Open Bug 1386565 Opened 7 years ago Updated 1 year ago

Disabling all Safe Browsing entries in about:config don't stop creating Safe Browsing files

Categories

(Toolkit :: Safe Browsing, defect, P5)

x86_64
Windows 7
defect

Tracking

()

People

(Reporter: Virtual, Unassigned)

References

Details

(Keywords: nightly-community)

Attachments

(2 files)

Attached image screenshot.png
STR: 1. Disable completely Safe Browsing by setting in about:config to false these preferences: - browser.safebrowsing.blockedURIs.enabled - browser.safebrowsing.downloads.enabled - browser.safebrowsing.downloads.remote.block_dangerous - browser.safebrowsing.downloads.remote.block_dangerous_host - browser.safebrowsing.downloads.remote.block_potentially_unwanted - browser.safebrowsing.downloads.remote.block_uncommon - browser.safebrowsing.downloads.remote.enabled - browser.safebrowsing.malware.enabled - browser.safebrowsing.phishing.enabled 2. Set browser.safebrowsing.downloads.remote.timeout_ms to 1 3. Blank all string browser.safebrowsing.* preferences so it should look like in attachment and like this > browser.safebrowsing.allowOverride;true > browser.safebrowsing.blockedURIs.enabled;false > browser.safebrowsing.debug;false > browser.safebrowsing.downloads.enabled;false > browser.safebrowsing.downloads.remote.block_dangerous;false > browser.safebrowsing.downloads.remote.block_dangerous_host;false > browser.safebrowsing.downloads.remote.block_potentially_unwanted;false > browser.safebrowsing.downloads.remote.block_uncommon;false > browser.safebrowsing.downloads.remote.enabled;false > browser.safebrowsing.downloads.remote.timeout_ms;1 > browser.safebrowsing.downloads.remote.url; > browser.safebrowsing.id; > browser.safebrowsing.malware.enabled;false > browser.safebrowsing.phishing.enabled;false > browser.safebrowsing.provider.google.advisoryName; > browser.safebrowsing.provider.google.advisoryURL; > browser.safebrowsing.provider.google.gethashURL; > browser.safebrowsing.provider.google.lastupdatetime; > browser.safebrowsing.provider.google.lists; > browser.safebrowsing.provider.google.nextupdatetime; > browser.safebrowsing.provider.google.pver; > browser.safebrowsing.provider.google.reportMalwareMistakeURL; > browser.safebrowsing.provider.google.reportPhishMistakeURL; > browser.safebrowsing.provider.google.reportURL; > browser.safebrowsing.provider.google.updateURL; > browser.safebrowsing.provider.google4.advisoryName; > browser.safebrowsing.provider.google4.advisoryURL; > browser.safebrowsing.provider.google4.gethashURL; > browser.safebrowsing.provider.google4.lastupdatetime; > browser.safebrowsing.provider.google4.lists; > browser.safebrowsing.provider.google4.nextupdatetime; > browser.safebrowsing.provider.google4.pver; > browser.safebrowsing.provider.google4.reportMalwareMistakeURL; > browser.safebrowsing.provider.google4.reportPhishMistakeURL; > browser.safebrowsing.provider.google4.reportURL; > browser.safebrowsing.provider.google4.updateURL; > browser.safebrowsing.provider.mozilla.gethashURL; > browser.safebrowsing.provider.mozilla.lastupdatetime; > browser.safebrowsing.provider.mozilla.lists; > browser.safebrowsing.provider.mozilla.lists.base.description; > browser.safebrowsing.provider.mozilla.lists.base.name; > browser.safebrowsing.provider.mozilla.lists.content.description; > browser.safebrowsing.provider.mozilla.lists.content.name; > browser.safebrowsing.provider.mozilla.nextupdatetime; > browser.safebrowsing.provider.mozilla.pver; > browser.safebrowsing.provider.mozilla.updateURL; 4. Delete "C:\Users\USER_NAME\AppData\Local\Mozilla" folder to wipe all Firefox cache 5. Start Firefox and see that "C:\Users\USER_NAME\AppData\Local\Mozilla\Firefox\Profiles\NAME.default\safebrowsing" folder is created with these files: - test-block-simple.pset - test-block-simple.sbstore - test-malware-simple.pset - test-malware-simple.sbstore - test-phish-simple.pset - test-phish-simple.sbstore - test-track-simple.pset - test-track-simple.sbstore - test-trackwhite-simple.pset - test-trackwhite-simple.sbstore - test-unwanted-simple.pset - test-unwanted-simple.sbstore while it shouldn't as Safe Browsing is disabled.
Has Regression Range: --- → irrelevant
Has STR: --- → yes
Those are the initial built-in lists which will be automatically and firmly added only at startup (removing lists from preference does not change that). We are trying to remove them completely in bug 1377198
(In reply to Thomas Nguyen[:tnguyen] ni plz from comment #1) > Those are the initial built-in lists which will be automatically and firmly > added only at startup (removing lists from preference does not change that). > We are trying to remove them completely in bug 1377198 Awesome! So I'm marking this bug, as depended on bug #1377198.
Depends on: 1377198
If you set all of the urlclassifier.*Table prefs to the empty string, does it help? These test lists are built-in and only contain local hard-coded entries as Thomas said in comment 1.
Flags: needinfo?(Virtual)
Priority: -- → P5
Attached image screenshot 2.png
(In reply to François Marier [:francois] from comment #3) > If you set all of the urlclassifier.*Table prefs to the empty string, does > it help? Unfortunately, it doesn't help, still same issue, when I blank in about:config these preferences: - urlclassifier.alternate_error_page - urlclassifier.blockedTable - urlclassifier.downloadBlockTable - urlclassifier.flashAllowExceptTable - urlclassifier.flashAllowTable - urlclassifier.flashExceptTable - urlclassifier.flashInfobarTable - urlclassifier.flashSubDocExceptTable - urlclassifier.flashSubDocTable - urlclassifier.flashTable - urlclassifier.malwareTable - urlclassifier.phishTable - urlclassifier.trackingTable - urlclassifier.trackingWhitelistTable and set these to 1 - urlclassifier.gethash.timeout_ms - urlclassifier.update.response_timeout_ms - urlclassifier.update.timeout_ms and set this to 0 - urlclassifier.gethashnoise so it should look like in attachment and like this > urlclassifier.alternate_error_page; > urlclassifier.blockedTable; > urlclassifier.disallow_completions; > urlclassifier.downloadAllowTable; > urlclassifier.downloadBlockTable; > urlclassifier.flashAllowExceptTable; > urlclassifier.flashAllowTable; > urlclassifier.flashExceptTable; > urlclassifier.flashInfobarTable; > urlclassifier.flashSubDocExceptTable; > urlclassifier.flashSubDocTable; > urlclassifier.flashTable; > urlclassifier.gethash.timeout_ms;1 > urlclassifier.gethashnoise;0 > urlclassifier.malwareTable; > urlclassifier.phishTable; > urlclassifier.trackingTable; > urlclassifier.trackingWhitelistTable; > urlclassifier.update.response_timeout_ms;1 > urlclassifier.update.timeout_ms;1
Flags: needinfo?(Virtual)

In the process of migrating remaining bugs to the new severity system, the severity for this bug cannot be automatically determined. Please retriage this bug using the new severity system.

Severity: major → --

The severity field is not set for this bug.
:dimi, could you have a look please?

For more information, please visit BugBot documentation.

Flags: needinfo?(dlee)
Severity: -- → S3
Flags: needinfo?(dlee)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: