On 1/11/19 7:22 PM, Tasnad Kernetzky wrote:
Hi all,

I wanted to report a bug (at least we belieave it is one). We had a
short discussion over at the archlinux bugtracker
(https://bugs.archlinux.org/task/60366).

In short:

echo 'address=/ab--c.example.com/#' | dnsmasq --test -C -

dnsmasq: error at line 1 of stdin

Althoug the URL is "forbidden":

host 'ab--c.example.com'
host: 'ab--c.example.com' is not a legal IDNA2008 name (string
contains forbidden two hyphens pattern), use +noidnin


is that a punycode domain name? all the one's i've seen are written as

  xn--codehere.invalid

firefox has a specific option we set so we don't get taken in by look-alike homographs... specifically the links with unicode characters in them are displayed in their punycode form, xn--blahblah... these links explain more if some folks don't know about this aspect of the DNS system...

https://en.wikipedia.org/wiki/Internationalized_domain_name#ASCII_spoofing_concerns
https://en.wikipedia.org/wiki/IDN_homograph_attack
https://en.wikipedia.org/wiki/Punycode#Internationalized_domain_names


--
 NOTE: No off-list assistance is given without prior approval.
       *Please keep mailing list traffic on the list unless*
       *a signed and pre-paid contract is in effect with us.*

_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to