I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ikhono lokubhalisa izizinda zobugebengu bokweba imininingwane ebucayi ezinezinhlamvu ze-unicode ezifanayo egameni

Ikhono lokubhalisa izizinda zobugebengu bokweba imininingwane ebucayi ezinezinhlamvu ze-unicode ezifanayo egameni

Abacwaningi abavela ku-Soluble kwembulwa indlela entsha yokubhalisa izizinda ngayo ama-homoglyphs, ifana ngokubukeka kwezinye izizinda, kodwa empeleni ihlukile ngenxa yokuba khona kwezinhlamvu ezinencazelo ehlukile. Izizinda ezifanayo zamazwe ngamazwe (IDN) kungenzeka uma uthi nhlΓ‘ angehlukani nezizinda zezinkampani nezinsizakalo ezaziwayo, ezivumela ukuthi zisetshenziselwe ubugebengu bokweba imininingwane ebucayi, okuhlanganisa nokubatholela izitifiketi ezilungile ze-TLS.

Ukushintsha okujwayelekile ngesizinda se-IDN esibonakala sifana kudala kuvinjiwe kuziphequluli namarejista, ngenxa yokuvinjelwa kokuxuba izinhlamvu zama-alfabhethi ahlukene. Isibonelo, isizinda se-dummy apple.com (β€œxn--pple-43d.com”) asikwazi ukudalwa ngokufaka igama lesi-Latin elithi β€œa” (U+0061) esikhundleni se-Cyrillic β€œa” (U+0430), njengoba izinhlamvu esizindeni zixutshwe ezinhlamvwini ezihlukene azivunyelwe. Ngo-2017 kwakukhona itholakele indlela yokudlula lokho kuvikela ngokusebenzisa izinhlamvu ze-unicode kuphela esizindeni, ngaphandle kokusebenzisa izinhlamvu zesiLatini (isibonelo, ukusebenzisa izimpawu zolimi ezinezinhlamvu ezifana nesiLatini).

Manje sekutholakele enye indlela yokweqa isivikelo, ngokusekelwe eqinisweni lokuthi ababhalisi bavimba ukuhlanganisa isiLatini ne-Unicode, kodwa uma izinhlamvu ze-Unicode ezishiwo esizindeni zingezeqembu lezinhlamvu zesiLatini, ukuxuba okunjalo kuvunyelwe, ngoba izinhlamvu zingezabo. izinhlamvu ezifanayo. Inkinga ukuthi esandisweni Unicode Latin IPA kunama-homoglyph afanayo ekubhaleni kwezinye izinhlamvu zezinhlamvu zesiLatini:
uphawu "Ι‘" kufana "a", "Ι‘"-"g", "Ι©"-"l".

Ikhono lokubhalisa izizinda zobugebengu bokweba imininingwane ebucayi ezinezinhlamvu ze-unicode ezifanayo egameni

Amathuba okubhalisa izizinda lapho i-alfabhethi yesiLatini ixubene nezinhlamvu ze-Unicode ezicacisiwe ikhonjwe umbhalisi u-Verisign (abanye ababhalisi abazange bahlolwe), futhi izizinda ezingaphansi zakhiwe kumasevisi we-Amazon, Google, Wasabi kanye ne-DigitalOcean. Inkinga yatholwa ngoNovemba ngonyaka odlule futhi, naphezu kwezaziso ezithunyelwe, ezinyangeni ezintathu kamuva yalungiswa ngomzuzu wokugcina kuphela e-Amazon naseVerisign.

Ngesikhathi sokuhlolwa, abacwaningi basebenzise u-$400 ukuze babhalise izizinda ezilandelayo nge-Verisign:

  • amzon.com
  • chsese.com
  • icompho.com
  • Ngobese.com
  • .comppΙ©e.com
  • ebyy.com
  • .static.com
  • ushusomp.com
  • lindokuhle.co.za
  • lemaha.com
  • khulamaweb.com
  • amadinga.com
  • lolahl.com
  • wssbisys.com
  • yuhoo.com
  • cΙ©oudfΙ©are.com
  • deΙ©Ι©.com
  • gmΙ‘iΙ©.com
  • www.gooΙ‘leapis.com
  • huffinkungiza.com
  • insikitweb.com
  • microsoftonΙ©ine.com
  • Ngobese
  • Ι‘android.com
  • netfix.com
  • mehlohl
  • Ι‘oogΙ©e.com

Abacwaningi baphinde bethula isevisi ye-inthanethi ukuhlola izizinda zakho ukuze uthole ezinye izindlela ezingasetshenziswa ngama-homoglyphs, okuhlanganisa ukuhlola izizinda esezibhalisiwe kanye nezitifiketi ze-TLS ezinamagama afanayo. Ngokuqondene nezitifiketi ze-HTTPS, izizinda ezingama-300 ezinama-homoglyphs zahlolwa ngamalogi eSitifiketi Sokukhanyela, lapho ukukhiqizwa kwezitifiketi kwarekhodwa izikhathi eziyi-15.

Iziphequluli zamanje ze-Chrome neFirefox zibonisa izizinda ezinjalo kubha yekheli esibhalweni esinesiqalo esithi β€œxn--β€œ, nokho, kuzixhumanisi izizinda zivela ngaphandle kokuguqulwa, ezingasetshenziswa ukufaka izinsiza ezinonya noma izixhumanisi emakhasini, ngokucasha. yokuwalanda kumasayithi asemthethweni . Isibonelo, kwesinye sezizinda ezikhonjiwe ezinama-homoglyphs, ukusatshalaliswa kwenguqulo enonya yelabhulali ye-jQuery kwarekhodwa.

Source: opennet.ru

Engeza amazwana