Closed Bug 509813 Opened 15 years ago Closed 8 years ago

First version of Safebrowsing Test

Categories

(Toolkit :: Safe Browsing, defect)

Product:
Toolkit
Component:
Safe Browsing
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: gcasto, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

WIP 0.1 - Just getting started
7.18 KB, patch
Details | Diff | Splinter Review 
I'd like to get this checked in somewhere in the tree so that we can start working on having Firefox perform this test.  If everything works out, you should be able to just extract the tarball and run safebrowsing_test_server.py
Hmm, apparently the attachment is to large :(.  I'll try and figure out some externally visible place that I can host it.
It doesn't include tests for /gethash requests/responses, am I correct? (BTW - /list is not implemented in Firefox AFAICT, table/list names are hardcoded...)
Shawn: do you think you can take a look at this (or get someone else to)? I'm happy to help with figuring out the specifics of how to get this hooked up to our unit tests, but I don't know the first thing about safebrowsing.
David is in the process of taking over safebrowsing, so he should probably take a look at this and I can help him out as needed.
BartZilla:
No, this current version of the test doesn't deal with testing /gethash.  I'm currently working on that. The /list request doesn't need to be made for the test (the lists can be hardcoded) but I thought that I would give clients the opportunity if they wanted to test it.
I posted a new version of the test that should actually work with Firefox.

http://google-safe-browsing.googlecode.com/files/safebrowsing_test_pver2_2.tar.gz
Assignee: nobody → ddahl
Sounds like we need to make some tweaks to the urlclassifier. When running in testing mode with this server, we need to add additional GET param: "test_step".

Is this really needed? Do we want to change the behavior of the client when it is running against the test server? Just curious why this is needed.
Actually - it looks like the pref already has the path appended to it, so adding the "test_step" param is easy. no worries.
Saving current work in progress
Sorry, got distracted by some other issues.  The test step is sort of a leftover from a previous design of the server, where the testing server might service multiple clients at once.  It is also useful in that it makes generated the data easier (some requests might be the same but will generate different responses, and it's easy to differentiate them via the test step). At some point in the future I might get rid of it, but for now keeping it in seems like the easiest thing to do.
A quick update.  I'm currently working on a version of this test that will verify the actual data that was received.  That is it implements the verification request part mentioned at http://code.google.com/p/google-safe-browsing/wiki/ProtocolTesting.  I just wanted to make sure that this setup (making an additional http request) is reasonable and workable. If not, we can talk about alternatives.
Blocks: 502932
Garret:

As I look at bug 534079, I wonder how it might be possible to write an automatic, repeatable test for the error state we want to avoid. Is it possible to craft a payload for this server that exactly replicates the issue? When I look at the data used in this server, it is all quite opaque. It would be very handy to be able to pass this server JSON data that sets up the interaction (in a clearly-defined, testable way) with a clean profile for testing.
Assignee: ddahl → nobody
Product: Firefox → Toolkit
We have some tests already in the tree and we'll be improving on them when we implement V4 of the protocol (bug 1167038).
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: