This repository was archived by the owner on Feb 24, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 440
Malicious site protection feature flags #3719
Merged
alessandroboron
merged 4 commits into
alessandro/malicious-site-protection
from
alessandro/malicious-site-protection-feature-flags
Jan 14, 2025
Merged
Changes from all commits
Commits
Show all changes
4 commits
Select commit
Hold shift + click to select a range
aefcfe4
Add feature flags for malicious site protection
alessandroboron 04e2c9c
Parse settings for Malicious Site protection remote config
alessandroboron babb285
Removed deinit from Malicious Site Protection test suite
alessandroboron e791a06
Add Malicious Site Protection subfeature
alessandroboron File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
104 changes: 104 additions & 0 deletions
104
DuckDuckGo/MaliciousSiteProtection/FeatureFlags/MaliciousSiteProtectionFeatureFlags.swift
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,104 @@ | ||
| // | ||
| // MaliciousSiteProtectionFeatureFlags.swift | ||
| // DuckDuckGo | ||
| // | ||
| // Copyright © 2024 DuckDuckGo. All rights reserved. | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
| // | ||
|
|
||
| import Foundation | ||
| import BrowserServicesKit | ||
| import Core | ||
|
|
||
| protocol MaliciousSiteProtectionFeatureFlagger { | ||
| /// A Boolean value indicating whether malicious site protection is enabled. | ||
| /// - Returns: `true` if malicious site protection is enabled; otherwise, `false`. | ||
| var isMaliciousSiteProtectionEnabled: Bool { get } | ||
|
|
||
| /// Checks if should detect malicious threats for a specific domain. | ||
| /// - Parameter domain: The domain to check for malicious threat. | ||
| /// - Returns: `true` if should check for malicious threats for the specified domain; otherwise, `false`. | ||
| func shouldDetectMaliciousThreat(forDomain domain: String?) -> Bool | ||
| } | ||
|
|
||
| protocol MaliciousSiteProtectionFeatureFlagsSettingsProvider { | ||
| /// The frequency, in minutes, at which the hash prefix should be updated. | ||
| var hashPrefixUpdateFrequency: Int { get } | ||
| /// The frequency, in minutes, at which the filter set should be updated. | ||
| var filterSetUpdateFrequency: Int { get } | ||
| } | ||
|
|
||
| /// An enum representing the different settings for malicious site protection feature flags. | ||
| enum MaliciousSiteProtectionFeatureSettings: String { | ||
| /// The setting for hash prefix update frequency. | ||
| case hashPrefixUpdateFrequency | ||
| /// The setting for filter set update frequency. | ||
| case filterSetUpdateFrequency | ||
|
|
||
| var defaultValue: Int { | ||
| switch self { | ||
| case .hashPrefixUpdateFrequency: return 20 // Default frequency for hash prefix updates is 20 minutes. | ||
| case .filterSetUpdateFrequency: return 720 // Default frequency for filter set updates is 720 minutes (12 hours). | ||
| } | ||
| } | ||
| } | ||
|
|
||
| final class MaliciousSiteProtectionFeatureFlags { | ||
| private let featureFlagger: FeatureFlagger | ||
| private let privacyConfigManager: PrivacyConfigurationManaging | ||
|
|
||
| private var remoteSettings: PrivacyConfigurationData.PrivacyFeature.FeatureSettings { | ||
| privacyConfigManager.privacyConfig.settings(for: .maliciousSiteProtection) | ||
| } | ||
|
|
||
| init( | ||
| featureFlagger: FeatureFlagger = AppDependencyProvider.shared.featureFlagger, | ||
| privacyConfigManager: PrivacyConfigurationManaging = ContentBlocking.shared.privacyConfigurationManager | ||
