Disable malware extensions based on verdicts from Extension Telemetry Server
Adds the ExtensionTelemetryServiceVerdictHandler class to the ExtensionService. This class is used by the ExtensionTelemetryService to process malware verdicts for offstore extensions received from the Extension Telemetry server. The Handler performs action based on the verdict: - For malware verdict, the extension is unloaded and assigned a malware blocklist state. - For not-blocklisted/unknown verdict, the extension is reloaded and its malware blocklist state is removed. A follow-on CL will implement the code where the ExtensionService will call this handler to process the Extension Telemetry server's verdicts. Bug: 1466149 Change-Id: I0e41e8eca439094b282a698c9c831b6d5e92f0e7 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4712670 Reviewed-by: Anunoy Ghosh <anunoy@chromium.org> Reviewed-by: David Bertoni <dbertoni@chromium.org> Commit-Queue: Richard Chen <richche@google.com> Cr-Commit-Position: refs/heads/main@{#1181715}
This commit is contained in:
Richard Chen
committed by
Chromium LUCI CQ
Chromium LUCI CQ
parent
7b9174f6ba
commit
f5e6cae895
chrome
browser
extensions
test
extensions/browser
@ -568,6 +568,8 @@ static_library("extensions") {
|
||||
"extension_system_impl.h",
|
||||
"extension_tab_util.cc",
|
||||
"extension_tab_util.h",
|
||||
"extension_telemetry_service_verdict_handler.cc",
|
||||
"extension_telemetry_service_verdict_handler.h",
|
||||
"extension_ui_util.cc",
|
||||
"extension_ui_util.h",
|
||||
"extension_uninstall_dialog.cc",
|
||||
|
||||
@ -261,4 +261,36 @@ TEST_F(BlocklistExtensionPrefsUnitTest, IsExtensionBlocklisted) {
|
||||
blocklist_prefs::IsExtensionBlocklisted(kExtensionId, extension_prefs()));
|
||||
}
|
||||
|
||||
TEST_F(BlocklistExtensionPrefsUnitTest,
|
||||
ExtensionTelemetryServiceBlocklistState) {
|
||||
blocklist_prefs::SetExtensionTelemetryServiceBlocklistState(
|
||||
kExtensionId, BitMapBlocklistState::BLOCKLISTED_MALWARE,
|
||||
extension_prefs());
|
||||
|
||||
EXPECT_EQ(BitMapBlocklistState::BLOCKLISTED_MALWARE,
|
||||
blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
kExtensionId, extension_prefs()));
|
||||
|
||||
blocklist_prefs::SetExtensionTelemetryServiceBlocklistState(
|
||||
kExtensionId, BitMapBlocklistState::NOT_BLOCKLISTED, extension_prefs());
|
||||
|
||||
EXPECT_EQ(BitMapBlocklistState::NOT_BLOCKLISTED,
|
||||
blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
kExtensionId, extension_prefs()));
|
||||
}
|
||||
|
||||
TEST_F(BlocklistExtensionPrefsUnitTest,
|
||||
IsExtensionBlocklisted_ExtensionTelemetryService) {
|
||||
blocklist_prefs::SetExtensionTelemetryServiceBlocklistState(
|
||||
kExtensionId, BitMapBlocklistState::BLOCKLISTED_MALWARE,
|
||||
extension_prefs());
|
||||
EXPECT_TRUE(
|
||||
blocklist_prefs::IsExtensionBlocklisted(kExtensionId, extension_prefs()));
|
||||
|
||||
blocklist_prefs::SetExtensionTelemetryServiceBlocklistState(
|
||||
kExtensionId, BitMapBlocklistState::NOT_BLOCKLISTED, extension_prefs());
|
||||
EXPECT_FALSE(
|
||||
blocklist_prefs::IsExtensionBlocklisted(kExtensionId, extension_prefs()));
|
||||
}
|
||||
|
||||
} // namespace extensions
|
||||
|
||||
@ -392,6 +392,10 @@ ExtensionService::ExtensionService(
|
||||
omaha_attributes_handler_(extension_prefs,
|
||||
ExtensionRegistry::Get(profile),
|
||||
this),
|
||||
extension_telemetry_service_verdict_handler_(
|
||||
extension_prefs,
|
||||
ExtensionRegistry::Get(profile),
|
||||
this),
|
||||
registry_(ExtensionRegistry::Get(profile)),
|
||||
pending_extension_manager_(profile),
|
||||
install_directory_(install_directory),
|
||||
@ -926,6 +930,15 @@ void ExtensionService::PerformActionBasedOnOmahaAttributes(
|
||||
error_controller_->ShowErrorIfNeeded();
|
||||
}
|
||||
|
||||
void ExtensionService::PerformActionBasedOnExtensionTelemetryServiceVerdicts(
|
||||
const Blocklist::BlocklistStateMap& blocklist_state_map) {
|
||||
DCHECK_CURRENTLY_ON(BrowserThread::UI);
|
||||
|
||||
extension_telemetry_service_verdict_handler_.PerformActionBasedOnVerdicts(
|
||||
blocklist_state_map);
|
||||
error_controller_->ShowErrorIfNeeded();
|
||||
}
|
||||
|
||||
void ExtensionService::OnGreylistStateRemoved(const std::string& extension_id) {
|
||||
bool is_on_sb_list = (blocklist_prefs::GetSafeBrowsingExtensionBlocklistState(
|
||||
extension_id, extension_prefs_) !=
|
||||
|
||||
@ -25,6 +25,7 @@
|
||||
#include "chrome/browser/extensions/cws_info_service.h"
|
||||
#include "chrome/browser/extensions/extension_allowlist.h"
|
||||
#include "chrome/browser/extensions/extension_management.h"
|
||||
#include "chrome/browser/extensions/extension_telemetry_service_verdict_handler.h"
|
||||
#include "chrome/browser/extensions/forced_extensions/force_installed_metrics.h"
|
||||
#include "chrome/browser/extensions/forced_extensions/force_installed_tracker.h"
|
||||
#include "chrome/browser/extensions/install_gate.h"
|
||||
@ -317,6 +318,11 @@ class ExtensionService : public ExtensionServiceInterface,
|
||||
void PerformActionBasedOnOmahaAttributes(const std::string& extension_id,
|
||||
const base::Value::Dict& attributes);
|
||||
|
||||
// Performs action based on verdicts received from the Extension Telemetry
|
||||
// server. Currently, these verdicts are limited to off-store extensions.
|
||||
void PerformActionBasedOnExtensionTelemetryServiceVerdicts(
|
||||
const Blocklist::BlocklistStateMap& blocklist_state_map);
|
||||
|
||||
// Disables the extension. If the extension is already disabled, just adds
|
||||
// the |disable_reasons| (a bitmask of disable_reason::DisableReason - there
|
||||
// can be multiple DisableReasons e.g. when an extension comes in disabled
|
||||
@ -672,6 +678,9 @@ class ExtensionService : public ExtensionServiceInterface,
|
||||
|
||||
OmahaAttributesHandler omaha_attributes_handler_;
|
||||
|
||||
ExtensionTelemetryServiceVerdictHandler
|
||||
extension_telemetry_service_verdict_handler_;
|
||||
|
||||
// Sets of enabled/disabled/terminated/blocklisted extensions. Not owned.
|
||||
raw_ptr<ExtensionRegistry, DanglingUntriaged> registry_ = nullptr;
|
||||
|
||||
|
||||
@ -5047,6 +5047,33 @@ TEST_F(ExtensionServiceTest, CanAddDisableReasonToBlocklistedExtension) {
|
||||
good1, disable_reason::DISABLE_BLOCKED_BY_POLICY));
|
||||
}
|
||||
|
||||
// Tests the Extension Telemetry service verdict to remotely disable an
|
||||
// extension for malware.
|
||||
TEST_F(ExtensionServiceTest,
|
||||
DisableRemotelyForMalwareFromExtensionTelemetryServiceVerdict) {
|
||||
InitializeEmptyExtensionService();
|
||||
|
||||
InstallCRX(data_dir().AppendASCII("good.crx"), INSTALL_NEW);
|
||||
EXPECT_TRUE(registry()->enabled_extensions().GetByID(good_crx));
|
||||
EXPECT_EQ(1u, registry()->enabled_extensions().size());
|
||||
|
||||
Blocklist::BlocklistStateMap state_map;
|
||||
state_map[good_crx] = BlocklistState::BLOCKLISTED_MALWARE;
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
|
||||
ExtensionPrefs* prefs = ExtensionPrefs::Get(profile());
|
||||
EXPECT_EQ(blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
good_crx, prefs),
|
||||
BitMapBlocklistState::BLOCKLISTED_MALWARE);
|
||||
EXPECT_TRUE(blocklist_prefs::IsExtensionBlocklisted(good_crx, prefs));
|
||||
|
||||
state_map[good_crx] = BlocklistState::NOT_BLOCKLISTED;
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
EXPECT_EQ(1u, registry()->enabled_extensions().size());
|
||||
EXPECT_EQ(0, prefs->GetDisableReasons(good_crx));
|
||||
EXPECT_FALSE(blocklist_prefs::IsExtensionBlocklisted(good_crx, prefs));
|
||||
}
|
||||
|
||||
TEST_F(ExtensionServiceTest, TerminateExtension) {
|
||||
InitializeEmptyExtensionService();
|
||||
|
||||
|
||||
@ -0,0 +1,63 @@
|
||||
// Copyright 2023 The Chromium Authors
|
||||
// Use of this source code is governed by a BSD-style license that can be
|
||||
// found in the LICENSE file.
|
||||
|
||||
#include "chrome/browser/extensions/extension_telemetry_service_verdict_handler.h"
|
||||
|
||||
#include "chrome/browser/extensions/extension_service.h"
|
||||
#include "extensions/browser/blocklist_extension_prefs.h"
|
||||
#include "extensions/browser/blocklist_state.h"
|
||||
|
||||
namespace extensions {
|
||||
|
||||
ExtensionTelemetryServiceVerdictHandler::
|
||||
ExtensionTelemetryServiceVerdictHandler(ExtensionPrefs* extension_prefs,
|
||||
ExtensionRegistry* registry,
|
||||
ExtensionService* extension_service)
|
||||
: extension_prefs_(extension_prefs),
|
||||
registry_(registry),
|
||||
extension_service_(extension_service) {}
|
||||
|
||||
void ExtensionTelemetryServiceVerdictHandler::PerformActionBasedOnVerdicts(
|
||||
const Blocklist::BlocklistStateMap& state_map) {
|
||||
ExtensionIdSet installed_ids =
|
||||
registry_->GenerateInstalledExtensionsSet().GetIDs();
|
||||
|
||||
for (const auto& [extension_id, blocklist_state] : state_map) {
|
||||
// It's possible that an extension is already uninstalled. Ignore in this
|
||||
// case.
|
||||
if (!installed_ids.contains(extension_id)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// If the blocklist state has not changed, do nothing.
|
||||
const BitMapBlocklistState& current_state =
|
||||
blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
extension_id, extension_prefs_);
|
||||
if (static_cast<BitMapBlocklistState>(blocklist_state) == current_state) {
|
||||
continue;
|
||||
}
|
||||
|
||||
switch (blocklist_state) {
|
||||
case NOT_BLOCKLISTED:
|
||||
blocklist_prefs::SetExtensionTelemetryServiceBlocklistState(
|
||||
extension_id, BitMapBlocklistState::NOT_BLOCKLISTED,
|
||||
extension_prefs_);
|
||||
extension_service_->OnBlocklistStateRemoved(extension_id);
|
||||
break;
|
||||
case BLOCKLISTED_MALWARE:
|
||||
blocklist_prefs::SetExtensionTelemetryServiceBlocklistState(
|
||||
extension_id, BitMapBlocklistState::BLOCKLISTED_MALWARE,
|
||||
extension_prefs_);
|
||||
extension_service_->OnBlocklistStateAdded(extension_id);
|
||||
break;
|
||||
case BLOCKLISTED_SECURITY_VULNERABILITY:
|
||||
case BLOCKLISTED_CWS_POLICY_VIOLATION:
|
||||
case BLOCKLISTED_POTENTIALLY_UNWANTED:
|
||||
case BLOCKLISTED_UNKNOWN:
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} // namespace extensions
|
||||
@ -0,0 +1,50 @@
|
||||
// Copyright 2023 The Chromium Authors
|
||||
// Use of this source code is governed by a BSD-style license that can be
|
||||
// found in the LICENSE file.
