Closed
Bug 315666
Opened 19 years ago
Closed 19 years ago
the escaped IDN is not working
Categories
(Core :: Networking, defect, P1)
Core
Networking
Tracking
()
RESOLVED
DUPLICATE
of bug 309671
mozilla1.9alpha1
People
(Reporter: masayuki, Assigned: masayuki)
Details
(Keywords: intl)
Attachments
(2 files, 1 obsolete file)
|
962 bytes,
text/html; charset=Shift_JIS
|
Details | |
|
3.79 KB,
patch
|
Details | Diff | Splinter Review |
In HTML or XHTML specs, if the value of URI contains non-ASCII character, it should be escaped by UTF-8 encoding. But if we write so, Mozilla don't treat as IDN the URI.
|
Assignee | |
Comment 1•19 years ago
|
||
|
|
Assignee | |
Updated•19 years ago
|
OS: Windows XP → All
Priority: -- → P1
Hardware: PC → All
|
|
Assignee | |
Updated•19 years ago
|
Status: NEW → ASSIGNED
|
||
Comment 2•19 years ago
|
||
This is something we plan to support for Gecko 1.9. It's not something that will make the Gecko 1.8 (Firefox 1.5) release.
Target Milestone: --- → mozilla1.9alpha
|
|
Assignee | |
Comment 3•19 years ago
|
||
Attachment #202351 -
Flags: superreview?(darin)
Attachment #202351 -
Flags: review?(darin)
|
|
Assignee | |
Updated•19 years ago
|
Severity: normal → major
|
|
Assignee | |
Comment 4•19 years ago
|
||
This patch works only escaped by UTF-8.
I think that if we use mOriginCharset, it is not secure.
See the comment that is in the patch.
|
|
Assignee | |
Comment 5•19 years ago
|
||
(In reply to comment #2)
> This is something we plan to support for Gecko 1.9. It's not something that
> will make the Gecko 1.8 (Firefox 1.5) release.
>
Darin, Cannot this go to 1.8.1? This is HTML/XHTML bug too.
|
|
Assignee | |
Updated•19 years ago
|
Flags: blocking1.8.1?
|
|
Assignee | |
Updated•19 years ago
|
Attachment #202351 -
Flags: superreview?(darin)
Attachment #202351 -
Flags: review?(darin)
|
|
Assignee | |
Comment 6•19 years ago
|
||
comments are rewritten.
Attachment #202351 -
Attachment is obsolete: true
Attachment #202354 -
Flags: superreview?(darin)
Attachment #202354 -
Flags: review?(darin)
|
|
Assignee | |
Comment 7•19 years ago
|
||
NOTE for Web Developers:
If you want to write valid IDN URI values in HTML/XHTML documents, please use punycode for host name. This is only way for valid HTML/XHTML documents. Of course, for IDN-less UA, this way is recommended.
|
|
||
Comment 8•19 years ago
|
||
Isn't this bug a duplicate of bug 309671?
|
||
Comment 9•19 years ago
|
||
this does look like a duplicate
|
||
Comment 10•19 years ago
|
||
Yes, it is a dup. The patch on bug 309671 does this too but also catches phishing attempts hidden in the escaped host ... only allowing escaped hosts is pretty dangerous.
How about a superreview for the patches on bug 309671 darin?
|
|
||
Comment 11•19 years ago
|
||
Btw: The first two URLs from the testcase work well with the patches from bug 309671.
|
|
Assignee | |
Updated•19 years ago
|
Attachment #202354 -
Flags: superreview?(darin)
Attachment #202354 -
Flags: review?(darin)
|
|
Assignee | |
Comment 12•19 years ago
|
||
*** This bug has been marked as a duplicate of 309671 ***
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
|
||
Updated•19 years ago
|
Flags: blocking1.8.1?
|
||
Updated•19 years ago
|
Flags: blocking1.8.1+
|
|
||
Updated•18 years ago
|
Flags: blocking1.8.1+
You need to log in
before you can comment on or make changes to this bug.
Description
•