Bug 1531176 - Split the Google key management between gls and safe browsing r=glandium
☠☠ backed out by 268fd30c6da4 ☠ ☠
authorSylvestre Ledru <sledru@mozilla.com>
Wed, 06 Mar 2019 23:06:10 +0000
changeset 520710 6c2e00bcd2bb2a0534b3fc00b5f6a8c026785404
parent 520709 4f23a573e174f69c078fe647df4e7ee850d0b275
child 520711 268fd30c6da4c793521a60cf5e02790062e5d89d
push id10862
push userffxbld-merge
push dateMon, 11 Mar 2019 13:01:11 +0000
treeherdermozilla-beta@a2e7f5c935da [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersglandium
bugs1531176
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1531176 - Split the Google key management between gls and safe browsing r=glandium Differential Revision: https://phabricator.services.mozilla.com/D21459
browser/app/profile/firefox.js
browser/config/mozconfigs/linux32/common-opt
browser/config/mozconfigs/linux64/common-opt
browser/config/mozconfigs/linux64/nightly-asan-reporter
browser/config/mozconfigs/macosx64/common-opt
browser/config/mozconfigs/win32/common-opt
browser/config/mozconfigs/win64-aarch64/common-opt
browser/config/mozconfigs/win64/common-opt
browser/config/mozconfigs/win64/nightly-asan-reporter
mobile/android/config/mozconfigs/android-api-16-gradle-dependencies/nightly
mobile/android/config/mozconfigs/common
modules/libpref/init/all.js
toolkit/components/url-classifier/SafeBrowsing.jsm
toolkit/components/url-classifier/tests/mochitest/test_safebrowsing_bug1272239.html
toolkit/components/urlformatter/URLFormatter.jsm
toolkit/components/urlformatter/tests/unit/test_urlformatter.js
toolkit/modules/AppConstants.jsm
toolkit/modules/Troubleshoot.jsm
toolkit/modules/moz.build
toolkit/moz.configure
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1374,17 +1374,17 @@ pref("plain_text.wrap_long_lines", true)
 
 // If this turns true, Moz*Gesture events are not called stopPropagation()
 // before content.
 pref("dom.debug.propagate_gesture_events_through_content", false);
 
 // All the Geolocation preferences are here.
 //
 #ifndef EARLY_BETA_OR_EARLIER
-pref("geo.wifi.uri", "https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_API_KEY%");
+pref("geo.wifi.uri", "https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_GEOLOCATION_API_KEY%");
 #else
 // Use MLS on Nightly and early Beta.
 pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
 #endif
 
 #ifdef XP_MACOSX
 pref("geo.provider.use_corelocation", true);
 #endif
--- a/browser/config/mozconfigs/linux32/common-opt
+++ b/browser/config/mozconfigs/linux32/common-opt
@@ -1,14 +1,15 @@
 # This file is sourced by nightly, beta, and release mozconfigs.
 
 . $topsrcdir/build/mozconfig.stylo
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
-ac_add_options --with-google-api-keyfile=/builds/gapi.data
+ac_add_options --with-google-location-api-keyfile=/builds/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=/builds/sb-gapi.data
 ac_add_options --with-mozilla-api-keyfile=/builds/mozilla-desktop-geoloc-api.key
 
 . $topsrcdir/build/unix/mozconfig.linux32
 
 # Needed to enable breakpad in application.ini
 export MOZILLA_OFFICIAL=1
 
 export MOZ_TELEMETRY_REPORTING=1
--- a/browser/config/mozconfigs/linux64/common-opt
+++ b/browser/config/mozconfigs/linux64/common-opt
@@ -1,14 +1,15 @@
 # This file is sourced by the nightly, beta, and release mozconfigs.
 
