// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// Security Events used for recording security related events.
// If you change or add any fields in this file, update proto_visitors.h and
// potentially proto_enum_conversions.{h, cc}.
syntax = "proto2";
option java_multiple_files = true;
option java_package = "org.chromium.components.sync.protocol";
option optimize_for = LITE_RUNTIME;
package sync_pb;
// User reused their GAIA password on another website.
message GaiaPasswordReuse {
// Logged when we detect a password re-use event on a non-GAIA site.
// If the user hasn’t enabled SafeBrowsing, this will be the last event.
message PasswordReuseDetected {
message SafeBrowsingStatus {
// Is SafeBrowsing enabled?
optional bool enabled = 1;
// If SafeBrowsing is enabled, is the user opted-in to extended
// reporting or Scout?
enum ReportingPopulation {
REPORTING_POPULATION_UNSPECIFIED = 0;
NONE = 1;
EXTENDED_REPORTING = 2;
SCOUT = 3;
ENHANCED_PROTECTION = 4;
}
optional ReportingPopulation safe_browsing_reporting_population = 2;
}
optional SafeBrowsingStatus status = 1;
}
optional PasswordReuseDetected reuse_detected = 1;
message PasswordReuseLookup {
enum LookupResult {
UNSPECIFIED = 0;
// URL did match the password reuse allowlist.
// No further action required related to this re-use event.
ALLOWLIST_HIT = 1;
// The URL exists in the client’s cache.
// No further action required related to this re-use event.
// This event also logs the ReputationVerdict.
CACHE_HIT = 2;
// A valid response received from the SafeBrowsing service.
// This event also logs the ReputationVerdict.
REQUEST_SUCCESS = 3;
// Unable to get a valid response from the SafeBrowsing service.
REQUEST_FAILURE = 4;
// We won't be able to compute reputation for the URL e.g. local IP
// address, localhost, not-yet-assigned by ICANN gTLD, etc.
URL_UNSUPPORTED = 5;
// URL did match enterprise allowlist.
// No further action required related to this re-use event.
ENTERPRISE_ALLOWLIST_HIT = 6;
// Password reuse lookup is turned off by enterprise policy.
// No further action required related to this re-use event.
TURNED_OFF_BY_POLICY = 7;
}
optional LookupResult lookup_result = 1;
// The following two are only present for CACHE_HIT and REQUEST_SUCCESS.
// The verdict received from the Reputation service. This is set only
// if the user has SafeBrowsing enabled and we fetch the verdict from the
// cache or by sending a verdict request.
enum ReputationVerdict {
VERDICT_UNSPECIFIED = 0;
SAFE = 1;
LOW_REPUTATION = 2;
PHISHING = 3;
}
optional ReputationVerdict verdict = 2;
// PhishGuard token that identifies the verdict on the server.
optional bytes verdict_token = 3;
}
// Logged when we try to detect whether the password was reused on a
// Phishing or a Low-reputation site.
optional PasswordReuseLookup reuse_lookup = 2;
// Logged when the user interacts with the warning UI shown to encourage
// password change if the site is Phishing or Low-reputation.
message PasswordReuseDialogInteraction {
enum InteractionResult {
UNSPECIFIED = 0;
// The user took the action suggested by the warning prompt.
WARNING_ACTION_TAKEN = 1;
// The user clicked ignore in the warning prompt.
WARNING_ACTION_IGNORED = 2;
// The warning UI was ignored, i.e. not interacted with by the user.
// This could happen if the user navigates away from the page.
WARNING_UI_IGNORED = 3;
// The user clicked "Change Password" on chrome://settings page.
WARNING_ACTION_TAKEN_ON_SETTINGS = 4;
}
optional InteractionResult interaction_result = 1;
}
optional PasswordReuseDialogInteraction dialog_interaction = 3;
}
Codebase Browser
chromium