#include "chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.h"
#include <optional>
#include <utility>
#include <vector>
#include "base/files/file_path.h"
#include "base/functional/bind.h"
#include "base/functional/callback_helpers.h"
#include "base/json/values_util.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/utf_string_conversions.h"
#include "base/time/time.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/chrome_content_browser_client.h"
#include "chrome/browser/enterprise/connectors/common.h"
#include "chrome/browser/enterprise/connectors/connectors_service.h"
#include "chrome/browser/enterprise/connectors/reporting/realtime_reporting_client_factory.h"
#include "chrome/browser/policy/chrome_browser_policy_connector.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/profiles/profile_attributes_entry.h"
#include "chrome/browser/profiles/profile_attributes_storage.h"
#include "chrome/browser/profiles/reporting_util.h"
#include "chrome/browser/safe_browsing/cloud_content_scanning/deep_scanning_utils.h"
#include "chrome/browser/safe_browsing/safe_browsing_service.h"
#include "chrome/browser/signin/identity_manager_factory.h"
#include "chrome/common/extensions/api/safe_browsing_private.h"
#include "components/enterprise/connectors/core/reporting_constants.h"
#include "components/enterprise/connectors/core/reporting_service_settings.h"
#include "components/policy/core/common/cloud/cloud_policy_client.h"
#include "components/policy/core/common/cloud/cloud_policy_util.h"
#include "components/policy/core/common/cloud/device_management_service.h"
#include "components/policy/core/common/cloud/machine_level_user_cloud_policy_manager.h"
#include "components/policy/core/common/cloud/realtime_reporting_job_configuration.h"
#include "components/policy/core/common/cloud/user_cloud_policy_manager.h"
#include "components/prefs/pref_service.h"
#include "components/safe_browsing/content/browser/web_ui/safe_browsing_ui.h"
#include "components/safe_browsing/core/common/safe_browsing_prefs.h"
#include "components/signin/public/identity_manager/identity_manager.h"
#include "components/url_matcher/url_matcher.h"
#include "components/url_matcher/url_util.h"
#include "content/public/browser/browser_context.h"
#include "extensions/browser/event_router.h"
#include "services/network/public/cpp/shared_url_loader_factory.h"
#include "url/gurl.h"
#if BUILDFLAG(IS_CHROMEOS_ASH)
#include "chrome/browser/ash/policy/core/user_cloud_policy_manager_ash.h"
#include "chrome/browser/ash/profiles/profile_helper.h"
#include "chrome/browser/browser_process_platform_part_ash.h"
#include "components/user_manager/user.h"
#include "components/user_manager/user_manager.h"
#else
#include "components/enterprise/browser/controller/browser_dm_token_storage.h"
#include "components/enterprise/browser/controller/chrome_browser_cloud_management_controller.h"
#endif
#if BUILDFLAG(ENTERPRISE_DATA_CONTROLS)
#include "base/containers/contains.h"
#endif
namespace extensions {
namespace {
const char16_t kMaskedUsername[] = …;
safe_browsing::EventResult GetEventResultFromThreatType(
std::string threat_type) { … }
void AddAnalysisConnectorVerdictToEvent(
const enterprise_connectors::ContentAnalysisResponse::Result& result,
base::Value::Dict& event) { … }
std::string ActionFromVerdictType(
safe_browsing::RTLookupResponse::ThreatInfo::VerdictType verdict_type) { … }
void AddTriggeredRuleInfoToUrlFilteringInterstitialEvent(
const safe_browsing::RTLookupResponse& response,
base::Value::Dict& event) { … }
std::string MalwareRuleToThreatType(const std::string& rule_name) { … }
std::string DangerTypeToThreatType(download::DownloadDangerType danger_type) { … }
std::u16string MaskUsername(const std::u16string& username) { … }
std::unique_ptr<url_matcher::URLMatcher> CreateURLMatcherForOptInEvent(
const enterprise_connectors::ReportingSettings& settings,
const char* event_type) { … }
bool IsOptInEventEnabled(url_matcher::URLMatcher* matcher, const GURL& url) { … }
}
const char SafeBrowsingPrivateEventRouter::kKeyUrl[] = …;
const char SafeBrowsingPrivateEventRouter::kKeySource[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyDestination[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyUserName[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyIsPhishingUrl[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyProfileUserName[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyFileName[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyDownloadDigestSha256[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyReason[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyNetErrorCode[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyClickedThrough[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyTriggeredRuleName[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyTriggeredRuleId[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyTriggeredRuleInfo[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyThreatType[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyContentType[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyContentSize[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyTrigger[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyEventResult[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyScanId[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyIsFederated[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyFederatedOrigin[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyLoginUserName[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyPasswordBreachIdentities[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyPasswordBreachIdentitiesUrl[] = …;
const char
SafeBrowsingPrivateEventRouter::kKeyPasswordBreachIdentitiesUsername[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyUserJustification[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyUrlCategory[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyAction[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyUnscannedReason[] = …;
const char SafeBrowsingPrivateEventRouter::kKeyTabUrl[] = …;
const char SafeBrowsingPrivateEventRouter::kTriggerFileDownload[] = …;
const char SafeBrowsingPrivateEventRouter::kTriggerFileUpload[] = …;
const char SafeBrowsingPrivateEventRouter::kTriggerWebContentUpload[] = …;
const char SafeBrowsingPrivateEventRouter::kTriggerPagePrint[] = …;
const char SafeBrowsingPrivateEventRouter::kTriggerFileTransfer[] = …;
const char SafeBrowsingPrivateEventRouter::kTriggerClipboardCopy[] = …;
SafeBrowsingPrivateEventRouter::SafeBrowsingPrivateEventRouter(
content::BrowserContext* context)
: … { … }
SafeBrowsingPrivateEventRouter::~SafeBrowsingPrivateEventRouter() = default;
std::string SafeBrowsingPrivateEventRouter::GetFileName(
const std::string& filename,
const bool include_full_path) { … }
void SafeBrowsingPrivateEventRouter::OnPolicySpecifiedPasswordReuseDetected(
const GURL& url,
const std::string& user_name,
bool is_phishing_url,
bool warning_shown) { … }
void SafeBrowsingPrivateEventRouter::OnPolicySpecifiedPasswordChanged(
const std::string& user_name) { … }
void SafeBrowsingPrivateEventRouter::OnDangerousDownloadOpened(
const GURL& url,
const GURL& tab_url,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& mime_type,
const std::string& scan_id,
const download::DownloadDangerType danger_type,
const int64_t content_size) { … }
void SafeBrowsingPrivateEventRouter::OnSecurityInterstitialShown(
const GURL& url,
const std::string& reason,
int net_error_code) { … }
void SafeBrowsingPrivateEventRouter::OnSecurityInterstitialProceeded(
const GURL& url,
const std::string& reason,
int net_error_code) { … }
void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorResult(
const GURL& url,
const GURL& tab_url,
const std::string& source,
const std::string& destination,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& mime_type,
const std::string& trigger,
const std::string& scan_id,
const std::string& content_transfer_method,
safe_browsing::DeepScanAccessPoint access_point,
const enterprise_connectors::ContentAnalysisResponse::Result& result,
const int64_t content_size,
safe_browsing::EventResult event_result) { … }
void SafeBrowsingPrivateEventRouter::OnDangerousDeepScanningResult(
const GURL& url,
const GURL& tab_url,
const std::string& source,
const std::string& destination,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& threat_type,
const std::string& mime_type,
const std::string& trigger,
const int64_t content_size,
safe_browsing::EventResult event_result,
const std::string& scan_id,
const std::string& content_transfer_method) { … }
void SafeBrowsingPrivateEventRouter::OnSensitiveDataEvent(
const GURL& url,
const GURL& tab_url,
const std::string& source,
const std::string& destination,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& mime_type,
const std::string& trigger,
const std::string& scan_id,
const std::string& content_transfer_method,
const enterprise_connectors::ContentAnalysisResponse::Result& result,
const int64_t content_size,
safe_browsing::EventResult event_result) { … }
void SafeBrowsingPrivateEventRouter::OnAnalysisConnectorWarningBypassed(
const GURL& url,
const GURL& tab_url,
const std::string& source,
const std::string& destination,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& mime_type,
const std::string& trigger,
const std::string& scan_id,
const std::string& content_transfer_method,
safe_browsing::DeepScanAccessPoint access_point,
const enterprise_connectors::ContentAnalysisResponse::Result& result,
const int64_t content_size,
std::optional<std::u16string> user_justification) { … }
void SafeBrowsingPrivateEventRouter::OnUnscannedFileEvent(
const GURL& url,
const GURL& tab_url,
const std::string& source,
const std::string& destination,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& mime_type,
const std::string& trigger,
safe_browsing::DeepScanAccessPoint access_point,
const std::string& reason,
const std::string& content_transfer_method,
const int64_t content_size,
safe_browsing::EventResult event_result) { … }
void SafeBrowsingPrivateEventRouter::OnDangerousDownloadEvent(
const GURL& url,
const GURL& tab_url,
const std::string& file_name,
const std::string& download_digest_sha256,
const download::DownloadDangerType danger_type,
const std::string& mime_type,
const std::string& scan_id,
const int64_t content_size,
safe_browsing::EventResult event_result) { … }
void SafeBrowsingPrivateEventRouter::OnDangerousDownloadEvent(
const GURL& url,
const GURL& tab_url,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& threat_type,
const std::string& mime_type,
const std::string& scan_id,
const int64_t content_size,
safe_browsing::EventResult event_result) { … }
void SafeBrowsingPrivateEventRouter::OnDangerousDownloadWarningBypassed(
const GURL& url,
const GURL& tab_url,
const std::string& file_name,
const std::string& download_digest_sha256,
const download::DownloadDangerType danger_type,
const std::string& mime_type,
const std::string& scan_id,
const int64_t content_size) { … }
void SafeBrowsingPrivateEventRouter::OnDangerousDownloadWarningBypassed(
const GURL& url,
const GURL& tab_url,
const std::string& file_name,
const std::string& download_digest_sha256,
const std::string& threat_type,
const std::string& mime_type,
const std::string& scan_id,
const int64_t content_size) { … }
void SafeBrowsingPrivateEventRouter::OnLoginEvent(
const GURL& url,
bool is_federated,
const url::SchemeHostPort& federated_origin,
const std::u16string& username) { … }
void SafeBrowsingPrivateEventRouter::OnPasswordBreach(
const std::string& trigger,
const std::vector<std::pair<GURL, std::u16string>>& identities) { … }
void SafeBrowsingPrivateEventRouter::OnUrlFilteringInterstitial(
const GURL& url,
const std::string& threat_type,
const safe_browsing::RTLookupResponse& response) { … }
#if BUILDFLAG(ENTERPRISE_DATA_CONTROLS)
void SafeBrowsingPrivateEventRouter::OnDataControlsSensitiveDataEvent(
const GURL& url,
const GURL& tab_url,
const std::string& source,
const std::string& destination,
const std::string& mime_type,
const std::string& trigger,
const data_controls::Verdict::TriggeredRules& triggered_rules,
safe_browsing::EventResult event_result,
int64_t content_size) { … }
#endif
}