 . $topsrcdir/build/mozconfig.stylo
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
-ac_add_options --with-google-api-keyfile=/builds/gapi.data
+ac_add_options --with-google-location-api-keyfile=/builds/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=/builds/sb-gapi.data
 ac_add_options --with-mozilla-api-keyfile=/builds/mozilla-desktop-geoloc-api.key
 
 . $topsrcdir/build/unix/mozconfig.linux
 
 # Needed to enable breakpad in application.ini
 export MOZILLA_OFFICIAL=1
 
 export MOZ_TELEMETRY_REPORTING=1
--- a/browser/config/mozconfigs/linux64/nightly-asan-reporter
+++ b/browser/config/mozconfigs/linux64/nightly-asan-reporter
@@ -1,13 +1,14 @@
 # We still need to build with debug symbols
 ac_add_options --disable-debug
 ac_add_options --enable-optimize="-O2 -gline-tables-only"
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
-ac_add_options --with-google-api-keyfile=/builds/gapi.data
+ac_add_options --with-google-location-api-keyfile=/builds/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=/builds/sb-gapi.data
 ac_add_options --with-mozilla-api-keyfile=/builds/mozilla-desktop-geoloc-api.key
 
 . $topsrcdir/build/mozconfig.stylo
 
 # ASan specific options on Linux
 ac_add_options --enable-valgrind
 
 . $topsrcdir/build/unix/mozconfig.asan
--- a/browser/config/mozconfigs/macosx64/common-opt
+++ b/browser/config/mozconfigs/macosx64/common-opt
@@ -1,14 +1,15 @@
 # This file is sourced by the nightly, beta, and release mozconfigs.
 
 . $topsrcdir/build/macosx/mozconfig.common
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
-ac_add_options --with-google-api-keyfile=/builds/gapi.data
+ac_add_options --with-google-location-api-keyfile=/builds/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=/builds/sb-gapi.data
 ac_add_options --with-mozilla-api-keyfile=/builds/mozilla-desktop-geoloc-api.key
 
 # Needed to enable breakpad in application.ini
 export MOZILLA_OFFICIAL=1
 
 export MOZ_TELEMETRY_REPORTING=1
 
 # Package js shell.
--- a/browser/config/mozconfigs/win32/common-opt
+++ b/browser/config/mozconfigs/win32/common-opt
@@ -1,17 +1,18 @@
 # This file is sourced by the nightly, beta, and release mozconfigs.
 
 . "$topsrcdir/build/mozconfig.stylo"
 
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
 
-ac_add_options --with-google-api-keyfile=${WORKSPACE}/gapi.data
+ac_add_options --with-google-location-api-keyfile=${WORKSPACE}/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=${WORKSPACE}/sb-gapi.data
 
 ac_add_options --with-mozilla-api-keyfile=${WORKSPACE}/mozilla-desktop-geoloc-api.key
 
 # Needed to enable breakpad in application.ini
 export MOZILLA_OFFICIAL=1
 
 export MOZ_TELEMETRY_REPORTING=1
 
--- a/browser/config/mozconfigs/win64-aarch64/common-opt
+++ b/browser/config/mozconfigs/win64-aarch64/common-opt
@@ -1,17 +1,18 @@
 # This file is sourced by the nightly, beta, and release mozconfigs.
 
 . "$topsrcdir/build/mozconfig.stylo"
 
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
 
-ac_add_options --with-google-api-keyfile=${WORKSPACE}/gapi.data
+ac_add_options --with-google-location-api-keyfile=${WORKSPACE}/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=${WORKSPACE}/sb-gapi.data
 
 ac_add_options --with-mozilla-api-keyfile=${WORKSPACE}/mozilla-desktop-geoloc-api.key
 
 # Needed to enable breakpad in application.ini
 export MOZILLA_OFFICIAL=1
 
 export MOZ_TELEMETRY_REPORTING=1
 
--- a/browser/config/mozconfigs/win64/common-opt
+++ b/browser/config/mozconfigs/win64/common-opt
@@ -1,17 +1,18 @@
 # This file is sourced by the nightly, beta, and release mozconfigs.
 
 . "$topsrcdir/build/mozconfig.stylo"
 
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
 
-ac_add_options --with-google-api-keyfile=${WORKSPACE}/gapi.data
+ac_add_options --with-google-location-api-keyfile=${WORKSPACE}/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=${WORKSPACE}/sb-gapi.data
 
 ac_add_options --with-mozilla-api-keyfile=${WORKSPACE}/mozilla-desktop-geoloc-api.key
 
