User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.6) Gecko/20050317 Firefox/1.0.2 Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.6) Gecko/20050317 Firefox/1.0.2 typing www.intel or www.amd into the address bar will take you to the respective .com site but display the the url as www.intel or www.and this could be open to abuse for phishing scams in the case of domains with names the same as TLDs such as www.int.com www.int doesn't exist so firefox helpfully tries other TLDs added to the url. it finds www.int.com and loads it but doesn't update the location bar. I presume that if the www.int.com had a subdomain of, say, "unitednations" then using unitednations.int would result in firefox directing you to unitednations.int.com but displaying "unitednations.int" making it look like a genuine international organisation. Reproducible: Always Steps to Reproduce: 1. enter url as www.int or http://www.int 2. hit return Actual Results: www.int.com index page is loaded but www.int is displayed in location bar Expected Results: url in address bar should be updated to reflect the actual address of the site you are visiting. after seeing the "Internationalized Domain Name (IDN) homograph spoofing" bug listed under security fixes I decided to check the "Security" tickbox on this form. apologies in advance if I was wrong to do so.
*** Bug 287812 has been marked as a duplicate of this bug. ***
*** This bug has been marked as a duplicate of 264610 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.