* [PM-30906] Refactor AutoConfirmNudgeService to be Browser specific and add additional documentation detailing when this is necessary
* [PM-30906] Add README.md for custom nudge services
* add PhishingIndexedDbService for IndexedDB storage
Add a dedicated IndexedDB storage service for phishing detection data.
This service provides save, load, and clear operations using IndexedDB
instead of chrome.storage.local to avoid broadcast overhead, size
limitations, and JSON serialization cost for large datasets.
* add unit tests for PhishingIndexedDbService
Add comprehensive tests for save, load, and clear operations with
mocked IndexedDB. Tests cover success cases, error handling, and
database initialization with object store creation.
* add PhishingIndexedDbService core structure
- Add IndexedDB service with per-operation database opening
- Define PhishingUrlRecord type for row storage
- Include clearStore helper for atomic data replacement
- Service worker safe: no cached connections
* add saveUrls with chunked writes
- Add PhishingUrlRecord type for row storage
- Store each URL as individual row
- Chunk writes at 50K per transaction for responsiveness
- Atomic replacement: clear then save
* add hasUrl for lookups
- Direct IndexedDB index lookup via keyPath
- Returns boolean, handles errors gracefully
* add loadAllUrls with cursor iteration
- Cursor-based bulk load for fallback scenarios
- Memory-efficient: no intermediate array duplication
- Returns empty array on error
* add saveUrlsFromStream for memory efficiency
- Stream directly from fetch response body
- Parse newline-delimited URLs incrementally
- Reuse chunked save infrastructure
* update PhishingIndexedDbService tests
- Replace blob-based tests with row-per-URL API tests
- Test saveUrls, hasUrl, loadAllUrls, saveUrlsFromStream
- Verify chunked writes and cursor iteration
- Use stream/web ReadableStream with type cast for Node.js compatibility
* use proper URL syntax and cleanup global state
Update test data to use proper URL syntax with https:// prefix to match
real phishing.database format. Add cleanup of global.indexedDB in
afterEach to prevent test pollution.
* improve stream processing correctness and efficiency
- Move decoder.decode() before done check with { stream: !done } to flush properly
- Use array reassignment instead of splice() for O(1) chunk clearing
- Use single trim via local variable to avoid double-trim
- Centralize URL cleaning in saveChunked(), simplify saveChunk()
- Use explicit urls.length > 0 comparison
* duplicate urls test
* split final buffer by newlines
* WIP
* add new link styles
* update link stories
* skip default screenshot as variations are covered in other stories
* updated docs and story background
* make default the default linkType value
* remove references to primary link type in CL
* use better bg colors in stories
* remove duplicate linkType
* update aria-disabled text to use new palette
* add back primary link type to story
* fix capitolization
* add backticks to variant names in docs
* remove important from link styles
* fix generic selector to find correct button
* fix capitolization
* mark variants as deprecated in docs
* fix link hover text colors
* add `routeAfterDeletion` for edit screen to redirect the user to the correct location after deleting an archived cipher
* use `historyGo` to preserve the back invocations
* fix duplicate import
* Add logs for debugging in phishing-detection-settings.service
* Update phishing data service to separate web addresses from meta data for performant writes. Store compressed string instead of array
* Cleanup
* Updated test cases
* Cleanup comments
* Fix fallback encoding/decoding mismatch
* Fix type checking
* initialize timer to null
* default undefined length to 0 using nullish operator
* optional chaining and explicit null check on tab presence
* add optional chainning where relevant for sender tab id
* explicit null checks and data guards set for sender and modifyLoginData
* address feedback and make explicit undefined checks to avoid possible valid tabid rejection
* explicit tab check on setupNotificationInitTrigger
* early return if no cipher before switch case
* explicit null checks within switch cases for early returns
* lower cipher check and add to explicit checks
* add test cases for null values
* format spec file
Migrated vault filters to new v3 vault's navigation
* Decoupled existing vault filtering from vault component by using routed params with routed-vault-filter-bridge
* Converted vault filters to standalone components
* Removed extending filter Base Components from deprecated /libs/angular library and handled logic directly
* Moved shared 'models' and 'services' directories from web-vault into /libs/vault
* last is dead code, remove completely
* pass required true so that angular enforces at runtime and run apply a definitive assignment assertion since angulars input binding is running before use
* finalize new UI elements for archive/unarchive
* add tests
* add missing service
* add tests
* updates to edit and view pages
* use structureClone
* fix lint
* fix typo
* clean up return types
* fixes to archive UI
* fix tests
* use @if and userId$
* Initialized the observers directly in the constructor and removed setupMutationObserver
* explicitly initialize timers as null
* removed redundant checks for inlineMenuEnabled and tracked the button and list so TS knows they are definitely assigned
* early returns for processContainerElementMutation list and button checks, last child now has a fallback to 0 for undefined
* Update apps/browser/src/autofill/overlay/inline-menu/content/autofill-inline-menu-content.service.ts
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
---------
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
* prevent redundant cache updates on account switch
Remove automatic cache update triggering that caused UI freezes when
switching to accounts with phishing detection access.