 # Needed to enable breakpad in application.ini
 export MOZILLA_OFFICIAL=1
 
 export MOZ_TELEMETRY_REPORTING=1
 
--- a/browser/config/mozconfigs/win64/nightly-asan-reporter
+++ b/browser/config/mozconfigs/win64/nightly-asan-reporter
@@ -1,12 +1,13 @@
 MOZ_AUTOMATION_L10N_CHECK=0
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
-ac_add_options --with-google-api-keyfile=${WORKSPACE}/gapi.data
+ac_add_options --with-google-location-api-keyfile=${WORKSPACE}/gls-gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=${WORKSPACE}/sb-gapi.data
 ac_add_options --with-mozilla-api-keyfile=${WORKSPACE}/mozilla-desktop-geoloc-api.key
 
 . "$topsrcdir/build/mozconfig.win-common"
 . "$topsrcdir/browser/config/mozconfigs/common"
 
 ac_add_options --disable-debug
 ac_add_options --enable-optimize="-O2 -gline-tables-only"
 ac_add_options --enable-address-sanitizer-reporter
--- a/mobile/android/config/mozconfigs/android-api-16-gradle-dependencies/nightly
+++ b/mobile/android/config/mozconfigs/android-api-16-gradle-dependencies/nightly
@@ -43,13 +43,14 @@ export MOZ_ANDROID_POCKET=1
 
 . "$topsrcdir/mobile/android/config/mozconfigs/common.override"
 
 # End ../android-api-16-frontend/nightly.
 
 # Disable Keyfile Loading (and checks) since dependency fetching doesn't need these keys.
 # This overrides the settings in the common android mozconfig
 ac_add_options --without-mozilla-api-keyfile
-ac_add_options --without-google-api-keyfile
+ac_add_options --without-google-geolocation-api-keyfile
+ac_add_options --without-google-safebrowsing-api-keyfile
 # We need dummy Keyfiles in order to enable features we care about.
 ac_add_options --with-adjust-sdk-keyfile="$topsrcdir/mobile/android/base/adjust-sdk-sandbox.token"
 ac_add_options --with-leanplum-sdk-keyfile="$topsrcdir/mobile/android/base/leanplum-sdk-sandbox.token"
 ac_add_options --with-pocket-api-keyfile="$topsrcdir/mobile/android/base/pocket-api-sandbox.token"
--- a/mobile/android/config/mozconfigs/common
+++ b/mobile/android/config/mozconfigs/common
@@ -31,17 +31,18 @@ if [ -z "$NO_NDK" -a -z "$USE_ARTIFACT" 
     CXX="$topsrcdir/clang/bin/clang++"
     ac_add_options --with-android-ndk="$topsrcdir/android-ndk"
     # Enable static analysis plugin
     export ENABLE_CLANG_PLUGIN=1
 fi
 
 ac_add_options --enable-update-channel=${MOZ_UPDATE_CHANNEL}
 
-ac_add_options --with-google-api-keyfile=/builds/gapi.data
+ac_add_options --with-google-safebrowsing-api-keyfile=/builds/sb-gapi.data
+ac_add_options --with-google-location-api-keyfile=/builds/gls-gapi.data
 ac_add_options --with-mozilla-api-keyfile=/builds/mozilla-fennec-geoloc-api.key
 
 ac_add_options --enable-marionette
 
 # MOZ_INSTALL_TRACKING does not guarantee MOZ_UPDATE_CHANNEL will be set so we
 # provide a default state. Currently, the default state provides a default
 # keyfile because an assertion will be thrown if MOZ_INSTALL_TRACKING is
 # specified but a keyfile is not. This assertion can catch if we misconfigure a
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5613,44 +5613,44 @@ pref("browser.safebrowsing.id", "navclie
 #else
 pref("browser.safebrowsing.id", "Firefox");
 #endif
 
 // Download protection
 pref("browser.safebrowsing.downloads.enabled", true);
 pref("browser.safebrowsing.downloads.remote.enabled", true);
 pref("browser.safebrowsing.downloads.remote.timeout_ms", 15000);
-pref("browser.safebrowsing.downloads.remote.url", "https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_API_KEY%");
+pref("browser.safebrowsing.downloads.remote.url", "https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%");
 pref("browser.safebrowsing.downloads.remote.block_dangerous",            true);
 pref("browser.safebrowsing.downloads.remote.block_dangerous_host",       true);
 pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", true);
 pref("browser.safebrowsing.downloads.remote.block_uncommon",             true);
 
 // Google Safe Browsing provider (legacy)
 pref("browser.safebrowsing.provider.google.pver", "2.2");
 pref("browser.safebrowsing.provider.google.lists", "goog-badbinurl-shavar,goog-downloadwhite-digest256,goog-phish-shavar,googpub-phish-shavar,goog-malware-shavar,goog-unwanted-shavar");
-pref("browser.safebrowsing.provider.google.updateURL", "https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2&key=%GOOGLE_API_KEY%");
+pref("browser.safebrowsing.provider.google.updateURL", "https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2&key=%GOOGLE_SAFEBROWSING_API_KEY%");
 pref("browser.safebrowsing.provider.google.gethashURL", "https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2");
 pref("browser.safebrowsing.provider.google.reportURL", "https://safebrowsing.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
 pref("browser.safebrowsing.provider.google.reportPhishMistakeURL", "https://%LOCALE%.phish-error.mozilla.com/?hl=%LOCALE%&url=");
 pref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", "https://%LOCALE%.malware-error.mozilla.com/?hl=%LOCALE%&url=");
 pref("browser.safebrowsing.provider.google.advisoryURL", "https://developers.google.com/safe-browsing/v4/advisory");
 pref("browser.safebrowsing.provider.google.advisoryName", "Google Safe Browsing");
 
 // Google Safe Browsing provider
 pref("browser.safebrowsing.provider.google4.pver", "4");
 pref("browser.safebrowsing.provider.google4.lists", "goog-badbinurl-proto,goog-downloadwhite-proto,goog-phish-proto,googpub-phish-proto,goog-malware-proto,goog-unwanted-proto,goog-harmful-proto,goog-passwordwhite-proto");
-pref("browser.safebrowsing.provider.google4.updateURL", "https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%&$httpMethod=POST");
-pref("browser.safebrowsing.provider.google4.gethashURL", "https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%&$httpMethod=POST");
+pref("browser.safebrowsing.provider.google4.updateURL", "https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSING_API_KEY%&$httpMethod=POST");
+pref("browser.safebrowsing.provider.google4.gethashURL", "https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSING_API_KEY%&$httpMethod=POST");
 pref("browser.safebrowsing.provider.google4.reportURL", "https://safebrowsing.google.com/safebrowsing/diagnostic?client=%NAME%&hl=%LOCALE%&site=");
 pref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", "https://%LOCALE%.phish-error.mozilla.com/?hl=%LOCALE%&url=");
 pref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", "https://%LOCALE%.malware-error.mozilla.com/?hl=%LOCALE%&url=");
 pref("browser.safebrowsing.provider.google4.advisoryURL", "https://developers.google.com/safe-browsing/v4/advisory");
 pref("browser.safebrowsing.provider.google4.advisoryName", "Google Safe Browsing");
-pref("browser.safebrowsing.provider.google4.dataSharingURL", "https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_API_KEY%&$httpMethod=POST");
+pref("browser.safebrowsing.provider.google4.dataSharingURL", "https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSING_API_KEY%&$httpMethod=POST");
 pref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
 
 pref("browser.safebrowsing.reportPhishURL", "https://%LOCALE%.phish-report.mozilla.com/?hl=%LOCALE%&url=");
 
 // Mozilla Safe Browsing provider (for tracking protection and plugin blocking)
 pref("browser.safebrowsing.provider.mozilla.pver", "2.2");
 pref("browser.safebrowsing.provider.mozilla.lists", "base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256,mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256,except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256,block-flashsubdoc-digest256,except-flashsubdoc-digest256,ads-track-digest256,social-track-digest256,analytics-track-digest256,base-fingerprinting-track-digest256,content-fingerprinting-track-digest256,base-cryptomining-track-digest256,content-cryptomining-track-digest256,fanboyannoyance-ads-digest256,fanboysocial-ads-digest256,easylist-ads-digest256,easyprivacy-ads-digest256,adguard-ads-digest256");
 pref("browser.safebrowsing.provider.mozilla.updateURL", "https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2");
--- a/toolkit/components/url-classifier/SafeBrowsing.jsm
+++ b/toolkit/components/url-classifier/SafeBrowsing.jsm
@@ -347,20 +347,20 @@ var SafeBrowsing = {
       let updateURL = Services.urlFormatter.formatURLPref(
         "browser.safebrowsing.provider." + provider + ".updateURL");
       let gethashURL = Services.urlFormatter.formatURLPref(
         "browser.safebrowsing.provider." + provider + ".gethashURL");
       updateURL = updateURL.replace("SAFEBROWSING_ID", clientID);
       gethashURL = gethashURL.replace("SAFEBROWSING_ID", clientID);
 
