Network service: Safe browsing check for sub-resources from renderer.

chrome/common/safe_browsing.mojom

Index: chrome/common/safe_browsing.mojom
diff --git a/chrome/common/safe_browsing.mojom b/chrome/common/safe_browsing.mojom
new file mode 100644
index 0000000000000000000000000000000000000000..1da58f401dc5c62e7e132950d29a0a299c1bfaaf
--- /dev/null
+++ b/chrome/common/safe_browsing.mojom
@@ -0,0 +1,31 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+module chrome.mojom;
+
+import "content/public/common/resource_type.mojom";
+import "url/mojo/url.mojom";
+
+interface SafeBrowsing {
+  // Queries safe browsing whether |url| is safe to load, and creates a
+  // SafeBrowsingUrlChecker interface.
+  // This checker interface should be used (and only used) for subsequent checks
+  // of redirects, so that the server side could keep track of the redirect
+  // chain. Disconnecting the checker interface cancels on-going URL checks.
+  // Please note that in that case if the check started by this method hasn't
+  // completed yet, it will also be canceled and return true as if the URL is
+  // safe.
+  // The check and (subsequent checks performed using SafeBrowsingUrlChecker)
+  // checks against safe browsing's Malware, Phishing, and UwS blacklists.
+  CreateCheckerAndCheck(
+      int32 render_frame_id,
+      SafeBrowsingUrlChecker& request,
+      url.mojom.Url url,

[vakh (use Gerrit instead), 2017/05/31 23:53:09]

There are other SafeBrowsing checks that check non-URL things (such as Chrome
Extension IDs).
How do we handle those?
Are we going to have different behavior if the resource to check is a URL vs
not?

I don't know the answer to those questions but I think it might be good to
document that here.

[yzshen1, 2017/06/01 17:45:04]

I feel that it should be fine to consider that later.
This interface is not considered "stable", and it certainly doesn't expose all
functionalities of SB.
we can add / change methods when we need to.

This work focuses on interactions between the new network service and
SafeBrowsing, so there is no need to worry about non-URL for now. (The network
service only handles URLs.)

WDYT? Thanks!

[vakh (use Gerrit instead), 2017/06/01 17:57:47]

Agree
Agree
I guess I am missing the big picture here. I don't want to block this CL but
let's sync up in person later.

+      int32 load_flags,
+      content.mojom.ResourceType resource_type) => (bool safe);
+};
+
+interface SafeBrowsingUrlChecker {
+  CheckUrl(url.mojom.Url url) => (bool safe);
+};