Closed
Bug 633644
Opened 14 years ago
Closed 13 years ago
nsUrlClassifierDBServiceWorker::GetLookupFragments returns duplicate fragments in some cases
Categories
(Toolkit :: Safe Browsing, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 665930
People
(Reporter: mmm, Assigned: mmm)
Details
(Keywords: privacy)
It seems that GetLookupFragments will create duplicate fragments when the path ends in a "/". The following messages show up with debug output turned on: GetLookupFragments: called with spec mozilla.com/en-US/firefox/ 669188096[124f96790]: Chking mozilla.com/en-US/firefox/ 669188096[124f96790]: Chking mozilla.com/ 669188096[124f96790]: Chking mozilla.com/en-US/ 669188096[124f96790]: Chking mozilla.com/en-US/firefox/ Similarly, when called on a spec like "mozilla.com/", two identical fragments are returned.
Assignee | ||
Comment 1•14 years ago
|
||
CC'ing Dave Camp as it looks like he has worked with this.
Assignee: nobody → mars.martian+bugmail
Assignee | ||
Comment 2•14 years ago
|
||
Part of the problem seems to be here: http://hg.mozilla.org/mozilla-central/annotate/1ed3464aaa92/toolkit/components/url-classifier/src/nsUrlClassifierDBService.cpp#l1498 along with line 1509.
Assignee | ||
Comment 3•14 years ago
|
||
It looks like this is causing a problem with our HashCompleter requests. Based on calls to the HashCompleter and requests seen with the HttpFox extension it looks like the following happens when you visit a "bad" site which ends in a slash. I'll use malware.testing.google.test/testing/malware/ as an example. 1. Type malware.testing.google.test/testing/malware/ into url bar. 2. testing.google.test is determined to be a bad domain but the complete hash of the bad URL is needed 3. SHA-256 hash is taken of "malware.testing.google.test/testing/malware/", the hex prefix ("51864045") 4. A few random entries from urlclassifier3.sqlite are picked as noise. 5. nsUrlClassifierHashCompleter::Complete is called for "51864045" twice and once for all the noise entries. 6. A request is made to Google's SB servers and in the request header we can see the "51864045" entry twice. As I understand it, we add noise to obscure which site the user is actually making a request for. If so, this case renders the noise requirement useless.
Keywords: privacy
Assignee | ||
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
Updated•10 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•