Malicious site protection App settings

Core/AppURLs.swift

@@ -38,6 +38,7 @@ public extension URL {
     static let apps = URL(string: AppDeepLinkSchemes.quickLink.appending("\(ddg.host!)/apps?origin=funnel_app_ios"))!
     static let searchSettings = URL(string: AppDeepLinkSchemes.quickLink.appending("\(ddg.host!)/settings"))!
     static let autofillHelpPageLink = URL(string: AppDeepLinkSchemes.quickLink.appending("\(ddg.host!)/duckduckgo-help-pages/sync-and-backup/password-manager-security/"))!
+    static let maliciousSiteProtectionLearnMore = URL(string: AppDeepLinkSchemes.quickLink.appending("\(ddg.host!)/duckduckgo-help-pages/privacy/phishing-and-malware-protection/"))!
 
     static let surrogates = URL(string: "\(staticBase)/surrogates.txt")!
 

Core/FeatureFlag.swift

@@ -63,6 +63,10 @@ public enum FeatureFlag: String {
 
     /// https://app.asana.com/0/0/1208767141940869/f
     case freeTrials
+
+    /// Feature flag to enable / disable phishing and malware protection
+    /// https://app.asana.com/0/1206329551987282/1207149365636877/f
+    case maliciousSiteProtection
 }
 
 extension FeatureFlag: FeatureFlagDescribing {
@@ -146,6 +150,8 @@ extension FeatureFlag: FeatureFlagDescribing {
             return .remoteReleasable(.subfeature(PrivacyProSubfeature.isLaunchedROWOverride))
         case .freeTrials:
             return .remoteDevelopment(.subfeature(PrivacyProSubfeature.freeTrials))
+        case .maliciousSiteProtection:
+            return .remoteDevelopment(.subfeature(MaliciousSiteProtectionSubfeature.onByDefault))
         }
     }
 }

Core/UserDefaultsPropertyWrapper.swift

@@ -188,6 +188,9 @@ public struct UserDefaultsWrapper<T> {
 
         // TipKit
         case resetTipKitOnNextLaunch = "com.duckduckgo.ios.tipKit.resetOnNextLaunch"
+
+        // Malicious Site Protection
+        case maliciousSiteProtectionEnabled = "com.duckduckgo.ios.maliciousSiteProtection.enabled"
     }
 
     private let key: Key

DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved

@@ -32,8 +32,8 @@
       "kind" : "remoteSourceControl",
       "location" : "https://github.com/DuckDuckGo/BrowserServicesKit",
       "state" : {
-        "revision" : "14384f05a6e43842c4626e06736e2c4f5d758057",
-        "version" : "224.1.0"
+        "branch" : "alessandro/malicious-site-protection-address-bar-and-privacy-dashboard",
+        "revision" : "99c0009d13e4b7ac1540e29f51d0a871adec1253"
       }
     },
     {
@@ -122,8 +122,8 @@
       "kind" : "remoteSourceControl",
       "location" : "https://github.com/duckduckgo/privacy-dashboard",
       "state" : {
-        "revision" : "2e2baf7d31c7d8e158a58bc1cb79498c1c727fd2",
-        "version" : "7.5.0"
+        "branch" : "pr-releases/pr-252",
+        "revision" : "38ffba856dcc8cebcb21b4e0c49f512fe695e576"
       }
     },
     {

DuckDuckGo/AppDependencyProvider.swift

@@ -52,6 +52,7 @@ protocol DependencyProvider {
     var serverInfoObserver: ConnectionServerInfoObserver { get }
     var vpnSettings: VPNSettings { get }
     var persistentPixel: PersistentPixelFiring { get }
+    var maliciousSiteProtectionPreferencesManager: MaliciousSiteProtectionPreferencesManaging { get }
 
 }
 
@@ -91,6 +92,7 @@ final class AppDependencyProvider: DependencyProvider {
     let serverInfoObserver: ConnectionServerInfoObserver = ConnectionServerInfoObserverThroughSession()
     let vpnSettings = VPNSettings(defaults: .networkProtectionGroupDefaults)
     let persistentPixel: PersistentPixelFiring = PersistentPixel()
+    let maliciousSiteProtectionPreferencesManager: MaliciousSiteProtectionPreferencesManaging = MaliciousSiteProtectionPreferencesManager()
 
     private init() {
         let featureFlaggerOverrides = FeatureFlagLocalOverrides(keyValueStore: UserDefaults(suiteName: FeatureFlag.localOverrideStoreName)!,

DuckDuckGo/AppLifecycle/AppStateTransitions.swift

@@ -26,7 +26,7 @@ extension Init {
         switch event {
         case .launching(let application, let isTesting):
             if isTesting {
-                return Testing(application: application)
+                return AppTesting(application: application)
             }
             return Launched(stateContext: makeStateContext(application: application))
         default:
@@ -116,7 +116,7 @@ extension Background {
 
 }
 
-extension Testing {
+extension AppTesting {
 
     func apply(event: AppEvent) -> any AppState { self }
 

DuckDuckGo/AppLifecycle/AppStates/Testing.swift → DuckDuckGo/AppLifecycle/AppStates/AppTesting.swift

@@ -1,5 +1,5 @@
 //
-//  Testing.swift
+//  AppTesting.swift
 //  DuckDuckGo
 //
 //  Copyright © 2024 DuckDuckGo. All rights reserved.
@@ -21,7 +21,7 @@ import Core
 import UIKit
 
 @MainActor
-struct Testing: AppState {
+struct AppTesting: AppState {
 
     init(application: UIApplication) {
         Pixel.isDryRun = true

DuckDuckGo/Assets.xcassets/DesignSystemIcons/24px/Alert-Color-24.imageset/Contents.json

@@ -0,0 +1,12 @@
+{
+  "images" : [
+    {
+      "filename" : "Alert-Recolorable-24.pdf",
+      "idiom" : "universal"
+    }
+  ],
+  "info" : {
+    "author" : "xcode",
+    "version" : 1
+  }
+}

DuckDuckGo/Base.lproj/OmniBar.xib

@@ -166,7 +166,7 @@
                                                                 <constraint firstAttribute="width" constant="158" id="yFt-j7-mPi"/>
                                                             </constraints>
                                                         </view>
-                                                        <imageView clipsSubviews="YES" userInteractionEnabled="NO" contentMode="center" horizontalHuggingPriority="251" verticalHuggingPriority="251" image="LogoIcon" translatesAutoresizingMaskIntoConstraints="NO" id="eoZ-Ly-QHi">
+                                                        <imageView clipsSubviews="YES" userInteractionEnabled="NO" contentMode="center" horizontalHuggingPriority="251" verticalHuggingPriority="251" translatesAutoresizingMaskIntoConstraints="NO" id="eoZ-Ly-QHi">
                                                             <rect key="frame" x="0.0" y="2" width="43" height="38"/>
                                                         </imageView>
                                                     </subviews>
@@ -185,9 +185,9 @@
                                                         <constraint firstItem="eoZ-Ly-QHi" firstAttribute="leading" secondItem="99p-YW-bjm" secondAttribute="leading" id="VgX-60-gzX"/>
                                                     </constraints>
                                                     <connections>
-                                                        <outlet property="daxLogoImageView" destination="eoZ-Ly-QHi" id="aTN-UG-1Em"/>
                                                         <outlet property="shieldAnimationView" destination="dqb-pm-Da8" id="m3S-lp-2hi"/>
                                                         <outlet property="shieldDotAnimationView" destination="D46-aN-352" id="yuP-Tc-fZl"/>
+                                                        <outlet property="staticImageView" destination="eoZ-Ly-QHi" id="DD9-w9-GZy"/>
                                                         <outlet property="staticShieldAnimationView" destination="jQy-me-Afa" id="pez-0Q-5Gq"/>
                                                         <outlet property="staticShieldDotAnimationView" destination="KE6-Wh-7Yp" id="92x-it-Oyn"/>
                                                         <outletCollection property="gestureRecognizers" destination="qXd-RO-1cS" appends="YES" id="3xf-ou-ORG"/>
@@ -458,7 +458,6 @@
         <image name="Clear-24" width="24" height="24"/>
         <image name="Close-24" width="24" height="24"/>
         <image name="Find-Search-20" width="20" height="20"/>
-        <image name="LogoIcon" width="24" height="24"/>
         <image name="Microphone-24" width="24" height="24"/>
         <image name="Reload-24" width="24" height="24"/>
         <image name="Settings-24" width="24" height="24"/>
@@ -467,7 +466,7 @@
             <color red="0.96078431372549022" green="0.96078431372549022" blue="0.96078431372549022" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
         </namedColor>
         <systemColor name="systemGreenColor">
-            <color red="0.20392156862745098" green="0.7803921568627451" blue="0.34901960784313724" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
+            <color red="0.20392156859999999" green="0.78039215689999997" blue="0.34901960780000002" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
         </systemColor>
         <systemColor name="systemYellowColor">
             <color red="1" green="0.80000000000000004" blue="0.0" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>

