Improve download warning logic for files on internal network |
||||||||
Issue descriptionIf the download file is hosted on a local network (e.g non-routable IPs), we probably should not show uncommon warning. However, we should still check and warn for malware/UwS.
,
Jun 30 2017
,
Aug 14 2017
+mortonm@, interested in taking a look?
,
Aug 14 2017
Sure, I can take a look :)
,
Aug 18 2017
Didn't have time to finish this CL, but I'll give some pointers for how it could be done: - DownloadItem object has member containing source IP address of the download https://cs.chromium.org/chromium/src/content/public/browser/download_item.h?rcl=793e8467869415cc6c07a6fde151a1c49e10c600&l=272 - Use a function like this one https://cs.chromium.org/chromium/src/chrome/browser/safe_browsing/client_side_detection_service.h?rcl=e478f74685cfc037c63a87ab25745a52ae251220&l=120 to check whether the source IP is on the internal network - For non-Mac, add an extra check here to avoid showing warning when file came from internal network and was labeled as uncommon: https://cs.chromium.org/chromium/src/chrome/browser/ui/views/download/download_item_view.cc?rcl=960de3d987f6b5e35fac71e448c2c4e73775fba7&l=279 - For Mac, this seems like the place to do the equivalent thing: https://cs.chromium.org/chromium/src/chrome/browser/ui/cocoa/download/download_item_controller.mm?rcl=7c6511d4eed31fa175d7d29f933f1c7c35e3ae8e&l=142
,
Nov 10 2017
,
Feb 18 2018
,
Apr 3 2018
,
Apr 16 2018
Issue 450684 has been merged into this issue.
,
May 30 2018
The non-routable IP check is done on the backend (added after this bug was filed). So this should be fixed. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by vakh@chromium.org
, Jun 30 2017