kuesji
commented
2 years ago yes, this is nice idea but i need to find a good way to not ruin user experience. it will be problem to editing url if i just show idn version of domain like your suggestion. maybe putting visible version as editable and idn version as warning will solve ux.
( who can edit domain in idn format? i can't )
To prevent phishing, it would be nice, when Link eye would also show punycode. So that you can see the difference between https://аррӏе.com/ (punycode version: https://www.xn--80ak6aa92e.com/) and https://apple.com/. Also see https://en.wikipedia.org/wiki/IDN_homograph_attack https://en.wikipedia.org/wiki/Punycode
An example implementation you can find in FairEmail https://github.com/M66B/FairEmail/blob/cf2c5482ecc5166c61c2add3cfcc61c574a2353e/app/src/main/java/eu/faircode/email/FragmentDialogOpenLink.java#L151-L158. Fairemail shows both, the link and the punycode version of the link, if the link contains non-latein characters https://github.com/M66B/FairEmail/blob/cf2c5482ecc5166c61c2add3cfcc61c574a2353e/app/src/main/java/eu/faircode/email/FragmentDialogOpenLink.java#L450-L453 Like this screenshot shows: