From 1583d6de6cfdf139e0ee281a54fc4f3d5d588574 Mon Sep 17 00:00:00 2001
From: Vladimir Krylov <vladimir.krylov@perfectline.co>
Date: Tue, 1 Dec 2015 02:13:39 +0200
Subject: [PATCH] fix Nameserver security

---
 app/models/reserved_domain.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/models/reserved_domain.rb b/app/models/reserved_domain.rb
index 936c744bf..09d72ec17 100644
--- a/app/models/reserved_domain.rb
+++ b/app/models/reserved_domain.rb
@@ -9,7 +9,9 @@ class ReservedDomain < ActiveRecord::Base
 
   class << self
     def pw_for(domain_name)
-      by_domain(domain_name).select("names -> '#{domain_name}' AS pw").first.try(:pw)
+      name_in_unicode = SimpleIDN.to_ascii(domain_name)
+      by_domain(domain_name).select("names -> '#{domain_name}' AS pw").first.try(:pw) ||
+          by_domain(name_in_unicode).select("names -> '#{name_in_unicode}' AS pw").first.try(:pw)
     end
 
     def by_domain name