Malicious Site Protection - Disabled state in case there are issues during rollout #2745

alessandroboron · 2025-02-12T09:53:53Z

Asana Task/Github Issue: https://app.asana.com/0/1206329551987282/1209385826333906

Description

This PR disables the Malicious Site Protection feature to allow for a quick response in case there are issues during the rollout phases. This change should not be merged. It is intended solely to be released if problems arise during the rollout process.

Feature change process:

I have added a schema to validate this feature change
I have tested this change locally
This code for the config change is ready to merge
This feature was covered by a tech design

Additional info:

I have tested this change locally in all supported browsers
This change will be visible to users
This code for the config change is ready
This change was covered by a ship review

Site breakage mitigation process:

Brief explanation

Reported URL:
Problems experienced:
Platforms affected:
- iOS
- Android
- Windows
- MacOS
- Extensions
Tracker(s) being unblocked:
Feature being disabled:
I have referenced the URL of this PR as the "reason" value for the exception (where applicable).
This change is a speculative mitigation to fix reported breakage.

Reference

github-actions · 2025-02-12T09:54:04Z

Don't forget to add an individual reviewer (in addition to those already added, this should create a task for them in Asana).
- The best reviewer is most likely a feature or platform owner.
- If they've got permission to approve, you're good to merge. See CODEOWNERS
- As a fallback the Global owners are:
- Breakage AOR
- Breakage triagers
- Config AOR
Please mark this as draft unless there's intention to merge this.
Click the "Merge When Ready" if you're happy for this to automatically get merged once reviewed.
- If the option isn't available to you; ensure you've signed into DuckDuckGo oauth.
Also don't forget to add schema changes to validate if you're adding/changing a feature.

github-actions · 2025-02-12T09:54:16Z

Generated file outputs:

Time updated: Wed, 12 Feb 2025 09:54:16 GMT

legacy

trackers-unprotected-temporary.txt (13 more)

trackers-unprotected-temporary.txt
v3/android-config.json
v3/extension-brave-config.json
v3/extension-bravemv3-config.json
v3/extension-chrome-config.json
v3/extension-chromemv3-config.json
v3/extension-config.json
v3/extension-edg-config.json
v3/extension-edge-config.json
v3/extension-edgmv3-config.json
v3/extension-firefox-config.json
v3/extension-safarimv3-config.json
v3/macos-config.json
v3/windows-config.json

⚠️ File is identical

v3/ios-config.json

--- v3/ios-config.json
+++ v3/ios-config.json
@@ -6526,18 +6526,18 @@
             },
             "exceptions": []
         },
         "maliciousSiteProtection": {
-            "state": "internal",
+            "state": "disabled",
             "exceptions": [
                 {
                     "domain": "broken.third-party.site",
                     "reason": "A test page that helps us verify if exceptions work correctly."
                 }
             ],
             "features": {
                 "onByDefault": {
-                    "state": "internal"
+                    "state": "disabled"
                 }
             },
             "settings": {
                 "hashPrefixUpdateFrequency": 20,

latest

v4/android-config.json (12 more)

v4/android-config.json
v4/extension-brave-config.json
v4/extension-bravemv3-config.json
v4/extension-chrome-config.json
v4/extension-chromemv3-config.json
v4/extension-config.json
v4/extension-edg-config.json
v4/extension-edge-config.json
v4/extension-edgmv3-config.json
v4/extension-firefox-config.json
v4/extension-safarimv3-config.json
v4/macos-config.json
v4/windows-config.json

⚠️ File is identical

v4/ios-config.json

--- v4/ios-config.json
+++ v4/ios-config.json
@@ -6030,17 +6030,17 @@
             },
             "exceptions": []
         },
         "maliciousSiteProtection": {
-            "state": "internal",
+            "state": "disabled",
             "exceptions": [
                 {
                     "domain": "broken.third-party.site"
                 }
             ],
             "features": {
                 "onByDefault": {
-                    "state": "internal"
+                    "state": "disabled"
                 }
             },
             "settings": {
                 "hashPrefixUpdateFrequency": 20,

not-a-rootkit

Pre-approved, in case it's needed.

Disable Malicious Site Protection

8c4055e

alessandroboron added the DO NOT MERGE Don't merge this branch unless directed label Feb 12, 2025

alessandroboron requested review from a team as code owners February 12, 2025 09:53

alessandroboron requested a review from THISISDINOSAUR February 12, 2025 09:53

alessandroboron requested a review from kdzwinel February 12, 2025 09:54

not-a-rootkit approved these changes Feb 12, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Malicious Site Protection - Disabled state in case there are issues during rollout #2745

Malicious Site Protection - Disabled state in case there are issues during rollout #2745

alessandroboron commented Feb 12, 2025

github-actions bot commented Feb 12, 2025

github-actions bot commented Feb 12, 2025

not-a-rootkit left a comment

Malicious Site Protection - Disabled state in case there are issues during rollout #2745

Are you sure you want to change the base?

Malicious Site Protection - Disabled state in case there are issues during rollout #2745

Conversation

alessandroboron commented Feb 12, 2025

Description

Feature change process:

Additional info:

Site breakage mitigation process:

Brief explanation

Reference

github-actions bot commented Feb 12, 2025

github-actions bot commented Feb 12, 2025

Generated file outputs:

not-a-rootkit left a comment

Choose a reason for hiding this comment