MetaMask · whymarrh · Jun 17, 2020 · Jun 16, 2020
diff --git a/src/third-party/PhishingController.ts b/src/third-party/PhishingController.ts
@@ -52,7 +52,7 @@ export interface PhishingState extends BaseState {
  * Controller that passively polls on a set interval for approved and unapproved website origins
  */
 export class PhishingController extends BaseController<PhishingConfig, PhishingState> {
-	private configUrl = 'https://raw.githubusercontent.com/MetaMask/eth-phishing-detect/master/src/config.json';
+	private configUrl = 'https://api.github.com/repos/MetaMask/eth-phishing-detect/contents/src/config.json';
 	private configEtag: string = '';
 	private detector: any;
 	private handle?: NodeJS.Timer;
@@ -140,6 +140,7 @@ export class PhishingController extends BaseController<PhishingConfig, PhishingS
 	private async queryConfig(input: RequestInfo): Promise<EthPhishingResponse | null> {
 		const response = await fetch(input, {
 			headers: {
+				'Accept': 'application/vnd.github.v3.raw+json',
 				'If-None-Match': this.configEtag
 			}
 		});
@@ -149,7 +150,8 @@ export class PhishingController extends BaseController<PhishingConfig, PhishingS
 				this.configEtag = response.headers.get('ETag') || /* istanbul ignore next */ '';
 				return await response.json();
 			}
-			case 304: {
+			case 304:
+			case 403: {
 				return null;
 			}
 			default: {