Closed Bug 1463219 Opened 6 years ago Closed 6 years ago

Homograph attack not solved: Xudong Zhengs - apple.com

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
59 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1332714

People

(Reporter: roedinger, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0
Build ID: 20180427210249

Steps to reproduce:

I used the proof of concept link of the original founder of this bug.
https://www.xudongz.com/blog/2017/idn-phishing/


Actual results:

The URL of this link is shown as https secured: apple.com

(Btw. i was shocked)


Expected results:

URL should be in punycode, especially this site.
(If this goes public, your security reputation is done for.)
https://www.xudongz.com/blog/2017/idn-phishing/ contains a direct link to the bug 1332714.
There is no need to report issue twice.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.