mirror of
https://codeberg.org/kiss-community/repo
synced 2024-12-25 16:50:07 -07:00
210 lines
9.0 KiB
Diff
210 lines
9.0 KiB
Diff
From 8f348bf2c249701de2f6049ac57fe346bd6b665f Mon Sep 17 00:00:00 2001
|
|
From: Joachim Bauch <jojo@struktur.de>
|
|
Date: Tue, 7 Jul 2015 18:28:46 +0200
|
|
Subject: [PATCH 48/66] safe_browsing: disable reporting of safebrowsing
|
|
override
|
|
|
|
Disables reporting of the safebrowsing override, i.e. the report sent
|
|
if a user decides to visit a page that was flagged as "insecure".
|
|
This prevents trk:148 (phishing) and trk:149 (malware).
|
|
---
|
|
.../browser/safe_browsing/client_side_detection_service.cc | 12 ++++++++++++
|
|
1 file changed, 12 insertions(+)
|
|
|
|
--- a/chrome/browser/safe_browsing/client_side_detection_service.cc
|
|
+++ b/chrome/browser/safe_browsing/client_side_detection_service.cc
|
|
@@ -64,12 +64,6 @@ enum MalwareReportTypes {
|
|
REPORT_RESULT_MAX
|
|
};
|
|
|
|
-void UpdateEnumUMAHistogram(MalwareReportTypes report_type) {
|
|
- DCHECK(report_type >= 0 && report_type < REPORT_RESULT_MAX);
|
|
- UMA_HISTOGRAM_ENUMERATION("SBClientMalware.SentReports", report_type,
|
|
- REPORT_RESULT_MAX);
|
|
-}
|
|
-
|
|
} // namespace
|
|
|
|
const int ClientSideDetectionService::kInitialClientModelFetchDelayMs = 10000;
|
|
@@ -284,94 +278,8 @@ void ClientSideDetectionService::StartCl
|
|
DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
|
std::unique_ptr<ClientPhishingRequest> request(verdict);
|
|
|
|
- if (!enabled_) {
|
|
- if (!callback.is_null())
|
|
- callback.Run(GURL(request->url()), false);
|
|
- return;
|
|
- }
|
|
-
|
|
- // Fill in metadata about which model we used.
|
|
- if (is_extended_reporting) {
|
|
- request->set_model_filename(model_loader_extended_->name());
|
|
- request->mutable_population()->set_user_population(
|
|
- ChromeUserPopulation::EXTENDED_REPORTING);
|
|
- } else {
|
|
- request->set_model_filename(model_loader_standard_->name());
|
|
- request->mutable_population()->set_user_population(
|
|
- ChromeUserPopulation::SAFE_BROWSING);
|
|
- }
|
|
- DVLOG(2) << "Starting report for hit on model " << request->model_filename();
|
|
-
|
|
- request->mutable_population()->set_profile_management_status(
|
|
- GetProfileManagementStatus(
|
|
- g_browser_process->browser_policy_connector()));
|
|
-
|
|
- std::string request_data;
|
|
- if (!request->SerializeToString(&request_data)) {
|
|
- UMA_HISTOGRAM_COUNTS_1M("SBClientPhishing.RequestNotSerialized", 1);
|
|
- DVLOG(1) << "Unable to serialize the CSD request. Proto file changed?";
|
|
- if (!callback.is_null())
|
|
- callback.Run(GURL(request->url()), false);
|
|
- return;
|
|
- }
|
|
-
|
|
- net::NetworkTrafficAnnotationTag traffic_annotation =
|
|
- net::DefineNetworkTrafficAnnotation(
|
|
- "safe_browsing_client_side_phishing_detector", R"(
|
|
- semantics {
|
|
- sender: "Safe Browsing Client-Side Phishing Detector"
|
|
- description:
|
|
- "If the client-side phishing detector determines that the "
|
|
- "current page contents are similar to phishing pages, it will "
|
|
- "send a request to Safe Browsing to ask for a final verdict. If "
|
|
- "Safe Browsing agrees the page is dangerous, Chrome will show a "
|
|
- "full-page interstitial warning."
|
|
- trigger:
|
|
- "Whenever the clinet-side detector machine learning model "
|
|
- "computes a phishy-ness score above a threshold, after page-load."
|
|
- data:
|
|
- "Top-level page URL without CGI parameters, boolean and double "
|
|
- "features extracted from DOM, such as the number of resources "
|
|
- "loaded in the page, if certain likely phishing and social "
|
|
- "engineering terms found on the page, etc."
|
|
- destination: GOOGLE_OWNED_SERVICE
|
|
- }
|
|
- policy {
|
|
- cookies_allowed: YES
|
|
- cookies_store: "Safe browsing cookie store"
|
|
- setting:
|
|
- "Users can enable or disable this feature by toggling 'Protect "
|
|
- "you and your device from dangerous sites' in Chrome settings "
|
|
- "under Privacy. This feature is enabled by default."
|
|
- chrome_policy {
|
|
- SafeBrowsingEnabled {
|
|
- policy_options {mode: MANDATORY}
|
|
- SafeBrowsingEnabled: false
|
|
- }
|
|
- }
|
|
- })");
|
|
- auto resource_request = std::make_unique<network::ResourceRequest>();
|
|
- resource_request->url = GetClientReportUrl(kClientReportPhishingUrl);
|
|
- resource_request->method = "POST";
|
|
- resource_request->load_flags = net::LOAD_DISABLE_CACHE;
|
|
- auto loader = network::SimpleURLLoader::Create(std::move(resource_request),
|
|
- traffic_annotation);
|
|
- loader->AttachStringForUpload(request_data, "application/octet-stream");
|
|
- loader->DownloadToStringOfUnboundedSizeUntilCrashAndDie(
|
|
- url_loader_factory_.get(),
|
|
- base::BindOnce(&ClientSideDetectionService::OnURLLoaderComplete,
|
|
- base::Unretained(this), loader.get()));
|
|
-
|
|
- // Remember which callback and URL correspond to the current fetcher object.
|
|
- std::unique_ptr<ClientPhishingReportInfo> info(new ClientPhishingReportInfo);
|
|
- auto* loader_ptr = loader.get();
|
|
- info->loader = std::move(loader);
|
|
- info->callback = callback;
|
|
- info->phishing_url = GURL(request->url());
|
|
- client_phishing_reports_[loader_ptr] = std::move(info);
|
|
-
|
|
- // Record that we made a request
|
|
- phishing_report_times_.push(base::Time::Now());
|
|
+ if (!callback.is_null())
|
|
+ callback.Run(GURL(request->url()), false);
|
|
}
|
|
|
|
void ClientSideDetectionService::StartClientReportMalwareRequest(
|
|
@@ -380,81 +288,8 @@ void ClientSideDetectionService::StartCl
|
|
DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
|
std::unique_ptr<ClientMalwareRequest> request(verdict);
|
|
|
|
- if (!enabled_) {
|
|
- if (!callback.is_null())
|
|
- callback.Run(GURL(request->url()), GURL(request->url()), false);
|
|
- return;
|
|
- }
|
|
-
|
|
- std::string request_data;
|
|
- if (!request->SerializeToString(&request_data)) {
|
|
- UpdateEnumUMAHistogram(REPORT_FAILED_SERIALIZATION);
|
|
- DVLOG(1) << "Unable to serialize the CSD request. Proto file changed?";
|
|
- if (!callback.is_null())
|
|
- callback.Run(GURL(request->url()), GURL(request->url()), false);
|
|
- return;
|
|
- }
|
|
-
|
|
- net::NetworkTrafficAnnotationTag traffic_annotation =
|
|
- net::DefineNetworkTrafficAnnotation(
|
|
- "safe_browsing_client_side_malware_detector", R"(
|
|
- semantics {
|
|
- sender: "Safe Browsing Client-Side Malware Detector"
|
|
- description:
|
|
- "If the client-side malware detector determines that a requested "
|
|
- "page's IP is in the blacklisted malware IPs, it will send a "
|
|
- "request to Safe Browsing to ask for a final verdict. If Safe "
|
|
- "Browsing agrees the page is dangerous, Chrome will show a "
|
|
- "full-page interstitial warning."
|
|
- trigger:
|
|
- "Whenever the IP of the page is in malware blacklist."
|
|
- data:
|
|
- "Top-level page URL without CGI parameters, its non-https "
|
|
- "referrer, URLs of resources that match IP blacklist."
|
|
- destination: GOOGLE_OWNED_SERVICE
|
|
- }
|
|
- policy {
|
|
- cookies_allowed: YES
|
|
- cookies_store: "Safe browsing cookie store"
|
|
- setting:
|
|
- "Users can enable or disable this feature by toggling 'Protect "
|
|
- "you and your device from dangerous sites' in Chrome settings "
|
|
- "under Privacy. This feature is enabled by default."
|
|
- chrome_policy {
|
|
- SafeBrowsingEnabled {
|
|
- policy_options {mode: MANDATORY}
|
|
- SafeBrowsingEnabled: false
|
|
- }
|
|
- }
|
|
- })");
|
|
- auto resource_request = std::make_unique<network::ResourceRequest>();
|
|
- resource_request->url = GetClientReportUrl(kClientReportMalwareUrl);
|
|
- resource_request->method = "POST";
|
|
- resource_request->load_flags = net::LOAD_DISABLE_CACHE;
|
|
- auto loader = network::SimpleURLLoader::Create(std::move(resource_request),
|
|
- traffic_annotation);
|
|
- loader->AttachStringForUpload(request_data, "application/octet-stream");
|
|
- loader->DownloadToStringOfUnboundedSizeUntilCrashAndDie(
|
|
- url_loader_factory_.get(),
|
|
- base::BindOnce(&ClientSideDetectionService::OnURLLoaderComplete,
|
|
- base::Unretained(this), loader.get()));
|
|
-
|
|
- // Remember which callback and URL correspond to the current fetcher object.
|
|
- std::unique_ptr<ClientMalwareReportInfo> info(new ClientMalwareReportInfo);
|
|
- auto* loader_ptr = loader.get();
|
|
- info->loader = std::move(loader);
|
|
- info->callback = callback;
|
|
- info->original_url = GURL(request->url());
|
|
- client_malware_reports_[loader_ptr] = std::move(info);
|
|
-
|
|
- UMA_HISTOGRAM_ENUMERATION("SBClientMalware.SentReports", REPORT_SENT,
|
|
- REPORT_RESULT_MAX);
|
|
-
|
|
- UMA_HISTOGRAM_COUNTS_1M("SBClientMalware.IPBlacklistRequestPayloadSize",
|
|
- request_data.size());
|
|
-
|
|
- // Record that we made a malware request
|
|
- malware_report_times_.push(base::Time::Now());
|
|
+ if (!callback.is_null())
|
|
+ callback.Run(GURL(request->url()), GURL(request->url()), false);
|
|
}
|
|
|
|
void ClientSideDetectionService::HandlePhishingVerdict(
|