New issue
Advanced search Search tips
Starred by 2 users
Status: Duplicate
Merged: issue 683314
Owner: ----
Closed: Feb 2017
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug-Security

Blocked on:
issue 683314

Sign in to add a comment renders as a string resembling "" in the address bar
Reported by, Jan 31 2017 Back to list
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Steps to reproduce the problem:
1. Enter (or .com, etc.) in the address bar.
2. Be amazed as the URL in the address bar now resembles "" or "".
3. Refrain from registering your own "xn--e1auc7f" domain and starting a fake news site.

What is the expected behavior?
The address bar should show "" or the domain should be otherwise marked as potentially malicious.

The ".com" version is currently hosting fake news:

What went wrong?
The domain renders as еѕрп.net (that's *not* an "n" before the dot) in the address bar instead of, creating a large probability of confusion.

Did this work before? N/A 

Chrome version: 56.0.2924.76  Channel: stable
OS Version: 10.0
Flash Version: Shockwave Flash 24.0 r0

Blockedon: 683314
Components: UI>Browser>Omnibox UI>Security>UrlFormatting
This is a whole-script confusable string (all characters are Cyrillic);  Issue 683314 
Comment 2 by, Feb 1 2017
Mergedinto: 683314
Status: Duplicate

Thanks for reporting this bug. We are aware of this issue in  bug 683314 .
Project Member Comment 3 by, May 10 2017
Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit - Your friendly Sheriffbot
Sign in to add a comment