DuckDuckGo/MainViewController.swift

@@ -2320,8 +2320,8 @@ extension MainViewController: TabDelegate {
         return newTab.webView
     }
 
-    func tabDidRequestClose(_ tab: TabViewController) {
-        closeTab(tab.tabModel)
+    func tabDidRequestClose(_ tab: TabViewController, shouldCreateEmptyTabAtSamePosition: Bool) {
+        closeTab(tab.tabModel, andOpenEmptyOneAtSamePosition: shouldCreateEmptyTabAtSamePosition)
     }
 
     func tabLoadingStateDidChange(tab: TabViewController) {
@@ -2571,12 +2571,20 @@ extension MainViewController: TabSwitcherDelegate {
             showFireButtonPulse()
         }
     }
-    
-    func closeTab(_ tab: Tab) {
+
+    func closeTab(_ tab: Tab, andOpenEmptyOneAtSamePosition shouldOpen: Bool = false) {
         guard let index = tabManager.model.indexOf(tab: tab) else { return }
         hideSuggestionTray()
         hideNotificationBarIfBrokenSitePromptShown()
-        tabManager.remove(at: index)
+
+        if shouldOpen {
+            let newTab = Tab()
+            tabManager.replaceTab(at: index, withNewTab: newTab)
+            tabManager.selectTab(newTab)
+        } else {
+            tabManager.remove(at: index)
+        }
+
         updateCurrentTab()
         tabsBarController?.refresh(tabsModel: tabManager.model)
     }

DuckDuckGo/MaliciousSiteProtection/FeatureFlags/MaliciousSiteProtectionFeatureFlags.swift

@@ -0,0 +1,104 @@
+//
+//  MaliciousSiteProtectionFeatureFlags.swift
+//  DuckDuckGo
+//
+//  Copyright © 2024 DuckDuckGo. All rights reserved.
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//  http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+//
+
+import Foundation
+import BrowserServicesKit
+import Core
+
+protocol MaliciousSiteProtectionFeatureFlagger {
+    /// A Boolean value indicating whether malicious site protection is enabled.
+    /// - Returns: `true` if malicious site protection is enabled; otherwise, `false`.
+    var isMaliciousSiteProtectionEnabled: Bool { get }
+
+    /// Checks if should detect malicious threats for a specific domain.
+    /// - Parameter domain: The domain to check for malicious threat.
+    /// - Returns: `true` if should check for malicious threats for the specified domain; otherwise, `false`.
+    func shouldDetectMaliciousThreat(forDomain domain: String?) -> Bool
+}
+
+protocol MaliciousSiteProtectionFeatureFlagsSettingsProvider {
+    /// The frequency, in minutes, at which the hash prefix should be updated.
+    var hashPrefixUpdateFrequency: Int { get }
+    /// The frequency, in minutes, at which the filter set should be updated.
+    var filterSetUpdateFrequency: Int { get }
+}
+
+/// An enum representing the different settings for malicious site protection feature flags.
+enum MaliciousSiteProtectionFeatureSettings: String {
+    /// The setting for hash prefix update frequency.
+    case hashPrefixUpdateFrequency
+    /// The setting for filter set update frequency.
+    case filterSetUpdateFrequency
+
+    var defaultValue: Int {
+        switch self {
+        case .hashPrefixUpdateFrequency: return 20 // Default frequency for hash prefix updates is 20 minutes.
+        case .filterSetUpdateFrequency: return 720 // Default frequency for filter set updates is 720 minutes (12 hours).
+        }
+    }
+}
+
+final class MaliciousSiteProtectionFeatureFlags {
+    private let featureFlagger: FeatureFlagger
+    private let privacyConfigManager: PrivacyConfigurationManaging
+
+    private var remoteSettings: PrivacyConfigurationData.PrivacyFeature.FeatureSettings {
+        privacyConfigManager.privacyConfig.settings(for: .maliciousSiteProtection)
+    }
+
+    init(
+        featureFlagger: FeatureFlagger = AppDependencyProvider.shared.featureFlagger,
+        privacyConfigManager: PrivacyConfigurationManaging = ContentBlocking.shared.privacyConfigurationManager
+    ) {
+        self.featureFlagger = featureFlagger
+        self.privacyConfigManager = privacyConfigManager
+    }
+}
+
+// MARK: - MaliciousSiteProtectionFeatureFlagger
+
+extension MaliciousSiteProtectionFeatureFlags: MaliciousSiteProtectionFeatureFlagger {
+
+    var isMaliciousSiteProtectionEnabled: Bool {
+        featureFlagger.isFeatureOn(.maliciousSiteProtection)
+    }
+
+    func shouldDetectMaliciousThreat(forDomain domain: String?) -> Bool {
+        isMaliciousSiteProtectionEnabled && privacyConfigManager.privacyConfig.isFeature(.maliciousSiteProtection, enabledForDomain: domain)
+    }
+
+}
+
+// MARK: - MaliciousSiteProtectionFeatureFlagsSettingsProvider
+
+extension MaliciousSiteProtectionFeatureFlags: MaliciousSiteProtectionFeatureFlagsSettingsProvider {
+
+    var hashPrefixUpdateFrequency: Int {
+        getSettings(MaliciousSiteProtectionFeatureSettings.hashPrefixUpdateFrequency)
+    }
+
+    var filterSetUpdateFrequency: Int {
+        getSettings(MaliciousSiteProtectionFeatureSettings.filterSetUpdateFrequency)
+    }
+
+    private func getSettings(_ value: MaliciousSiteProtectionFeatureSettings) -> Int {
+        remoteSettings[value.rawValue] as? Int ?? value.defaultValue
+    }
+
+}