Root cause: The update$ observable used startWith(undefined) which
triggered an immediate cache refresh whenever a new subscription was
created. On account switch, phishingDetectionSettingsService.on$ emits
true, creating a new subscription and triggering a full ~800K entry
fetch that blocks the UI thread.
Fix:
- Remove startWith(undefined) to prevent auto-triggering on subscription
- Add MIN_UPDATE_INTERVAL (5 min) constant for cache freshness checks
- Add _updateInProgress flag to prevent concurrent updates
- Add filter() to skip updates when one is already in progress
- Add cache freshness check (skip if updated within 5 minutes)
- Add finalize() to reliably reset _updateInProgress flag (per ADR)
- Replace share() with shareReplay() to prevent duplicate work
- Add triggerUpdateIfNeeded() public method for explicit update requests
The scheduled 24-hour update interval is unaffected - it still calls
_triggerUpdate$.next() via the task scheduler.
* trigger cache updates asynchronously on account switch
Update PhishingDetectionService to explicitly trigger cache updates
when phishing detection becomes active for an account, using a
non-blocking pattern.
Changes:
- Add call to phishingDataService.triggerUpdateIfNeeded() when on$ emits true
- Use of(null).pipe(delay(0)) to defer update to next event loop tick
- This prevents the update from blocking the account switch UI flow
The delay(0) pattern is preferred over setTimeout per codebase conventions
(RxJS over native JS). The subscription auto-completes since of() emits
once and completes, so no manual cleanup is needed.
Combined with the previous commit's safeguards (cache freshness check,
concurrent update prevention), this ensures:
1. Account switch completes immediately (non-blocking trigger)
2. Cache updates only run when actually needed (< 5 min freshness)
3. Concurrent updates are prevented (_updateInProgress flag)
Fixes: PM-30319
* decouple cache update subscription from UI event merge
Move phishingDataService.update$ to a separate subscription outside the
merge() stream to prevent blocking the service worker during critical
initialization and account switch flows.
Background:
The service worker is single-threaded. When the phishing cache update
runs, it downloads a 25MB file and parses 800K entries using .split(),
which is CPU-intensive synchronous work. During this parsing, the
service worker cannot respond to popup requests, causing the extension
UI to appear frozen when the user clicks the extension icon.
Previously, update$ was included in the merge() alongside UI event
handlers (onTabUpdated$, onContinueCommand$, onCancelCommand$). When
on$ emitted true (user has phishing access), the merge subscription
was created as part of the same synchronous flow, coupling the heavy
cache work with the UI event setup.
Changes:
- Create separate updateSub subscription at initialization
- Remove update$ from merge() - now only contains UI event streams
- Keep delay(0) trigger for triggerUpdateIfNeeded()
How delay(0) works:
JavaScript's event loop must complete all synchronous code before
processing async callbacks. delay(0) schedules the trigger for the
next event loop tick, meaning:
1. initialize() completes and returns
2. Service worker is 'free' to handle other tasks
3. Next tick: triggerUpdateIfNeeded() fires
4. Cache update runs in background
The cache parsing will still block the thread when it eventually runs,
but this is now decoupled from the critical initialization path. The
window where blocking can affect user interaction is minimized.
