Closed
Bug 288667
Opened 19 years ago
Closed 19 years ago
Cyrillic characters in domain name allow direction to a false site.
Categories
(SeaMonkey :: Security, defect)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 279099
People
(Reporter: smokinjoe, Assigned: dveditz)
Details
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:1.7.6) Gecko/20050319 Build Identifier: Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:1.7.6) Gecko/20050319 Mozilla (gecko/khtml)browsers place correct English letters in address bar, but the use of Cyrillic characters (not properly displayed ) in URL can direct user to an alternate site. This type of character decoding is an automatic function, and can only be checked by the user if the link source code is examined. The incorporation of non-latin characters in domain name invites misinterpretation and could be used by "Phishers/Pharmers" for information theft. Possible disabling of the IDN function may solve the problem. Ie. www.pàypal.com = www.paypal.com Reproducible: Always
Assignee | ||
Comment 1•19 years ago
|
||
This is an April's fools joke, right? Please search for duplicates before filing bugs, ESPECIALLY when filing bugs based on widely disseminated press reports. *** This bug has been marked as a duplicate of 279099 ***
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Updated•19 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•