Malware protection 1: rename PhishingDetection to MaliciousSiteProtection #1091
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 task
not-a-rootkit
approved these changes
Nov 22, 2024
| @@ -58,8 +58,7 @@ public class PhishingDetectionDataProvider: PhishingDetectionDataProviding { | |||
| let filterSetData = try loadData(from: embeddedFilterSetURL, expectedSHA: embeddedFilterSetDataSHA) | |||
| return try JSONDecoder().decode(Set<Filter>.self, from: filterSetData) | |||
| } catch { | |||
| Logger.phishingDetectionDataProvider.error("🔴 Error: SHA mismatch for filterSet JSON file. Expected \(self.embeddedFilterSetDataSHA)") | |||
| return [] | |||
| fatalError("🔴 Error: SHA mismatch for filterSet JSON file. Expected \(self.embeddedFilterSetDataSHA)") | |||
There was a problem hiding this comment.
I know we do this for privacy configs, but I'm not a fan of crashing the app in this instance. However, ideally this would never make it past internal testing so I'm okay with it.
There was a problem hiding this comment.
Reaching the catch block means the app bundle corruption (same is valid for a missing Storyboard), and considering the Let it crash discussion this makes impossible to run the app further and we must crash here.
Plus, it happens early in the app lifetime during smoke testing that makes it easily noticeable and not affecting the production built.
| public init() { | ||
| let dataStoreDirectory: URL | ||
| do { | ||
| dataStoreDirectory = try FileManager.default.url(for: .applicationSupportDirectory, in: .userDomainMask, appropriateFor: nil, create: true) |
There was a problem hiding this comment.
Again, doesn't affect this PR but just making notes for myself: in the next PR we should try to align with @alessandroboron's TD for storage locations: https://app.asana.com/0/481882893211075/1207273224076495/f
There was a problem hiding this comment.
this part is not modified from the original implementation: to be update in later PRs to match the config files storage location
mallexxx
changed the title
<!-- Note: This checklist is a reminder of our shared engineering expectations. --> Please review the release process for BrowserServicesKit [here](https://app.asana.com/0/1200194497630846/1200837094583426). **Required**: Task/Issue URL: https://app.asana.com/0/481882893211075/1208033567421351/f iOS PR: macOS PR: What kind of version bump will this require?: Major **Optional**: Tech Design URL: CC: **Description**: - Refactor `APIClient` to use `Networking.APIRequestV2`; implement generic request/response - Fix query argument percent-encoding issue in APIRequestV2 <!-- Tagging instructions If this PR isn't ready to be merged for whatever reason it should be marked with the `DO NOT MERGE` label (particularly if it's a draft) If it's pending Product Review/PFR, please add the `Pending Product Review` label. If at any point it isn't actively being worked on/ready for review/otherwise moving forward (besides the above PR/PFR exception) strongly consider closing it (or not opening it in the first place). If you decide not to close it, make sure it's labelled to make it clear the PRs state and comment with more information. --> **Steps to test this PR**: 1. Validate Phishing Protection change sets and Match API calls work as before <!-- Before submitting a PR, please ensure you have tested the combinations you expect the reviewer to test, then delete configurations you *know* do not need explicit testing. Using a simulator where a physical device is unavailable is acceptable. --> **OS Testing**: * [ ] iOS 14 * [ ] iOS 15 * [ ] iOS 16 * [ ] macOS 10.15 * [ ] macOS 11 * [ ] macOS 12 --- ###### Internal references: [Software Engineering Expectations](https://app.asana.com/0/59792373528535/199064865822552) [Technical Design Template](https://app.asana.com/0/59792373528535/184709971311943)
<!-- Note: This checklist is a reminder of our shared engineering expectations. --> Please review the release process for BrowserServicesKit [here](https://app.asana.com/0/1200194497630846/1200837094583426). **Required**: Task/Issue URL: https://app.asana.com/0/1202406491309510/1208033567421351/f Tech design: https://app.asana.com/0/481882893211075/1208736595187321/f iOS PR: macOS PR: duckduckgo/macos-browser#3598 What kind of version bump will this require?: Major **Description**: - Refactored Malicious Site `DataManager` to `actor` for thread safe data storage with generic accessors and related file storage/update manager - Added dedicated FilterDictionary/HashPrefixSet structures storing revision inside the structs and for faster data access <!-- Tagging instructions If this PR isn't ready to be merged for whatever reason it should be marked with the `DO NOT MERGE` label (particularly if it's a draft) If it's pending Product Review/PFR, please add the `Pending Product Review` label. If at any point it isn't actively being worked on/ready for review/otherwise moving forward (besides the above PR/PFR exception) strongly consider closing it (or not opening it in the first place). If you decide not to close it, make sure it's labelled to make it clear the PRs state and comment with more information. --> **Steps to test this PR**: 1. Activate Feature Flag override for malicious site protections in Debug -> Feature Flag overrides 2. Visit https://privacy-test-pages.site/security/badware/phishing.html, validate phishing detection works without changes 3. Validate tests pass and the update manager works as before 1. <!-- Before submitting a PR, please ensure you have tested the combinations you expect the reviewer to test, then delete configurations you *know* do not need explicit testing. Using a simulator where a physical device is unavailable is acceptable. --> **OS Testing**: * [ ] iOS 14 * [ ] iOS 15 * [ ] iOS 16 * [ ] macOS 10.15 * [ ] macOS 11 * [ ] macOS 12 --- ###### Internal references: [Software Engineering Expectations](https://app.asana.com/0/59792373528535/199064865822552) [Technical Design Template](https://app.asana.com/0/59792373528535/184709971311943)
<!-- Note: This checklist is a reminder of our shared engineering expectations. --> Please review the release process for BrowserServicesKit [here](https://app.asana.com/0/1200194497630846/1200837094583426). **Required**: Task/Issue URL: https://app.asana.com/0/481882893211075/1208033567421351/f iOS PR: duckduckgo/iOS#3642 macOS PR: duckduckgo/macos-browser#3603 What kind of version bump will this require?: Major **Description**: - Some final adjustments for Malware protection integration and Privacy Dashboard protocol change: refactor `SSLErrorType`, `SpecialErrorData` <!-- Tagging instructions If this PR isn't ready to be merged for whatever reason it should be marked with the `DO NOT MERGE` label (particularly if it's a draft) If it's pending Product Review/PFR, please add the `Pending Product Review` label. If at any point it isn't actively being worked on/ready for review/otherwise moving forward (besides the above PR/PFR exception) strongly consider closing it (or not opening it in the first place). If you decide not to close it, make sure it's labelled to make it clear the PRs state and comment with more information. --> **Steps to test this PR**: 1. Validate SSL cert error page and bypassing works (https://badssl.com/) 2. Validate Phishing detection works (http://privacy-test-pages.site/security/badware/phishing.html) – enable Feature Flag in Debug -> Feature flags for it to work <!-- Before submitting a PR, please ensure you have tested the combinations you expect the reviewer to test, then delete configurations you *know* do not need explicit testing. Using a simulator where a physical device is unavailable is acceptable. --> **OS Testing**: * [ ] iOS 14 * [ ] iOS 15 * [ ] iOS 16 * [ ] macOS 10.15 * [ ] macOS 11 * [ ] macOS 12 --- ###### Internal references: [Software Engineering Expectations](https://app.asana.com/0/59792373528535/199064865822552) [Technical Design Template](https://app.asana.com/0/59792373528535/184709971311943)
14 tasks
mallexxx
added a commit
to duckduckgo/iOS
that referenced
this pull request
Dec 3, 2024
Task/Issue URL: https://app.asana.com/0/481882893211075/1208033567421351/f BSK PR: duckduckgo/BrowserServicesKit#1091 **Description**: - BSK bump for macOS phishing detection -> Malicious site protection rename
mallexxx
added a commit
to duckduckgo/macos-browser
that referenced
this pull request
Dec 3, 2024
kshann
pushed a commit
to duckduckgo/macos-browser
that referenced
this pull request
Dec 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Please review the release process for BrowserServicesKit here.
Required:
Task/Issue URL: https://app.asana.com/0/1202406491309510/1208033567421351/f
iOS PR: duckduckgo/iOS#3642
macOS PR: duckduckgo/macos-browser#3588
What kind of version bump will this require?: Major
Description:
PhishingDetectiontoMaliciousSiteProtectionSteps to test this PR: