PunyCode Protection

Warns on clicking links and arriving into sites which uses PunyCode.

Autore
jcunews
Installazioni giornaliere
0
Installazioni totali
87
Valutazione
3 0 0
Versione
1.0.4
Creato il
21/04/2017
Aggiornato il
05/04/2021
Licenza
Non disponibile
Applica a
Tutti i siti

This is a protection against PunyCode abuse as described in below article.

https://arstechnica.com/security/2017/04/chrome-firefox-and-opera-users-beware-this-isnt-the-apple-com-you-want/

Notes:

  • Only sites whose host name uses Latin-extended or Latin-like characters, will be warned.

  • When clicking on a static link, confirmation dialog will be triggered only if points to a different site whose host name contains suspicious punycode (as described above).

  • Scripts will still be able to navigate to a possibly fake website in the current tab without triggering the confirmation prompt. However, upon arriving to the website, the user will still be prompted with a confirmation dialog.

  • Scripts that open a possibly fake website in a new tab will trigger the confirmation prompt.