Hard-coded report URLs for Safe Browsing detection errors

NEW
Unassigned

Status

()

enhancement
P3
normal
2 years ago
5 months ago

People

(Reporter: francois, Unassigned)

Tracking

unspecified
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox57 affected, firefox58 affected)

Details

(Reporter)

Description

2 years ago
The URLs for reporting detection mistakes in malware and phishing lists are hardcoded to stopbadware.org and safebrowsing.google.com:

https://searchfox.org/mozilla-central/rev/dca019c94bf3a840ed7ff50261483410cfece24f/browser/base/content/content.js#185
https://searchfox.org/mozilla-central/rev/dca019c94bf3a840ed7ff50261483410cfece24f/browser/base/content/content.js#195

instead of using the built-in redirections:

https://%LOCALE%.malware-error.mozilla.com/?hl=%LOCALE%&url=
https://%LOCALE%.phish-error.mozilla.com/?hl=%LOCALE%&url=

that are defined in:

browser.safebrowsing.provider.google.reportMalwareMistakeURL
browser.safebrowsing.provider.google.reportPhishMistakeURL
browser.safebrowsing.provider.google4.reportMalwareMistakeURL
browser.safebrowsing.provider.google4.reportPhishMistakeURL

The patch in bug 1409348 will fix this issue in the most common case where the provider is Google.

We should deal with providers without a report URL in a better: use different copy and remove the "report detection problem" link.
Priority: P2 → P3
You need to log in before you can comment on or make changes to this bug.