Status Update
Comments
ap...@google.com <ap...@google.com> #2
Branch: main
commit 168fdf4afaef9b6b34a9fee9a9dd5c80dd3381e6
Author: Daniel Rubery <drubery@chromium.org>
Date: Tue May 21 22:21:15 2024
Add new methods to SafetyNetApiHandler interface for app verification
This CL adds two new methods to the SafetyNetApiHandler interface for
tracking app verification status. These will ultimately call
implementations in the SafetyNetClient:
Currently, the implementations of these interfaces use trivial default
implementations since the real implementations will need to be made in
the internal repository.
Bug: 341790041
Change-Id: I3e1430831f6d662fef5a60f2cd0db8ce0b9db1e8
Reviewed-on:
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Code-Coverage: findit-for-me@appspot.gserviceaccount.com <findit-for-me@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1304086}
M components/safe_browsing/android/java/src/org/chromium/components/safe_browsing/SafetyNetApiHandler.java
ap...@google.com <ap...@google.com> #3
Branch: main
commit 026051c6122938a41d1c4bbcce50f180457e266d
Author: Daniel Rubery <drubery@chromium.org>
Date: Wed May 22 21:21:29 2024
Extend SafeBrowsingApiBridge to support app verification methods
This adds the JNI bridge for the methods added in
Low-Coverage-Reason: COVERAGE_UNDERREPORTED Not actually uncovered, filed
Bug: 341790041
Change-Id: I2a293720a5270837e7e0262a108a1f1ba1369464
Reviewed-on:
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1304690}
M components/safe_browsing/android/java/src/org/chromium/components/safe_browsing/SafeBrowsingApiBridge.java
M components/safe_browsing/android/java/src/org/chromium/components/safe_browsing/SafetyNetApiHandler.java
M components/safe_browsing/android/native_java_unittests/src/org/chromium/components/safe_browsing/SafeBrowsingApiHandlerBridgeNativeUnitTestHelper.java
M components/safe_browsing/android/safe_browsing_api_handler_bridge.cc
M components/safe_browsing/android/safe_browsing_api_handler_bridge.h
M components/safe_browsing/android/safe_browsing_api_handler_bridge_unittest.cc
M components/safe_browsing/android/safe_browsing_api_handler_util.h
ap...@google.com <ap...@google.com> #4
Change-Id: Icd726c61b08e9f8edd4fdf31ed1e060bbcba358d
ap...@google.com <ap...@google.com> #5
Branch: main
commit c4471876da936ff617a3d09e008c77965c55d721
Author: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Date: Thu May 23 17:48:04 2024
Roll clank/internal/apps from 528e3ea3f67f to 5781ae13953c (1 revision)
If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
Please CC chrome-brapp-engprod@google.com,hanxi@google.com on the revert to ensure that a human
is aware of the problem.
To report a problem with the AutoRoller itself, please file a bug:
Documentation for the AutoRoller is here:
Bug: chromium:341790041
Tbr: hanxi@google.com
No-Try: true
Change-Id: I403266d00c405e83835c8cb61b01f051d5487ea4
Reviewed-on:
Commit-Queue: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Bot-Commit: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1305204}
M DEPS
M clank
ap...@google.com <ap...@google.com> #6
Change-Id: Ibc56cc52d36ac1e29252a38f6b06fd9e6b219570
ap...@google.com <ap...@google.com> #7
Branch: main
commit d8d7179b1dcaa0a643ffc4f30fb6c14d574eb185
Author: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Date: Tue May 28 22:20:27 2024
Roll clank/internal/apps from a6e8c553619e to d1638cbb96ab (1 revision)
If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
Please CC chrome-brapp-engprod@google.com,ntfschr@google.com on the revert to ensure that a human
is aware of the problem.
To report a problem with the AutoRoller itself, please file a bug:
Documentation for the AutoRoller is here:
Bug: chromium:341790041
Tbr: ntfschr@google.com
No-Try: true
Change-Id: I0404fa27f26adc6658f9c81b9f5beee19d9bd278
Reviewed-on:
Commit-Queue: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Bot-Commit: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1307077}
M DEPS
M clank
ap...@google.com <ap...@google.com> #8
Branch: main
commit b583d829099aed4b77e16730689741967c509430
Author: Daniel Rubery <drubery@chromium.org>
Date: Wed May 29 17:34:31 2024
Add fieldtrial testing config for app verification
Bug: 341790041
Change-Id: I10e06d84eadd2b646f0d4a6770639ec579e11efc
Reviewed-on:
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1307537}
M testing/variations/fieldtrial_testing_config.json
ap...@google.com <ap...@google.com> #9
Branch: main
commit c21494a003b91f4734a9f171155d0a4001591b3b
Author: Daniel Rubery <drubery@chromium.org>
Date: Wed May 29 17:33:51 2024
Add app verification to Android DownloadController
This CL extends the dangerous download flow in the DownloadController to
include a prompt to enable app verification when not currently enabled.
NO_IFTTT=Changes to VerifyAppsEnabledResult do not need to be reflected on the Java side
Bug: 341790041
Change-Id: I3741f2555e1513a935862744c97a2bb3795a81ac
Reviewed-on:
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Reviewed-by: Min Qin <qinmin@chromium.org>
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1307536}
M chrome/browser/BUILD.gn
M chrome/browser/download/android/download_controller.cc
M chrome/browser/download/android/download_controller.h
M components/safe_browsing/android/safe_browsing_api_handler_util.h
M components/safe_browsing/core/common/features.cc
M components/safe_browsing/core/common/features.h
M tools/metrics/histograms/metadata/sb_client/enums.xml
M tools/metrics/histograms/metadata/sb_client/histograms.xml
dr...@chromium.org <dr...@chromium.org> #10
I noticed that it seems like enableAppVerification is returning early with the current state. That's going to be a problem for our metrics, and doesn't create great UX (the "File might be harmful" prompt pops up behind the "Turn on Play Protect?" prompt).
I'm not sure if this is because of my emulator and some custom Play Store work, so I'll need to test on a real device once
ap...@google.com <ap...@google.com> #11
Branch: main
commit bdc8576287c548b3d131437532794cb980b792c4
Author: Daniel Rubery <drubery@chromium.org>
Date: Wed May 29 20:11:04 2024
Remove default implementations of SafetyNetApiHandler app verification methods
The default implementations were added so we could land implementations
in clank internal without breaking the build. That's now done, so we no
longer need the defaults.
Bug: 341790041
Change-Id: Ibeb0892a0e414c15eecca20dec6e45bbe4bb8f6e
Reviewed-on:
Reviewed-by: Nate Fischer <ntfschr@chromium.org>
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Reviewed-by: Andrew Grieve <agrieve@chromium.org>
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1307656}
M android_webview/javatests/src/org/chromium/android_webview/test/SafeBrowsingTest.java
M chrome/android/javatests/src/org/chromium/chrome/browser/MockSafetyNetApiHandler.java
M components/safe_browsing/android/java/src/org/chromium/components/safe_browsing/SafetyNetApiHandler.java
dr...@chromium.org <dr...@chromium.org> #12
Struggled to reproduce the metrics issue on my physical device, so filed internal bug
ap...@google.com <ap...@google.com> #13
Branch: main
commit 4af93844f30c756c41391480d69ce0464e4d347c
Author: Daniel Rubery <drubery@chromium.org>
Date: Thu May 30 18:28:27 2024
Disable SafeBrowsingGooglePlayProtectPrompt
In light of
flag until we're confident the feature is fully implemented.
