Verify checksum on adblock list load from component

brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.

https://brave.com

Mozilla Public License 2.0

17.1k stars 2.23k forks source link

Verify checksum on adblock list load from component #35174

Open ShivanKaul opened 6 months ago

ShivanKaul commented 6 months ago

Related to https://github.com/brave/brave-core-crx-packager/issues/806, to be maximally safe that an adblock list hasn't gotten corrupted somewhere in the process of reaching the user, we should verify the checksum before actually loading into brave-core. Note that we can only do this for certain adblock lists, the ones that have checksums in the first place.

bbondy commented 6 months ago

Could we up this priority for checksums @ShivanKaul ? I think a check could be added pretty painlessly somewhere around here: https://github.com/brave/adblock-resources/blob/master/index.js#L7

bbondy commented 6 months ago

Update: I see this is for the brave-core side, I think that's OK to be lower priority as is now so long as the checksums are being made in a place similar to the one I mentioned above when packaging them into crx files.

ShivanKaul commented 6 months ago

Yes, exactly.