False positive from PhishingDetector.jsm for encoded URL (same as link text) with pointless alert : 'The link you just clicked seems to lead to another site... link text... 49.12.10.46, but it leads to 49.12.10.46'
Categories
(Thunderbird :: Message Reader UI, defect)
Tracking
(thunderbird_esr115 wontfix, thunderbird120 affected)
People
(Reporter: alexander.peshkoff, Assigned: mkmelin)
Details
Attachments
(1 file)
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Steps to reproduce:
Click a link in received (from reliable source) eMail
Actual results:
Strange message:
The link you just clicked seems to lead to another site than what the link text indicated. This is sometimes used for tracking whether you clicked the link, but it could also be a scam.
The link text indicated that the link would lead to 49.12.10.46, but it leads to 49.12.10.46.
With buttons: Go to 49.12.10.46 anyway; Cancel; Go to 49.12.10.46
Expected results:
No such message for same IP
The link is:
http://49.12.10.46/debug_fb50/windows/fbt_show_cross_report.has-some-errors.htm#o13513.16%23
The text is:
http://49.12.10.46/debug_fb50/windows/fbt_show_cross_report.has-some-errors.htm#o13513.16#
Suppose that may happen due to # vs %23 but error text is a little funny :)
Assignee | ||
Comment 1•2 years ago
|
||
Comment 2•2 years ago
|
||
Yeah, thanks Alexander, something is wrong here. Maybe not so bad, hopefully rare...
Confirming as described for 102.6.0 (64-bit), Win10 (see screenshot in my next comment).
%23
is URL-encoded for#
, so the the link text and the link URL from comment 0 are actually fully identical, and this shouldn't trigger a phishing alert at all. I recall from other link issues involving URL encoding that getting this right may nevertheless be non-trivial.- The phishing alert is wrong and pointless even if link text and link were different:
- The difference is at the end of the URL, but it's not shown.
- The error message claims that the IP 49.12.10.46 is different from 49.12.10.46, which makes no sense. This will come out wrong for a lot of mismatching URLs where the difference is not in the domain.
It doesn't look urgent, but hopefully there are some improvements which could be made to this.
Updated•2 years ago
|
Assignee | ||
Comment 3•1 year ago
|
||
Updated•1 year ago
|
Updated•1 year ago
|
Assignee | ||
Updated•1 year ago
|
Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/c80392fa8d01
Don't show ambiguous link warning if hosts actually match but are IPs. r=freaktechnik
Assignee | ||
Updated•1 year ago
|
Description
•