Closed Bug 1303393 Opened 8 years ago Closed 2 years ago

Use the Google Play Services 9.4 API for Safe Browsing on Fennec

Categories

(Toolkit :: Safe Browsing, defect, P3)

defect

Tracking

()

RESOLVED INCOMPLETE

People

(Reporter: francois, Unassigned)

References

Details

The latest release of Google Play Services (https://developers.google.com/android/guides/releases#august_1_-_v94) allows all Android developers to make use of the system Safe Browsing component. We should use this in order to reduce Fennec data/power usage as well as improve detection of malware.

Documentation is at https://developer.android.com/training/safebrowsing/index.html
Blocks: 974207
Assignee: nobody → hchang
Whiteboard: #sbv4-m3
Priority: P3 → P2
Whiteboard: #sbv4-m3 → #sbv4-m4
Whiteboard: #sbv4-m4 → #sbv4-m6
Hi Francois,

I just flagged you to review this patch but it depends on Bug 1276826.
Depends on: 1276826
Flags: needinfo?(francois)
(In reply to Henry Chang [:henry][:hchang] from comment #1)
> Hi Francois,
> 
> I just flagged you to review this patch but it depends on Bug 1276826.

Submitted accidentally :( 

Probably 3 days are not enough to get the review done . However, this is the 
last mile to a complete v4 implementation (except caching and noise). 
No hurry but I am ambitious to land this patch if you don't see any big issue 
in the patch :p
(In reply to Henry Chang [:henry][:hchang] from comment #1)
> I just flagged you to review this patch but it depends on Bug 1276826.

Which patch are you talking about?
Flags: needinfo?(francois) → needinfo?(hchang)
(In reply to François Marier [:francois] from comment #3)
> (In reply to Henry Chang [:henry][:hchang] from comment #1)
> > I just flagged you to review this patch but it depends on Bug 1276826.
> 
> Which patch are you talking about?

oops I meant Bug 1312339 :p Please ignore the comments in this bug :(
Flags: needinfo?(hchang)
Assignee: hchang → nobody
Priority: P2 → P3
Whiteboard: #sbv4-m6
Whiteboard: #sbv4-m8
Is this on our radar? What's the timeframe?

This would be a pretty big win from a partner perspective.
(In reply to Mike Kaply [:mkaply] from comment #5)
> Is this on our radar? What's the timeframe?
> 
> This would be a pretty big win from a partner perspective.

We are focusing on desktop at the moment because we have a hard deadline there (end of this year). Once we've shipped V4 on desktop, we can take a look at the Google Play Services API.

If someone on the Fennec side wanted to take the lead on this though, we could help with refactoring / reviewing code.
FYI: We are currently considering adding the Play Services API for supporting safe browsing in Focus for Android (early investigation). There might be the opportunity to share some of the code or hands-on experience.
My team can probably take this. François, we'd probably just want to implement an entirely new nsIUrlClassifierDBService, since we don't need any of the existing code for updating tables, etc? Have you thought much about how we would integrate a foreign classifier?
Flags: needinfo?(francois)
(In reply to James Willcox (:snorp) (jwillcox@mozilla.com) from comment #8)
> Have you thought much about how we would integrate a foreign classifier?

I was planning to discuss it with Henry and Dimi next month when we get together in Taipei.

Would that be too late? What's your timeframe for starting this work?
Flags: needinfo?(francois) → needinfo?(snorp)
(In reply to François Marier [:francois] from comment #9)
> (In reply to James Willcox (:snorp) (jwillcox@mozilla.com) from comment #8)
> > Have you thought much about how we would integrate a foreign classifier?
> 
> I was planning to discuss it with Henry and Dimi next month when we get
> together in Taipei.
> 
> Would that be too late? What's your timeframe for starting this work?

No specific time frame, so that sounds fine.
Flags: needinfo?(snorp)
Depends on: 1370753
Sorry for the delay in getting back to you. I just realized I hadn't updated this bug since the work week.

This is the rough design we came up with: https://docs.google.com/document/d/1Yp0NqosTJuO10vRGFrQxIsjAt40ZkJ4RmaxprJUTKCM/edit?usp=sharing
Whiteboard: #sbv4-m8 → #sbv4-m9
(In reply to François Marier [:francois] from comment #11)
> https://docs.google.com/document/d/
> 1Yp0NqosTJuO10vRGFrQxIsjAt40ZkJ4RmaxprJUTKCM/edit?usp=sharing

Moved to https://public.etherpad-mozilla.org/p/sbgoogleplay so that it can be edited easily with history.
Blocks: 1377976
No longer blocks: safebrowsingv4
No longer depends on: 1276826
Whiteboard: #sbv4-m9
(In reply to François Marier [:francois] from comment #12)
> Moved to https://public.etherpad-mozilla.org/p/sbgoogleplay so that it can
> be edited easily with history.

...and copying to Bugzilla since Etherpad is getting axed:

New preferences

- browser.safebrowsing.provider.googleplay.enabled (boolean)
- browser.safebrowsing.provider.googleplay.reportURL (string)


Changes to BeginConnect(?)

1. If we are on Fennec (#ifdef) and browser.safebrowsing.provider.googleplay.enabled is true, then run the URL through the GooglePlaySafeBrowsingService.

1.1 [nalexander] GPSBS is implemented in Java, correct?  So this is a JNI call?  That means no xpcshell tests, and I expect to need some small labour to make the JNI wrapper generation work for such a conditional third-party library.

2. If that returned a hit, then exit immediately with the relevant error code (TODO) and set the provider to “googleplay” (for the warning pages).

3. Then call into the DBService as usual.


GooglePlaySafeBrowsingService

1. Check whether or not the version of Google Play is recent enough.

2. Look at the value of browser.safebrowsing.malware.enabled and browser.safebrowsing.phishing.enabled and call the lookup API the the URL

2.1 [nalexander]  In general, it's not trivial for Java code to inspect Gecko prefs.  Life will be much easier if the invoking Gecko code provides or otherwise acts on the value of the prefs.  (This might not be as true now as it once was, but in general pref reads are asynchronous on the Java side.)

3. Return the relevant error.


Build option

If building with Google Play support:

- browser.safebrowsing.provider.googleplay.enabled = true
- urlclassifier.malwareTable = “test-malware-simple,test-unwanted-simple”
- urlclassifier.phishTable = “test-phish-simple”


If building without Google Play support:

- browser.safebrowsing.provider.googleplay.enabled = false
- Leave urlclassifier.malwareTable and urlclassifier.phishTable set to their default (Desktop) values.
- [nalexander] You'll need some dummy implementation of the GPSBS, since you won't be able to compile the Java at all if MOZ_NATIVE_DEVICES (which, paradoxically, controls GPS on the Java side) isn't defined.  This isn't hard, it just needs to be done.

Fennec is EoS.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.