From ad6ceb30fbbfe5bcd4a24c76c42b04faa1bd0fcd Mon Sep 17 00:00:00 2001
From: Valentin Gosu <valentin.gosu@gmail.com>
Date: Fri, 25 Nov 2022 14:25:47 +0000
Subject: [PATCH] Bug 1473911 - Fix URL spoofing combining dot + ijk
 r=necko-reviewers,jesup

Differential Revision: https://phabricator.services.mozilla.com/D161783
---
 netwerk/dns/nsIDNService.cpp        | 5 +++++
 netwerk/test/unit/test_idn_spoof.js | 8 ++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/netwerk/dns/nsIDNService.cpp b/netwerk/dns/nsIDNService.cpp
index 87194c206fed..5455cff38afe 100644
--- a/netwerk/dns/nsIDNService.cpp
+++ b/netwerk/dns/nsIDNService.cpp
@@ -701,6 +701,11 @@ bool nsIDNService::isLabelSafe(const nsAString& label) {
       return false;
     }
 
+    if (ch == 0x307 &&
+        (previousChar == 'i' || previousChar == 'j' || previousChar == 'l')) {
+      return false;
+    }
+
     // Check for mixed numbering systems
     auto genCat = GetGeneralCategory(ch);
     if (genCat == HB_UNICODE_GENERAL_CATEGORY_DECIMAL_NUMBER) {
diff --git a/netwerk/test/unit/test_idn_spoof.js b/netwerk/test/unit/test_idn_spoof.js
index b71efb02afc0..b14ce9ade587 100644
--- a/netwerk/test/unit/test_idn_spoof.js
+++ b/netwerk/test/unit/test_idn_spoof.js
@@ -201,13 +201,13 @@ let testCases = [
   // The following three are detected by |dangerous_pattern| regex, but
   // can be regarded as an extension of blocking repeated diacritic marks.
   // i followed by U+0307 (combining dot above)
-  ["xn--pixel-8fd.com", "pi\u0307xel.com", kUnsafe, "DISABLED"],
+  ["xn--pixel-8fd.com", "pi\u0307xel.com", kUnsafe],
   // U+0131 (dotless i) followed by U+0307
   ["xn--pxel-lza43z.com", "p\u0131\u0307xel.com", kUnsafe],
   // j followed by U+0307 (combining dot above)
-  ["xn--jack-qwc.com", "j\u0307ack.com", kUnsafe, "DISABLED"],
+  ["xn--jack-qwc.com", "j\u0307ack.com", kUnsafe],
   // l followed by U+0307
-  ["xn--lace-qwc.com", "l\u0307ace.com", kUnsafe, "DISABLED"],
+  ["xn--lace-qwc.com", "l\u0307ace.com", kUnsafe],
 
   // Do not allow a combining mark after dotless i/j.
   ["xn--pxel-lza29y.com", "p\u0131\u0300xel.com", kUnsafe],
@@ -344,7 +344,7 @@ let testCases = [
   // mail.đigklmo68.co.uk:
   ["mail.xn--igklmo68-kcb.co.uk", "mail.\u0111igklmo68.co.uk", kUnsafe, "DISABLED"],
   // di̇gklmo68.com:
-  ["xn--digklmo68-6jf.com", "di\u0307gklmo68.com", kUnsafe, "DISABLED"],
+  ["xn--digklmo68-6jf.com", "di\u0307gklmo68.com", kUnsafe],
   // dig̱klmo68.com:
   ["xn--digklmo68-7vf.com", "dig\u0331klmo68.com", kUnsafe, "DISABLED"],
   // digĸlmo68.com: