I work at Google but not on this product.. so I escalated your issue to the team...

miomyosky · on July 1, 2013

It would be nice if the antiphishing filter also gave some good way for web developers to figure out why this happened and what to do to correct this.

packetslave · on July 1, 2013

This is harder to do than you'd think, without also giving the bad guys a cookbook for "here's how to avoid detection"

Filecloud · on July 1, 2013

Thank you so much. Much appreciated. We will be more than happy to provide additional information or even access to the server if needed.

Filecloud · on July 1, 2013

Just one more thing. Since our product is self-hosted by our customers under their own domain, white listing just our development domain is unlikely to help our cause.

daave · on July 1, 2013

I believe they actually whitelisted/disabled the part of the classifier that is affecting your site(s) more-generally, so it should be working across all domains. That said I know very little about the internals of that system.

I'm sure they will contact you via regular customer support channels (ie. not HN) if they need any more info to debug the problem.

ISL · on July 1, 2013

In fact, whitelisting would tend to hurt your debugging efforts.

markshepard · on July 1, 2013

The whitelisting already active for this domain now.

Trace showing server overriding the "Phishyness" verdict of the client

[5760:1799:0701/150256:VERBOSE2:phishing_classifier_delegate.cc(211)] Phishy verdict = 1 score = 0.548927

[5751:1799:0701/150256:VERBOSE2:client_side_detection_host.cc(447)] Feature extraction done (success:1) for URL: http://dev1.codelathe.com/ui/core/index.html. Start sending client phishing request.

[5751:1799:0701/150256:VERBOSE2:client_side_detection_host.cc(415)] Received server phishing verdict for URL:http://dev1.codelathe.com/ui/core/index.html is_phishing:0