Closed Bug 1751920 Opened 5 months ago Closed 5 months ago

Sanitize search engine values on ingestion

Categories

(Fenix :: Security: Android, defect, P1)

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: royang, Assigned: royang)

References

Details

(Whiteboard: [data-quality])

Attachments

(1 file, 3 obsolete files)

+++ This bug was initially created as a clone of Bug #1751753 +++

We need to sanitize the keys of the search_counts histogram during ingestion based on an allowlist of known engines.

Per :standard8:

From a desktop perspective, we’re going to have this list in remote settings (existing version using prefixes), and that also gets updated a few days after remote settings into the main repositories.

From a BQ perspective, the histogram exists in main_v4 under payload.keyed_histograms.search_counts, which is a key/value struct.

From the JSON perspective, the histogram would be paylod.keyedHistograms.SEARCH_COUNTS with potential casing differences we'll need to account for.

The structure of the histogram is documented in Histograms.json:

Records search counts for search access points and in-content searches. For search access points in general, the format is: <engine-name>.<search-access-point> For the urlbar when in search mode, the format is <engine name>.urlbar-searchmode For the urlbar when an internal @engine shortcut is used, the format is: <engine-name>.alias For in-content searches, the format is <provider>.in-content:[sap|sap-follow-on|organic]:[code|none]

Assignee: nobody → royang
Attached patch code_validate_1.patch (obsolete) — Splinter Review
Attachment #9260615 - Flags: review?(jonalmeida942)
Group: mozilla-employee-confidential, partner-confidential
Attached patch code_validate_2.patch (obsolete) — Splinter Review
Attachment #9260615 - Attachment is obsolete: true
Attachment #9260615 - Flags: review?(jonalmeida942)
Attachment #9260652 - Flags: review?(jonalmeida942)
See Also: → 1751955
Attached patch code_validate_3.patch (obsolete) — Splinter Review
Attachment #9260652 - Attachment is obsolete: true
Attachment #9260652 - Flags: review?(jonalmeida942)
Attachment #9260690 - Flags: review?(jonalmeida942)
Attachment #9260690 - Flags: review?(jonalmeida942) → review+
Group: mobile-core-security → mozilla-employee-confidential
Attachment #9260690 - Attachment is obsolete: true
Attachment #9260720 - Flags: review?(jonalmeida942)

Comment on attachment 9260720 [details] [diff] [review]
code_validate_4.patch

Looks good. (corrections were based on test failures)

Attachment #9260720 - Flags: review?(jonalmeida942) → review+
Status: NEW → RESOLVED
Closed: 5 months ago
Resolution: --- → FIXED
Group: mozilla-employee-confidential
You need to log in before you can comment on or make changes to this bug.