-
Notifications
You must be signed in to change notification settings - Fork 867
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement "Desktop Welcome Pages" feature #23289
base: master
Are you sure you want to change the base?
Conversation
A Storybook has been deployed to preview UI for the latest push |
102b6ee
to
16c2ca6
Compare
16c2ca6
to
4bf9fe7
Compare
A Storybook has been deployed to preview UI for the latest push |
c8e1e52
to
19b72aa
Compare
A Storybook has been deployed to preview UI for the latest push |
19b72aa
to
56cb238
Compare
A Storybook has been deployed to preview UI for the latest push |
56cb238
to
b4e59a9
Compare
A Storybook has been deployed to preview UI for the latest push |
b4e59a9
to
b3a56cc
Compare
A Storybook has been deployed to preview UI for the latest push |
b3a56cc
to
635ff1f
Compare
A Storybook has been deployed to preview UI for the latest push |
635ff1f
to
d916306
Compare
@@ -228,6 +228,14 @@ source_set("ui") { | |||
"toolbar/brave_bookmark_sub_menu_model.cc", | |||
"toolbar/brave_bookmark_sub_menu_model.h", | |||
"toolbar/brave_recent_tabs_sub_menu_model.h", | |||
"webui/brave_education/brave_browser_command_handler.cc", | |||
"webui/brave_education/brave_browser_command_handler.h", | |||
"webui/brave_education/brave_education_ui.cc", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these should ideally go in their own BUILD.gn unless there would be a circular dependency issue? I think there probably is one for brave_education_ui so it could go directly in webui/brave_education_ui and the rest of the code could go in webui/brave_education with a separate BUILD.gn
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I took a look at the code in browser/ui/webui
and none of those folders use their own BUILD.gn
. Is this a new pattern that we want to establish?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's not a new pattern, there is just a lot of incorrect code
browser/ui/webui/brave_education/brave_browser_command_handler.cc
Outdated
Show resolved
Hide resolved
case Command::kOpenSafetyCheckFromWhatsNew: | ||
can_execute = true; | ||
break; | ||
+ default: break; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why do we need this? Shouldn't we only be calling the superclass if we don't handle it in our subclass?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That switch statement doesn't have a default
clause, so when we extend the enum with our own Command
values, it results in a compile-time error here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oic, because there is an existing mojo enum we are extending
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but this patch does not follow standard patching conventions. It should be BRAVE_CAN_EXECUTE_COMMAND
and this should also include NOTREACHED_NORETURN
124daaa
to
56f5042
Compare
url_loader_->DownloadToString( | ||
url_loader_factory.get(), | ||
base::BindOnce(&GettingStartedHelper::OnURLResponse, | ||
base::Unretained(this), *content_type), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
reported by reviewdog 🐶
[semgrep] base::Unretained is most of the time unrequited, and a weak reference is better suited for secure coding.
Consider swapping Unretained for a weak reference.
base::Unretained usage may be acceptable when a callback owner is guaranteed
to be destroyed with the object base::Unretained is pointing to, for example:
- PrefChangeRegistrar
- base::*Timer
- mojo::Receiver
- any other class member destroyed when the class is deallocated
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/chromium-uaf.yaml
Cc @thypon @goodov @iefremov
A Storybook has been deployed to preview UI for the latest push |
56f5042
to
1ddd8a1
Compare
A Storybook has been deployed to preview UI for the latest push |
1ddd8a1
to
9a0f8c8
Compare
[puLL-Merge] - brave/brave-core@23289 Here's my review of the pull request: DescriptionThis PR adds a new "Getting Started" feature to the Brave browser. It introduces a new WebUI page that displays educational content about Brave's features after the user completes the Welcome UX flow. The content is loaded from Brave's website into an iframe, and the page supports executing browser commands through a mojo interface. ChangesChanges
Possible Issues
Security Hotspots
Overall, the changes appear well-structured and follow Brave's coding conventions. The new functionality is modular and seems to integrate well with existing systems. However, careful testing should be done to ensure the new feature works as expected and doesn't introduce any security vulnerabilities. |
A Storybook has been deployed to preview UI for the latest push |
@@ -220,6 +220,7 @@ using extensions::ChromeContentBrowserClientExtensionsPart; | |||
#if !BUILDFLAG(IS_ANDROID) | |||
#include "brave/browser/new_tab/new_tab_shows_navigation_throttle.h" | |||
#include "brave/browser/ui/geolocation/brave_geolocation_permission_tab_helper.h" | |||
#include "brave/browser/ui/webui/brave_education/brave_education_ui.h" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as above, do not use os buildflags to guard features that are disabled on some platforms.
@@ -405,7 +405,9 @@ test("brave_unit_tests") { | |||
"//brave/browser/ui/views/bookmarks/brave_bookmark_context_menu_unittest.cc", | |||
"//brave/browser/ui/views/frame/brave_contents_layout_manager_unittest.cc", | |||
"//brave/browser/ui/views/wallet_bubble_focus_observer_unittest.cc", | |||
"//brave/browser/ui/webui/brave_education/getting_started_helper_unittest.cc", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do not add individual files here, these should go in their own target
browser/ui/webui/browser_command/brave_browser_command_handler.cc
Outdated
Show resolved
Hide resolved
case Command::kOpenPrivacySettings: | ||
return true; | ||
case Command::kOpenVPNOnboarding: | ||
return CanShowVPNBubble(profile_); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this seems a bit odd, it's just going to do nothing if the user clicks on the link for this?
|
||
GettingStartedHelper::~GettingStartedHelper() = default; | ||
|
||
void GettingStartedHelper::GetEducationURL(GetEducationURLCallback callback) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't quite understand what is going on here. Why are we making a remote request to determine what page to show?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At the end of the welcome flow, we determine which education content to show based on feature flag params. However, if the server URL is not available for some reason (e.g. the network is not available, or the website is messed up, etc.) then we don't want to send the user to a dead end. It would be better to bypass the education page and send them to the new tab page.
This class is responsible for returning the appropriate education content WebUI URL and ensuring to a reasonable degree that it will be successfully loaded.
A similar check is used by upstream for the What's New page in whats_new_fetcher.h.
9a0f8c8
to
f8a8568
Compare
A Storybook has been deployed to preview UI for the latest push |
A Storybook has been deployed to preview UI for the latest push |
A Storybook has been deployed to preview UI for the latest push |
71173f5
to
fc2d37d
Compare
fc2d37d
to
af92608
Compare
A Storybook has been deployed to preview UI for the latest push |
Resolves brave/brave-browser#40157
Submitter Checklist:
QA/Yes
orQA/No
;release-notes/include
orrelease-notes/exclude
;OS/...
) to the associated issuenpm run test -- brave_browser_tests
,npm run test -- brave_unit_tests
wikinpm run presubmit
wiki,npm run gn_check
,npm run tslint
git rebase master
(if needed)Reviewer Checklist:
gn
After-merge Checklist:
changes has landed on
Test Plan: