New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 813193 link

Starred by 3 users
Status: Fixed
Owner:
sorin@chromium.org
Closed: May 2018
Cc:
sorin@chromium.org
waff...@chromium.org
mevissen@chromium.org
asargent@chromium.org
mxnguyen@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Component Updater should send X-Google-Interactivity header

Project Member Reported by waff...@chromium.org, Feb 16 2018 
For all foreground updates, we should add the X-Google-Interactivity: fg header. For all background updates, we should add X-Google-Interactivity: bg.

Header spec is at https://github.com/google/omaha/blob/master/doc/ServerProtocolV3.md#request-headers

(The server's existing heuristic of using the presence of an app with 0.0.0.0 version is broken by Origin Trials always being 0.0.0.0.)

Comment 1 by sorin@chromium.org, Feb 16 2018

Status: Started (was: Untriaged)

Comment 3 by waff...@chromium.org, Feb 17 2018 

Thanks for pointing that out, it is X-GoogleUpdate-Interactivity.
Project Member

Comment 4 by bugdroid1@chromium.org, Feb 21 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d907dbf665796695536ca556e360c7d13a7d519d

commit d907dbf665796695536ca556e360c7d13a7d519d
Author: Sorin Jianu <sorin@chromium.org>
Date: Wed Feb 21 17:18:29 2018

Component Updater should send X-GoogleUpdate-Interactivity header.

This header is sent only for update check requests. Therefore,there
is an optional type to indicate abstract out both the presence and
the value of the header.

Bug:  813193 
Change-Id: I3de36b885cbea0ec7b56886ec7223ad486cfe2fb
Reviewed-on: https://chromium-review.googlesource.com/925453
Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org>
Reviewed-by: Joshua Pawlicki <waffles@chromium.org>
Commit-Queue: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#538140}
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/chrome/browser/policy/policy_browsertest.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/ping_manager.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/ping_manager_unittest.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/request_sender.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/request_sender.h
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/request_sender_unittest.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/update_checker.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/update_checker.h
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/update_checker_unittest.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/update_client_unittest.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/update_engine.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/url_request_post_interceptor.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/url_request_post_interceptor.h
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/utils.cc
[modify] https://crrev.com/d907dbf665796695536ca556e360c7d13a7d519d/components/update_client/utils.h

Comment 5 by sorin@chromium.org, Feb 28 2018

Owner: sorin@chromium.org
Project Member

Comment 6 by bugdroid1@chromium.org, Feb 28 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69

commit a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69
Author: Sorin Jianu <sorin@chromium.org>
Date: Wed Feb 28 16:53:34 2018

Added X-GoogleUpdate-Updater and X-GoogleUpdate-AppId headers to CUS.

As part of the ddos mitigations, implemented all three ddos headers in
the component updater. The base::Optional implementation of the
feature is removed. Instead, the headers are passed using a map of
string to string.

There is an unrelated error handling change to invoke the callback if
for some reason, the caller is passing in no component id in the Update call.

Bug:  813193 
Change-Id: I26e86564c13c0a5991027a6612dcdefbf991bfab
Reviewed-on: https://chromium-review.googlesource.com/938636
Reviewed-by: Joshua Pawlicki <waffles@chromium.org>
Commit-Queue: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#539853}
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/ping_manager.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/ping_manager_unittest.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/protocol_builder.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/protocol_builder.h
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/protocol_builder_unittest.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/request_sender.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/request_sender.h
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/request_sender_unittest.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/update_checker.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/update_checker_unittest.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/update_client_unittest.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/update_engine.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/url_request_post_interceptor.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/utils.cc
[modify] https://crrev.com/a64a1e5fced9cdec11da2af4a1e8c7a87fe35b69/components/update_client/utils.h

Comment 7 by sorin@chromium.org, Mar 2 2018

Cc: mevissen@chromium.org asargent@chromium.org
 Issue 646476  has been merged into this issue.

Comment 8 by sorin@chromium.org, Mar 2 2018

Status: Fixed (was: Started)

Comment 9 by sorin@chromium.org, Mar 2 2018 

All three DDOS mitigation headers have been implemented.

Comment 10 by mevissen@chromium.org, Mar 9 2018

Status: Assigned (was: Fixed)
The header names have been changed, we need to make a string substitution to update them:

X-GoogleUpdate-Interactivity -> X-Goog-Update-Interactivity
X-GoogleUpdate-AppId         -> X-Goog-Update-AppId
X-GoogleUpdate-Updater       -> X-Goog-Update-Updater

Comment 12 by sorin@chromium.org, May 11 2018

Status: Fixed (was: Assigned)

Sign in to add a comment