Add finch control of user population in low reputation requests

components/safe_browsing/csd.proto

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // This proto file includes:
 // (1) Client side phishing and malware detection request and response
 //   protocol buffers.  Those protocol messages should be kept in sync
 //   with the server implementation.
 //
 // (2) Safe Browsing reporting protocol buffers.
@@ skipping 16 matching lines @@
 
 // Protocol buffer describing the Chrome user population of the user reporting
 // data.
 message ChromeUserPopulation {
   enum UserPopulation {
     UNKNOWN_USER_POPULATION = 0;
     SAFE_BROWSING = 1;
     EXTENDED_REPORTING = 2;
   }
   optional UserPopulation user_population = 1;
+
+  // If user enabled history sync.
+  optional bool is_history_sync_enabled = 2;
+
+  // The finch active group this user belongs to (if any). Active group is

[Nathan Parker, 2017/05/05 20:58:22]

We should at some point list the possible values of this, or point to the
google3 finch config name that lists them. That way when people are dremeling,
they know what to look for.

[Jialiu Lin, 2017/05/05 22:19:32]

ChromeUserPopulation message is not only used by PhishGuard. I am concerned that
this list could potentially grow very long if we are going to list all the
possible trial experiment names here.  

+  // defined by finch trial name and group name. Trial name and group name are
+  // concatenated with separator "|", e.g. "PingOnlyTrial|DefaultGroup".
+  optional string finch_active_group = 3;

[Nathan Parker, 2017/05/05 20:58:22]

This seems useful, but then what is a concrete use case? And would it tell us if
a use is enabled for both pings or just how they got enabled for this ping?

[Jialiu Lin, 2017/05/05 22:19:32]

My current implementation does the later (how they got enabled for this ping).
Changed to a repeated field and report all the PhishGuard related trials this
user is in.

 }
 
 message ClientPhishingRequest {
   // URL that the client visited.  The CGI parameters are stripped by the
   // client.
   optional string url = 1;
 
   // A 5-byte SHA-256 hash prefix of the URL.  Before hashing the URL is
   // canonicalized, converted to a suffix-prefix expression and broadened
   // (www prefix is removed and everything past the last '/' is stripped).
@@ skipping 160 matching lines @@
     repeated string password_reused_original_origins = 1;
 
     // The frame that the password reuse is detected.
     optional int32 frame_id = 2;
   }
 
   optional PasswordReuseEvent password_reuse_event = 4;
 
   // The number of verdicts stored on the client.
   optional int32 stored_verdict_cnt = 5;
+
+  // Chrome user population.
+  optional ChromeUserPopulation population = 6;
 }
 
 // The message is used for client response for login reputation requests.
 message LoginReputationClientResponse {
   // Type of verdicts issued by the server.
   enum VerdictType {
     VERDICT_TYPE_UNSPECIFIED = 0;
     // No warning will be displayed.
     SAFE = 1;
     // The site has low reputation or low popularity.
@@ skipping 797 matching lines @@
 // There is no response (an empty body) to this request.
 message NotificationImageReportRequest {
   optional string notification_origin = 1;  // Src-origin of the notification.
   optional ImageData image = 2;             // The bitmap of the image.
 
   // Note that the image URL is deliberately omitted as it would be untrusted,
   // since the notification image fetch may be intercepted by a Service Worker
   // (even if the image URL is cross-origin). Otherwise a website could mislead
   // Safe Browsing into associating phishing image bitmaps with safe image URLs.
 }