Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > alt.comp.software.thunderbird > #16381 > unrolled thread

ThunderMail is coming soon

Back to article view | Back to alt.comp.software.thunderbird

Contents

  ThunderMail is coming soon James <invalid@invalid.invalid> - 2025-04-20 19:15 +0000
    Re: ThunderMail is coming soon Ed Cryer <ed@somewhere.in.the.uk> - 2025-04-20 20:35 +0100
      Re: ThunderMail is coming soon "Carlos E.R." <robin_listas@es.invalid> - 2025-04-20 21:50 +0200
      Re: ThunderMail is coming soon Chris <ithinkiam@gmail.com> - 2025-04-21 16:13 +0000
        Re: ThunderMail is coming soon D <J@M> - 2025-04-21 20:20 +0200
        Re: ThunderMail is coming soon Jörg Knobloch <jorgk@jorgk.com> - 2025-04-21 22:07 +0200
    Re: ThunderMail is coming soon D <J@M> - 2025-04-20 21:55 +0200
    Re: ThunderMail is coming soon kyonshi <gmkeros@gmail.com> - 2025-04-20 21:42 +0200
      Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-20 15:46 -0500
        Re: ThunderMail is coming soon Andy Burns <usenet@andyburns.uk> - 2025-04-21 08:52 +0100
          Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-21 17:36 -0500
            Re: ThunderMail is coming soon Paul <nospam@needed.invalid> - 2025-04-22 05:58 -0400
              Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-22 07:43 -0500
                Re: ThunderMail is coming soon Daniel70 <daniel47@eternal-september.org> - 2025-04-22 23:42 +1000
          Re: ThunderMail is coming soon Wayne <wayne@nospam.com> - 2025-04-22 11:12 -0400
    Re: ThunderMail is coming soon Dave Royal <dave@dave123royal.com> - 2025-04-20 21:12 +0100
      Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-20 15:49 -0500
        Re: ThunderMail is coming soon Dave Royal <dave@dave123royal.com> - 2025-04-21 08:59 +0100
          Re: ThunderMail is coming soon Newyana2 <newyana@invalid.nospam> - 2025-04-21 08:05 -0400
            Re: ThunderMail is coming soon Dave Royal <dave@dave123royal.com> - 2025-04-21 14:05 +0100
              Re: ThunderMail is coming soon Newyana2 <newyana@invalid.nospam> - 2025-04-21 11:41 -0400
              Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-21 18:18 -0500
                Re: ThunderMail is coming soon Frank Miller <miller@posteo.ee> - 2025-04-22 01:42 +0200
        Re: ThunderMail is coming soon "s|b" <me@privacy.invalid> - 2025-04-21 18:53 +0200
          Re: ThunderMail is coming soon Daniel70 <daniel47@eternal-september.org> - 2025-04-22 20:07 +1000
            Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-22 07:49 -0500
              Re: ThunderMail is coming soon Chris <ithinkiam@gmail.com> - 2025-04-22 13:58 +0000
                Re: ThunderMail is coming soon Frank Slootweg <this@ddress.is.invalid> - 2025-04-22 15:32 +0000
                Re: ThunderMail is coming soon David <BD@invalid.now> - 2025-05-03 14:50 +0100
                  Re: ThunderMail is coming soon Paul <nospam@needed.invalid> - 2025-05-03 14:39 -0400
                    Re: ThunderMail is coming soon Mark Lloyd <not.email@all.invalid> - 2025-05-03 19:14 +0000
                      Re: ThunderMail is coming soon "Carlos E.R." <robin_listas@es.invalid> - 2025-05-03 23:53 +0200
                  Re: ThunderMail is coming soon Chris <ithinkiam@gmail.com> - 2025-05-04 13:31 +0000
                    Re: ThunderMail is coming soon Frank Slootweg <this@ddress.is.invalid> - 2025-05-04 13:59 +0000
              Re: ThunderMail is coming soon Java Jive <java@evij.com.invalid> - 2025-04-22 15:39 +0100
                Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-23 00:27 -0500
                  Re: ThunderMail is coming soon Java Jive <java@evij.com.invalid> - 2025-04-23 11:31 +0100
                    Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-23 06:14 -0500
                      Re: ThunderMail is coming soon Java Jive <java@evij.com.invalid> - 2025-04-23 12:36 +0100
                        Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-23 06:50 -0500
                      Re: ThunderMail is coming soon Chris <ithinkiam@gmail.com> - 2025-04-23 15:54 +0000
                        Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-24 05:00 -0500
                          Re: ThunderMail is coming soon Philip Herlihy <nothing@invalid.com> - 2025-04-24 12:19 +0100
                            Re: ThunderMail is coming soon "R.Wieser" <address@is.invalid> - 2025-04-24 14:33 +0200
