PunyCode Protection

Warns on clicking links and arriving into sites which uses PunyCode.

Author
jcunews
Daily installs
0
Total installs
43
Ratings
0 0 0
Version
1.0.3
Created
Updated
License
N/A
Applies to
All sites

Author's Description

This is a protection against PunyCode abuse as described in below article.

https://arstechnica.com/security/2017/04/chrome-firefox-and-opera-users-beware-this-isnt-the-apple-com-you-want/

Notes:

  • Only sites whose host name uses Latin-extended or Latin-like characters, will be warned.

  • When clicking on a static link, confirmation dialog will be triggered only if points to a different site whose host name contains suspicious punycode (as described above).

  • Scripts will still be able to navigate to a possibly fake website in the current tab without triggering the confirmation prompt. However, upon arriving to the website, the user will still be prompted with a confirmation dialog.

  • Scripts that open a possibly fake website in a new tab will trigger the confirmation prompt.