In order to allow users to choose which verdicts they would like to ignore, we should add a new pref that would initially be set to: browser.safebrowsing.apprep.badVerdicts = "DANGEROUS,DANGEROUS_HOST" and then eventually it would contain these as well: UNCOMMON POTENTIALLY_UNWANTED

A comma-separated string pref, or an integer pref (enumerated? bitwise?) or a collection of boolean prefs? For an example of the latter, filter about:config on security.warn_

(In reply to Tony Mechelynck [:tonymec] from comment #1) > For an example of the latter, filter about:config on security.warn_ If I look on Nightly (Linux), I don't see any prefs that start with "security.warn_". In fact, the only pref that shows up when I filter for "warn_" is "accessibility.warn_on_browsewithcaret". Are they platform-specific or are they hidden prefs?

(In reply to François Marier [:francois] from comment #2) > (In reply to Tony Mechelynck [:tonymec] from comment #1) > > For an example of the latter, filter about:config on security.warn_ > > If I look on Nightly (Linux), I don't see any prefs that start with > "security.warn_". In fact, the only pref that shows up when I filter for > "warn_" is "accessibility.warn_on_browsewithcaret". Are they > platform-specific or are they hidden prefs? Are they SeaMonkey-specific then? If they are, I didn't know it. Here are the ones I see in the about:config for the following build: UA:"Mozilla/5.0 (X11; Linux x86_64; rv:46.0) Gecko/20100101 Firefox/46.0 SeaMonkey/2.43a1" ID:20160109003001 en-US c-c:4f4f6a3674c9e16efacf62fd8963c8be5a31b07c m-c:0f363ae95dc90d593394ef464aa500804c824962 security.warn_entering_secure default boolean false security.warn_leaving_secure default boolean false security.warn_mixed_active_content default boolean true security.warn_mixed_display_content default boolean true security.warn_submit_insecure default boolean false security.warn_viewing_mixed default boolean false Then I see the same prefs with names prefixed with "services.sync.prefs.sync." which I suppose are used by SeaMonkey Sync, the SeaMonkey variant of Firefox Sync by which it is (or used to be) possible to sync prefs between Firefox and SeaMonkey; they all default to true. If they were hidden, I wouldn't see them except as "user set" which is not the case. They look like platform-agnostic but they might be obsolete on Firefox. I'm almost certain that at one time there was a UI for at least some of them in the SeaMonkey "Edit → Preferences" dialog, but I cannot find it back.

Comment on attachment 8714855 [details] [diff] [review] bug1237856.patch Review of attachment 8714855 [details] [diff] [review]: ----------------------------------------------------------------- ::: b2g/app/b2g.js @@ +357,5 @@ > pref("browser.safebrowsing.downloads.remote.url", "https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_API_KEY%"); > +pref("browser.safebrowsing.downloads.remote.block_dangerous", true); > +pref("browser.safebrowsing.downloads.remote.block_dangerous_host", true); > +pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); > +pref("browser.safebrowsing.downloads.remote.block_uncommon", false); The advantage of a list of booleans over a comma separated list is discoverability.