Dismiss button does not cancel malware download |
|||||||||
Issue descriptionVersion: 50.0.2661.18 dev OS: 10.11.2 (15C50) What steps will reproduce the problem? (1) Click https://testsafebrowsing.appspot.com/s/content.exe >> Notice that there is a progress bar under the download folder in the dock, and a (1) download indicator on the Chrome dock icon. (2) There will be a notice in the download bar saying "content.exe is malicious and Chrome has blocked it." There will be one button, [Dismiss]. Click that button. Issues: - The malware file *still exists on the disk* (with an "unconfirmed" file name) - The (1) download indicator on the Chrome dock icon still exists - The progress bar under the download folder in the dock is still there The only way to completely *stop* the download is to go into chrome://downloads/ and click the "Remove from list" button. But that's undiscoverable. When the user clicks the [Dismiss] button for a malware download, that should *stop* the malware download!
,
Mar 14 2016
I agree, I think we should reconsider the downloads warning flow at some point, given how the CTR has been climbing over time. I'll defer to nparker though about how it should be prioritized and when we should work on i t.
,
Mar 14 2016
(The download indicator in the dock not going away sounds like issue 349745 , though that was on Win.)
,
Mar 14 2016
Asanka: To fix the bug described here, why not have "dismiss" also cancel/delete the download? The path to recovery would remain approximately the same, with the caveat that they couldn't hit dismiss first. As for refactoring the overall download warning flow, it's not on my immediate plans. We should consider replacing the download shelf altogether as part of it.
,
Mar 15 2016
Matt: The native download notification code is the same on all platforms, branching out natively in the last minute, so that part would be a duplicate. Let's leave this bug about dismiss not cancelling, and I'll dup the notification code over to the other bug. Thanks for the link.
,
Mar 15 2016
#4: Yeah, we can turn the "dismiss" into a "discard". Users who need to recover the malware will need to open chrome://downloads without responding to the warning. If this is okay with security-ui, then we can go that route. (+felt). Until recently, the download shelf replacement UI was supposed to be the cross platform notification center. But the latter is no longer happening. The notifications based UI on Chrome OS was what the UI was going to be on all platforms.
,
Mar 16 2016
re #6: I'm ok with that plan, although whoever implements it might actually want to keep the file around for long enough for the SBER upload to work (if applicable) before actually deleting it.
,
May 6 2016
asanka -- do you know if someone from the Downloads team can take a look at this? If the download spinner keeps spinning, we should at least fix that.. may be.
,
May 6 2016
,
May 9 2016
Unfortunately downloads is currently very hosed. So this would have to wait until the current set of emergencies have been dealt with.
,
May 9 2016
Removing the SafeBrowsing-Triaged for now since there's no owner.
,
Jun 3 2016
nparker@ to figure out the right owner.
,
Jun 29 2016
-->jialul who is corralling the download UI bugs.
,
Jun 29 2016
Related bug: https://bugs.chromium.org/p/chromium/issues/detail?id=622130 Quitting Chrome may leave dangerous downloads in a failed state instead of removing them
,
Jun 29 2016
,
Jul 19 2016
re #7, Change dismiss to discard actually won't affect the download feedback service. Do we need extra UI review for this? If not, I'll create a CL shortly.
,
Jul 19 2016
I think if we've already got a discard button elsewhere in the shelf, we can just switch to that w/o UI review.
,
Jul 19 2016
Sounds good! BTW, if we change "Dismiss to Discard". "clickjacking.dismiss_download" UMA metric will be gone too. There is no owner indicated in histograms.xml for this metric.
,
Jul 23 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/388b9dc52751cac09f531aef419c02d642e9bb9c commit 388b9dc52751cac09f531aef419c02d642e9bb9c Author: jialiul <jialiul@chromium.org> Date: Sat Jul 23 00:59:03 2016 Change Dismiss button to Discard and cancel download For malicious downloads, change the Dismiss button in DownloadItemView to Discard button and cancel download when user clicks on it. BUG= 594596 Review-Url: https://codereview.chromium.org/2164723002 Cr-Commit-Position: refs/heads/master@{#407324} [modify] https://crrev.com/388b9dc52751cac09f531aef419c02d642e9bb9c/chrome/app/generated_resources.grd [modify] https://crrev.com/388b9dc52751cac09f531aef419c02d642e9bb9c/chrome/app/nibs/DownloadItem.xib [modify] https://crrev.com/388b9dc52751cac09f531aef419c02d642e9bb9c/chrome/browser/ui/cocoa/download/download_item_controller.h [modify] https://crrev.com/388b9dc52751cac09f531aef419c02d642e9bb9c/chrome/browser/ui/cocoa/download/download_item_controller.mm [modify] https://crrev.com/388b9dc52751cac09f531aef419c02d642e9bb9c/chrome/browser/ui/views/download/download_item_view.cc [modify] https://crrev.com/388b9dc52751cac09f531aef419c02d642e9bb9c/chrome/browser/ui/views/download/download_item_view_md.cc [modify] https://crrev.com/388b9dc52751cac09f531aef419c02d642e9bb9c/tools/metrics/histograms/histograms.xml
,
Jul 23 2016
|
|||||||||
►
Sign in to add a comment |
|||||||||
Comment 1 by asanka@chromium.org
, Mar 14 2016