Michal Zalewski wrote: > Whether Safari devs are to blame here exclusively, I'm not sure - IDN > concept is by itself pretty evil, and this can be viewed simply a clever > take on homograph attacks.
I found out that firefox has a configuration property: network.IDN.blacklist_chars. It includes the character used in the demonstration (ㅤ - HANGULL FILLER) and many more. So, the problem seems to be known (at least in firefox). -- Robert Swiecki http://www.swiecki.net _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
