12344444444421
Just in the interest of people using this workaround knowing how it
works,
1 - The forward slashes just tell AdBlock that what is between them
is a regular expression.
2 - The brackets mark off the definition of a class of characters.
3 - The ^ is a NOT operator for the character class; i.e. the class
is defined to be all characters /except/ the ones that follow.
4 - \x20-\xFF are the class of characters with hex values between 20
and FF, inclusive.
So this filter blocks all sites with urls which contain any
character other than hex 20-FF.
I really don't see the IDN problem as a browser vulnerability. It's
a problem with the very idea of IDNs; when only ASCII domain names
were allowed, the characters were all easily distiguishable, but
with IDNs they are not. I don't know what permanent solution (other
than doing away with IDNs) might be possible. I suppose browsers
oculd pop up a warning whenever a domain name contains certain
characters, but that would be pretty annoying.
FWIW, the Verisign plugin for IE which allows it to browse IDNed
sites does not display IDNs properly, at least on my WinXp machine
with IE 6.0.2900.2180; this may or may not have been a "fix" in
response to concerns about spoofing or it may just be that I don't
have enough fonts installed for IE to use. Here's a screenshot of
IE displaying Secunia's test page:
<
http://www.cotse.net/users/putty/images/IEIDN.png>
In case IE users want that free plugin, it is available at
<
http://www.verisign.com/products-se...ces/internationalized-domain-names/index.html>
or <
http://tinyurl.com/692yr>.
It phones home once a day for updates.
)