Open
Bug 1270168
Opened 9 years ago
Updated 9 years ago
Investigate removal of redundant code and prefs in utilityOverlay.js for "Why was this page blocked" button
Categories
(SeaMonkey :: Security, defect)
SeaMonkey
Security
Tracking
(Not tracked)
NEW
People
(Reporter: rsx11m.pub, Unassigned)
References
Details
+++ This bug was initially created as a clone of Bug #1269773 +++
(Quoting rsx11m from bug 1269773 comment #6)
> (In reply to Frank-Rainer Grahl from bug 1269773 comment #5)
> > I think they can go too because they are not suite specific. If FF changed
> > them I would need to look at the code and remove or alter them too.
>
> Looking at
> http://mxr.mozilla.org/comm-central/source/suite/common/utilityOverlay.js#1175
> those are for handling the "Why is this site blocked" button in the
> UI when the page is reported, thus I'd think we still need those.
>
> There is no occurrence of either browser.safebrowsing.warning.infoURL or
> browser.safebrowsing.controlledAccess.infoURL in the mozilla/ tree.
> https://support.mozilla.org/kb/controlledaccess now points to an Firefox for
> Android article "Firefox family-friendly browsing in a restricted profile"
> thus may need to be revised (whatever you wanted to say there). If so, this
> should go into a follow-up bug, unless you have a URL readily available for
> me to plug in instead.
(Quoting rsx11m from bug 1269773 comment #8)
> Found
> https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work
> which in turn points to http://itisatrap.org/firefox/its-a-trap.html
> http://itisatrap.org/firefox/its-an-attack.html and
> http://itisatrap.org/firefox/unwanted.html (where the latter presents me
> with a funny combination of both "Reported Web Forgery!" and "Reported
> Attack Page!" warnings).
>
> Clicking "Why was this page blocked" on neither page does actually use the
> values in the prefs, one points to the exact same page that I've looked up,
> the other to a Google page. Thus, I'd think that those prefs likely can go
> along with the unused code in utilityOverlay.js, *but* in a separate bug.
|
||
Comment 1•9 years ago
|
||
For the controlledaccess please set browser.safebrowsing.forbiddenURIs.enabled to true and try:
http://www.itisatrap.org/firefox/forbidden.html
I just did a straight port of the safebrowsing api. We do not have an ui for it and so neither does Firefox on desktop. This is only good for mobile but I left the code there to ease future portings.
The info url was/is used in mozilla/browser/base/content/browser.js:
>> case "reportButton":
>> // This is the "Why is this site blocked" button. We redirect
>> // to the generic page describing phishing/malware protection.>>
>>
>> // We log even if malware/phishing/unwanted info URL couldn't be found:
>> // the measurement is for how many users clicked the WHY BLOCKED button
>> if (sendTelemetry) {
>> secHistogram.add(nsISecTel[bucketName + "WHY_BLOCKED"]);
>> }
>> openHelpLink("phishing-malware", false, "current");
>> break;
This stuff has been changed since porting.
As long as both work I would let them in the code:) I will need to check if FF changed something since I ported the stuff.
FRG
You need to log in
before you can comment on or make changes to this bug.
Description
•