Closed
Bug 756591
Opened 13 years ago
Closed 12 years ago
safebrowsing should prevent activation event
Categories
(Firefox Graveyard :: SocialAPI, defect)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: mixedpuppy, Assigned: mixedpuppy)
References
Details
We need to have some blocklist support for manifest files, including the ability to disable previously installed manifests if they end up in a blocklist
Comment 1•13 years ago
|
||
I guess this blocking will be implemented per origin rather than the full URL to the manifest (ie, so a domain we want to block can't just move the manifest to somewhere else on the domain and have it work?) Under this assumption, I'm marking this as dependent on bug 756021 (which is where we are deciding exactly what the "origin" is in this world)
Depends on: 756021
Assignee | ||
Comment 2•13 years ago
|
||
implemented testing against safebrowsing for loading remote manifest files, pushed in change
https://github.com/mozilla/socialapi-dev/commit/e668ec63bb4e942fae6bbb36c2261c9f8caa76c6
We probably also want a more direct blocklist like AMO, or potentially even using the AMO blocklist directly.
We also need to consider when to recheck manifest files that made their way into the db, in case one later becomes a problem.
Assignee | ||
Updated•13 years ago
|
Severity: normal → blocker
Assignee | ||
Updated•13 years ago
|
Assignee: nobody → mixedpuppy
Assignee | ||
Comment 3•12 years ago
|
||
This is not a feature of v1 landing, not a blocker
Severity: blocker → normal
Updated•12 years ago
|
Whiteboard: [Fx17]
Assignee | ||
Updated•12 years ago
|
Whiteboard: [Fx17]
Assignee | ||
Comment 4•12 years ago
|
||
blocklist support using AMO is implemented in a patch on bug 755126
Depends on: 755126
Comment 5•12 years ago
|
||
Should this be duped to bug 755126 then? What would need to be done here that isn't included in 755126?
Assignee | ||
Comment 6•12 years ago
|
||
The one item here that isn't in bug 755126 is the safebrowsing support we used early on. The benefit here would be to prevent activation from any site that gets a hit in safebrowsing. Another potential use would be to softblock any installed provider that gets a hit in safebrowsing.
Summary: blocklist support for manifests → safebrowsing should prevent activation event
Comment 7•12 years ago
|
||
I don't really understand the new summary - safebrowsing doesn't let you load pages on the blacklist at all, so there's no additional work required to "prevent the activation event".
Assignee | ||
Comment 8•12 years ago
|
||
short talk with gavin, this isn't necessary.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
Updated•6 years ago
|
Product: Firefox → Firefox Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•