Include component versions in webcompat reports

[vadimstruts]

Resolves brave/brave-browser#35674

Submitter Checklist:

• I confirm that no security/privacy review is needed and no other type of reviews are needed, or that I have requested them
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally:
  • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
  • npm run presubmit wiki, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

Make sure that Webcompat Report contains the component versions information.
Steps:

1. Open Brave Shields pop up dialog
2. Switch off Brave Shields if It is ON
3. Click "Report broken site", then click "Submit"
4. Go to the webcompat reporter dashboard and see the component versions information.

[goodov]

Suggested change

	const std::string BoolToString(bool value) {
	std::string BoolToString(bool value) {

[goodov]

pls use ProfileKeyedServiceFactory configured for incognito appropriately.

[goodov]

now that you have ProfileKeyedServiceFactory, you need to remove GetBrowserContextToUse override.

[goodov]

is this variable used somehow or is it a leftover? It looks wrong, because you should never own a KeyedService.

[vadimstruts]

it was leftover

[goodov]

const raw_ptr<...> both members.

[goodov]

GetMojoReportHandlerForContext

[goodov]

channel is missing?

[vadimstruts]

no, channel has separate property: "channel": "developer"
mentioned code helps to combine version value. ex: "version": "1.73 (0)"

[goodov]

ah, I see it's filled later in WebcompatReporter.swift. Not sure why those are separated.. maybe everything can be filled in one place?

[vadimstruts]

yeah, I removed WebcompatReporter.swift, so now all things are in the same place

[goodov]

shouldn't this be a public_deps instead?

[goodov]

const

[goodov]

seems like this exact code is duplicated. Pls create a base delegate impl that will be shared on iOS and desktop/android.

[AlexeyBarabash]

Utils.getProfile is marked as @NonNull and it tries to get the profile in several different ways, so I would not use the null check

[AlexeyBarabash]

Android Java code lgtm.

These imports look strange:

import org.chromium.chrome.browser.crypto_wallet.util.Utils;
at src/brave/android/java/org/chromium/chrome/browser/webcompat_reporter/WebcompatReporterServiceFactory.java

and

import org.chromium.chrome.browser.BraveRewardsHelper;
import org.chromium.chrome.browser.BraveRewardsNativeWorker;

at src/brave/android/java/org/chromium/chrome/browser/shields/BraveShieldsHandler.java

And this is an issue beyond the current PR, crypto_wallet.util.Utils and BraveRewardsHelper are widely used beyond rewards/wallet.

Follow-up issues:
brave/brave-browser#41689
brave/brave-browser#41690

[goodov]

this is a mojo interface, not a keyed service.

I think the variable and the method name GetForBrowserState should be renamed accordingly to not confuse people.

[goodov]

now that you have ProfileKeyedServiceFactory, you need to remove GetBrowserContextToUse override.

[goodov]

what is it for? you shouldn't have //chrome in components.

[goodov]

you added a mojo structure that's just similar to this one. Do we really need to have both? Why not just use mojo structure everywhere from now on? Seems like the right thing to do.

[goodov]

you can let ConvertCompsToValue always return a value and simplify things here a bit:

if (report_info->ad_block_components_version && !report_info->ad_block_components_version->empty()) {
  report_details_dict.Set(kAdBlockComponentsVersionField,
                          ConvertCompsToValue(report_info->ad_block_components_version.value()));
}

[goodov]

task environment should go first, otherwise you might hit uaf on test destruction.

[goodov]

why not pass this directly into constructor and remove SetReportUploaderForTest?

also std::make_unique<>.

[goodov]

handler

[goodov]

shouldn't this be handlerForBrowserState?

[goodov]

I'm not sure why this function should list all these parameters? Can it just receive the mojo struct type?

[goodov]

can it just be base::MakeFixedFlatSet<std::string_view>{...}? everything here should be constexpr.

the function can also receive std::string_view instead of std::string.

[goodov]

hm.. let's actually call it GetHandlerForContext.

[goodov]

ah, I see it's filled later in WebcompatReporter.swift. Not sure why those are separated.. maybe everything can be filled in one place?

[goodov]

do we need this class at all? can't we just call

      privateMode: false
    )!
    webcompatReporterAPI.submitWebcompatReport

in the frontend?

[StephenHeaps]

iOS just needs a format for presubmit check, but lgtm 👍.

[github-actions]

[puLL-Merge] - brave/brave-core@25688

Description

This pull request implements a new WebcompatReporterService for reporting web compatibility issues in Brave browser. It adds functionality to submit reports about website issues, including details about the browser's configuration and any user-provided information. The implementation spans across Android, iOS, and desktop platforms.

Changes

Changes

1. android/brave_java_sources.gni:

   • Added a new Java source file for WebcompatReporterServiceFactory.

2. android/java/org/chromium/chrome/browser/shields/BraveShieldsHandler.java:

   • Integrated the new WebcompatReporterHandler for submitting reports.
   • Removed AsyncTask usage and replaced it with the new service.

3. android/java/org/chromium/chrome/browser/webcompat_reporter/WebcompatReporterServiceFactory.java:

   • Added a new file to create and manage WebcompatReporterHandler instances.

4. browser/browser_context_keyed_service_factories.cc:

   • Added WebcompatReporterServiceFactory to the list of service factories.

5. browser/sources.gni:

   • Included new webcompat reporter sources and dependencies.

6. browser/ui/BUILD.gn:

   • Added dependency on the new webcompat reporter mojom.

7. browser/ui/webui/webcompat_reporter/webcompat_reporter_ui.cc:

   • Updated to use the new WebcompatReporterService for report submission.

8. browser/webcompat_reporter/:

   • Added new files for the WebcompatReporterService implementation, including service delegate and factory.

9. components/webcompat_reporter/browser/:

   • Updated and added files for the core implementation of the WebcompatReporterService.

10. components/webcompat_reporter/common/:

    • Added new mojom file defining the WebcompatReporterHandler interface.

11. ios/:

    • Added implementations specific to iOS for the WebcompatReporterService.

12. test/BUILD.gn:

    • Added unit tests for the new webcompat reporter component.

Possible Issues

1. The removal of NTPBackgroundImagesBridge in the Android implementation might affect functionality related to New Tab Page background images.
2. The change from AsyncTask to the new service in Android might introduce threading issues if not properly managed.

Security Hotspots

1. The handling of user-provided data in report submissions should be carefully reviewed to ensure proper sanitization and to prevent potential injection attacks.
2. The use of API keys and sensitive browser information in reports should be audited to ensure no unnecessary data exposure.

This PR significantly refactors the web compatibility reporting system in Brave, centralizing the functionality and making it more consistent across platforms. It also introduces a more modular and maintainable architecture for handling these reports.

[brave-builds]

Released in v1.73.31

[cdesouza-chromium]

BuildServiceInstanceFor has been deprecated for a while now, and all instances of it in brave have been removed in the past. This PR has introduced a new case though. Leaving a comment to as a PSA.

[1] https://issues.chromium.org/issues/40249337
[2] #25833