Bug: 341790041
Change-Id: I0d6467226c8d7ae8b8d7652c64dd24c0b5870ca3
Reviewed-on:
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Auto-Submit: Daniel Rubery <drubery@chromium.org>
Commit-Queue: Xinghui Lu <xinghuilu@chromium.org>
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1308148}
M components/safe_browsing/core/common/features.cc
dr...@chromium.org <dr...@chromium.org> #14
Was able to reproduce
- DangerousDownloadDialogBridge should take callbacks for when the dialog is interacted with
- DownloadAppVerificationRequest will show the dialog and handle the callbacks (probably renaming that class to something like "DangerousDownloadRequest")
- When the dialog completes showing, we re-query isVerifyAppsEnabled to see if the user accepted/rejected.
va...@chromium.org <va...@chromium.org> #15
so filed internal bug
b/343739675
Is this a g3 Buganizer bug (I couldn't access it with my @google.com account) or a Chromium Buganizer bug (if so, I couldn't access it with my Chromium account either)
Edit: I was able to access it with my @google.com account after a refresh.
ap...@google.com <ap...@google.com> #16
Branch: main
commit b4c6f6c25ce944c1d8a7b50a3ae1e579a2299f26
Author: Daniel Rubery <drubery@chromium.org>
Date: Wed Jun 05 19:21:35 2024
Prevent multiple DownloadAppVerificationRequests
It's possible to have multiple calls to OnDownloadUpdated while a
dangerous download dialog is showing. This creates invalid metrics in
the DownloadAppVerificationRequest since we start multiple requests for
a single download. This CL keys requests by `DownloadItem` to ensure
that only one is active for an item at any time.
Bug: 341790041
Change-Id: Ia56abb2067d2035cdc1bc60e76e411e22515032a
Reviewed-on:
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1310813}
M chrome/browser/download/android/download_controller.cc
M chrome/browser/download/android/download_controller.h
ap...@google.com <ap...@google.com> #17
Branch: main
commit f92153c04214a52055ef61eb9770dd34b17e244f
Author: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Date: Thu Jun 06 17:29:51 2024
Roll clank/internal/apps from 47815190b025 to edb2d46b1957 (2 revisions)
If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
Please CC chrome-brapp-engprod@google.com,gangwu@google.com on the revert to ensure that a human
is aware of the problem.
To report a problem with the AutoRoller itself, please file a bug:
Documentation for the AutoRoller is here:
Bug: chromium:341790041,chromium:345415325
Tbr: gangwu@google.com
No-Try: true
Change-Id: Ia8fc580578f1c4f713b7028e338dcde69fd543a4
Reviewed-on:
Commit-Queue: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Bot-Commit: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1311379}
M DEPS
M clank
dr...@chromium.org <dr...@chromium.org> #18
Nope,
ap...@google.com <ap...@google.com> #19
Branch: main
commit 729d5fb65fbb233217ad8b289119baf197dc355b
Author: Daniel Rubery <drubery@chromium.org>
Date: Thu Jun 06 20:44:56 2024
Re-enable SafeBrowsingGooglePlayProtectPrompt
Now that the metrics and some crashes have been fixed, we can re-enable
this feature.
Fixed: 341790041
Change-Id: I2143c931dca1dd114b6890b2ed5064b2398b91e3
Reviewed-on:
Auto-Submit: Daniel Rubery <drubery@chromium.org>
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Commit-Queue: Xinghui Lu <xinghuilu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1311525}
M components/safe_browsing/core/common/features.cc
dr...@chromium.org <dr...@chromium.org>
ap...@google.com <ap...@google.com> #20
Branch: main
commit 3bcf8ae81c6b3c5ff6b6ba3b41c4d392b5290606
Author: Daniel Rubery <drubery@chromium.org>
Date: Wed Jul 24 00:07:49 2024
Add chrome://flags entry for Google Play Protect prompt
This CL adds an entry in chrome://flags for this launch, so we can allow
testers to evaluate the feature before enabling it by default.
Bug: 341790041
Change-Id: I6edda509e8c895d81532675e9ab94aa9c1fb6327
Reviewed-on:
Commit-Queue: Xinghui Lu <xinghuilu@chromium.org>
Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
Auto-Submit: Daniel Rubery <drubery@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1332055}
M chrome/browser/about_flags.cc
M chrome/browser/flag-metadata.json
M chrome/browser/flag_descriptions.cc
M chrome/browser/flag_descriptions.h
M tools/metrics/histograms/enums.xml
Description
This tracks the implementation of this design doc. Also see prototype CLs here and here