       // Disable updates and gethash if the Google API key is missing.
-      let googleKey = Services.urlFormatter.formatURL("%GOOGLE_API_KEY%").trim();
+      let googleSBKey = Services.urlFormatter.formatURL("%GOOGLE_SAFEBROWSING_API_KEY%").trim();
       if ((provider == "google" || provider == "google4") &&
-          (!googleKey || googleKey == "no-google-api-key")) {
-        log("Missing Google API key, clearing updateURL and gethashURL.");
+          (!googleSBKey || googleSBKey == "no-google-safebrowsing-api-key")) {
+        log("Missing Google SafeBrowsing API key, clearing updateURL and gethashURL.");
         updateURL = "";
         gethashURL = "";
       }
 
       log("Provider: " + provider + " updateURL=" + updateURL);
       log("Provider: " + provider + " gethashURL=" + gethashURL);
 
       // Urls used to update DB
--- a/toolkit/components/url-classifier/tests/mochitest/test_safebrowsing_bug1272239.html
+++ b/toolkit/components/url-classifier/tests/mochitest/test_safebrowsing_bug1272239.html
@@ -55,32 +55,32 @@ for (let provider in providers) {
 var lists = [];
 for (let pref of prefs) {
   lists = lists.concat(SpecialPowers.getCharPref(pref).split(","));
 }
 
 var listmanager = Cc["@mozilla.org/url-classifier/listmanager;1"].
                   getService(Ci.nsIUrlListManager);
 
-let googleKey = SpecialPowers.Services.urlFormatter.formatURL("%GOOGLE_API_KEY%").trim();
+let googleKey = SpecialPowers.Services.urlFormatter.formatURL("%GOOGLE_SAFEBROWSING_API_KEY%").trim();
 
 for (let list of lists) {
   if (!list)
     continue;
 
   // For lists having a provider, it should have a correct gethash url
   // For lists without a provider, for example, test-malware-simple, it should not
   // have a gethash url.
   var url = listmanager.getGethashUrl(list);
   var index = listsWithProvider.indexOf(list);
   if (index >= 0) {
     let provider = listsToProvider[index];
     let pref = "browser.safebrowsing.provider." + provider + ".gethashURL";
     if ((provider == "google" || provider == "google4") &&
-        (!googleKey || googleKey == "no-google-api-key")) {
+        (!googleKey || googleKey == "no-google-safebrowsing-api-key")) {
       is(url, "", "getHash url of " + list + " should be empty");
     } else {
       is(url, SpecialPowers.getCharPref(pref), list + " matches its gethash url");
     }
   } else {
     is(url, "", list + " should not have a gethash url");
   }
 }
--- a/toolkit/components/urlformatter/URLFormatter.jsm
+++ b/toolkit/components/urlformatter/URLFormatter.jsm
@@ -80,17 +80,18 @@ nsURLFormatterService.prototype = {
     PLATFORMBUILDID() { return Services.appinfo.platformBuildID; },
     APP() { return Services.appinfo.name.toLowerCase().replace(/ /, ""); },
     OS() { return Services.appinfo.OS; },
     XPCOMABI() { return this.ABI; },
     BUILD_TARGET() { return Services.appinfo.OS + "_" + this.ABI; },
     OS_VERSION() { return this.OSVersion; },
     CHANNEL:          () => UpdateUtils.UpdateChannel,
     MOZILLA_API_KEY:  () => AppConstants.MOZ_MOZILLA_API_KEY,
-    GOOGLE_API_KEY:   () => AppConstants.MOZ_GOOGLE_API_KEY,
+    GOOGLE_GEOLOCATION_API_KEY:   () => AppConstants.MOZ_GOOGLE_GEOLOCATION_API_KEY,
+    GOOGLE_SAFEBROWSING_API_KEY:   () => AppConstants.MOZ_GOOGLE_SAFEBROWSING_API_KEY,
     BING_API_CLIENTID: () => AppConstants.MOZ_BING_API_CLIENTID,
     BING_API_KEY:     () => AppConstants.MOZ_BING_API_KEY,
     DISTRIBUTION() { return this.distribution.id; },
     DISTRIBUTION_VERSION() { return this.distribution.version; },
   },
 
