* A better method might be to use a blacklist like
* http://publicsuffix.org/
*
- * @fixme fails to detect 3-letter top-level domains
- * @fixme fails to detect 2-letter top-level domains for single-domain use (probably not a big problem in practice, but there are test cases)
+ * @todo fixme fails to detect 3-letter top-level domains
+ * @todo fixme fails to detect 2-letter top-level domains for single-domain use (probably not a big problem in practice, but there are test cases)
*
* @param $domain String: the domain to validate
* @param $originDomain String: (optional) the domain the cookie originates from