HackerNews中文版HackerNews CN
GitHubTwitter

问HN:在谷歌清除域名后,Safari的安全浏览误报问题仍然存在

1作者: Numbness大约 7 小时前原帖
Safari 维护两个独立的安全浏览数据库: - Apple/social_engineering,any_platform,url_expression(苹果专有,943 KB) - Google/social_engineering,osx,url_expression(谷歌列表) 同步似乎是单向的:苹果从谷歌复制新增项,但不处理删除项。被谷歌安全浏览清除的域名在Safari中将永久被阻止,且没有自动移除的途径。 重现步骤: 1. 在Safari中导航到 https://openvan.camp → 全屏显示红色“欺诈网站警告” 2. 在Chrome/Firefox/Edge中输入相同的URL → 无警告 3. 删除 ~Library/Caches/com.apple.Safari.SafeBrowsing → 重新启动Safari → 警告立即从新数据库下载中重新出现 所有外部数据库显示干净: - 谷歌安全浏览:干净 - VirusTotal:0/65 供应商 - URLVoid:0/35 引擎 - Spamhaus DBL、Gridinsoft、FortiGuard:已移除/干净 系统诊断确认Safari每约30分钟通过OHTTP/QUIC连接到mask.icloud.com(HTTP 200,约450毫秒),但苹果的列表在每次刷新周期中仍保留该条目。这不是缓存问题——而是苹果专有数据源中缺失的删除机制。 最初的标记(2026年3月)是由于第三方广告网络(Adsterra)提供恶意重定向造成的。该条目于3月18日被移除。所有修复已完成。2023年3月18日提交的websitereview.apple.com — 6天后未收到回复。 WebKit Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=310606 苹果雷达:rdar://173213501 还有其他人遇到这个问题吗?除了websitereview.apple.com之外,有其他已知的升级途径吗?
查看原文
Safari maintains two independent Safe Browsing databases: - Apple&#x2F;social_engineering,any_platform,url_expression (Apple-proprietary, 943 KB) - Google&#x2F;social_engineering,osx,url_expression (Google&#x27;s list)<p>The sync appears one-directional: Apple copies additions from Google but does NOT process deletions. A domain cleared by Google Safe Browsing remains permanently blocked in Safari with no automated removal path.<p>Reproduction: 1. Navigate to https:&#x2F;&#x2F;openvan.camp&#x2F; in Safari → full-screen red &quot;Fraudulent Website Warning&quot; 2. Same URL in Chrome&#x2F;Firefox&#x2F;Edge → no warning 3. Delete ~&#x2F;Library&#x2F;Caches&#x2F;com.apple.Safari.SafeBrowsing&#x2F; → relaunch Safari → warning reappears immediately from fresh DB download<p>All external databases show clean: - Google Safe Browsing: clean - VirusTotal: 0&#x2F;65 vendors - URLVoid: 0&#x2F;35 engines - Spamhaus DBL, Gridinsoft, FortiGuard: removed&#x2F;clean<p>Sysdiagnose confirms Safari connects to mask.icloud.com via OHTTP&#x2F;QUIC every ~30 min (HTTP 200, ~450ms) yet Apple&#x27;s list retains the entry on every refresh cycle. This is not a caching issue — it is a missing deletion mechanism in Apple&#x27;s proprietary feed.<p>The original flag (March 2026) was caused by a third-party ad network (Adsterra) serving malicious redirects. It was removed on March 18. All remediations completed. websitereview.apple.com submitted March 18 — no response after 6 days.<p>WebKit Bugzilla: https:&#x2F;&#x2F;bugs.webkit.org&#x2F;show_bug.cgi?id=310606 Apple Radar: rdar:&#x2F;&#x2F;173213501<p>Has anyone else hit this? Is there any known escalation path beyond websitereview.apple.com?