Bug 147367 - Firefox ignores network.enableIDN setting
Summary: Firefox ignores network.enableIDN setting
Alias: None
Product: Fedora
Classification: Fedora
Component: firefox   
(Show other bugs)
Version: 3
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Christopher Aillon
QA Contact:
URL: https://bugzilla.mozilla.org/show_bug...
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2005-02-07 17:46 UTC by Ian Pilcher
Modified: 2007-11-30 22:10 UTC (History)
4 users (show)

Fixed In Version: 1.0.1-1.3.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-02-26 03:42:46 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 281365 None None None Never

Description Ian Pilcher 2005-02-07 17:46:26 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
When network.enableIDN is set to false in about:config, IDN lookups
will initially fail.  When Firefox is stopped and restarted, however,
they will work again, even though the network.enableIDN is still set
to false.

See http://www.shmoo.com/idn/ for an example of how this can be used
for phishing.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.  Start Mozilla Firefox.
2.  Type "about:config" into the URL bar.
3.  Set network.enableIDN to false.
4.  Visit http://www.shmoo.com/idn/ and click on one of the links;
    lookup will fail (properly).
5.  Close Firefox & restart.
6.  Type "about:config" into URL bar; confirm that network.enableIDN
    is still set to false.
7.  Visit http://www.shmoo.com/idn/ and click on one of the link;
    lookup will succeed.

Actual Results:  IDN lookup succeeds, even though network.enableIDN is
set to false.

Expected Results:  IDN lookup should fail.

Additional info:

Comment 1 Carlos Rodrigues 2005-02-17 15:56:53 UTC
This also happens with firefox-1.0-8 from development.

Comment 2 Ian Pilcher 2005-02-26 03:42:46 UTC
Appears to be fixed in 1.0.1-1.3.1.

Comment 3 Matthew Miller 2005-02-28 16:02:20 UTC
Will there be an errata announcement for the 1.0.1-1.3.1 update?

Comment 4 Christopher Aillon 2005-02-28 17:59:28 UTC
I mailed on Saturday.  Whenever someone approves it, yes.

Comment 6 Bill Nottingham 2005-04-20 03:26:58 UTC
*** Bug 143314 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.