Page 1 of 1
Chrome & Firefox Phish Attack Uses Domains Identical to
Posted: Sat Apr 15, 2017 11:37 am
by therube
Re: Chrome & Firefox Phish Attack Uses Domains Identical to
Posted: Sat Apr 15, 2017 8:11 pm
by fatboy
If to switch network.IDN_show_punycode;true, the Cyrillic domains are displayed incorrectly:
http://xn--80agdepgfuajcazx2e.xn--p1ai/ instead of http://антонгородецкий.рф/ even if network.IDN.use_whitelist;true
and network.IDN.whitelist.xn - p1ai;true.
It is possible to use
network.IDN.restriction_profile;strict
Re: Chrome & Firefox Phish Attack Uses Domains Identical to
Posted: Tue Apr 18, 2017 1:19 am
by therube
Re: Chrome & Firefox Phish Attack Uses Domains Identical to
Posted: Thu Apr 20, 2017 8:09 pm
by yes_noscript
Pale Moon unstable add a about:config setting to controll that:
Added an option to display punycode domain for IDN websites to combat phishing.
Preference: browser.identity.display_punycode
0 = Display IDN name in identity panel (previous behavior)
1 = Display punycode name for DV SSL domains (default)
2 = Also display punycode for HTTP sites if IDN name used
from
https://www.palemoon.org/unstable/releasenotes.shtml