|
|
|
|
|
|
by j4_james
3527 days ago
|
|
|
These rules are designed to prevent you mixing codepoints from different languages, so you couldn't register something that looked like gmail but with the English 'a' replaced with a Cyrillic 'a'. However, if the name you're trying to emulate can be reproduced entirely within another language's character set, you can still impersonate an existing domain. For example, it may surprise you to know that http://www.еа.com and http://www.ea.com are two different websites, despite the URLs appearing identical. Edge at least renders the IDN version in its punycode form, but in Firefox and Chrome the URLs are indistinguishable. It's quite possible that's a result of my messing with the IDN settings in the past, though - I'm curious what others see for those links. |
|
|
Interestingly, Firefox 46 does show them both in non-Punycode form in the address bar (so they both look the same) while Safari 9 doesn’t¹; it shows the first URI as its Punycode representation.
――――――
¹ — http://i.imgur.com/rrNVlIj.png