Warn users about potentially unwanted downloads.

chrome/common/extensions/api/downloads.idl

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Use the <code>chrome.downloads</code> API to programmatically initiate,
 // monitor, manipulate, and search for downloads.
 [permissions=downloads]
 namespace downloads {
   [inline_doc] dictionary HeaderNameValuePair {
     // Name of the HTTP header.
@@ skipping 58 matching lines @@
   //     <dt>url</dt>
   //     <dd>The download's URL is known to be malicious.</dd>
   //     <dt>content</dt>
   //     <dd>The downloaded file is known to be malicious.</dd>
   //     <dt>uncommon</dt>
   //     <dd>The download's URL is not commonly downloaded and could be
   //     dangerous.</dd>
   //     <dt>host</dt>
   //     <dd>The download came from a host known to distribute malicious
   //     binaries and is likely dangerous.</dd>
+  //     <dt>unwanted</dt>

[benjhayden, 2013/07/22 20:16:19]

"unwanted" is very vague.
How about "modifiesSettings"?

[asanka, 2013/07/23 15:10:36]

This is intentionally vague. Chrome gets this signal from the SafeBrowsing
service. The service currently generates this signal based on whether a binary
changes browser or system settings. This is likely to change in the future.

In general, I'm not sure whether the danger type constants should be part of the
(imminently stabilizing) extensions API. The danger types have changed in the
past and will probably change in number and meaning in the future. I don't think
each such change should require a change to a stable extensions API.

I can change this to potentiallyUnwanted so that it's clear that this is a fuzzy
signal. Or we could fold this into 'file'. I'll upload a new patchset once we
figure out what to do here.

+  //     <dd>The download could make changes to browser or system settings.</dd>
   //     <dt>safe</dt>
   //     <dd>The download presents no known danger to the user's computer.</dd>
   //     <dt>accepted</dt>
   //     <dd>The user has accepted the dangerous download.</dd>
   // </dl>
-  enum DangerType {file, url, content, uncommon, host, safe, accepted};
+  enum DangerType {file, url, content, uncommon, host, unwanted, safe, accepted};
 
   // <dl><dt>in_progress</dt>
   //     <dd>The download is currently receiving data from the server.</dd>
   //     <dt>interrupted</dt>
   //     <dd>An error broke the connection with the file host.</dd>
   //     <dt>complete</dt>
   //     <dd>The download completed successfully.</dd>
   // </dl>
   enum State {in_progress, interrupted, complete};
 
@@ skipping 375 matching lines @@
     // <code>suggestion</code> object to <code>suggest</code> wins. In order to
     // avoid confusion regarding which extension will win, users should not
     // install extensions that may conflict. If the download is initiated by
     // $ref:download and the target filename is known before the MIME type and
     // tentative filename have been determined, pass <code>filename</code> to
     // $ref:download instead.
     [maxListeners=1] static void onDeterminingFilename(
         DownloadItem downloadItem, SuggestFilenameCallback suggest);
   };
 };