[LINK] Curious tiny URL variant using Unicode

Rick Welykochy rick at praxis.com.au
Fri Nov 11 16:03:00 AEDT 2011

Paul Brooks wrote:

> Yes - links displayed correctly in Thunderbird 8.0 email client, and when clicked on were displayed correctly in Firefox 7.0.1 browser.
> Curiously, the URL shown at the bottom of the window when the mouse hovers over it is a ASCII text translation:
> ж.tv is displayed as xn--f1a.tv
> ᄒ.ws is displayed as xn-hqd.ws

This is probably a Good Thing (TM). The ASCII version is a standard RFC that describes
how the Unicode characters in any domain part at encoded. And if the Unicode cannot
be so represented, your mouse hoverer (?) should indicate that fact.

In general it is always preferable to see the URL, specifally the domain name, that
will be used for the DNS lookup.

I am sure Linkers are aware that there be nasties lurking in Unicode domain names. For
example, there are several character (perhaps many) characters in Unicode that
look pretty well identical to the lower case letter "o".

An attacker could issue the domain "micr*s*ft.com" where * is one of these other "o"
characters, and it would appear to you as "microsoft.com". If your email client
or web browser then shows the domain in its ASCII format, it would not look at
all like what you expect and a possible exploit is averted.


Rick Welykochy || Praxis Services

"A Ministry of Defence guide to preventing information leaking into
the public domain has leaked into the public domain."

More information about the Link mailing list