FYI, in case anyone hadn't worked it out yet, the
provided demo works against Konqueror 3.2.1 on KDE
3.2.1 on Suse Linux too.
Pasting the given URL into vi doesn't show the
problem, but view page source (which brings up the
page in KWrite) and "od -xc" do expose the attack.
Cheers,
Simon
--- [EM
[EMAIL PROTECTED] wrote:
> V.Workaround
>
> You can disable IDN support in mozilla products by setting
> 'network.enableIDN' to false. There is no workaround known for Opera or
> Safari.
Hello,
I use Firefox 1.0 on GNU/Linux but the workaround doesn't work if I
close the browser. No idea wh
For some reason, manually adding it to prefs.js with a text editor did not
work for me. However, configuring it from about:config worked for me.
Open up firefox, put about:config into the address bar, and then change
network.enableIDN to false by double clicking on it. If it is working
successf
On Mon, 07 Feb 2005 11:06:18 PST, Richard Jacobsen said:
> Open up firefox, put about:config into the address bar, and then change
> network.enableIDN to false by double clicking on it. If it is working
> successfully, you should get a message "domainname.com could not be found"
> when clicking
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
| On Mon, 07 Feb 2005 11:06:18 PST, Richard Jacobsen said:
|
|
|>Open up firefox, put about:config into the address bar, and then change
|>network.enableIDN to false by double clicking on it. If it is working
|>successfully, yo
Valdis Kletnieks wrote:
> The actual bug referenced by Gerald is that if you use about:config to set it,
> it *works* without having to restart, but at the next restart of the browser,
> the setting no longer works...
At least in the standard (binary distribution) Windows build of Mozilla
1.0 th
Markus Wernig wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
| On Mon, 07 Feb 2005 11:06:18 PST, Richard Jacobsen said:
|
|
|>Open up firefox, put about:config into the address bar, and then change
|>network.enableIDN to false by double clicking on it. If it is worki
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter Besenbruch wrote:
| Markus Wernig wrote:
|
|> Yes, it does set network.enableIDN = false, but on startup this seems to
|> get ignored. What I had to do to disable it (probably a brute hack):
|> there's a line in ~/.mozilla/firefox/whatever.default
>The actual bug referenced by Gerald is that if you use
>about:config to set it,
>it *works* without having to restart, but at the next restart
>of the browser,
>the setting no longer works...
Isnt there a way to make this survive browser restarts ?
___
