diff --git a/build/patches/AImageReader-CFI-crash-mitigations.patch b/build/patches/AImageReader-CFI-crash-mitigations.patch index 86c2a6ffe..ffde45cfc 100644 --- a/build/patches/AImageReader-CFI-crash-mitigations.patch +++ b/build/patches/AImageReader-CFI-crash-mitigations.patch @@ -20,8 +20,7 @@ See discussions at: License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html --- - base/android/android_image_reader_compat.cc | 8 +++++++- - base/android/android_image_reader_compat.h | 4 ++++ + base/android/android_image_reader_compat.cc | 9 +++++++++ chrome/browser/flag-metadata.json | 6 +++--- .../AImageReader-CFI-crash-mitigations.inc | 4 ++++ .../AImageReader-CFI-crash-mitigations.inc | 1 + @@ -32,61 +31,40 @@ License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html gpu/config/gpu_workaround_list.txt | 1 + gpu/ipc/service/gpu_init.cc | 7 +++++++ gpu/ipc/service/stream_texture_android.cc | 11 ++++++++++- - 12 files changed, 67 insertions(+), 5 deletions(-) + 11 files changed, 65 insertions(+), 4 deletions(-) create mode 100644 cromite_flags/media/base/media_switches_cc/AImageReader-CFI-crash-mitigations.inc create mode 100644 cromite_flags/media/base/media_switches_h/AImageReader-CFI-crash-mitigations.inc diff --git a/base/android/android_image_reader_compat.cc b/base/android/android_image_reader_compat.cc --- a/base/android/android_image_reader_compat.cc +++ b/base/android/android_image_reader_compat.cc -@@ -23,6 +23,8 @@ +@@ -7,7 +7,14 @@ namespace base { namespace android { +bool AndroidImageReader::disable_support_ = false; + - AndroidImageReader& AndroidImageReader::GetInstance() { - // C++11 static local variable initialization is - // thread-safe. -@@ -30,8 +32,12 @@ AndroidImageReader& AndroidImageReader::GetInstance() { - return instance; - } - +void AndroidImageReader::DisableSupport() { + disable_support_ = true; +} + - bool AndroidImageReader::IsSupported() { -- return is_supported_; -+ return !disable_support_ && is_supported_; + bool EnableAndroidImageReader() { ++ if (disable_support_) return false; + // Currently we want to enable AImageReader only for android P+ devices. + if (__builtin_available(android 28, *)) { + return true; +@@ -15,5 +22,7 @@ bool EnableAndroidImageReader() { + return false; } - AndroidImageReader::AndroidImageReader() : is_supported_(LoadFunctions()) {} -diff --git a/base/android/android_image_reader_compat.h b/base/android/android_image_reader_compat.h ---- a/base/android/android_image_reader_compat.h -+++ b/base/android/android_image_reader_compat.h -@@ -24,6 +24,9 @@ class BASE_EXPORT AndroidImageReader { - AndroidImageReader(const AndroidImageReader&) = delete; - AndroidImageReader& operator=(const AndroidImageReader&) = delete; - -+ // Disable image reader support. -+ static void DisableSupport(); ++FIX ME! + - // Check if the image reader usage is supported. This function returns TRUE - // if android version is >=OREO, image reader support is not disabled and all - // the required functions are loaded. -@@ -61,6 +64,7 @@ class BASE_EXPORT AndroidImageReader { - jobject ANativeWindow_toSurface(JNIEnv* env, ANativeWindow* window); - - private: -+ static bool disable_support_; - friend class base::NoDestructor; - - AndroidImageReader(); + } // namespace android + } // namespace base diff --git a/chrome/browser/flag-metadata.json b/chrome/browser/flag-metadata.json --- a/chrome/browser/flag-metadata.json +++ b/chrome/browser/flag-metadata.json -@@ -2923,9 +2923,9 @@ +@@ -2980,9 +2980,9 @@ "expiry_milestone": 125 }, { @@ -179,7 +157,7 @@ diff --git a/gpu/config/gpu_util.cc b/gpu/config/gpu_util.cc if (!gpu_preferences.enable_android_surface_control) return kGpuFeatureStatusDisabled; -@@ -355,6 +358,11 @@ void AdjustGpuFeatureStatusToWorkarounds(GpuFeatureInfo* gpu_feature_info) { +@@ -356,6 +359,11 @@ void AdjustGpuFeatureStatusToWorkarounds(GpuFeatureInfo* gpu_feature_info) { gpu_feature_info->status_values[GPU_FEATURE_TYPE_CANVAS_OOP_RASTERIZATION] = kGpuFeatureStatusBlocklisted; } @@ -205,7 +183,7 @@ diff --git a/gpu/config/gpu_workaround_list.txt b/gpu/config/gpu_workaround_list diff --git a/gpu/ipc/service/gpu_init.cc b/gpu/ipc/service/gpu_init.cc --- a/gpu/ipc/service/gpu_init.cc +++ b/gpu/ipc/service/gpu_init.cc -@@ -675,6 +675,13 @@ bool GpuInit::InitializeAndStartSandbox(base::CommandLine* command_line, +@@ -672,6 +672,13 @@ bool GpuInit::InitializeAndStartSandbox(base::CommandLine* command_line, } #endif // BUILDFLAG(IS_WIN) diff --git