PunyCode Protection

Warns on clicking links and arriving into sites which uses PunyCode.

Author
jcunews
Daily installs
0
Total installs
87
Ratings
3 0 0
Version
1.0.4
Created
2017-04-21
Updated
2021-04-05
License
N/A
Applies to
All sites

This is a protection against PunyCode abuse as described in below article.

https://arstechnica.com/security/2017/04/chrome-firefox-and-opera-users-beware-this-isnt-the-apple-com-you-want/

Notes:

  • Only sites whose host name uses Latin-extended or Latin-like characters, will be warned.

  • When clicking on a static link, confirmation dialog will be triggered only if points to a different site whose host name contains suspicious punycode (as described above).

  • Scripts will still be able to navigate to a possibly fake website in the current tab without triggering the confirmation prompt. However, upon arriving to the website, the user will still be prompted with a confirmation dialog.

  • Scripts that open a possibly fake website in a new tab will trigger the confirmation prompt.