PageInfo Strings for Safe Browsing - Desktop |
||||||
Issue descriptionPlease update PageInfo Strings for Safe Browsing sites. Please track desktop only in this bug. Adrienne added logic to connect SB to Security State. I'm not sure if it's divided by list type though or just one bit for all of SB. If it's hard to read the list LMK and we can do a more generic string. If a site is flagged as Malware: Heading: “This site contains malware“ Details: “Attackers on this site might attempt to install dangerous programs on your computer that steal or delete your information (for example, photos, passwords, messages, and credit cards).” If a site is flagged as Social Engineering: Heading: “This site is deceptive“ Details: “Attackers on this site may trick you into doing something dangerous like installing software or revealing your personal information (for example, passwords, phone numbers, or credit cards).” If a site is flagged as UwS: Heading: “This site contains harmful programs” Details: “Attackers on this site might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).”
,
Sep 13 2016
BTW @lucas I assume you'd be the one to change this since you're doing the MD changes for PageInfo but if its not you LMK!
,
Sep 16 2016
Right now it's just one bit for all of SB. SafeBrowsing::UIManager::UnsafeResource doesn't distinguish between the different types of threats. It is a doable but non trivial change to track the 3 different kinds separately. Emily, what milestone do you want this for?
,
Sep 16 2016
Actually the UnsafeResource does have an SBThreatType which should do the trick.
,
Sep 16 2016
We could roll this into the MD PageInfo changes in 55 if it's simple, if not, we should prioritize HTTP bad work.
,
Sep 16 2016
nparker: Sorry, I misspoke. The WhitelistUrlSet (which is how we store this) doesn't save this info from the UnsafeResource, it just saves the URL. We could switch to a more complex data structure with pairs tho.
,
Sep 16 2016
We could potentially write a generic Safe Browsing string.... "site is dangerous".... to hold us over, if this is super difficult.
,
Nov 3 2016
,
Nov 3 2016
Issue 657296 has been merged into this issue.
,
Nov 4 2016
,
Nov 4 2016
,
Nov 9 2016
Issue 654627 has been merged into this issue.
,
Nov 10 2016
See Issue 424030 for the Android bug.
,
Nov 11 2016
,
Nov 11 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7ffa8c6bfc4f532cef64baa3944568c3f5939c89 commit 7ffa8c6bfc4f532cef64baa3944568c3f5939c89 Author: estark <estark@chromium.org> Date: Fri Nov 11 23:21:55 2016 Expose malware/phishing/etc. distinction from SafeBrowsingUIManager SafeBrowsingUIManager reports whether a URL is whitelisted (or pending to be whitelisted), but does not report the type of threat for which the URL is whitelisted. This CL returns a SBThreatType from the whitelist lookup methods, which is used to set a SecurityInfo::malicious_content_status field, replacing the old boolean fails_malware_check field that didn't capture the type of threat. A follow-up CL will use the new |malicious_content_status| field to set WebsiteSettings (page info bubble) strings appropriately. BUG= 646629 Review-Url: https://codereview.chromium.org/2481743009 Cr-Commit-Position: refs/heads/master@{#431684} [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/chrome/browser/safe_browsing/ui_manager.cc [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/chrome/browser/safe_browsing/ui_manager.h [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/chrome/browser/safe_browsing/ui_manager_unittest.cc [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/chrome/browser/ssl/chrome_security_state_model_client.cc [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/chrome/browser/ui/toolbar/chrome_toolbar_model_delegate.cc [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/components/security_state/security_state_model.cc [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/components/security_state/security_state_model.h [modify] https://crrev.com/7ffa8c6bfc4f532cef64baa3944568c3f5939c89/components/security_state/security_state_model_unittest.cc
,
Nov 14 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/fcfccdb87b62d03ab73ad3557fdfe6b99bfc4666 commit fcfccdb87b62d03ab73ad3557fdfe6b99bfc4666 Author: estark <estark@chromium.org> Date: Mon Nov 14 02:17:29 2016 Add WebsiteSettings strings for malware/UwS/phishing This CL shows appropriate security summary/description strings when a page has been flagged as malware/social engineering/unwanted software. Follow-up to https://codereview.chromium.org/2481743009/ Also removes unused string IDS_WEBSITE_SETTINGS_SECURE_TRANSPORT as a drive-by. BUG= 646629 , 657231 TEST=For each link under Webpage Warnings, repeat the following steps: 1. Visit http://testsafebrowsing.appspot.com in a new tab. 2. Follow the Webpage Warning link. 3. Click the "Dangerous" indicator in the omnibox. 4. Check that the following text appears: phishing.html: This site is deceptive Attackers on this site may trick you into doing something dangerous like installing software or revealing your personal information (for example, passwords, phone numbers, or credit cards). malware.html: This site contains malware Attackers on this site might attempt to install dangerous programs on your computer that steal or delete your information (for example, photos, passwords, messages, and credit cards). unwanted.html: This site contains harmful programs Attackers on this site might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit). Review-Url: https://codereview.chromium.org/2497673002 Cr-Commit-Position: refs/heads/master@{#431818} [modify] https://crrev.com/fcfccdb87b62d03ab73ad3557fdfe6b99bfc4666/chrome/app/generated_resources.grd [modify] https://crrev.com/fcfccdb87b62d03ab73ad3557fdfe6b99bfc4666/chrome/browser/ui/website_settings/website_settings.cc [modify] https://crrev.com/fcfccdb87b62d03ab73ad3557fdfe6b99bfc4666/chrome/browser/ui/website_settings/website_settings.h [modify] https://crrev.com/fcfccdb87b62d03ab73ad3557fdfe6b99bfc4666/chrome/browser/ui/website_settings/website_settings_ui.cc [modify] https://crrev.com/fcfccdb87b62d03ab73ad3557fdfe6b99bfc4666/chrome/browser/ui/website_settings/website_settings_unittest.cc
,
Nov 14 2016
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by emilyschechter@chromium.org
, Sep 13 2016