Closed
Bug 317720
Opened 17 years ago
Closed 17 years ago
Some emails use <area href> to get round phishing detection
Categories
(SeaMonkey :: MailNews: Message Display, defect)
SeaMonkey
MailNews: Message Display
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: iannbugzilla, Assigned: iannbugzilla)
Details
(Keywords: fixed-seamonkey1.0, fixed1.8.1)
Attachments
(2 files, 2 obsolete files)
|
3.49 KB,
patch
|
neil
:
review+
mscott
:
superreview+
mscott
:
approval1.8.0.1-
mscott
:
approval1.8.1+
|
Details | Diff | Splinter Review |
|
1.90 KB,
patch
|
iannbugzilla
:
review+
iannbugzilla
:
superreview+
kairo
:
approval-seamonkey1.0+
|
Details | Diff | Splinter Review |
See paste from recent phishy email: <html><p><font face="Arial"><A HREF="http://www.personal.barclays.co.uk/goto/pfsolb_login"><map name="FPMap0"><area coords="0, 0, 434, 307" shape="rect" href="http://200.176.40.9:680/rock/Isa/"></map><img SRC="cid:part1.03000602.05060503@custservice_14998@barclays.co.uk" border="0" usemap="#FPMap0"></A></a></font></p><p><font color="#FFFFFE">Prom Hairstyles Weather Hungry Liberians select location from would you like to pay </font></p></html>
This patch: * Adds a check on <area> tag href attributes for possible phishes
Assignee: mail → iann_bugzilla
Status: NEW → ASSIGNED
Attachment #204143 -
Flags: review?(neil.parkwaycc.co.uk)
|
||
Comment 2•17 years ago
|
||
Comment on attachment 204143 [details] [diff] [review] Patch to add checks on area tags v0.1 IMHO you should have used document.links in the first case, this includes all a and area tags with href attributes.
Attachment #204143 -
Flags: review?(neil.parkwaycc.co.uk) → review-
Changes since v0.1: * Removed checking of anchors and areas * Added checking of all links instead
Attachment #204143 -
Attachment is obsolete: true
Attachment #204156 -
Flags: review?(neil.parkwaycc.co.uk)
|
|
||
Comment 4•17 years ago
|
||
Comment on attachment 204156 [details] [diff] [review] Patch to change check to all links v0.1a I haven't tested this but it looks OK. >+ isEmailScam = forms[index].action.search("addbook") != 0; Nit: !/^addbook:/.test(forms[index].action) (I assume here that addbook: is the special add to address book scheme used by vcards)
Attachment #204156 -
Flags: review?(neil.parkwaycc.co.uk)
Changes since v0.1a: * Revised form action check as per Neil's comment and tested.
Attachment #204156 -
Attachment is obsolete: true
Attachment #204227 -
Flags: review?(neil.parkwaycc.co.uk)
|
|
||
Updated•17 years ago
|
Attachment #204227 -
Flags: review?(neil.parkwaycc.co.uk) → review+
Attachment #204227 -
Flags: superreview?(bienvenu)
|
||
Comment 6•17 years ago
|
||
Comment on attachment 204227 [details] [diff] [review] link test action patch v0.1b (Checked in trunk, TB part in branch 1.8) I'll let Scott look at this...
Attachment #204227 -
Flags: superreview?(bienvenu) → superreview?(mscott)
|
||
Comment 7•17 years ago
|
||
Comment on attachment 204227 [details] [diff] [review] link test action patch v0.1b (Checked in trunk, TB part in branch 1.8) Thanks for porting the fix to tbird too.
Attachment #204227 -
Flags: superreview?(mscott) → superreview+
Comment on attachment 204227 [details] [diff] [review] link test action patch v0.1b (Checked in trunk, TB part in branch 1.8) Checking in mail/base/content/phishingDetector.js; new revision: 1.15; previous revision: 1.14 mailnews/base/resources/content/phishingDetector.js; new revision: 1.4; previous revision: 1.3 done
Attachment #204227 -
Attachment description: link test action patch v0.1b → link test action patch v0.1b (Checked in)
Comment on attachment 204227 [details] [diff] [review] link test action patch v0.1b (Checked in trunk, TB part in branch 1.8) Requesting approval for branch, low risk and gives slightly improved phishing detection for TB and SM
Attachment #204227 -
Flags: approval1.8.0.1?
|
|
||
Comment 10•17 years ago
|
||
Comment on attachment 204227 [details] [diff] [review] link test action patch v0.1b (Checked in trunk, TB part in branch 1.8) Iann, I'm gonna minus this nomination because 1.8.0.x is flag for the 1.8 security releases and this isn't a serious security issue. There's a 1.8.1 approval flag which I don't see here for seamonkey bugs (?) which you could nominate this for.