DuckDuckGo/MaliciousSiteProtection/MaliciousSiteProtectionManager+Config.swift

@@ -0,0 +1,67 @@
+//
+//  MaliciousSiteProtectionManager+Config.swift
+//  DuckDuckGo
+//
+//  Copyright © 2024 DuckDuckGo. All rights reserved.
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//  http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+//
+
+import Foundation
+import MaliciousSiteProtection
+
+extension MaliciousSiteProtectionManager {
+
+    static func fileName(for dataType: MaliciousSiteProtection.DataManager.StoredDataType) -> String {
+        switch (dataType, dataType.threatKind) {
+        case (.hashPrefixSet, .phishing): "phishingHashPrefixes.json"
+        case (.filterSet, .phishing): "phishingFilterSet.json"
+        case (.hashPrefixSet, .malware): "malwareHashPrefixes.json"
+        case (.filterSet, .malware): "malwareFilterSet.json"
+        }
+    }
+
+    struct EmbeddedDataProvider: MaliciousSiteProtection.EmbeddedDataProviding {
+
+        // swiftlint:disable:next nesting
+        private enum Constants {
+            static let embeddedDataRevision = 1696473
+            static let phishingEmbeddedHashPrefixDataSHA = "cdb609c37e950b7d0dcdaa80ae4071cf2c87223cfdd189caafae723722bd3158"
+            static let phishingEmbeddedFilterSetDataSHA = "4e52518aba04b0fd360fada76c9899001d3137d4a745cc13c484a54115a0fcd8"
+            static let malwareEmbeddedHashPrefixDataSHA = "6b5eb296e9e10ae9ea41c5b5356f532226d647e4f3b832c30ac670102446ea7a"
+            static let malwareEmbeddedFilterSetDataSHA = "4dc971fffaf244ee99267f28222a2c116743e35ef837dcbc0199693ed6a691cd"
+        }
+
+        func revision(for dataType: MaliciousSiteProtection.DataManager.StoredDataType) -> Int {
+            Constants.embeddedDataRevision
+        }
+
+        func url(for dataType: MaliciousSiteProtection.DataManager.StoredDataType) -> URL {
+            let fileName = fileName(for: dataType)
+            guard let url = Bundle.main.url(forResource: fileName, withExtension: nil) else {
+                fatalError("Could not find embedded data file \"\(fileName)\"")
+            }
+            return url
+        }
+
+        func hash(for dataType: MaliciousSiteProtection.DataManager.StoredDataType) -> String {
+            switch (dataType, dataType.threatKind) {
+            case (.hashPrefixSet, .phishing): Constants.phishingEmbeddedHashPrefixDataSHA
+            case (.filterSet, .phishing): Constants.phishingEmbeddedFilterSetDataSHA
+            case (.hashPrefixSet, .malware): Constants.malwareEmbeddedHashPrefixDataSHA
+            case (.filterSet, .malware): Constants.malwareEmbeddedFilterSetDataSHA
+            }
+        }
+
+    }
+}