Last Comment Bug 326082 - Get phishing detection to cope with tags within link text
: Get phishing detection to cope with tags within link text
Status: RESOLVED FIXED
[sg:spoof][qa:verified-tb-1802]
: fixed-seamonkey1.0.1, fixed-seamonkey1.1a, fixed1.8.0.2, fixed1.8.1
Product: MailNews Core
Classification: Components
Component: Security (show other bugs)
: Trunk
: All All
: -- normal (vote)
: ---
Assigned To: Ian Neal
:
Mentors:
: 324391 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-02-06 05:28 PST by Ian Neal
Modified: 2012-06-20 03:06 PDT (History)
6 users (show)
dveditz: blocking‑thunderbird2+
dveditz: blocking1.8.0.2+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Strip spaces patch v0.1a (2.65 KB, patch)
2006-02-06 05:48 PST, Ian Neal
neil: review+
Details | Diff | Splinter Review
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches) (2.70 KB, patch)
2006-02-06 07:44 PST, Ian Neal
iann_bugzilla: review+
mozilla: superreview+
mozilla: approval‑branch‑1.8.1+
dveditz: approval1.8.0.2+
Details | Diff | Splinter Review

Description Ian Neal 2006-02-06 05:28:19 PST
At the moment misMatchedHostWithLinkText does not cope with tags within the link text e.g. <a href='http://www.e1biotech.com/zboard/data/item1/Koreanp.php'>htt<font></font>ps://i<font></font>bank.b<font></font>arclay<font></font>s.c<font></font>o.uk/ol<font></font>b/p/LoginMem<font></font>ber.do</a>

This is because gatherTextUnder puts a space between each bit of text it gathers.
Comment 1 Ian Neal 2006-02-06 05:48:29 PST
Created attachment 210865 [details] [diff] [review]
Strip spaces patch v0.1a

This patch:
* Removes any spaces from linkNodeText prior to checking for http/https.
Comment 2 neil@parkwaycc.co.uk 2006-02-06 06:11:30 PST
Comment on attachment 210865 [details] [diff] [review]
Strip spaces patch v0.1a

Might be worth moving the replace above the empty string test?
Comment 3 Ian Neal 2006-02-06 07:44:18 PST
Created attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

Changes since v0.1a:
* Moved replace to before empty string check as per reviewer's comment

Carried forward r=
Comment 4 Daniel Veditz [:dveditz] 2006-02-06 09:15:04 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

David, This is wanted for the 1.8 branch, right?
Comment 5 Ian Neal 2006-02-06 09:25:32 PST
Would it be wanted for the TB 1.0.x branch too?
Comment 6 David :Bienvenu 2006-02-06 11:08:53 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

yes, for 1.8.1, I'll let Scott weigh in on 1.8.0.1
Comment 7 Scott MacGregor 2006-02-13 12:54:45 PST
Iann, can you get this landed on the trunk and 1.8 branches so we can get some community test coverage on it before I approve it for the 1.8.0.x branch? Thanks. 
Comment 8 Christian :Biesinger (don't email me, ping me on IRC) 2006-02-13 14:55:29 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

a=biesi on the seamonkey part for seamonkey 1.1
Comment 9 Ian Neal 2006-02-13 15:15:26 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

Checking in (trunk)
mail/base/content/phishingDetector.js;
new revision: 1.16; previous revision: 1.15
mailnews/base/resources/content/phishingDetector.js;
new revision: 1.6; previous revision: 1.5
done
Checking in (branch 1.8.1)
mail/base/content/phishingDetector.js;
new revision: 1.12.2.3; previous revision: 1.12.2.2
mailnews/base/resources/content/phishingDetector.js;
new revision: 1.1.2.4; previous revision: 1.1.2.3
done
Comment 10 Daniel Veditz [:dveditz] 2006-02-22 11:33:17 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

approved for 1.8.0 branch, a=dveditz for drivers
Comment 11 Christian :Biesinger (don't email me, ping me on IRC) 2006-02-22 15:17:06 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

a=me for sm 1.0.1
Comment 12 neil@parkwaycc.co.uk 2006-02-22 15:38:52 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

me2
Comment 13 Ian Neal 2006-02-22 15:54:32 PST
Comment on attachment 210877 [details] [diff] [review]
Pre-empty string check patch v0.1b (Checked in trunk and 1.8.0 & 1.8.1 branches)

Checking in (1.8.0 branch)
mail/base/content/phishingDetector.js;
new revision: 1.12.2.1.4.1; previous revision: 1.12.2.1
mailnews/base/resources/content/phishingDetector.js;
new revision: 1.1.2.1.4.3; previous revision: 1.1.2.1.4.2
done
Comment 14 Bob Clary [:bc:] 2006-03-21 17:24:21 PST
verified that the example link is identified in tb1.5.0.2/windows/20060308 as a phish.
Comment 15 Mike Ralphson 2006-08-17 06:02:24 PDT
*** Bug 324391 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.