Closed
Bug 286535
Opened 19 years ago
Closed 19 years ago
Implement IDN character blacklist
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
RESOLVED
DUPLICATE
of bug 301694
People
(Reporter: gerv, Assigned: darin.moz)
References
Details
(Whiteboard: [sg:fix])
Independent of bug 286354 (TLD blacklist), we also need a character blacklist to deal with e.g. / homograph spoofing in 3rd and 4th level domains which are not under the control of the registrar. Opera have already got such a list, and we should probably take our cue from what they do. In the long term, hopefully nameprep will get modified to disallow such characters, and/or a consensus will emerge as to a global set. But we need the infrastructure and a limited set of the most nasty characters in place now. Ideally, if a banned character was found then punycode would be displayed for that label, although rejecting the URL altogether is also an option if that's not possible.
Comment 1•19 years ago
|
||
Should this really be a confidential bug? The problem and approach are both public.
Whiteboard: [sg:fix]
Reporter | ||
Comment 3•19 years ago
|
||
*** This bug has been marked as a duplicate of 301694 ***
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•