a/build/patches/Add-flag-to-disable-IPv6-probes.patch b/build/patches/Add-flag-to-disable-IPv6-probes.patch index dd80869e8..6cc526650 100644 --- a/build/patches/Add-flag-to-disable-IPv6-probes.patch +++ b/build/patches/Add-flag-to-disable-IPv6-probes.patch @@ -45,7 +45,7 @@ new file mode 100644 diff --git a/net/BUILD.gn b/net/BUILD.gn --- a/net/BUILD.gn +++ b/net/BUILD.gn -@@ -1033,6 +1033,7 @@ component("net") { +@@ -1028,6 +1028,7 @@ component("net") { "//build:chromeos_buildflags", "//components/miracle_parameter/common", "//net/http:transport_security_state_generated_files", @@ -56,7 +56,7 @@ diff --git a/net/BUILD.gn b/net/BUILD.gn diff --git a/net/dns/host_resolver_manager.cc b/net/dns/host_resolver_manager.cc --- a/net/dns/host_resolver_manager.cc +++ b/net/dns/host_resolver_manager.cc -@@ -109,6 +109,7 @@ +@@ -113,6 +113,7 @@ #include "net/log/net_log_event_type.h" #include "net/log/net_log_source.h" #include "net/log/net_log_source_type.h" @@ -64,17 +64,17 @@ diff --git a/net/dns/host_resolver_manager.cc b/net/dns/host_resolver_manager.cc #include "net/log/net_log_with_source.h" #include "net/socket/client_socket_factory.h" #include "net/url_request/url_request_context.h" -@@ -681,6 +682,9 @@ class HostResolverManager::RequestImpl - // request source is LOCAL_ONLY. This is due to LOCAL_ONLY requiring a - // synchronous response, so it cannot wait on an async probe result and - // cannot make assumptions about reachability. +@@ -1320,6 +1321,9 @@ void HostResolverManager::CreateTaskSequence( + case HostResolverSource::MULTICAST_DNS: + out_tasks->push_back(TaskType::MDNS); + break; + if (!base::FeatureList::IsEnabled(features::kIPv6Probing)) { + return OK; + } - if (parameters_.source == HostResolverSource::LOCAL_ONLY) { - int rv = resolver_->StartIPv6ReachabilityCheck( - source_net_log_, GetClientSocketFactory(), -@@ -3899,6 +3903,13 @@ int HostResolverManager::StartIPv6ReachabilityCheck( + case HostResolverSource::LOCAL_ONLY: + // If no external source allowed, a job should not be created or started + break; +@@ -1373,6 +1377,13 @@ int HostResolverManager::StartIPv6ReachabilityCheck( return OK; } diff --git a/build/patches/Chrome-web-store-protection.patch b/build/patches/Chrome-web-store-protection.patch index 9a9e15ddd..7b0077da7 100644 --- a/build/patches/Chrome-web-store-protection.patch +++ b/build/patches/Chrome-web-store-protection.patch @@ -16,7 +16,7 @@ License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html chrome/app/extensions_strings.grdp | 6 +++ .../developer_private_api.cc | 37 ++++++++++++- .../developer_private/developer_private_api.h | 3 ++ - .../webstore_private/webstore_private_api.cc | 12 ++++- + .../webstore_private/webstore_private_api.cc | 15 +++++- .../extensions/extension_system_impl.cc | 2 + .../chrome_extension_downloader_factory.cc | 1 - .../extensions/updater/extension_updater.cc | 40 ++++++++------ @@ -42,7 +42,7 @@ License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html extensions/common/extension_features.cc | 15 ++++++ extensions/common/extension_features.h | 4 ++ .../definitions/developer_private.d.ts | 4 +- - 29 files changed, 249 insertions(+), 92 deletions(-) + 29 files changed, 251 insertions(+), 93 deletions(-) create mode 100644 cromite_flags/chrome/browser/about_flags_cc/Webstore-protection.inc diff --git a/chrome/app/extensions_strings.grdp b/chrome/app/extensions_strings.grdp @@ -64,7 +64,7 @@ diff --git a/chrome/app/extensions_strings.grdp b/chrome/app/extensions_strings. diff --git a/chrome/browser/extensions/api/developer_private/developer_private_api.cc b/chrome/browser/extensions/api/developer_private/developer_private_api.cc --- a/chrome/browser/extensions/api/developer_private/developer_private_api.cc +++ b/chrome/browser/extensions/api/developer_private/developer_private_api.cc -@@ -125,6 +125,12 @@ +@@ -126,6 +126,12 @@ #include "url/gurl.h" #include "url/origin.h" @@ -77,7 +77,7 @@ diff --git a/chrome/browser/extensions/api/developer_private/developer_private_a #if BUILDFLAG(ENABLE_SUPERVISED_USERS) #include "components/supervised_user/core/browser/supervised_user_preferences.h" #endif // BUILDFLAG(ENABLE_SUPERVISED_USERS) -@@ -520,9 +526,32 @@ std::unique_ptr DeveloperPrivateAPI::CreateProfileInfo( +@@ -521,9 +527,32 @@ std::unique_ptr DeveloperPrivateAPI::CreateProfileInfo( info->can_load_unpacked = ExtensionManagementFactory::GetForBrowserContext(profile) ->HasAllowlistedExtension(); @@ -110,7 +110,7 @@ diff --git