: New feature! MozillaWiki is now mobile-friendly. Visit from a mobile device to see new mobile theme + try editing. Release details.

Phishing Protection

From MozillaWiki
Jump to: navigation, search

Note: The Safe Browsing feature in Firefox has been renamed to Phishing Protection, but it's still now as Safe Browsing internally.

Overview

Google Safe Browsing was an anti-phishing extension released by Google on labs.google.com in December 2005. Google has released this extension to the Mozilla Foundation under MPL 1.1/GPL 2.0/LGPL 2.1 in order that it might be used as part of Firefox if desired.

We've landed this change on the trunk as a global extension as of 7 March 2006. The next steps are to figure out whether this is something we want to use as the base for an anti-phishing feature in Firefox. Of course, whether it is enabled or even shipped is still a matter for discussion, as is the final form the extension might take, its UI, the way users opt-in, and the like.

You can read the discussion that lead up to to its integration in https://bugzilla.mozilla.org/show_bug.cgi?id=329292

How to Enable

safebrowsing is enabled by default on the MOZILLA_1_8_BRANCH and trunk. You can enable/disable it in the Options dialog in the Security tab.

If you wish to see debugging output, open toolkit/components/url-classifier/src/nsUrlClassifierLib.js and set G_GDEBUG to true.

Documentation

Engineering

Product/Component: Toolkit/Safe Browsing

  • Tracking bug
  • The Firefox implementation is split into two parts:
    • browser/components/safebrowsing/
    • toolkit/components/url-classifier/ (includes the list manager)
  • Local store is in:
    • ~/.cache/mozilla/firefox/XXXX/safebrowsing/ on Linux
    • ~/Library/Caches/Firefox/Profiles/XXXX/safebrowsing/ on Mac
  • itisatrap.org test pages
  • Telemetry dashboard

QA

To turn on debugging output, export the following environment variable:

NSPR_LOG_MODULES="UrlClassifierDbService:5,nsChannelClassifier:5"