Changes

[http://developerwww.google.com/tools/firefox/safebrowsing/ Google Safe Browsing] is an anti-phishing extension released by Google on [http://labs.google.com/ labs.google.com] in December 2005. Google has released this extension to the Mozilla Foundation under MPL 1.1/GPL 2.0/LGPL 2.1 in order that it might be used as part of Firefox if desired.  We've landed this change on the trunk as a global extension as of 7 March 2006. The next steps are to figure out whether this is something we want to use as the base for an anti-phishing feature in Firefox. Of course, whether it is enabled or even shipped is still a matter for discussion, as is the final form the extension might take, its UI, the way users opt-in, and the like. You can read the discussion that lead up to to its integration in https://bugzilla.mozilla.org/enshow_bug.cgi?id=329292 == How to Enable == * Add the following to your mozconfig file: <pre>ac_add_options --enable-extensions=default,safe-browsing</docspre>* Set the preference "extensions.safebrowsing.enabled" to true* If you wish to see debugging output, open <code>safe-browsing/Safe_Browsing src/loader.js</code> and set <code>G_GDEBUG</code> to true (and <code>G_GDEBUG_LOADER</code> as well if you'd like)* Look under the <code>Tools</code> menu, and play with the SafeBrowsing option == Design Doc == [[Safe Browsing: Design Documentation]] == Server Spec == [[Safe Browsing: Server Spec]] == Source Code == http://developerlxr.mozilla.org/enseamonkey/source/docsextensions/Safe_Browsingsafe-browsing == Major Open Issues == * How (if at all) does the extension get enabled? What language to use to inform users of the privacy implications? How do they opt? * Content: is the branding OK? Is the language? Do we want to tweak the warning? * UI:_Design_Documentation Design DocumentationWhere's the most appropriate place for (1) the preferences (2) the test page and (3) the report-a-phishing-link functionality? * Ability to switch to other providers (need UI for it, need a bit of refactoring, etc.) * Can we make agreements with service providers (e.g., Google) that will increase the privacy guarantees for data collected? Can we provide service ourself (see [[Reporter: Safe Browsing Integration Discussion]])? * Break into separate service and UI pieces? '''TODO: expand, file bugs''' == Important Bugs == * Localization (e.g., do we turn it on in all locales? does the warning reder right with RTL languages? etc): https://bugzilla.mozilla.org/show_bug.cgi?id=329724 * Make file I/O in non-enhanced mode better: https://bugzilla.mozilla.org/show_bug.cgi?id=329723 * Play nicely with other people who change the status bar: https://bugzilla.mozilla.org/show_bug.cgi?id=329722 * Fixed position XUL is apparently not officially supported... is there an alternative? https://bugzilla.mozilla.org/show_bug.cgi?id=329725 == Other Bugs or Potential Improvements == Are filed as bugs under [https://bugzilla.mozilla.org/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&product=Firefox&component=Safe+Browsing&long_desc_type=substring&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&keywords_type=allwords&keywords=&emailassigned_to1=1&emailtype1=exact&email1=&emailassigned_to2=1&emailreporter2=1&emailqa_contact2=1&emailtype2=exact&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=Reuse+same+sort+as+last+time&field0-0-0=noop&type0-0-0=noop&value0-0-0= Firefox / Safe Browsing] == Contacts == All the following are at g o o g l e d <span></span>o t c o m primary: niels, tc, fritz secondary: sullivan, brakowski (product manager)