Security/Download Protection: Difference between revisions
< Security
Jump to navigation
Jump to search
(→Engineering: where the code is) |
(→Documentation: link to Chromium source code) |
||
| Line 22: | Line 22: | ||
* API Documentation available internally under NDA | * API Documentation available internally under NDA | ||
* [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/common/safe_browsing/csd.proto&q=csd&sq=package:chromium&l=229 Chromium source code] | |||
* [http://monica-at-mozilla.blogspot.co.nz/2014/07/download-files-more-safely-with-firefox.html Announcement blog post] | * [http://monica-at-mozilla.blogspot.co.nz/2014/07/download-files-more-safely-with-firefox.html Announcement blog post] | ||
Revision as of 03:53, 21 May 2015
Description
We warn on every application download, which causes warning fatigue and doesn't help users make good decisions. We should track the reputation of download URLs and hashes.
See Security/Features/Application_Reputation_Design_Doc for implementation details.
Engineering
Most of the code lives in toolkit/components/downloads/ApplicationReputation.cpp.
QA
To turn on debugging output, export the following environment variable:
NSPR_LOG_MODULES="ApplicationReputation:5"
Documentation
- API Documentation available internally under NDA
- Chromium source code
- Announcement blog post