[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#25600: 26.0.50; shr doesn't heed the IDNA non-obfuscation rules
From: |
Lars Ingebrigtsen |
Subject: |
bug#25600: 26.0.50; shr doesn't heed the IDNA non-obfuscation rules |
Date: |
Wed, 01 Feb 2017 16:03:32 +0100 |
If you view the following HTML, shr will (on mouseover etc) display the
domain as something that looks like "www.microsoft.com", when it's
really an IDNA domain with a cyrillic letter in the middle.
I thought eww/shr had fixed this everywhere, but apparently it's just in
the eww header line. shr should also apply the same rules (for mixing
latin and non-latin characters) and display the link as
"www.xn--mirsft-yqfbx.com" or something. Perhaps with a warning, even.
EDIT:It doesn't 'disable' as such, but renders the 'punycode' in full, so a fake 'http://www.miсrоsоft.com' is rendered as instead 'http://www.xn--mirsft-yqfbx.com'.
For comparison, here's fake on top of real (not in monospace since it destroys the illusion):
http://www.miсrоsоft.com
http://www.microsoft.com
In GNU Emacs 26.0.50.1 (x86_64-unknown-linux-gnu, GTK+ Version 3.14.5)
of 2017-01-30 built on stories
Repository revision: ab96c8509736a7ed622916ad2749ff356e520d02
Windowing system distributor 'The X.Org Foundation', version 11.0.11604000
System Description: Debian GNU/Linux 8.6 (jessie)
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#25600: 26.0.50; shr doesn't heed the IDNA non-obfuscation rules,
Lars Ingebrigtsen <=