Closed Bug 842282 Opened 10 years ago Closed 10 years ago

Remove network.enableIDN pref

Categories

(Core :: Networking: DNS, defect)

Product:
Core
Component:
Networking: DNS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla22

People

(Reporter: gerv, Assigned: smontagu)

References

Details

Attachments

(1 file)

Patch
9.75 KB, patch
mayhemer
: review+
Details | Diff | Splinter Review 
dveditz writes:

"If you set "network.enableIDN" to false then non-ascii URLs will simply fail to load, disenfranchising many legitimate sites around the world."

I don't see that this pref has a legitimate use, given the existence of the "network.IDN_show_punycode" pref, which means that the URLs still load but show punycode. Switching it breaks a large chunk of the web. We should remove network.enableIDN entirely.

Gerv
Attached patch PatchSplinter Review 

        Attachment #715167 -
        Flags: review?(honzab.moz)

        Attachment #715167 -
        Flags: review?(honzab.moz) → review+

    
    

    
  
I believe this is a very useful setting, which we should maintain.

    
    

    
  
3ric: can you explain why anyone would want to use this setting rather than network.IDN_show_punycode ?

As a reminder:

network.IDN_show_punycode displays all IDNs as punycode (to most people, a random jumble of Arabic numerals and Latin letters)

network.disableIDN breaks big chunks of the web by not allowing users to connect to any site with an IDN domain.

Unless you think _all_ IDN domains are suspicious and that the entire world should just keep using domain names in ASCII, then surely it's not a good idea to set the latter pref?

If you do think that, then imagine how you would feel if the Chinese had invented the Internet and, up to now, all domain names had been in Chinese characters...

Gerv

    
    

    
  
We've had a hard time with IDN related settings which function properly.  While I agree this is a large switch disables the whole hot mess, it may be the only option when faced with vulnerabilities and active ongoing attacks. 

For example, does show_punycode really show the punycode in every dialog box and screen? (eg the ssl cert details? on every platform, language settings, etc?)

    
    

    
  
(In reply to 3ric Johanson from comment #4)
> For example, does show_punycode really show the punycode in every dialog box
> and screen? (eg the ssl cert details? on every platform, language settings,
> etc?)

smontagu: is that the desired behaviour of this pref, or does it cover only the URL bar?

If this is the desired behaviour, then any exception is a bug - so if you find somewhere like that, please do file one and we can look at it.

Gerv

    
    

    
  
Yes, definitely that's the desired behaviour, and any exception is a bug.

    
    

    
  
Great. So 3ric - if you find any point in the Firefox UI where you still see the Unicode presentation of an IDN when the show_punycode pref is set to true, then please file a bug and make sure both I and smontagu are CCed on it. We will look at it with alacrity. Thank you :-)

Gerv

    
    

    
  
ok, I looked at this for a bit: 

 - DisableIDN in fact doesn't. heh.  It disables some internal resolution of unicode to an accessible server, but it still shows unicode in the address bar. 

 - show_punycode seems to perform as I would expect, but I can't find a functional ssl site anywhere to test that on.  The cert I had expired years ago.

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/68c9d630a2cf
Assignee: nobody → smontagu
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla22

    
  
Depends on: 892370

          You need to log in
          before you can comment on or make changes to this bug.