Security/Download Protection: Difference between revisions
< Security
Jump to navigation
Jump to search
(→Engineering: mention Bugzilla product/component) |
(→Prefs: document the apprepurl pref change) |
||
| Line 7: | Line 7: | ||
== Prefs == | == Prefs == | ||
* <tt>browser.safebrowsing.downloads.enabled</tt>: enables application reputation checks for downloaded files | * <tt>browser.safebrowsing.downloads.enabled</tt>: enables application reputation checks for downloaded files | ||
* <tt>browser.safebrowsing.downloads.remote.enabled</tt>: enables remote lookups (requires the previous pref) | * <tt>browser.safebrowsing.downloads.remote.enabled</tt>: enables remote lookups (requires the previous pref) | ||
| Line 18: | Line 17: | ||
* <tt>browser.safebrowsing.provider.google.lists</tt>: list of tables coming from the Google Safe Browsing service | * <tt>browser.safebrowsing.provider.google.lists</tt>: list of tables coming from the Google Safe Browsing service | ||
Firefox 45 and earlier: | |||
* <tt>browser.safebrowsing.appRepURL</tt>: server endpoint for remote lookups | |||
Firefox 46 and later: | |||
* <tt>browser.safebrowsing.downloads.remote.url</tt>: server endpoint for remote lookups | |||
== Engineering == | == Engineering == | ||
Revision as of 00:21, 19 January 2016
Description
This feature protects users against malware downloads. It is based on Safe Browsing.
See Security/Features/Application_Reputation_Design_Doc for implementation details.
Prefs
- browser.safebrowsing.downloads.enabled: enables application reputation checks for downloaded files
- browser.safebrowsing.downloads.remote.enabled: enables remote lookups (requires the previous pref)
- browser.safebrowsing.downloads.remote.timeout_ms: timeout for the remote lookups
- browser.safebrowsing.malware.enabled: enables malware checks (required by application reputation)
- urlclassifier.downloadAllowTable: list of trusted certificates which suppress remote lookups (Windows-only)
- urlclassifier.downloadBlockTable: list of URLs serving malware binaries
Firefox 43 and later:
- browser.safebrowsing.provider.google.lists: list of tables coming from the Google Safe Browsing service
Firefox 45 and earlier:
- browser.safebrowsing.appRepURL: server endpoint for remote lookups
Firefox 46 and later:
- browser.safebrowsing.downloads.remote.url: server endpoint for remote lookups
Engineering
Product/Component: Toolkit/Safe Browsing
Most of the code lives in toolkit/components/downloads/ApplicationReputation.cpp.
QA
To turn on debugging output, export the following environment variable:
NSPR_LOG_MODULES="ApplicationReputation:5"
Documentation
- API Documentation available internally under NDA
- Content-Agnostic Malware Protection (paper describing how the whole system is implemented)
- Chromium source code
- Announcement blog post