[PM-32088] Switch phishing data source to GitHub (#18890) (#18979)

* Switch phishing data source to GitHub and remove fallback mechanism The phish.co.za mirror is down, causing every update cycle to timeout on the primary fetch before falling back to the GitHub raw URL. This removes phish.co.za entirely and uses GitHub as the sole data source, which was the original source before the mirror was introduced. - Rename `remoteUrl`/`fallbackUrl` to `ghSourceUrl` on PhishingResource type - Remove phish.co.za URLs from both Domains and Links resources - Remove catchError fallback block in `_updateFullDataSet()` - Errors now propagate to `_backgroundUpdate()` which already handles retries (3 attempts with 5-minute delays) and graceful degradation * revert the fallback logic removal, change prop name, add use fallback flag * Update Links primaryUrl to Bitwarden-hosted blocklist * remove all fallback logic (cherry picked from commit bfc1833139)
2026-02-18 18:33:50 +00:00 · 2026-02-13 15:22:49 -05:00
parent 935f85c058
commit fd12c7c029
2 changed files with 6 additions and 38 deletions
--- a/apps/browser/src/dirt/phishing-detection/phishing-resources.ts
+++ b/apps/browser/src/dirt/phishing-detection/phishing-resources.ts
@@ -1,8 +1,6 @@
 export type PhishingResource = {
  name?: string;
-  remoteUrl: string;
-  /** Fallback URL to use if remoteUrl fails (e.g., due to SSL interception/cert issues) */
-  fallbackUrl: string;
+  primaryUrl: string;
  checksumUrl: string;
  todayUrl: string;
  /** Matcher used to decide whether a given URL matches an entry from this resource */
@@ -22,8 +20,7 @@ export const PHISHING_RESOURCES: Record<PhishingResourceType, PhishingResource[]
  [PhishingResourceType.Domains]: [
    {
      name: "Phishing.Database Domains",
-      remoteUrl: "https://phish.co.za/latest/phishing-domains-ACTIVE.txt",
-      fallbackUrl:
+      primaryUrl:
        "https://raw.githubusercontent.com/Phishing-Database/Phishing.Database/refs/heads/master/phishing-domains-ACTIVE.txt",
      checksumUrl:
        "https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-domains-ACTIVE.txt.md5",
@@ -51,9 +48,7 @@ export const PHISHING_RESOURCES: Record<PhishingResourceType, PhishingResource[]
  [PhishingResourceType.Links]: [
    {
      name: "Phishing.Database Links",
-      remoteUrl: "https://phish.co.za/latest/phishing-links-ACTIVE.txt",
-      fallbackUrl:
-        "https://raw.githubusercontent.com/Phishing-Database/Phishing.Database/refs/heads/master/phishing-links-ACTIVE.txt",
+      primaryUrl: "https://assets.bitwarden.com/security/v1/link-blocklist.txt",
      checksumUrl:
        "https://raw.githubusercontent.com/Phishing-Database/checksums/refs/heads/master/phishing-links-ACTIVE.txt.md5",
      todayUrl:
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
@@ -336,12 +336,12 @@ export class PhishingDataService {
  private _updateFullDataSet() {
    const resource = getPhishingResources(this.resourceType);

-    if (!resource?.remoteUrl) {
+    if (!resource?.primaryUrl) {
      return throwError(() => new Error("Invalid resource URL"));
    }

-    this.logService.info(`[PhishingDataService] Starting FULL update using ${resource.remoteUrl}`);
-    return from(this.apiService.nativeFetch(new Request(resource.remoteUrl))).pipe(
+    this.logService.info(`[PhishingDataService] Starting FULL update using ${resource.primaryUrl}`);
+    return from(this.apiService.nativeFetch(new Request(resource.primaryUrl))).pipe(
      switchMap((response) => {
        if (!response.ok || !response.body) {
          return throwError(
@@ -354,33 +354,6 @@ export class PhishingDataService {

        return from(this.indexedDbService.saveUrlsFromStream(response.body));
      }),
-      catchError((err: unknown) => {
-        this.logService.error(
-          `[PhishingDataService] Full dataset update failed using primary source ${err}`,
-        );
-        this.logService.warning(
-          `[PhishingDataService] Falling back to: ${resource.fallbackUrl} (Note: Fallback data may be less up-to-date)`,
-        );
-        // Try fallback URL
-        return from(this.apiService.nativeFetch(new Request(resource.fallbackUrl))).pipe(
-          switchMap((fallbackResponse) => {
-            if (!fallbackResponse.ok || !fallbackResponse.body) {
-              return throwError(
-                () =>
-                  new Error(
-                    `[PhishingDataService] Fallback fetch failed: ${fallbackResponse.status}, ${fallbackResponse.statusText}`,
-                  ),
-              );
-            }
-
-            return from(this.indexedDbService.saveUrlsFromStream(fallbackResponse.body));
-          }),
-          catchError((fallbackError: unknown) => {
-            this.logService.error(`[PhishingDataService] Fallback source failed`);
-            return throwError(() => fallbackError);
-          }),
-        );
-      }),
    );
  }