123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209 |
- From 8f348bf2c249701de2f6049ac57fe346bd6b665f Mon Sep 17 00:00:00 2001
- From: Joachim Bauch <jojo@struktur.de>
- Date: Tue, 7 Jul 2015 18:28:46 +0200
- Subject: [PATCH 48/66] safe_browsing: disable reporting of safebrowsing
- override
- Disables reporting of the safebrowsing override, i.e. the report sent
- if a user decides to visit a page that was flagged as "insecure".
- This prevents trk:148 (phishing) and trk:149 (malware).
- ---
- .../browser/safe_browsing/client_side_detection_service.cc | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
- --- a/chrome/browser/safe_browsing/client_side_detection_service.cc
- +++ b/chrome/browser/safe_browsing/client_side_detection_service.cc
- @@ -63,12 +63,6 @@ enum MalwareReportTypes {
- REPORT_RESULT_MAX
- };
-
- -void UpdateEnumUMAHistogram(MalwareReportTypes report_type) {
- - DCHECK(report_type >= 0 && report_type < REPORT_RESULT_MAX);
- - UMA_HISTOGRAM_ENUMERATION("SBClientMalware.SentReports", report_type,
- - REPORT_RESULT_MAX);
- -}
- -
- } // namespace
-
- const int ClientSideDetectionService::kInitialClientModelFetchDelayMs = 10000;
- @@ -281,94 +275,8 @@ void ClientSideDetectionService::StartCl
- DCHECK_CURRENTLY_ON(BrowserThread::UI);
- std::unique_ptr<ClientPhishingRequest> request(verdict);
-
- - if (!enabled_) {
- - if (!callback.is_null())
- - callback.Run(GURL(request->url()), false);
- - return;
- - }
- -
- - // Fill in metadata about which model we used.
- - if (is_extended_reporting) {
- - request->set_model_filename(model_loader_extended_->name());
- - request->mutable_population()->set_user_population(
- - ChromeUserPopulation::EXTENDED_REPORTING);
- - } else {
- - request->set_model_filename(model_loader_standard_->name());
- - request->mutable_population()->set_user_population(
- - ChromeUserPopulation::SAFE_BROWSING);
- - }
- - DVLOG(2) << "Starting report for hit on model " << request->model_filename();
- -
- - request->mutable_population()->set_profile_management_status(
- - GetProfileManagementStatus(
- - g_browser_process->browser_policy_connector()));
- -
- - std::string request_data;
- - if (!request->SerializeToString(&request_data)) {
- - UMA_HISTOGRAM_COUNTS_1M("SBClientPhishing.RequestNotSerialized", 1);
- - DVLOG(1) << "Unable to serialize the CSD request. Proto file changed?";
- - if (!callback.is_null())
- - callback.Run(GURL(request->url()), false);
- - return;
- - }
- -
- - net::NetworkTrafficAnnotationTag traffic_annotation =
- - net::DefineNetworkTrafficAnnotation(
- - "safe_browsing_client_side_phishing_detector", R"(
- - semantics {
- - sender: "Safe Browsing Client-Side Phishing Detector"
- - description:
- - "If the client-side phishing detector determines that the "
- - "current page contents are similar to phishing pages, it will "
- - "send a request to Safe Browsing to ask for a final verdict. If "
- - "Safe Browsing agrees the page is dangerous, Chrome will show a "
- - "full-page interstitial warning."
- - trigger:
- - "Whenever the clinet-side detector machine learning model "
- - "computes a phishy-ness score above a threshold, after page-load."
- - data:
- - "Top-level page URL without CGI parameters, boolean and double "
- - "features extracted from DOM, such as the number of resources "
- - "loaded in the page, if certain likely phishing and social "
- - "engineering terms found on the page, etc."
- - destination: GOOGLE_OWNED_SERVICE
- - }
- - policy {
- - cookies_allowed: YES
- - cookies_store: "Safe browsing cookie store"
- - setting:
- - "Users can enable or disable this feature by toggling 'Protect "
- - "you and your device from dangerous sites' in Chrome settings "
- - "under Privacy. This feature is enabled by default."
- - chrome_policy {
- - SafeBrowsingEnabled {
- - policy_options {mode: MANDATORY}
- - SafeBrowsingEnabled: false
- - }
- - }
- - })");
- - auto resource_request = std::make_unique<network::ResourceRequest>();
- - resource_request->url = GetClientReportUrl(kClientReportPhishingUrl);
- - resource_request->method = "POST";
- - resource_request->load_flags = net::LOAD_DISABLE_CACHE;
- - auto loader = network::SimpleURLLoader::Create(std::move(resource_request),
- - traffic_annotation);
- - loader->AttachStringForUpload(request_data, "application/octet-stream");
- - loader->DownloadToStringOfUnboundedSizeUntilCrashAndDie(
- - url_loader_factory_.get(),
- - base::BindOnce(&ClientSideDetectionService::OnURLLoaderComplete,
- - base::Unretained(this), loader.get()));
- -
- - // Remember which callback and URL correspond to the current fetcher object.
- - std::unique_ptr<ClientPhishingReportInfo> info(new ClientPhishingReportInfo);
- - auto* loader_ptr = loader.get();
- - info->loader = std::move(loader);
- - info->callback = callback;
- - info->phishing_url = GURL(request->url());
- - client_phishing_reports_[loader_ptr] = std::move(info);
- -
- - // Record that we made a request
- - phishing_report_times_.push(base::Time::Now());
- + if (!callback.is_null())
- + callback.Run(GURL(request->url()), false);
- }
-
- void ClientSideDetectionService::StartClientReportMalwareRequest(
- @@ -377,81 +285,8 @@ void ClientSideDetectionService::StartCl
- DCHECK_CURRENTLY_ON(BrowserThread::UI);
- std::unique_ptr<ClientMalwareRequest> request(verdict);
-
- - if (!enabled_) {
- - if (!callback.is_null())
- - callback.Run(GURL(request->url()), GURL(request->url()), false);
- - return;
- - }
- -
- - std::string request_data;
- - if (!request->SerializeToString(&request_data)) {
- - UpdateEnumUMAHistogram(REPORT_FAILED_SERIALIZATION);
- - DVLOG(1) << "Unable to serialize the CSD request. Proto file changed?";
- - if (!callback.is_null())
- - callback.Run(GURL(request->url()), GURL(request->url()), false);
- - return;
- - }
- -
- - net::NetworkTrafficAnnotationTag traffic_annotation =
- - net::DefineNetworkTrafficAnnotation(
- - "safe_browsing_client_side_malware_detector", R"(
- - semantics {
- - sender: "Safe Browsing Client-Side Malware Detector"
- - description:
- - "If the client-side malware detector determines that a requested "
- - "page's IP is in the blacklisted malware IPs, it will send a "
- - "request to Safe Browsing to ask for a final verdict. If Safe "
- - "Browsing agrees the page is dangerous, Chrome will show a "
- - "full-page interstitial warning."
- - trigger:
- - "Whenever the IP of the page is in malware blacklist."
- - data:
- - "Top-level page URL without CGI parameters, its non-https "
- - "referrer, URLs of resources that match IP blacklist."
- - destination: GOOGLE_OWNED_SERVICE
- - }
- - policy {
- - cookies_allowed: YES
- - cookies_store: "Safe browsing cookie store"
- - setting:
- - "Users can enable or disable this feature by toggling 'Protect "
- - "you and your device from dangerous sites' in Chrome settings "
- - "under Privacy. This feature is enabled by default."
- - chrome_policy {
- - SafeBrowsingEnabled {
- - policy_options {mode: MANDATORY}
- - SafeBrowsingEnabled: false
- - }
- - }
- - })");
- - auto resource_request = std::make_unique<network::ResourceRequest>();
- - resource_request->url = GetClientReportUrl(kClientReportMalwareUrl);
- - resource_request->method = "POST";
- - resource_request->load_flags = net::LOAD_DISABLE_CACHE;
- - auto loader = network::SimpleURLLoader::Create(std::move(resource_request),
- - traffic_annotation);
- - loader->AttachStringForUpload(request_data, "application/octet-stream");
- - loader->DownloadToStringOfUnboundedSizeUntilCrashAndDie(
- - url_loader_factory_.get(),
- - base::BindOnce(&ClientSideDetectionService::OnURLLoaderComplete,
- - base::Unretained(this), loader.get()));
- -
- - // Remember which callback and URL correspond to the current fetcher object.
- - std::unique_ptr<ClientMalwareReportInfo> info(new ClientMalwareReportInfo);
- - auto* loader_ptr = loader.get();
- - info->loader = std::move(loader);
- - info->callback = callback;
- - info->original_url = GURL(request->url());
- - client_malware_reports_[loader_ptr] = std::move(info);
- -
- - UMA_HISTOGRAM_ENUMERATION("SBClientMalware.SentReports", REPORT_SENT,
- - REPORT_RESULT_MAX);
- -
- - UMA_HISTOGRAM_COUNTS_1M("SBClientMalware.IPBlacklistRequestPayloadSize",
- - request_data.size());
- -
- - // Record that we made a malware request
- - malware_report_times_.push(base::Time::Now());
- + if (!callback.is_null())
- + callback.Run(GURL(request->url()), GURL(request->url()), false);
- }
-
- void ClientSideDetectionService::HandlePhishingVerdict(
|