Security/Safe Browsing: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(add a QA section with a bunch of test URLs)
(merge a few things into a new "Engineering" section)
Line 20: Line 20:
* [[Phishing Protection: Client Spec|Client Spec]]
* [[Phishing Protection: Client Spec|Client Spec]]


== Source Code ==
== Engineering ==
Product/Component: '''Toolkit/Safe Browsing'''


* [https://bugzilla.mozilla.org/show_bug.cgi?id=1149867 Tracking bug]
* The Firefox implementation is split into two parts:
* The Firefox implementation is split into two parts:
** <tt>browser/components/safebrowsing/</tt>
** <tt>browser/components/safebrowsing/</tt>
** <tt>toolkit/components/url-classifier/</tt> (includes the list manager)
** <tt>toolkit/components/url-classifier/</tt> (includes the list manager)
* [https://github.com/mozilla/itisatrap itisatrap.org] test pages
* [https://github.com/mozilla/itisatrap itisatrap.org] test pages
* [https://people.mozilla.org/~fmarier/safebrowsing-dashboard/ Telemetry dashboard]


== QA ==
== QA ==
Line 32: Line 35:
* [http://phishtank.com/ Phishtank] (real phishing sites)
* [http://phishtank.com/ Phishtank] (real phishing sites)
* [http://testsafebrowsing.appspot.com Google test pages]
* [http://testsafebrowsing.appspot.com Google test pages]
== Telemetry ==
Dashboard: https://people.mozilla.org/~fmarier/safebrowsing-dashboard/
== Bugs ==
* [https://bugzilla.mozilla.org/show_bug.cgi?id=1149867 Tracking bug]
* Product/Component: '''Toolkit/Safe Browsing'''
You can also look at bugs under [https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&product=Firefox&component=Phishing+Protection&long_desc_type=substring&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&keywords_type=allwords&keywords=&emailassigned_to1=1&emailtype1=exact&email1=&emailassigned_to2=1&emailreporter2=1&emailqa_contact2=1&emailtype2=exact&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=Reuse+same+sort+as+last+time&field0-0-0=noop&type0-0-0=noop&value0-0-0= Firefox / Phishing Protection].

Revision as of 08:10, 17 April 2015

Note: The Safe Browsing feature in Firefox has been renamed to Phishing Protection, but it's still now as Safe Browsing internally.

Overview

Google Safe Browsing was an anti-phishing extension released by Google on labs.google.com in December 2005. Google has released this extension to the Mozilla Foundation under MPL 1.1/GPL 2.0/LGPL 2.1 in order that it might be used as part of Firefox if desired.

We've landed this change on the trunk as a global extension as of 7 March 2006. The next steps are to figure out whether this is something we want to use as the base for an anti-phishing feature in Firefox. Of course, whether it is enabled or even shipped is still a matter for discussion, as is the final form the extension might take, its UI, the way users opt-in, and the like.

You can read the discussion that lead up to to its integration in https://bugzilla.mozilla.org/show_bug.cgi?id=329292

How to Enable

safebrowsing is enabled by default on the MOZILLA_1_8_BRANCH and trunk. You can enable/disable it in the Options dialog in the Security tab.

If you wish to see debugging output, open toolkit/components/url-classifier/src/nsUrlClassifierLib.js and set G_GDEBUG to true.

Documentation

Engineering

Product/Component: Toolkit/Safe Browsing

QA

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Safe_Browsing&oldid=1068938"