deal with malware pages in history

Question

deal with malware pages in history

Opened this issue 10 years ago · 3 comments

these might either be marked as not safe by embedly, or flagged by whatever firefox uses for blacklisting bad urls. suggested by @pdehaan in #290 review.

what's the right way to represent views of dangerous pages?
what's the right story around displaying or not displaying visits and user_pages corresponding to such pages?

Answer 1 · 2015-02-06T18:06:12.000Z

Some good details on http://embed.ly/docs/api/extract/features/safe

Once a url is flagged as malicious, you must respect the cache_age attribute. When cache_age expires, you must not show the message again until you have reevaluated that url with Embedly. This helps to mitigate false positives and ensure compliance with the terms of Google’s Safe Browsing API.

Answer 2 · 2015-02-06T18:11:27.000Z

But apart from what I can read and regurgitate I'm not sure what the answer is.
I'm guessing we'd need to re-scrape the page on the fly (if cache_age has expired), and then possibly show the item as a .medium result with the extracted_safe_message and possibly some scary red looking background so it stands out. Possibly even throw up some sweet alert/confirm dialog saying "are you sure, bro? this result seems pretty sketchy to us".

Or if we re-scrape and the results are now safe, then we'd need to clear those extracted_safe_* results in the database and elasticsearch and show it as a regular result.

Answer 3 · 2015-02-17T22:49:04.000Z

this is a super, super edge case, moving to icebox