Closed Bug 1611797 Opened 5 years ago Closed 5 years ago

Extension Block Request: Titan Surfer

Categories

(Toolkit :: Blocklist Policy Requests, task)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
task
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: andreea.neamtiu, Assigned: Fallen)

Details
Extension name Titan Surfer
Extension versions affected <all versions>
Platforms affected <all platforms>
Block severity hard

Reason

This add-on contains critical security vulnerabilities:

  • collecting data (cookies, URL) - no privacy policy, no opt-in

  • modifying jQuey library by adding some XMLHttpRequests to its server

  • inserting ads (amazon, ebay, booking)

  • requests made on HTTP instead of HTTPS

Extension IDs

antimalware@titansurfer.com

Philipp, can you give this a look?

Assignee: nobody → philipp
Status: NEW → ASSIGNED
Flags: needinfo?(philipp)

I've reviewed the code and confirm the add-on is attempting to hide code not in line with our data collection policies

The block has been staged. simon, can you review and push?

Flags: needinfo?(philipp) → needinfo?(sbennetts)
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Flags: needinfo?(sbennetts)
Resolution: --- → FIXED
Group: blocklist-requests
You need to log in before you can comment on or make changes to this bug.