Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Status bar hides some Unicode characters

  • 3 replies
  • 0 have this problem
  • Last reply by cor-el

more options

I was reading https://embracethered.com/blog/posts/2024/m365-copilot-prompt-injection-tool-invocation-and-data-exfil-using-ascii-smuggling/ and hovered over the hxxtp://wuzzi[.]net link.

I noticed that the status bar on firefox shows the same text as the on-page text. It doesn't render the unicode url in full. I tried finding a bug describing this, but couldn't find one.

Sample URL:

https://wuzzi.net

I was reading https://embracethered.com/blog/posts/2024/m365-copilot-prompt-injection-tool-invocation-and-data-exfil-using-ascii-smuggling/ and hovered over the hxxtp://wuzzi[.]net link. I noticed that the status bar on firefox shows the same text as the on-page text. It doesn't render the unicode url in full. I tried finding a bug describing this, but couldn't find one. Sample URL: [https://wuzzi.net/%F3%A0%81%94%F3%A0%81%B2%F3%A0%81%B5%F3%A0%81%B3%F3%A0%81%B4%F3%A0%81%8E%F3%A0%81%AF%F3%A0%81%81%F3%A0%81%89 https://wuzzi.net]
Attached screenshots

Modified by little.sock3082

Chosen solution

Can you report it on https://bugzilla.mozilla.org ? Thanks.

Read this answer in context 👍 0

All Replies (3)

more options

Chosen Solution

Can you report it on https://bugzilla.mozilla.org ? Thanks.

Helpful?

more options

OK, this is bug 1915595 for reference.

Helpful?

more options

Note that those Unicode characters are part of the E0000-E007F code block that contains tagged characters and that are not expected to display, so it is expected that you got some representation.

Special Attention: Code points displayed in this page are for special purposes. They are not displayable characters, and in particular are not allowed to be used in HTML.

Modified by cor-el

Helpful?

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.