Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
lib
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

ruby-homograph-detector

Ruby gem for determining whether a given URL is considered an IDN homograph attack. The underlying algorithm used in this gem is loosely based on Google Chrome’s IDN display algorithm. To learn more about why and how you defend against homograph attacks, see this blog post.

Installation

Install the homograph-detector gem, or add it to your Gemfile with bundler:

# In your Gemfile
gem 'homograph-detector'

Usage

The homograph-detector gem provides a single function homograph_attack? which takes a URL string and determines if the URL is considered a homograph attack:

HomographDetector.homograph_attack?('<your URL here>')

Examples

URL with Latin characters:

HomographDetector.homograph_attack?('https://paypal.com') # false

URL with confusable Cyrillic characters:

HomographDetector.homograph_attack?('https://раураӏ.com') # true

URL with non-confusable Cyrillic characters:

HomographDetector.homograph_attack?('http://яндекс.рф') # false

URL with multiple scripts:

# Greek and Latin
HomographDetector.homograph_attack?('wikiρedia.org') # true

# Japanese and Latin
HomographDetector.homograph_attack?('hello你好.com') # false

License

Licensed under Apache License, Version 2.0 (LICENSE.txt or http://www.apache.org/licenses/LICENSE-2.0).

For a summary of the licenses used by ruby-homograph-detector’s dependencies, see NOTICE.md.

About

🕵️‍♀️🕵️‍♂️ Ruby gem for determining whether a given URL is considered an IDN homograph attack

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages