[WL] Add renderer-side phishing classifier

Implement the code needed for the renderer-side phishing classifier. In particular: - extend WebLayerRenderFrameObserver::CapturePageText to take a TextCaptureType, - call CapturePageText when frame finishes loading (in addition to parsing), - add/initialize PhishingClassifierDelegate as member of WebLayerRenderFrameObserver, - ensure to capture pages (from CapturePageText) by phishing classifier, - amend to capture pages through translate agent only when in preliminary capture mode, - add kWebLayerClientSidePhishingDetection feature. BUG=1149411,1115700 Change-Id: If98539211044e8c647eda13fbd65bfafdfcf054a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2544608 Commit-Queue: Tim Volodine <timvolodine@chromium.org> Reviewed-by: Colin Blundell <blundell@chromium.org> Reviewed-by: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#830053}

[WL] Add renderer-side phishing classifier
Implement the code needed for the renderer-side phishing classifier. In particular: - extend WebLayerRenderFrameObserver::CapturePageText to take a TextCaptureType, - call CapturePageText when frame finishes loading (in addition to parsing), - add/initialize PhishingClassifierDelegate as member of WebLayerRenderFrameObserver, - ensure to capture pages (from CapturePageText) by phishing classifier, - amend to capture pages through translate agent only when in preliminary capture mode, - add kWebLayerClientSidePhishingDetection feature. BUG=1149411,1115700 Change-Id: If98539211044e8c647eda13fbd65bfafdfcf054a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2544608 Commit-Queue: Tim Volodine <timvolodine@chromium.org> Reviewed-by: Colin Blundell <blundell@chromium.org> Reviewed-by: Daniel Rubery <drubery@chromium.org> Cr-Commit-Position: refs/heads/master@{#830053}
7c9f49a5 · Tim Volodine · Commit Bot · 0ea3252e · 7c9f49a5 · 7c9f49a5
Commit 7c9f49a5 authored Nov 22, 2020 by Tim Volodine Committed by Commit Bot Nov 22, 2020
6 changed files
--- a/weblayer/BUILD.gn
+++ b/weblayer/BUILD.gn
@@ -411,6 +411,7 @@ source_set("weblayer_lib_base") {
    "//components/prefs",
    "//components/safe_browsing/content/common:interfaces",
    "//components/safe_browsing/content/renderer:throttles",
+    "//components/safe_browsing/content/renderer/phishing_classifier",
    "//components/safe_browsing/core:features",
    "//components/security_interstitials/content:security_interstitial_page",
    "//components/security_interstitials/content/renderer:security_interstitial_page_controller",

--- a/weblayer/common/features.cc
+++ b/weblayer/common/features.cc
@@ -9,6 +9,10 @@ namespace features {

 // Weblayer features in alphabetical order.

+// Client side phishing detection support for weblayer
+const base::Feature kWebLayerClientSidePhishingDetection{
+    "WebLayerClientSidePhishingDetection", base::FEATURE_DISABLED_BY_DEFAULT};
+
 // Safebrowsing support for weblayer.
 const base::Feature kWebLayerSafeBrowsing{"WebLayerSafeBrowsing",
                                          base::FEATURE_ENABLED_BY_DEFAULT};

--- a/weblayer/common/features.h
+++ b/weblayer/common/features.h
@@ -12,6 +12,7 @@ namespace features {

 // Weblayer features in alphabetical order.

+extern const base::Feature kWebLayerClientSidePhishingDetection;
 extern const base::Feature kWebLayerSafeBrowsing;

 }  // namespace features

--- a/weblayer/renderer/DEPS
+++ b/weblayer/renderer/DEPS
@@ -8,6 +8,7 @@ include_rules = [
  "+components/page_load_metrics/renderer",
  "+components/no_state_prefetch/common",
  "+components/no_state_prefetch/renderer",
+  "+components/safe_browsing",
  "+components/safe_browsing/content/common",
  "+components/safe_browsing/content/renderer",
  "+components/safe_browsing/core/common",

--- a/weblayer/renderer/weblayer_render_frame_observer.cc
+++ b/weblayer/renderer/weblayer_render_frame_observer.cc
@@ -14,8 +14,13 @@
 #include "third_party/blink/public/web/web_document_loader.h"
 #include "third_party/blink/public/web/web_frame_content_dumper.h"
 #include "third_party/blink/public/web/web_local_frame.h"
+#include "weblayer/common/features.h"
 #include "weblayer/common/isolated_world_ids.h"

+#if BUILDFLAG(SAFE_BROWSING_AVAILABLE)
+#include "components/safe_browsing/content/renderer/phishing_classifier/phishing_classifier_delegate.h"
+#endif
+
 namespace weblayer {

 namespace {
@@ -39,6 +44,10 @@ WebLayerRenderFrameObserver::WebLayerRenderFrameObserver(
  if (!render_frame->IsMainFrame())
    return;

+  if (base::FeatureList::IsEnabled(
+          features::kWebLayerClientSidePhishingDetection))
+    SetClientSidePhishingDetection();
+
  // TODO(crbug.com/1073370): Handle case where subframe translation is enabled.
  DCHECK(!translate::IsSubFrameTranslationEnabled());
  translate_agent_ =
@@ -72,9 +81,10 @@ void WebLayerRenderFrameObserver::DidMeaningfulLayout(

  switch (layout_type) {
    case blink::WebMeaningfulLayout::kFinishedParsing:
-      // We should run language detection only once. Parsing finishes before
-      // the page loads, so let's pick that timing.
-      CapturePageText();
+      CapturePageText(PRELIMINARY_CAPTURE);
+      break;
+    case blink::WebMeaningfulLayout::kFinishedLoading:
+      CapturePageText(FINAL_CAPTURE);
      break;
    default:
      break;
@@ -86,7 +96,8 @@ void WebLayerRenderFrameObserver::DidMeaningfulLayout(
 // used for embedder-level purposes beyond translation. This code is expected to
 // be eliminated when WebLayer adopts Chrome's upcoming per-frame translate
 // architecture (crbug.com/1063520).
-void WebLayerRenderFrameObserver::CapturePageText() {
+void WebLayerRenderFrameObserver::CapturePageText(
+    TextCaptureType capture_type) {
  blink::WebLocalFrame* frame = render_frame()->GetWebFrame();
  if (!frame)
    return;
@@ -108,13 +119,15 @@ void WebLayerRenderFrameObserver::CapturePageText() {
  if (prerender::PrerenderHelper::IsPrerendering(render_frame()))
    return;

-  // Don't capture contents unless there is a translate agent to consume them.
-  if (!translate_agent_)
+    // Don't capture contents unless there is either a translate agent or a
+    // phishing classifier to consume them.
+#if BUILDFLAG(SAFE_BROWSING_AVAILABLE)
+  if (!translate_agent_ && !phishing_classifier_)
    return;
-
-  // Don't index/capture pages that are being prerendered.
-  if (prerender::PrerenderHelper::IsPrerendering(render_frame()))
+#else
+  if (!translate_agent_)
    return;
+#endif

  base::TimeTicks capture_begin_time = base::TimeTicks::Now();

@@ -130,11 +143,28 @@ void WebLayerRenderFrameObserver::CapturePageText() {
  UMA_HISTOGRAM_TIMES(kTranslateCaptureText,
                      base::TimeTicks::Now() - capture_begin_time);

-  translate_agent_->PageCaptured(contents);
+  // We should run language detection only once. Parsing finishes before
+  // the page loads, so let's pick that timing (as in chrome).
+  if (translate_agent_ && capture_type == PRELIMINARY_CAPTURE) {
+    translate_agent_->PageCaptured(contents);
+  }
+
+#if BUILDFLAG(SAFE_BROWSING_AVAILABLE)
+  if (phishing_classifier_)
+    phishing_classifier_->PageCaptured(&contents,
+                                       capture_type == PRELIMINARY_CAPTURE);
+#endif
 }

 void WebLayerRenderFrameObserver::OnDestruct() {
  delete this;
 }

+void WebLayerRenderFrameObserver::SetClientSidePhishingDetection() {
+#if BUILDFLAG(SAFE_BROWSING_AVAILABLE)
+  phishing_classifier_ = safe_browsing::PhishingClassifierDelegate::Create(
+      render_frame(), nullptr);
+#endif
+}
+
 }  // namespace weblayer
--- a/weblayer/renderer/weblayer_render_frame_observer.h
+++ b/weblayer/renderer/weblayer_render_frame_observer.h
@@ -6,9 +6,14 @@
 #define WEBLAYER_RENDERER_WEBLAYER_RENDER_FRAME_OBSERVER_H_

 #include "base/macros.h"
+#include "components/safe_browsing/buildflags.h"
 #include "content/public/renderer/render_frame_observer.h"
 #include "third_party/blink/public/common/associated_interfaces/associated_interface_registry.h"

+namespace safe_browsing {
+class PhishingClassifierDelegate;
+}
+
 namespace translate {
 class TranslateAgent;
 }
@@ -26,6 +31,7 @@ class WebLayerRenderFrameObserver : public content::RenderFrameObserver {
  }

 private:
+  enum TextCaptureType { PRELIMINARY_CAPTURE, FINAL_CAPTURE };
  ~WebLayerRenderFrameObserver() override;

  // RenderFrameObserver:
@@ -37,13 +43,20 @@ class WebLayerRenderFrameObserver : public content::RenderFrameObserver {
  void DidMeaningfulLayout(blink::WebMeaningfulLayout layout_type) override;
  void OnDestruct() override;

-  void CapturePageText();
+  void CapturePageText(TextCaptureType capture_type);
+
+  // Initializes a |phishing_classifier_delegate_|.
+  void SetClientSidePhishingDetection();

  blink::AssociatedInterfaceRegistry associated_interfaces_;

  // Has the same lifetime as this object.
  translate::TranslateAgent* translate_agent_;

+#if BUILDFLAG(SAFE_BROWSING_AVAILABLE)
+  safe_browsing::PhishingClassifierDelegate* phishing_classifier_ = nullptr;
+#endif
+
  DISALLOW_COPY_AND_ASSIGN(WebLayerRenderFrameObserver);
 };