Opened 3 weeks ago

Last modified 2 weeks ago

#36583 closed Bug

Microsoft Partner Program classifies dpaste.com techincal_500 view as a dangerous Malware Site — at Version 2

Reported by: Peter Kahn Owned by:
Component: Error reporting Version: 5.2
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by Peter Kahn)

Problem
Microsoft Partner Site Malware scan for a compute image publish attempt to Azure Marketplace is flagging in the 500 error debug view's ability to send the error details to dpaste.com as Malware. This feature and the view seem OK to me but:

  • When I have run into this class of problem in the past, Microsoft has been unwilling to accept evidence of a false positive
  • This may impact Django apps in other marketplace verification systems as well

Error Message Excerpt
According to the Microsoft Partner program's Malware scanner:

File name: technical_500.html,
Malware Information:
Avira smartScreen firebog ConfirmedMaliciousURL hXXps[:]dpaste.com/ (FileType:.html) (Executable:true)
) .

History
The dpaste.com storage capability was added about 4 years ago
https://github.com/django/django/blame/main/django/views/templates/technical_500.html#L293

Workaround
If this feature of the view isn't needed, a simple script can surgically remove the aspect of the view. TBH, I've yet to try it and will be doing so today.

Change History (2)

comment:1 by Timothy Schilling, 3 weeks ago

Does Microsoft flag this as a part of any Django app or [only] those that are running with DEBUG=True in production that show this page on the web app?

Last edited 3 weeks ago by Timothy Schilling (previous) (diff)

comment:2 by Peter Kahn, 3 weeks ago

Description: modified (diff)
Note: See TracTickets for help on using tickets.
Back to Top