Redirect chain is not included in remote application reputation lookups

NEW
Unassigned

Status

()

Toolkit
Safe Browsing
P3
normal
17 days ago
17 days ago

People

(Reporter: francois, Unassigned)

Tracking

(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

17 days ago
It looks like we don't submit the redirection URLs when we perform a application reputation lookup against the Google service:

Starting application reputation check [query=0x7fbfa42a80e0]
Created pending lookup [this = 0x7fbfa5c185e0]
PendingLookup::GetStrippedSpec(): URL stripped to 'http://localhost/francois/1434741/content.exe' [this = 0x7fbfa5c185e0]
ApplicationReputation: Got 1 redirects
PendingLookup::GetStrippedSpec(): URL stripped to 'http://localhost/download' [this = 0x7fbfa5c185e0]
ApplicationReputation: Appending redirect http://localhost/download
...
Suggested filename: content.exe [this = 0x7fbfa5c185e0]
Sending remote query for application reputation [this = 0x7fbfa5c185e0]
PendingLookup::GetStrippedSpec(): URL stripped to 'http://localhost/francois/1434741/content.exe' [this = 0x7fbfa5c185e0]
Suggested filename: content.exe [this = 0x7fbfa5c185e0]
Got unsigned binary for remote application reputation check [this = 0x7fbfa5c185e0]
Serialized protocol buffer [this = 0x7fbfa5c185e0]: (length=192) 
-http://localhost/francois/1434741/content.exe"
 
 �p��J����)]��j�N������WQ~�"1
-http://localhost/francois/1434741/content.exe
Destroying pending DB lookup [this = 0x7fbfa42cc8c0]
Application Reputation verdict is 1, obtained in 242.345798 ms [this = 0x7fbfa5c185e0]
Application Reputation check failed, blocking bad binary [this = 0x7fbfa5c185e0]

I would have expected the serialized protobuf to contain "http://localhost/download".

Note: this test case is a simple redirect from http://localhost/download to http://localhost/francois/1434741/content.exe.
You need to log in before you can comment on or make changes to this bug.