Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security] Enable Safety Tips #12999

Closed
jumde opened this issue Dec 2, 2020 · 4 comments · Fixed by brave/brave-core#7521
Closed

[Security] Enable Safety Tips #12999

jumde opened this issue Dec 2, 2020 · 4 comments · Fixed by brave/brave-core#7521
Assignees
@fmarier
Labels
design A design change, especially one which needs input from the design team OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include security
Milestone
1.20.x - Release

Comments

@jumde
Copy link
Contributor

jumde commented Dec 2, 2020

Description

Safety Tips warnings are displayed for lookalike/phishing URLs

Screen Shot 2020-12-02 at 10 15 11 AM

The components contains a protobuf of allowed domains to mitigate false positives of client-side heuristics.
@jumde jumde mentioned this issue Dec 3, 2020
Closed
5 tasks
@mherrmann
Copy link

mherrmann commented Dec 4, 2020
edited
Loading

At the moment, Safety Tips appears in brave://components as version 0.0.0.0 and stays this way forever. My fix for #8709 will actually remove this zombie appearance of Safety Tips. But whoever implements this present issue to bring it back can simply look at my fix and remove Safety Tips from the list of blacklisted components.

@mherrmann mherrmann mentioned this issue Dec 4, 2020
Closed
@rebron rebron added the design A design change, especially one which needs input from the design team label Dec 7, 2020
@rebron rebron added the priority/P3 The next thing for us to work on. It'll ride the trains. label Dec 8, 2020
@jumde jumde removed their assignment Dec 19, 2020
@fmarier fmarier self-assigned this Dec 23, 2020
fmarier added a commit to fmarier/brave-core that referenced this issue Jan 5, 2021
@fmarier
Enable Safety Tips component and feature (fixes brave/brave-browser#1…
0638cfc 
…2999)
fmarier added a commit to brave/brave-core that referenced this issue Jan 5, 2021
@fmarier
Enable Safety Tips component and feature (fixes brave/brave-browser#1…
3912528 
…2999)
@fmarier fmarier mentioned this issue Jan 5, 2021
Merged
23 tasks
fmarier added a commit to brave/brave-core that referenced this issue Jan 9, 2021
@fmarier
Enable Safety Tips component and feature (fixes brave/brave-browser#1…
8aaea4f 
…2999)
fmarier added a commit to brave/brave-core that referenced this issue Jan 12, 2021
@fmarier
Enable Safety Tips component and feature (fixes brave/brave-browser#1…
f9ee181 
…2999)
@fmarier fmarier added this to the 1.20.x - Nightly milestone Jan 13, 2021
@LaurenWags
Copy link
Member

@fmarier looks like the UI is different than mentioned in brave/brave-core#7521 (comment), although it does match Chrome. Just want to confirm this is expected.

Brave | 1.20.87 Chromium: 88.0.4324.96 (Official Build) dev (x86_64)
-- | --
Revision | 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS | macOS Version 10.15.7 (Build 19H15)

Google Chrome | 88.0.4324.96 (Official Build) (x86_64)
-- | --
Revision | 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS | macOS Version 10.15.7 (Build 19H15)
Brave Chrome
Brave Chrome

@LaurenWags LaurenWags mentioned this issue Jan 22, 2021
Closed
@fmarier
Copy link
Member

fmarier commented Jan 22, 2021

Thanks @LaurenWags. I suspect I took my screenshot before the latest Chromium bump.

The fact that there is a popup at all means that the feature is working. 👍

@LaurenWags
Copy link
Member

LaurenWags commented Jan 22, 2021
edited by btlechowski
Loading

Verified passed with

Brave | 1.20.87 Chromium: 88.0.4324.96 (Official Build) dev (x86_64)
-- | --
Revision | 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS | macOS Version 10.15.7 (Build 19H15)

Verified test plan from brave/brave-core#7521 (comment)

Confirmed Certificate Error Assistant and Safety Tips are listed on brave://components.
Confirmed after ~1 minute they each installed and got non-zero version numbers.

Certificate Error Assistant Safety Tips
cert err ast - installed safety tips - installed

Confirmed visiting https://badssl.com/test/safety-tips/ shows notification:
Screen Shot 2021-01-22 at 4 31 20 PM

Verification passed on

Brave | 1.20.88 Chromium: 88.0.4324.96 (Official Build) dev (64-bit)
-- | --
Revision | 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS | Windows 10 OS Version 2004 (Build 19041.746)

Verified test plan from brave/brave-core#7521 (comment)

Confirmed Certificate Error Assistant and Safety Tips are listed on brave://components.
Confirmed after ~1 minute they each installed and got non-zero version numbers.

Certificate Error Assistant Safety Tips
image image

Confirmed visiting https://badssl.com/test/safety-tips/ shows notification:
image

Verification passed on

Brave 1.20.88 Chromium: 88.0.4324.96 (Official Build) dev (64-bit)
Revision 68dba2d8a0b149a1d3afac56fa74648032bcf46b-refs/branch-heads/4324@{#1784}
OS Ubuntu 18.04 LTS

Verified test plan from brave/brave-core#7521 (comment)

Confirmed Certificate Error Assistant and Safety Tips are listed on brave://components.
Confirmed after ~1 minute they each installed and got non-zero version numbers.

image

Confirmed visiting https://badssl.com/test/safety-tips/ shows notification:
image

@LaurenWags LaurenWags changed the title Enable Safety Tips [Security] Enable Safety Tips Feb 1, 2021
@LaurenWags LaurenWags mentioned this issue Feb 8, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fmarier fmarier

Labels
design A design change, especially one which needs input from the design team OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include security
Projects
None yet
Milestone
1.20.x - Release
Development

Successfully merging a pull request may close this issue.

Enable security components brave/brave-core
7 participants
@fmarier @mherrmann @jumde @rebron @LaurenWags @btlechowski @GeetaSarvadnya