| ) { | ||
| self.featureFlagger = featureFlagger | ||
| self.privacyConfigManager = privacyConfigManager | ||
| } | ||
| } | ||
|
|
||
| // MARK: - MaliciousSiteProtectionFeatureFlagger | ||
|
|
||
| extension MaliciousSiteProtectionFeatureFlags: MaliciousSiteProtectionFeatureFlagger { | ||
|
|
||
| var isMaliciousSiteProtectionEnabled: Bool { | ||
| featureFlagger.isFeatureOn(.maliciousSiteProtection) | ||
| } | ||
|
|
||
| func shouldDetectMaliciousThreat(forDomain domain: String?) -> Bool { | ||
| isMaliciousSiteProtectionEnabled && privacyConfigManager.privacyConfig.isFeature(.maliciousSiteProtection, enabledForDomain: domain) | ||
| } | ||
|
|
||
| } | ||
|
|
||
| // MARK: - MaliciousSiteProtectionFeatureFlagsSettingsProvider | ||
|
|
||
| extension MaliciousSiteProtectionFeatureFlags: MaliciousSiteProtectionFeatureFlagsSettingsProvider { | ||
|
|
||
| var hashPrefixUpdateFrequency: Int { | ||
| getSettings(MaliciousSiteProtectionFeatureSettings.hashPrefixUpdateFrequency) | ||
| } | ||
|
|
||
| var filterSetUpdateFrequency: Int { | ||
| getSettings(MaliciousSiteProtectionFeatureSettings.filterSetUpdateFrequency) | ||
| } | ||
|
|
||
| private func getSettings(_ value: MaliciousSiteProtectionFeatureSettings) -> Int { | ||
| remoteSettings[value.rawValue] as? Int ?? value.defaultValue | ||
| } | ||
|
|
||
| } |
141 changes: 141 additions & 0 deletions
141
DuckDuckGoTests/MaliciousSiteProtection/MaliciousSiteProtectionFeatureFlagsTests.swift
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,141 @@ | ||
| // | ||
| // MaliciousSiteProtectionFeatureFlagsTests.swift | ||
| // DuckDuckGo | ||
| // | ||
| // Copyright © 2024 DuckDuckGo. All rights reserved. | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
| // | ||
|
|
||
| import Testing | ||
| import BrowserServicesKit | ||
| @testable import DuckDuckGo | ||
|
|
||
| @Suite("Malicious Site Protection - Feature Flags", .serialized) | ||
| final class MaliciousSiteProtectionFeatureFlagsTests { | ||
| private var sut: MaliciousSiteProtectionFeatureFlags! | ||
| private var featureFlaggerMock: MockFeatureFlagger! | ||
| private var configurationManagerMock: PrivacyConfigurationManagerMock! | ||
|
|
||
| init() async throws { | ||
| featureFlaggerMock = MockFeatureFlagger() | ||
| configurationManagerMock = PrivacyConfigurationManagerMock() | ||
| sut = MaliciousSiteProtectionFeatureFlags(featureFlagger: featureFlaggerMock, privacyConfigManager: configurationManagerMock) | ||
| } | ||
|
|
||
| // MARK: - Web Error Page | ||
|
|
||
| @Test("Check Threat Detection Enabled") | ||
| func whenThreatDetectionEnabled_AndFeatureFlagIsOn_ThenReturnTrue() throws { | ||
| // GIVEN | ||
| featureFlaggerMock.enabledFeatureFlags = [.maliciousSiteProtection] | ||
|
|
||
| // WHEN | ||
| let result = sut.isMaliciousSiteProtectionEnabled | ||
|
|
||
| // THEN | ||
| #expect(result) | ||
| } | ||
|
|
||
| @Test("Check Threat Detection Disabled") | ||
| func whenThreatDetectionEnabled_AndFeatureFlagIsOff_ThenReturnFalse() throws { | ||
| // GIVEN | ||
| featureFlaggerMock.enabledFeatureFlags = [] | ||
|
|
||
| // WHEN | ||
| let result = sut.isMaliciousSiteProtectionEnabled | ||
|
|
||
| // THEN | ||
| #expect(!result) | ||
| } | ||
|
|
||
| @Test("Check Threat Detection Enabled For Domain") | ||
| func whenThreatDetectionEnabledForDomain_AndFeatureIsAvailableForDomain_ThenReturnTrue() throws { | ||
| // GIVEN | ||
| featureFlaggerMock.enabledFeatureFlags = [.maliciousSiteProtection] | ||
