If the high confidence list isn't ready, call it a MATCH.

The current implementation of checking high confidence allowlist returns NO_MATCH if any of the following apply: 1. The DB isn't enabled yet. 2. If the URL scheme can't be checked. 3. If the list hasn't been loaded from the disk yet. Since Chrome now falls back to hash based checks in the case of an allowlist match, it's safe to return MATCH if any of the above conditions happen. Bug: 963165 Change-Id: I3b311ed6124865c5e3236bd83dec62a640b6d881 Fixed: 1022628 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1906645 Auto-Submit: Varun Khaneja <vakh@chromium.org> Reviewed-by: Daniel Rubery <drubery@chromium.org> Commit-Queue: Varun Khaneja <vakh@chromium.org> Cr-Commit-Position: refs/heads/master@{#714339}

If the high confidence list isn't ready, call it a MATCH.
The current implementation of checking high confidence allowlist returns NO_MATCH if any of the following apply: 1. The DB isn't enabled yet. 2. If the URL scheme can't be checked. 3. If the list hasn't been loaded from the disk yet. Since Chrome now falls back to hash based checks in the case of an allowlist match, it's safe to return MATCH if any of the above conditions happen. Bug: 963165 Change-Id: I3b311ed6124865c5e3236bd83dec62a640b6d881 Fixed: 1022628 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1906645 Auto-Submit: Varun Khaneja <vakh@chromium.org> Reviewed-by: Daniel Rubery <drubery@chromium.org> Commit-Queue: Varun Khaneja <vakh@chromium.org> Cr-Commit-Position: refs/heads/master@{#714339}
c6aaa6e3 · Varun Khaneja · Commit Bot · 7306d30e · c6aaa6e3 · c6aaa6e3
Commit c6aaa6e3 authored Nov 12, 2019 by Varun Khaneja Committed by Commit Bot Nov 12, 2019
2 changed files
--- a/components/safe_browsing/db/v4_local_database_manager.cc
+++ b/components/safe_browsing/db/v4_local_database_manager.cc
@@ -400,8 +400,10 @@ AsyncMatch V4LocalDatabaseManager::CheckUrlForHighConfidenceAllowlist(
  if (!enabled_ || !CanCheckUrl(url) ||
      !AreAllStoresAvailableNow(stores_to_check)) {
    // NOTE(vakh): If Safe Browsing isn't enabled yet, or if the URL isn't a
-    // navigation URL, or if the allowlist isn't ready yet, return NO_MATCH.
-    return AsyncMatch::NO_MATCH;
+    // navigation URL, or if the allowlist isn't ready yet, return MATCH.
+    // The full URL check won't be performed, but hash-based check will still
+    // be done.
+    return AsyncMatch::MATCH;
  }

  std::unique_ptr<PendingCheck> check = std::make_unique<PendingCheck>(

--- a/components/safe_browsing/db/v4_local_database_manager_unittest.cc
+++ b/components/safe_browsing/db/v4_local_database_manager_unittest.cc
@@ -789,7 +789,7 @@ TEST_F(V4LocalDatabaseManagerTest, TestCheckUrlForHCAllowlistWithNoMatch) {
  EXPECT_FALSE(client.callback_called());
 }

-// When allowlist is unavailable, all URLS should be considered no-match.
+// When allowlist is unavailable, all URLS should be considered MATCH.
 TEST_F(V4LocalDatabaseManagerTest, TestCheckUrlForHCAllowlistUnavailable) {
  base::test::ScopedFeatureList feature_list;
  feature_list.InitWithFeatures({safe_browsing::kRealTimeUrlLookupEnabled}, {});
@@ -809,7 +809,7 @@ TEST_F(V4LocalDatabaseManagerTest, TestCheckUrlForHCAllowlistUnavailable) {
      /* expected_sb_threat_type= */ SB_THREAT_TYPE_HIGH_CONFIDENCE_ALLOWLIST);

  const GURL url_check("https://example.com/safe");
-  EXPECT_EQ(AsyncMatch::NO_MATCH,
+  EXPECT_EQ(AsyncMatch::MATCH,
            v4_local_database_manager_->CheckUrlForHighConfidenceAllowlist(
                url_check, &client));