Open Bug 2034626 Opened 1 month ago Updated 22 days ago

Search suggestions with Bing fail for queries containing non-English characters

Categories

(Firefox for Android :: Search, defect)

Product:
Firefox for Android
Component:
Search
Platform:
All
Android
Type:
defect

Tracking

()

People

(Reporter: royang, Unassigned, NeedInfo)

References

Details

Attachments

(1 file)

fenix-ua.png
63.40 KB, image/png
Details

Typing in French or Chinese language that is not English characters. Bing seems to failed to return search suggestions. This could be a unicode normalization issue. Please investigate.

Issue originated from https://support.mozilla.org/questions/1577448.

Hi :standard8, can you please help? I investigated but it doesn't look like there's an encoding issue on Firefox Android side and from the old bing.xml file it looks like it should be the same as https://www.bing.com/osjson.aspx?query=%E6%90%9C%E7%B4%A2 which should get the the correct results.

I can also reproduce with french with the search "ça va". Is there something different in the remote search configuration? Thanks

Flags: needinfo?(standard8)

The remote search configuration returns only the URL with details of the parameters and which one is the search. The product code builds the URL with the actual values for the parameters.

That said, I was looking at this using the devtools toolboxes because I wanted to check what the network requests were. The requests were looking similar, so I was a bit confused, until I tried changing the user agent.

With Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:152.0) Gecko/20100101 Firefox/152.0 as the user agent (the desktop one), everything comes back fine. With Mozilla/5.0 (Android 15; Mobile; rv:150.0) Gecko/150.0 Firefox/150.0 as the user agent, I get the broken response:

[
  "\\u00E7a v",
  []
]

I'm currently asking for iOS to be checked to see if they have the same issue. Once I get the response, we'll see if we can raise the issue with Bing directly and get it resolved.

Flags: needinfo?(standard8)

The severity field is not set for this bug.
:skhan, could you have a look please?

For more information, please visit BugBot documentation.

Flags: needinfo?(skhan)

Hi Mark,

Any progress here?

Flags: needinfo?(standard8)

We've raised it with Bing, but not heard anything back yet.

Flags: needinfo?(standard8)
Duplicate of this bug: 2035668

Observed phenomenon and trigger

For Chinese queries with a Firefox Android UA, Bing returns search suggestions that are heavily polluted, including but not limited to strange URLs and garbled strings. The trigger is strictly a UA containing both Android and Firefox. Switching to a Chrome Android UA or Firefox Desktop UA returns clean suggestions, confirming the poisoning is server-side and UA‑based.

MSRC's refusal to treat this as a vulnerability

I reported this to the Microsoft Security Response Center. On 20260418, they rejected the case, stating:
“This report describes a data quality / abuse issue, not a vulnerability under MSRC's security definition. There's no compromise of assets or elevation of privilege; all impacts are indirect and rely on user interaction with untrusted suggestions.”
Microsoft's security team will therefore not act.

Attempt to reach Mozilla Security

On 20260422, I sent a detailed report to security@mozilla.com, but received no response.

This poisoning only surfaces for Firefox on Android. The Bing search suggestions API response is polluted under this UA condition. I'm providing this information in the hope that it helps the team emphasize that this poisoning exclusively targets the Firefox Android UA when following up with Bing.

This looks neither as Fenix or Remote Settings search provider issue per se — this looks more like webcompat issue for Bing.com wholesale according to one of the reporters, given they see the exact same unicode~esque type ahead suggestions directly on the Bing.com site when using the site's own search component if visited from Fenix UA. Masking as Chrome UA fixes the issue and returns the expected content.

See Also: → https://support.mozilla.org/questions/1582695

As mentioned in comment 5 this has been raised with Bing. We are currently discussing it with them. We're leaving this bug open for the time being for tracking on our side.

Attached image fenix-ua.png

It is easy to reproduce even using the actual bing.com site from desktop in e.g. Responsive Design Mode and going through a couple of user agents to compare. Reproduces after typing a few Latin–Ext characters as well.

This does not reproduce using iOS.

(Was about to change the metadata more in line with webcompat site reports, but according to comment 9 I won't interfere with current tracking — please feel free to move around as needed once you get any updates back if you think this warrants webcompat impact metadata etc. Thanks.)

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: