| Index: chrome/common/safe_browsing/csd.proto
|
| diff --git a/chrome/common/safe_browsing/csd.proto b/chrome/common/safe_browsing/csd.proto
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..92b07a2245d7e5138d7770883d898078918b8f64
|
| --- /dev/null
|
| +++ b/chrome/common/safe_browsing/csd.proto
|
| @@ -0,0 +1,1019 @@
|
| +// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +//
|
| +// This proto file includes:
|
| +// (1) Client side phishing and malware detection request and response
|
| +// protocol buffers. Those protocol messages should be kept in sync
|
| +// with the server implementation.
|
| +//
|
| +// (2) Safe Browsing reporting protocol buffers.
|
| +// A ClientSafeBrowsingReportRequest is sent when a user opts-in to
|
| +// sending detailed threat reports from the safe browsing interstitial page.
|
| +// It is a list of Resource messages, which may contain the url of a
|
| +// resource such as the page in the address bar or any other resource
|
| +// that was loaded for this page.
|
| +// In addition to the url, a resource can contain HTTP request and response
|
| +// headers and bodies.
|
| +//
|
| +// If you want to change this protocol definition or you have questions
|
| +// regarding its format please contact chrome-anti-phishing@googlegroups.com.
|
| +
|
| +syntax = "proto2";
|
| +
|
| +option optimize_for = LITE_RUNTIME;
|
| +
|
| +package safe_browsing;
|
| +
|
| +// Protocol buffer describing the Chrome user population of the user reporting
|
| +// data.
|
| +message ChromeUserPopulation {
|
| + enum UserPopulation {
|
| + UNKNOWN_USER_POPULATION = 0;
|
| + SAFE_BROWSING = 1;
|
| + EXTENDED_REPORTING = 2;
|
| + }
|
| + optional UserPopulation user_population = 1;
|
| +}
|
| +
|
| +
|
| +message ClientPhishingRequest {
|
| + // URL that the client visited. The CGI parameters are stripped by the
|
| + // client.
|
| + optional string url = 1;
|
| +
|
| + // A 5-byte SHA-256 hash prefix of the URL. Before hashing the URL is
|
| + // canonicalized, converted to a suffix-prefix expression and broadened
|
| + // (www prefix is removed and everything past the last '/' is stripped).
|
| + //
|
| + // Marked OBSOLETE because the URL is sent for all users, making the hash
|
| + // prefix unnecessary.
|
| + optional bytes OBSOLETE_hash_prefix = 10;
|
| +
|
| + // Score that was computed on the client. Value is between 0.0 and 1.0.
|
| + // The larger the value the more likely the url is phishing.
|
| + required float client_score = 2;
|
| +
|
| + // Note: we're skipping tag 3 because it was previously used.
|
| +
|
| + // Is true if the features for this URL were classified as phishing.
|
| + // Currently, this will always be true for all client-phishing requests
|
| + // that are sent to the server.
|
| + optional bool is_phishing = 4;
|
| +
|
| + message Feature {
|
| + // Feature name. E.g., 'PageHasForms'.
|
| + required string name = 1;
|
| +
|
| + // Feature value is always in the range [0.0, 1.0]. Boolean features
|
| + // have value 1.0.
|
| + required double value = 2;
|
| + }
|
| +
|
| + // List of features that were extracted. Those are the features that were
|
| + // sent to the scorer and which resulted in client_score being computed.
|
| + repeated Feature feature_map = 5;
|
| +
|
| + // The version number of the model that was used to compute the client-score.
|
| + // Copied from ClientSideModel.version().
|
| + optional int32 model_version = 6;
|
| +
|
| + // Field 7 is only used on the server.
|
| +
|
| + // List of features that are extracted in the client but are not used in the
|
| + // machine learning model.
|
| + repeated Feature non_model_feature_map = 8;
|
| +
|
| + // The referrer URL. This field might not be set, for example, in the case
|
| + // where the referrer uses HTTPs.
|
| + // OBSOLETE: Use feature 'Referrer=<referrer>' instead.
|
| + optional string OBSOLETE_referrer_url = 9;
|
| +
|
| + // Field 11 is only used on the server.
|
| +
|
| + // List of shingle hashes we extracted.
|
| + repeated uint32 shingle_hashes = 12 [packed = true];
|
| +
|
| + // The model filename (basename) that was used by the client.
|
| + optional string model_filename = 13;
|
| +
|
| + // Population that the reporting user is part of.
|
| + optional ChromeUserPopulation population = 14;
|
| +}
|
| +
|
| +message ClientPhishingResponse {
|
| + required bool phishy = 1;
|
| +
|
| + // A list of SafeBrowsing host-suffix / path-prefix expressions that
|
| + // are whitelisted. The client must match the current top-level URL
|
| + // against these whitelisted expressions and only apply a positive
|
| + // phishing verdict above if the URL does not match any expression
|
| + // on this whitelist. The client must not cache these whitelisted
|
| + // expressions. This whitelist will be empty for the vast majority
|
| + // of the responses but might contain up to 100 entries in emergency
|
| + // situations.
|
| + //
|
| + // Marked OBSOLETE because the URL is sent for all users, so the server
|
| + // can do whitelist matching.
|
| + repeated string OBSOLETE_whitelist_expression = 2;
|
| +}
|
| +
|
| +message ClientMalwareRequest {
|
| + // URL that the client visited. The CGI parameters are stripped by the
|
| + // client.
|
| + required string url = 1;
|
| +
|
| + // Field 2 is deleted and no longer in use.
|
| +
|
| + // Field 3 is only used on the server.
|
| +
|
| + // The referrer URL. This field might not be set, for example, in the case
|
| + // where the referrer uses HTTPS.
|
| + optional string referrer_url = 4;
|
| +
|
| + // Field 5 and 6 are only used on the server.
|
| +
|
| + message UrlInfo {
|
| + required string ip = 1;
|
| + required string url = 2;
|
| + optional string method = 3;
|
| + optional string referrer = 4;
|
| + // Resource type, the int value is a direct cast from the Type enum
|
| + // of ResourceType class defined in //src/webkit/commom/resource_type.h
|
| + optional int32 resource_type = 5;
|
| + }
|
| +
|
| + // List of resource urls that match the malware IP list.
|
| + repeated UrlInfo bad_ip_url_info = 7;
|
| +
|
| + // Population that the reporting user is part of.
|
| + optional ChromeUserPopulation population = 9;
|
| +}
|
| +
|
| +// The message is used for client request to determine whether the provided URL
|
| +// is safe for the purposes of entering user credentials for logging in.
|
| +message LoginReputationClientRequest {
|
| + // The top level frame URL of the webpage that hosts the login form.
|
| + // The client will strip CGI parameters.
|
| + optional string page_url = 1;
|
| +
|
| + // Type for the request.
|
| + // It could be low reputation request or password reuse request.
|
| + enum TriggerType {
|
| + TRIGGER_TYPE_UNSPECIFIED = 0;
|
| + UNFAMILIAR_LOGIN_PAGE = 1;
|
| + PASSWORD_REUSE_EVENT = 2;
|
| + }
|
| + optional TriggerType trigger_type = 2;
|
| +
|
| + // The message contains features which can describe a frame. A frame can be
|
| + // a top level web page or an iframe.
|
| + message Frame {
|
| + // Id of a frame. The frame whose index = 0 is the top level web page.
|
| + optional int32 frame_index = 1;
|
| +
|
| + // Id of the parent frame.
|
| + optional int32 parent_frame_index = 2;
|
| +
|
| + // Url of the frame. If could be top level url (from web page) or url of
|
| + // the iframe.
|
| + optional string url = 3;
|
| +
|
| + // Whether the frame contains password field.
|
| + optional bool has_password_field = 4;
|
| +
|
| + // URLs transitions in reverse chronological order, i.e. the top level url
|
| + // or the url of the iframe comes first in the list.
|
| + repeated ReferrerChainEntry referrer_chain = 5;
|
| +
|
| + // The message contains features of a form.
|
| + message Form {
|
| + // Action url of the form.
|
| + optional string action_url = 1;
|
| +
|
| + // Whether the form contains password field.
|
| + optional bool has_password_field = 2;
|
| + }
|
| +
|
| + repeated Form forms = 6;
|
| + }
|
| +
|
| + repeated Frame frames = 3;
|
| +
|
| + // The message contains fields needed for a password reuse event.
|
| + message PasswordReuseEvent {
|
| + // Origins that the reused password had been used on. The origins are
|
| + // maintained by Chrome password manager.
|
| + // The field is filled in only when TriggerType is PASSWORD_REUSE_EVENT.
|
| + repeated string password_reused_original_origins = 1;
|
| +
|
| + // The frame that the password reuse is detected.
|
| + optional int32 frame_id = 2;
|
| + }
|
| +
|
| + optional PasswordReuseEvent password_reuse_event = 4;
|
| +
|
| + // The number of verdicts stored on the client.
|
| + optional int32 stored_verdict_cnt = 5;
|
| +}
|
| +
|
| +// The message is used for client response for login reputation requests.
|
| +message LoginReputationClientResponse {
|
| + // Type of verdicts issued by the server.
|
| + enum VerdictType {
|
| + VERDICT_TYPE_UNSPECIFIED = 0;
|
| + // No warning will be displayed.
|
| + SAFE = 1;
|
| + // The site has low reputation or low popularity.
|
| + LOW_REPUTATION = 2;
|
| + // The url matches with blacklist entries.
|
| + PHISHING = 3;
|
| + }
|
| + optional VerdictType verdict_type = 1;
|
| +
|
| + // TTL of the verdict in seconds.
|
| + optional int64 cache_duration_sec = 2;
|
| +
|
| + // A host-suffix/path-prefix expression which defines a collections of pages
|
| + // with common ownership from the same domain.
|
| + // Generally, the pattern is defined on the granularity of domains.
|
| + // For domains managed by multiple parties, especially in the case of large
|
| + // hosting sites (e.g., geocities.com), we further divide the domains.
|
| + //
|
| + // Examples:
|
| + // www.google.com/foo/bar?param=val -> google.com
|
| + // www.geocities.com/foo/bar.html -> geocities.com/foo
|
| + // adwords.blogspot.com/index.html -> adwords.blogspot.com
|
| + //
|
| + // The pattern will always match the page_url of the request, and will be
|
| + // a substring of page_url.
