Submit a sample of notification images to Safe Browsing

chrome/common/safe_browsing/csd.proto

Index: chrome/common/safe_browsing/csd.proto
diff --git a/chrome/common/safe_browsing/csd.proto b/chrome/common/safe_browsing/csd.proto
index c98152aae1a51efa35eeddf5e3f7a75f5d311e0b..8b0183008ff31ed47f80654e2c0b9a7133ded32f 100644
--- a/chrome/common/safe_browsing/csd.proto
+++ b/chrome/common/safe_browsing/csd.proto
@@ -835,3 +835,29 @@ message ClientSafeBrowsingReportRequest {
   // DANGEROUS_DOWNLOAD_BY_API.
   optional bytes token = 15;
 }
+
+// Canonical representation of raster image data.
+message ImageData {
+  // Image bitmap encoded as PNG, after downscaling to <= 512x512.
+  optional bytes png_data = 1;
+
+  message Dimensions {
+    optional int32 width = 1;
+    optional int32 height = 2;
+  }
+
+  optional Dimensions dimensions = 2;
+  optional Dimensions original_dimensions = 3;  // iff downscaled
+}
+
+// Reporting protobuf for an image served as part of a browser notification.
+message NotificationImageReportRequest {
+  optional string notification_origin = 1;  // Src-origin of the notification.
+  optional ImageData image = 2;             // The bitmap of the image.
+
+  // Note that the image URL is deliberately omitted as it would be untrusted,
+  // since the notification image fetch may be intercepted by a Service Worker
+  // (even if the image URL is cross-origin). Otherwise a website could mislead
+  // Safe Browsing into associating phishing image bitmaps with safe image URLs.
+}
+// Response: None (empty body).

[Peter Beverloo, 2017/01/11 18:23:56]

Stray line?

[johnme, 2017/01/11 20:05:07]

Done (moved to comment above NotificationImageReportRequest)