On 04/06/12 19:10, John Nagle wrote: > Many new TLDs appear to be coming. This may affect how Mozilla > interprets input in the URL bar, and has security implications.
But to a lesser degree than for Chrome. They use the PSL to determine what is a URL and what is a search; that may not be scalable going forward. > Single-word domain names are about to become a common form of > URL. IMO, Mozilla should not be in favour of this type of word hijacking. "www.nike", fine. Bare "nike", no. But then, maybe it's up to the user's DNS configuration rather than us... > Is DNS always preferred over search? Does this introduce any > security risks? Will other browsers from search engine vendors > (Microsoft and Google) make the same choice? You'd need to ask them. > Is adding > ".com" to single words and retrying still appropriate behavior? Do we actually do that, without explicit user command? Gerv _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
