Look-Alike Domains and Visual Confusion
-
- Administrator
- Posts: 12603
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Look-Alike Domains and Visual Confusion
Unlike other browsers, Firefox doesn't make it easy to recognise URLs that use unicode names that look like English domain names. You can fix this by typing
about:config
into the address bar. Then search for punycode and set
network.IDN_show_punycode
to be true.
Look-Alike Domains and Visual Confusion
about:config
into the address bar. Then search for punycode and set
network.IDN_show_punycode
to be true.
Look-Alike Domains and Visual Confusion
StuartR
-
- Administrator
- Posts: 78437
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Look-Alike Domains and Visual Confusion
Thanks, I immediately applied the change!
Best wishes,
Hans
Hans
-
- gamma jay
- Posts: 25455
- Joined: 17 Mar 2010, 17:33
- Location: Cape Town
Re: Look-Alike Domains and Visual Confusion
TX Stuart! Updated.
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
Rudi
If your absence does not affect them, your presence didn't matter.
-
- 4StarLounger
- Posts: 564
- Joined: 24 Jan 2010, 16:02
- Location: Recently moved to Bracebridge - in the heart of Muskoka.
Re: Look-Alike Domains and Visual Confusion
Thank you Stuart.
John
A Child's Mind, Once Stretched by Imagination...
Never Regains Its Original Dimensions
A Child's Mind, Once Stretched by Imagination...
Never Regains Its Original Dimensions
-
- Panoramic Lounger
- Posts: 8166
- Joined: 25 Jan 2010, 09:09
- Location: retirement
Re: Look-Alike Domains and Visual Confusion
Thanks, got that one nailed down now.
Ken
Ken
-
- UraniumLounger
- Posts: 9269
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: Look-Alike Domains and Visual Confusion
thanks, Stuart!!
I made the change and rebooted Fx, but I was wondering if a reboot is necessary after an about:config change<?
I made the change and rebooted Fx, but I was wondering if a reboot is necessary after an about:config change<?
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 12603
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Look-Alike Domains and Visual Confusion
A simple test shows that a restart of Firefox is not needed.
Navigate to https://www.са.com/
Toggle the setting and refresh the page.
It will either display http://www.ca.com" onclick="window.open(this.href);return false; or http://www.xn--80a7a.com" onclick="window.open(this.href);return false; depending on the setting.
Navigate to https://www.са.com/
Toggle the setting and refresh the page.
It will either display http://www.ca.com" onclick="window.open(this.href);return false; or http://www.xn--80a7a.com" onclick="window.open(this.href);return false; depending on the setting.
StuartR
-
- Administrator
- Posts: 7209
- Joined: 15 Jan 2010, 22:52
- Location: Middle of England
Re: Look-Alike Domains and Visual Confusion
And thanks from me, too!
Also always worth remembering that hovering your cursor over a URL tends to render the final destination bottom left of the Firefox screen:
Also always worth remembering that hovering your cursor over a URL tends to render the final destination bottom left of the Firefox screen:
You do not have the required permissions to view the files attached to this post.
Leif
-
- Administrator
- Posts: 12603
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Look-Alike Domains and Visual Confusion
Yes, Leif, I had noticed that it displays the punycode version in that destination hint, but that would be easy to overcome by using a redirection service like bit.ly, or even a facebook link
StuartR
-
- PlatinumLounger
- Posts: 5408
- Joined: 24 Jan 2010, 08:33
- Location: A cathedral city in England
Re: Look-Alike Domains and Visual Confusion
Err - I can't find "punycode" on 58.0.2...?
John Gray
"(or one of the team)" - how your appointment letter indicates you won't be seeing the Consultant...
"(or one of the team)" - how your appointment letter indicates you won't be seeing the Consultant...
-
- Administrator
- Posts: 12603
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Look-Alike Domains and Visual Confusion
That's surprising. I am also running Firefox 58.0.2John Gray wrote:Err - I can't find "punycode" on 58.0.2...?
You do not have the required permissions to view the files attached to this post.
StuartR
-
- PlatinumLounger
- Posts: 5685
- Joined: 24 Jan 2010, 19:16
- Location: Cape Cod, Massachusetts,USA
Re: Look-Alike Domains and Visual Confusion
Punycode applied. Thanks Stuart.
BOB
______________________________________
If I agreed with you we'd both be wrong.
______________________________________
If I agreed with you we'd both be wrong.
-
- PlatinumLounger
- Posts: 5408
- Joined: 24 Jan 2010, 08:33
- Location: A cathedral city in England
Re: Look-Alike Domains and Visual Confusion
First time I tried using Edit -> Find.StuartR wrote:That's surprising. I am also running Firefox 58.0.2John Gray wrote:Err - I can't find "punycode" on 58.0.2...?
Using Search works.
Ho-hum...
John Gray
"(or one of the team)" - how your appointment letter indicates you won't be seeing the Consultant...
"(or one of the team)" - how your appointment letter indicates you won't be seeing the Consultant...
-
- 4StarLounger
- Posts: 564
- Joined: 24 Jan 2010, 16:02
- Location: Recently moved to Bracebridge - in the heart of Muskoka.
Re: Look-Alike Domains and Visual Confusion
Stuart's tweak works as advertised in Firefox, but Chrome goes a step further. Clicking on the same link brings up a page that tells me that this is a fake site and that the site is NOT ca.com. The address bar also shows that the site is actually http://www.xn--80a7a.com" onclick="window.open(this.href);return false;.StuartR wrote:A simple test shows that a restart of Firefox is not needed.
Navigate to https://www.са.com/
Toggle the setting and refresh the page.
It will either display http://www.ca.com" onclick="window.open(this.href);return false; or http://www.xn--80a7a.com" onclick="window.open(this.href);return false; depending on the setting.
John
A Child's Mind, Once Stretched by Imagination...
Never Regains Its Original Dimensions
A Child's Mind, Once Stretched by Imagination...
Never Regains Its Original Dimensions
-
- Administrator
- Posts: 7209
- Joined: 15 Jan 2010, 22:52
- Location: Middle of England
Re: Look-Alike Domains and Visual Confusion
Good point - you are quite right!StuartR wrote:Yes, Leif, I had noticed that it displays the punycode version in that destination hint, but that would be easy to overcome by using a redirection service like bit.ly, or even a facebook link
Leif
-
- Administrator
- Posts: 12603
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Look-Alike Domains and Visual Confusion
That message is not created by Firefox, it comes from the site http://www.xn--80a7a.com" onclick="window.open(this.href);return false;, which is rendered as http://www.ca.com" onclick="window.open(this.href);return false; in the address bar if you don't enable the punycode.Rebel wrote:Stuart's tweak works as advertised in Firefox, but Chrome goes a step further. Clicking on the same link brings up a page that tells me that this is a fake site and that the site is NOT ca.com. The address bar also shows that the site is actually http://www.xn--80a7a.com" onclick="window.open(this.href);return false;.
StuartR