www prefix can confuse the phishing detector

RESOLVED FIXED in Thunderbird2.0

Status

RESOLVED FIXED
13 years ago
12 years ago

People

(Reporter: mscott, Assigned: mkmelin+mozilla)

Tracking

({fixed-seamonkey1.1.2, fixed1.8.1.3})

Trunk
Thunderbird2.0
fixed-seamonkey1.1.2, fixed1.8.1.3

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

13 years ago
Rafael had an e-mail sig that had a URL of:

actual anchor src: http://www.mozilla.org
user text: http://mozilla.org

This triggered the phishing detector because we detected that the url being shown to the user did not match the actual url you would get taken too.

I wonder if we should hack a check for "www." and strip that off the front of the host name before doing the comparison.
(Reporter)

Updated

13 years ago
Target Milestone: --- → Thunderbird2.0
(Reporter)

Updated

13 years ago
Keywords: helpwanted

Comment 1

13 years ago
Scott, is this a decision then?  Must the phising detection strip www from the hostname?

If so, I'll take this.  The phishing code will be easy to change to add this.
Status: NEW → ASSIGNED
(Reporter)

Comment 2

13 years ago
I think we should do it. 

I can't see a problem with saying
www.foo.org is the same host as foo.org
(Reporter)

Comment 3

13 years ago
cc'ing Ray since he expressed an interest in helping out with this.

Comment 4

13 years ago
Yes, I'll take this.  Patch forthcoming.  Do you have a preference for a regex match or just strip any www?
Assignee: mscott → bugzilla.mozilla
Status: ASSIGNED → NEW
(Assignee)

Comment 5

12 years ago
Created attachment 255131 [details] [diff] [review]
proposed fix (checked in trunk / 1.8 branch)

Don't mark as scam for host mismatch on only www prefix.
Assignee: raybooysen → mkmelin+mozilla
Status: NEW → ASSIGNED
Attachment #255131 - Flags: superreview?(mscott)
Attachment #255131 - Flags: review?(mscott)
(Assignee)

Updated

12 years ago
Keywords: helpwanted
OS: Windows XP → All
Hardware: PC → All
(Reporter)

Comment 6

12 years ago
Comment on attachment 255131 [details] [diff] [review]
proposed fix (checked in trunk / 1.8 branch)

sr=me, you might need a seamonkey reviewer to ok the mainews version. I'd recommend iann@arlen.demon.co.uk.

Magnus, it might also be interesting to spin up a separate bug to look at using the new TLD (top level domain) stuff available on the trunk so   urls that have the same top level domain are considered safe.
Attachment #255131 - Flags: superreview?(mscott) → superreview+
(Reporter)

Comment 7

12 years ago
Comment on attachment 255131 [details] [diff] [review]
proposed fix (checked in trunk / 1.8 branch)

or you could ask Karsten
Attachment #255131 - Flags: review?(mscott) → approval-thunderbird2+
(Assignee)

Updated

12 years ago
Attachment #255131 - Flags: review?(iann_bugzilla)

Updated

12 years ago
Attachment #255131 - Flags: review?(iann_bugzilla) → review+
(Assignee)

Updated

12 years ago
Whiteboard: [checkin needed] [checkin needed (1.8 branch)]

Comment 8

12 years ago
mozilla/mail/base/content/phishingDetector.js                1.25
mozilla/mailnews/base/resources/content/phishingDetector.js  1.13
Status: ASSIGNED → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → FIXED
Whiteboard: [checkin needed] [checkin needed (1.8 branch)] → [checkin needed (1.8 branch)]
(Reporter)

Comment 9

12 years ago
I approved and landed the Thunderbird change on the branch. There's no easy way to nominate the seamonkey patch though.
Keywords: fixed1.8.1.3
Whiteboard: [checkin needed (1.8 branch)]

Comment 10

12 years ago
a=me for SM1.1.2, need one more

Updated

12 years ago
Whiteboard: approval-seamonkey1.1.2?

Comment 11

12 years ago
Comment on attachment 255131 [details] [diff] [review]
proposed fix (checked in trunk / 1.8 branch)

a=Neil for SM1.1.2 via IRC
Checking in (1.8 branch)
phishingDetector.js;
new revision: 1.1.2.9; previous revision: 1.1.2.8
done
Attachment #255131 - Attachment description: proposed fix → proposed fix (checked in trunk / 1.8 branch)

Updated

12 years ago
Keywords: fixed-seamonkey1.1.2
Whiteboard: approval-seamonkey1.1.2?
You need to log in before you can comment on or make changes to this bug.