Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-US; rv:1.9b3pre) Gecko/2008011804 Minefield/3.0b3pre ID:2008011804 While verifying the patch of Tony on bug 367538 I noticed that no warning dialog is shown when opening one of the listed URLs within the Google black list: http://sb.google.com/safebrowsing/update?version=goog-black-url:1:-1 Many of the pages point to a 404 address meanwhile but Firefox 2 still shows the phishing alert while Firefox 3 doesn't. Same happens for nightly builds on Windows. After some searching I found a working URL which can be used to reproduce this issue: http://classifiedsphilippines.com/userimgs/dert.htm It doesn't happen for the its-a-trap page: http://www.mozilla.com/firefox//its-a-trap.html Asking for blocking Firefox 3.
same as 413600 ?
More discussion about this in the forums: http://forums.mozillazine.org/viewtopic.php?t=622677
Could this be linked to bug 402469? Also, when I click on the blacklist link above (http://sb.google.com/safebrowsing/update?version=goog-black-url:1:-1), I just see an empty page. Is that right?
We're using a different blacklist server in Firefox 3 (still Google, just different software) and the code in both Firefox and on the Google server are still "in progress". In addition the server doesn't yet have a full set of data. Keep an eye on things for sure, but it's not a surprise FF3 doesn't yet catch everything FF2 does.
This is due to the way the Google SafeBrowsing service is sending updates to Firefox 3. We're working with them to resolve, and will soon be moving to the new version of the server spec.
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → INVALID
Mike, so this is a server-side issue? If yes that's fine but if Firefox needs to be updated to use the new service shouldn't we have a tracker bug therefor?
As beltzner told on IRC this should be working now. Personally I still cannot see a warning. Do we have any working examples? Further I'm surprised that this bug gets marked as invalid. It's a real open issue which affects Firefox.
(In reply to comment #9) > Created an attachment (id=302375) [details] > Screenshot; wfm Something that's not hardcoded in the code, please?
Ok, I checked http://www.phishtank.com/ to get a list of known phishing sites. I tested a lot of them and I get a phishing warning now. That's why I don't think that INVALID is the correct state of this bug. Due to its working now lets mark it as WFM.
Resolution: INVALID → WORKSFORME
Cool, thanks Henrik; verified.
Status: RESOLVED → VERIFIED
I just tried to reproduce this and I can. :/ I visited: https://www.mybusinessbank.co.uk/cs70_banking/logon/slogon http://classifiedsphilippines.com/userimgs/dert.htm http://131.115.broadband.iol.cz/online.bancadiroma.it/index.php http://188.8.131.52/private/avirtual1-bancatlan.com/PYMES/hlogin.htm http://184.108.40.206/www.irs.gov/irfofgetstatus.htm and never saw the warning. And I have had Firefox open for a long time (at least 10 hours today I'm guessing.) The urlclassifier3.sqlite is 13.2 MB. And I can also get to those five sites without a warning on a clean profile that's been open about 2-3 hours. Can anyone else reproduce?
(In reply to comment #14) > I just tried to reproduce this and I can. :/ > > I visited: > > https://www.mybusinessbank.co.uk/cs70_banking/logon/slogon > ... D'oh! I just realized that is actually the legitimate Alliance & Leicester site; please disregard that URL. The other ones are all genuine phishing sites though :)
Component: Phishing Protection → Phishing Protection
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.