Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Malware protection 6: Malware integration #3604

Merged
merged 82 commits into from
Dec 10, 2024
Merged

Conversation

mallexxx
Copy link
Collaborator

@mallexxx mallexxx commented Nov 27, 2024

Task/Issue URL: https://app.asana.com/0/481882893211075/1208033567421351/f
BSK PR: duckduckgo/BrowserServicesKit#1099

Description:

  • add .malware threat and special page types

Optional E2E tests:

  • Run PIR E2E tests
    Check this to run the Personal Information Removal end to end tests. If updating CCF, or any PIR related code, tick this.

Steps to test this PR:
0.1. Check out https://github.com/duckduckgo/content-scope-scripts/tree/pr-releases/pr-1268 and npm install; npm run build; add reference to the project
0.2. Check out https://github.com/duckduckgo/privacy-dashboard/tree/pr-releases/pr-250 and npm install; npm run build; add reference to the project

  • or use the Review build
  1. Validate http://privacy-test-pages.site/security/badware/malware.html detects malware
  2. Validate http://privacy-test-pages.site/security/badware/phishing.html detects phishing
  3. Validate Privacy Dashboard displaying status on overridden navigation
  4. Validate Help/Report links (not ready yet)

Definition of Done:


Internal references:

Pull Request Review Checklist
Software Engineering Expectations
Technical Design Template
Pull Request Documentation

mallexxx and others added 16 commits November 28, 2024 14:41
Task/Issue URL:
https://app.asana.com/0/481882893211075/1208033567421351/f
BSK PR: duckduckgo/BrowserServicesKit#1092

**Description**:
- Refactor APIClient to use Networking.APIRequestV2; implement generic
request/response (BSK)

**Optional E2E tests**:
- [ ] Run PIR E2E tests
Check this to run the Personal Information Removal end to end tests. If
updating CCF, or any PIR related code, tick this.

**Steps to test this PR**:
1. Validate Phishing Protection change sets and Match API calls work as
before

<!--
Tagging instructions
If this PR isn't ready to be merged for whatever reason it should be
marked with the `DO NOT MERGE` label (particularly if it's a draft)
If it's pending Product Review/PFR, please add the `Pending Product
Review` label.

If at any point it isn't actively being worked on/ready for
review/otherwise moving forward (besides the above PR/PFR exception)
strongly consider closing it (or not opening it in the first place). If
you decide not to close it, make sure it's labelled to make it clear the
PRs state and comment with more information.
-->

**Definition of Done**:

* [ ] Does this PR satisfy our [Definition of
Done](https://app.asana.com/0/1202500774821704/1207634633537039/f)?

---
###### Internal references:
[Pull Request Review
Checklist](https://app.asana.com/0/1202500774821704/1203764234894239/f)
[Software Engineering
Expectations](https://app.asana.com/0/59792373528535/199064865822552)
[Technical Design
Template](https://app.asana.com/0/59792373528535/184709971311943)
[Pull Request
Documentation](https://app.asana.com/0/1202500774821704/1204012835277482/f)
Task/Issue URL:
https://app.asana.com/0/1202406491309510/1208033567421351/f
Tech design: https://app.asana.com/0/481882893211075/1208736595187321/f
BSK PR: duckduckgo/BrowserServicesKit#1093

**Description**:
- Update BSK ref with Malicious Site Protection data store refactoring
- Update malicious site configuration file storage path to match the
Configuration storage

**Optional E2E tests**:
- [ ] Run PIR E2E tests
Check this to run the Personal Information Removal end to end tests. If
updating CCF, or any PIR related code, tick this.

**Steps to test this PR**:
1. Validate app config is loaded correctly (`ConfigurationStore.swift`)
2. Activate Feature Flag override for malicious site protections in
Debug -> Feature Flag overrides
3. Visit https://privacy-test-pages.site/security/badware/phishing.html,
validate phishing detection works without changes
4. Validate tests pass
5. Validate update manager updates the phishing data
6. validate `./scripts/update_phishing_detection_data.sh` updates
malicious site data



<!--
Tagging instructions
If this PR isn't ready to be merged for whatever reason it should be
marked with the `DO NOT MERGE` label (particularly if it's a draft)
If it's pending Product Review/PFR, please add the `Pending Product
Review` label.

If at any point it isn't actively being worked on/ready for
review/otherwise moving forward (besides the above PR/PFR exception)
strongly consider closing it (or not opening it in the first place). If
you decide not to close it, make sure it's labelled to make it clear the
PRs state and comment with more information.
-->

**Definition of Done**:

* [ ] Does this PR satisfy our [Definition of
Done](https://app.asana.com/0/1202500774821704/1207634633537039/f)?

---
###### Internal references:
[Pull Request Review
Checklist](https://app.asana.com/0/1202500774821704/1203764234894239/f)
[Software Engineering
Expectations](https://app.asana.com/0/59792373528535/199064865822552)
[Technical Design
Template](https://app.asana.com/0/59792373528535/184709971311943)
[Pull Request
Documentation](https://app.asana.com/0/1202500774821704/1204012835277482/f)

---------

Co-authored-by: Anh Do <[email protected]>
Co-authored-by: Dominik Kapusta <[email protected]>
Co-authored-by: Alessandro Boron <[email protected]>
Co-authored-by: Michal Smaga <[email protected]>
Co-authored-by: Anka <[email protected]>
Co-authored-by: Sabrina Tardio <[email protected]>
Co-authored-by: kshann <[email protected]>
Co-authored-by: Anka <[email protected]>
Co-authored-by: Anka <[email protected]>
Co-authored-by: Dax Mobile <[email protected]>
Co-authored-by: Anka <[email protected]>
Co-authored-by: Sam Symons <[email protected]>
Co-authored-by: Shilpa Modi <[email protected]>
Co-authored-by: Anka <[email protected]>
Co-authored-by: Maxim Tsoy <[email protected]>
Co-authored-by: Fernando Bunn <[email protected]>
Co-authored-by: Diego Rey Mendez <[email protected]>
Co-authored-by: Anka <[email protected]>
…formative logging. update malicious site data
Copy link
Collaborator

@SabrinaTardio SabrinaTardio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a couple of comments and questions!

@@ -35845,6 +35845,18 @@
}
}
},
"malware.error.page.tab.title" : {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need translations

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, as soon as we get our copy approved

@@ -46,11 +46,12 @@ extension MaliciousSiteProtectionManager {
struct EmbeddedDataProvider: MaliciousSiteProtection.EmbeddedDataProviding {

private enum Constants {
static let embeddedDataRevision = 1694418
static let phishingEmbeddedHashPrefixDataSHA = "d9eccd24d05ce16d4ab877574df728f69be6c7840aea00e1be11aeafffb0b1dc"
// TODO: Rollback the revision and filter (with -f) set when malware is available on the server
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we remove it?

Copy link
Collaborator Author

@mallexxx mallexxx Dec 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, this is to be removed before merging. for now it‘s there to test malware.html handling using local filters as remote doesn‘t catch it

@@ -269,9 +270,18 @@ struct PinnedTabInnerView: View {
}
}

private var faviconImage: NSImage? {
if let error = model.error, (error as NSError as? URLError)?.code == .serverCertificateUntrusted || (error as NSError as? MaliciousSiteError != nil) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure if we wanted this for the SSL. Can we double check with product?

webView?.close()
return
Task { @MainActor in
await self.webView?.openNewTabFromErrorPage()
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don’t think SSL navigation was causing problems…
do we want to generalise this behaviour for all?

@@ -195,7 +200,8 @@ final class ErrorPageTabExtensionTest: XCTestCase {
errorPageExtention.leaveSiteAction()

// THEN
XCTAssertTrue(mockWebView.goBackCalled)
XCTAssertTrue(closeTabCalled)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These tests are Failing… also probably we should update the titles

Copy link
Collaborator

@SabrinaTardio SabrinaTardio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assuming that we want to have the same behaviour for SSL this looks good to me

mallexxx added a commit to duckduckgo/BrowserServicesKit that referenced this pull request Dec 10, 2024
@mallexxx mallexxx merged commit 708655c into main Dec 10, 2024
20 checks passed
@mallexxx mallexxx deleted the alex/malware-protection-6 branch December 10, 2024 15:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants