Open
Bug 1386565
Opened 7 years ago
Updated 1 year ago
Disabling all Safe Browsing entries in about:config don't stop creating Safe Browsing files
Categories
(Toolkit :: Safe Browsing, defect, P5)
Tracking
()
NEW
People
(Reporter: Virtual, Unassigned)
References
Details
(Keywords: nightly-community)
Attachments
(2 files)
STR:
1. Disable completely Safe Browsing by setting in about:config to false these preferences:
- browser.safebrowsing.blockedURIs.enabled
- browser.safebrowsing.downloads.enabled
- browser.safebrowsing.downloads.remote.block_dangerous
- browser.safebrowsing.downloads.remote.block_dangerous_host
- browser.safebrowsing.downloads.remote.block_potentially_unwanted
- browser.safebrowsing.downloads.remote.block_uncommon
- browser.safebrowsing.downloads.remote.enabled
- browser.safebrowsing.malware.enabled
- browser.safebrowsing.phishing.enabled
2. Set browser.safebrowsing.downloads.remote.timeout_ms to 1
3. Blank all string browser.safebrowsing.* preferences
so it should look like in attachment and like this
> browser.safebrowsing.allowOverride;true
> browser.safebrowsing.blockedURIs.enabled;false
> browser.safebrowsing.debug;false
> browser.safebrowsing.downloads.enabled;false
> browser.safebrowsing.downloads.remote.block_dangerous;false
> browser.safebrowsing.downloads.remote.block_dangerous_host;false
> browser.safebrowsing.downloads.remote.block_potentially_unwanted;false
> browser.safebrowsing.downloads.remote.block_uncommon;false
> browser.safebrowsing.downloads.remote.enabled;false
> browser.safebrowsing.downloads.remote.timeout_ms;1
> browser.safebrowsing.downloads.remote.url;
> browser.safebrowsing.id;
> browser.safebrowsing.malware.enabled;false
> browser.safebrowsing.phishing.enabled;false
> browser.safebrowsing.provider.google.advisoryName;
> browser.safebrowsing.provider.google.advisoryURL;
> browser.safebrowsing.provider.google.gethashURL;
> browser.safebrowsing.provider.google.lastupdatetime;
> browser.safebrowsing.provider.google.lists;
> browser.safebrowsing.provider.google.nextupdatetime;
> browser.safebrowsing.provider.google.pver;
> browser.safebrowsing.provider.google.reportMalwareMistakeURL;
> browser.safebrowsing.provider.google.reportPhishMistakeURL;
> browser.safebrowsing.provider.google.reportURL;
> browser.safebrowsing.provider.google.updateURL;
> browser.safebrowsing.provider.google4.advisoryName;
> browser.safebrowsing.provider.google4.advisoryURL;
> browser.safebrowsing.provider.google4.gethashURL;
> browser.safebrowsing.provider.google4.lastupdatetime;
> browser.safebrowsing.provider.google4.lists;
> browser.safebrowsing.provider.google4.nextupdatetime;
> browser.safebrowsing.provider.google4.pver;
> browser.safebrowsing.provider.google4.reportMalwareMistakeURL;
> browser.safebrowsing.provider.google4.reportPhishMistakeURL;
> browser.safebrowsing.provider.google4.reportURL;
> browser.safebrowsing.provider.google4.updateURL;
> browser.safebrowsing.provider.mozilla.gethashURL;
> browser.safebrowsing.provider.mozilla.lastupdatetime;
> browser.safebrowsing.provider.mozilla.lists;
> browser.safebrowsing.provider.mozilla.lists.base.description;
> browser.safebrowsing.provider.mozilla.lists.base.name;
> browser.safebrowsing.provider.mozilla.lists.content.description;
> browser.safebrowsing.provider.mozilla.lists.content.name;
> browser.safebrowsing.provider.mozilla.nextupdatetime;
> browser.safebrowsing.provider.mozilla.pver;
> browser.safebrowsing.provider.mozilla.updateURL;
4. Delete "C:\Users\USER_NAME\AppData\Local\Mozilla" folder to wipe all Firefox cache
5. Start Firefox
and see that "C:\Users\USER_NAME\AppData\Local\Mozilla\Firefox\Profiles\NAME.default\safebrowsing" folder is created
with these files:
- test-block-simple.pset
- test-block-simple.sbstore
- test-malware-simple.pset
- test-malware-simple.sbstore
- test-phish-simple.pset
- test-phish-simple.sbstore
- test-track-simple.pset
- test-track-simple.sbstore
- test-trackwhite-simple.pset
- test-trackwhite-simple.sbstore
- test-unwanted-simple.pset
- test-unwanted-simple.sbstore
while it shouldn't as Safe Browsing is disabled.