|
| + optional string cache_expression = 3;
|
| +}
|
| +
|
| +message ClientMalwareResponse {
|
| + required bool blacklist = 1;
|
| + // The confirmed blacklisted bad IP and its url, which will be shown in
|
| + // malware warning, if the blacklist verdict is true.
|
| + // This IP string could be either in IPv4 or IPv6 format, which is the same
|
| + // as the ones client sent to server.
|
| + optional string bad_ip = 2;
|
| + optional string bad_url = 3;
|
| +}
|
| +
|
| +message ClientDownloadRequest {
|
| + // The final URL of the download (after all redirects).
|
| + required string url = 1;
|
| +
|
| + // This message contains various binary digests of the download payload.
|
| + message Digests {
|
| + optional bytes sha256 = 1;
|
| + optional bytes sha1 = 2;
|
| + optional bytes md5 = 3;
|
| + }
|
| + required Digests digests = 2;
|
| +
|
| + // This is the length in bytes of the download payload.
|
| + required int64 length = 3;
|
| +
|
| + // Type of the resources stored below.
|
| + enum ResourceType {
|
| + // The final URL of the download payload. The resource URL should
|
| + // correspond to the URL field above.
|
| + DOWNLOAD_URL = 0;
|
| + // A redirect URL that was fetched before hitting the final DOWNLOAD_URL.
|
| + DOWNLOAD_REDIRECT = 1;
|
| + // The final top-level URL of the tab that triggered the download.
|
| + TAB_URL = 2;
|
| + // A redirect URL thas was fetched before hitting the final TAB_URL.
|
| + TAB_REDIRECT = 3;
|
| + // The document URL for a PPAPI plugin instance that initiated the download.
|
| + // This is the document.url for the container element for the plugin
|
| + // instance.
|
| + PPAPI_DOCUMENT = 4;
|
| + // The plugin URL for a PPAPI plugin instance that initiated the download.
|
| + PPAPI_PLUGIN = 5;
|
| + }
|
| +
|
| + message Resource {
|
| + required string url = 1;
|
| + required ResourceType type = 2;
|
| + optional bytes remote_ip = 3;
|
| + // This will only be set if the referrer is available and if the
|
| + // resource type is either TAB_URL or DOWNLOAD_URL.
|
| + optional string referrer = 4;
|
| +
|
| + // TODO(noelutz): add the transition type?
|
| + }
|
| +
|
| + // This repeated field will store all the redirects as well as the
|
| + // final URLs for the top-level tab URL (i.e., the URL that
|
| + // triggered the download) as well as for the download URL itself.
|
| + repeated Resource resources = 4;
|
| +
|
| + // A trust chain of certificates. Each chain begins with the signing
|
| + // certificate of the binary, and ends with a self-signed certificate,
|
| + // typically from a trusted root CA. This structure is analogous to
|
| + // CERT_CHAIN_CONTEXT on Windows.
|
| + message CertificateChain {
|
| + // A single link in the chain.
|
| + message Element {
|
| + // DER-encoded X.509 representation of the certificate.
|
| + optional bytes certificate = 1;
|
| + // Fields 2 - 7 are only used on the server.
|
| + }
|
| + repeated Element element = 1;
|
| + }
|
| +
|
| + // This is an OS X only message to report extended attribute informations.
|
| + // Extended attributes on OS X are used for various security mechanisms,
|
| + // which makes them interesting to Chrome.
|
| + message ExtendedAttr {
|
| + // This is the name of the extended attribute.
|
| + required string key = 1;
|
| + // This is the value of the extended attribute.
|
| + optional bytes value = 2;
|
| + }
|
| +
|
| + message SignatureInfo {
|
| + // All certificate chains for each of the binary's signers. Multiple chains
|
| + // may be present if the binary or any certificate has multiple signers.
|
| + // Absence of certificate chains does not imply that the binary is not
|
| + // signed (in that case, SignedData blobs extracted from the binary may be
|
| + // preset), but does mean that trust has not been verified.
|
| + repeated CertificateChain certificate_chain = 1;
|
| +
|
| + // True if the signature was trusted on the client.
|
| + optional bool trusted = 2;
|
| +
|
| + // On Windows, PKCS#7 SignedData blobs extracted from a portable executable
|
| + // image's attribute certificate table. The presence of these does not imply
|
| + // that the signatures were deemed trusted by the client.
|
| + // On Mac, this is the code signature blob referenced by the
|
| + // LC_CODE_SIGNATURE load command.
|
| + repeated bytes signed_data = 3;
|
| +
|
| + // On OS X, code signing data can be contained in the extended attributes of
|
| + // a file. As Gatekeeper respects this signature, we look for it and collect
|
| + // it.
|
| + repeated ExtendedAttr xattr = 4;
|
| + }
|
| +
|
| + // This field will only be set if the binary is signed.
|
| + optional SignatureInfo signature = 5;
|
| +
|
| + // True if the download was user initiated.
|
| + optional bool user_initiated = 6;
|
| +
|
| + // Fields 7 and 8 are only used on the server.
|
| +
|
| + // Name of the file where the download would be stored if the
|
| + // download completes. E.g., "bla.exe".
|
| + optional string file_basename = 9;
|
| +
|
| + // Starting with Chrome M19 we're also sending back pings for Chrome
|
| + // extensions that get downloaded by users.
|
| + enum DownloadType {
|
| + WIN_EXECUTABLE = 0; // Currently all .exe, .cab and .msi files.
|
| + CHROME_EXTENSION = 1; // .crx files.
|
| + ANDROID_APK = 2; // .apk files.
|
| + // .zip files containing one of the other executable types.
|
| + ZIPPED_EXECUTABLE = 3;
|
| + MAC_EXECUTABLE = 4; // .dmg, .pkg, etc.
|
| + ZIPPED_ARCHIVE = 5; // .zip file containing another archive.
|
| + ARCHIVE = 6; // Archive that doesn't have a specific DownloadType.
|
| + // A .zip that Chrome failed to unpack to the point of finding exe/zips.
|
| + INVALID_ZIP = 7;
|
| + // A .dmg, .pkg, etc, that Chrome failed to unpack to the point of finding
|
| + // Mach O's.
|
| + INVALID_MAC_ARCHIVE = 8;
|
| + // A download request initiated via PPAPI. Typically the requestor is
|
| + // a Flash applet.
|
| + PPAPI_SAVE_REQUEST = 9;
|
| + // A file we don't support, but we've decided to sample and send
|
| + // a light-ping.
|
| + SAMPLED_UNSUPPORTED_FILE = 10;
|
| + }
|
| + optional DownloadType download_type = 10 [default = WIN_EXECUTABLE];
|
| +
|
| + // Locale of the device, eg en, en_US.
|
| + optional string locale = 11;
|
| +
|
| + message PEImageHeaders {
|
| + // IMAGE_DOS_HEADER.
|
| + optional bytes dos_header = 1;
|
| + // IMAGE_FILE_HEADER.
|
| + optional bytes file_header = 2;
|
| + // IMAGE_OPTIONAL_HEADER32. Present only for 32-bit PE images.
|
| + optional bytes optional_headers32 = 3;
|
| + // IMAGE_OPTIONAL_HEADER64. Present only for 64-bit PE images.
|
| + optional bytes optional_headers64 = 4;
|
| + // IMAGE_SECTION_HEADER.
|
| + repeated bytes section_header = 5;
|
| + // Contents of the .edata section.
|
| + optional bytes export_section_data = 6;
|
| +
|
| + message DebugData {
|
| + // IMAGE_DEBUG_DIRECTORY.
|
| + optional bytes directory_entry = 1;
|
| + optional bytes raw_data = 2;
|
| + }
|
| +
|
| + repeated DebugData debug_data = 7;
|
| + }
|
| +
|
| + message MachOHeaders {
|
| + // The mach_header or mach_header_64 struct.
|
| + required bytes mach_header = 1;
|
| +
|
| + message LoadCommand {
|
| + // |command_id| is the first uint32 of |command| as well, but is
|
| + // extracted for easier processing.
|
| + required uint32 command_id = 1;
|
| + // The entire data stream of the load command.
|
| + required bytes command = 2;
|
| + }
|
| +
|
| + // All the load commands of the Mach-O file.
|
| + repeated LoadCommand load_commands = 2;
|
| + }
|
| +
|
| + message ImageHeaders {
|
| + // Windows Portable Executable image headers.
|
| + optional PEImageHeaders pe_headers = 1;
|
| +
|
| + // OS X Mach-O image headers.
|
| + repeated MachOHeaders mach_o_headers = 2;
|
| + };
|
| +
|
| + // Fields 12-17 are reserved for server-side use and are never sent by the
|
| + // client.
|
| +
|
| + optional ImageHeaders image_headers = 18;
|
| +
|
| + // Fields 19-21 are reserved for server-side use and are never sent by the
|
| + // client.
|
| +
|
| + // A binary contained in an archive (e.g., a .zip archive).
|
| + message ArchivedBinary {
|
| + optional string file_basename = 1;
|
| + optional DownloadType download_type = 2;
|
| + optional Digests digests = 3;
|
| + optional int64 length = 4;
|
| + optional SignatureInfo signature = 5;
|
| + optional ImageHeaders image_headers = 6;
|
| + }
|
| +
|
| + repeated ArchivedBinary archived_binary = 22;
|
| +
|
| + // Population that the reporting user is part of.
|
| + optional ChromeUserPopulation population = 24;
|
| +
|
| + // True if the .zip or DMG, etc, was 100% successfully unpacked.
|
| + optional bool archive_valid = 26;
|
| +
|
| + // True if this ClientDownloadRequest is from a whitelisted domain.
|
| + optional bool skipped_url_whitelist = 28;
|
| +
|
| + // True if this ClientDownloadRequest contains a whitelisted certificate.
|
| + optional bool skipped_certificate_whitelist = 31;
|
| +
|
| + // PPAPI_SAVE_REQUEST type messages may have more than one suggested filetype.
|
| + // Each element in this collection indicates an alternate extension including
|
| + // the leading extension separator.
|
| + repeated string alternate_extensions = 35;
|
| +
|
| + // URLs transitions from landing referrer to download in reverse chronological
|
| + // order, i.e. download url comes first in this list, and landing referrer
|
| + // comes last.
|
| + repeated ReferrerChainEntry referrer_chain = 36;
|
| +
|
| + // Whether DownloadAttribution Finch experiment is enabled for this ping.
