d5b3ae095c
Inspired by curl's blog post, [Detecting malicious Unicode][1], this likely captures most if not all cases and nudges the user toward supplying IDNs with punycode. A possible improvement would be telling the user exactly what punycode domain to use instead, but that may require another library as I can't quickly find something built into the Ruby stdlib that handles punycode encoding. [1]: https://daniel.haxx.se/blog/2025/05/16/detecting-malicious-unicode/ Co-authored-by: Štefan Baebler <319826+stefanb@users.noreply.github.com>