Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Download protection service (SafeBrowsing) is blocking a file from google.com #26183

Closed
bsclifton opened this issue Oct 21, 2022 · 7 comments · Fixed by brave/brave-core#18997
Closed

Download protection service (SafeBrowsing) is blocking a file from google.com #26183

bsclifton opened this issue Oct 21, 2022 · 7 comments · Fixed by brave/brave-core#18997
Assignees
@fmarier
Labels
bug Chromium/reported upstream Issue has been reported upstream and crbug link is in the issue feature/download feature/safebrowsing OS/Desktop QA Pass-Win64 QA/Yes release-notes/include
Milestone
1.58.x - Release

Comments

@bsclifton
Copy link
Member

Description

Trying to download the Chrome enterprise templates and Brave gives an error and won't allow you (no matter what you try) to access the file. Only option is to Discard. Turning off Safe Browsing resolves the issue

Steps to Reproduce

  1. Be in Brave
  2. Have Safe Browsing enabled (under brave://settings/security)
  3. Try to download https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip
  4. Download finishes

Actual result:

Download bar shows as dangerous and you can only click Discard. Clicking down chevron sends you to a help link
image

Expected result:

It should download and be accessible. Works in Chrome
image

Reproduces how often:

100%

Version/Channel Information:

  • Can you reproduce this issue with the current release? YES
  • Can you reproduce this issue with the beta channel? YES
  • Can you reproduce this issue with the nightly channel? YES

Other Additional Information:

  • Does the issue resolve itself when disabling Brave Shields? NO
  • Does the issue resolve itself when disabling Brave Rewards? NO
  • Is the issue reproducible on the latest version of Chrome? NO
@bsclifton
Copy link
Member Author

Per convo with @fmarier - call to Safe Browsing may be missing metadata

@fmarier
Copy link
Member

fmarier commented Mar 10, 2023
edited
Loading

After investigating this, I found that this file was blocked with the following indicators:

  • UI = "Blocked - Dangerous"
  • DownloadCheckResults = POTENTIALLY_UNWANTED (5)
  • DownloadCheckResultReason = REASON_DOWNLOAD_POTENTIALLY_UNWANTED (21)
  • DownloadDangerType = DOWNLOAD_DANGER_TYPE_POTENTIALLY_UNWANTED (8)

and I did notice that providing the URL of the download (i.e. by commenting out this
line), changed the server verdict from POTENTIALLY_UNWANTED to SAFE. This is why it has always worked fine in Chrome.

However, while the file is still the same, I can't reproduce the POTENTIALLY_UNWANTED verdict anymore and so it looks there's been a server-side change. Perhaps Google has realized that this was a false positive.

@fmarier fmarier closed this as completed Mar 10, 2023
@fmarier
Copy link
Member

fmarier commented Apr 19, 2023

Seems to be happening again.

@fmarier fmarier reopened this Apr 19, 2023
@fmarier fmarier mentioned this issue Jun 22, 2023
Merged
25 tasks
fmarier added a commit to brave/brave-core that referenced this issue Jun 22, 2023
@fmarier
Enable download protection allowlist for all desktop builds (fixes br…
7d5877c 
…ave/brave-browser#26183)
@brave-builds brave-builds added this to the 1.55.x - Nightly milestone Jun 26, 2023
@fmarier fmarier mentioned this issue Jul 6, 2023
Closed
@fmarier
Copy link
Member

fmarier commented Jul 26, 2023

The fix is now upstream: https://chromium.googlesource.com/chromium/src/+/4c22713700868309e30a6611702a83413dba428b

@stephendonner stephendonner added bug QA/In-Progress Indicates that QA is currently in progress for that particular issue labels Aug 8, 2023
@stephendonner
Copy link

The fix is now upstream: https://chromium.googlesource.com/chromium/src/+/4c22713700868309e30a6611702a83413dba428b

Do we need to file any followup issues to remove the temporary patch on our side?

@stephendonner
Copy link

stephendonner commented Aug 8, 2023
edited
Loading

Verification PASSED using

Brave | 1.58.80 Chromium: 116.0.5845.51 (Official Build) nightly (64-bit)
-- | --
Revision | 4408cc9795df260c5d5f033660ce757782b53b32
OS | Windows 10 Version 22H2 (Build 19045.3271)

Steps:

  1. installed 1.58.80
  2. launched Brave
  3. opened brave://settings/security
  4. confirmed Safe Browsing was set to Standard Protection
  5. downloaded https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip
  6. clicked Save

Confirmed policy_templates.zip didn't warn/block, and was successfully downloaded, with Safe Browsing enabled

example example example example
image image image image

@stephendonner stephendonner added QA Pass-Win64 and removed QA/In-Progress Indicates that QA is currently in progress for that particular issue labels Aug 8, 2023
@fmarier
Copy link
Member

fmarier commented Aug 8, 2023

Do we need to file any followup issues to remove the temporary patch on our side?

It should happen as part of a Chromium rebase since our patch won't apply anymore (already applied upstream).

@rebron rebron added the Chromium/reported upstream Issue has been reported upstream and crbug link is in the issue label Aug 31, 2023
@LaurenWags LaurenWags mentioned this issue Sep 13, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fmarier fmarier

Labels
bug Chromium/reported upstream Issue has been reported upstream and crbug link is in the issue feature/download feature/safebrowsing OS/Desktop QA Pass-Win64 QA/Yes release-notes/include
Projects
None yet
Milestone
1.58.x - Release
Development

Successfully merging a pull request may close this issue.

Enable download protection allowlist for all desktop builds brave/brave-core
5 participants
@fmarier @stephendonner @bsclifton @rebron @brave-builds