Intent to implement: Extend Safe Browsing protection to embedded sub-resources

[Balazs Engedy]

Contacts

Eng: eng...@chromium.org

PM: rsc...@chromium.org

Summary

Chrome uses Safe Browsing to protect users from malicious websites with a warning interstitial, and in February we extended that protection to include websites with deceptive embedded content. We've found that many users proceed through these warning screens to the potentially malicious pages, so to further protect users we'd like to begin filtering network requests for some embedded sub-resources on these pages.

This change only applies to the subset of the Safe Browsing list that covers this deceptive embedded content. The Safe Browsing interstitial will still be shown on these pages to ensure the user is aware of possible risks. We will continue to utilize existing Safe Browsing reporting and appeals processes, as this is just an additional security layer for sites already on the Safe Browsing list. Finally, users will have the ability to disable this new protection, independent from existing Safe Browsing controls.

More details

Existing SafeBrowsing design