Open
Bug 1259043
Opened 8 years ago
Updated 2 years ago
Adult Content is allowed in Child Mode when Video DownloadHelper is installed
Categories
(Core :: General, defect)
Tracking
()
NEW
Tracking | Status | |
---|---|---|
firefox48 | --- | affected |
People
(Reporter: sbadau, Unassigned)
References
(Blocks 1 open bug)
Details
[Note]: - Issue found on the Nightly try build from: https://archive.mozilla.org/pub/firefox/try-builds/dkeeler@mozilla.com-68763a0d343f41ad9370f145abacf55068334806/ Mozilla/5.0 (Windows NT 6.3; rv:47.0) Gecko/20100101 Firefox/47.0 Build ID:20160210105908 [Affected versions]: - Nightly 47.0a1 [Affected platforms]: - Windows 8.1 [Steps to reproduce]: 1. On Windows 8.1 log in as an ADMIN and create a LOCAL Child Account 2. Install the Nightly try build 3. Switch to the created CHILD account 4. Launch the installed try build from step 2 and add the preference "security.family_safety.mode"= 2 in about:config 5. Install the Video DownloadHelper add-on from: https://addons.mozilla.org/en-US/firefox/addon/video-downloadhelper/?src=hp-dl-mostpopular 6. In the Navigation Bar click on the Supported Sites button (located in the right side of the Video DownloadHelper button) 7. In the new opened list -> click on any of the sites - > and then click on the Visit site button 8. Confirm that you are 18. [Expected result]: The Child should not be allowed to visit Adult Content websites if the parent does not allow it. [Actual result]: The child can visit Adult Content websites. [Regression range]: Not a regression. [Additional notes]: The generated links can also be opened in IE or Chrome.
Comment 1•8 years ago
|
||
> [Additional notes]: > The generated links can also be opened in IE or Chrome. Because this affects all the browser vendors, I'm assuming this has something to do with those particular websites not honouring the prefer:safe header. Example of a website that's being blocked that honours the prefer:safe header: Host: familysafety.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Prefer: safe Referer: http://www.websitethatyournotoldenoughtosee!!!.com/ Connection: keep-alive Cache-Control: max-age=0 Simona, could you go through the same test case once again but this time capture the HTTP headers and see if prefer:safe is being used for those particular websites that are being loaded?
Flags: needinfo?(simona.marcu)
Reporter | ||
Comment 2•8 years ago
|
||
Kamil, I went through all the HTTP Headers for all the given requests (used the Network monitor developer tool) and Prefer: "safe" is used for all of them.
Flags: needinfo?(simona.marcu)
Reporter | ||
Updated•8 years ago
|
Reporter | ||
Updated•8 years ago
|
Comment 3•8 years ago
|
||
Maybe those particular websites are not on Microsoft's Family Safety blocklist? I'm not sure how MS determines which websites are safe and which ones are not. Either way, I don't think this will get fixed/looked at any time soon as it affects all the vendors. I'm assuming if MS ever does add those sites to a blocklist, it will most likely trickle down to Chrome/FX through the Family Safety mechanism.
This seems to be a parental controls/Prefer: safe issue, so PSM isn't the appropriate component.
Component: Security: PSM → General
Comment 5•7 years ago
|
||
I'm the developer of Video DownloadHelper. This add-on has its own safe mode which prevents any link to adult material to show up on the supported sites list, now hosted on the downloadhelper.net site. If there is any way to know the user has already expressed in Firefox a desire for not seeing any adult content, i would gladly connect this into Video DownloadHelper. Any pointer to give me guidance ?
Looks like there's a parental controls service that might expose the information you need: https://dxr.mozilla.org/mozilla-central/source/toolkit/components/parentalcontrols/nsIParentalControlsService.idl
Comment 7•7 years ago
|
||
I see what is to be done in VDH code to take care of that and it's not a big deal, but i haven't been able to setup a configuration in Windows 10 where Cc["@mozilla.org/parental-controls-service;1"].createInstance(Ci.nsIParentalControlsService).parentalControlsEnabled would return true. Created a child account, requested to block inappropriate content for that account: still returning false. Any clue would be welcome.
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•