Closed Bug 1275507 Opened 9 years ago Closed 9 years ago

XPCOM API to create SafeBrowsing v4 update request

Categories

(Toolkit :: Safe Browsing, defect)

Product:
Toolkit
Component:
Safe Browsing
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla50
Tracking Flags:
Tracking Status
firefox50 --- fixed

People

(Reporter: hchang, Assigned: hchang)

References

Details

(Whiteboard: #sbv4-m0)

Attachments

(1 file, 14 obsolete files)

Bug 1275507 - XPCOM API to create SB v4 update request.
58 bytes, text/x-review-board-request
francois
: review+
Details
Most likely the API will be nsIUrlClassifierUtils::MakeUpdateRequestV4
Blocks: 1274112
Depends on: 1275198
Assignee: nobody → hchang
Attachment #8756266 - Attachment is obsolete: true
Attached patch Part 3: Test case (obsolete) — Splinter Review
Attachment #8756805 - Flags: review?(francois)
Attachment #8756806 - Flags: review?(francois)
Attachment #8756807 - Flags: review?(francois)
Depends on: 1273412
Attachment #8756806 - Attachment is obsolete: true
Attachment #8756806 - Flags: review?(francois)
Attachment #8756805 - Flags: review?(francois)
Attachment #8756807 - Flags: review?(francois)
Attachment #8757912 - Attachment is obsolete: true
Blocks: safebrowsingv4
Attachment #8756805 - Flags: review?(francois)
Attachment #8756807 - Flags: review?(francois)
Attachment #8758603 - Flags: review?(francois)
Comment on attachment 8758603 [details] [diff] [review] Part 2: nsIUrlClassifierUtils.makeUpdateRequestV4 impl Review of attachment 8758603 [details] [diff] [review]: ----------------------------------------------------------------- Let merge patches 1 and 2 since Part 1 is so small :) ::: toolkit/components/url-classifier/nsUrlClassifierUtils.cpp @@ +81,5 @@ > + > +static PlatformType > +GetPlatformType() > +{ > + ////////////////////////////////////////////////////////// I'd rather not import all of this Chromium stuff when we can just use our own XP_WIN, XP_MACOSX and XP_LINUX. The only place where we'll have to be careful is Android where apparently we need to look for "#ifdef ANDROID". Eventually Android will be using a completely different Safe Browsing API anyways. @@ +158,5 @@ > + aListUpdateRequest->set_threat_type(aThreatType); > + aListUpdateRequest->set_platform_type(GetPlatformType()); > + aListUpdateRequest->set_threat_entry_type(URL); > + > + // Only RAW data is supported. TODO: Rice-Golomb encoded data. Maybe we should file a bug for Rice Golomb encoding now and put the bug number in here.
Attachment #8758603 - Flags: review?(francois) → review-
Attachment #8756805 - Flags: review?(francois)
Comment on attachment 8756807 [details] [diff] [review] Part 3: Test case Review of attachment 8756807 [details] [diff] [review]: ----------------------------------------------------------------- That's a neat way of testing this! ::: toolkit/components/url-classifier/tests/unit/test_safebrowsing_protobuf.js @@ +6,5 @@ > + let requestNoList = urlUtils.makeUpdateRequestV4([], [], 0); > + > + // Only one valid list name. > + let requestOneValid = > + urlUtils.makeUpdateRequestV4(["goog-phish-shavar"], ["AAAAAA"], 1); That should be "goog-phish-proto" as per my comment in bug 1273412. @@ +14,5 @@ > + urlUtils.makeUpdateRequestV4(["bad-list-name"], ["AAAAAA"], 1); > + > + // One valid and one invalid list name. > + let requestOneInvalidOneValid = > + urlUtils.makeUpdateRequestV4(["goog-phish-shavar", "bad-list-name"], Also "goog-phish-proto"
Attachment #8756807 - Flags: review?(francois) → review-
Attachment #8756805 - Attachment is obsolete: true
Attachment #8756807 - Attachment is obsolete: true
Attachment #8758603 - Attachment is obsolete: true
Attached patch Part 2: Test case (obsolete) — Splinter Review
Attachment #8769530 - Attachment is obsolete: true
Attachment #8769531 - Flags: review?(francois)
Attachment #8769539 - Flags: review?(francois)
Francois, Your review comments have been addressed in the new patches except that I use "goog4-*-proto" in the test case. Please refer to Bug 1273412, where I am asking if we should use "goog4-*-proto" instead of "goog-*-proto". Thanks.
Whiteboard: [sbv4-m0]
Whiteboard: [sbv4-m0] → #sbv4-m0
Attachment #8769539 - Flags: review?(francois) → review+
Comment on attachment 8769531 [details] [diff] [review] Part 2: Test case Review of attachment 8769531 [details] [diff] [review]: ----------------------------------------------------------------- Only one thing to change: "goog4" should be "goog"
Attachment #8769531 - Flags: review?(francois) → review+
Attachment #8769531 - Attachment is obsolete: true
Attachment #8769539 - Attachment is obsolete: true
Attachment #8771225 - Attachment description: Part 2: Functions to make update request for v4 → Part 2: Functions to make update request for v4 (carry r+)
Attachment #8771225 - Flags: review+
Attachment #8771225 - Attachment is obsolete: true
Attachment #8771261 - Flags: review+
Comment on attachment 8771260 [details] [diff] [review] Part 1: "Table name" (used by v2) to "threat type" (used by v4) conversion Hi Francois, Yes. Chromium is using SOCIAL_ENGINEERING_PUBLIC as well. Besides, in the very first "safebrowsing.proto" you shared with us, there's only "SOCIAL_ENGINEERING", which has the same enum value '2' (same as "SOCIAL_ENGINEERING_PUBLIC" in the up-to-date safebrowsing.proto I copied from Chromium). [1] https://cs.chromium.org/search/?q=SOCIAL_ENGINEERING_PUBLIC&sq=package:chromium&type=cs
Attachment #8771260 - Flags: review?(francois)
Attachment #8771260 - Flags: review?(francois)
Attachment #8771260 - Attachment is obsolete: true
Attachment #8771261 - Attachment is obsolete: true
Comment on attachment 8772670 [details] Bug 1275507 - XPCOM API to create SB v4 update request. Review request updated; see interdiff: https://reviewboard.mozilla.org/r/65412/diff/1-2/
Attachment #8772670 - Flags: review?(francois)
Attachment #8772671 - Flags: review?(francois)
Comment on attachment 8772671 [details] Bug 1275507 - Part 2: New nsIUrlClassifierUtils function to create update request. Review request updated; see interdiff: https://reviewboard.mozilla.org/r/65414/diff/1-2/
Comment on attachment 8772671 [details] Bug 1275507 - Part 2: New nsIUrlClassifierUtils function to create update request. Carry r+ from the last review.
Attachment #8772671 - Flags: review?(francois) → review+
No longer blocks: safebrowsingv4
Comment on attachment 8772670 [details] Bug 1275507 - XPCOM API to create SB v4 update request. https://reviewboard.mozilla.org/r/65412/#review62728 ::: toolkit/components/url-classifier/nsUrlClassifierUtils.cpp:130 (Diff revision 2) > _retval.Append(temp); > > return NS_OK; > } > > +// We will use "goog4-*-proto" as the list name for v4, where "goog4" nit: the comment should also be "goog", not "goog4" ::: toolkit/components/url-classifier/nsUrlClassifierUtils.cpp:138 (Diff revision 2) > +static const struct { > + const char* mListName; > + uint32_t mThreatType; > +} THREAT_TYPE_CONV_TABLE[] = { > + { "goog-phish-proto", SOCIAL_ENGINEERING_PUBLIC}, > + { "goog-malware-proto", MALWARE_THREAT}, nit: if these were in alphabetical order ("goog-malware" before "goog-phish") then they would also match the numerical order in `safebrowsing.proto`
Attachment #8772670 - Flags: review?(francois) → review+
Comment on attachment 8772671 [details] Bug 1275507 - Part 2: New nsIUrlClassifierUtils function to create update request. https://reviewboard.mozilla.org/r/65414/#review62730 r+ once you remove the extra return statement I pointed out. Also, you may want to combine these two patches. They're quite small and the second doesn't work without the first. ::: toolkit/components/url-classifier/nsUrlClassifierUtils.cpp:97 (Diff revision 2) > + return WINDOWS_PLATFORM; > +#else > + #error Unrecognized platform type. > +#endif > + > + return PLATFORM_TYPE_UNSPECIFIED; I think this is dead code. In the normal case, there will be two return statements in this function. In the case of a non-standard platform then it won't compile so we won't use this return statement.
Attachment #8772671 - Flags: review+
Comment on attachment 8772670 [details] Bug 1275507 - XPCOM API to create SB v4 update request. Review request updated; see interdiff: https://reviewboard.mozilla.org/r/65412/diff/2-3/
Attachment #8772670 - Attachment description: Bug 1275507 - Part 1: Create "threat type" to "list name" conversion function. → Bug 1275507 - XPCOM API to create SB v4 update request.
Attachment #8772671 - Attachment is obsolete: true
Pushed by hchang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/29ead859749a XPCOM API to create SB v4 update request. r=francois
https://hg.mozilla.org/mozilla-central/rev/29ead859749a
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox50: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
Depends on: 1288825
No longer depends on: 1275198
Depends on: 1288840
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: