Implement unified adblock catalog #19946
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| if (i > UINT8_MAX) { | ||
| return false; | ||
| } | ||
| *field = (uint8_t)i; |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Semgrep found a cast from int (signed) to uint8_t. For arithmetic use base::CheckAdd(value1, value2).AssignIfValid(&result)
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/c/cast-signed-to-unsigned.yaml
Cc @fmarier @thypon
There was a problem hiding this comment.
I updated the check above to the following, although it doesn't appear in the preview here for some reason:
if (i < 0 || i > UINT8_MAX) {
return false;
}
There was a problem hiding this comment.
@bridiver should we use some native helper here?
There was a problem hiding this comment.
There's base::IsValueInRangeForNumericType<uint8_t>(i) but presumedly that won't help with the cast warning either. Closest I found for a one-liner was base::checked_cast<uint8_t>(value->GetInt()) but that CHECKs on out-of-range values instead of returning.
There was a problem hiding this comment.
we definitely should not be doing a c-style cast anywhere, but base::checked_cast is probably what you want here. If you want to fail without a CHECK then call IsValueInRangeForNumericType first
There was a problem hiding this comment.
antonok-edm
force-pushed
the
unified-adblock-catalog
branch
from
bd4762d
to
3ba033e
Compare
antonok-edm
force-pushed
the
unified-adblock-catalog
branch
from
3ba033e
to
f22f593
Compare
| @property(nonatomic, copy) bool hidden; | ||
| @property(nonatomic, copy) bool default_enabled; | ||
| @property(nonatomic, copy) bool first_party_protections; | ||
| @property(nonatomic, copy) uint8_t permission_mask; |
There was a problem hiding this comment.
copydoesn't apply to primative types, it can be removed entirely and just be@property(nonatomic)- You didn't expose any of these properties in the header file so they aren't accessible on the iOS side
There was a problem hiding this comment.
- Camel-case for Obj-C property names and prefixed with
isfor bools (i.e.isHidden,isEnabledByDefault,isFirstPartyProtection, etc)
There was a problem hiding this comment.
ah, exactly what I needed to know 🙏
updated
antonok-edm
force-pushed
the
unified-adblock-catalog
branch
3 times, most recently
from
aa4acaf
to
6c79625
Compare
antonok-edm
force-pushed
the
unified-adblock-catalog
branch
2 times, most recently
from
b26d9be
to
705f6de
Compare
There was a problem hiding this comment.
iOS++
cc @cuba just to notify about upcoming non-breaking changes
| base::BindOnce(&AdBlockFiltersProviderManager::FinishCombinating, | ||
| weak_factory_.GetWeakPtr(), std::move(cb))); | ||
| const auto collect_and_merge = base::BarrierClosure( | ||
| filters_providers.size(), base::BindOnce(std::move(cb))); |
There was a problem hiding this comment.
why are you adding another BindOnce to the callback here?
There was a problem hiding this comment.
good point, fixed
| .add_filter_list( | ||
| std::str::from_utf8(rules.as_slice())?, | ||
| ParseOptions { | ||
| permissions: PermissionMask::from_bits(permission_mask), |
There was a problem hiding this comment.
There was a problem hiding this comment.
seems like you have an enum on one end, but not sure about the cpp end and definitely needs some docs, preferably in the code in the other place I commented
antonok-edm
force-pushed
the
unified-adblock-catalog
branch
4 times, most recently
from
06f0573
to
e2fbd03
Compare
| g_brave_browser_process->ad_block_service()->regional_service_manager(); | ||
| if (!regional_service_manager || | ||
| !regional_service_manager->IsFilterListAvailable( | ||
| auto* component_service_manager = |
There was a problem hiding this comment.
component is already so overloaded, is there a better name we can use here?
There was a problem hiding this comment.
😅 It is at least managing all the filter lists fetched via the component updater now. Previously it managed a weird subset of them, and the original "regional" naming was never 100% accurate for as long as I can remember.
Would CRXServiceManager be better?
There was a problem hiding this comment.
see DM, I think maybe it's better to not expose this in the public api at all. I don't think callers of these methods need to care that there is a ComponentServiceManager that handles certain providers and a subscription manager that handles others, they just want to check IsFilterListAvailable or whatever the case may be
| const std::string& resources_json) { | ||
| auto result = adblock::engine_from_filter_set(std::move(filter_set)); | ||
| if (result.result_kind != adblock::ResultKind::Success) { | ||
| LOG(ERROR) << "AdBlockEngine::OnFilterSetLoaded failed: " |
There was a problem hiding this comment.
Same as the other one, logging like this generally isn't useful so we would normally restrict this to a VLOG. We shouldn't just be logging errors into the main chrome log and actually I think even that is disabled by default maybe
| } | ||
| }, | ||
| adblock_engine_->AsWeakPtr(), deserialize_, std::move(dat_buf_), | ||
| resources_json); | ||
| adblock_engine_->AsWeakPtr(), *std::move(filter_set_), resources_json); |
There was a problem hiding this comment.
I think you might have something a bit weird here with *std::move(filter_set_). You want to move the underlying rust::Box<adblock::FilterSet>, not the absl::optional so I think it should be std::move(*filter_set_)
| dat_buf_ = std::move(dat_buf); | ||
| void AdBlockService::SourceProviderObserver::OnFilterSetLoaded( | ||
| rust::Box<adblock::FilterSet>* filter_set) { | ||
| filter_set_ = absl::make_optional(std::move(*filter_set)); |
There was a problem hiding this comment.
This seems very odd and confusing. Taking ownership from a pointer is not the behavior you would expect. When using base::Owned the callback should not know or need to know that base::Owned was used and in this case it definitely would need to know that. I think you want auto* filter_set to be a unique_ptr, get a raw pointer reference using .get() before you create on_loaded_cb (and call std::move) and then pass that as base::Unretained to LoadFilterSetForEngine
There was a problem hiding this comment.
I think this would also be simpler if you used unique_ptr instead of absl::optional which makes things a bit confusing here and also https://github.com/brave/brave-core/pull/19946/files#r1329348390
antonok-edm
force-pushed
the
unified-adblock-catalog
branch
from
9f7a438
to
e274e6a
Compare
antonok-edm
force-pushed
the
unified-adblock-catalog
branch
from
0b9f8a0
to
cfe8a82
Compare
| @@ -70,6 +71,20 @@ bool GetStringVector(const base::Value* value, | |||
| } | |||
| } | |||
|
|
|||
| bool GetUint8(const base::Value* value, uint8_t* field) { | |||
There was a problem hiding this comment.
do we have any tests that cover this indirectly?
* The file was renamed from #19946
Resolves brave/brave-browser#32482
Submitter Checklist:
QA/YesorQA/No;release-notes/includeorrelease-notes/exclude;OS/...) to the associated issuenpm run test -- brave_browser_tests,npm run test -- brave_unit_testswikinpm run lint,npm run presubmitwiki,npm run gn_check,npm run tslintgit rebase master(if needed)Reviewer Checklist:
gnAfter-merge Checklist:
changes has landed on
Test Plan:
This change makes the default adblock component available slightly later on first startup after install, as it requires an additional network round-trip for a component installation. It'd be good to test the following:
With a completely fresh install, open Brave and as quickly as humanly possible navigate to a page that is likely to have ads and/or cookie banners if Shields are down (i.e. definitely YouTube, maybe some others as well). Shields should still be working correctly. This should be the case on a wide range of internet connnections (slow/fast, high/low latency).
If there are any issues with this, it's possible to preload the default adblock component's ID and public key like we had before in a followup.