[WEB SECURITY] many stops equal a U+002E full stop

Chris Weber chris at lookout.net
Wed Jun 29 01:40:12 EDT 2011


There are a lot of interesting and complex rules around the way Unicode 
strings are handled in URIs/IRIs and IDNs in particular.  One such case 
is the way several characters each map to the "dot":

http://www.lookout.net/2011/06/28/many-stops-equal-a-u002e-full-stop/

Are most spam and phishing filters IDN-aware?  Has anyone seen this 
technique used in practice to bypass them, or WAFs?

-Chris




More information about the websecurity mailing list