Security/Safe Browsing/V4 Implementation: Difference between revisions

← Older edit

Security/Safe Browsing/V4 Implementation (view source)

Revision as of 19:48, 17 August 2017

138 bytes added , 17 August 2017

Split Milestone 9 into two (i.e. move the Fennec work to 58)

Fmarier

Confirmed users

908

edits

@@ Line 1: / Line 1: @@
-= Quick Links =
 * [[Security/Safe_Browsing/V4_Implementation/Dashboard|Dashboard]]
 * [https://bugzilla.mozilla.org/showdependencytree.cgi?id=1167038&hide_resolved=1 Bug Dependency Tree]
+= Introduction =
+Safe Browsing v4 is designed to reduce network bandwidth and disk storage (mainly for mobile devices). The usage of partial URL hashes (aka prefixes) and complete hashes remains the same but the way we get those prefixes and complete hashes is changed. The update and hash completion API will be based on protobuf and content compression (in additional to HTTP compression) is introduced. For further information, see https://developers.google.com/safe-browsing/v4 (The public specification is not complete. For example, the protobuf is not mentioned.)
 = Timeline =
@@ Line 14: / Line 17: @@
 * Firefox 58 (Desktop): merge on 2017-09-20, release on 2018-01-16
 * Firefox 60 (Android): merge on 2018-01-15, release on 2018-05-01
-= Introduction =
-Safe Browsing v4 is designed to reduce network bandwidth and disk storage (mainly for mobile devices). The usage of partial URL hashes (aka prefixes) and complete hashes remains the same but the way we get those prefixes and complete hashes is changed. The update and hash completion API will be based on protobuf and content compression (in additional to HTTP compression) is introduced. For further information, see https://developers.google.com/safe-browsing/v4 (The public specification is not complete. For example, the protobuf is not mentioned.)
 = Design and Implementation =
@@ Line 23: / Line 23: @@
 When '''ListManager''' and '''HashCompleter''' (and any other related components like ProtocolParser) sees table names suffixed by "-proto", they would behave differently. For example, in '''listmanager.js''', while making update request for table '''goog-phish-proto''', ''nsIUrlClassifier.makeUpdateRequestV4'' will be called to build a v4 specific request. (See {{Bug|1264885}} and {{Bug|1275507}} for more information.)
-= Using custom API key =
+== Using custom API key ==
 We are required to have a API key to access Google services like geolocation and Safe Browsing. The nightly/beta/aurora/release Firefox builds will have a proper API key associated with Mozilla. However, if you build your own Firefox, the API key will be substituted with the string <tt>"no-google-api-key"</tt>, which is not a valid key.
@@ Line 32: / Line 32: @@
 # Rebuild and check if <tt>config.status</tt> has something like <tt>'MOZ_GOOGLE_API_KEY': b'AIzaSooxxxxoxoxoxoxooxx'</tt>
-= Try Google Safe Browsing v4! =
+== Try Google Safe Browsing V4! ==
-v4 tables are suffixed by "-proto", to indicate that the table should be updated and completed via protobuf: goog-phish-proto, goog-unwanted-proto and goog-malware-proto.
-To use Google Safe Browsing v4, change preferences as follows:
-# '''urlclassifier.phishTable''' to '''goog-phish-proto'''
-# '''urlclassifier.malwareTable''' to '''goog-malware-proto'''
-# '''browser.safebrowsing.provider.google4.gethashURL''' to '''https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%'''
-# '''browser.safebrowsing.temporary.take_v4_completion_result''' to '''true'''
-To use v4 while v2 is still up and running, set the names of both v2 and v4 tables:
+To use Google Safe Browsing V4, set the following preferences:
-# '''urlclassifier.phishTable''' to '''goog-phish-proto,goog-phish-shavar'''
+# <tt>urlclassifier.downloadAllowTable</tt> to <tt>goog-downloadwhite-proto</tt>
-# '''urlclassifier.malwareTable''' to '''goog-malware-proto,goog-malware-shavar'''
+# <tt>urlclassifier.downloadBlockTable</tt> to <tt>goog-badbinurl-proto</tt>
+# <tt>urlclassifier.phishTable</tt> to <tt>goog-phish-proto,test-phish-simple</tt>
+# <tt>urlclassifier.malwareTable</tt> to <tt>goog-malware-proto,goog-unwanted-proto,test-malware-simple,test-unwanted-simple</tt>
-If you want to completely get rid of v2, you could also set the following preferences to empty string
+To use both V4 and V2 at the same time:
-# '''browser.safebrowsing.provider.google.lists''' to '''""'''
+# <tt>urlclassifier.downloadAllowTable</tt> to <tt>goog-downloadwhite-proto,goog-downloadwhite-digest256</tt>
-then you are ready to go!
+# <tt>urlclassifier.downloadBlockTable</tt> to <tt>goog-badbinurl-proto,goog-badbinurl-shavar</tt>
+# <tt>urlclassifier.phishTable</tt> to <tt>goog-phish-proto,goog-phish-shavar,test-phish-simple</tt>
+# <tt>urlclassifier.malwareTable</tt> to <tt>goog-malware-proto,goog-unwanted-proto,goog-malware-shavar,goog-unwanted-shavar,test-malware-simple,test-unwanted-simple</tt>
 = Milestones =
@@ Line 145: / Line 142: @@
 [https://wiki.mozilla.org/Security/Safe_Browsing/V4_Implementation/Dashboard#M8 Dashboard for M8 bugs]
-== M9 (2017/09/25) ==
+== M9 (2017/09/20) ==
 === Deliverables ===
+# Shipping to release
+# Crash comparison on beta
+# Gradual roll-out on release
+=== Bugs ===
+[https://wiki.mozilla.org/Security/Safe_Browsing/V4_Implementation/Dashboard#M9 Dashboard for M9 bugs]
+== M10 (2017/11/13) ==
+=== Deliverables ===
+# V4 working on Fennec
 # Follow-ups completed
-# Basic V4 working on Fennec
 === Bugs ===
-[https://wiki.mozilla.org/Security/Safe_Browsing/V4_Implementation/Dashboard#M9 Dashboard for M9 bugs]
+[https://wiki.mozilla.org/Security/Safe_Browsing/V4_Implementation/Dashboard#M10 Dashboard for M10 bugs]