[Twisted-Python] IDNA problem in twisted
Barry Scott
barry.scott at forcepoint.com
Thu Apr 8 09:43:35 MDT 2021
We just added a patch to our twisted to prevent twisted from doing idna validation.
_idnaBytes and _idnaText not convert from bytes to unicode based on the type of
the provided arg.
We had to do this because there are domain names that youtube.com uses that are
not valid under IDNA-2008 https://tools.ietf.org/html/rfc5891#section-4.2.3.1
For example this URL: https://r2---sn-aigzrn7e.googlevideo.com/generate_204
Firefox is happy to visit this URL and does not change it when its enter
in the address bar.
The comment in the _idna.py code that say this:
"Convert some text typed by a human into some ASCII bytes." and
"Convert some IDNA-encoded octets into some human-readable text"
The key idea here is that its human input that will be converted.
But the code is used deep in the _sslverify.py where no human
input is entered.
I can see why a UI would need to do IDNA-2008 converts and validation
but I'm not clear why its of value deep in the guts of twisted.
Why is this code needed at all in twisted?
If its for a high level API then why isn't it being called at the
edge of the high level API calls?
Barry
More information about the Twisted-Python
mailing list