Network.IDN.whitelist.*

From MozillaZine Knowledge Base
Jump to navigationJump to search

Background

IDN addresses have recently come under close scrutiny, mostly due to domain registrars failing to follow certain guidelines that help prevent a type of website spoofing attack.

Mozilla’s first response to the threat of this type of spoofing was to disable IDN support and instead display the more verbose form of IDN URLs—punycode. (Punycode bears little resemblance to the intended appearance of an IDN, removing the risk of spoofing.)

Later, it was decided that some IDN addresses would be shown as intended—but only if the domain’s registrar had a public anti-spoofing policy. These preferences keeps track of which top-level domains are displayed as intended.

This is a set of enumerated preferences. This means that Mozilla will look for all preference names beginning with “network.IDN.whitelist.” and examine each one. The name of the preference—specifically, the portion at the end, after the full stop—is as important as the preference’s value. By default, the following preferences are set (as of 2021):

  • network.IDN.whitelist.ac
  • network.IDN.whitelist.ar
  • network.IDN.whitelist.asia
  • network.IDN.whitelist.at
  • network.IDN.whitelist.biz
  • network.IDN.whitelist.br
  • network.IDN.whitelist.ca
  • network.IDN.whitelist.cat
  • network.IDN.whitelist.ch
  • network.IDN.whitelist.cl
  • network.IDN.whitelist.cn
  • network.IDN.whitelist.de
  • network.IDN.whitelist.dk
  • network.IDN.whitelist.ee
  • network.IDN.whitelist.es
  • network.IDN.whitelist.fi
  • network.IDN.whitelist.gr
  • network.IDN.whitelist.gt
  • network.IDN.whitelist.hu
  • network.IDN.whitelist.il
  • network.IDN.whitelist.info
  • network.IDN.whitelist.io
  • network.IDN.whitelist.ir
  • network.IDN.whitelist.is
  • network.IDN.whitelist.jp
  • network.IDN.whitelist.kr
  • network.IDN.whitelist.li
  • network.IDN.whitelist.lt
  • network.IDN.whitelist.lu
  • network.IDN.whitelist.lv
  • network.IDN.whitelist.museum
  • network.IDN.whitelist.no
  • network.IDN.whitelist.nu
  • network.IDN.whitelist.nz
  • network.IDN.whitelist.org
  • network.IDN.whitelist.pl
  • network.IDN.whitelist.pm
  • network.IDN.whitelist.pr
  • network.IDN.whitelist.re
  • network.IDN.whitelist.se
  • network.IDN.whitelist.sh
  • network.IDN.whitelist.si
  • network.IDN.whitelist.tel
  • network.IDN.whitelist.tf
  • network.IDN.whitelist.th
  • network.IDN.whitelist.tm
  • network.IDN.whitelist.tw
  • network.IDN.whitelist.ua
  • network.IDN.whitelist.vn
  • network.IDN.whitelist.wf
  • network.IDN.whitelist.yt
  • plus 33 "internationalized" TLDs all beginning with the 4-character string xn--

Possible values and their effects

True

If an IDN has the top-level domain specified in this preference name, it will be shown as intended.

False

If an IDN has the top-level domain specified in this preference name, it will be displayed in punycode.

Caveats

  • As this is a whitelist and not a blacklist, setting any of these preferences to false is the same as not setting the preference at all.
  • IDN must be enabled for these preferences to have an effect.
  • network.IDN_show_punycode must be false for these preferenes to have an effect.
  • If any character in an IDN is found in network.IDN.blacklist_chars, it will be displayed in punycode regardless of its possible presence in this whitelist.

First checked in

2005-06-19 by Jungshik Shin

Has an effect in

  • Deer Park (Alpha 2)
  • Mozilla Firefox (all versions since 1.5 RC1)
  • SeaMonkey (all versions)

Related bugs

Related preferences

External links