Closed Bug 462807 Opened 16 years ago Closed 11 years ago

URL classifier initializes PSM/NSS during startup if homepage is an HTTP page

Categories

(Toolkit :: Safe Browsing, defect)

Product:
Toolkit
Component:
Safe Browsing
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 19

People

(Reporter: bzbarsky, Unassigned)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

(Keywords: perf, Whiteboard: [ts] fixed by bug 756313) 

See bug 390324 for the code change that introduced this.  I certainly hit my PSM/NSS init breakpoint before a window is ever shown.  This does require that the homepage be something that the URL classifier will care about (so not about:blank), but I suspect that's the common case.

You'll need to apply the patch in bug 462806 to hit this, since without that we init PSM from the jar code.
I should note that even with about:blank, all that happens is that we delay url-classifier load by 2 seconds, then we init NSS.  Maybe that's unavoidable, and maybe we're guaranteed that the window is mapped by then, even on slow hardware...
So we init PSM for nsCryptoHash, which we need to perform the lookup (the db stores hashed urls).  To fix this well, we'd need to separate out hash initialization from the rest of NSS initialization (see bug 424093).
Depends on: 448579
(In reply to comment #2)
> To fix this well, we'd need to separate out hash
> initialization from the rest of NSS initialization (see bug 424093).

Err, bug 448579
Wait.  Why do we need to separate things out to fix this?  We could also fix PSM init to work from non-main threads and take out the "force init from main thread" code, no?  Or would we still need to hash before we get the HTTP response?
I should also note that if we're not worried about the user's homepage being a phishing page we could skip url-classifying that one load.  I'm not sure we shouldn't worry about it, though.
(In reply to comment #4)
> Wait.  Why do we need to separate things out to fix this?  We could also fix
> PSM init to work from non-main threads and take out the "force init from main
> thread" code, no?  Or would we still need to hash before we get the HTTP
> response?

Yeah, we still need to hash before we get the response.  The blacklist doesn't contain urls, it contains hashes.  We need to hash the urls before we can look them up in the db.
(In reply to comment #5)
> I should also note that if we're not worried about the user's homepage being a
> phishing page we could skip url-classifying that one load.  I'm not sure we
> shouldn't worry about it, though.

Another, much more hacky, workaround would be to keep the hashes of homepage urls around somewhere so that we can skip initializing psm for them..
Whiteboard: [ts]
Blocks: 447581
I'm pretty sure that this bug was fixed by bug 756313. Please reopen if I am wrong.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → WORKSFORME
OS: Mac OS X → All
Hardware: x86 → All
Resolution: WORKSFORME → FIXED
Whiteboard: [ts] → [ts] fixed by bug 756313
Target Milestone: --- → Firefox 19
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.