a/chrome/browser/extensions/api/developer_private/developer_private_a template <> void BrowserContextKeyedAPIFactory< DeveloperPrivateAPI>::DeclareFactoryDependencies() { -@@ -951,6 +980,7 @@ ExtensionFunction::ResponseAction DeveloperPrivateAutoUpdateFunction::Run() { +@@ -952,6 +981,7 @@ ExtensionFunction::ResponseAction DeveloperPrivateAutoUpdateFunction::Run() { ExtensionUpdater::CheckParams params; params.fetch_priority = DownloadFetchPriority::kForeground; params.install_immediately = true; @@ -118,7 +118,7 @@ diff --git a/chrome/browser/extensions/api/developer_private/developer_private_a params.callback = base::BindOnce(&DeveloperPrivateAutoUpdateFunction::OnComplete, this); updater->CheckNow(std::move(params)); -@@ -1090,7 +1120,7 @@ DeveloperPrivateUpdateProfileConfigurationFunction::Run() { +@@ -1092,7 +1122,7 @@ DeveloperPrivateUpdateProfileConfigurationFunction::Run() { const developer::ProfileConfigurationUpdate& update = params->update; @@ -127,7 +127,7 @@ diff --git a/chrome/browser/extensions/api/developer_private/developer_private_a Profile* profile = Profile::FromBrowserContext(browser_context()); CHECK(profile); #if BUILDFLAG(ENABLE_SUPERVISED_USERS) -@@ -1102,6 +1132,11 @@ DeveloperPrivateUpdateProfileConfigurationFunction::Run() { +@@ -1104,6 +1134,11 @@ DeveloperPrivateUpdateProfileConfigurationFunction::Run() { util::SetDeveloperModeForProfile(profile, *update.in_developer_mode); } @@ -199,15 +199,22 @@ diff --git a/chrome/browser/extensions/api/webstore_private/webstore_private_api } WebstorePrivateIsPendingCustodianApprovalFunction:: -@@ -1263,6 +1271,8 @@ WebstorePrivateGetReferrerChainFunction::Run() { +@@ -1262,11 +1270,14 @@ WebstorePrivateGetReferrerChainFunction::Run() { + request.mutable_referrer_chain_options()->set_recent_navigations_to_collect( recent_navigations_to_collect); - std::string serialized_referrer_proto = request.SerializeAsString(); ++ std::string serialized_referrer_proto = request.SerializeAsString(); + if (!base::FeatureList::IsEnabled(extensions_features::kEnableExtensionManagementToChromeStore)) + serialized_referrer_proto = ""; - // Base64 encode the proto to avoid issues with base::Value rejecting strings - // which are not valid UTF8. - base::Base64Encode(serialized_referrer_proto, &serialized_referrer_proto); + // Base64 encode the request to avoid issues with base::Value rejecting + // strings which are not valid UTF8. + return RespondNow( + ArgumentList(api::webstore_private::GetReferrerChain::Results::Create( +- base::Base64Encode(request.SerializeAsString())))); ++ base::Base64Encode(serialized_referrer_proto)))); + } + + WebstorePrivateGetExtensionStatusFunction:: diff --git a/chrome/browser/extensions/extension_system_impl.cc b/chrome/browser/extensions/extension_system_impl.cc --- a/chrome/browser/extensions/extension_system_impl.cc +++ b/chrome/browser/extensions/extension_system_impl.cc @@ -445,7 +452,7 @@ diff --git a/chrome/browser/resources/extensions/manager.html b/chrome/browser/r diff --git a/chrome/browser/resources/extensions/manager.ts b/chrome/browser/resources/extensions/manager.ts --- a/chrome/browser/resources/extensions/manager.ts +++ b/chrome/browser/resources/extensions/manager.ts -@@ -121,6 +121,11 @@ export class ExtensionsManagerElement extends ExtensionsManagerElementBase { +@@ -122,6 +122,11 @@ export class ExtensionsManagerElement extends ExtensionsManagerElementBase { value: () => loadTimeData.getBoolean('inDevMode'), }, @@ -457,7 +464,7 @@ diff --git a/chrome/browser/resources/extensions/manager.ts b/chrome/browser/res showActivityLog: { type: Boolean, value: () => loadTimeData.getBoolean('showActivityLog'), -@@ -222,6 +227,7 @@ export class ExtensionsManagerElement extends ExtensionsManagerElementBase { +@@ -223,6 +228,7 @@ export class ExtensionsManagerElement extends ExtensionsManagerElementBase { canLoadUnpacked: boolean; delegate: Service; inDevMode: boolean; @@ -465,7 +472,7 @@ diff --git a/chrome/browser/resources/extensions/manager.ts b/chrome/browser/res showActivityLog: boolean; enableEnhancedSiteControls: boolean; devModeControlledByPolicy: boolean; -@@ -292,6 +298,7 @@ export class ExtensionsManagerElement extends ExtensionsManagerElementBase { +@@ -293,6 +299,7 @@ export class ExtensionsManagerElement extends ExtensionsManagerElementBase { profileInfo.isDeveloperModeControlledByPolicy; this.inDevMode = profileInfo.inDeveloperMode; this.canLoadUnpacked = profileInfo.canLoadUnpacked; @@ -503,7 +510,7 @@ diff --git a/chrome/browser/resources/extensions/toolbar.html