Safe Browsing should not check public suffixes

ASSIGNED
Assigned to

Status

()

defect
P2
normal
ASSIGNED
4 years ago
5 months ago

People

(Reporter: francois, Assigned: manishkk)

Tracking

({good-first-bug})

Firefox Tracking Flags

(Not tracked)

Details

Reporter

Description

4 years ago
The Safe Browsing simplified regex lookup (https://developers.google.com/safe-browsing/developers_guide_v2#RegexLookup) says that we can skip top-level domains: "up to 4 hostnames formed by starting with the last 5 components and successively removing the leading component. The top-level domain can be skipped"

I noticed from the logs posted in bug 1164518 that we don't do this:

    Checking fragment tokyo-ame.jwa.or.jp/ja/
    Checking fragment tokyo-ame.jwa.or.jp/ja/images/
    Checking fragment tokyo-ame.jwa.or.jp/ja/images/button/
    Checking fragment tokyo-ame.jwa.or.jp/ja/images/button/headmenu/home_on.gif
    Checking fragment tokyo-ame.jwa.or.jp/
    Checking fragment or.jp/ja/
    Checking fragment or.jp/ja/images/
    Checking fragment or.jp/ja/images/button/
    Checking fragment or.jp/ja/images/button/headmenu/home_on.gif
    Checking fragment or.jp/
    Checking fragment jwa.or.jp/ja/
    Checking fragment jwa.or.jp/ja/images/
    Checking fragment jwa.or.jp/ja/images/button/
    Checking fragment jwa.or.jp/ja/images/button/headmenu/home_on.gif
    Checking fragment jwa.or.jp/

where "or.jp" is a TLD (http://jprs.co.jp/en/jpdomain.html).

I suggest we exclude all public suffixes from our checks to prevent accidental things like ".co.uk", ".com" or ".geek.nz" getting a partial hit since that would increase latency for a lot of websites.
Reporter

Updated

3 years ago
Priority: -- → P2
Reporter

Updated

3 years ago
Keywords: good-first-bug
Priority: P2 → P3
Priority: P3 → P2
Assignee

Comment 2

5 months ago

I would like to work on this bug.

Please let me know If I am looking at the wrong code.
https://searchfox.org/mozilla-central/source/toolkit/components/url-classifier/LookupCache.cpp#326-380

Flags: needinfo?(senglehardt)
Assignee

Updated

5 months ago
Assignee: nobody → 1991manish.kumar

Hi Manish, Thank you for helping!

(In reply to Manish [:manishkk] from comment #2)

I would like to work on this bug.

Please let me know If I am looking at the wrong code.
https://searchfox.org/mozilla-central/source/toolkit/components/url-classifier/LookupCache.cpp#326-380
This is for Path, Host[1] should be the one you are looking for.

[1] https://searchfox.org/mozilla-central/rev/c035ee7d3a5cd6913e7143e1bce549ffb4a566ff/toolkit/components/url-classifier/LookupCache.cpp#298-324

Status: NEW → ASSIGNED
Flags: needinfo?(senglehardt)
You need to log in before you can comment on or make changes to this bug.