Closed Bug 1591433 Opened 5 years ago Closed 5 years ago

SuperflousAuth Anti-phishing prompt does not show

Categories

(Core :: Networking, defect, P2)

Product:
Core
Component:
Networking
Version:
72 Branch
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla72
Tracking Flags:
Tracking Status
firefox-esr68 --- unaffected
firefox70 --- unaffected
firefox71 --- unaffected
firefox72 --- fixed

People

(Reporter: pbz, Assigned: mattwoodrow)

References

(Blocks 1 open bug, Regression)

Details

(Keywords: regression, Whiteboard: [necko-triaged])

Attachments

(2 files)

confirmauth.png
47.50 KB, image/png
Details
Bug 1591433 - Support getting an nsIPrompt from DocumentChannelParent, in the same way as HttpChannelParent does. r?mayhemer
47 bytes, text/x-phabricator-request
Details | Review
Attached image confirmauth.png

The SuperfluousAuth prompts added in Bug 232567 do not show anymore.

Via mozregression I found this range: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=f748a3d2cdf108e9443fd15332efe477c7c398a9&tochange=25b533bff4051e6a8177bbc83eed49ac460e109e

Setting browser.tabs.documentchannel to false fixes this. So I assume Bug 1583700 introduced this behavior.

For example opening https://facebook.com@eviltrap.site should trigger prompt (see screenshot attached).

Blocks: document-channel
Flags: needinfo?(matt.woodrow)
Priority: -- → P2
Whiteboard: [necko-triaged]
Assignee: nobody → matt.woodrow
Flags: needinfo?(matt.woodrow)

Michal, please check comment in phab on the patch, thanks.

Flags: needinfo?(michal.novotny)
Flags: needinfo?(michal.novotny)
Pushed by mwoodrow@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/2b10a397e32f Support getting an nsIPrompt from DocumentChannelParent, in the same way as HttpChannelParent does. r=mayhemer

https://hg.mozilla.org/mozilla-central/rev/2b10a397e32f

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox72: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla72

On both old and new builds I get redirected to "https://eviltrap.site/" when accessing the link "https://facebook.com@eviltrap.site", the prompt screenshot from the description isn't displayed.
Is it possible that this bug is not fixed?

Flags: needinfo?(matt.woodrow)

We currently have these prompts disabled by default due to a DoS issue. See Bug 1571003.
Once we support tab modal prompting, something I'm currently working on, I think we can enable them again.

Flags: needinfo?(matt.woodrow)
Has Regression Range: --- → yes
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: