Closed
Bug 842282
Opened 11 years ago
Closed 11 years ago
Remove network.enableIDN pref
Categories
(Core :: Networking: DNS, defect)
Core
Networking: DNS
Tracking
()
RESOLVED
FIXED
mozilla22
People
(Reporter: gerv, Assigned: smontagu)
References
Details
Attachments
(1 file)
|
9.75 KB,
patch
|
mayhemer
:
review+
|
Details | Diff | Splinter Review |
dveditz writes: "If you set "network.enableIDN" to false then non-ascii URLs will simply fail to load, disenfranchising many legitimate sites around the world." I don't see that this pref has a legitimate use, given the existence of the "network.IDN_show_punycode" pref, which means that the URLs still load but show punycode. Switching it breaks a large chunk of the web. We should remove network.enableIDN entirely. Gerv
|
Assignee | |
Comment 1•11 years ago
|
||
Attachment #715167 -
Flags: review?(honzab.moz)
|
||
Updated•11 years ago
|
Attachment #715167 -
Flags: review?(honzab.moz) → review+
|
||
Comment 2•11 years ago
|
||
I believe this is a very useful setting, which we should maintain.
|
Reporter | |
Comment 3•11 years ago
|
||
3ric: can you explain why anyone would want to use this setting rather than network.IDN_show_punycode ? As a reminder: network.IDN_show_punycode displays all IDNs as punycode (to most people, a random jumble of Arabic numerals and Latin letters) network.disableIDN breaks big chunks of the web by not allowing users to connect to any site with an IDN domain. Unless you think _all_ IDN domains are suspicious and that the entire world should just keep using domain names in ASCII, then surely it's not a good idea to set the latter pref? If you do think that, then imagine how you would feel if the Chinese had invented the Internet and, up to now, all domain names had been in Chinese characters... Gerv
|
|
||
Comment 4•11 years ago
|
||
We've had a hard time with IDN related settings which function properly. While I agree this is a large switch disables the whole hot mess, it may be the only option when faced with vulnerabilities and active ongoing attacks. For example, does show_punycode really show the punycode in every dialog box and screen? (eg the ssl cert details? on every platform, language settings, etc?)
|
|
Reporter | |
Comment 5•11 years ago
|
||
(In reply to 3ric Johanson from comment #4) > For example, does show_punycode really show the punycode in every dialog box > and screen? (eg the ssl cert details? on every platform, language settings, > etc?) smontagu: is that the desired behaviour of this pref, or does it cover only the URL bar? If this is the desired behaviour, then any exception is a bug - so if you find somewhere like that, please do file one and we can look at it. Gerv
|
|
Assignee | |
Comment 6•11 years ago
|
||
Yes, definitely that's the desired behaviour, and any exception is a bug.
|
|
Reporter | |
Comment 7•11 years ago
|
||
Great. So 3ric - if you find any point in the Firefox UI where you still see the Unicode presentation of an IDN when the show_punycode pref is set to true, then please file a bug and make sure both I and smontagu are CCed on it. We will look at it with alacrity. Thank you :-) Gerv
|
|
||
Comment 8•11 years ago
|
||
ok, I looked at this for a bit: - DisableIDN in fact doesn't. heh. It disables some internal resolution of unicode to an accessible server, but it still shows unicode in the address bar. - show_punycode seems to perform as I would expect, but I can't find a functional ssl site anywhere to test that on. The cert I had expired years ago.
|
|
Assignee | |
Comment 9•11 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/68c9d630a2cf
|
||
Comment 10•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/68c9d630a2cf
Assignee: nobody → smontagu
Status: NEW → RESOLVED
Closed: 11 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla22
You need to log in
before you can comment on or make changes to this bug.
Description
•