Expose the table that caused a warning page to show up

RESOLVED FIXED

Status

()

P3
normal
RESOLVED FIXED
4 years ago
a year ago

People

(Reporter: hectorz, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

4 years ago
Currently, reportURL for phishing and malware tables both points to Google. For addition of new tables from extension, we should be able to assign reportURL per-table (including maybe disable report feature if the data provider doesn't have a user facing page for this).
I think the problem here is that reportURL doesn't actually properly work per table. People will report sites that aren't blacklisted yet so they have no corresponding table.

If we support multiple malware/phishing providers I think our only option is to set up our own page and then have a backend that handles the submissions to all our list providers.
I think that's right. Fortunately it is already redirecting through us so no client changes will be needed.
Doug, do you know who could own the Mozilla-webserver-side of this?
Flags: needinfo?(dougt)
We would need to ask a favor from either Sylvie V's team (IT) or Mark Mayo (cloud services).
Alternatively, we could get a PM from Mark's team (Bill Maggs) or platform (Martin Best) to wrangle everyone for us.
Blocks: 1149867
Over to sworkman for triage.
Assignee: nobody → sworkman
Flags: needinfo?(dougt)
Francois, do you know who from Services could look at this? (Assuming comment #2 is right).
Flags: needinfo?(francois)
If you're looking for someone to build a service to collect and aggregate reports from users, then you should probably talk to Toby.
Flags: needinfo?(francois)
Toby, flagging this with you.
Flags: needinfo?(telliott)
Can we do a quick meeting to make sure I understand exactly what we need? My calendar is up to date.
Flags: needinfo?(telliott)
Not a super high priority right now. Let's circle back around Nightly 43/44. Thanks Toby!
Component: DOM: Security → Safe Browsing
Product: Core → Toolkit
Until we have multiple phishing/malware providers, we don't need this.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX
WONTFIX implies the bug will never be fixed (and a patch to do so would be rejected immediately). I do not think that's the case here. For one, your comment starts with "Until..." which is quite different from "never".
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
(In reply to Gian-Carlo Pascutto [:gcp] from comment #13)
> WONTFIX implies the bug will never be fixed (and a patch to do so would be
> rejected immediately). I do not think that's the case here.

The other issue (which the new title should highlight) is that this is ultimately a bug about creating a new cloud service to receive reports from users and forward them on to Safe Browsing providers. It doesn't really fit in this Product/Component.
Priority: -- → P5
Summary: Make it possible to set reportURL for safe browsing tables per-table → Setup a new backend service to respond to malware/phishing reports and forward them to Safe Browsing providers
After talking to Hector, it turns out that what we need is a way to expose the table/provider that caused the interstitial page to show up.

This will also be useful if we implement the opt-in URI reporting to Safe Browsing providers.
Assignee: sworkman → nobody
Summary: Setup a new backend service to respond to malware/phishing reports and forward them to Safe Browsing providers → Expose the table that caused a warning page to show up
Priority: P5 → P3
See Also: → bug 1288633
The support for this was added as part of bug 1366384.
Status: REOPENED → RESOLVED
Last Resolved: 3 years agoa year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.