   formatURL: function uf_formatURL(aFormat) {
     var _this = this;
@@ -121,16 +122,19 @@ nsURLFormatterService.prototype = {
         format = Services.prefs.getComplexValue(aPref, Ci.nsIPrefLocalizedString).data;
       } catch (ex) {}
     }
 
     return this.formatURL(format);
   },
 
   trimSensitiveURLs: function uf_trimSensitiveURLs(aMsg) {
-    // Only the google API key is sensitive for now.
-    return AppConstants.MOZ_GOOGLE_API_KEY ? aMsg.replace(RegExp(AppConstants.MOZ_GOOGLE_API_KEY, "g"),
-                                                 "[trimmed-google-api-key]")
+    // Only the google API keys is sensitive for now.
+    aMsg = AppConstants.MOZ_GOOGLE_GEOLOCATION_API_KEY ? aMsg.replace(RegExp(AppConstants.MOZ_GOOGLE_GEOLOCATION_API_KEY, "g"),
+                                                 "[trimmed-google-geolocation-api-key]")
+                                  : aMsg;
+    return AppConstants.MOZ_GOOGLE_SAFEBROWSING_API_KEY ? aMsg.replace(RegExp(AppConstants.MOZ_GOOGLE_SAFEBROWSING_API_KEY, "g"),
+                                                 "[trimmed-google-safebrowsing-api-key]")
                                   : aMsg;
   },
 };
 
 var EXPORTED_SYMBOLS = ["nsURLFormatterService"];
--- a/toolkit/components/urlformatter/tests/unit/test_urlformatter.js
+++ b/toolkit/components/urlformatter/tests/unit/test_urlformatter.js
@@ -41,16 +41,19 @@ function run_test() {
   // Keys must be uppercase
   Assert.notEqual(formatter.formatURL(lowerUrlRaw), ulUrlRef);
   Assert.equal(formatter.formatURL(multiUrl), multiUrlRef);
   // Encoded strings must be kept as is (Bug 427304)
   Assert.equal(formatter.formatURL(encodedUrl), encodedUrlRef);
 
   Assert.equal(formatter.formatURL(advancedUrl), advancedUrlRef);
 
-  for (let val of ["MOZILLA_API_KEY", "GOOGLE_API_KEY", "BING_API_CLIENTID", "BING_API_KEY"]) {
+  for (let val of ["MOZILLA_API_KEY", "GOOGLE_GEOLOCATION_API_KEY", "GOOGLE_SAFEBROWSING_API_KEY", "BING_API_CLIENTID", "BING_API_KEY"]) {
     let url = "http://test.mozilla.com/?val=%" + val + "%";
     Assert.notEqual(formatter.formatURL(url), url);
   }
 
-  let url = "http://test.mozilla.com/%GOOGLE_API_KEY%/?val=%GOOGLE_API_KEY%";
-  Assert.equal(formatter.trimSensitiveURLs(formatter.formatURL(url)), "http://test.mozilla.com/[trimmed-google-api-key]/?val=[trimmed-google-api-key]");
+  let url_sb = "http://test.mozilla.com/%GOOGLE_SAFEBROWSING_API_KEY%/?val=%GOOGLE_SAFEBROWSING_API_KEY%";
+  Assert.equal(formatter.trimSensitiveURLs(formatter.formatURL(url_sb)), "http://test.mozilla.com/[trimmed-google-safebrowsing-api-key]/?val=[trimmed-google-safebrowsing-api-key]");
+
+  let url_gls = "http://test.mozilla.com/%GOOGLE_GEOLOCATION_API_KEY%/?val=%GOOGLE_GEOLOCATION_API_KEY%";
+  Assert.equal(formatter.trimSensitiveURLs(formatter.formatURL(url_gls)), "http://test.mozilla.com/[trimmed-google-geolocation-api-key]/?val=[trimmed-google-geolocation-api-key]");
 }
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -315,17 +315,18 @@ this.AppConstants = Object.freeze({
   INSTALL_LOCALE: "@AB_CD@",
   MOZ_WIDGET_TOOLKIT: "@MOZ_WIDGET_TOOLKIT@",
   ANDROID_PACKAGE_NAME: "@ANDROID_PACKAGE_NAME@",
 
