Hacker News new | past | comments | ask | show | jobs | submit login

And .dev.

Nothing is really safe. Maybe an emoticon? IIRC, the use of emoticons was stopped after someone registered the poop symbol on .la.




from a dns server zonefile perspective, it's still plaintext, just some unicode string with the xn-- prefix on it...

https://en.wikipedia.org/wiki/Internationalized_domain_name

https://panic.com/blog/the-worlds-first-emoji-domain/

http://xn--ls8h.la/

unicode 1f32e is the taco emoji, so i think I will be migrating all my internal things to http://servername.1f32e


What's worse about dev is that chrome auto-forwarded to the https version even if you were using it internally for testing using your hosts file.


That is the hsts preload list, used across bruises; .dev is no different than any other domain on the list, only that it was the first tld




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: