[Unencoded-Digest] Handle issues delivered to devtools.

This CL follows up on the issues delivered from the network service to
devtools in [1], adding issue descriptions and rendering infrastructure
so users can see what went wrong.

[1]: https://chromium-review.googlesource.com/c/chromium/src/+/6771890

Bug: 431760410
Change-Id: I06e4a8f91705dc30d401024dbdca398bdd9ea75e
Reviewed-on: https://chromium-review.googlesource.com/c/devtools/devtools-frontend/+/6818233
Reviewed-by: Danil Somsikov <[email protected]>
Commit-Queue: Mike West <[email protected]>
Reviewed-by: Simon Zünd <[email protected]>

Author: mikewest

config/gni/devtools_grd_files.gni

@@ -575,6 +575,10 @@ grd_files_bundled_sources = [
   "front_end/models/issues_manager/descriptions/stylesheetLateImport.md",
   "front_end/models/issues_manager/descriptions/stylesheetRequestFailed.md",
   "front_end/models/issues_manager/descriptions/summaryElementAccessibilityInteractiveContentSummaryDescendant.md",
+  "front_end/models/issues_manager/descriptions/unencodedDigestIncorrectDigestLength.md",
+  "front_end/models/issues_manager/descriptions/unencodedDigestIncorrectDigestType.md",
+  "front_end/models/issues_manager/descriptions/unencodedDigestMalformedDictionary.md",
+  "front_end/models/issues_manager/descriptions/unencodedDigestUnknownAlgorithm.md",
   "front_end/models/issues_manager/descriptions/userReidentificationBlocked.md",
   "front_end/models/issues_manager/issues_manager.js",
   "front_end/models/javascript_metadata/javascript_metadata.js",
@@ -1084,6 +1088,7 @@ grd_files_unbundled_sources = [
   "front_end/models/issues_manager/SharedDictionaryIssue.js",
   "front_end/models/issues_manager/SourceFrameIssuesManager.js",
   "front_end/models/issues_manager/StylesheetLoadingIssue.js",
+  "front_end/models/issues_manager/UnencodedDigestIssue.js",
   "front_end/models/issues_manager/UserReidentificationIssue.js",
   "front_end/models/javascript_metadata/JavaScriptMetadata.js",
   "front_end/models/javascript_metadata/NativeFunctions.js",

front_end/models/issues_manager/BUILD.gn

@@ -42,6 +42,7 @@ devtools_module("issues_manager") {
     "SharedDictionaryIssue.ts",
     "SourceFrameIssuesManager.ts",
     "StylesheetLoadingIssue.ts",
+    "UnencodedDigestIssue.ts",
     "UserReidentificationIssue.ts",
   ]
 
@@ -242,6 +243,10 @@ devtools_issue_description_files = [
   "placeholderDescriptionForInvisibleIssues.md",
   "fetchingPartitionedBlobURL.md",
   "navigatingPartitionedBlobURL.md",
+  "unencodedDigestIncorrectDigestLength.md",
+  "unencodedDigestIncorrectDigestType.md",
+  "unencodedDigestMalformedDictionary.md",
+  "unencodedDigestUnknownAlgorithm.md",
   "userReidentificationBlocked.md",
 ]
 
@@ -303,6 +308,7 @@ ts_library("unittests") {
     "SRIMessageSignatureIssue.test.ts",
     "SharedDictionaryIssue.test.ts",
     "StylesheetLoadingIssue.test.ts",
+    "UnencodedDigestIssue.test.ts",
   ]
 
   deps = [

front_end/models/issues_manager/IssuesManager.ts

@@ -32,6 +32,7 @@ import {SharedDictionaryIssue} from './SharedDictionaryIssue.js';
 import {SourceFrameIssuesManager} from './SourceFrameIssuesManager.js';
 import {SRIMessageSignatureIssue} from './SRIMessageSignatureIssue.js';
 import {StylesheetLoadingIssue} from './StylesheetLoadingIssue.js';
+import {UnencodedDigestIssue} from './UnencodedDigestIssue.js';
 import {UserReidentificationIssue} from './UserReidentificationIssue.js';
 
 export {Events} from './IssuesManagerEvents.js';
@@ -140,6 +141,10 @@ const issueCodeHandlers = new Map<
     Protocol.Audits.InspectorIssueCode.SRIMessageSignatureIssue,
     SRIMessageSignatureIssue.fromInspectorIssue,
   ],
+  [
+    Protocol.Audits.InspectorIssueCode.UnencodedDigestIssue,
+    UnencodedDigestIssue.fromInspectorIssue,
+  ],
   [
     Protocol.Audits.InspectorIssueCode.UserReidentificationIssue,
     UserReidentificationIssue.fromInspectorIssue,

front_end/models/issues_manager/UnencodedDigestIssue.test.ts

@@ -0,0 +1,49 @@
+// Copyright 2025 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+import type * as SDK from '../../core/sdk/sdk.js';
+import * as Protocol from '../../generated/protocol.js';
+import {describeWithLocale} from '../../testing/EnvironmentHelpers.js';
+import {MockIssuesModel} from '../../testing/MockIssuesModel.js';
+import * as IssuesManager from '../issues_manager/issues_manager.js';
+
+function createProtocolIssue(unencodedDigestIssueDetails: Protocol.Audits.UnencodedDigestIssueDetails):
+    Protocol.Audits.InspectorIssue {
+  return {
+    code: Protocol.Audits.InspectorIssueCode.UnencodedDigestIssue,
+    details: {unencodedDigestIssueDetails},
+  };
+}
+
+describeWithLocale('UnencodedDigestIssue', () => {
+  const mockModel = new MockIssuesModel([]) as unknown as SDK.IssuesModel.IssuesModel;
+
+  it('can be created for various error reasons', () => {
+    const errorReasons = [
+      Protocol.Audits.UnencodedDigestError.IncorrectDigestLength,
+      Protocol.Audits.UnencodedDigestError.IncorrectDigestType,
+      Protocol.Audits.UnencodedDigestError.MalformedDictionary,
+      Protocol.Audits.UnencodedDigestError.UnknownAlgorithm,
+    ];
+    for (const errorReason of errorReasons) {
+      const issueDetails = {
+        error: errorReason,
+        request: {
+          requestId: 'test-request-id' as Protocol.Network.RequestId,
+          url: 'https://example.com/',
+        },
+      };
+      const issue = createProtocolIssue(issueDetails);
+      const unencodedDigestIssues =
+          IssuesManager.UnencodedDigestIssue.UnencodedDigestIssue.fromInspectorIssue(mockModel, issue);
+      assert.lengthOf(unencodedDigestIssues, 1);
+      const unencodedDigestIssue = unencodedDigestIssues[0];
+
+      assert.strictEqual(unencodedDigestIssue.getCategory(), IssuesManager.Issue.IssueCategory.OTHER);
+      assert.deepEqual(unencodedDigestIssue.details(), issueDetails);
+      assert.strictEqual(unencodedDigestIssue.getKind(), IssuesManager.Issue.IssueKind.PAGE_ERROR);
+      assert.isNotNull(unencodedDigestIssue.getDescription());
+    }
+  });
+});

front_end/models/issues_manager/UnencodedDigestIssue.ts

@@ -0,0 +1,88 @@
+// Copyright 2025 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+import * as i18n from '../../core/i18n/i18n.js';
+import type * as SDK from '../../core/sdk/sdk.js';
+import * as Protocol from '../../generated/protocol.js';
+
+import {Issue, IssueCategory, IssueKind} from './Issue.js';
+import {
+  type LazyMarkdownIssueDescription,
+  type MarkdownIssueDescription,
+  resolveLazyDescription,
+} from './MarkdownIssueDescription.js';
+
+const UIStrings = {
+  /**
+   *@description Title for HTTP Unencoded Digest specification url
+   */
+  unencodedDigestHeader: 'HTTP Unencoded Digest specification',
+  /**
+   *@description Title for the URL of the integration of unencoded-digest and SRI.
+   */
+  integrityIntegration: 'Server-Initiated Integrity Checks',
+} as const;
+const str_ = i18n.i18n.registerUIStrings('models/issues_manager/UnencodedDigestIssue.ts', UIStrings);
+const i18nLazyString = i18n.i18n.getLazilyComputedLocalizedString.bind(undefined, str_);
+
+export class UnencodedDigestIssue extends Issue<string> {
+  readonly #issueDetails: Protocol.Audits.UnencodedDigestIssueDetails;
+
+  constructor(issueDetails: Protocol.Audits.UnencodedDigestIssueDetails, issuesModel: SDK.IssuesModel.IssuesModel) {
+    super(
+        {
+          code: `${Protocol.Audits.InspectorIssueCode.UnencodedDigestIssue}::${issueDetails.error}`,
+          umaCode: `${Protocol.Audits.InspectorIssueCode.UnencodedDigestIssue}::${issueDetails.error}`,
+        },
+        issuesModel);
+    this.#issueDetails = issueDetails;
+  }
+
+  details(): Protocol.Audits.UnencodedDigestIssueDetails {
+    return this.#issueDetails;
+  }
+
+  override primaryKey(): string {
+    return JSON.stringify(this.details());
+  }
+
+  override getDescription(): MarkdownIssueDescription|null {
+    const description: LazyMarkdownIssueDescription = {
+      file: `unencodedDigest${this.details().error}.md`,
+      links: [
+        {
+          link: 'https://www.ietf.org/archive/id/draft-ietf-httpbis-unencoded-digest-01.html',
+          linkTitle: i18nLazyString(UIStrings.unencodedDigestHeader),
+        },
+        {
+          link: 'https://wicg.github.io/signature-based-sri/#unencoded-digest-validation',
+          linkTitle: i18nLazyString(UIStrings.integrityIntegration),
+        },
+      ],
+    };
+    return resolveLazyDescription(description);
+  }
+
+  override getCategory(): IssueCategory {
+    return IssueCategory.OTHER;
+  }
+
+  override getKind(): IssueKind {
+    return IssueKind.PAGE_ERROR;
+  }
+
+  override requests(): Iterable<Protocol.Audits.AffectedRequest> {
+    return this.details().request ? [this.details().request] : [];
+  }
+
+  static fromInspectorIssue(issuesModel: SDK.IssuesModel.IssuesModel, inspectorIssue: Protocol.Audits.InspectorIssue):
+      UnencodedDigestIssue[] {
+    const details = inspectorIssue.details.unencodedDigestIssueDetails;
+    if (!details) {
+      console.warn('Unencoded-Digest issue without details received.');
+      return [];
+    }
+    return [new UnencodedDigestIssue(details, issuesModel)];
+  }
+}

front_end/models/issues_manager/descriptions/unencodedDigestIncorrectDigestLength.md

@@ -0,0 +1,12 @@
+# An `unencoded-digest` header contains a digest with an incorrect length.
+
+[`unencoded-digest`](unencodedDigestHeader) headers contain SHA2 digests of a
+response's body. The digest delivered with this response is not the correct
+length for the algorithm specified. SHA-256 digests should be 256 bits long,
+SHA-512 digests 512 bits long. For example, if the body was "Hello, world.", the
+following might be an appropriate header:
+
+```
+Unencoded-Digest: sha-256=:+MO/YqmqPm/BYZwlDkir51GTc9Pt9BvmLrXcRRma8u8=:,
+                  sha-512=:S7LmUoguRQsq3IHIZ0Xhm5jjCDqH6uUQbumuj5CnrIFDk+RyBW/dWuqzEiV4mPaB:
+```

front_end/models/issues_manager/descriptions/unencodedDigestIncorrectDigestType.md

@@ -0,0 +1,17 @@
+# An `unencoded-digest` header contains a digest with an invalid type.
+
+[`unencoded-digest`](unencodedDigestHeader) headers must be formatted as a
+[Dictionary](sfDictionary), wherein each member's label specifies the hashing
+algorithm, and the value is a [Byte Sequence](sfByteSequence) containing the
+digest. The digest delivered with this response did not deliver the digest as a
+byte sequence.
+
+For example, if the body was "Hello, world.":
+
+```
+// Correctly formatted header:
+Unencoded-Digest: sha-256=:+MO/YqmqPm/BYZwlDkir51GTc9Pt9BvmLrXcRRma8u8=:
+
+// Incorrectly formatted header (quotes rather than colons):
+Unencoded-Digest: sha-256="+MO/YqmqPm/BYZwlDkir51GTc9Pt9BvmLrXcRRma8u8="
+```

front_end/models/issues_manager/descriptions/unencodedDigestMalformedDictionary.md

@@ -0,0 +1,14 @@
+# An `unencoded-digest` header cannot be parsed.
+
+[`unencoded-digest`](unencodedDigestHeader) headers must be formatted as a
+[Dictionary](sfDictionary), wherein each member's label specifies the hashing
+algorithm, and the value is a [Byte Sequence](sfByteSequence) containing the
+digest. The digest delivered with this response did not format the response
+correctly.
+
+For example, if the body was "Hello, world.", the following would be a correctly
+formatted header:
+
+```
+Unencoded-Digest: sha-256=:+MO/YqmqPm/BYZwlDkir51GTc9Pt9BvmLrXcRRma8u8=:
+```

front_end/models/issues_manager/descriptions/unencodedDigestUnknownAlgorithm.md

@@ -0,0 +1,15 @@
+# An `unencoded-digest` header contains a digest with an invalid algorithm.
+
+[`unencoded-digest`](unencodedDigestHeader) headers support only two hashing
+algorithms, SHA-256, and SHA-512. The digests delivered with this response
+specified an unsupported algorithm:
+
+For example, if the body was "Hello, world.", the following would be an
+appropriate header:
+
+```
+Unencoded-Digest: sha-256=:+MO/YqmqPm/BYZwlDkir51GTc9Pt9BvmLrXcRRma8u8=:,
+                  sha-512=:S7LmUoguRQsq3IHIZ0Xhm5jjCDqH6uUQbumuj5CnrIFDk+RyBW/dWuqzEiV4mPaB:
+```
+
+Note also that the labels must be lower-case.

front_end/models/issues_manager/issues_manager.ts

@@ -31,6 +31,7 @@ import * as SharedDictionaryIssue from './SharedDictionaryIssue.js';
 import * as SourceFrameIssuesManager from './SourceFrameIssuesManager.js';
 import * as SRIMessageSignatureIssue from './SRIMessageSignatureIssue.js';
 import * as StylesheetLoadingIssue from './StylesheetLoadingIssue.js';
+import * as UnencodedDigestIssue from './UnencodedDigestIssue.js';
 
 export {
   AttributionReportingIssue,
@@ -62,4 +63,5 @@ export {
   SourceFrameIssuesManager,
   SRIMessageSignatureIssue,
   StylesheetLoadingIssue,
+  UnencodedDigestIssue,
 };