b/chrome/browser/r cr-toolbar { --cr-toolbar-center-basis: 680px; --cr-toolbar-field-max-width: var(--cr-toolbar-center-basis); -@@ -87,6 +92,13 @@ +@@ -88,6 +93,13 @@ checked="[[inDevMode]]" aria-labelledby="devModeLabel"> @@ -729,7 +736,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br #include "extensions/common/extension_icon_set.h" #include "extensions/common/extension_urls.h" #include "extensions/common/manifest.h" -@@ -88,6 +92,27 @@ std::vector CreateWarningsList(const Extension* extension) { +@@ -89,6 +93,27 @@ std::vector CreateWarningsList(const Extension* extension) { return warnings_list; } @@ -757,7 +764,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br std::vector GetAvailableLaunchTypes( const Extension& extension, const ManagementAPIDelegate* delegate) { -@@ -261,6 +286,8 @@ void AddExtensionInfo(const Extension* source_extension, +@@ -262,6 +287,8 @@ void AddExtensionInfo(const Extension* source_extension, const ExtensionSet& extensions, ExtensionInfoList* extension_list, content::BrowserContext* context) { @@ -766,7 +773,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br for (ExtensionSet::const_iterator iter = extensions.begin(); iter != extensions.end(); ++iter) { const Extension& extension = **iter; -@@ -306,10 +333,9 @@ ExtensionFunction::ResponseAction ManagementGetFunction::Run() { +@@ -307,10 +334,9 @@ ExtensionFunction::ResponseAction ManagementGetFunction::Run() { std::optional params = management::Get::Params::Create(args()); EXTENSION_FUNCTION_VALIDATE(params); @@ -778,7 +785,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br if (!target_extension) return RespondNow(Error(keys::kNoExtensionError, params->id)); -@@ -329,8 +355,7 @@ ManagementGetPermissionWarningsByIdFunction::Run() { +@@ -330,8 +356,7 @@ ManagementGetPermissionWarningsByIdFunction::Run() { EXTENSION_FUNCTION_VALIDATE(params); const Extension* extension = @@ -788,7 +795,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br if (!extension) return RespondNow(Error(keys::kNoExtensionError, params->id)); -@@ -396,8 +421,7 @@ ExtensionFunction::ResponseAction ManagementLaunchAppFunction::Run() { +@@ -397,8 +422,7 @@ ExtensionFunction::ResponseAction ManagementLaunchAppFunction::Run() { return RespondNow(Error(keys::kNotAllowedInKioskError)); const Extension* extension = @@ -798,7 +805,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br if (!extension) return RespondNow(Error(keys::kNoExtensionError, params->id)); if (!extension->is_app()) -@@ -432,7 +456,7 @@ ExtensionFunction::ResponseAction ManagementSetEnabledFunction::Run() { +@@ -433,7 +457,7 @@ ExtensionFunction::ResponseAction ManagementSetEnabledFunction::Run() { ->GetDelegate(); const Extension* target_extension = @@ -807,7 +814,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br if (!target_extension || !ShouldExposeViaManagementAPI(*target_extension)) { return RespondNow(Error(keys::kNoExtensionError, extension_id_)); } -@@ -627,8 +651,7 @@ ExtensionFunction::ResponseAction ManagementUninstallFunctionBase::Uninstall( +@@ -628,8 +652,7 @@ ExtensionFunction::ResponseAction ManagementUninstallFunctionBase::Uninstall( ->GetDelegate(); target_extension_id_ = target_extension_id; const Extension* target_extension = @@ -817,7 +824,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br ExtensionRegistry::EVERYTHING); if (!target_extension || !ShouldExposeViaManagementAPI(*target_extension)) { return RespondNow(Error(keys::kNoExtensionError, target_extension_id_)); -@@ -692,8 +715,7 @@ void ManagementUninstallFunctionBase::UninstallExtension() { +@@ -693,8 +716,7 @@ void ManagementUninstallFunctionBase::UninstallExtension() { // The extension can be uninstalled in another window while the UI was // showing. Do nothing in that case. const Extension* target_extension = @@ -827,7 +834,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br ExtensionRegistry::EVERYTHING); std::string error; bool success = false; -@@ -774,8 +796,7 @@ ExtensionFunction::ResponseAction ManagementCreateAppShortcutFunction::Run() { +@@ -775,8 +797,7 @@ ExtensionFunction::ResponseAction ManagementCreateAppShortcutFunction::Run() { management::CreateAppShortcut::Params::Create(args()); EXTENSION_FUNCTION_VALIDATE(params); const Extension* extension = @@ -837,7 +844,7 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br if (!extension) { return RespondNow(Error( ErrorUtils::FormatErrorMessage(keys::kNoExtensionError, params->id))); -@@ -825,8 +846,7 @@ ExtensionFunction::ResponseAction ManagementSetLaunchTypeFunction::Run() { +@@ -826,8 +847,7 @@ ExtensionFunction::ResponseAction ManagementSetLaunchTypeFunction::Run() { management::SetLaunchType::Params::Create(args()); EXTENSION_FUNCTION_VALIDATE(params); const Extension* extension = @@ -850,9 +857,9 @@ diff --git a/extensions/browser/api/management/management_api.cc b/extensions/br diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/browser/updater/extension_downloader.cc --- a/extensions/browser/updater/extension_downloader.cc +++ b/extensions/browser/updater/extension_downloader.cc -@@ -491,8 +491,8 @@ void ExtensionDownloader::CreateManifestLoader() { - std::vector id_vector(extension_ids.begin(), - extension_ids.end()); +@@ -493,8 +493,8 @@ void ExtensionDownloader::CreateManifestLoader() { + std::vector id_vector(extension_ids.begin(), + extension_ids.end()); std::string id_list = base::JoinString(id_vector, ","); - VLOG(2) << "Fetching " << active_request->full_url() << " for " << id_list; - VLOG(2) << "Update interactivity: " @@ -861,7 +868,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro << (active_request->foreground_check() ? kUpdateInteractivityForeground : kUpdateInteractivityBackground); -@@ -517,7 +517,7 @@ void ExtensionDownloader::CreateManifestLoader() { +@@ -519,7 +519,7 @@ void ExtensionDownloader::CreateManifestLoader() { destination: WEBSITE } policy { @@ -870,7 +877,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro cookies_store: "user" setting: "This feature cannot be disabled. It is only enabled when the user " -@@ -534,6 +534,7 @@ void ExtensionDownloader::CreateManifestLoader() { +@@ -536,6 +536,7 @@ void ExtensionDownloader::CreateManifestLoader() { auto resource_request = std::make_unique(); resource_request->url = active_request->full_url(), resource_request->load_flags = net::LOAD_DISABLE_CACHE; @@ -878,7 +885,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro if (active_request->fetch_priority() == DownloadFetchPriority::kForeground) { resource_request->priority = net::MEDIUM; -@@ -542,10 +543,6 @@ void ExtensionDownloader::CreateManifestLoader() { +@@ -544,10 +545,6 @@ void ExtensionDownloader::CreateManifestLoader() { // Send traffic-management headers to the webstore, and omit credentials. // https://bugs.chromium.org/p/chromium/issues/detail?id=647516 if (extension_urls::IsWebstoreUpdateUrl(active_request->full_url())) { @@ -889,7 +896,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro resource_request->headers.SetHeader(kUpdateAppIdHeader, id_list); resource_request->headers.SetHeader( kUpdateUpdaterHeader, -@@ -830,20 +827,6 @@ void ExtensionDownloader::HandleManifestResults( +@@ -832,20 +829,6 @@ void ExtensionDownloader::HandleManifestResults( update.second->info); } @@ -910,7 +917,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro ExtensionIdSet extension_ids_with_errors; for (const auto& failure : failures) extension_ids_with_errors.insert(failure.first.id); -@@ -865,7 +848,7 @@ ExtensionDownloader::GetUpdateAvailability( +@@ -867,7 +850,7 @@ ExtensionDownloader::GetUpdateAvailability( // extensions that have already existed in the system. if (!delegate_->GetExtensionExistingVersion(extension_id, &extension_version)) { @@ -919,7 +926,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro return UpdateAvailability::kBadUpdateSpecification; } VLOG(2) << extension_id << " is at '" << extension_version << "'"; -@@ -876,11 +859,11 @@ ExtensionDownloader::GetUpdateAvailability( +@@ -878,11 +861,11 @@ ExtensionDownloader::GetUpdateAvailability( const std::string& update_version_str = update->version; if (VLOG_IS_ON(2)) { if (update_version_str.empty()) @@ -933,7 +940,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro << " latest version is '" << update_version_str << "'"; } -@@ -890,21 +873,21 @@ ExtensionDownloader::GetUpdateAvailability( +@@ -892,21 +875,21 @@ ExtensionDownloader::GetUpdateAvailability( // we don't want it. if (update_version_str.empty()) { // If update manifest doesn't have version number => no update. @@ -956,9 +963,9 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro - VLOG(2) << extension_id << " version is not older than '" + LOG(INFO) << extension_id << " version is not older than '" << update_version_str << "'"; - has_noupdate = true; - continue; -@@ -925,7 +908,9 @@ ExtensionDownloader::GetUpdateAvailability( + bool can_rollback = + update_version.CompareTo(existing_version) < 0 && +@@ -933,7 +916,9 @@ ExtensionDownloader::GetUpdateAvailability( } // Stop checking as soon as an update for |extension_id| is found. @@ -969,7 +976,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro *update_result_out = const_cast(update); return UpdateAvailability::kAvailable; } -@@ -1170,7 +1155,7 @@ void ExtensionDownloader::CreateExtensionLoader() { +@@ -1178,7 +1163,7 @@ void ExtensionDownloader::CreateExtensionLoader() { int load_flags = net::LOAD_DISABLE_CACHE; bool is_secure = fetch->url.SchemeIsCryptographic(); extension_loader_resource_request_->load_flags = load_flags; @@ -978,7 +985,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro extension_loader_resource_request_->credentials_mode = network::mojom::CredentialsMode::kOmit; } else { -@@ -1178,7 +1163,7 @@ void ExtensionDownloader::CreateExtensionLoader() { +@@ -1186,7 +1171,7 @@ void ExtensionDownloader::CreateExtensionLoader() { net::SiteForCookies::FromUrl(fetch->url); } @@ -987,7 +994,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro is_secure) { if (access_token_.empty()) { // We should try OAuth2, but we have no token cached. This -@@ -1203,7 +1188,7 @@ void ExtensionDownloader::CreateExtensionLoader() { +@@ -1211,7 +1196,7 @@ void ExtensionDownloader::CreateExtensionLoader() { base::StringPrintf("Bearer %s", access_token_.c_str())); } @@ -996,7 +1003,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro StartExtensionLoader(); } -@@ -1225,7 +1210,7 @@ void ExtensionDownloader::StartExtensionLoader() { +@@ -1233,7 +1218,7 @@ void ExtensionDownloader::StartExtensionLoader() { destination: WEBSITE } policy { @@ -1005,7 +1012,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro cookies_store: "user" setting: "This feature cannot be disabled. It is only enabled when the user " -@@ -1296,6 +1281,7 @@ void ExtensionDownloader::OnExtensionLoadComplete(base::FilePath crx_path) { +@@ -1304,6 +1289,7 @@ void ExtensionDownloader::OnExtensionLoadComplete(base::FilePath crx_path) { RETRY_HISTOGRAM("CrxFetchSuccess", extensions_queue_.active_request_failure_count(), url); @@ -1013,7 +1020,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro std::unique_ptr fetch_data = std::move(extensions_queue_.reset_active_request().fetch); delegate_->OnExtensionDownloadStageChanged( -@@ -1316,7 +1302,7 @@ void ExtensionDownloader::OnExtensionLoadComplete(base::FilePath crx_path) { +@@ -1324,7 +1310,7 @@ void ExtensionDownloader::OnExtensionLoadComplete(base::FilePath crx_path) { } else { const std::set request_ids = active_request.GetRequestIds(); const ExtensionDownloaderDelegate::PingResult& ping = ping_results_[id]; @@ -1022,7 +1029,7 @@ diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/bro << "' response code:" << response_code; if (ShouldRetryRequest(extension_loader_.get()) && extensions_queue_.active_request_failure_count() < kMaxRetries) { -@@ -1410,6 +1396,7 @@ void ExtensionDownloader::NotifyExtensionsDownloadFailedWithList( +@@ -1418,6 +1404,7 @@ void ExtensionDownloader::NotifyExtensionsDownloadFailedWithList( bool ExtensionDownloader::IterateFetchCredentialsAfterFailure( ExtensionFetch* fetch, int response_code) { @@ -1086,7 +1093,7 @@ diff --git a/extensions/browser/updater/safe_manifest_parser.cc b/extensions/bro diff --git a/extensions/common/extension_features.cc b/extensions/common/extension_features.cc --- a/extensions/common/extension_features.cc +++ b/extensions/common/extension_features.cc -@@ -154,4 +154,19 @@ BASE_FEATURE(kDeclarativeNetRequestResponseHeaderMatching, +@@ -158,4 +158,19 @@ BASE_FEATURE(kDeclarativeNetRequestResponseHeaderMatching, "DeclarativeNetRequestResponseHeaderMatching", base::FEATURE_DISABLED_BY_DEFAULT); @@ -1109,7 +1116,7 @@ diff --git a/extensions/common/extension_features.cc b/extensions/common/extensi diff --git a/extensions/common/extension_features.h b/extensions/common/extension_features.h --- a/extensions/common/extension_features.h +++ b/extensions/common/extension_features.h -@@ -193,6 +193,10 @@ BASE_DECLARE_FEATURE(kDeclarativeNetRequestSafeRuleLimits); +@@ -200,6 +200,10 @@ BASE_DECLARE_FEATURE(kDeclarativeNetRequestSafeRuleLimits); // matching condition. BASE_DECLARE_FEATURE(kDeclarativeNetRequestResponseHeaderMatching); diff --git a/build/patches/Client-hints-overrides.patch b/build/patches/Client-hints-overrides.patch index 305420c40..bb625ae10 100644 --- a/build/patches/Client-hints-overrides.patch +++ b/build/patches/Client-hints-overrides.patch @@ -7,17 +7,18 @@ Use Google Chrome branding for