Ruby gem for determining whether a given URL is considered an IDN homograph attack. The underlying algorithm used in this gem is loosely based on Google Chrome’s IDN display algorithm. To learn more about why and how you defend against homograph attacks, see this blog post.
Install the homograph-detector gem, or add it to your Gemfile with bundler:
# In your Gemfile
gem 'homograph-detector'The homograph-detector gem provides a single function homograph_attack? which takes a URL string and determines if the URL is considered a homograph attack:
HomographDetector.homograph_attack?('<your URL here>')URL with Latin characters:
HomographDetector.homograph_attack?('https://paypal.com') # falseURL with confusable Cyrillic characters:
HomographDetector.homograph_attack?('https://раураӏ.com') # trueURL with non-confusable Cyrillic characters:
HomographDetector.homograph_attack?('http://яндекс.рф') # falseURL with multiple scripts:
# Greek and Latin
HomographDetector.homograph_attack?('wikiρedia.org') # true
# Japanese and Latin
HomographDetector.homograph_attack?('hello你好.com') # falseLicensed under Apache License, Version 2.0 (LICENSE.txt or http://www.apache.org/licenses/LICENSE-2.0).
For a summary of the licenses used by ruby-homograph-detector’s dependencies, see NOTICE.md.