docs), then
4. Misdirect users to their domain instead of the canonical one.

Is this permissiveness intentional?

If not, or if there is some utility in allow-listing specific domains for the project (I'm no expert, but it seems misleading domain names could be a concern), could such a mechanism be added? Perhaps a special .domains or _domains file, with a list of valid canonical domains separated by newlines, similar to Codeberg Pages?

[neurosnap]

Hi!

Is this intended behavior?

Yes, the goal was to make custom domains as simple as possible -- no configuration required inside of pgs.sh.

We see this as no different than someone having a domain point to an IP address of a known website they do not own or manage.

Having said said that, we could design an allowlist of custom domains for pgs.sh.

[AverageHelper]

Fair enough! A simple config is super great tbh, and a valid default. An optional allowlist would be nice for the paranoid among us, tho that's not a dealbreaker for me using the platform.

[neurosnap]

Great, I'll add it to our shortlist.