Implement Advanced Protection download protection prototype |
|
Issue descriptionBased on email discussion, we're considering one of two alternatives for the early implementation of download protection for Advanced Protection users. Both use a flag to enable/disable this higher protection, since this is still in prototyping. 1. Indicate in the download ping whether the user has enabled higher protection, then the server can return one of the current verdicts. 2. Add an additional verdict which indicates "If user has enabled higher protection, UNCOMMON, otherwise SAFE". The server can return this verdict whenever the user is AP (already in the download ping), and the client will sort out whether the user has the flag or not. I'd lean towards 2, since we'll eventually need an additional verdict indicating whether an unsafe download is due to SB or AP. (I think, depends on what UX settles on). Thoughts?
,
Jan 9
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/2991238c37ab1cc28996a5eb0357a975b9a78e9f commit 2991238c37ab1cc28996a5eb0357a975b9a78e9f Author: Daniel Rubery <drubery@chromium.org> Date: Wed Jan 09 01:58:49 2019 Client side changes for AP download protection This CL adds a boolean to ClientDownloadRequest indicating whether we should use the AP protections or not. It also adds a feature flag we can use for testing these protections. Bug: 917190 Change-Id: I4fc7ffc2a761f4339b3b2538be60b4232fd4d795 Reviewed-on: https://chromium-review.googlesource.com/c/1401239 Commit-Queue: Daniel Rubery <drubery@chromium.org> Reviewed-by: Varun Khaneja <vakh@chromium.org> Cr-Commit-Position: refs/heads/master@{#620997} [modify] https://crrev.com/2991238c37ab1cc28996a5eb0357a975b9a78e9f/chrome/browser/safe_browsing/download_protection/check_client_download_request.cc [modify] https://crrev.com/2991238c37ab1cc28996a5eb0357a975b9a78e9f/components/safe_browsing/features.cc [modify] https://crrev.com/2991238c37ab1cc28996a5eb0357a975b9a78e9f/components/safe_browsing/features.h [modify] https://crrev.com/2991238c37ab1cc28996a5eb0357a975b9a78e9f/components/safe_browsing/proto/csd.proto [modify] https://crrev.com/2991238c37ab1cc28996a5eb0357a975b9a78e9f/components/safe_browsing/web_ui/safe_browsing_ui.cc
,
Jan 10
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/91874e34b63f0cd3c1f957625508d0da80359492 commit 91874e34b63f0cd3c1f957625508d0da80359492 Author: Daniel Rubery <drubery@chromium.org> Date: Thu Jan 10 22:12:34 2019 Add chrome://flags entry for AP Download verdicts This flag will be used for testing out the new download protection verdicts for Advanced Protection users. Enabling this flag requests the new verdicts. Bug: 917190 Change-Id: I5649b7946685c20c5dcf9ec235678d746238b335 Reviewed-on: https://chromium-review.googlesource.com/c/1403981 Reviewed-by: Elly Fong-Jones <ellyjones@chromium.org> Commit-Queue: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#621773} [modify] https://crrev.com/91874e34b63f0cd3c1f957625508d0da80359492/chrome/browser/about_flags.cc [modify] https://crrev.com/91874e34b63f0cd3c1f957625508d0da80359492/chrome/browser/flag-metadata.json [modify] https://crrev.com/91874e34b63f0cd3c1f957625508d0da80359492/chrome/browser/flag_descriptions.cc [modify] https://crrev.com/91874e34b63f0cd3c1f957625508d0da80359492/chrome/browser/flag_descriptions.h [modify] https://crrev.com/91874e34b63f0cd3c1f957625508d0da80359492/tools/metrics/histograms/enums.xml |
|
►
Sign in to add a comment |
|
Comment 1 by drubery@chromium.org
, Jan 8