* A better method might be to use a blacklist like
* http://publicsuffix.org/
*
+ * @fixme fails to detect 3-letter top-level domains
+ * @fixme fails to detect 2-letter top-level domains for single-domain use (probably not a big problem in practice, but there are test cases)
+ *
* @param $domain String: the domain to validate
* @param $originDomain String: (optional) the domain the cookie originates from
* @return Boolean
* protocols, because we only want protocols that both cURL
* and php support.
*
+ * @fixme this is wildly inaccurate and fails to actually check most stuff
+ * @fixme do we actually intend to have FTP support here? Does it work consistently?
+ *
* @param $uri Mixed: URI to check for validity
* @returns Boolean
*/