Closed Bug 1765184 Opened 2 years ago Closed 2 years ago

Blocked downloads should not leave an empty (0K) file

Categories

(Firefox :: Downloads Panel, defect)

Firefox 99
defect

Tracking

()

RESOLVED DUPLICATE of bug 1754920

People

(Reporter: jscher2000, Unassigned)

Details

Attachments

(2 files)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0

Steps to reproduce:

Download using an HTTP link in an HTTPS page. For example, a PDF-format instruction manual from a product page on https://www.screwfix.com/ (with PDF handling set to "Always Ask") or a Word/PowerPoint doc from https://www.jeffersonscher.com/scu/2009/ (if you have PDFs set to "Open in Firefox").

Actual results:

The Downloads list displays the message "File not downloaded: Potential security risk" (based on Downloads.Error.BLOCK_VERDICT_INSECURE). In the relevant download folder, Firefox actually created a 0KB empty stub file with the name of the intended download. If the user clicks for more information, there is a working Remove file button, which contradicts the original message.

Expected results:

No file should be created (or any file created should be deleted immediately) for a blocked download.

Reported in SUMO reply: https://support.mozilla.org/en-US/questions/1373839#answer-1498395

"Open" actually requires a re-download, but hopefully this can work without the empty placeholder file. And then "Remove file" won't be needed.

I'm slotting this under Firefox / Downloads Panel for the moment, but it could be a Toolkit / Downloads API issue if we've always had empty files in the Temp folder but users never noticed before because... out of sight, out of mind.

Component: Untriaged → Downloads Panel

(In reply to jscher2000 from comment #0)

Download using an HTTP link in an HTTPS page. For example, a PDF-format instruction manual from a product page on https://www.screwfix.com/

Aside: it is always fun for me to find random references to stuff I use in bug reports, so thank you for the smile. :-)

The Downloads list displays the message "File not downloaded: Potential security risk" (based on Downloads.Error.BLOCK_VERDICT_INSECURE). In the relevant download folder, Firefox actually created a 0KB empty stub file with the name of the intended download. If the user clicks for more information, there is a working Remove file button, which contradicts the original message.

Yeah, agreed that this is weird/wrong. It looks like we have a pre-existing report here: bug 1754920.

Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: