I was editing a text in vim and I typed gx on a play-button emoji to open it as an url and to see what happen. Vim translated the UTF-8 emoji into a punycode one and wrapped it into an url format for my browser: xn--g1h.com. The request had been redirected to another site: anti666.com, that it's quite spooky. The site is uncertificated, of course.
I tryed to wrap other emojis' punycode into the same url format (www.<punicode emoji>.com) with two different browsers (firefox and chromium) and I didn't notice any difference in results between them.
Sometimes I got 404 errors, sometimes it took me to other uncertificated sites.
To take another example, xn--c1yn36f.com redirects me to 1redirb.com/.../....
I didn't tried further because I thought it could be risky.
I think these are redirections and not aliases or whatever because of my research with whois.com but it's just my own speculation.
My question is: How this redirections are possible and why this happens? Are these domains actually existing or there is another explanation?
I expect my browser throws me an error, not redirects me to another unsafe site.
Thanks.
Related
I would love it if my Perl script can change the address in the browser. Not to try and hide things, or be funny. But for cleanliness sake.
www.example.com/billing
looks much better than:
www.example.com/cgi-bin/billing.pl?userid=0000&inv=1234
I realize browsers probably have high security measures to prevent phishers from being more tricky, but what gives me some hope that this is possible is that I placed the following line in my .htaccess file:
ErrorDocument 404 /index.html
and if I go to www.example.com/nonexistent the browser will go back to the main page, but the address bar still has the nonexistent address.
Thanks
I have no idea where to find out about why if I paste this url into the address bar of Chrome, Safari, and Firefox it will be translated into a different URL with a couple of accented characters.
It results in a crypto currency phishing site so beware.
I'm trying to find the logic (javascript) or whatever that causes this translation
The base url is http://www.xn--shapehit-ez9c7y.com
I apologise if this is the wrong site to ask the question on.
This is called PunyCode, which is a way to represent Unicode within the ASCII character set. This allows websites to have names with foreign characters, such as in Chinese or Arabic. While this is incredibly useful, it can also be used for deceptive impersonation (often maliciously, as noted in your question).
Different browsers treat PunyCode differently. For example, Safari and Edge will not attempt to covert PunyCode, and will show the full 'strange' URLs.
However, according to Sophos,
Chrome and Firefox won’t automatically decode punycode URLs if they mix multiple alphabets or languages, on the grounds that such text strings are highly unlikely in real life and therefore suspicious. But both Chrome and Firefox will autoconvert punycode URLs that contain all their characters in the same language.
A security researcher called Xudong Zheng actually registered the domain xn--80ak6aa92e.com, which translates to аррӏе in 'Russian'. When visited in Chrome or Firefox, it looks identical to apple.com in the URL:
Fortunately his site simply warns of this forgery, but it could easily have been used maliciously.
Hope this helps :)
I am working on a website and noticed that as I was making up folder names that any folder name that begins with a # is not recognized from the web browser. For example: example.com/#example/index.html will not work. Whereas example.com/%23example/index.html works. In the same example using !#$%*& will work file without encoding. Curious why and how to make it work if I wanted it to. I read this article: Which characters make a URL invalid?. Thanks
Invalid characters might have a special meaning for the browser. For example # is used to create links on the same page. Take a look here.
In my virtual directory, I have many mp3 files, there are space or Chinese characters. How do I allow visitors to download them?
For example:
There's no problem when downloading www.myWebsite.com/virtualDirectory/songNameSimple.mp3
But if the song name has space in it, it's replaced by %20, thus return 404 error.
I'm curious about solution in both iis and lamp, although maybe the solution is the same.
Thanks
The server is handling this automatically, it was working for me at the beginning due to something else.
Since a while, when I open a plain text file with long lines, the lines will break.
See this example: https://oeis.org/A195665/a195665_4.txt
In Firebug I can see, that the text is in <pre> tags in an html structure.
To avoid the line breaks, I have to click on "View Page Source".
Is there any server side way to prevent that?
I do not think the browser is at fault. I believe it is the web server's job to serve it up differently. You should google how to do that for your particular web server.
This works in Firefox and Chrome:
view-source:http://oeis.org/A195665/a195665_4.txt
But not in IE. However, IE doesn't break the lines in the first place.