PM-30319
* comment
* account for new changes in spec file
* prevent UI blocking during cache updates
Problem:
- Switching accounts caused 5+ second UI freeze
- Even when data unchanged, 789K entries were rewritten to IndexedDB
- Set was rebuilt from 789K entries on every state emission
Solution:
- Skip state update when checksum matches (return null instead of full data)
- Cache Set in memory, only rebuild when checksum changes
- Track last check time in memory instead of state
- Use streaming fetch to prevent Firefox memory explosion
- Add comprehensive logging for debugging
Performance improvement:
- Checksum match: ~5 seconds → ~10ms (no blocking)
- Full update: Still required when data changes, but with streaming
* pre-populate cache on install/update and optimize Set building
Problem:
Premium users experienced a 5+ second UI freeze on first login after
install because the phishing list (~63MB, 789K entries) was downloaded
synchronously when phishing detection was enabled.
Solution:
1. Pre-populate cache on extension install/update
- Added triggerPhishingCacheUpdate() to MainBackground
- RuntimeBackground calls this on "install" and "update" events
- Cache is ready before user logs in, eliminating first-login lag
2. Chunked Set building for UI responsiveness
- Build Set in 50K-entry chunks with event loop yields
- Changed from synchronous map() to async switchMap() + buildSetInChunks()
- Prevents UI blocking when Set is rebuilt from cached data
3. Streaming with yields
- Added yield after each network chunk during streaming fetch
- Keeps service worker responsive to popup messages during download
4. Log cleanup for production
- Converted verbose debugging logs from info → debug level
- Kept important operational events (daily/full updates) at info
- Removed timing logs and progress banners
- Fixed comment accuracy: 100MB → 63MB uncompressed
Performance impact:
- First login after install: 5+ seconds → near-instant (cache pre-populated)
- Set rebuild: non-blocking via chunked processing
- Subsequent updates: already optimized via checksum matching
* spec
* add allowlist for bare amazon.com domain
Problem:
The upstream Phishing.Database contains a false positive entry
`https://www.Amazon.com` (line 666495), causing the real Amazon
website to be incorrectly blocked.
Solution:
Add BARE_DOMAIN_ALLOWLIST that skips blocking for exact hostname
matches (amazon.com, www.amazon.com) when the URL has no path,
query, or hash. This protects users from false positives while
still detecting phishing URLs that use Amazon in paths or
subdomain tricks.
Allowed:
- https://amazon.com
- https://www.amazon.com
Still blocked:
- https://amazon.com/phishing/path
- https://amazon.com-malicious.xyz
- https://fake.com/amazon.com/steal
* logging
* update our links source url
* Fix Chrome memory leak in phishing detection service
* reduce memory leaks
* optimize phishing detection performance and fix memory leaks
This commit addresses critical performance issues and memory leaks in the
phishing detection feature, particularly for non-premium users and during
extension reloads.
Storage Isolation:
- Created BrowserIndexedDbStorageService for large data storage
- Separated PHISHING_DATA_DISK (60MB+ phishing URLs) from PHISHING_DETECTION_DISK
- Prevents popup from loading large dataset when accessing small settings
- Fixed UI freeze when navigating to Settings -> Account security -> back arrow
Lazy Loading Optimizations:
- Converted _cachedState, _webAddresses$, and update$ to lazy getters
- Only accesses IndexedDB when phishing detection is actually used
- Prevents blocking service worker initialization on extension reload
- Added guard in triggerUpdateIfNeeded() to skip if no observers
Performance Improvements:
- Modified buildEnabledPipeline$() to check available$ first
- Uses startWith(true) to emit immediately, preventing on$ from blocking
- Skips IndexedDB reads for non-premium users during unlock/account switch
- Prevents 3+ second UI freezes for non-premium users
Memory Leak Fixes:
- Added static interval cleanup to prevent accumulation on service recreation
- Fixed tab listener cleanup by storing bound handler reference
- Fixed triggerUpdateSub subscription cleanup on account switches
- Prevents exponential memory growth from undestroyed subscriptions
Test Fixes:
- Updated tests to set up available$ prerequisites before testing enabled$
- Fixed tests to wait for actual state values after startWith(true) emission
- Uses filter() to wait for expected state values in async tests
Files Changed:
- apps/browser/src/platform/services/browser-indexed-db-storage.service.ts (new)
- apps/browser/src/platform/storage/browser-storage-service.provider.ts
- apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
- apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
- apps/browser/src/background/runtime.background.ts
- libs/common/src/dirt/services/phishing-detection/phishing-detection-settings.service.ts
- libs/common/src/dirt/services/phishing-detection/phishing-detection-settings.service.spec.ts
- libs/state/src/core/state-definitions.ts
- libs/storage-core/src/client-locations.ts
* fix test type errors
* remove allowlist
* storage isolation revert
The initial implementation of storage isolation was used to fix a specific navigation scenario that lead to freezing of the ui ("Settings → Account Security" and clicking the back button)
Why disk-large instead of memory-large-object:
- **Problem**: Users experienced infinite loading (2+ minute freezes) when navigating to "Settings → Account Security" and clicking the back button. The Popup would freeze because `chrome.storage.local` broadcasts 60MB writes to all contexts, causing the Popup to deserialize data it never requested.
- **Fix**: Created `disk-large` storage location using native IndexedDB, which persists data (unlike `memory-large-object`) and doesn't broadcast events (unlike `chrome.storage.local`), isolating large datasets from the Popup context.
**Key Difference:**
- `memory-large-object`: **Non-persistent** in-memory storage. Data is lost when the service worker restarts or the extension reloads.
- `disk-large`: **Persistent** storage using native IndexedDB. Data survives service worker restarts and extension reloads.
**Why We Need Persistence:**
The phishing dataset (~60MB, 780K entries) must persist across:
- Service worker restarts (Chrome terminates service workers after inactivity)
- Extension reloads/updates
- Browser restarts
If we used `memory-large-object`, the extension would need to re-download the entire 60MB dataset every time the service worker restarts, which happens frequently in Chrome. This would:
1. Waste bandwidth (60MB downloads on every restart)
2. Cause UI freezes on every restart (same problem we're trying to fix)
3. Fail offline scenarios
**Why Not Use Existing `disk` Location:**
The existing `"disk"` location uses `chrome.storage.local`, which has a critical flaw for large datasets:
- **Event Broadcasting**: Any write to `chrome.storage.local` triggers `onChanged` events broadcast to **all** extension contexts (Background, Popup, Sidebar)
- **The UI/UX Problem**:
- Users experienced **infinite loading** or **2+ minute freezes** when navigating to "Settings → Account Security" and clicking the back button
- When Background writes 60MB, Chrome serializes and IPCs it to Popup, causing Popup's main thread to freeze while deserializing this massive object, even if Popup never requested the data
- The Popup would become completely unresponsive, showing a spinning cursor or blank screen
- **The Fix**: Native IndexedDB doesn't broadcast events across processes, isolating the storage so Background can write 60MB without disturbing the Popup
* remove implementation comments from jsdoc
* renaming
* new domains source
* remove unnecessary complexity from buildEnabledPipeline and remove all IndexedDB references
* fix pre-population on install/update
* handle null webAddresses
---------
Co-authored-by: maxkpower <mpower@bitwarden.com>
* use type safe generics for throttle and debounce, account for the change were event isn't passed
* read gloabl once
* check for styles before setting
* narrow keywords index
* narrow bitwardenAutofillInit for callback
* nullish coalescing operator on value for prop attributes
* add callout to vault-items for non premium users, add upgrade premium flow
* add archive badge to item details only for desktop
* update desktop edit item save for unarchive
* updated success toast for edited archive item non premium
