Fix: get the top-level hostname

[gilluminate]

Closes PROD-2126

Description Of Changes

IP addresses and top level hostnames that included multiple TLDs (like co.uk) were not working for setting a Fides Cookie.

This fix update cookie setter to guarantee highest level domain allowed to set cookie. It relies on browser's own methods to determine viable domain.

Code Changes

• Loop through parts of hostname backwards until cookie gets set.
• Validate the cookie gets set and stop looping

Steps to Confirm

• Update /etc/hosts on your local machine to include new line:
  127.0.0.1 privacy.example.co.uk
• Fire up privacy center on localhost
• Instead of visiting localhost, visit http://privacy.example.co.uk:3001/fides-js-demo.html
• In the banner/modal make a selection that will set the cookie
• Verify that the cookie was set with domain example.co.uk
• repeat for the IP address http://127.0.0.1:3001/fides-js-demo.html and ensure that works.

(domains like www.fides.com and localhost should continue working with this enhancement in place)

Pre-Merge Checklist

• All CI Pipelines Succeeded
• Documentation:
  • documentation complete, PR opened in fidesdocs
  • documentation issue created in fidesdocs
  • if there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
• Issue Requirements are Met
• Relevant Follow-Up Issues Created
• Update CHANGELOG.md

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
fides-plus-nightly	⬜️ Ignored (Inspect)	Visit Preview		May 30, 2024 10:49pm

[cypress]

Passing run #8019 ↗︎

0	4	0	0	0
⚠️ You've recorded test results over your free plan limit. Upgrade your plan to view test results.

Details:

Merge d613d17 into 06d373c...
Project: fides	Commit: 50223d5965 ℹ️
Status: Passed	Duration: 00:33 💡
Started: May 30, 2024 11:00 PM	Ended: May 30, 2024 11:01 PM

Review all test suite changes for PR #4935 ↗︎

[NevilleS]

nitpicky style/questions in there, but looks reasonable!

[NevilleS]

All just nits! 👍

[NevilleS]

If this exits and fails to save a cookie, what should we do?

[gilluminate]

I wondered about throwing an error, but I thought the only real world scenario where this happens is if the browser is blocking 1st party cookies. Should we do something a little more invasive, like a browser alert to let the user know it's not going to work?

[gilluminate]

Actually, I propose we solve that separately. fides.js should probably check to see if cookies can be written prior to showing a banner at all. We should be thoughtful about how we want to handle it in that initialization phase.