Closed Bug 1476118 Opened 2 years ago Closed 2 years ago

Add "oxt" to the list of executable extensions in download protection

Categories

(Toolkit :: Safe Browsing, enhancement, P1)

enhancement

Tracking

()

RESOLVED FIXED
mozilla63
Tracking Status
firefox63 --- fixed

People

(Reporter: francois, Assigned: dimi)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

diff --git a/download_file_types.asciipb b/download_file_types.asciipb
index ec8d9de..445cb89 100644
--- a/download_file_types.asciipb
+++ b/download_file_types.asciipb
@@ -8,7 +8,7 @@
 ##
 ## Top level settings
 ##
-version_id: 20
+version_id: 21
 sampled_ping_probability: 0.01
 max_archived_binaries_to_report: 10
 default_file_type {
@@ -822,6 +822,17 @@ file_types {
   uma_value: 302
   ping_setting: FULL_PING
 }
+file_types {
+  # OpenOffice extension, can execute arbitrary code.
+  # https://crbug.com/862163
+  extension: "oxt"
+  uma_value: 317
+  ping_setting: FULL_PING
+  platform_settings {
+    danger_level: ALLOW_ON_USER_GESTURE
+    auto_open_hint: DISALLOW_AUTO_OPEN
+  }
+}
 
 ##
 ## Windows-specific files
Assignee: nobody → dlee
Status: NEW → ASSIGNED
Comment on attachment 9004238 [details]
Bug 1476118 - Add .oxt to the list of executable extensions in download protection. r?francois

François Marier [:francois] has approved the revision.
Attachment #9004238 - Flags: review+
Pushed by dlee@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/953cfa4e5a85
Add .oxt to the list of executable extensions in download protection. r=francois
https://hg.mozilla.org/mozilla-central/rev/953cfa4e5a85
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
You need to log in before you can comment on or make changes to this bug.