|
||||
|
||||
#ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_TELEMETRY_SERVICE_VERDICT_HANDLER_H_
|
||||
#define CHROME_BROWSER_EXTENSIONS_EXTENSION_TELEMETRY_SERVICE_VERDICT_HANDLER_H_
|
||||
|
||||
#include "base/memory/raw_ptr.h"
|
||||
#include "chrome/browser/extensions/blocklist.h"
|
||||
#include "extensions/browser/extension_registry.h"
|
||||
|
||||
namespace extensions {
|
||||
class ExtensionPrefs;
|
||||
class ExtensionService;
|
||||
|
||||
// Manages the Extension Telemetry service verdict states in extension pref.
|
||||
class ExtensionTelemetryServiceVerdictHandler {
|
||||
public:
|
||||
ExtensionTelemetryServiceVerdictHandler(ExtensionPrefs* extension_prefs,
|
||||
ExtensionRegistry* registry,
|
||||
ExtensionService* extension_service);
|
||||
ExtensionTelemetryServiceVerdictHandler(
|
||||
const ExtensionTelemetryServiceVerdictHandler&) = delete;
|
||||
ExtensionTelemetryServiceVerdictHandler& operator=(
|
||||
const ExtensionTelemetryServiceVerdictHandler&) = delete;
|
||||
~ExtensionTelemetryServiceVerdictHandler() = default;
|
||||
|
||||
// Performs action based on verdicts received from the Extension Telemetry
|
||||
// server. Currently, the verdicts are limited to off-store extensions. It's
|
||||
// possible that the action is already performed for a verdict, in this case,
|
||||
// nothing is done.
|
||||
//
|
||||
// |state_map| represents the converted blocklist states from verdicts. For
|
||||
// each state, the following action is performed:
|
||||
// MALWARE - Unloads the extension and adds it to the Extension Telemetry
|
||||
// service malware blocklist.
|
||||
// NOT_BLOCKLISTED - Reloads the extension and removes it from the Extension
|
||||
// Telemetry service malware blocklist.
|
||||
void PerformActionBasedOnVerdicts(
|
||||
const Blocklist::BlocklistStateMap& state_map);
|
||||
|
||||
private:
|
||||
raw_ptr<ExtensionPrefs> extension_prefs_ = nullptr;
|
||||
raw_ptr<ExtensionRegistry> registry_ = nullptr;
|
||||
raw_ptr<ExtensionService> extension_service_ = nullptr;
|
||||
};
|
||||
|
||||
} // namespace extensions
|
||||
|
||||
#endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_TELEMETRY_SERVICE_VERDICT_HANDLER_H_
|
||||
@ -0,0 +1,144 @@
|
||||
// Copyright 2023 The Chromium Authors
|
||||
// Use of this source code is governed by a BSD-style license that can be
|
||||
// found in the LICENSE file.
|
||||
|
||||
#include "chrome/browser/extensions/extension_telemetry_service_verdict_handler.h"
|
||||
|
||||
#include "chrome/browser/extensions/extension_service.h"
|
||||
#include "chrome/browser/extensions/extension_service_test_base.h"
|
||||
#include "chrome/browser/profiles/profile.h"
|
||||
#include "extensions/browser/blocklist_extension_prefs.h"
|
||||
#include "extensions/test/extension_state_tester.h"
|
||||
|
||||
namespace extensions {
|
||||
|
||||
namespace {
|
||||
|
||||
// Extension ids used during testing.
|
||||
constexpr char kTestExtensionId[] = "behllobkkfkfnphdnhnkndlbkcpglgmj";
|
||||
constexpr char kUninstalledExtensionId[] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
|
||||
|
||||
} // namespace
|
||||
|
||||
// Test suite to test Extension Telemetry service verdict handler.
|
||||
class ExtensionTelemetryServiceVerdictHandlerTest
|
||||
: public ExtensionServiceTestBase {
|
||||
public:
|
||||
ExtensionTelemetryServiceVerdictHandlerTest() {
|
||||
// Set to true so the acknowledged state is not automatically set by the
|
||||
// extension error controller on the first run.
|
||||
ExtensionPrefs::SetRunAlertsInFirstRunForTest();
|
||||
}
|
||||
};
|
||||
|
||||
TEST_F(ExtensionTelemetryServiceVerdictHandlerTest, HandlesMalwareExtension) {
|
||||
InitializeGoodInstalledExtensionService();
|
||||
service()->Init();
|
||||
|
||||
ExtensionStateTester state_tester(profile());
|
||||
EXPECT_TRUE(state_tester.ExpectEnabled(kTestExtensionId));
|
||||
|
||||
Blocklist::BlocklistStateMap state_map;
|
||||
state_map[kTestExtensionId] = BlocklistState::BLOCKLISTED_MALWARE;
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
|
||||
ExtensionPrefs* prefs = ExtensionPrefs::Get(profile());
|
||||
EXPECT_TRUE(state_tester.ExpectBlocklisted(kTestExtensionId));
|
||||
EXPECT_EQ(blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
kTestExtensionId, prefs),
|
||||
BitMapBlocklistState::BLOCKLISTED_MALWARE);
|
||||
}
|
||||
|
||||
TEST_F(ExtensionTelemetryServiceVerdictHandlerTest,
|
||||
ReenablesUnblocklistedExtension) {
|
||||
InitializeGoodInstalledExtensionService();
|
||||
service()->Init();
|
||||
|
||||
ExtensionStateTester state_tester(profile());
|
||||
EXPECT_TRUE(state_tester.ExpectEnabled(kTestExtensionId));
|
||||
|
||||
Blocklist::BlocklistStateMap state_map;
|
||||
state_map[kTestExtensionId] = BlocklistState::BLOCKLISTED_MALWARE;
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
|
||||
ExtensionPrefs* prefs = ExtensionPrefs::Get(profile());
|
||||
EXPECT_TRUE(state_tester.ExpectBlocklisted(kTestExtensionId));
|
||||
EXPECT_EQ(blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
kTestExtensionId, prefs),
|
||||
BitMapBlocklistState::BLOCKLISTED_MALWARE);
|
||||
// Acknowledged state is false since user hasn't acknowledged.
|
||||
EXPECT_FALSE(blocklist_prefs::HasAcknowledgedBlocklistState(
|
||||
kTestExtensionId, BitMapBlocklistState::BLOCKLISTED_MALWARE, prefs));
|
||||
|
||||
// User acknowledges.
|
||||
blocklist_prefs::AddAcknowledgedBlocklistState(
|
||||
kTestExtensionId, BitMapBlocklistState::BLOCKLISTED_MALWARE, prefs);
|
||||
EXPECT_TRUE(blocklist_prefs::HasAcknowledgedBlocklistState(
|
||||
kTestExtensionId, BitMapBlocklistState::BLOCKLISTED_MALWARE, prefs));
|
||||
|
||||
// Unblocklists kTestExtensionId.
|
||||
state_map[kTestExtensionId] = BlocklistState::NOT_BLOCKLISTED;
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
EXPECT_TRUE(state_tester.ExpectEnabled(kTestExtensionId));
|
||||
EXPECT_EQ(blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
kTestExtensionId, prefs),
|
||||
BitMapBlocklistState::NOT_BLOCKLISTED);
|
||||
// Acknowledged state is cleared since the extension is removed from the
|
||||
// blocklist.
|
||||
EXPECT_FALSE(blocklist_prefs::HasAcknowledgedBlocklistState(
|
||||
kTestExtensionId, BitMapBlocklistState::BLOCKLISTED_MALWARE, prefs));
|
||||
}
|
||||
|
||||
TEST_F(ExtensionTelemetryServiceVerdictHandlerTest,
|
||||
IgnoresUninstalledExtension) {
|
||||
InitializeGoodInstalledExtensionService();
|
||||
service()->Init();
|
||||
|
||||
Blocklist::BlocklistStateMap state_map;
|
||||
state_map[kUninstalledExtensionId] = BlocklistState::BLOCKLISTED_MALWARE;
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
|
||||
ExtensionPrefs* prefs = ExtensionPrefs::Get(profile());
|
||||
EXPECT_EQ(blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
kUninstalledExtensionId, prefs),
|
||||
BitMapBlocklistState::NOT_BLOCKLISTED);
|
||||
}
|
||||
|
||||
TEST_F(ExtensionTelemetryServiceVerdictHandlerTest,
|
||||
IgnoresUnknownBlocklistState) {
|
||||
InitializeGoodInstalledExtensionService();
|
||||
service()->Init();
|
||||
|
||||
ExtensionStateTester state_tester(profile());
|
||||
EXPECT_TRUE(state_tester.ExpectEnabled(kTestExtensionId));
|
||||
|
||||
Blocklist::BlocklistStateMap state_map;
|
||||
state_map[kTestExtensionId] = BlocklistState::BLOCKLISTED_UNKNOWN;
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
|
||||
ExtensionPrefs* prefs = ExtensionPrefs::Get(profile());
|
||||
EXPECT_TRUE(state_tester.ExpectEnabled(kTestExtensionId));
|
||||
EXPECT_EQ(blocklist_prefs::GetExtensionTelemetryServiceBlocklistState(
|
||||
kTestExtensionId, prefs),
|
||||
BitMapBlocklistState::NOT_BLOCKLISTED);
|
||||
}
|
||||
|
||||
TEST_F(ExtensionTelemetryServiceVerdictHandlerTest,
|
||||
ExtensionAlreadyUninstalled) {
|
||||
InitializeGoodInstalledExtensionService();
|
||||
service()->Init();
|
||||
|
||||
ExtensionStateTester state_tester(profile());
|
||||
EXPECT_TRUE(state_tester.ExpectEnabled(kTestExtensionId));
|
||||
|
||||
service()->UninstallExtension(kTestExtensionId, UNINSTALL_REASON_FOR_TESTING,
|
||||
nullptr);
|
||||
|
||||
Blocklist::BlocklistStateMap state_map;
|
||||
state_map[kTestExtensionId] = BlocklistState::BLOCKLISTED_MALWARE;
|
||||
// kTestExtensionId is already uninstalled. Performing action on it should
|
||||
// not crash. Regression test for https://crbug.com/1305490.
|
||||
service()->PerformActionBasedOnExtensionTelemetryServiceVerdicts(state_map);
|
||||
}
|
||||
|
||||
} // namespace extensions
|
||||
@ -8512,6 +8512,7 @@ test("unit_tests") {
|
||||
"../browser/extensions/extension_special_storage_policy_unittest.cc",
|
||||
"../browser/extensions/extension_sync_data_unittest.cc",
|
||||
"../browser/extensions/extension_tab_util_unittest.cc",
|
||||
"../browser/extensions/extension_telemetry_service_verdict_handler_unittest.cc",
|
||||
"../browser/extensions/extension_test_message_listener_unittest.cc",
|
||||
"../browser/extensions/extension_user_script_loader_unittest.cc",
|
||||
"../browser/extensions/extension_util_unittest.cc",
|
||||
|
||||
@ -22,6 +22,10 @@ constexpr const char kPrefAcknowledgedBlocklistState[] =
|
||||
// If extension is blocklisted or greylisted.
|
||||
constexpr const char kPrefBlocklistState[] = "blacklist_state";
|
||||
|
||||
// If extension is blocklisted by the Extension Telemetry service.
|
||||
constexpr const char kPrefExtensionTelemetryServiceBlocklistState[] =
|
||||
"extension_telemetry_service_blocklist_state";
|
||||
|
||||
// The default value to use for getting blocklist state from the pref.
|
||||
constexpr BitMapBlocklistState kDefaultBitMapBlocklistState =
|
||||
BitMapBlocklistState::NOT_BLOCKLISTED;
|
||||
@ -83,10 +87,14 @@ BitMapBlocklistState GetExtensionBlocklistState(
|
||||
ExtensionPrefs* extension_prefs) {
|
||||
BitMapBlocklistState sb_state =
|
||||
GetSafeBrowsingExtensionBlocklistState(extension_id, extension_prefs);
|
||||
BitMapBlocklistState extension_telemetry_service_state =
|
||||
GetExtensionTelemetryServiceBlocklistState(extension_id, extension_prefs);
|
||||
if (sb_state == BitMapBlocklistState::BLOCKLISTED_MALWARE ||
|
||||
HasOmahaBlocklistState(extension_id,
|
||||
BitMapBlocklistState::BLOCKLISTED_MALWARE,
|
||||
extension_prefs)) {
|
||||
extension_prefs) ||
|
||||
extension_telemetry_service_state ==
|
||||
BitMapBlocklistState::BLOCKLISTED_MALWARE) {
|
||||
return BitMapBlocklistState::BLOCKLISTED_MALWARE;
|
||||
}
|
||||
|
||||
@ -221,5 +229,37 @@ BitMapBlocklistState GetSafeBrowsingExtensionBlocklistState(
|
||||
return BitMapBlocklistState::NOT_BLOCKLISTED;
|
||||
}
|
||||
|
||||
void SetExtensionTelemetryServiceBlocklistState(
|
||||
const ExtensionId& extension_id,
|
||||
BitMapBlocklistState bitmap_blocklist_state,
|
||||
ExtensionPrefs* extension_prefs) {
|
||||
if (bitmap_blocklist_state == BitMapBlocklistState::NOT_BLOCKLISTED) {
|
||||
extension_prefs->UpdateExtensionPref(
|
||||
extension_id, kPrefExtensionTelemetryServiceBlocklistState,
|
||||
absl::nullopt);
|
||||
extension_prefs->DeleteExtensionPrefsIfPrefEmpty(extension_id);
|
||||
} else {
|
||||
extension_prefs->UpdateExtensionPref(
|
||||
extension_id, kPrefExtensionTelemetryServiceBlocklistState,
|
||||
base::Value(
|
||||
BitMapBlocklistStateToBlocklistState(bitmap_blocklist_state)));
|
||||
}
|
||||
}
|
||||
|
||||
BitMapBlocklistState GetExtensionTelemetryServiceBlocklistState(
|
||||
const ExtensionId& extension_id,
|
||||
ExtensionPrefs* extension_prefs) {
|
||||
int int_value = -1;
|
||||
if (extension_prefs->ReadPrefAsInteger(
|
||||
extension_id, kPrefExtensionTelemetryServiceBlocklistState,
|
||||
&int_value) &&
|
||||
int_value >= 0) {
|
||||
return BlocklistStateToBitMapBlocklistState(
|
||||
static_cast<BlocklistState>(int_value));
|
||||
}
|
||||
|
||||
return BitMapBlocklistState::NOT_BLOCKLISTED;
|
||||
}
|
||||
|
||||
} // namespace blocklist_prefs
|
||||
} // namespace extensions
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
#include <string>
|
||||
|
||||
#include "extensions/browser/blocklist_state.h"
|
||||
#include "extensions/common/extension_id.h"
|
||||
|
||||
namespace extensions {
|
||||
class ExtensionPrefs;
|
||||
@ -90,6 +91,19 @@ BitMapBlocklistState GetSafeBrowsingExtensionBlocklistState(
|
||||
const std::string& extension_id,
|
||||
ExtensionPrefs* extension_prefs);
|
||||
|
||||
// Sets the `bitmap_blocklist_state` to the Extension Telemetry service
|
||||
// blocklist state pref.
|
||||
void SetExtensionTelemetryServiceBlocklistState(
|
||||
const ExtensionId& extension_id,
|
||||
BitMapBlocklistState bitmap_blocklist_state,
|
||||
ExtensionPrefs* extension_prefs);
|
||||
|
||||
// Returns the current Extension Telemetry service blocklist state of the
|
||||
// `extension_id`.
|
||||
BitMapBlocklistState GetExtensionTelemetryServiceBlocklistState(
|
||||
const ExtensionId& extension_id,
|
||||
ExtensionPrefs* extension_prefs);
|
||||
|
||||
} // namespace blocklist_prefs
|
||||
} // namespace extensions
|
||||
|
||||
|
||||
Reference in New Issue
Block a user