Closed
Bug 1274685
Opened 8 years ago
Closed 8 years ago
Unowned Safe Browsing tables break list updates
Categories
(Toolkit :: Safe Browsing, defect, P2)
Toolkit
Safe Browsing
Tracking
()
VERIFIED
FIXED
mozilla49
Tracking | Status | |
---|---|---|
firefox49 | --- | verified |
People
(Reporter: francois, Assigned: hchang)
References
Details
Attachments
(2 files, 6 obsolete files)
1.40 KB,
patch
|
francois
:
review+
|
Details | Diff | Splinter Review |
2.74 KB,
patch
|
francois
:
review+
|
Details | Diff | Splinter Review |
If urlclassifier.trackingTable refers to a list that's not included in browser.safebrowsing.provider.mozilla.lists, Safe Browsing updates break. Steps to reproduce: 1. start Firefox and create a new profile (./firefox --no-remote --ProfileManager) 2. go into about:config 3. set browser.safebrowsing.debug = 1 4. remove "mozstd-track-digest256" from browser.safebrowsing.provider.mozilla.lists 5. close Firefox 6. delete the safe browsing diretory (rm ~/.cache/mozilla/firefox/XXXX/safebrowsing/*) 7. start Firefox and look at the terminal output 8. look in the safe browsing directory (ls ~/.cache/mozilla/firefox/XXXX/safebrowsing/) EXPECTED: There should be files in the safe browsing directory: goog-badbinurl-shavar.cache mozstd-track-digest256.pset test-malware-simple.sbstore goog-badbinurl-shavar.pset mozstd-track-digest256.sbstore test-phish-simple.cache goog-badbinurl-shavar.sbstore mozstd-trackwhite-digest256.cache test-phish-simple.pset goog-malware-shavar.cache mozstd-trackwhite-digest256.pset test-phish-simple.sbstore goog-malware-shavar.pset mozstd-trackwhite-digest256.sbstore test-track-simple.cache goog-malware-shavar.sbstore test-block-simple.cache test-track-simple.pset goog-phish-shavar.cache test-block-simple.pset test-track-simple.sbstore goog-phish-shavar.pset test-block-simple.sbstore test-trackwhite-simple.cache goog-phish-shavar.sbstore test-forbid-simple.cache test-trackwhite-simple.pset goog-unwanted-shavar.cache test-forbid-simple.pset test-trackwhite-simple.sbstore goog-unwanted-shavar.pset test-forbid-simple.sbstore test-unwanted-simple.cache goog-unwanted-shavar.sbstore test-malware-simple.cache test-unwanted-simple.pset mozstd-track-digest256.cache test-malware-simple.pset test-unwanted-simple.sbstore and there should be output that shows that the browser is downloading the list: listmanager: 14:16:07 GMT-0700 (PDT): Enabling table updates for goog-phish-shavar listmanager: 14:16:07 GMT-0700 (PDT): Enabling table updates for goog-malware-shavar listmanager: 14:16:07 GMT-0700 (PDT): Enabling table updates for goog-unwanted-shavar listmanager: 14:16:07 GMT-0700 (PDT): Enabling table updates for goog-badbinurl-shavar listmanager: 14:16:07 GMT-0700 (PDT): Enabling table updates for mozstd-track-digest256 listmanager: 14:16:07 GMT-0700 (PDT): Enabling table updates for mozstd-trackwhite-digest256 listmanager: 14:16:07 GMT-0700 (PDT): Disabling table updates for mozplugin-block-digest256 listmanager: 14:16:07 GMT-0700 (PDT): Starting managing lists listmanager: 14:16:07 GMT-0700 (PDT): needsUpdate: { "https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key]": { "goog-phish-shavar": true, "goog-malware-shavar": true, "goog-unwanted-shavar": true, "goog-badbinurl-shavar": true }, "https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2": { "mozstd-track-digest256": true, "mozstd-trackwhite-digest256": true, "mozplugin-block-digest256": false } } listmanager: 14:16:07 GMT-0700 (PDT): No updates needed or already initialized for https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key] listmanager: 14:16:07 GMT-0700 (PDT): No updates needed or already initialized for https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2 listmanager: 14:17:54 GMT-0700 (PDT): checkForUpdates with https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key] listmanager: 14:17:54 GMT-0700 (PDT): this.tablesData: { "goog-phish-shavar": { "updateUrl": "https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key]", "gethashUrl": "https://safebrowsing.google.com/safebrowsing/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "provider": "google" }, "goog-malware-shavar": { "updateUrl": "https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key]", "gethashUrl": "https://safebrowsing.google.com/safebrowsing/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "provider": "google" }, "goog-unwanted-shavar": { "updateUrl": "https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key]", "gethashUrl": "https://safebrowsing.google.com/safebrowsing/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "provider": "google" }, "goog-badbinurl-shavar": { "updateUrl": "https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key]", "gethashUrl": "https://safebrowsing.google.com/safebrowsing/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "provider": "google" }, "mozstd-track-digest256": { "updateUrl": "https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "gethashUrl": "https://shavar.services.mozilla.com/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "provider": "mozilla" }, "mozstd-trackwhite-digest256": { "updateUrl": "https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "gethashUrl": "https://shavar.services.mozilla.com/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "provider": "mozilla" }, "mozplugin-block-digest256": { "updateUrl": "https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "gethashUrl": "https://shavar.services.mozilla.com/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2", "provider": "mozilla" } } ACTUAL: The safebrowsing directory is empty and the only messages we see are: SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.phishTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.malwareTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.downloadBlockTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.downloadAllowTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.trackingTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.trackingWhitelistTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.forbiddenTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: urlclassifier.blockedTable SafeBrowsing: 14:24:28 GMT-0700 (PDT): reading prefs SafeBrowsing: 14:24:28 GMT-0700 (PDT): initializing safe browsing URLs, client id navclient-auto-ffox SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.lists.mozstd.name SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.lists.mozstd.description SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.updateURL SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: google.lists SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: google.lastupdatetime SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: google.reportURL SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.lists.mozfull.description SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.lists.mozfull.name SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: google.nextupdatetime SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.gethashURL SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.lastupdatetime SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.nextupdatetime SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: google.updateURL SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: mozilla.lists SafeBrowsing: 14:24:28 GMT-0700 (PDT): Child: google.gethashURL SafeBrowsing: 14:24:28 GMT-0700 (PDT): Providers: mozilla, google SafeBrowsing: 14:24:28 GMT-0700 (PDT): Provider: mozilla updateURL=https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2 SafeBrowsing: 14:24:28 GMT-0700 (PDT): Provider: mozilla gethashURL=https://shavar.services.mozilla.com/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2 SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: browser.safebrowsing.provider.mozilla.lists SafeBrowsing: 14:24:28 GMT-0700 (PDT): Provider: google updateURL=https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key] SafeBrowsing: 14:24:28 GMT-0700 (PDT): Provider: google gethashURL=https://safebrowsing.google.com/safebrowsing/gethash?client=navclient-auto-ffox&appver=49.0a&pver=2.2 SafeBrowsing: 14:24:28 GMT-0700 (PDT): getLists: browser.safebrowsing.provider.google.lists listmanager: 14:24:28 GMT-0700 (PDT): Initializing list manager listmanager: 14:24:28 GMT-0700 (PDT): registering goog-phish-shavar with https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key] listmanager: 14:24:28 GMT-0700 (PDT): Creating request backoff for https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key] listmanager: 14:24:28 GMT-0700 (PDT): registering goog-malware-shavar with https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key] listmanager: 14:24:28 GMT-0700 (PDT): registering goog-unwanted-shavar with https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key] listmanager: 14:24:28 GMT-0700 (PDT): registering goog-badbinurl-shavar with https://safebrowsing.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=49.0a&pver=2.2&key=[trimmed-google-api-key]
Reporter | ||
Comment 1•8 years ago
|
||
We should fix this because it caused problems during Richard's end-to-end shavar tests. Henry, is this something you want to take a look at? I suspect that Dimi's change in registerTableWithURLs might solve this: https://reviewboard.mozilla.org/r/52133/diff/2#0
Priority: -- → P2
Updated•8 years ago
|
QA Contact: rpappalardo
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → hchang
Assignee | ||
Comment 2•8 years ago
|
||
Dimi's fix is indeed the solution. However, what I wonder is the actual end-to-end tests requirement. If the unownded list is not needed at all, we can skip this unowned list. If it needs to be downloaded for some reason, maybe we need to infer the provider from the list name. Richard, do you mind providing your requirement of the tests? Thanks :)
Flags: needinfo?(rpappalardo)
Reporter | ||
Comment 3•8 years ago
|
||
Henry Chang [:henry] from comment #2) > Richard, do you mind providing your requirement of the tests? Thanks :) Richard's tests set a number of prefs: https://wiki.mozilla.org/Services/TrackingProtection/Shavar_Server_-_Testing#SET_CUSTOM_PREFS in order to ensure that all of the lists served by the shavar server are working. Him and I are trying to work around this bug and simplify the prefs: https://github.com/mozilla-services/services-test/blob/dev/shavar/e2e-test/prefs.ini > Dimi's fix is indeed the solution. However, what I wonder is the actual > end-to-end tests requirement. If the unownded list is not needed at all, we > can skip this unowned list. If it needs to be downloaded for some reason, > maybe we need to infer the provider from the list name. It doesn't need to be downloaded. If we see an unowned list, we should (ideally) print a warning and skip it.
