Instrument NavigatorPlugins for identifiability study.

The purpose of the instrumentation in this study is to collect the maximum amount of bytes this API exposes to sites and builds a digest of the result. Our belief is that the amount of bytes revealed by API has been reduced to the point where it no longer leaks any bits that sites can use to identify users. The goal of including this API in the identifiability study is to either prove or disprove this hypothesis. Bug: 973801 Change-Id: Id1a03f9ad46d758323e537a8d21f4f2f911bfdb1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2225333Reviewed-by: Paul Jensen <pauljensen@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Commit-Queue: Dylan Cutler <dylancutler@google.com> Cr-Commit-Position: refs/heads/master@{#776920}

Instrument NavigatorPlugins for identifiability study.
The purpose of the instrumentation in this study is to collect the maximum amount of bytes this API exposes to sites and builds a digest of the result. Our belief is that the amount of bytes revealed by API has been reduced to the point where it no longer leaks any bits that sites can use to identify users. The goal of including this API in the identifiability study is to either prove or disprove this hypothesis. Bug: 973801 Change-Id: Id1a03f9ad46d758323e537a8d21f4f2f911bfdb1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2225333Reviewed-by: Paul Jensen <pauljensen@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Commit-Queue: Dylan Cutler <dylancutler@google.com> Cr-Commit-Position: refs/heads/master@{#776920}
c4378bf8 · Dylan Cutler · Commit Bot · 8f6ebbe2 · c4378bf8 · c4378bf8
Commit c4378bf8 authored Jun 10, 2020 by Dylan Cutler Committed by Commit Bot Jun 10, 2020
2 changed files
--- a/third_party/blink/renderer/modules/plugins/navigator_plugins.cc
+++ b/third_party/blink/renderer/modules/plugins/navigator_plugins.cc
@@ -4,6 +4,8 @@

 #include "third_party/blink/renderer/modules/plugins/navigator_plugins.h"

+#include "third_party/blink/public/common/privacy_budget/identifiability_metric_builder.h"
+#include "third_party/blink/public/common/privacy_budget/identifiable_token_builder.h"
 #include "third_party/blink/renderer/core/frame/local_frame.h"
 #include "third_party/blink/renderer/core/frame/navigator.h"
 #include "third_party/blink/renderer/core/frame/settings.h"
@@ -51,7 +53,38 @@ bool NavigatorPlugins::javaEnabled(Navigator& navigator) {
 DOMPluginArray* NavigatorPlugins::plugins(LocalFrame* frame) const {
  if (!plugins_)
    plugins_ = MakeGarbageCollected<DOMPluginArray>(frame);
-  return plugins_.Get();
+
+  DOMPluginArray* result = plugins_.Get();
+  if (!frame)
+    return result;
+  Document* document = frame->GetDocument();
+  if (!document)
+    return result;
+
+  // Build digest...
+  IdentifiableTokenBuilder builder;
+  for (unsigned i = 0; i < result->length(); i++) {
+    DOMPlugin* plugin = result->item(i);
+    builder.AddAtomic(StringToBytesSafe(plugin->name()))
+        .AddAtomic(StringToBytesSafe(plugin->description()))
+        .AddAtomic(StringToBytesSafe(plugin->filename()));
+    for (unsigned j = 0; j < plugin->length(); j++) {
+      DOMMimeType* mimeType = plugin->item(j);
+      builder.AddAtomic(StringToBytesSafe(mimeType->type()))
+          .AddAtomic(StringToBytesSafe(mimeType->description()))
+          .AddAtomic(StringToBytesSafe(mimeType->suffixes()));
+    }
+  }
+  // ...and report to UKM.
+  IdentifiabilityMetricBuilder(document->UkmSourceID())
+      .SetWebfeature(WebFeature::kNavigatorPlugins, builder.GetToken())
+      .Record(document->UkmRecorder());
+
+  return result;
+}
+
+base::span<const uint8_t> NavigatorPlugins::StringToBytesSafe(String str) const {
+  return str.Is8Bit() ? str.Span8() : as_bytes(str.Span16());
 }

 DOMMimeTypeArray* NavigatorPlugins::mimeTypes(LocalFrame* frame) const {

--- a/third_party/blink/renderer/modules/plugins/navigator_plugins.h
+++ b/third_party/blink/renderer/modules/plugins/navigator_plugins.h
@@ -39,6 +39,8 @@ class NavigatorPlugins final : public GarbageCollected<NavigatorPlugins>,

  mutable Member<DOMPluginArray> plugins_;
  mutable Member<DOMMimeTypeArray> mime_types_;
+
+  base::span<const uint8_t> StringToBytesSafe(String str) const;
 };

 }  // namespace blink