Re: [idn] space-like unicode char
Soobok Lee <lsb@lsb.org> Sun, 20 February 2005 06:15 UTC
Received: from psg.com (mailnull@psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA13170 for <idn-archive@lists.ietf.org>; Sun, 20 Feb 2005 01:15:13 -0500 (EST)
Received: from majordom by psg.com with local (Exim 4.44 (FreeBSD)) id 1D2kGJ-0005Mw-NY for idn-data@psg.com; Sun, 20 Feb 2005 06:08:11 +0000
Received: from [211.196.150.53] (helo=postel5.postel.co.kr) by psg.com with esmtp (Exim 4.44 (FreeBSD)) id 1D2kGI-0005Mh-OC for idn@ops.ietf.org; Sun, 20 Feb 2005 06:08:10 +0000
Received: from [10.1.1.21] ([211.217.233.223]) by postel5.postel.co.kr (8.13.0.PreAlpha4/8.13.0.PreAlpha4) with ESMTP id j1K688JR003494; Sun, 20 Feb 2005 15:08:09 +0900
Message-ID: <42182948.1070403@lsb.org>
Date: Sun, 20 Feb 2005 15:08:08 +0900
From: Soobok Lee <lsb@lsb.org>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Soobok Lee <lsb@lsb.org>
CC: idn@ops.ietf.org
Subject: Re: [idn] space-like unicode char
References: <42181FD5.3070608@lsb.org>
In-Reply-To: <42181FD5.3070608@lsb.org>
Content-Type: text/plain; charset="EUC-KR"
Content-Transfer-Encoding: 7bit
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on psg.com
X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_05, RCVD_IN_NJABL_PROXY autolearn=no version=3.0.1
Sender: owner-idn@ops.ietf.org
Precedence: bulk
Content-Transfer-Encoding: 7bit
For those who do not have a webserver: plz copy this url into your MSIE
addressbar .
javascript:void(window.open(unescape("http://www.microsoft.com%u2044%u1160%u1160.uni.cc/"),"_self"))
You will see an error page if you have recent MSIE patch.
Soobok
Soobok Lee wrote:
> You can paste this html/javascript codelet to an html file in your
> webserver and see in your MSIE brower.
> You will see "www.microsoft.com" isolated in the addressbar from the
> "mozilla.org" domain suffix.
> Fortunately, you will see blank space (no phishing page) if you have
> recent IE patch.
> This won't work in firefox 1.x which strips off those special chars
> for unknow reasons before sending to
> the address bar.
>
> <script>
> window.open(unescape("http://www.microsoft.com%u1160%u1160%u1160%u1160%u1160%u1160.mozilla.org/"),"_blank");
>
> </script>
>
> U+1160 is a space-like char and even stringprep/nameprep does not
> filter it out because
> the char is not for punctuational purpose.
> U+1160 is just one example, and i guess there may be many alternatives
> that can be
> used as blank char alternatives.
>
> U+1160 in the above example is placed in the 3rd level domain name label,
> over which .org registry cannot impose any regulations.
>
> Soobok Lee
- [idn] combining marks and space-like unicode char Soobok Lee
- Re: [idn] space-like unicode char Soobok Lee
- [idn] space-like unicode char Soobok Lee
- Re: [idn] space-like unicode char Erik van der Poel
- Re: [idn] space-like unicode char Erik van der Poel
- Re: [idn] space-like unicode char Soobok Lee
- Re: [idn] space-like unicode char Soobok Lee