Flags: needinfo?(rpappalardo)
Assignee | ||
Comment 4•8 years ago
|
||
Assignee | ||
Comment 5•8 years ago
|
||
Comment on attachment 8759013 [details] [diff] [review] Part 1: Avoid registering unowned list Hi Francois, I've just attached a patch for review. However, I haven't figured out a test case for it. I'll provide one once I make it. Thanks!
Attachment #8759013 -
Flags: review?(francois)
Reporter | ||
Comment 6•8 years ago
|
||
Comment on attachment 8759013 [details] [diff] [review] Part 1: Avoid registering unowned list Review of attachment 8759013 [details] [diff] [review]: ----------------------------------------------------------------- Thanks Henry!
Attachment #8759013 -
Flags: review?(francois) → review+
Assignee | ||
Comment 7•8 years ago
|
||
Assignee | ||
Comment 8•8 years ago
|
||
Comment on attachment 8759043 [details] [diff] [review] Part 2: Test case This is the test case to make sure the owned lists don't break table update.
Attachment #8759043 -
Flags: review?(francois)
Assignee | ||
Comment 9•8 years ago
|
||
Attachment #8759043 -
Attachment is obsolete: true
Attachment #8759043 -
Flags: review?(francois)
Attachment #8759047 -
Flags: review?(francois)
Assignee | ||
Comment 10•8 years ago
|
||
Attachment #8759047 -
Attachment is obsolete: true
Attachment #8759047 -
Flags: review?(francois)
Attachment #8759050 -
Flags: review?(francois)
Reporter | ||
Comment 11•8 years ago
|
||
Comment on attachment 8759050 [details] [diff] [review] Part 2: Test case Review of attachment 8759050 [details] [diff] [review]: ----------------------------------------------------------------- That's a nice way to test this. Just a small thing to fix with the initial value of the pref and it's ready to land. ::: toolkit/components/url-classifier/tests/unit/test_bug1274685_unowned_list.js @@ +17,5 @@ > + > + try { > + // Remove 'goog-malware-shavar' from the original. > + Services.prefs.setCharPref("browser.safebrowsing.provider.google.lists", > + "goog-unwanted-shavar,test-malware-simple,test-unwanted-simple"); That value is not quite right because it includes lists that are not supposed to be in there (the test-*-simple ones) and also is missing more than just "goog-malware-shavar". The default value is this: goog-badbinurl-shavar,goog-downloadwhite-digest256,goog-phish-shavar,goog-malware-shavar,goog-unwanted-shavar So what I'd recommend for this test is that you first do a Services.prefs.getCharPref() and then a string replacement: s/goog-malware-shavar,// on the string that you get. That way you only remove the malware one and you're not accidentally removing anything else that we might add there in the future.
Attachment #8759050 -
Flags: review?(francois)
Assignee | ||
Comment 12•8 years ago
|
||
Assignee | ||
Updated•8 years ago
|
Attachment #8759050 -
Attachment is obsolete: true
Assignee | ||
Comment 13•8 years ago
|
||
Comment on attachment 8759471 [details] [diff] [review] Part 2: Test case Hi Francois, I've addressed your comments. Could you review again? Thanks :)
Attachment #8759471 -
Flags: review?(francois)
Reporter | ||
Comment 14•8 years ago
|
||
Comment on attachment 8759471 [details] [diff] [review] Part 2: Test case Review of attachment 8759471 [details] [diff] [review]: ----------------------------------------------------------------- r+ once you address this last comment. ::: toolkit/components/url-classifier/tests/unit/test_bug1274685_unowned_list.js @@ +16,5 @@ > + let origList = Services.prefs.getCharPref("browser.safebrowsing.provider.google.lists"); > + > + try { > + // Remove 'goog-malware-shavar' from the original. > + let trimmedList = origList.replace('goog-malware-shavar,', ''); It might be better to move the string replacement and the setCharPref() call out of the try..catch block because we only want to pass the test if the exception is thrown from SafeBrowsing.registerTable().
