Closed Bug 1048996 Opened 10 years ago Closed 10 years ago

webmaster.yandex.ru

Categories

(WebExtensions :: General, defect)

Product:
WebExtensions
Component:
General
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: gorodholm, Unassigned)

References

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0 (Beta/Release)
Build ID: 20140314220517

Steps to reproduce:

Visit any site that Firefox believes is infected with a virus( http://billing.websouls.com as of now). Red warning will appear. Press "ignore this warning". Red bar will then appear. Press "this isn't an attack site".
A new tab will open with an error: 500 Internal Server Error.

The page that opens has the following url:

http://webmaster.yandex.ru/delspam.xml?l10n=en-US&request=Page%20looks%20like%20not%20malware&&url=http%3A%2F%2Fbilling.websouls.com%2Fknowledgebase.php


Actual results:

Page with an error opened


Expected results:

Seeing a working page.
Why do you think it's a Firefox issue? It's more a webiste issue, same 500 Internal Server Error with IE11.

Did you test with another browser?
Flags: needinfo?(gorodholm)
As far as I can remember older Firefox versions used other websites to submit false alarms.
Some like this one https://www.google.com/safebrowsing/report_error/?tpl=mozilla

So my guess is while migrating to http://webmaster.yandex.ru something got broken and is not functioning at the moment.

Also if I'm not mistaken yandex does not have a page for similar submission(you have to register at webmaster first).

I noticed that the target page isn't working because of l10n param being set to some value. If it's empty or absent the link opens fine. But the page that opens is not for such submissions. It allows users to inform yandex of spammy websites.

working example:
http://webmaster.yandex.ru/delspam.xml?l10n=&request=Page%20looks%20like%20not%20malware&&url=http%3A%2F%2Fbilling.websouls.com%2Fknowledgebase.php
Flags: needinfo?(gorodholm)
Will try to get in touch with yandex.
What you try to open with IE is that Firefox tries to access. So if the link would be "http://s.o.m.e.t.e.s.t" Ie would not open it either.
What locale of Firefox do you use, and if you restart with add-ons disabled and/or try in a new profile, does clicking "this isn't an attack site" still open the same page?

The l10n parameter points to en-US, and I don't think we switched to yandex for en-US - but if I don't know what locale you *are* using, I also can't test this. In any case, I suspect this is an add-on/pref issue with your profile...
Flags: needinfo?(gorodholm)
Note in particular that "delspam.xml" isn't in any of our l10n files: http://mxr.mozilla.org/l10n-central/search?string=delspam.xml
Seems that a new profile did help. I believe it all because of yandex toolbar which has been once installed and then uninstalled. It mustn't have reverted changes it make to my Firefox profile.
Flags: needinfo?(gorodholm)
(In reply to Peter from comment #7)
> Seems that a new profile did help. I believe it all because of yandex
> toolbar which has been once installed and then uninstalled. It mustn't have
> reverted changes it make to my Firefox profile.

Thanks for letting us know!

Kris, can we tell yandex about this and/or get them to not touch the relevant pref? I don't think they really should be changing it (especially not to a URL that isn't actually working). :-\
Component: Untriaged → Add-ons
Flags: needinfo?(kmaglione+bmo)
Product: Firefox → Tech Evangelism
Version: 28 Branch → Trunk
I'm not sure that there's much we can do about this. I can confirm that the Yandex Elements add-on changes the safe browsing update URLs. Unfortunately, it doesn't violate any policies, other than failing to revert the changes when the add-on is removed.

I'll file a separate bug for that. We can ask them not to make the changes at all, in the process, but we can't really compel them to comply.
Flags: needinfo?(kmaglione+bmo)
Depends on: 1049967
Per my testing and verifying with Yandex, they addressed the issue server-side, the page should be working now.  The upcoming release 8.7.1 reverts the safe browsing pref on uninstall, other prefs will be fixed in the next release.  (I'm not surprised or concerned that the l10n param doesn't switch the page to English)
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Depends on: 1094596
Resolution: --- → WORKSFORME
Component: Add-ons → General
Product: Tech Evangelism → WebExtensions
You need to log in before you can comment on or make changes to this bug.