                              Re: ThunderMail is coming soon Philip Herlihy <nothing@invalid.com> - 2025-04-25 12:54 +0100
                                Re: ThunderMail is coming soon "R.Wieser" <address@is.invalid> - 2025-04-25 18:03 +0200
                                  Re: ThunderMail is coming soon Philip Herlihy <nothing@invalid.com> - 2025-04-29 16:48 +0100
                            Re: ThunderMail is coming soon Richmond <dnomhcir@gmx.com> - 2025-04-24 14:55 +0100
                              Re: ThunderMail is coming soon Andy Burns <usenet@andyburns.uk> - 2025-04-24 15:26 +0100
                                Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-24 21:05 -0500
                                  Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-24 21:25 -0500
                                    Re: ThunderMail is coming soon Andy Burns <usenet@andyburns.uk> - 2025-04-25 06:53 +0100
                                      Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-25 01:53 -0500
                                        Re: ThunderMail is coming soon Andy Burns <usenet@andyburns.uk> - 2025-04-25 08:11 +0100
                                          Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-25 07:06 -0500
                                    Re: ThunderMail is coming soon "Carlos E.R." <robin_listas@es.invalid> - 2025-04-25 13:47 +0200
                                      Re: ThunderMail is coming soon Newyana2 <newyana@invalid.nospam> - 2025-04-25 08:20 -0400
                                        Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-25 07:52 -0500
                                          Re: ThunderMail is coming soon Newyana2 <newyana@invalid.nospam> - 2025-04-25 12:00 -0400
                                  Re: ThunderMail is coming soon Arthur Conan Doyle <dont@bother.com> - 2025-04-25 07:33 -0500
                              Re: ThunderMail is coming soon "Carlos E.R." <robin_listas@es.invalid> - 2025-04-24 22:47 +0200
                                Re: ThunderMail is coming soon Richmond <dnomhcir@gmx.com> - 2025-04-24 22:09 +0100
                          Re: ThunderMail is coming soon Chris <ithinkiam@gmail.com> - 2025-04-24 15:27 +0000
                          Re: ThunderMail is coming soon "R.Wieser" <address@is.invalid> - 2025-04-24 18:37 +0200
                            Re: ThunderMail is coming soon Trump Lost The Tariff War <Trump@US.Gov> - 2025-04-24 17:30 +0000
                              Re: ThunderMail is coming soon "R.Wieser" <address@is.invalid> - 2025-04-24 21:48 +0200
              Re: ThunderMail is coming soon "R.Wieser" <address@is.invalid> - 2025-04-23 09:45 +0200
              Re: ThunderMail is coming soon "R.Wieser" <address@is.invalid> - 2025-04-23 09:45 +0200
        Re: ThunderMail is coming soon "Adam H. Kerman" <ahk@chinet.com> - 2025-04-21 19:53 +0000
          Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-22 06:31 -0500
    Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-20 15:47 -0500
    Re: ThunderMail is coming soon "John C." <r9jmg0@yahoo.com> - 2025-04-21 03:45 -0700
      Re: ThunderMail is coming soon Char Jackson <none@none.invalid> - 2025-04-22 21:14 -0500
        Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-23 00:54 -0500
    Re: ThunderMail is coming soon Philip Herlihy <nothing@invalid.com> - 2025-04-21 13:00 +0100
    Re: ThunderMail is coming soon Roberto <dash@dominus.net> - 2025-04-21 19:26 +0200
    Re: ThunderMail is coming soon Robert <monstoor@spammedia.com> - 2025-04-23 00:15 +0100
      Re: ThunderMail is coming soon NZ Rules OK <invalid@invalid.invalid> - 2025-04-23 00:49 +0100
        Re: ThunderMail is coming soon Nobody <jock@soccer.com> - 2025-04-22 18:36 -0700
        Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-04-24 05:07 -0500
          Re: ThunderMail is coming soon Robert <monstoor@spammedia.com> - 2025-04-25 00:26 +0100
          Re: ThunderMail is coming soon "John C." <r9jmg0@yahoo.com> - 2025-04-25 05:44 -0700
    Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-05-16 06:26 -0500
      Re: ThunderMail is coming soon Wayne <wayne@nospam.com> - 2025-05-28 18:26 -0400
        Re: ThunderMail is coming soon VanguardLH <V@nguard.LH> - 2025-05-28 18:58 -0500
    Re: ThunderMail is coming soon "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2025-05-21 02:18 +0800
      Re: ThunderMail is coming soon Retirednoguilt <HapilyRetired@fakeaddress.com> - 2025-05-21 10:50 -0400

Page 3 of 5 — ← Prev page 1 2 [3] 4 5  Next page →

#16428

VanguardLH <V@nguard.LH> wrote:
> Java Jive <java@evij.com.invalid> wrote:
> 
>> If you need to complain about a domain's behaviour, spamming or
>> whatever, if you don't get any joy from the contacts given out by the
>> website itself or the generally accepted default contacts, usually it
>> is sufficient to complain next to the Registrant; ...
> 
> Presumably you meant the registrar.  The problem is the domain lookup
> nowadays often doesn't reveal contact info on the registrant, there is
> no contact info at the web site (assuming it is up and responsive, and
> you're not trying to report it is down), and the postmaster and
> webmaster e-mail addresses are just bit buckets, or not defined so I get
> back an NDR (Non-Delivery Report).  
> 
> I'm not trying to report an abusive web site.  I'm trying to contact its
> registrant to report a problem with the web site, like it is not
> responsive, it may be hacked (e.g., a popup appears mentioning infection
> which is ransomware), or otherwise trying to help the registrant with
> their web site.  Too many owners don't monitor their sites nor use tools
> to notify them when it is down.  They don't know there is a problem
> until someone tells them.  That is when contacting them phone or e-mail
> can notify them.

That's their choice. You don't have a right to be able to contact them. 

If they're a business and don't have appropriate "contact us" info, they'll
soon cease being a business. If they're a hobbyist then it's still their
choice and a they probably don't care to get feedback. 

[toc] | [prev] | [next] | [standalone]

#16429

Chris <ithinkiam@gmail.com> wrote:

> That's their choice. You don't have a right to be able to contact them. 

Actually, and for registrars under the GDPR's thumb, the registrars
*must* redact the registration info.  It is NOT their customer's choice.

https://blog.dnsimple.com/2019/04/gdpr-and-whois-privacy/
"ICANN, domain registries, and domain registrars reacted to GDPR by
introducing a new policy requiring redaction of personal information,
thus changing the landscape of domain registrations."

https://drs.whoisxmlapi.com/blog/retrieve-domain-data-after-redaction

Yeah, many respondents claim "it's their choice".  Nope.

https://www.finnegan.com/en/insights/blogs/incontestable/concealed-registration-data-under-the-gdpr-complicates-udrp-complaints.html

No wonder look-alike domains (using UTF8 characters instead of ASCII)
don't get killed right away.  The scammers get to continue with their
look-alike domain until someone decides to take court action (in an
actionable region governing the registrar).  Class action suits don't
happen overnight.

[toc] | [prev] | [next] | [standalone]

#16431

In article <13esvde35xjuj.dlg@v.nguard.lh>, V@nguard.LH says...
>No wonder look-alike domains (using UTF8 characters instead of ASCII)
>don't get killed right away.  
>

How does that work?

-- 
--
Phil, London

[toc] | [prev] | [next] | [standalone]

#16432

Philip,

>> No wonder look-alike domains (using UTF8 characters instead of
>> ASCII) don't get killed right away.
>
> How does that work?

Look-alike domains using UTF8 characters ?

Its (too) simple.  There are a lot of UTF8 characters that, to us humans, 
look almost, if not completely the same as standard ASCII characters.

Pretty-much the same as "o" and "ö" in the normal ASCII range (the last one 
has two dots above it), but worse.

Regards,
Rudy Wieser

[toc] | [prev] | [next] | [standalone]

#16448

In article <vudb2r$1j1ta$1@dont-email.me>, address@is.invalid says...
>
>Philip,
>
>>> No wonder look-alike domains (using UTF8 characters instead of
>>> ASCII) don't get killed right away.
>>
>> How does that work?
>
>Look-alike domains using UTF8 characters ?
>
>Its (too) simple.  There are a lot of UTF8 characters that, to us humans, 
>look almost, if not completely the same as standard ASCII characters.
>
>Pretty-much the same as "o" and "ö" in the normal ASCII range (the last one 
>has two dots above it), but worse.
>
>Regards,
>Rudy Wieser

Helpful - thanks!

-- 
--
Phil, London

[toc] | [prev] | [next] | [standalone]

#16460

Philip,

> Helpful - thanks!

You're wecome. :-)

If you put the below in an .HTML file and open it you can see what the 
problem is - and those are just a quick grab.

I've HTML-ed the chars for easy transport/viewing.  You can also open 
'write' (the text editor) press-and-hold ALT and input one of the numbers 
numbers using the numeric keypad (on the right), afterwards releasing the 
ALT key.

- - - - - - - - - - - -
<html>
<head>
<meta charset="UTF-8">
<title>A small example</title>
</head>
<body>

<p> e &#8494; &#1107;</p>
<p> K &#8490;</p>
<p> s &#1109;</p>

</body>
</html>
- - - - - - - - - - - -

Regards,
Rudy Wieser

[toc] | [prev] | [next] | [standalone]

#16494

In article <vugbor$akfn$1@dont-email.me>, address@is.invalid says...
><html>
><head>
><meta charset="UTF-8">
><title>A small example</title>
></head>
><body>
>
><p> e &#8494; &#1107;</p>
><p> K &#8490;</p>
><p> s &#1109;</p>
>
></body>
></html>
>
>

Excllent demo - thanks!

-- 
--
Phil, London

[toc] | [prev] | [next] | [standalone]

#16433

Philip Herlihy <nothing@invalid.com> writes:

> In article <13esvde35xjuj.dlg@v.nguard.lh>, V@nguard.LH says...
>>No wonder look-alike domains (using UTF8 characters instead of ASCII)
>>don't get killed right away.  
>>
>
> How does that work?

𝙸𝚝 𝚠𝚘𝚛𝚔𝚜 𝚋𝚢 𝚞𝚜𝚒𝚗𝚐 𝚌𝚑𝚊𝚛𝚊𝚌𝚝𝚎𝚛𝚜 𝚕𝚒𝚔𝚎 𝚝𝚑𝚎𝚜𝚎.

It works by using characters like those.

