Commit ffcdd9ca authored by Dominique Fauteux-Chapleau's avatar Dominique Fauteux-Chapleau Committed by Commit Bot

Update network annotations in BinaryUploadService

Bug: 1128574
Change-Id: I324ded6e3bbf92a136ede7021b18ad0a0847241b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2414914
Commit-Queue: Dominique Fauteux-Chapleau <domfc@chromium.org>
Reviewed-by: default avatarNicolas Ouellet-Payeur <nicolaso@chromium.org>
Reviewed-by: default avatarDaniel Rubery <drubery@chromium.org>
Cr-Commit-Position: refs/heads/master@{#808060}
parent d7471376
......@@ -106,6 +106,73 @@ base::Optional<GURL> GetUrlOverride() {
return base::nullopt;
}
net::NetworkTrafficAnnotationTag GetTrafficAnnotationTag(bool is_app) {
if (is_app) {
return net::DefineNetworkTrafficAnnotation(
"safe_browsing_binary_upload_app", R"(
semantics {
sender: "Advanced Protection Program"
description:
"For users part of Google's Advanced Protection Program, when a "
"file is downloaded, Chrome will upload that file to Safe Browsing "
"for detailed scanning."
trigger:
"The browser will upload the file to Google when the user "
"downloads a file, and the browser is enrolled into the "
"Advanced Protection Program."
data:
"The downloaded file."
destination: GOOGLE_OWNED_SERVICE
}
policy {
cookies_allowed: YES
cookies_store: "Safe Browsing Cookie Store"
setting: "This is disabled by default an can only be enabled by "
"policy."
chrome_policy {
AdvancedProtectionAllowed {
AdvancedProtectionAllowed: false
}
}
}
)");
} else {
return net::DefineNetworkTrafficAnnotation(
"safe_browsing_binary_upload_connector", R"(
semantics {
sender: "Chrome Enterprise Connectors"
description:
"For users with content analysis Chrome Enterprise Connectors "
"enabled, Chrome will upload the data corresponding to the "
"Connector for scanning."
trigger:
"If the OnFileAttachedEnterpriseConnector, "
"OnFileDownloadedEnterpriseConnector or "
"OnBulkDataEntryEnterpriseConnector policy is set, a request is made to "
"scan a file attached to Chrome, a file downloaded by Chrome or "
"data pasted in Chrome respectively."
data:
"The uploaded or downloaded file, or pasted data."
destination: GOOGLE_OWNED_SERVICE
}
policy {
cookies_allowed: YES
cookies_store: "Safe Browsing Cookie Store"
setting: "This is disabled by default an can only be enabled by "
"policy."
chrome_policy {
OnFileAttachedEnterpriseConnector {
}
OnFileDownloadedEnterpriseConnector {
}
OnBulkDataEntryEnterpriseConnector {
}
}
}
)");
}
}
} // namespace
BinaryUploadService::BinaryUploadService(Profile* profile)
......@@ -247,44 +314,6 @@ void BinaryUploadService::OnGetRequestData(Request* request,
return;
}
net::NetworkTrafficAnnotationTag traffic_annotation =
net::DefineNetworkTrafficAnnotation("safe_browsing_binary_upload", R"(
semantics {
sender: "Safe Browsing Download Protection"
description:
"For users with the enterprise policy "
"SendFilesForMalwareCheck set, when a file is "
"downloaded, Chrome will upload that file to Safe Browsing for "
"detailed scanning."
trigger:
"The browser will upload the file to Google when "
"the user downloads a file, and the enterprise policy "
"SendFilesForMalwareCheck is set."
data:
"The downloaded file."
destination: GOOGLE_OWNED_SERVICE
}
policy {
cookies_allowed: YES
cookies_store: "Safe Browsing Cookie Store"
setting: "This is disabled by default an can only be enabled by "
"policy."
chrome_policy {
SendFilesForMalwareCheck {
SendFilesForMalwareCheck: 0
}
}
chrome_policy {
SendFilesForMalwareCheck {
SendFilesForMalwareCheck: 1
}
}
}
comments: "Setting SendFilesForMalwareCheck to 0 (Do not scan "
"downloads) or 1 (Forbid the scanning of downloads) will disable "
"this feature"
)");
std::string metadata;
request->SerializeToString(&metadata);
base::Base64Encode(metadata, &metadata);
......@@ -294,7 +323,7 @@ void BinaryUploadService::OnGetRequestData(Request* request,
url = GetUploadUrl(IsAdvancedProtectionRequest(*request));
auto upload_request = MultipartUploadRequest::Create(
url_loader_factory_, std::move(url), metadata, data.contents,
traffic_annotation,
GetTrafficAnnotationTag(IsAdvancedProtectionRequest(*request)),
base::BindOnce(&BinaryUploadService::OnUploadComplete,
weakptr_factory_.GetWeakPtr(), request));
......
......@@ -278,7 +278,9 @@ Refer to README.md for content description and update process.
<item id="resource_prefetch" added_in_milestone="62" hash_code="110815970" type="0" deprecated="2018-02-28" content_hash_code="39251261" file_path=""/>
<item id="rlz_ping" added_in_milestone="63" hash_code="99279418" type="0" content_hash_code="102108802" os_list="windows" file_path="rlz/lib/financial_ping.cc"/>
<item id="safe_browsing_backup_request" added_in_milestone="62" hash_code="106980485" type="0" deprecated="2018-08-14" content_hash_code="101760679" file_path=""/>
<item id="safe_browsing_binary_upload" added_in_milestone="78" hash_code="71663319" type="0" content_hash_code="105913171" os_list="linux,windows" file_path="chrome/browser/safe_browsing/cloud_content_scanning/binary_upload_service.cc"/>
<item id="safe_browsing_binary_upload" added_in_milestone="78" hash_code="71663319" type="0" deprecated="2020-09-16" content_hash_code="105913171" file_path=""/>
<item id="safe_browsing_binary_upload_app" added_in_milestone="87" hash_code="4306022" type="0" content_hash_code="64626873" os_list="linux,windows" file_path="chrome/browser/safe_browsing/cloud_content_scanning/binary_upload_service.cc"/>
<item id="safe_browsing_binary_upload_connector" added_in_milestone="87" hash_code="59568147" type="0" content_hash_code="69870179" os_list="linux,windows" file_path="chrome/browser/safe_browsing/cloud_content_scanning/binary_upload_service.cc"/>
<item id="safe_browsing_cache_collector" added_in_milestone="62" hash_code="115907811" type="0" content_hash_code="62296373" os_list="linux,windows" file_path="components/safe_browsing/content/browser/threat_details_cache.cc"/>
<item id="safe_browsing_certificate_error_reporting" added_in_milestone="62" hash_code="66590631" type="0" content_hash_code="26108454" os_list="linux,windows" file_path="chrome/browser/ssl/certificate_error_reporter.cc"/>
<item id="safe_browsing_chunk_backup_request" added_in_milestone="62" hash_code="79957943" type="0" deprecated="2018-08-14" content_hash_code="133850277" file_path=""/>
......
......@@ -208,7 +208,8 @@ hidden="true" so that these annotations don't show up in the document.
<traffic_annotation unique_id="safe_browsing_module_loader"/>
<traffic_annotation unique_id="safe_browsing_v4_get_hash"/>
<traffic_annotation unique_id="safe_browsing_v4_update"/>
<traffic_annotation unique_id="safe_browsing_binary_upload"/>
<traffic_annotation unique_id="safe_browsing_binary_upload_app"/>
<traffic_annotation unique_id="safe_browsing_binary_upload_connector"/>
<traffic_annotation unique_id="safe_browsing_realtime_url_lookup"/>
<traffic_annotation unique_id="unwanted_software_report"/>
<traffic_annotation unique_id="ppapi_download_request"/>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment