commit 4844f05e2c814809ce84333d7cb90caa71289dcf parent 65f4a6b2c8b6f00381c3158b4f18d767f2053498 Author: Tim Huang <tihuang@mozilla.com> Date: Thu, 16 Oct 2025 07:44:47 +0000 Bug 1975197 - Introduce the nimbus feature to contorl SafeBrowsing V5 on Android. r=dimi,geckoview-reviewers,android-reviewers,geckoview-api-reviewers,tcampbell,ohall Differential Revision: https://phabricator.services.mozilla.com/D267204 Diffstat:
8 files changed, 107 insertions(+), 1 deletion(-)
diff --git a/mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngine.kt b/mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngine.kt @@ -1659,6 +1659,10 @@ class GeckoEngine( override var crliteChannel: String? get() = runtime.settings.crliteChannel set(value) { value?.let { runtime.settings.setCrliteChannel(value) } } + + override var safeBrowsingV5Enabled: Boolean? + get() = runtime.settings.contentBlocking.safeBrowsingV5Enabled.or(false) + set(value) { value?.let { runtime.settings.contentBlocking.setSafeBrowsingV5Enabled(value) } } }.apply { defaultSettings?.let { this.javascriptEnabled = it.javascriptEnabled @@ -1707,6 +1711,7 @@ class GeckoEngine( this.bannedPorts = it.bannedPorts this.lnaBlockingEnabled = it.lnaBlockingEnabled this.crliteChannel = it.crliteChannel + this.safeBrowsingV5Enabled = it.safeBrowsingV5Enabled } } diff --git a/mobile/android/android-components/components/concept/engine/src/main/java/mozilla/components/concept/engine/Settings.kt b/mobile/android/android-components/components/concept/engine/src/main/java/mozilla/components/concept/engine/Settings.kt @@ -372,6 +372,11 @@ abstract class Settings { * Setting to control the CRLite certificate blocklist channel */ open var crliteChannel: String? by UnsupportedSetting() + + /** + * Setting to control whether Safe Browsing V5 is enabled. + */ + open var safeBrowsingV5Enabled: Boolean? by UnsupportedSetting() } /** @@ -446,6 +451,7 @@ data class DefaultSettings( override var bannedPorts: String = "", override var lnaBlockingEnabled: Boolean = false, override var crliteChannel: String? = null, + override var safeBrowsingV5Enabled: Boolean? = null, ) : Settings() { override val desktopModeEnabled: Boolean get() = getDesktopMode() diff --git a/mobile/android/fenix/app/nimbus.fml.yaml b/mobile/android/fenix/app/nimbus.fml.yaml @@ -600,6 +600,21 @@ features: type: Boolean default: true + safe-browsing-v5: + description: Control Safe Browsing V5. + variables: + feature-enabled: + description: >- + If true, this feature is enabled. Otherwise, we follow the + SafeBrowsing V5 enabled pref. + type: Boolean + default: false + enable-v5: + description: >- + Enables / disables the SafeBrowsing V5 protocol. + type: Boolean + default: false + menu-redesign: description: Control the new menu redesign. variables: diff --git a/mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/Core.kt b/mobile/android/fenix/app/src/main/java/org/mozilla/fenix/components/Core.kt @@ -225,6 +225,12 @@ class Core( FxNimbus.features.thirdPartyCookieBlocking.value().enabledPrivate } + // Apply Safe Browsing V5 settings if the Nimbus feature is enabled. + if (FxNimbus.features.safeBrowsingV5.value().featureEnabled) { + defaultSettings.safeBrowsingV5Enabled = + FxNimbus.features.safeBrowsingV5.value().enableV5 + } + GeckoEngine( context, defaultSettings, diff --git a/mobile/android/geckoview/api.txt b/mobile/android/geckoview/api.txt @@ -583,6 +583,7 @@ package org.mozilla.geckoview { method @NonNull public String[] getSafeBrowsingMalwareTable(); method @NonNull public String[] getSafeBrowsingPhishingTable(); method @NonNull public Collection<ContentBlocking.SafeBrowsingProvider> getSafeBrowsingProviders(); + method @NonNull public Boolean getSafeBrowsingV5Enabled(); method public boolean getStrictSocialTrackingProtection(); method @NonNull public ContentBlocking.Settings setAllowListBaselineTrackingProtection(boolean); method @NonNull public ContentBlocking.Settings setAllowListConvenienceTrackingProtection(boolean); @@ -607,6 +608,7 @@ package org.mozilla.geckoview { method @NonNull public ContentBlocking.Settings setSafeBrowsingMalwareTable(@NonNull String...); method @NonNull public ContentBlocking.Settings setSafeBrowsingPhishingTable(@NonNull String...); method @NonNull public ContentBlocking.Settings setSafeBrowsingProviders(@NonNull ContentBlocking.SafeBrowsingProvider...); + method @NonNull public ContentBlocking.Settings setSafeBrowsingV5Enabled(boolean); method @NonNull public ContentBlocking.Settings setStrictSocialTrackingProtection(boolean); field public static final Parcelable.Creator<ContentBlocking.Settings> CREATOR; } diff --git a/mobile/android/geckoview/src/androidTest/java/org/mozilla/geckoview/test/RuntimeSettingsTest.kt b/mobile/android/geckoview/src/androidTest/java/org/mozilla/geckoview/test/RuntimeSettingsTest.kt @@ -1035,4 +1035,41 @@ class RuntimeSettingsTest : BaseSessionTest() { equalTo(crliteChannel), ) } + + @Test + fun safeBrowsingV5Enabled() { + val geckoRuntimeSettings = sessionRule.runtime.settings + + // Read the default pref value. + var defaultPrefValue = + (sessionRule.getPrefs("browser.safebrowsing.provider.google5.enabled").get(0)) as Boolean + + // Verify the Safe Browsing V5 enabled setting matches the default + // pref value. + assertThat( + "Safe Browsing V5 enabled pref should match setting", + geckoRuntimeSettings.contentBlocking.safeBrowsingV5Enabled, + equalTo(defaultPrefValue), + ) + + // Set the Safe Browsing V5 setting. + geckoRuntimeSettings.contentBlocking.setSafeBrowsingV5Enabled(!defaultPrefValue) + + // Verify the Safe Browsing V5 enabled setting does change. + assertThat( + "Safe Browsing V5 enabled pref should match setting", + geckoRuntimeSettings.contentBlocking.safeBrowsingV5Enabled, + equalTo(!defaultPrefValue), + ) + + // Verify the Safe Browsing V5 enabled pref does change. + var enabled = + (sessionRule.getPrefs("browser.safebrowsing.provider.google5.enabled").get(0)) as Boolean + + assertThat( + "Safe Browsing V5 enabled pref should match setting", + enabled, + equalTo(!defaultPrefValue), + ) + } } diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/ContentBlocking.java b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/ContentBlocking.java @@ -608,6 +608,36 @@ public class ContentBlocking { } /** + * Get whether Safe Browsing V5 is enabled. + * + * @return Whether Safe Browsing V5 is enabled. + */ + public @NonNull Boolean getSafeBrowsingV5Enabled() { + final SafeBrowsingProvider provider = mSafeBrowsingProviders.get("google5"); + if (provider == null) { + return false; + } + + return provider.getEnabled(); + } + + /** + * Set the value to control whether Safe Browsing V5 is enabled. + * + * @param enabled Whether we set the Safe Browsing V5 to enabled or disabled + * @return the {@link Settings} instance. + */ + public @NonNull Settings setSafeBrowsingV5Enabled(final boolean enabled) { + final SafeBrowsingProvider provider = mSafeBrowsingProviders.get("google5"); + if (provider == null) { + return this; + } + + provider.mEnabled.commit(enabled); + return this; + } + + /** * Get the table for SafeBrowsing Phishing. The identifiers present in this table must match one * of the identifiers present in {@link SafeBrowsingProvider#getLists}. * diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/doc-files/CHANGELOG.md b/mobile/android/geckoview/src/main/java/org/mozilla/geckoview/doc-files/CHANGELOG.md @@ -13,6 +13,11 @@ exclude: true ⚠️ breaking change and deprecation notices +## v146 +- Added `getSafeBrowsingV5Enabled` and `setSafeBrowsingV5Enabled` to [`ContentBlocking.Settings`][146.1] to control whether to use the SafeBrowsing V5 protocol to access the Google SafeBrowsing service. + +[146.1]: {{javadoc_uri}}/ContentBlocking.html + ## v145 - Added [`WebNotification.show`][145.1]. Implementations of `WebNotificationDelegate.onShowNotification` should now call either `show` when the notification is successfully opened, or `dismiss` if it failed. - Added [`WebExtension.InvalidMetaDataException`][145.2]. ([bug 1981496]({{bugzilla}}1981496)) @@ -1846,4 +1851,4 @@ to allow adding gecko profiler markers. [65.24]: {{javadoc_uri}}/CrashReporter.html#sendCrashReport(android.content.Context,android.os.Bundle,java.lang.String) [65.25]: {{javadoc_uri}}/GeckoResult.html -[api-version]: a15af3b5439f5bed524e92e4c59c52d139d435a8 +[api-version]: 934d10cc9408a3ac9eed888409108ac06b540280