[toc] | [prev] | [next] | [standalone]

#16434

Richmond wrote:

> Philip Herlihy writes:
> 
>> V@nguard.LH says...
>>>>> No wonder look-alike domains (using UTF8 characters instead of ASCII)
>>> don't get killed right away.
>>
>> How does that work?
> 
> 𝙸𝚝 𝚠𝚘𝚛𝚔𝚜 𝚋𝚢 𝚞𝚜𝚒𝚗𝚐 𝚌𝚑𝚊𝚛𝚊𝚌𝚝𝚎𝚛𝚜 𝚕𝚒𝚔𝚎 𝚝𝚑𝚎𝚜𝚎.
I thought unicode homographs in domain names was a solved issue with 
IDNs, so they got translated to xn--punycodedstring.tld

[toc] | [prev] | [next] | [standalone]

#16442

Andy Burns <usenet@andyburns.uk> wrote:

> Richmond wrote:
> 
>> Philip Herlihy writes:
>> 
>>> V@nguard.LH says...
>>>
>>>> No wonder look-alike domains (using UTF8 characters instead of
>>>> ASCII) don't get killed right away.
>>>
>>> How does that work?
>> 
>> ������������ ������������������������������ ������������ ������������������������������ ������������������������������������������������������������ ������������������������ ������������������������������.

> I thought unicode homographs in domain names was a solved issue with 
> IDNs, so they got translated to xn--punycodedstring.tld

Correct, *if* the client actually displays punycode instead of IDNs.
With IDNs, you can easily miss the URL is to a look-alike domain.  With
punycode displayed, it is obvious an IDN was used, but converted to show
the punycode version.  Not all clients (that support IDNs) will show the
punycode version.

Tbird has Firefox code.  Firefox can display punycode *if* you go into
about:config to change network.IDN_show_punycode = true.  I can only
assume the Firefox setting might apply to Tbird, but I'm not sure that
is true for hyperlinks within the body of an e-mail versus having Tbird
render a web site using Firefox code.  Is the above punycode setting
available in Tbird's advanced editor?

[toc] | [prev] | [next] | [standalone]

#16443

With Firefox configured to show punycode, copying the following IDN
(using UTF-8) in Firefox's address bar:

https://аррӏе.com

(assuming my NNTP client switches from ASCII to UTF-8 for message format
on detecting non-ASCII char in the above string, so you can copy it)

will show the look-alike apple.com domain in the address bar, and also a
drop-down box showing:

https://xn--80ak6aa92e.com

With Firefox, you get full fidelity of the URL.  You see both the IDN
and punycode versions.

Since Tbird supports UTF-8 in messages, you might not see the punycode
version for an IDN in an e-mail body.  But if you click on the IDN URL,
Firefox will show both IDN and punycode versions.

[toc] | [prev] | [next] | [standalone]

#16444

VanguardLH wrote:

> With Firefox, you get full fidelity of the URL.  You see both the IDN
> and punycode versions.

Here, the punycode setting in about:config seems to be ignored, I always 
see xn--blah

[toc] | [prev] | [next] | [standalone]

#16445

Andy Burns <usenet@andyburns.uk> wrote:

> VanguardLH wrote:
> 
>> With Firefox, you get full fidelity of the URL.  You see both the IDN
>> and punycode versions.
> 
> Here, the punycode setting in about:config seems to be ignored, I always 
> see xn--blah

Could be when clicking on a hyperlink in an e-mail that the IDN has
already been converted to punycode, so that's all you see in the address
bar in Firefox.  Instead copy the IDN string in the e-mail, and paste
into Firefox's address bar.

[toc] | [prev] | [next] | [standalone]

#16446

VanguardLH wrote:

> Could be when clicking on a hyperlink in an e-mail that the IDN has
> already been converted to punycode, so that's all you see in the address
> bar in Firefox.  Instead copy the IDN string in the e-mail, and paste
> into Firefox's address bar.

Yes, when pasting I see the IDN plus the punycode dropdown, but it's 
barely noticeable, it ought to flash bright pink for a few seconds to 
give the user a chance!