Virtual_ManPL [:Virtual] 🇵🇱 - (please needinfo? me - so I will see your comment/reply/question/etc.)
Reporter
|
||
Updated•7 years ago
|
Has Regression Range: --- → irrelevant
Has STR: --- → yes
Comment 1•7 years ago
|
||
Those are the initial built-in lists which will be automatically and firmly added only at startup (removing lists from preference does not change that). We are trying to remove them completely in bug 1377198
Virtual_ManPL [:Virtual] 🇵🇱 - (please needinfo? me - so I will see your comment/reply/question/etc.)
Reporter
|
||
Comment 2•7 years ago
|
||
(In reply to Thomas Nguyen[:tnguyen] ni plz from comment #1)
> Those are the initial built-in lists which will be automatically and firmly
> added only at startup (removing lists from preference does not change that).
> We are trying to remove them completely in bug 1377198
Awesome! So I'm marking this bug, as depended on bug #1377198.
Depends on: 1377198
Comment 3•7 years ago
|
||
If you set all of the urlclassifier.*Table prefs to the empty string, does it help?
These test lists are built-in and only contain local hard-coded entries as Thomas said in comment 1.
Flags: needinfo?(Virtual)
Priority: -- → P5
Virtual_ManPL [:Virtual] 🇵🇱 - (please needinfo? me - so I will see your comment/reply/question/etc.)
Reporter
|
||
Comment 4•7 years ago
|
||
(In reply to François Marier [:francois] from comment #3)
> If you set all of the urlclassifier.*Table prefs to the empty string, does
> it help?
Unfortunately, it doesn't help, still same issue,
when I blank in about:config these preferences:
- urlclassifier.alternate_error_page
- urlclassifier.blockedTable
- urlclassifier.downloadBlockTable
- urlclassifier.flashAllowExceptTable
- urlclassifier.flashAllowTable
- urlclassifier.flashExceptTable
- urlclassifier.flashInfobarTable
- urlclassifier.flashSubDocExceptTable
- urlclassifier.flashSubDocTable
- urlclassifier.flashTable
- urlclassifier.malwareTable
- urlclassifier.phishTable
- urlclassifier.trackingTable
- urlclassifier.trackingWhitelistTable
and set these to 1
- urlclassifier.gethash.timeout_ms
- urlclassifier.update.response_timeout_ms
- urlclassifier.update.timeout_ms
and set this to 0
- urlclassifier.gethashnoise
so it should look like in attachment and like this
> urlclassifier.alternate_error_page;
> urlclassifier.blockedTable;
> urlclassifier.disallow_completions;
> urlclassifier.downloadAllowTable;
> urlclassifier.downloadBlockTable;
> urlclassifier.flashAllowExceptTable;
> urlclassifier.flashAllowTable;
> urlclassifier.flashExceptTable;
> urlclassifier.flashInfobarTable;
> urlclassifier.flashSubDocExceptTable;
> urlclassifier.flashSubDocTable;
> urlclassifier.flashTable;
> urlclassifier.gethash.timeout_ms;1
> urlclassifier.gethashnoise;0
> urlclassifier.malwareTable;
> urlclassifier.phishTable;
> urlclassifier.trackingTable;
> urlclassifier.trackingWhitelistTable;
> urlclassifier.update.response_timeout_ms;1
> urlclassifier.update.timeout_ms;1
Flags: needinfo?(Virtual)
Virtual_ManPL [:Virtual] 🇵🇱 - (please needinfo? me - so I will see your comment/reply/question/etc.)
Reporter
|
||
Updated•7 years ago
|
QA Contact: Virtual
Comment 5•2 years ago
|
||
In the process of migrating remaining bugs to the new severity system, the severity for this bug cannot be automatically determined. Please retriage this bug using the new severity system.
Severity: major → --
Comment 6•1 year ago
|
||
The severity field is not set for this bug.
:dimi, could you have a look please?
For more information, please visit BugBot documentation.
Flags: needinfo?(dlee)
Updated•1 year ago
|
Severity: -- → S3
Flags: needinfo?(dlee)
You need to log in
before you can comment on or make changes to this bug.
Description
•