| let privacyConfigMock = try #require(configurationManagerMock.privacyConfig as? PrivacyConfigurationMock) | ||
| privacyConfigMock.enabledFeatures = [.maliciousSiteProtection: ["example.com"]] | ||
| let domain = "example.com" | ||
|
|
||
| // WHEN | ||
| let result = sut.shouldDetectMaliciousThreat(forDomain: domain) | ||
|
|
||
| // THEN | ||
| #expect(result) | ||
| } | ||
|
|
||
| @Test("Check Threat Detection Disabled For Domain When Protection For Domain Is Not Enabled") | ||
| func whenThreatDetectionCalledEnabledForDomain_AndFeatureIsNotAvailableForDomain_ThenReturnFalse() throws { | ||
| // GIVEN | ||
| featureFlaggerMock.enabledFeatureFlags = [.maliciousSiteProtection] | ||
| let privacyConfigMock = try #require(configurationManagerMock.privacyConfig as? PrivacyConfigurationMock) | ||
| privacyConfigMock.enabledFeatures = [.maliciousSiteProtection: []] | ||
| let domain = "example.com" | ||
|
|
||
| // WHEN | ||
| let result = sut.shouldDetectMaliciousThreat(forDomain: domain) | ||
|
|
||
| // THEN | ||
| #expect(!result) | ||
| } | ||
|
|
||
| @Test("Check Threat Detection Disabled For Domain When Feature Flag Is Off") | ||
| func whenThreatDetectionEnabledForDomain_AndPrivacyConfigFeatureFlagIsOn_AndThreatDetectionSubFeatureIsOff_ThenReturnTrue() throws { | ||
| // GIVEN | ||
| let privacyConfigMock = try #require(configurationManagerMock.privacyConfig as? PrivacyConfigurationMock) | ||
| privacyConfigMock.enabledFeatures = [.adClickAttribution: ["example.com"]] | ||
| let domain = "example.com" | ||
|
|
||
| // WHEN | ||
| let result = sut.shouldDetectMaliciousThreat(forDomain: domain) | ||
|
|
||
| // THEN | ||
| #expect(!result) | ||
| } | ||
|
|
||
| @Test("Feature Settings Return Remote Values") | ||
| func whenSettingIsDefinedReturnValue() throws { | ||
| // GIVEN | ||
| let privacyConfigMock = try #require(configurationManagerMock.privacyConfig as? PrivacyConfigurationMock) | ||
| privacyConfigMock.settings[.maliciousSiteProtection] = [ | ||
| MaliciousSiteProtectionFeatureSettings.hashPrefixUpdateFrequency.rawValue: 10, | ||
| MaliciousSiteProtectionFeatureSettings.filterSetUpdateFrequency.rawValue: 50 | ||
| ] | ||
| sut = MaliciousSiteProtectionFeatureFlags(featureFlagger: featureFlaggerMock, privacyConfigManager: configurationManagerMock) | ||
|
|
||
| // WHEN | ||
| let hashPrefixUpdateFrequency = sut.hashPrefixUpdateFrequency | ||
| let filterSetUpdateFrequency = sut.filterSetUpdateFrequency | ||
|
|
||
| // THEN | ||
| #expect(hashPrefixUpdateFrequency == 10) | ||
| #expect(filterSetUpdateFrequency == 50) | ||
| } | ||
|
|
||
| @Test("Feature Settings Return Default Values") | ||
| func whenSettingIsNotDefinedReturnDefaultValue() throws { | ||
| // GIVEN | ||
| let privacyConfigMock = try #require(configurationManagerMock.privacyConfig as? PrivacyConfigurationMock) | ||
| privacyConfigMock.settings[.maliciousSiteProtection] = [:] | ||
| sut = MaliciousSiteProtectionFeatureFlags(featureFlagger: featureFlaggerMock, privacyConfigManager: configurationManagerMock) | ||
|
|
||
| // WHEN | ||
| let hashPrefixUpdateFrequency = sut.hashPrefixUpdateFrequency | ||
| let filterSetUpdateFrequency = sut.filterSetUpdateFrequency | ||
|
|
||
| // THEN | ||
| #expect(hashPrefixUpdateFrequency == 20) | ||
| #expect(filterSetUpdateFrequency == 720) | ||
| } | ||
|
|
||
| } |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Subfeature required to enable remote rollout at a later stage.