By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
- Security Update 2005-003
-
Includes a Safari/Web Kit update to address the IDN domain-name-spoofing issue. Judging by the description, it’s a good solution: by default, they disallow Roman-look-alike scripts. This allows non-Roman Unicode characters in domain names (say, for Asian languages), but disallows the use of Unicode trickery to use a domain name that looks like, say, “paypal.com”, but which really contains one or more obscure Roman Unicode characters that just happen to look like ‘a’, ‘l’, ‘p’, or ‘y’.
★ Monday, 21 March 2005