Closed Bug 434592 Opened 18 years ago Closed 15 years ago

url-classifier should be enabled by default on xulrunner

Categories

(Toolkit Graveyard :: XULRunner, defect)

Product:
Toolkit Graveyard
Component:
XULRunner
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
mozilla2.0b12

People

(Reporter: glandium, Assigned: glandium)

References

Details

Attachments

(1 file)

Enable url-classifier by default on xulrunner
359 bytes, patch
benjamin
: review+
beltzner
: approval2.0+
Details | Diff | Splinter Review
When building against a "standard" libxul-sdk, which doesn't include the url-classifier component (which lives in toolkit/components and isn't enabled by default), safe browsing doesn't work because of lack of the url-classifier (since stuff in toolkit/components don't get included, even though url-classifier ends up being enabled during the build) Either the url-classifier should be enabled by default in libxul builds, or it should either be moved in browser or built in some way from toolkit even when using a libxul-sdk.
Yes, this is pretty bad... I just noticed yesterday that Ubuntu has disabled safe browsing because of problems like this. :/
Severity: normal → major
Component: Build Config → Phishing Protection
Flags: blocking-firefox3?
QA Contact: build.config → phishing.protection
FWIW, I'm going to enable url-classifier in xulrunner in Debian to solve this issue.
FWIW, safe browsing works in Fedora's builds. We're doing --enable-safe-browsing in both XR and FF, which might be the magic to make it work.
this is a distro config issue for now, it might not be ideal, but we're not going to rearchitect stuff.
Flags: blocking-firefox3? → blocking-firefox3-
It's not necessarily about rearchitect stuff. It could be changing defaults, i.e. activating uri-classifier on xulrunner by default.
Summary: Safe browsing doesn't work on libxul-sdk builds → url-classifier should be enabled by default on xulrunner
Assignee: nobody → mh+mozilla
Attachment #513410 - Flags: review?(benjamin)
Comment on attachment 513410 [details] [diff] [review] Enable url-classifier by default on xulrunner I think this is fine. It's separate from whether we enable safebrowsing by default, which might require partner input.
Attachment #513410 - Flags: review?(benjamin) → review+
Attachment #513410 - Flags: approval2.0?
Kev: opinions? I'm for this, generally, but want to make sure we're not pooching folks.
I don't see any issue, as it's something that doesn't affect our default builds, and I can't see it being a deal-breaker as it can still be turned off. Definitely something that'll need some documentation/messaging love for where it might affect orgs who are compiling their own binaries (which is primarily distros and projects such as Powered-by-Mozilla) from the various distros. I don't know of anyone it'd pooch off-hand, but we don't have visibility into what other folks do with our source, and we should make sure this change is documented.
Comment on attachment 513410 [details] [diff] [review] Enable url-classifier by default on xulrunner Hrm - Mike - I think we have to minus this - wouldn't each app need to work out it's own downstream T&C with google for the use of the safebrowsing service? I don't think our agreement covers that. I suspect you are covered, but not "any xulrunner app"
Attachment #513410 - Flags: approval2.0? → approval2.0-
(In reply to comment #10) > Comment on attachment 513410 [details] [diff] [review] > Enable url-classifier by default on xulrunner > > Hrm - Mike - I think we have to minus this - wouldn't each app need to work out > it's own downstream T&C with google for the use of the safebrowsing service? I > don't think our agreement covers that. I suspect you are covered, but not "any > xulrunner app" Hum, this is url-classifier, not safebrowsing. Not that if you are concerned with downstream T&C for safebrowsing, bug 557752 is the one to address. (In reply to comment #9) > I don't see any issue, as it's something that doesn't affect our default > builds, and I can't see it being a deal-breaker as it can still be turned off. > Definitely something that'll need some documentation/messaging love for where > it might affect orgs who are compiling their own binaries (which is primarily > distros and projects such as Powered-by-Mozilla) from the various distros. Note that a lot of distros shipping firefox as a xulrunner application already enable url-classifier in xulrunner (by hand).
url-classifier does look up hashes through Google, at least in the default config of Firefox: http://mxr.mozilla.org/mozilla-central/source/browser/app/profile/firefox.js#729
(In reply to comment #12) > url-classifier does look up hashes through Google, at least in the default > config of Firefox: > http://mxr.mozilla.org/mozilla-central/source/browser/app/profile/firefox.js#729 And this bug changes the default in xulrunner, and xulrunner doesn't set these prefs.
Comment on attachment 513410 [details] [diff] [review] Enable url-classifier by default on xulrunner renoming for the triage meeting
Attachment #513410 - Flags: approval2.0- → approval2.0?
Comment on attachment 513410 [details] [diff] [review] Enable url-classifier by default on xulrunner a=beltzner
Attachment #513410 - Flags: approval2.0? → approval2.0+
http://hg.mozilla.org/mozilla-central/rev/4653a9f58761
Status: NEW → RESOLVED
Closed: 15 years ago
Component: Phishing Protection → XULRunner
Flags: blocking-firefox3-
Product: Firefox → Toolkit
QA Contact: phishing.protection → xulrunner
Resolution: --- → FIXED
Target Milestone: --- → mozilla2.0b12
Version: 3.0 Branch → Trunk
Product: Toolkit → Toolkit Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: