From 2cf4a89a14022fd52c334159a050c4cb02e82446 Mon Sep 17 00:00:00 2001
From: Konrad Dzwinel <kdzwinel@gmail.com>
Date: Tue, 17 Dec 2024 01:06:45 +0100
Subject: [PATCH 1/4] Use current feature name (malicious site protection) on
 the index page

---
 index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.html b/index.html
index b2ef027..c7ac093 100644
--- a/index.html
+++ b/index.html
@@ -62,7 +62,7 @@ <h2>Security</h2>
 	<li><a href="./security/csp-report/index.html">Leak of extension IDs via CSP</a></li>
 	<li><a href="./security/js-leaks.html">Detect changes to JS objects in global scope</a></li>
 	<li><a href="./security/popups/popup-launcher.html">Popup noopener/noreferrer tests</a></li>
-	<li><a href="./security/badware/">Phishing Detection Pages</a></li>
+	<li><a href="./security/badware/">Malicious Site Protection Test Pages</a></li>
 </ul>
 
 <h2>Privacy Protections Tests</h2>

From 2d6a2d3c6f003939bcce359529531c0eee6e87d2 Mon Sep 17 00:00:00 2001
From: Konrad Dzwinel <kdzwinel@gmail.com>
Date: Tue, 17 Dec 2024 01:07:26 +0100
Subject: [PATCH 2/4] Reorganize malicious site protection test pages index and
 add edge case pages.

---
 security/badware/index.html       | 31 +++++++++++++++++++++++--------
 security/badware/local-check.html | 18 ++++++++++++++++++
 2 files changed, 41 insertions(+), 8 deletions(-)
 create mode 100644 security/badware/local-check.html

diff --git a/security/badware/index.html b/security/badware/index.html
index f14763f..6334d6e 100644
--- a/security/badware/index.html
+++ b/security/badware/index.html
@@ -3,27 +3,30 @@
 
 <head>
     <meta charset="UTF-8">
-    <title>Test Pages - Phishing Detection</title>
+    <title>Test Pages - Malicious Site Protection</title>
 </head>
 
 <body>
-    <h1>Phishing Detection Test Pages</h1>
+    <h1>Malicious Site Protection Test Pages</h1>
     <a href="/">[Home]</a>
     <ul>
         <li><a href="./phishing.html">Standard Phishing Test</a></li>
         <li><a href="./malware.html">Standard Malware Test</a></li>
-        <li><a href="./malware-download.html">Malware Download Test</a></li>
         <li><a href="./phishing-iframe-loader.html">Phishing iFrame Loader</a></li>
-        <li><a href="./phishing-js-redirector-helper.html">Phishing JS Redirector (Direct)</a></li>
-        <li><a href="./phishing-js-redirector.html">Phishing JS Redirector (Indirect)</a></li>
         <li><a href="./phishing-legit-iframe-loader.html">Phishing Legit iFrame Loader</a></li>
-        <li><a href="./phishing-meta-redirect-clean.html">Phishing Redirect via Meta Refresh (Not Flagged in Dataset)</a></li>
-        <li><a href="./phishing-meta-redirect.html">Phishing Redirect via Meta Refresh (Flagged in Dataset)</a></li>
         <li><a href="./phishing-popups.html">Phishing Open via Popups</a></li>
         <li><a href="./phishing-url-tampering.html">Phishing Opening with URL Tampering</a></li>
         <li><a href="./phishing-form-submission.html">Phishing Form Submission</a></li>
-        <li><a href="./phishing-iframe-top-navigator.html">Phishing iFrame Top Navigator</a></li>
         <li><a href="./phishing-service-worker.html">Phishing Service Worker</a></li>
+        <li><a href="./malware-download.html">Malware Download Test</a></li>
+    </ul>
+
+    <h2>Redirects</h2>
+    <ul>
+        <li><a href="./phishing-meta-redirect-clean.html">Phishing Redirect via Meta Refresh (Not Flagged in Dataset)</a></li>
+        <li><a href="./phishing-meta-redirect.html">Phishing Redirect via Meta Refresh (Flagged in Dataset)</a></li>
+        <li><a href="./phishing-js-redirector-helper.html">Phishing JS Redirector (Direct)</a></li>
+        <li><a href="./phishing-js-redirector.html">Phishing JS Redirector (Indirect)</a></li>
         <li><a href="./phishing-iframe-top-navigator-parent.html">Phishing iFrame Top Navigator Parent</a></li>
         <li><a href="/security/badware/phishing-redirect/">HTTP 301 Redirect to Main Phishing Test Page</a></li>
         <li><a href="/security/badware/phishing-redirect/302">HTTP 302 Redirect to Main Phishing Test Page</a></li>
@@ -34,6 +37,18 @@ <h1>Phishing Detection Test Pages</h1>
         <li><a href="/security/badware/phishing-redirect/meta">HTTP Redirect to Clean Meta Refresh Redirector</a></li>
         <li><a href="/security/badware/phishing-redirect/meta2">HTTP Redirect to Flagged Meta Refresh Redirector</a></li>
     </ul>
+
+    <h2>Edge Cases</h2>
+    <ul>
+        <li><a href="http://malware.privacy-test-pages.site/security/badware/malware.html">Page flagged by both DNS protection and in-browser protection</a> (⚠️ different domain)</li>
+        <li><a href="http://broken.privacy-test-pages.site/security/badware/malware.html">Page where malicious site protection is disabled via remote config exception</a> (⚠️ different domain)</li>
+        <li><a href="./local-check.html">Page flagged in the local data (doesn't require API request)</a></li>
+    </ul>
+
+    <h2>Utility</h2>
+    <ul>
+        <li><a href="./phishing-iframe-top-navigator.html">Phishing iFrame Top Navigator</a></li>
+    </ul>
 </body>
 
 </html>
diff --git a/security/badware/local-check.html b/security/badware/local-check.html
new file mode 100644
index 0000000..8cebcfc
--- /dev/null
+++ b/security/badware/local-check.html
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <meta charset="utf-8">
+    <title>Local-check malware page</title>
+</head>
+
+<body>
+    <p><a href="/security/badware/">[Back]</a></p>
+
+    <h1>Local check malware page</h1>
+
+    <p>This is an example malware page that DuckDuckGo clients intend to block. If you arrive here by mistake; there's
+        nothing to worry about, we just use this page to test if our client blocking is working.</p>
+
+</body>
+</html>
\ No newline at end of file

From 192f5ed05902099cc2fcb079d57cc72b19d970a0 Mon Sep 17 00:00:00 2001
From: Konrad Dzwinel <kdzwinel@gmail.com>
Date: Tue, 17 Dec 2024 12:39:00 +0100
Subject: [PATCH 3/4] Fix link to broken/excluded site

---
 security/badware/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/badware/index.html b/security/badware/index.html
index 6334d6e..95c7a5e 100644
--- a/security/badware/index.html
+++ b/security/badware/index.html
@@ -41,7 +41,7 @@ <h2>Redirects</h2>
     <h2>Edge Cases</h2>
     <ul>
         <li><a href="http://malware.privacy-test-pages.site/security/badware/malware.html">Page flagged by both DNS protection and in-browser protection</a> (⚠️ different domain)</li>
-        <li><a href="http://broken.privacy-test-pages.site/security/badware/malware.html">Page where malicious site protection is disabled via remote config exception</a> (⚠️ different domain)</li>
+        <li><a href="https://broken.third-party.site/security/badware/malware.html">Page where malicious site protection is disabled via remote config exception</a> (⚠️ different domain)</li>
         <li><a href="./local-check.html">Page flagged in the local data (doesn't require API request)</a></li>
     </ul>
 

From e2c255520407772d2d4986728a9a17cd8366a44c Mon Sep 17 00:00:00 2001
From: Konrad Dzwinel <kdzwinel@gmail.com>
Date: Tue, 17 Dec 2024 15:14:53 +0100
Subject: [PATCH 4/4] drop the utility page

---
 security/badware/index.html | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/security/badware/index.html b/security/badware/index.html
index 95c7a5e..bff4d90 100644
--- a/security/badware/index.html
+++ b/security/badware/index.html
@@ -44,11 +44,6 @@ <h2>Edge Cases</h2>
         <li><a href="https://broken.third-party.site/security/badware/malware.html">Page where malicious site protection is disabled via remote config exception</a> (⚠️ different domain)</li>
         <li><a href="./local-check.html">Page flagged in the local data (doesn't require API request)</a></li>
     </ul>
-
-    <h2>Utility</h2>
-    <ul>
-        <li><a href="./phishing-iframe-top-navigator.html">Phishing iFrame Top Navigator</a></li>
-    </ul>
 </body>
 
 </html>