url_formatter: Remove U+2010 from the displayable character set.

components/url_formatter/url_formatter.cc

Index: components/url_formatter/url_formatter.cc
diff --git a/components/url_formatter/url_formatter.cc b/components/url_formatter/url_formatter.cc
index 43b53412202bea9b87c8d46a6dccd4a85ceb626d..a93bf1154c333fbd7b268855f60a3eac3b250353 100644
--- a/components/url_formatter/url_formatter.cc
+++ b/components/url_formatter/url_formatter.cc
@@ -462,6 +462,8 @@ void IDNSpoofChecker::SetAllowedUnicodeSet(UErrorCode* status) {
   // U+0338 is included in the recommended set, while U+05F4 and U+2027 are in
   // the inclusion set. However, they are blacklisted as a part of Mozilla's
   // IDN blacklist (http://kb.mozillazine.org/Network.IDN.blacklist_chars).
+  // U+2010 is in the inclusion set, but we drop it because it can be confused
+  // with an ASCII U+002D (Hyphen-Minus).
   // U+0338 and U+2027 are dropped; the former can look like a slash when
   // rendered with a broken font, and the latter can be confused with U+30FB
   // (Katakana Middle Dot). U+05F4 (Hebrew Punctuation Gershayim) is kept,
@@ -469,6 +471,7 @@ void IDNSpoofChecker::SetAllowedUnicodeSet(UErrorCode* status) {
   // should be safe. When used with a non-Hebrew script, it'd be filtered by
   // other checks in place.
   allowed_set.remove(0x338u);   // Combining Long Solidus Overlay
+  allowed_set.remove(0x2010u);  // Hyphen
   allowed_set.remove(0x2027u);  // Hyphenation Point
 
   uspoof_setAllowedUnicodeSet(checker_, &allowed_set, status);