Punycode in "URL wants to know your location" popup
Reported by
szklarsk...@gmail.com,
Jul 22 2016
|
||||||||
Issue descriptionChrome Version : 51.0.2704.106 URLs (if applicable) : https://żuławiki.pl/ ( https://xn--uawiki-3db67b.pl/ ) Other browsers tested: Firefox OK, Safari OK What steps will reproduce the problem? (1) Open https://żuławiki.pl/ (2) Address bar properly shows https://żuławiki.pl/ (3) A message "https://xn--uawiki-3db67b.pl/ wants to know your location" shows up What is the expected result? Message should be "https://żuławiki.pl/ wants to know your location" What happens instead? Message "https://xn--uawiki-3db67b.pl/ wants to know your location" shows up Tested on latest chrome on linux mint, android and iphone - all behave the same way.
,
Jul 29 2016
Working fine in IE 11 on win7 -- see attachment
,
Sep 14 2016
Reproduced locally. It looks like that dialog's code calls straight through to GURL, so maybe GURL is returning a punycoded host. Over to brettw@ for these questions: 1) Is GURL::host_piece() expected to return punycode? 2) If so, what should one use to turn the string back into a displayable string?
,
Sep 14 2016
1) Yes 2) components/url_formatter. Maybe something like AppendFormattedHost() in there.
,
Sep 21 2016
There is a WIP CL for this, pending review from security enamel: https://codereview.chromium.org/2341213004/
,
Sep 27 2016
I noticed this behavior and was a bit puzzled as to why we still show punycode because I thought I had fixed FormatUrlForSecurityDisplay in April (when overhauling IDN display policy). It turned out that somehow I overlooked FormatUrlForSecurity. elide_url.h still has this comment for FormatUrlForSecurityDisplay. // Internationalized domain names (IDN) may be presented in Unicode if // they're regarded safe. See |url_formatter::FormatUrl| for more details on // the algorithm). Somehow, the above comment and the actual implementation differ from each other.
,
Sep 27 2016
,
Apr 26 2017
jshin@: what happened with this? is it fixed now?
,
May 26 2017
Yes, it's fixed for all LTR domains. For RTL domains, it will still show punycode, which is why bug 650760 is still open. I took a very conservative approach. That remaining issue can be dealt with in that bug. I'm closing this bug as fixed. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by tkonch...@chromium.org
, Jul 29 2016Components: UI
Labels: -Pri-3 M-54 OS-Linux OS-Mac OS-Windows Pri-2
Status: Untriaged (was: Unconfirmed)
343 KB
343 KB View Download