|
| + optional bool download_attribution_finch_enabled = 39;
|
| +}
|
| +
|
| +message ReferrerChainEntry {
|
| + enum URLType {
|
| + DOWNLOAD_URL = 1;
|
| + LANDING_PAGE = 2;
|
| + LANDING_REFERRER = 3;
|
| + CLIENT_REDIRECT = 4;
|
| + DEPRECATED_SERVER_REDIRECT = 5; // Deprecated
|
| + }
|
| +
|
| + message ServerRedirect {
|
| + // [required] server redirect url
|
| + optional string url = 1;
|
| +
|
| + // Additional fields for future expansion.
|
| + }
|
| +
|
| + // [required] The url of this Entry.
|
| + optional string url = 1;
|
| +
|
| + // Only set if it is different from |url|.
|
| + optional string main_frame_url = 9;
|
| +
|
| + // Type of URLs, such as download url, download referrer, etc.
|
| + optional URLType type = 2 [default = CLIENT_REDIRECT];
|
| +
|
| + // IP addresses corresponding to this host.
|
| + repeated string ip_addresses = 3;
|
| +
|
| + // Referrer url of this entry.
|
| + optional string referrer_url = 4;
|
| +
|
| + // Main frame URL of referrer.
|
| + // Only set if it is different from |referrer_url|.
|
| + optional string referrer_main_frame_url = 5;
|
| +
|
| + // If this URL loads in a different tab/frame from previous one.
|
| + optional bool is_retargeting = 6;
|
| +
|
| + optional double navigation_time_msec = 7;
|
| +
|
| + // Set only if server redirects happened in navigation.
|
| + // The first entry in |server_redirect_chain| should be the original request
|
| + // url, and the last entry should be the same as |url|.
|
| + repeated ServerRedirect server_redirect_chain = 8;
|
| +} // End of ReferrerChainEntry
|
| +
|
| +message ClientDownloadResponse {
|
| + enum Verdict {
|
| + // Download is considered safe.
|
| + SAFE = 0;
|
| + // Download is considered dangerous. Chrome should show a warning to the
|
| + // user.
|
| + DANGEROUS = 1;
|
| + // Download is uncommon. Chrome should display a less severe warning.
|
| + UNCOMMON = 2;
|
| + // The download is potentially unwanted.
|
| + POTENTIALLY_UNWANTED = 3;
|
| + // The download is from a dangerous host.
|
| + DANGEROUS_HOST = 4;
|
| + // The backend doesn't have confidence in its verdict of this file.
|
| + // Chrome should show the default warning if configured for this file type.
|
| + UNKNOWN = 5;
|
| + }
|
| + optional Verdict verdict = 1 [default = SAFE];
|
| +
|
| + message MoreInfo {
|
| + // A human-readable string describing the nature of the warning.
|
| + // Only if verdict != SAFE. Localized based on request.locale.
|
| + optional string description = 1;
|
| +
|
| + // A URL to get more information about this warning, if available.
|
| + optional string url = 2;
|
| + }
|
| + optional MoreInfo more_info = 2;
|
| +
|
| + // An arbitrary token that should be sent along for further server requests.
|
| + optional bytes token = 3;
|
| +
|
| + // Whether the server requests that this binary be uploaded.
|
| + optional bool upload = 5;
|
| +}
|
| +
|
| +// The following protocol buffer holds the feedback report gathered
|
| +// from the user regarding the download.
|
| +message ClientDownloadReport {
|
| + // The information of user who provided the feedback.
|
| + // This is going to be useful for handling appeals.
|
| + message UserInformation {
|
| + optional string email = 1;
|
| + }
|
| +
|
| + enum Reason {
|
| + SHARE = 0;
|
| + FALSE_POSITIVE = 1;
|
| + APPEAL = 2;
|
| + }
|
| +
|
| + // The type of feedback for this report.
|
| + optional Reason reason = 1;
|
| +
|
| + // The original download ping
|
| + optional ClientDownloadRequest download_request = 2;
|
| +
|
| + // Stores the information of the user who provided the feedback.
|
| + optional UserInformation user_information = 3;
|
| +
|
| + // Unstructed comments provided by the user.
|
| + optional bytes comment = 4;
|
| +
|
| + // The original download response sent from the verdict server.
|
| + optional ClientDownloadResponse download_response = 5;
|
| +}
|
| +
|
| +// This is used to send back upload status to the client after upload completion
|
| +message ClientUploadResponse {
|
| + enum UploadStatus {
|
| + // The upload was successful and a complete response can be expected
|
| + SUCCESS = 0;
|
| +
|
| + // The upload was unsuccessful and the response is incomplete.
