-
Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!
WARNING: non-IE browser problem Mozilla/Firefox users beware
- Thread starter eobard
- Start date
- Joined
- Oct 7, 2004
- Location
- Cincinnati
Have you tried the workaround? It didn't seem to work for me.
- Joined
- Aug 30, 2004
- Location
- Santa Barbara, CA
Didn't work for me either.
I shhut down and restarted firefox.
I shhut down and restarted firefox.
- Joined
- Jul 13, 2003
- Location
- Montréal, PQ, Canada.
Super Nade said:
And now it is making you double post
.
- Joined
- Dec 13, 2004
- Location
- My own personal HELL!
Workaround worked for me. There were 2 lines I had to comment out.
Scary exploit, horribly ironic that it doesn't affect IE.
Scary exploit, horribly ironic that it doesn't affect IE.
- Joined
- Aug 30, 2004
- Location
- Santa Barbara, CA
Ad Rock said:And now it is making you double post
How many such entries did you guys disable? I had only 2 to comment out.
I used the basic search tool to find any mention of the word idn.
Edit**
It worked!!
I think you need to restart your computer for it to work. Another option would be to reset your internet connection. Seems logical because we are dealing with certain network parameters here, right?
Thanks a lot eoboard!
- Joined
- Oct 7, 2004
- Location
- Cincinnati
Yeah it worked for me after I restarted the computer.
- Joined
- Jan 17, 2004
- Location
- indianapolis
This ins't exactly a security hole. It just allows non-english characters to be in a domain name. The following 3 domain names are really to 3 whole different sites. One of them uses the normal english characters and another one uses the english characters p-a-y-p (and then the Russian Cyrillic letter a which looks indentical to the english character) then an english l. and the third uses the other p-(russian character a)-y-p-a-l.com
(copy and paste these into your address bar)
paypal.com
paypаl.com
pаypal.com
There are other letters that look identical to english letters like o for example:
оcforums.com
yahоо.com
(copy and paste those into your address bar)
look here for more info:
http://webdesign.about.com/od/charactersets/l/blhtmlcodes_ru.htm
IE just doesn't support using IDNs (http://www.ietf.org/html.charters/idn-charter.html) so thats why it isn't affected.
Paypal always says to open a new browser window and type in https://paypal.com and that advice still prevents anything like this from happening.
-Andy
(copy and paste these into your address bar)
paypal.com
paypаl.com
pаypal.com
There are other letters that look identical to english letters like o for example:
оcforums.com
yahоо.com
(copy and paste those into your address bar)
look here for more info:
http://webdesign.about.com/od/charactersets/l/blhtmlcodes_ru.htm
IE just doesn't support using IDNs (http://www.ietf.org/html.charters/idn-charter.html) so thats why it isn't affected.
Paypal always says to open a new browser window and type in https://paypal.com and that advice still prevents anything like this from happening.
-Andy
- Thread Starter
- #11
I know it's not technically a security flaw in the browser but it could have malicious effects nevertheless so it was worth spreading the news. Closing out Firefox and relaunching after commenting out the two lines worked for me.
- Joined
- Apr 5, 2001
- Location
- St. Catharines, Ontario Canada
You could also try the latest Tinderbox build, 1.0.1. From what I read, that should fix it as well.
- Joined
- Jul 27, 2004
- Location
- Belton, MO
The workaround worked fine for me on Firefox 1.0 on Linux. There were 2 lines with idn, just used a search to find them.
Similar threads
