Simplified domains: ignore private registries

This CL ignores private registries when computing the simplified domain, i.e. registrable domain. For example, "foo.example.com" will be simplified to "example.com", and "foo.blogspot.com" will be simplified to "blogspot.com". (Note that as of https://chromium-review.googlesource.com/c/chromium/src/+/2337761, the simplified domain logic only applies in unusual cases; most of the time, we show the full hostname). The reason for ignoring private registries is that we don't want to create negative incentives for malicious websites to add themselves as private registries to the Public Suffix List. This policy isn't perfect, but we think it best balances the security benefit of eliding malicious subdomains while minimally impacting benign websites that use subdomains. Bug: 1106962 Change-Id: Ifb75a510707c1dcac0825f899625069656838932 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2356936Reviewed-by: Tommy Li <tommycli@chromium.org> Commit-Queue: Emily Stark <estark@chromium.org> Cr-Commit-Position: refs/heads/master@{#798230}

Simplified domains: ignore private registries
This CL ignores private registries when computing the simplified domain, i.e. registrable domain. For example, "foo.example.com" will be simplified to "example.com", and "foo.blogspot.com" will be simplified to "blogspot.com". (Note that as of https://chromium-review.googlesource.com/c/chromium/src/+/2337761, the simplified domain logic only applies in unusual cases; most of the time, we show the full hostname). The reason for ignoring private registries is that we don't want to create negative incentives for malicious websites to add themselves as private registries to the Public Suffix List. This policy isn't perfect, but we think it best balances the security benefit of eliding malicious subdomains while minimally impacting benign websites that use subdomains. Bug: 1106962 Change-Id: Ifb75a510707c1dcac0825f899625069656838932 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2356936Reviewed-by: Tommy Li <tommycli@chromium.org> Commit-Queue: Emily Stark <estark@chromium.org> Cr-Commit-Position: refs/heads/master@{#798230}
26234395 · Emily Stark · Commit Bot · c10e2b60 · 26234395 · 26234395
Commit 26234395 authored Aug 14, 2020 by Emily Stark Committed by Commit Bot Aug 14, 2020
3 changed files
--- a/chrome/browser/ui/views/omnibox/omnibox_view_views.cc
+++ b/chrome/browser/ui/views/omnibox/omnibox_view_views.cc
@@ -2465,7 +2465,7 @@ gfx::Range OmniboxViewViews::GetSimplifiedDomainBounds(
  // TODO(estark): push this inside ParseForEmphasizeComponents()?
  base::string16 simplified_domain = url_formatter::IDNToUnicode(
      net::registry_controlled_domains::GetDomainAndRegistry(
-          url, net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES));
+          url, net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES));

  if (simplified_domain.empty()) {
    ranges_surrounding_simplified_domain->emplace_back(0, host.begin);

--- a/chrome/browser/ui/views/omnibox/omnibox_view_views.h
+++ b/chrome/browser/ui/views/omnibox/omnibox_view_views.h
@@ -179,6 +179,7 @@ class OmniboxViewViews : public OmniboxView,
 private:
  FRIEND_TEST_ALL_PREFIXES(OmniboxViewViewsRevealOnHoverTest, HoverAndExit);
  FRIEND_TEST_ALL_PREFIXES(OmniboxViewViewsRevealOnHoverTest, HoverAndExitIDN);
+  FRIEND_TEST_ALL_PREFIXES(OmniboxViewViewsRevealOnHoverTest, PrivateRegistry);
  FRIEND_TEST_ALL_PREFIXES(
      OmniboxViewViewsHideOnInteractionAndRevealOnHoverTest,
      UserInteractionAndHover);

--- a/chrome/browser/ui/views/omnibox/omnibox_view_views_unittest.cc
+++ b/chrome/browser/ui/views/omnibox/omnibox_view_views_unittest.cc
@@ -1854,6 +1854,47 @@ TEST_P(OmniboxViewViewsRevealOnHoverTest, HoverAndExitIDN) {
      kSimplifiedDomainDisplayIDNUrlPath, ShouldElideToRegistrableDomain()));
 }

+// Tests the field trial variation that shows a simplified domain by default
+// using a private registry (https://publicsuffix.org/list/). Private registries
+// should be ignored when computing the simplified domain, to avoid creating
+// incentives for malicious sites to add themselves to the Public Suffix List.
+TEST_P(OmniboxViewViewsRevealOnHoverTest, PrivateRegistry) {
+  // This test is only applicable when we elide to the registrable domain;
+  // otherwise private vs public registries are irrelevant.
+  if (!ShouldElideToRegistrableDomain())
+    return;
+
+  const base::string16 kSimplifiedDomainDisplayPrivateRegistryUrl =
+      base::UTF8ToUTF16("https://foo.blogspot.com/bar");
+  const base::string16
+      kSimplifiedDomainDisplayPrivateRegistryUrlHostnameAndScheme =
+          base::UTF8ToUTF16("https://foo.blogspot.com");
+  const base::string16
+      kSimplifiedDomainDisplayPrivateRegistryUrlSubdomainAndScheme =
+          base::UTF8ToUTF16("https://foo.");
+  const base::string16 kSimplifiedDomainDisplayPrivateRegistryUrlSubdomain =
+      base::UTF8ToUTF16("foo.");
+  const base::string16 kSimplifiedDomainDisplayPrivateRegistryUrlPath =
+      base::UTF8ToUTF16("/bar");
+  const base::string16 kSimplifiedDomainDisplayPrivateRegistryUrlScheme =
+      base::UTF8ToUTF16("https://");
+  location_bar_model()->set_url(
+      GURL(kSimplifiedDomainDisplayPrivateRegistryUrl));
+  location_bar_model()->set_url_for_display(
+      kSimplifiedDomainDisplayPrivateRegistryUrl);
+  omnibox_view()->model()->ResetDisplayTexts();
+  omnibox_view()->RevertAll();
+  // Call OnThemeChanged() to create the animations.
+  omnibox_view()->OnThemeChanged();
+
+  ASSERT_NO_FATAL_FAILURE(ExpectElidedToSimplifiedDomain(
+      omnibox_view(), kSimplifiedDomainDisplayPrivateRegistryUrlScheme,
+      kSimplifiedDomainDisplayPrivateRegistryUrlSubdomain,
+      kSimplifiedDomainDisplayPrivateRegistryUrlHostnameAndScheme,
+      kSimplifiedDomainDisplayPrivateRegistryUrlPath,
+      ShouldElideToRegistrableDomain()));
+}
+
 class OmniboxViewViewsHideOnInteractionAndRevealOnHoverTest
    : public OmniboxViewViewsTest,
      public ::testing::WithParamInterface<std::pair<bool, bool>> {