Add field for evidence locker filepath

This adds evidence_locker_filepath in ContentAnalysisResponse::Result and a corresponding reporting field. This should be removed once a better propagation for this info is agreed upon. Bug: 1147036 Change-Id: I496d13a80fd7f06a83f534afa0b6d673184a6bfd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2526929 Commit-Queue: Dominique Fauteux-Chapleau <domfc@chromium.org> Reviewed-by: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#825447}

Add field for evidence locker filepath
This adds evidence_locker_filepath in ContentAnalysisResponse::Result and a corresponding reporting field. This should be removed once a better propagation for this info is agreed upon. Bug: 1147036 Change-Id: I496d13a80fd7f06a83f534afa0b6d673184a6bfd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2526929 Commit-Queue: Dominique Fauteux-Chapleau <domfc@chromium.org> Reviewed-by: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#825447}
6e0d513c · Dominique Fauteux-Chapleau · Commit Bot · 56b7145e · 6e0d513c · 6e0d513c
Commit 6e0d513c authored Nov 09, 2020 by Dominique Fauteux-Chapleau Committed by Commit Bot Nov 09, 2020
3 changed files
--- a/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.cc
+++ b/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.cc
@@ -136,6 +136,8 @@ const char SafeBrowsingPrivateEventRouter::kKeyMalwareFamily[] =
    "malwareFamily";
 const char SafeBrowsingPrivateEventRouter::kKeyMalwareCategory[] =
    "malwareCategory";
+const char SafeBrowsingPrivateEventRouter::kKeyEvidenceLockerFilePath[] =
+    "evidenceLockerFilepath";

 const char SafeBrowsingPrivateEventRouter::kKeyPasswordReuseEvent[] =
    "passwordReuseEvent";
@@ -427,7 +429,7 @@ void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorResult(
        url, file_name, download_digest_sha256,
        MalwareRuleToThreatType(result.triggered_rules(0).rule_name()),
        mime_type, trigger, content_size, event_result, result.malware_family(),
-        result.malware_category());
+        result.malware_category(), result.evidence_locker_filepath());
  } else if (result.tag() == "dlp") {
    OnSensitiveDataEvent(url, file_name, download_digest_sha256, mime_type,
                         trigger, result, content_size, event_result);
@@ -444,7 +446,8 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult(
    const int64_t content_size,
    safe_browsing::EventResult event_result,
    const std::string& malware_family,
-    const std::string& malware_category) {
+    const std::string& malware_category,
+    const std::string& evidence_locker_filepath) {
  if (!IsRealtimeReportingEnabled())
    return;

@@ -458,7 +461,8 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult(
             const std::string& trigger, const int64_t content_size,
             safe_browsing::EventResult event_result,
             const std::string& malware_family,
-             const std::string& malware_category) {
+             const std::string& malware_category,
+             const std::string& evidence_locker_filepath) {
            // Create a real-time event dictionary from the arguments and
            // report it.
            base::Value event(base::Value::Type::DICTIONARY);
@@ -484,11 +488,15 @@ void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult(
              event.SetStringKey(kKeyMalwareFamily, malware_family);
            if (!malware_category.empty())
              event.SetStringKey(kKeyMalwareCategory, malware_category);
+            if (!evidence_locker_filepath.empty()) {
+              event.SetStringKey(kKeyEvidenceLockerFilePath,
+                                 evidence_locker_filepath);
+            }
            return event;
          },
          url.spec(), file_name, download_digest_sha256, GetProfileUserName(),
          threat_type, mime_type, trigger, content_size, event_result,
-          malware_family, malware_category));
+          malware_family, malware_category, evidence_locker_filepath));
 }

 void SafeBrowsingPrivateEventRouter::OnSensitiveDataEvent(
@@ -533,6 +541,10 @@ void SafeBrowsingPrivateEventRouter::OnSensitiveDataEvent(
            event.SetBoolKey(
                kKeyClickedThrough,
                event_result == safe_browsing::EventResult::BYPASSED);
+            if (!result.evidence_locker_filepath().empty()) {
+              event.SetStringKey(kKeyEvidenceLockerFilePath,
+                                 result.evidence_locker_filepath());
+            }

            AddAnalysisConnectorVerdictToEvent(result, &event);

@@ -584,6 +596,10 @@ void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorWarningBypassed(
                               safe_browsing::EventResultToString(
                                   safe_browsing::EventResult::BYPASSED));
            event.SetBoolKey(kKeyClickedThrough, true);
+            if (!result.evidence_locker_filepath().empty()) {
+              event.SetStringKey(kKeyEvidenceLockerFilePath,
+                                 result.evidence_locker_filepath());
+            }

            AddAnalysisConnectorVerdictToEvent(result, &event);


--- a/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.h
+++ b/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.h
@@ -82,6 +82,7 @@ class SafeBrowsingPrivateEventRouter
  static const char kKeyEventResult[];
  static const char kKeyMalwareFamily[];
  static const char kKeyMalwareCategory[];
+  static const char kKeyEvidenceLockerFilePath[];

  static const char kKeyPasswordReuseEvent[];
  static const char kKeyPasswordChangedEvent[];
@@ -261,16 +262,18 @@ class SafeBrowsingPrivateEventRouter
  std::string GetProfileUserName() const;

  // Notifies listeners that deep scanning detected a dangerous download.
-  void OnDangerousDeepScanningResult(const GURL& url,
-                                     const std::string& file_name,
-                                     const std::string& download_digest_sha256,
-                                     const std::string& threat_type,
-                                     const std::string& mime_type,
-                                     const std::string& trigger,
-                                     const int64_t content_size,
-                                     safe_browsing::EventResult event_result,
-                                     const std::string& malware_family,
-                                     const std::string& malware_category);
+  void OnDangerousDeepScanningResult(
+      const GURL& url,
+      const std::string& file_name,
+      const std::string& download_digest_sha256,
+      const std::string& threat_type,
+      const std::string& mime_type,
+      const std::string& trigger,
+      const int64_t content_size,
+      safe_browsing::EventResult event_result,
+      const std::string& malware_family,
+      const std::string& malware_category,
+      const std::string& evidence_locker_filepath);

  // Notifies listeners that the analysis connector detected a violation.
  void OnSensitiveDataEvent(

--- a/components/enterprise/common/proto/connectors.proto
+++ b/components/enterprise/common/proto/connectors.proto
@@ -103,10 +103,11 @@ message ContentAnalysisResponse {
    }
    repeated TriggeredRule triggered_rules = 3;

-    // TODO(crbug.com/1147036): Remove fields 4-5 once a definitive approach is
+    // TODO(crbug.com/1147036): Remove fields 4-6 once a definitive approach is
    // agreed upon.
    optional string malware_family = 4;
    optional string malware_category = 5;
+    optional string evidence_locker_filepath = 6;
  }
  repeated Result results = 4;