Open Bug 1409559 Opened 8 years ago Updated 3 years ago

Hard-coded report URLs for Safe Browsing detection errors

Categories

(Toolkit :: Safe Browsing, enhancement, P3)

Product:
Toolkit
Component:
Safe Browsing
Type:
enhancement

Tracking

()

Tracking Flags:
Tracking Status
firefox57 --- affected
firefox58 --- affected

People

(Reporter: francois, Unassigned)

References

Details

The URLs for reporting detection mistakes in malware and phishing lists are hardcoded to stopbadware.org and safebrowsing.google.com: https://searchfox.org/mozilla-central/rev/dca019c94bf3a840ed7ff50261483410cfece24f/browser/base/content/content.js#185 https://searchfox.org/mozilla-central/rev/dca019c94bf3a840ed7ff50261483410cfece24f/browser/base/content/content.js#195 instead of using the built-in redirections: https://%LOCALE%.malware-error.mozilla.com/?hl=%LOCALE%&url= https://%LOCALE%.phish-error.mozilla.com/?hl=%LOCALE%&url= that are defined in: browser.safebrowsing.provider.google.reportMalwareMistakeURL browser.safebrowsing.provider.google.reportPhishMistakeURL browser.safebrowsing.provider.google4.reportMalwareMistakeURL browser.safebrowsing.provider.google4.reportPhishMistakeURL The patch in bug 1409348 will fix this issue in the most common case where the provider is Google. We should deal with providers without a report URL in a better: use different copy and remove the "report detection problem" link.
Priority: P2 → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.