Combine the phishing and malware protection checkboxes

RESOLVED WONTFIX

Status

()

Toolkit
Safe Browsing
--
enhancement
RESOLVED WONTFIX
10 years ago
4 years ago

People

(Reporter: Jesse Ruderman, Unassigned)

Tracking

({late-l10n})

Trunk
x86
Mac OS X
late-l10n
Points:
---
Bug Flags:
blocking-firefox3 -

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

10 years ago
I don't think phishing-protection and malware-protection need to be separate pref checkboxes.  The performance impact of having one enabled is about the same as having both enabled, but having only one enabled means less protection.  Combining the checkboxes would also make the scope of "provider" dropdown more clear.

Current:

[ ] Tell me if the site I'm visiting is a suspected forgery
[ ] Tell me if the site I'm visiting is a suspected attack site
       ... [Google |v] ...

Proposed:

[ ] Block suspected forgery and attack sites
       ... [Google |v] ...
johnath/dcamp: do we need to get this in for beta? not sure why we want/need different prefs here ...
Flags: blocking-firefox3?
Keywords: late-l10n

Comment 2

10 years ago
might all depend on the quality of the data we get for these categories.  

are we still going with the idea to allow users to click through on forgery sites, and completely block access to sites on the attack list?

if the user runs into a large number of false positives for either category they might want to turn off one or the other.
Yeah, I don't think there's a huge win to combining them.  There's been cases where people wanted one or the other in the betas.  I know that someone hitting a fair number of phising false positives might want to disable that without disabling malware protection.  I've never been phished, because I understand how our security indicators and URLs work, and I get what phishing actually is, but I might have wandered onto exploit sites from time to time.
Flags: blocking-firefox3? → blocking-firefox3-

Comment 4

10 years ago
lets mark this wontfix or some other step to get it off the late-l10n watch list if we agree not to do it.
I agree with comments 2 and 3, these lists are gathered in different ways and people may have different opinions about them.

Jesse's still right that the perf hit is about the same either way, but now that the support for lookup-mode has been removed, the point about disambiguating the provider combo box is sort of moot.

I think we wontfix this.
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → WONTFIX
(Assignee)

Updated

4 years ago
Component: Phishing Protection → Phishing Protection
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.