Back in the day, hostnames could only consist of the letters A to Z, digits, and a few other characters. Internationalized Domain Names (IDNs) were devised to support arbitrary Unicode characters in hostnames in a backward-compatible way. This works by having user agents transform a hostname containing Unicode characters beyond ASCII to one fitting the traditional mold, which can then be sent on to DNS servers. For example, http://öbb.at is transformed to http://xn--bb-eka.at. The transformed form is called ASCII Compatible Encoding (ACE) made up of the four character prefix ( xn-- ) and the punycode representation of Unicode characters.

Ideally, user agents could always display the Unicode version of a hostname. However, different characters from different languages can look very similar, and this can make phishing attacks possible. For example, the Latin "a" looks a lot like the Cyrillic "а", so someone could register http://ebаy.com (http://xn--eby-7cd.com/), which would easily be mistaken for http://ebay.com. This is called a homograph attack.

In a perfect world, domain registrars would not allow such nefarious domain names to be registered. Some TLD registrars do exactly that, mostly by restricting the characters allowed, but many do not. For some TLDs that are meant to be international, this would be nontrivial to do (e.g., .com).

As a result, all browsers try to protect against homograph attacks by displaying punycode instead of the original IDN if the hostname does not fulfill certain properties. They try to do this in a way that allows IDN to be shown for valid hostnames, but protects against phishing.

Google Chrome decides if it should show Unicode or punycode for each domain label (component) of a hostname separately. To decide if a component should be shown in Unicode, Google Chrome uses the following algorithm:

• Convert each component stored in the ACE to Unicode per UTS 46 transitional processing (ToUnicode).
• If there is an error in ToUnicode conversion (e.g. contains disallowed characters, starts with a combining mark, or violates BiDi rules), punycode is displayed.
• If any character is outside the union of the following sets, punycode is displayed.
• Characters allowed in identifiers per Unicode Technical Standard 39 (UTS 39)
• Characters suitable for identifiers in 5 Aspirational scripts per Unicode Standard Annex 31 (UAX 31)  
• If the component contains either U+0338 or U+2027, punycode is displayed.
• If the component uses characters drawn from multiple scripts, it is subject to a script mixing check based on "Moderately Restrictive" profile of UTS 39 with an additional restriction on Latin. Failing the check, the component is shown in punycode. 
• Latin, Cyrillic or Greek characters cannot be mixed with each other
• Latin characters in the ASCII range can be mixed with characters in another script as long as it's not Greek nor Cyrillic. 
• Han (CJK Ideographs) can be mixed with Bopomofo 
• Han can be mixed with Hiragana and Katakana
• Han can be mixed with Korean Hangul 
• If two or more numbering systems (e.g. European digits + Bengali digits) are mixed, punycode is shown.
• If there are any invisible characters (e.g. a sequence of the same combining mark or a sequence of Kana combining marks), punycode is shown. 
• Test the label for mixed script confusable per UTS 39. If mixed script confusable is detected, show punycode.
• If the label matches a dangerous pattern, punycode is shown
• Otherwise, Unicode is shown. 

IE

Firefox

Opera

Safari