Add more histograms for Blob URL in Active Document

Measure the usage of Blob URL in active document. In particular, this CL measures: 1. The Blob URL was loaded in main frame or iframe. 2. The Blob URL was opaque origin. This would allow us to see if there is a way to narrow down a solution we aimed for in crrev.com/c/3911771 to specific navigation types. Bug: 1400338 Change-Id: Ia3c42c9ad300b4241f0bf79ebe3831da3b5e51a8 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4098364 Auto-Submit: Jun Kokatsu <jkokatsu@google.com> Commit-Queue: Tarun Bansal <tbansal@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Tarun Bansal <tbansal@chromium.org> Cr-Commit-Position: refs/heads/main@{#1084523}
chromium · Dec 16, 2022 · 4a8f95e · 4a8f95e
1 parent a0347a7
commit 4a8f95e
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 3 deletions.
diff --git a/chrome/browser/chrome_web_platform_security_metrics_browsertest.cc b/chrome/browser/chrome_web_platform_security_metrics_browsertest.cc
@@ -1909,6 +1909,10 @@ IN_PROC_BROWSER_TEST_F(ChromeWebPlatformSecurityMetricsBrowserTest, BlobUrl) {
   )"));
   CheckHistogramCount("Navigation.BlobUrl", true, 1);
   CheckHistogramCount("Navigation.BlobUrl", false, 3);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", true, 0);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", false, 1);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", true, 0);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", false, 1);
 }
 
 IN_PROC_BROWSER_TEST_F(ChromeWebPlatformSecurityMetricsBrowserTest,
@@ -1922,6 +1926,10 @@ IN_PROC_BROWSER_TEST_F(ChromeWebPlatformSecurityMetricsBrowserTest,
   )"));
   CheckHistogramCount("Navigation.BlobUrl", true, 1);
   CheckHistogramCount("Navigation.BlobUrl", false, 3);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", true, 1);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", false, 0);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", true, 1);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", false, 0);
 }
 
 IN_PROC_BROWSER_TEST_F(ChromeWebPlatformSecurityMetricsBrowserTest,
@@ -1931,6 +1939,10 @@ IN_PROC_BROWSER_TEST_F(ChromeWebPlatformSecurityMetricsBrowserTest,
   EXPECT_TRUE(content::NavigateToURL(web_contents(), url));
   CheckHistogramCount("Navigation.BlobUrl", true, 0);
   CheckHistogramCount("Navigation.BlobUrl", false, 3);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", true, 0);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", false, 0);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", true, 0);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", false, 0);
 
   EXPECT_TRUE(content::ExecJs(web_contents(), R"(
     const blob = new Blob(["test"], {type: "text/html"});
@@ -1939,6 +1951,10 @@ IN_PROC_BROWSER_TEST_F(ChromeWebPlatformSecurityMetricsBrowserTest,
   )"));
   CheckHistogramCount("Navigation.BlobUrl", true, 1);
   CheckHistogramCount("Navigation.BlobUrl", false, 3);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", true, 1);
+  CheckHistogramCount("Navigation.BlobUrl.MainFrame", false, 0);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", true, 0);
+  CheckHistogramCount("Navigation.BlobUrl.Sandboxed", false, 1);
 }
 
 // TODO(arthursonzogni): Add basic test(s) for the WebFeatures:

diff --git a/content/browser/renderer_host/navigator.cc b/content/browser/renderer_host/navigator.cc
@@ -165,9 +165,15 @@ void RecordWebPlatformSecurityMetrics(RenderFrameHostImpl* rfh,
   log(FeatureCoepRO(rfh->cross_origin_embedder_policy().report_only_value));
 
   // [Blob]
-  base::UmaHistogramBoolean(
-      "Navigation.BlobUrl",
-      rfh->GetLastCommittedURL().SchemeIs(url::kBlobScheme));
+  if (rfh->GetLastCommittedURL().SchemeIs(url::kBlobScheme)) {
+    base::UmaHistogramBoolean("Navigation.BlobUrl", true);
+    base::UmaHistogramBoolean("Navigation.BlobUrl.MainFrame",
+                              rfh->IsInPrimaryMainFrame());
+    base::UmaHistogramBoolean("Navigation.BlobUrl.Sandboxed",
+                              rfh->GetLastCommittedOrigin().opaque());
+  } else {
+    base::UmaHistogramBoolean("Navigation.BlobUrl", false);
+  }
 
   // Record iframes embedded in cross-origin contexts without a CSP
   // frame-ancestor directive.

diff --git a/tools/metrics/histograms/metadata/navigation/histograms.xml b/tools/metrics/histograms/metadata/navigation/histograms.xml
@@ -514,6 +514,26 @@ Also used in tools/metrics/histograms/metadata/page/histograms.xml.
   </summary>
 </histogram>
 
+<histogram name="Navigation.BlobUrl.MainFrame" enum="Boolean"
+    expires_after="2023-06-11">
+  <owner>jkokatsu@google.com</owner>
+  <owner>chrome-security-owp-team@google.com</owner>
+  <summary>
+    Record if navigation has occured to Blob URL in main frame or iframe, to
+    better understand the usage of Blob URL in active document.
+  </summary>
+</histogram>
+
+<histogram name="Navigation.BlobUrl.Sandboxed" enum="Boolean"
+    expires_after="2023-06-11">
+  <owner>jkokatsu@google.com</owner>
+  <owner>chrome-security-owp-team@google.com</owner>
+  <summary>
+    Record if navigation has occured to opaque Blob URL, to better understand
+    the usage of Blob URL in active document.
+  </summary>
+</histogram>
+
 <histogram name="Navigation.BrowserMappedUrnUuidInIframeOrFencedFrame"
     enum="NavigationBrowserMappedUrnUuidInIframeOrFencedFrame"
     expires_after="2023-04-30">