|
| + UPLOAD_FAILURE = 1;
|
| + }
|
| +
|
| + // Holds the upload status
|
| + optional UploadStatus status = 1;
|
| +
|
| + // Holds the permalink where the results of scanning the binary are available
|
| + optional string permalink = 2;
|
| +}
|
| +
|
| +message ClientIncidentReport {
|
| + message IncidentData {
|
| + message TrackedPreferenceIncident {
|
| + enum ValueState {
|
| + UNKNOWN = 0;
|
| + CLEARED = 1;
|
| + WEAK_LEGACY_OBSOLETE = 2;
|
| + CHANGED = 3;
|
| + UNTRUSTED_UNKNOWN_VALUE = 4;
|
| + BYPASS_CLEARED = 5;
|
| + BYPASS_CHANGED = 6;
|
| + }
|
| +
|
| + optional string path = 1;
|
| + optional string atomic_value = 2;
|
| + repeated string split_key = 3;
|
| + optional ValueState value_state = 4;
|
| + }
|
| +
|
| + message BinaryIntegrityIncident {
|
| + optional string file_basename = 1;
|
| + optional ClientDownloadRequest.SignatureInfo signature = 2;
|
| + optional ClientDownloadRequest.ImageHeaders image_headers = 3;
|
| + optional int32 sec_error = 4;
|
| +
|
| + message ContainedFile {
|
| + optional string relative_path = 1;
|
| + optional ClientDownloadRequest.SignatureInfo signature = 2;
|
| + optional ClientDownloadRequest.ImageHeaders image_headers = 3;
|
| + }
|
| + repeated ContainedFile contained_file = 5;
|
| + }
|
| +
|
| + message BlacklistLoadIncident {
|
| + optional string path = 1;
|
| + optional ClientDownloadRequest.Digests digest = 2;
|
| + optional string version = 3;
|
| + optional bool blacklist_initialized = 4;
|
| + optional ClientDownloadRequest.SignatureInfo signature = 5;
|
| + optional ClientDownloadRequest.ImageHeaders image_headers = 6;
|
| + }
|
| + message VariationsSeedSignatureIncident {
|
| + optional string variations_seed_signature = 1;
|
| + }
|
| + message ResourceRequestIncident {
|
| + enum Type {
|
| + UNKNOWN = 0;
|
| + TYPE_PATTERN = 3;
|
| + }
|
| + optional bytes digest = 1;
|
| + optional string origin = 2;
|
| + optional Type type = 3 [default = UNKNOWN];
|
| + }
|
| + message SuspiciousModuleIncident {
|
| + optional string path = 1;
|
| + optional ClientDownloadRequest.Digests digest = 2;
|
| + optional string version = 3;
|
| + optional ClientDownloadRequest.SignatureInfo signature = 4;
|
| + optional ClientDownloadRequest.ImageHeaders image_headers = 5;
|
| + }
|
| + optional int64 incident_time_msec = 1;
|
| + optional TrackedPreferenceIncident tracked_preference = 2;
|
| + optional BinaryIntegrityIncident binary_integrity = 3;
|
| + optional BlacklistLoadIncident blacklist_load = 4;
|
| + // Note: skip tag 5 because it was previously used.
|
| + optional VariationsSeedSignatureIncident variations_seed_signature = 6;
|
| + optional ResourceRequestIncident resource_request = 7;
|
| + optional SuspiciousModuleIncident suspicious_module = 8;
|
| + }
|
| +
|
| + repeated IncidentData incident = 1;
|
| +
|
| + message DownloadDetails {
|
| + optional bytes token = 1;
|
| + optional ClientDownloadRequest download = 2;
|
| + optional int64 download_time_msec = 3;
|
| + optional int64 open_time_msec = 4;
|
| + }
|
| +
|
| + optional DownloadDetails download = 2;
|
| +
|
| + message EnvironmentData {
|
| + message OS {
|
| + optional string os_name = 1;
|
| + optional string os_version = 2;
|
| +
|
| + message RegistryValue {
|
| + optional string name = 1;
|
| + optional uint32 type = 2;
|
| + optional bytes data = 3;
|
| + }
|
| +
|
| + message RegistryKey {
|
| + optional string name = 1;
|
| + repeated RegistryValue value = 2;
|
| + repeated RegistryKey key = 3;
|
| + }
|
| +
|
| + repeated RegistryKey registry_key = 3;
|
| +
|
| + optional bool is_enrolled_to_domain = 4;
|
| + }
|
| + optional OS os = 1;
|
| + message Machine {
|
| + optional string cpu_architecture = 1;
|
| + optional string cpu_vendor = 2;
|
| + optional uint32 cpuid = 3;
|
| + }
|
| + optional Machine machine = 2;
|
| + message Process {
|
| + optional string version = 1;
|
| + repeated string OBSOLETE_dlls = 2;
|
| + message Patch {
|
| + optional string function = 1;
|
| + optional string target_dll = 2;
|
| + }
|
| + repeated Patch patches = 3;
|
| + message NetworkProvider {}
|
| + repeated NetworkProvider network_providers = 4;
|
| + enum Channel {
|
| + CHANNEL_UNKNOWN = 0;
|
| + CHANNEL_CANARY = 1;
|
| + CHANNEL_DEV = 2;
|
| + CHANNEL_BETA = 3;
|
| + CHANNEL_STABLE = 4;
|
| + }
|
| + optional Channel chrome_update_channel = 5;
|
| + optional int64 uptime_msec = 6;
|
| + optional bool metrics_consent = 7;
|
| + // Obsolete: extended consent is now required for incident reporting.
