chrome/browser/download/download_target_determiner.cc - Issue 2090013006: [Downloads] Correctly test page transition when calculating danger level.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/download/download_target_determiner.cc

Issue 2090013006: [Downloads] Correctly test page transition when calculating danger level. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Merge with ToT Created 4 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/download/download_target_determiner.cc

diff --git a/chrome/browser/download/download_target_determiner.cc b/chrome/browser/download/download_target_determiner.cc

index 0c13dcd669467f724a7075fea077b136bc8f5f1e..12c75b00e971e50af33bc1282f8030d50465746a 100644

--- a/chrome/browser/download/download_target_determiner.cc

+++ b/chrome/browser/download/download_target_determiner.cc

@@ -884,17 +884,22 @@ DownloadFileType::DangerLevel DownloadTargetDeterminer::GetDangerLevel(

safe_browsing::FileTypePolicies::GetInstance()->GetFileDangerLevel(

virtual_path_.BaseName());

- // If the danger level is ALLOW_ON_USER_GESTURE and we have a user gesture AND

- // there was a recorded visit to the referrer prior to today, then we are

- // going to downgrade the danger_level to NOT_DANGEROUS. This prevents

- // spurious prompting for moderately dangerous files that are downloaded from

- // familiar sites.

- // TODO(asanka): Check PAGE_TRANSITION_FROM_ADDRESS_BAR bit instead of

- // comparing all bits with PageTransitionTypeIncludingQualifiersIs().

+ // A danger level of ALLOW_ON_USER_GESTURE is used to label potentially

+ // dangerous file types that have a high frequency of legitimate use. We would

+ // like to avoid prompting for the legitimate cases as much as possible. To

+ // that end, we consider a download to be legitimate if one of the following

+ // is true, and avoid prompting:

+ //

+ // * The user navigated to the download URL via the omnibox (either by typing

+ // the URL, pasting it, or using search).

+ //

+ // * The navigation that initiated the download has a user gesture associated

+ // with it AND the user the user is familiar with the referring origin. A

+ // user is considered familiar with a referring origin if a visit for a page

+ // from the same origin was recorded on the previous day or earlier.

if (danger_level == DownloadFileType::ALLOW_ON_USER_GESTURE &&

- (ui::PageTransitionTypeIncludingQualifiersIs(

- download_->GetTransitionType(),

- ui::PAGE_TRANSITION_FROM_ADDRESS_BAR) ||

+ ((download_->GetTransitionType() &

+ ui::PAGE_TRANSITION_FROM_ADDRESS_BAR) != 0 ||

(download_->HasUserGesture() && visits == VISITED_REFERRER)))

return DownloadFileType::NOT_DANGEROUS;

return danger_level;

« no previous file with comments | « no previous file | chrome/browser/download/download_target_determiner_unittest.cc » ('j') | no next file with comments »