Closed Bug 704089 Opened 9 years ago Closed 9 years ago
Enable IDN Display for .срб
User Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C) Steps to reproduce: Enter IDN domain names .срб ( xn--90a3ac ) Actual results: Firefox display punicode, only. Expected results: Firefox display IDN domain name.
Gerv, do you handle these, or someone else?
Status: UNCONFIRMED → NEW
Component: General → Networking
Ever confirmed: true
QA Contact: general → networking
bz: jothan is first point of contact these days. Gerv
Component: Networking → Networking: Domain Lists
OS: Windows 7 → All
QA Contact: networking → networking.domain-lists
Hardware: x86 → All
While Mozilla uses the whitelist TLD process for mixed script security on cookies and location bar rendering, the presence of Cyrillic and Latin combined in a mixed script string is problematic. In reviewing the policy and codepoints, I note that there is not any policy about mixed script registration, and there are present a number of visually identical characters in particular between Cyrillic and Latin (LDH) characters. Example : The example of paypal in mixed script confusable is www.pаypal.срб [www.xn--pypal-4ve.xn--90a3ac] seems possible under currently defined policy at registry.
Mixed script is not allowed in .срб. Only Serbian Cyrillic characters are alowed. The princip is the same as .рф. [www.xn--pypal-4ve.xn--90a3ac] is not possible. There is no l in Serbian Cyrillic. p, a, y are visually identical characters, but different characters with different codes. Same as Russian .рф.
Thank you for clarifying that there is NO MIXED script registration under .срб. Tomislav. I apparently misread LDH as being also allowed, I apologize for any grief. While caxap or other whole-string situations where a string could be composed of characters that could spell something appearing to look like Latin, it is entirely unlikely in the presence of a Cyrillic only policy that these would be mistaken, and “рачра1” would not be so visually similar it would confuse anyone, IMHO. At this time, I propose it be added, and I will work on the patch file(s) required. In following our process, could I please have two votes of approval from within our development community?
Status: NEW → ASSIGNED
If only Serbian Cyrillic is allowed, then that's fine. Gerv
Duplicate of this bug: 721720
Any news about this? When do we can expect the patch?
Guys, PLEASE fix this as soon as possible - .срб TLD went public today!! http://www.rnids.rs/en/what-s-new/srb-domain-registration-begins/id/3428 Here's the info requested here http://www.mozilla.org/projects/security/tld-idn-policy-list.html for .срб TLD: - TLD: .срб (.xn--90a3ac) - Registry (RNIDS) homepage: http://rnids.rs - Rulebook on .срб sunrise: http://rnids.rs/data/DOKUMENTI/Rules-commencement-SRB.pdf - Rulebook on registration of .срб domains: http://rnids.rs/data/DOKUMENTI/RegistrationSRB.pdf (permitted character set defined in Article 2(3), also on IANA site http://www.iana.org/domains/idn-tables/tables/rs_sr-rs_1.0.pdf) You can contact Mr. Tomislav Ciganovic (email@example.com), CTO of RNIDS, for any further clarification. Thanks, Sloba
Assignee: nobody → gerv
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla13
Comment on attachment 600872 [details] [diff] [review] Patch v.1 [Approval Request Comment] User impact if declined: IDNs not working (displaying as gibberish) in relevant domain. Testing completed (on m-c, etc.): Policy rather than code change; but patch has baked over the weekend. Risk to taking this patch (and alternatives if risky): Very low. String changes made by this patch: None. Gerv
Comment on attachment 600872 [details] [diff] [review] Patch v.1 [Triage Comment] Assuming this has gone through all the proper processes, approving for Aurora 12 and Beta 11. We do not expect to see any regressions caused by this patch which, as Gerv notes, is really just policy change.
Is there anything QA can do to verify this fix?
You need to log in before you can comment on or make changes to this bug.