url_formatter: Update comments for clarity.

components/url_formatter/url_formatter.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/url_formatter/url_formatter.h"
 
 #include <algorithm>
 #include <utility>
 
 #include "base/lazy_instance.h"
@@ skipping 441 matching lines @@
           // Miao
           "\\U00016F00-\\U00016F44\\U00016F50-\\U00016F7E"
           "\\U00016F8F-\\U00016F9F]",
           -1, US_INV),
       *status);
   allowed_set.addAll(aspirational_scripts);
 #else
 #error "Update aspirational_scripts per Unicode 10.0"
 #endif
 
-  // U+0338 is included in the recommended set, while U+05F4 and U+2027 are in
-  // the inclusion set. However, they are blacklisted as a part of Mozilla's
-  // IDN blacklist (http://kb.mozillazine.org/Network.IDN.blacklist_chars).
-  // U+2010 is in the inclusion set, but we drop it because it can be confused
-  // with an ASCII U+002D (Hyphen-Minus).
-  // U+0338 and U+2027 are dropped; the former can look like a slash when
-  // rendered with a broken font, and the latter can be confused with U+30FB
-  // (Katakana Middle Dot). U+05F4 (Hebrew Punctuation Gershayim) is kept,
-  // even though it can look like a double quotation mark. Using it in Hebrew
-  // should be safe. When used with a non-Hebrew script, it'd be filtered by
-  // other checks in place.
-  allowed_set.remove(0x338u);   // Combining Long Solidus Overlay
-  allowed_set.remove(0x2010u);  // Hyphen
-  allowed_set.remove(0x2027u);  // Hyphenation Point
+  // The sections below refer to Mozilla's IDN blacklist:
+  // http://kb.mozillazine.org/Network.IDN.blacklist_chars
+  //
+  // U+0338 (Combining Long Solidus Overlay) is included in the recommended set,
+  // but is blacklisted by Mozilla. It is dropped because it can look like a
+  // slash when rendered with a broken font.
+  allowed_set.remove(0x338u);
+  // U+05F4 (Hebrew Punctuation Gershayim) is in the inclusion set, but is
+  // blacklisted by Mozilla. We keep it, even though it can look like a double
+  // quotation mark. Using it in Hebrew should be safe. When used with a
+  // non-Hebrew script, it'd be filtered by other checks in place.
+  //
+  // U+2010 (Hyphen) is in the inclusion set, but we drop it because it can be
+  // confused with an ASCII U+002D (Hyphen-Minus).
+  allowed_set.remove(0x2010u);
+  // U+2027 (Hyphenation Point) is in the inclusion set, but is blacklisted by
+  // Mozilla. It is dropped, as it can be confused with U+30FB (Katakana Middle
+  // Dot).
+  allowed_set.remove(0x2027u);
 
   uspoof_setAllowedUnicodeSet(checker_, &allowed_set, status);
 }
 
 // Returns true if the given Unicode host component is safe to display to the
 // user. Note that this function does not deal with pure ASCII domain labels at
 // all even though it's possible to make up look-alike labels with ASCII
 // characters alone.
 bool IsIDNComponentSafe(base::StringPiece16 label) {
   return g_idn_spoof_checker.Get().Check(label);
@@ skipping 313 matching lines @@
   return base::StartsWith(text, www, base::CompareCase::SENSITIVE)
       ? text.substr(www.length()) : text;
 }
 
 base::string16 StripWWWFromHost(const GURL& url) {
   DCHECK(url.is_valid());
   return StripWWW(base::ASCIIToUTF16(url.host_piece()));
 }
 
 }  // namespace url_formatter