When assigning a new domain name to document.domain, it needs to check the new domain name is more than a top level domain. e.g., 'com', 'co.uk' are not allowed. This is just a short description. I need to do more research on what exactly to support.
I'm unclear what that would do? Besides make it so that your page suddenly couldn't access any domain-based secured information?
Setting your document.domain to "com" or "" will let almost every web site access your DOM, cookies, etc, by setting their document.domain to the same value. Internet Explorer and Firefox prevent web sites from setting their document.domain shorter than an effective TLD + 1 or a "registry controlled" domain. For example, stanford.facebook.com can set its document.domain to "facebook.com" but not to "com". Also, www.hbc.co.uk can set its document.domain to "hbc.co.uk" but not to "co.uk" or to "uk". This restriction is more to prevent web sites from shooting themselves in the foot than to prevent any particular attack.
*** Bug 21318 has been marked as a duplicate of this bug. ***
Bug 21318 has some useful information about this bug.
I'll take a look at bringing a registry-controlled-domain service into WebKit. It does introduce a slight maintenance burden to keep the data file updated, but as long as it's only being used for document.domain restrictions the risk of stale data is only that it won't be as restrictive as it could be; it'll still be safer than now.
<rdar://problem/6266140>