jotform.com (whitelist) #751
Open
+1
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This issue will whitelist `.jotform.com` Closes Phishing-Database/Phishing.Database#1091 Signed-off-by: spirillen <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request: Whitelisting of
.jotform.comThis pull request aims to whitelist the domain
.jotform.comas part of our ongoing efforts to enhance the integrity of our phishing database.Related Issue: Phishing.Database Issue #1091
Current Status: This PR is currently on hold as I am engaging with the administrators of
jotform.comto encourage adherence to the relevant RFC standards concerning HTTP server responses.Technical Context
In accordance with RFC 7231, which outlines the semantics and content of HTTP/1.1, it is crucial for web servers to return appropriate HTTP status codes that accurately reflect the outcome of the request. For instance, the use of standard response codes such as
200 OK,404 Not Found, and500 Internal Server Erroris essential for proper client-server communication and for ensuring that automated systems can effectively interpret server responses.The current HTTP response behavior of
jotform.comdoes not fully comply with these standards, which may lead to misinterpretations by clients and could potentially compromise the security measures we are implementing.I am advocating for the following actions from the
jotform.comteam:Review and Update HTTP Response Codes: Ensure that all server responses align with the expected codes as defined in RFC 7231 and other relevant RFCs, such as RFC 2616 for HTTP/1.1.
Implement Consistent Error Handling: Establish a consistent approach to error handling that provides clear and actionable feedback to clients, thereby improving the overall user experience and security posture.
By adhering to these standards,
jotform.comcan enhance its interoperability with various clients and services, ultimately contributing to a more secure and reliable web environment.I will keep this PR on hold until we can achieve a satisfactory resolution with the
jotform.comteam regarding their HTTP response compliance. Thank you for your understanding and support in this matter.ATT: @cigdemtosun