Attachment #204227 -
Flags: approval1.8.0.1? → approval1.8.0.1-
|
||
Comment 11•17 years ago
|
||
Unfortunately, it can't block SeaMonkey 1.0 Beta if it can't land in 1.8.0.x
Flags: blocking-seamonkey1.0b? → blocking-seamonkey1.0b-
|
Assignee | |
Comment 12•17 years ago
|
||
This is a SeaMonkey only part of patch v0.1b for checkin to branch. Carrying forward r and sr and requesting branch approval for this low risk patch which gives better phishing detection for the user
Attachment #205088 -
Flags: superreview+
Attachment #205088 -
Flags: review+
Attachment #205088 -
Flags: approval1.8.0.1?
Attachment #205088 -
Flags: approval1.8.0.1? → approval-seamonkey1.0?
|
|
||
Comment 13•17 years ago
|
||
Comment on attachment 205088 [details] [diff] [review] SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch 1.8 & 1.8.0) a=me for the SeaMonkey-only change
|
|
||
Comment 14•17 years ago
|
||
Comment on attachment 205088 [details] [diff] [review] SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch 1.8 & 1.8.0) a=me for the SeaMonkey-only change
|
|
||
Comment 15•17 years ago
|
||
Comment on attachment 205088 [details] [diff] [review] SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch 1.8 & 1.8.0) a=me for the SeaMonkey-only change
|
|
||
Comment 16•17 years ago
|
||
Comment on attachment 205088 [details] [diff] [review] SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch 1.8 & 1.8.0) a=me for the SeaMonkey-only change
|
|
Assignee | |
Comment 17•17 years ago
|
||
Comment on attachment 205088 [details] [diff] [review] SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch 1.8 & 1.8.0) Checking in phishingDetector.js; new revision: 1.1.2.2; previous revision: 1.1.2.1 done
Attachment #205088 -
Attachment description: SeaMonkey only version of patch for branch v0.1b_sm → SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch)
|
|
Assignee | |
Comment 18•17 years ago
|
||
I'll leave this open for possible check in of TB part to 1.8.1 branch
|
||
Updated•17 years ago
|
Whiteboard: fixed-seamonkey1.0
|
|
Assignee | |
Comment 19•17 years ago
|
||
Comment on attachment 205088 [details] [diff] [review] SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch 1.8 & 1.8.0) Checking in (branch 1.8.0) phishingDetector.js; new revision: 1.1.2.1.4.1; previous revision: 1.1.2.1 done
Attachment #205088 -
Attachment description: SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch) → SeaMonkey only version of patch for branch v0.1b_sm (Checked into branch 1.8 & 1.8.0)
|
|
||
Comment 20•17 years ago
|
||
Comment on attachment 204227 [details] [diff] [review] link test action patch v0.1b (Checked in trunk, TB part in branch 1.8) I'd like to get this in for Thunderbird 2.0. Lemme know if you need me to land this on the 1.8.1 branch for you.
Attachment #204227 -
Flags: approval1.8.1+
|
|
Assignee | |
Comment 21•17 years ago
|
||
Comment on attachment 204227 [details] [diff] [review] link test action patch v0.1b (Checked in trunk, TB part in branch 1.8) Checking in (branch 1.8) phishingDetector.js; new revision: 1.12.2.2; previous revision: 1.12.2.1 done
Attachment #204227 -
Attachment description: link test action patch v0.1b (Checked in) → link test action patch v0.1b (Checked in trunk, TB part in branch 1.8)
|
||
Updated•17 years ago
|
Keywords: fixed-seamonkey1.0
Whiteboard: fixed-seamonkey1.0
You need to log in
before you can comment on or make changes to this bug.
Description
•