Adding phishing protection data providers

Phishing protection technology lets Firefox help protect users by comparing the URLs the user visits to a blacklist of known scam sites, and presenting a warning to the user when they visit a site on the list.

Installing a new data provider

To install a data provider for phishing protection, it's necessary to set a series of preferences to provide details about the provider.

Each data provider has a unique ID number. The data provider with the ID number 0 is the default data provider shipped with Firefox. When installing a new provider, you should use the next unused number.

To find an ID number to use, you can build a loop that requests the value of browser.safebrowsing.provider.0.name, then browser.safebrowsing.provider.1.name, and so forth until no value is returned. Then you can use that value.

You can find examples of how to read and write preferences in the article Adding preferences to an extension.

Required preferences

browser.safebrowsing.provider.idnum.name
A human-readable name for the data provider.
browser.safebrowsing.provider.idnum.keyURL
An URL that returns a private key to be used for encrypting of other requests.
browser.safebrowsing.provider.idnum.lookupURL
The URL to use to look up URLs to see if they're blacklisted. This request must be encrypted using the private key returned by the keyURL request.

Optional preferences

browser.safebrowsing.provider.idnum.reportURL
An URL used for reporting when users visit phishing pages and whether or not they decided to heed the warning or to ignore it.
browser.safebrowsing.provider.idnum.updateURL
An URL used to request an updated list of phishing sites. The server either provides a full list or incremental updates in order to bring the client's tables up to date.
browser.safebrowsing.provider.idnum.reportGenericURL
Not currently used; intended for use in reporting other issues with the phishing protection service.
browser.safebrowsing.provider.idnum.reportErrorURL
An URL to which the user is directed in order to report a safe page that is incorrectly being reported as a phishing site.
browser.safebrowsing.provider.idnum.reportPhishURL
An URL to which the user is directed in order to report a phishing site that isn't detected by the phishing protection system.

Determining the currently-selected data provider

If you need to determine the ID number of the currently selected anti-phishing data provider, you can look at the current value of the preference browser.safebrowsing.dataProvider.


Document Tags and Contributors

Contributors to this page: Sheppy, Nukeador, Chbok, Kohei, Federico, Mgjbot, Ptak82
Last updated by: Mgjbot,