  I'd normally copy then use the paste&go option, and that way the 
dropdown doesn't show at all

[toc] | [prev] | [next] | [standalone]

#16450

Andy Burns <usenet@andyburns.uk> wrote:

> VanguardLH wrote:
> 
>> Could be when clicking on a hyperlink in an e-mail that the IDN has
>> already been converted to punycode, so that's all you see in the address
>> bar in Firefox.  Instead copy the IDN string in the e-mail, and paste
>> into Firefox's address bar.
> 
> Yes, when pasting I see the IDN plus the punycode dropdown, but it's 
> barely noticeable, it ought to flash bright pink for a few seconds to 
> give the user a chance!
> 
>   I'd normally copy then use the paste&go option, and that way the 
> dropdown doesn't show at all

Paste and Go obeys your choice to immediately *go* to whatever got
pasted in the address bar.  It's not Paste-Pause-ChooseGo.  Paste and Go
never shows any downdown choices.  The Go is immediate.

The about:config setting is to /_show_/ the punycode, not warn on it.
IDN has a legit purpose.  So does e-mail.  They can be abused.  RFC 3490
(https://datatracker.ietf.org/doc/html/rfc3490) showed up in 2003.
Homograph phishing with IDNs started, I think, around 2006.

I usually use Ctrl+V to paste into the address bar instead of mousing
into context menus to paste.  I do Ctrl+V and Enter, but you see the
dropdown list just after hitting Ctrl+V.

If you want a safety net despite you told Firefox to immediately go, try
an addon, like:

https://addons.mozilla.org/en-US/firefox/addon/punycode-domain-detection/
https://addons.mozilla.org/en-US/firefox/addon/punycodechecker/

I can't recommend a safety net add-on since I don't use one, and I
rarely mouse to Paste and Go.

https://bugzilla.mozilla.org/show_bug.cgi?id=1669058

Opened in 2020, so someone back then thought a safety net on IDNs was a
good security feature.  However, status is still New, not addressed in 5
years, so no one has reviewed or been assigned this ticket.  The last
entry is 5 years old which was basically just a Like vote.  You could
add a comment to bump it.

[toc] | [prev] | [next] | [standalone]

#16447

On 2025-04-25 04:25, VanguardLH wrote:
> With Firefox configured to show punycode, copying the following IDN
> (using UTF-8) in Firefox's address bar:
> 
> https://аррӏе.com
> 
> (assuming my NNTP client switches from ASCII to UTF-8 for message format
> on detecting non-ASCII char in the above string, so you can copy it)
> 
> will show the look-alike apple.com domain in the address bar, and also a
> drop-down box showing:
> 
> https://xn--80ak6aa92e.com
> 
> With Firefox, you get full fidelity of the URL.  You see both the IDN
> and punycode versions.

I don't. I get "https://www.аррӏе.com/".

> 
> Since Tbird supports UTF-8 in messages, you might not see the punycode
> version for an IDN in an e-mail body.  But if you click on the IDN URL,
> Firefox will show both IDN and punycode versions.


You also said:

> Could be when clicking on a hyperlink in an e-mail that the IDN has
> already been converted to punycode, so that's all you see in the address
> bar in Firefox.  Instead copy the IDN string in the e-mail, and paste
> into Firefox's address bar.

Nope. No difference.


-- 
Cheers, Carlos.

[toc] | [prev] | [next] | [standalone]

#16451

On 4/25/2025 7:47 AM, Carlos E.R. wrote:

>>
>> With Firefox, you get full fidelity of the URL.  You see both the IDN
>> and punycode versions.
> 
> I don't. I get "https://www.аррӏе.com/".
> 
>>

   Interesting. I get only https://xn--80ak6aa92e.com if I
paste the apple link from these posts into FF. I haven't
changed any related settings that I know of.
FF115.