|
| + optional bool OBSOLETE_extended_consent = 8;
|
| + message Dll {
|
| + enum Feature {
|
| + UNKNOWN = 0;
|
| + LSP = 1;
|
| + }
|
| + optional string path = 1;
|
| + optional uint64 base_address = 2;
|
| + optional uint32 length = 3;
|
| + repeated Feature feature = 4;
|
| + optional ClientDownloadRequest.ImageHeaders image_headers = 5;
|
| + }
|
| + repeated Dll dll = 9;
|
| + repeated string blacklisted_dll = 10;
|
| + message ModuleState {
|
| + enum ModifiedState {
|
| + UNKNOWN = 0;
|
| + MODULE_STATE_UNKNOWN = 1;
|
| + MODULE_STATE_UNMODIFIED = 2;
|
| + MODULE_STATE_MODIFIED = 3;
|
| + }
|
| + optional string name = 1;
|
| + optional ModifiedState modified_state = 2;
|
| + repeated string OBSOLETE_modified_export = 3;
|
| +
|
| + message Modification {
|
| + optional uint32 file_offset = 1;
|
| + optional int32 byte_count = 2;
|
| + optional bytes modified_bytes = 3;
|
| + optional string export_name = 4;
|
| + }
|
| + repeated Modification modification = 4;
|
| + }
|
| + repeated ModuleState module_state = 11;
|
| + // Obsolete: field trials no longer enable incident reporting.
|
| + optional bool OBSOLETE_field_trial_participant = 12;
|
| + }
|
| + optional Process process = 3;
|
| + }
|
| +
|
| + message ExtensionData {
|
| + message ExtensionInfo {
|
| + enum ExtensionState {
|
| + STATE_UNKNOWN = 0;
|
| + STATE_ENABLED = 1;
|
| + STATE_DISABLED = 2;
|
| + STATE_BLACKLISTED = 3;
|
| + STATE_BLOCKED = 4;
|
| + STATE_TERMINATED = 5;
|
| + }
|
| +
|
| + optional string id = 1;
|
| + optional string version = 2;
|
| + optional string name = 3;
|
| + optional string description = 4;
|
| + optional ExtensionState state = 5 [default = STATE_UNKNOWN];
|
| + optional int32 type = 6;
|
| + optional string update_url = 7;
|
| + optional bool has_signature_validation = 8;
|
| + optional bool signature_is_valid = 9;
|
| + optional bool installed_by_custodian = 10;
|
| + optional bool installed_by_default = 11;
|
| + optional bool installed_by_oem = 12;
|
| + optional bool from_bookmark = 13;
|
| + optional bool from_webstore = 14;
|
| + optional bool converted_from_user_script = 15;
|
| + optional bool may_be_untrusted = 16;
|
| + optional int64 install_time_msec = 17;
|
| + optional int32 manifest_location_type = 18;
|
| + optional string manifest = 19;
|
| + }
|
| +
|
| + optional ExtensionInfo last_installed_extension = 1;
|
| + }
|
| +
|
| + optional EnvironmentData environment = 3;
|
| +
|
| + // Population that the reporting user is part of.
|
| + optional ChromeUserPopulation population = 7;
|
| +
|
| + optional ExtensionData extension_data = 8;
|
| +
|
| + message NonBinaryDownloadDetails {
|
| + optional string file_type = 1;
|
| + optional bytes url_spec_sha256 = 2;
|
| + optional string host = 3;
|
| + optional int64 length = 4;
|
| + }
|
| +
|
| + optional NonBinaryDownloadDetails non_binary_download = 9;
|
| +}
|
| +
|
| +message ClientIncidentResponse {
|
| + optional bytes token = 1;
|
| + optional bool download_requested = 2;
|
| +
|
| + message EnvironmentRequest { optional int32 dll_index = 1; }
|
| +
|
| + repeated EnvironmentRequest environment_requests = 3;
|
| +}
|
| +
|
| +message DownloadMetadata {
|
| + optional uint32 download_id = 1;
|
| +
|
| + optional ClientIncidentReport.DownloadDetails download = 2;
|
| +}
|
| +
|
| +// A Detailed Safebrowsing Report from clients. Chrome safebrowsing reports are
|
| +// only sent by Chrome users who have opted into extended Safe Browsing.
|
| +// This proto is replacing ClientMalwareReportRequest.
|
| +// Next tag: 17
|
| +message ClientSafeBrowsingReportRequest {
|
| + // Note: A lot of the "optional" fields would make sense to be
|
| + // "required" instead. However, having them as optional allows the
|
| + // clients to send "stripped down" versions of the message in the
|
| + // future, if we want to.
|
| +
|
| + enum ReportType {
|
| + UNKNOWN = 0;
|
| + URL_PHISHING = 1;
|
| + URL_MALWARE = 2;
|
| + URL_UNWANTED = 3;
|
| + CLIENT_SIDE_PHISHING_URL = 4;
|
| + CLIENT_SIDE_MALWARE_URL = 5;
|
| + DANGEROUS_DOWNLOAD_RECOVERY = 6;
|
| + DANGEROUS_DOWNLOAD_WARNING = 7;
|
| + DANGEROUS_DOWNLOAD_BY_API = 10;
|
| + }
|
| +
|
| + message HTTPHeader {
|
| + required bytes name = 1;
|
| + optional bytes value = 2;
|
| + }
|
| +
|
| + message HTTPRequest {
|
| + message FirstLine {
|
| + optional bytes verb = 1;
|
| + optional bytes uri = 2;
|
| + optional bytes version = 3;
|
| + }
|
| +
|
| + optional FirstLine firstline = 1;
|
| + repeated HTTPHeader headers = 2;
|
| + optional bytes body = 3;
|
| +
|
| + // bodydigest and bodylength can be useful if the report does not
|
| + // contain the body itself.
|
| + optional bytes bodydigest = 4; // 32-byte hex md5 digest of body.
|
| + optional int32 bodylength = 5; // length of body.
|
| + }
|
| +
|
| + message HTTPResponse {
|
| + message FirstLine {
|
| + optional int32 code = 1;
|
| + optional bytes reason = 2;
|
| + optional bytes version = 3;
|
| + }
|
| +
|
| + optional FirstLine firstline = 1;
|
| + repeated HTTPHeader headers = 2;
|
| + optional bytes body = 3;
|
| + optional bytes bodydigest = 4; // 32-byte hex md5 digest of body.
|
| + optional int32 bodylength = 5; // length of body.
|
| + optional bytes remote_ip = 6; // IP of the server.
|
| + }
|
| +
|
| + message Resource {
|
| + required int32 id = 1;
|
| + optional string url = 2;
|
| + optional HTTPRequest request = 3;
|
| + optional HTTPResponse response = 4;
|
| + optional int32 parent_id = 5;
|
| + repeated int32 child_ids = 6;
|
| + optional string tag_name = 7;
|
| + }
|
| +
|
| + optional ReportType type = 10;
|
| +
|
| + // Only set if ReportType is DANGEROUS_DOWNLOAD_RECOVERY,
|
| + // DANGEROUS_DOWNLOAD_WARNING or DANGEROUS_DOWNLOAD_BY_API.
|
| + optional ClientDownloadResponse.Verdict download_verdict = 11;
|
| +
|
| + // URL of the page in the address bar.
|
| + optional string url = 1;
|
| + optional string page_url = 2;
|
| + optional string referrer_url = 3;
|
| +
|
| + repeated Resource resources = 4;
|
| +
|
| + // Contains the hierarchy of elements on the page (ie: the DOM). Some
|
| + // elements can be Resources and will refer to the resources list (above).
|
| + repeated HTMLElement dom = 16;
|
| +
|
| + // Whether the report is complete.
|
| + optional bool complete = 5;
|
| +
|
| + // The ASN and country of the client IP. These fields are filled up by
|
| + // csd_frontend
|
| + repeated string client_asn = 6;
|
| + optional string client_country = 7;
|
| +
|
| + // Whether user chose to proceed.
|
| + optional bool did_proceed = 8;
|
| +
|
| + // Whether user visited this origin before.
|
| + optional bool repeat_visit = 9;
|
| +
|
| + // The same token in ClientDownloadResponse. This field is only set if its
|
| + // report type is DANGEROUS_DOWNLOAD_RECOVERY, DANGEROUS_DOWNLOAD_WARNING or
|
| + // DANGEROUS_DOWNLOAD_BY_API.
|
| + optional bytes token = 15;
|
| +}
|
| +
|
| +// An HTML Element on the page (eg: iframe, div, script, etc).
|
| +message HTMLElement {
|
| + // Id of this element.
|
| + optional int32 id = 1;
|
| +
|
| + // The tag type of this element (eg: iframe, div, script, etc).
|
| + optional string tag = 2;
|
| +
|
| + // IDs of elements that are children of this element.
|
| + repeated int32 child_ids = 3;
|
| +
|
| + // If this element represents a Resource then this is the id of the
|
| + // Resource, which contains additional data about the Resource. Otherwise
|
| + // unset.
|
| + optional int32 resource_id = 5;
|
| +
|
| + // An Attribute of the element (eg: id, border, foo etc) and its value.
|
| + message Attribute {
|
| + optional string name = 1;
|
| + optional string value = 2;
|
| + }
|
| + repeated Attribute attribute = 6;
|
| +}
|
| +
|
| +// Canonical representation of raster image data.
|
| +message ImageData {
|
| + // Image bitmap, after downscaling to <= 512x512.
|
| + optional bytes data = 1;
|
| +
|
| + // Encoding scheme for the bitmap.
|
| + optional string mime_type = 2;
|
| +
|
| + message Dimensions {
|
| + optional int32 width = 1;
|
| + optional int32 height = 2;
|
| + }
|
| +
|
| + // Dimensions of the image stored in |data|.
|
| + optional Dimensions dimensions = 3;
|
| + optional Dimensions original_dimensions = 4; // iff downscaled
|
| +}
|
| +
|
| +// Reporting protobuf for an image served as part of a browser notification.
|
| +// There is no response (an empty body) to this request.
|
| +message NotificationImageReportRequest {
|
| + optional string notification_origin = 1; // Src-origin of the notification.
|
| + optional ImageData image = 2; // The bitmap of the image.
|
| +
|
| + // Note that the image URL is deliberately omitted as it would be untrusted,
|
| + // since the notification image fetch may be intercepted by a Service Worker
|
| + // (even if the image URL is cross-origin). Otherwise a website could mislead
|
| + // Safe Browsing into associating phishing image bitmaps with safe image URLs.
|
| +}
|
|
|
Chromium Code Reviews
Issue 2744503002:
Revert of Move chrome/common/safe_browsing/csd.proto to components/safe_browsing (Closed)
