We iterate over docs checking to see if their URL matches a known bad URL that we have. We should accommodate fragments in the URL (eg, http://evil.com/index.html#foo) so we it's not trivial for a page to avoid detection by immediately re-naving the user to the URL with that fragment.
Stripping the fragment is part of url canonicalization for the list lookup, so this shouldn't be an issue anymore.
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → FIXED
Component: Phishing Protection → Phishing Protection
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.