|Submitter||Diff||Changes||Open Issues||Last Updated|
|Error loading review requests:|
59 bytes, text/x-review-board-request
|Details | Review|
After being suggested in a review comment (https://bugzilla.mozilla.org/show_bug.cgi?id=964465#c20), we disabled the application reputation allow list in bug 974579 since at the time it was true that we didn't do remote lookups on OSX and Linux and so the allow list was pointless. However, remote lookups where enabled on OSX and Linux in bug 1111741 but we mistakenly kept the allow list Windows-only. These comments are wrong: https://searchfox.org/mozilla-central/rev/fcd9f1480d65f1a5df2acda97eb07a7e133f6ed4/toolkit/components/downloads/ApplicationReputation.cpp#1287 https://searchfox.org/mozilla-central/rev/fcd9f1480d65f1a5df2acda97eb07a7e133f6ed4/modules/libpref/init/all.js#5152-5154 since the the allow list is used for both certificate fingerprint checks (Windows-only) but also for hostname lookups: https://searchfox.org/mozilla-central/rev/fcd9f1480d65f1a5df2acda97eb07a7e133f6ed4/toolkit/components/downloads/ApplicationReputation.cpp#452-456 and about 15% of checks are covered by the allow list: https://telemetry.mozilla.org/new-pipeline/dist.html#!cumulative=0&end_date=2017-04-04&keys=__none__!__none__!__none__&max_channel_version=nightly%252F55&measure=APPLICATION_REPUTATION_LOCAL&min_channel_version=null&os=Windows_NT&processType=*&product=Firefox&sanitize=1&sort_keys=submissions&start_date=2017-03-08&table=1&trim=1&use_submission_date=0 So by enabling the allow list on OSX and Linux, we should reduce the percentage of downloads which end up causing a remote lookup with the Google service.
Comment on attachment 8855977 [details] Bug 1354713 - Make use of the application reputation allow list on OSX and Linux. https://reviewboard.mozilla.org/r/127836/#review133878
Attachment #8855977 - Flags: review?(gpascutto) → review+
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/autoland/rev/4b2034a89c67 Make use of the application reputation allow list on OSX and Linux. r=gcp
Status: ASSIGNED → RESOLVED
Last Resolved: a year ago
status-firefox55: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
You need to log in before you can comment on or make changes to this bug.