Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add flag to override download danger level #18877

Merged
merged 1 commit into from
Jun 14, 2023
Merged

Add flag to override download danger level #18877

merged 1 commit into from
Jun 14, 2023

Conversation

fmarier
Copy link
Member

@fmarier fmarier commented Jun 13, 2023
edited
Loading

Fixes brave/brave-browser#28917

Security review: https://github.com/brave/security/issues/1306

This only applies when Safe Browsing is turned off.

Submitter Checklist:

  • I confirm that no security/privacy review is needed, or that I have requested one
  • There is a ticket for my issue
  • Used Github auto-closing keywords in the PR description above
  • Wrote a good PR/commit description
  • Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
  • Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
  • Checked the PR locally:
    • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
    • npm run lint, npm run presubmit wiki, npm run gn_check, npm run tslint
  • Ran git rebase master (if needed)

Reviewer Checklist:

  • A security review is not needed, or a link to one is included in the PR description
  • New files have MPL-2.0 license header
  • Adequate test coverage exists to prevent regressions
  • Major classes, functions and non-trivial code blocks are well-commented
  • Changes in component dependencies are properly reflected in gn
  • Code follows the style guide
  • Test plan is specified in PR before merging

After-merge Checklist:

Test Plan:

  1. Start the browser and disable Safe Browsing from brave://settings/security.
  2. Go to https://zoom.us/download and download Zoom for the platform you're testing on (e.g. the .deb on Linux, the .exe on Windows and the .dmg on Mac).
  3. Confirm that the download is blocked as dangerous.
  4. Go into brave://flags/ and enable brave-override-download-danger-level.
  5. Restart the browser.
  6. Go back to https://zoom.us/download and download the same client as in step 2.
  7. Confirm that the download is not blocked.

@fmarier fmarier requested a review from mkarolin June 13, 2023 00:33
@fmarier fmarier requested review from a team as code owners June 13, 2023 00:33
@fmarier fmarier self-assigned this Jun 13, 2023
@fmarier
Add flag to override download danger level (fixes brave/brave-browser…
b8f7bdb 
…#28917)

This only applies when Safe Browsing is turned off.
@fmarier fmarier force-pushed the override-download-danger-level-28917 branch from eca15ef to b8f7bdb Compare June 14, 2023 17:41
@fmarier fmarier merged commit 802512b into master Jun 14, 2023
14 checks passed
@fmarier fmarier deleted the override-download-danger-level-28917 branch June 14, 2023 19:42
@github-actions github-actions bot added this to the 1.54.x - Nightly milestone Jun 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iefremov iefremov iefremov approved these changes

@mkarolin mkarolin Awaiting requested review from mkarolin

Assignees

@fmarier fmarier

Labels
None yet
Projects
None yet
Milestone
1.57.x - Release
2 participants
@fmarier @iefremov