Attachment #8759471 -
Flags: review?(francois) → review+
Assignee | ||
Updated•8 years ago
|
Attachment #8759501 -
Attachment description: Part 2: Test case → Part 2: Test case (r+'ed)
Assignee | ||
Comment 17•8 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a052fbf9c642
Assignee | ||
Updated•8 years ago
|
Attachment #8759505 -
Flags: review+
Assignee | ||
Updated•8 years ago
|
Keywords: checkin-needed
Reporter | ||
Comment 18•8 years ago
|
||
Comment on attachment 8759505 [details] [diff] [review] Part 2: Test case (r+'ed) Review of attachment 8759505 [details] [diff] [review]: ----------------------------------------------------------------- Oops this one needs to move out too. ::: toolkit/components/url-classifier/tests/unit/test_bug1274685_unowned_list.js @@ +17,5 @@ > + let trimmedList = origList.replace('goog-malware-shavar,', ''); > + > + try { > + // Remove 'goog-malware-shavar' from the original. > + Services.prefs.setCharPref("browser.safebrowsing.provider.google.lists", trimmedList); Could you also move this one out of the try..catch? It would be better not to pass the test if this throws an exception.
Attachment #8759505 -
Flags: review+
Reporter | ||
Updated•8 years ago
|
Keywords: checkin-needed
Assignee | ||
Comment 19•8 years ago
|
||
Assignee | ||
Updated•8 years ago
|
Attachment #8759505 -
Attachment is obsolete: true
Assignee | ||
Comment 20•8 years ago
|
||
(In reply to François Marier [:francois] from comment #18) > Comment on attachment 8759505 [details] [diff] [review] > Part 2: Test case (r+'ed) > > Review of attachment 8759505 [details] [diff] [review]: > ----------------------------------------------------------------- > > Oops this one needs to move out too. > > ::: > toolkit/components/url-classifier/tests/unit/test_bug1274685_unowned_list.js > @@ +17,5 @@ > > + let trimmedList = origList.replace('goog-malware-shavar,', ''); > > + > > + try { > > + // Remove 'goog-malware-shavar' from the original. > > + Services.prefs.setCharPref("browser.safebrowsing.provider.google.lists", trimmedList); > > Could you also move this one out of the try..catch? > > It would be better not to pass the test if this throws an exception. Done! Thanks for reminding :)
Assignee | ||
Updated•8 years ago
|
Keywords: checkin-needed
Reporter | ||
Comment 21•8 years ago
|
||
Comment on attachment 8759534 [details] [diff] [review] Part 2: Test case (carry r+) Review of attachment 8759534 [details] [diff] [review]: ----------------------------------------------------------------- Looks great, thanks Henry!
Attachment #8759534 -
Flags: review+
Comment 22•8 years ago
|
||
Pushed by cbook@mozilla.com: https://hg.mozilla.org/integration/fx-team/rev/2df25135bcd3 Part 1: Avoid registering lists which have no provider info. r=francois. https://hg.mozilla.org/integration/fx-team/rev/30700073705d Part 2: Test case. r=francois.
Keywords: checkin-needed
Comment 23•8 years ago
|
||
Thanks, :henry, :francois! when these new prefs land, I assume they'll only do so in Nightly? I'm pretty sure that's the case but if so, I'll need to adapt our test tool to now also handle unique pref sets for different browser versions. The matrix of pref combinations is getting quite complex so I want to confirm before i make that change
Flags: needinfo?(hchang)
Flags: needinfo?(francois)
Reporter | ||
Comment 24•8 years ago
|
||
Moving over to Matt to verify because it's really a client bug :)
QA Contact: rpappalardo → mwobensmith
Reporter | ||
Comment 25•8 years ago
|
||
(In reply to Richard Pappalardo [:rpapa][:rpappalardo] from comment #23) > Thanks, :henry, :francois! when these new prefs land, I assume they'll only > do so in Nightly? I'm pretty sure that's the case but if so, I'll need to > adapt our test tool to now also handle unique pref sets for different > browser versions. The matrix of pref combinations is getting quite complex > so I want to confirm before i make that change This patch doesn't change any of the prefs so you shouldn't have to change anything in the test tool or end-to-end test plan. If anything, the client will be more tolerant of pref mistakes in the future :)
Flags: needinfo?(hchang)
Flags: needinfo?(francois)
Comment 26•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/2df25135bcd3 https://hg.mozilla.org/mozilla-central/rev/30700073705d
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox49:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla49
Comment 27•8 years ago
|
||
Using steps from comment 0: Confirmed problem on Fx49 from 2016-05-10. Verified fixed on Fx49 and Fx50, 2016-06-07.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•