zoepage
commented
6 years ago Interesting thought. @adamopenweb what do you think about this?
Open reinhart1010 opened 6 years ago
zoepage
commented
6 years ago Interesting thought. @adamopenweb what do you think about this?
adamopenweb
commented
6 years ago It's a good idea. Since the webcompat reporter is only available in Nightly and Dev Edition I think it hasn't been UX reviewed in the context of Malicious site or Firefox feedback. This could help work around that for some users.
My concern is users do not normally choose the correct Type of bug so the value of this should probably be tested.
karlcow
commented
5 years ago Before doing that, can we know how many such reports we had in the past? So we can just know how much needed is it?
@miketaylr said that probably @MDTsai addon could solve this issue.
reinhart1010
commented
5 years ago Some stats so far:
*Some of these are legitimate webcompat issues
^I have included a temporary notice mentioning Google Safe Browsing similar to below
Firefox has another report feature (see Menu > Help > Report Deceptive Site...) which is powered by Google Safe Browsing.
It's also interesting that some users have reported sites that have been blocked. This is the case for the site laserveradedomaina.com in report webcompat/web-bugs#19226, which had been reported first (before being blocked) in webcompat/web-bugs#17663
softvision-oana-arbuzov
commented
5 years ago More stats:
Recently, we received several non-compat and invalid reports such as webcompat/web-bugs#15856, webcompat/web-bugs#15849 and webcompat/web-bugs#15101, which are reporting fraudulent and scam websites.
This is possibly caused by the ambiguity from the "Report Site Issue" feature inside the "Page Actions" (3 dots) button. However, Firefox has another "Report Web Forgery" feature that is hidden from Menu (3 lines) > Help. The word "site issue" could refer to different problems, such as broken design, certificate issue, as well as malicious website. Hence, some users submit those reports without knowing what is (not) a Webcompat issue.
One way to solve this problem is by allowing users to report phising and malware sites using the Webcompat form. Instead of submitting this as a GitHub issue, the form should redirect to respective Google Safe Browsing phising and malware report forms. The user will then add the description and finish the CAPTCHA challenge on the respective webpages to submit the report.
A sample notice that could be used is shown below.
This method could simplify the process of reporting new site issues, whether it is a Webcompat issue or an Internet security issue. In addition, there should be less malicious website reports on Webcompat itself.