   DEBUG_JS_MODULES: "@DEBUG_JS_MODULES@",
 
   MOZ_BING_API_CLIENTID: "@MOZ_BING_API_CLIENTID@",
   MOZ_BING_API_KEY: "@MOZ_BING_API_KEY@",
-  MOZ_GOOGLE_API_KEY: "@MOZ_GOOGLE_API_KEY@",
+  MOZ_GOOGLE_GEOLOCATION_API_KEY: "@MOZ_GOOGLE_GEOLOCATION_API_KEY@",
+  MOZ_GOOGLE_SAFEBROWSING_API_KEY: "@MOZ_GOOGLE_SAFEBROWSING_API_KEY@",
   MOZ_MOZILLA_API_KEY: "@MOZ_MOZILLA_API_KEY@",
 
   BROWSER_CHROME_URL: "@BROWSER_CHROME_URL@",
 
   // URL to the hg revision this was built from (e.g.
   // "https://hg.mozilla.org/mozilla-central/rev/6256ec9113c1")
   // On unofficial builds, this is an empty string.
 #ifndef MOZ_SOURCE_URL
--- a/toolkit/modules/Troubleshoot.jsm
+++ b/toolkit/modules/Troubleshoot.jsm
@@ -221,18 +221,21 @@ var dataProviders = {
     } catch (e) {
       data.autoStartStatus = -1;
     }
 
     if (Services.policies) {
       data.policiesStatus = Services.policies.status;
     }
 
-    const keyGoogle = Services.urlFormatter.formatURL("%GOOGLE_API_KEY%").trim();
-    data.keyGoogleFound = keyGoogle != "no-google-api-key" && keyGoogle.length > 0;
+    const keyGLSGoogle = Services.urlFormatter.formatURL("%GOOGLE_GEOLOCATION_API_KEY%").trim();
+    data.keyGLSGoogleFound = keyGLSGoogle != "no-google-geolocation-api-key" && keyGLSGoogle.length > 0;
+
+    const keySBGoogle = Services.urlFormatter.formatURL("%GOOGLE_SAFEBROWSING_API_KEY%").trim();
+    data.keySBGoogleFound = keySBGoogle != "no-google-safebrowsing-api-key" && keySBGoogle.length > 0;
 
     const keyMozilla = Services.urlFormatter.formatURL("%MOZILLA_API_KEY%").trim();
     data.keyMozillaFound = keyMozilla != "no-mozilla-api-key" && keyMozilla.length > 0;
 
     done(data);
   },
 
   extensions: async function extensions(done) {
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -297,17 +297,18 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'wind
     ]
 
 for var in ('ANDROID_PACKAGE_NAME',
             'MOZ_APP_NAME',
             'MOZ_APP_VERSION',
             'MOZ_APP_VERSION_DISPLAY',
             'MOZ_BING_API_CLIENTID',
             'MOZ_BING_API_KEY',
-            'MOZ_GOOGLE_API_KEY',
+            'MOZ_GOOGLE_GEOLOCATION_API_KEY',
+            'MOZ_GOOGLE_SAFEBROWSING_API_KEY',
             'MOZ_MACBUNDLE_NAME',
             'MOZ_MOZILLA_API_KEY',
             'MOZ_WIDGET_TOOLKIT',
             'DLL_PREFIX',
             'DLL_SUFFIX',
             'DEBUG_JS_MODULES'):
             DEFINES[var] = CONFIG[var]
 
--- a/toolkit/moz.configure
+++ b/toolkit/moz.configure
@@ -646,17 +646,19 @@ check_prog('ZIP', ('zip',))
 check_prog('GN', ('gn',), allow_missing=True)
 
 # Key files
 # ==============================================================
 include('../build/moz.configure/keyfiles.configure')
 
 simple_keyfile('Mozilla API')
 
-simple_keyfile('Google API')
+simple_keyfile('Google Location Service API')
+
+simple_keyfile('Google Safebrowsing API')
 
 id_and_secret_keyfile('Bing API')
 
 simple_keyfile('Adjust SDK')
 
 id_and_secret_keyfile('Leanplum SDK')
 
 simple_keyfile('Pocket API')