Closed Bug 327226 Opened 18 years ago Closed 17 years ago

www prefix can confuse the phishing detector

Categories

(Thunderbird :: Mail Window Front End, defect)

Product:
Thunderbird
Component:
Mail Window Front End
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
Thunderbird2.0

People

(Reporter: mscott, Assigned: mkmelin)

Details

(Keywords: fixed-seamonkey1.1.2, fixed1.8.1.3)

Attachments

(1 file)

proposed fix (checked in trunk / 1.8 branch)
1.75 KB, patch
iannbugzilla
: review+
mscott
: superreview+
mscott
: approval-thunderbird2+
Details | Diff | Splinter Review 
Rafael had an e-mail sig that had a URL of:

actual anchor src: http://www.mozilla.org
user text: http://mozilla.org

This triggered the phishing detector because we detected that the url being shown to the user did not match the actual url you would get taken too.

I wonder if we should hack a check for "www." and strip that off the front of the host name before doing the comparison.
Target Milestone: --- → Thunderbird2.0
Keywords: helpwanted
Scott, is this a decision then?  Must the phising detection strip www from the hostname?

If so, I'll take this.  The phishing code will be easy to change to add this.
Status: NEW → ASSIGNED
I think we should do it. 

I can't see a problem with saying
www.foo.org is the same host as foo.org
cc'ing Ray since he expressed an interest in helping out with this.
Yes, I'll take this.  Patch forthcoming.  Do you have a preference for a regex match or just strip any www?
Assignee: mscott → bugzilla.mozilla
Status: ASSIGNED → NEW
Don't mark as scam for host mismatch on only www prefix.
Assignee: raybooysen → mkmelin+mozilla
Status: NEW → ASSIGNED
Attachment #255131 - Flags: superreview?(mscott)
Attachment #255131 - Flags: review?(mscott)
Keywords: helpwanted
OS: Windows XP → All
Hardware: PC → All
Comment on attachment 255131 [details] [diff] [review]
proposed fix (checked in trunk / 1.8 branch)

sr=me, you might need a seamonkey reviewer to ok the mainews version. I'd recommend iann@arlen.demon.co.uk.

Magnus, it might also be interesting to spin up a separate bug to look at using the new TLD (top level domain) stuff available on the trunk so   urls that have the same top level domain are considered safe.
Attachment #255131 - Flags: superreview?(mscott) → superreview+
Comment on attachment 255131 [details] [diff] [review]
proposed fix (checked in trunk / 1.8 branch)

or you could ask Karsten
Attachment #255131 - Flags: review?(mscott) → approval-thunderbird2+
Attachment #255131 - Flags: review?(iann_bugzilla)
Attachment #255131 - Flags: review?(iann_bugzilla) → review+
Whiteboard: [checkin needed] [checkin needed (1.8 branch)]
mozilla/mail/base/content/phishingDetector.js                1.25
mozilla/mailnews/base/resources/content/phishingDetector.js  1.13
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Whiteboard: [checkin needed] [checkin needed (1.8 branch)] → [checkin needed (1.8 branch)]
I approved and landed the Thunderbird change on the branch. There's no easy way to nominate the seamonkey patch though.
Keywords: fixed1.8.1.3
Whiteboard: [checkin needed (1.8 branch)]
a=me for SM1.1.2, need one more
Whiteboard: approval-seamonkey1.1.2?
Comment on attachment 255131 [details] [diff] [review]
proposed fix (checked in trunk / 1.8 branch)

a=Neil for SM1.1.2 via IRC
Checking in (1.8 branch)
phishingDetector.js;
new revision: 1.1.2.9; previous revision: 1.1.2.8
done
Attachment #255131 - Attachment description: proposed fix → proposed fix (checked in trunk / 1.8 branch)
Keywords: fixed-seamonkey1.1.2
Whiteboard: approval-seamonkey1.1.2?
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: