If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Unicode url scam not noticeable

NEW
Unassigned

Status

()

Firefox for Android
General
18 days ago
12 days ago

People

(Reporter: ideechaniz, Unassigned)

Tracking

55 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

18 days ago
User Agent: Mozilla/5.0 (Android 5.0.1; Mobile; rv:55.0) Gecko/55.0 Firefox/55.0
Build ID: 20170815231002

Steps to reproduce:

 www.аррӏе.com/ is seen as Apple but it really is www.xn--80ak6aa92e.com/ 

That url is informative but other urls could be used for scams.


Actual results:

 www.аррӏе.com/ is seen as Apple but it really is www.xn--80ak6aa92e.com/ 

That url is informative but other urls could be used for scams.


Expected results:

It should show the real address and the expected one when unicode is used.
See Also: → bug 1391421
fwiw, this does not currently affect FF57 because we regressed support for unicode domains in the toolbar - bug 1391421 is there to fix it but I'm not sure what the proper solution should be.
Status: UNCONFIRMED → NEW
Ever confirmed: true
See the desktop version of this bug for an in depth discussion of the problem.
See Also: → bug 1332714
You need to log in before you can comment on or make changes to this bug.