Closed Bug 423790 Opened 13 years ago Closed 13 years ago

Phishing Backoff not working with 400s

Categories

(Toolkit :: Safe Browsing, defect, P1)

x86
Linux
defect

Tracking

()

RESOLVED FIXED
Firefox 3 beta5

People

(Reporter: gcasto, Assigned: dcamp)

References

Details

Attachments

(1 file, 1 obsolete file)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12
Build Identifier: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12

If the phishing server returns 400's, Firefox will make the request every minute, instead of just making 3 requests, and then backing off for an hour.

Reproducible: Always

Steps to Reproduce:
1. Have server return 400.
Summary: Phishing Backoff not working with 400's → Phishing Backoff not working with 400s
Version: unspecified → 2.0 Branch
Flags: blocking-firefox3?
Bumping up the priority -- we really need to get this fixed for beta 5, so that Firefox won't hammer the phishing servers if it receives 400's.
Severity: major → critical
Priority: -- → P1
Target Milestone: --- → Firefox 3 beta5
Status: UNCONFIRMED → NEW
Ever confirmed: true
Version: 2.0 Branch → Trunk
The backoff object doesn't consider 400 to be an error.  This should be an easy
fix, I'll attach a patch soon.
Attached patch trigger backoff for 400s (obsolete) — Splinter Review
Assignee: nobody → dcamp
Status: NEW → ASSIGNED
Attachment #310401 - Flags: review?(tony)
This version avoids scheduling the one-minute reping if the backoff object doesn't consider the server response worth erroring out on.
Attachment #310401 - Attachment is obsolete: true
Attachment #310410 - Flags: review?(tony)
Attachment #310401 - Flags: review?(tony)
Comment on attachment 310410 [details] [diff] [review]
slightly better fix

This is fine, but it's also a dupe of bug 378132.  This fix seems to be slightly better since we're now considering 4xx an error (that's not how we spec'ed it originally).
Attachment #310410 - Flags: review?(tony) → review+
Duplicate of this bug: 378132
Flags: blocking-firefox3? → blocking-firefox3+
Keywords: checkin-needed
Checking in content/listmanager.js;
/cvsroot/mozilla/toolkit/components/url-classifier/content/listmanager.js,v  <--  listmanager.js
new revision: 1.28; previous revision: 1.27
done
Checking in content/request-backoff.js;
/cvsroot/mozilla/toolkit/components/url-classifier/content/request-backoff.js,v  <--  request-backoff.js
new revision: 1.2; previous revision: 1.1
done
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Flags: blocking1.8.1.15?
The patch in bug 378132 might be a safer basis for a branch patch, as it changes fewer interfaces (a bit).  You'd want to update it to treat 4xx as errors.
Clearing branch blocking request because we took the patch in bug 378132. If we still need more please re-nominate and explain.
Flags: blocking1.8.1.15?
Dave/Garret, can you verify this bug is fixed, i think its difficult for QA to generate this Error 400 :-) 
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.