[toc] | [prev] | [next] | [standalone]

#16456

Newyana2 <newyana@invalid.nospam> wrote:

> On 4/25/2025 7:47 AM, Carlos E.R. wrote:
> 
>>>
>>> With Firefox, you get full fidelity of the URL.  You see both the IDN
>>> and punycode versions.
>> 
>> I don't. I get "https://www.аррӏе.com/".
>> 
>>>
> 
>    Interesting. I get only https://xn--80ak6aa92e.com if I
> paste the apple link from these posts into FF. I haven't
> changed any related settings that I know of.
> FF115.

Clicking on a hyperlink is the equivalent of using Paste and Go in the
address bar of Firefox.  You need to just Paste, not go.  

The about:config setting is for showing the punycode version of an IDN,
not halting and alerting on an IDN.  If you paste an IDN, the IDN is
copied into the address bar, and the punycode version shows in a
dropdown listbox.  If you Paste and Go the IDN into the address bar,
well, you said to immediately go, so Firefox tries to visit the web
site, and shows the punycode in its address bar.

I'm not sure there is a setting in Firefox that pastes the string into
its address bar, but does not immediately go to the web site.  That
would be a severe nuisance since every hyperlink on which you click (in
a web page, in an e-mail, in a document), or specify a URL in the
command line, would get the URL string into Firefox's address bar, but
then Firefox would just sit there waiting for you to hit the Enter key.

As mentioned to Andy in another subthread, there are add-ons that will
interrupt Firefox to prevent an immediate "go" when the URL is an IDN.
I haven't used any yet.  I also noted a bug ticket (5 years old with no
activity) requesting a similar interruption by Firefox when an IDN is
used for the destination.  The premise is you hit far more ASCII-coded
URLs than you hit legit IDNs.  I cannot remember ever hitting a
legitimate web site using an IDN, so an interrupt on detecting an IDN
would be a good safety feature with very minimal nuisance.

https://www.icann.org/en/system/files/files/idn-annual-report-2024-31jul24-en.pdf

IANA, and other sources, say there 1.5 million sites using IDNs with 48%
for Chinese characters and 27% for Latin characters.

Rather than network.IDN_show_punycode = true, I'd rather have a
network.IDN_warn = true setting that would have Firefox halt and show an
alert (showing both IDN and punycode versions) when it detected an IDN
string as the destination's URL.

[toc] | [prev] | [next] | [standalone]

#16459

On 4/25/2025 8:52 AM, VanguardLH wrote:

>>     Interesting. I get only https://xn--80ak6aa92e.com if I
>> paste the apple link from these posts into FF. I haven't
>> changed any related settings that I know of.
>> FF115.
> 
> Clicking on a hyperlink is the equivalent of using Paste and Go in the
> address bar of Firefox.  You need to just Paste, not go.
> 

   Yes. That's what I did. I copy the link to apple.com, paste it,
and see the punycode. I have the pref set to false. But that's
not what you see? Could this be yet another thing they
screwed up after 115?

> I'm not sure there is a setting in Firefox that pastes the string into
> its address bar, but does not immediately go to the web site.  

?? It's called Paste. Below that there's an option to Paste and Go.
I'm not talking about clicking links. I said paste. I meant paste.

I actually paste normally. So many links now contain tracking
parameters that I want to clean off.

    Also, there's another reason: I have IE11 set as
default browser. Then I block IE11 at the firewall. That means no
wiseguy can trick me into visiting their website without asking.
Due to that setting, I can't click links in TBird. I have to copy,
paste them. But that's fine with me.

[toc] | [prev] | [next] | [standalone]

#16453

VanguardLH <V@nguard.LH> wrote:

> Is the above punycode setting available in Tbird's advanced editor?

Yes - don't know if it's active though.

--
Usenet: The world's first (and best) social network.

[toc] | [prev] | [next] | [standalone]

Page 3 of 5 — ← Prev page 1 2 [3] 4 5  Next page →

Back to top | Article view | alt.comp.software.thunderbird

csiph-web