client hints License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html --- - components/embedder_support/user_agent_utils.cc | 4 +--- - content/browser/client_hints/client_hints.cc | 3 ++- - content/browser/loader/navigation_url_loader_impl.cc | 5 +++++ - .../content/common/features_cc/Client-hints-overrides.inc | 1 + - .../public/cpp/features_cc/Client-hints-overrides.inc | 1 + - net/http/http_network_transaction.cc | 1 + - services/network/public/cpp/client_hints.cc | 1 + - third_party/blink/common/client_hints/client_hints.cc | 1 + - .../blink/common/client_hints/enabled_client_hints.cc | 4 +++- - .../blink/renderer/platform/runtime_enabled_features.json5 | 4 ++-- - 10 files changed, 18 insertions(+), 7 deletions(-) + components/embedder_support/user_agent_utils.cc | 4 +--- + content/browser/client_hints/client_hints.cc | 16 ++++++++++------ + .../browser/loader/navigation_url_loader_impl.cc | 5 +++++ + .../features_cc/Client-hints-overrides.inc | 1 + + .../cpp/features_cc/Client-hints-overrides.inc | 1 + + net/http/http_network_transaction.cc | 1 + + services/network/public/cpp/client_hints.cc | 1 + + .../blink/common/client_hints/client_hints.cc | 1 + + .../common/client_hints/enabled_client_hints.cc | 4 +++- + .../renderer/core/loader/base_fetch_context.cc | 6 ++++-- + .../platform/runtime_enabled_features.json5 | 4 ++++ + 11 files changed, 32 insertions(+), 12 deletions(-) create mode 100644 cromite_flags/content/common/features_cc/Client-hints-overrides.inc create mode 100644 cromite_flags/services/network/public/cpp/features_cc/Client-hints-overrides.inc @@ -48,10 +49,37 @@ diff --git a/content/browser/client_hints/client_hints.cc b/content/browser/clie return network::IsOriginPotentiallyTrustworthy(origin); } +@@ -718,7 +719,8 @@ void UpdateNavigationRequestClientUaHeadersImpl( + // value, disable them. This overwrites previous decision from UI. + disable_due_to_custom_ua = !ua_metadata.has_value(); + } +- ++ if (!RuntimeEnabledFeatures::UserAgentClientHintEnabled()) ++ disable_due_to_custom_ua = true; + if (!disable_due_to_custom_ua) { + if (!ua_metadata.has_value()) + ua_metadata = delegate->GetUserAgentMetadata(); +@@ -900,10 +902,12 @@ void AddRequestClientHintsHeaders( + AddEctHeader(headers, network_quality_tracker, url); + } + +- UpdateNavigationRequestClientUaHeadersImpl( +- delegate, is_ua_override_on, frame_tree_node, +- ClientUaHeaderCallType::kDuringCreation, headers, container_policy, +- request_url, data); ++ if (RuntimeEnabledFeatures::UserAgentClientHintEnabled()) { ++ UpdateNavigationRequestClientUaHeadersImpl( ++ delegate, is_ua_override_on, frame_tree_node, ++ ClientUaHeaderCallType::kDuringCreation, headers, container_policy, ++ request_url, data); ++ } + + if (ShouldAddClientHint(data, WebClientHintsType::kPrefersColorScheme)) { + AddPrefersColorSchemeHeader(headers, frame_tree_node); diff --git a/content/browser/loader/navigation_url_loader_impl.cc b/content/browser/loader/navigation_url_loader_impl.cc --- a/content/browser/loader/navigation_url_loader_impl.cc +++ b/content/browser/loader/navigation_url_loader_impl.cc -@@ -1064,6 +1064,11 @@ void NavigationURLLoaderImpl::OnAcceptCHFrameReceived( +@@ -1070,6 +1070,11 @@ void NavigationURLLoaderImpl::OnAcceptCHFrameReceived( return; } @@ -119,7 +147,7 @@ diff --git a/third_party/blink/common/client_hints/enabled_client_hints.cc b/thi switch (type) { case WebClientHintsType::kUA: case WebClientHintsType::kUAArch: -@@ -99,7 +100,7 @@ bool IsDisabledByFeature(const WebClientHintsType type) { +@@ -96,7 +97,7 @@ bool IsDisabledByFeature(const WebClientHintsType type) { } // namespace bool EnabledClientHints::IsEnabled(const WebClientHintsType type) const { @@ -128,7 +156,7 @@ diff --git a/third_party/blink/common/client_hints/enabled_client_hints.cc b/thi } void EnabledClientHints::SetIsEnabled(const WebClientHintsType type, -@@ -110,6 +111,7 @@ void EnabledClientHints::SetIsEnabled(const WebClientHintsType type, +@@ -107,6 +108,7 @@ void EnabledClientHints::SetIsEnabled(const WebClientHintsType type, std::vector EnabledClientHints::GetEnabledHints() const { std::vector hints; @@ -136,18 +164,48 @@ diff --git a/third_party/blink/common/client_hints/enabled_client_hints.cc b/thi for (const auto& elem : network::GetClientHintToNameMap()) { const auto& type = elem.first; if (IsEnabled(type)) +diff --git a/third_party/blink/renderer/core/loader/base_fetch_context.cc b/third_party/blink/renderer/core/loader/base_fetch_context.cc +--- a/third_party/blink/renderer/core/loader/base_fetch_context.cc ++++ b/third_party/blink/renderer/core/loader/base_fetch_context.cc +@@ -167,7 +167,7 @@ void BaseFetchContext::AddClientHintsIfNecessary( + // specifying accomponying client hints, in which case we disable sending + // them. + using network::mojom::blink::WebClientHintsType; +- if (ua) { ++ if (RuntimeEnabledFeatures::UserAgentClientHintEnabled() && ua) { + // ShouldSendClientHint is called to make sure UA is controlled by + // Permissions Policy. + if (ShouldSendClientHint(policy, resource_origin, is_1p_origin, +@@ -329,7 +329,7 @@ void BaseFetchContext::AddClientHintsIfNecessary( + } + + // Only send User Agent hints if the info is available +- if (ua) { ++ if (RuntimeEnabledFeatures::UserAgentClientHintEnabled() && ua) { + if (ShouldSendClientHint(policy, resource_origin, is_1p_origin, + WebClientHintsType::kUAArch, hints_preferences)) { + SetHttpHeader(WebClientHintsType::kUAArch, +@@ -652,6 +652,8 @@ bool BaseFetchContext::ShouldSendClientHint( + bool is_1p_origin, + network::mojom::blink::WebClientHintsType type, + const ClientHintsPreferences& hints_preferences) const { ++ if (!RuntimeEnabledFeatures::UserAgentClientHintEnabled()) ++ return false; + // For subresource requests, sending the hint in the fetch request based on + // the permissions policy. + if ((!policy || diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 b/third_party/blink/renderer/platform/runtime_enabled_features.json5 --- a/third_party/blink/renderer/platform/runtime_enabled_features.json5 +++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5 -@@ -3903,8 +3903,8 @@ - public: true, +@@ -536,6 +536,10 @@ + name: "ByobFetch", + status: "stable", }, - { -- name: "UserAgentClientHint", -- status: "stable", ++ { + name: "UserAgentClientHint", // always disabled + status: "experimental", // in bromite - }, ++ }, { - // https://chromestatus.com/feature/5132477781245952 + name: "CacheStorageCodeCacheHint", + origin_trial_feature_name: "CacheStorageCodeCacheHint", -- diff --git a/build/patches/Disable-FLoC-and-privacy-sandbox.patch b/build/patches/Disable-FLoC-and-privacy-sandbox.patch index 439ee4a0a..97f2a48f3 100644 --- a/build/patches/Disable-FLoC-and-privacy-sandbox.patch +++ b/build/patches/Disable-FLoC-and-privacy-sandbox.patch @@ -12,20 +12,20 @@ License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html .../browser/chrome_content_browser_client.cc | 3 +++ .../privacy_sandbox_settings_delegate.cc | 1 + .../privacy_sandbox/privacy_sandbox_prompt.cc | 1 + - .../history/core/browser/history_backend.cc | 13 +--------- + .../history/core/browser/history_backend.cc | 13 +------------ .../privacy_sandbox_attestations.cc | 2 -- - .../privacy_sandbox_features.cc | 6 ++++- + .../privacy_sandbox_features.cc | 4 ++++ .../privacy_sandbox/privacy_sandbox_prefs.cc | 4 ++-- - .../privacy_sandbox_settings_impl.cc | 24 +++++++++++++------ + .../privacy_sandbox_settings_impl.cc | 19 ++++++++++++++----- .../Disable-FLoC-and-privacy-sandbox.inc | 1 + third_party/blink/common/features.cc | 1 + - 10 files changed, 32 insertions(+), 24 deletions(-) + 10 files changed, 28 insertions(+), 21 deletions(-) create mode 100644 cromite_flags/third_party/blink/common/features_cc/Disable-FLoC-and-privacy-sandbox.inc diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc --- a/chrome/browser/chrome_content_browser_client.cc +++ b/chrome/browser/chrome_content_browser_client.cc -@@ -3381,6 +3381,9 @@ bool ChromeContentBrowserClient::IsAttributionReportingOperationAllowed( +@@ -3240,6 +3240,9 @@ bool ChromeContentBrowserClient::IsAttributionReportingOperationAllowed( const url::Origin* destination_origin, const url::Origin* reporting_origin, bool* can_bypass) { @@ -82,7 +82,7 @@ diff --git a/components/history/core/browser/history_backend.cc b/components/his diff --git a/components/privacy_sandbox/privacy_sandbox_attestations/privacy_sandbox_attestations.cc b/components/privacy_sandbox/privacy_sandbox_attestations/privacy_sandbox_attestations.cc --- a/components/privacy_sandbox/privacy_sandbox_attestations/privacy_sandbox_attestations.cc +++ b/components/privacy_sandbox/privacy_sandbox_attestations/privacy_sandbox_attestations.cc -@@ -405,8 +405,6 @@ void PrivacySandboxAttestations::OnAttestationsParsed( +@@ -478,8 +478,6 @@ void PrivacySandboxAttestations::OnAttestationsParsed( if (attestations_map.has_value() && (!file_version_.IsValid() || file_version_.CompareTo(version) < 0)) { // Parsing succeeded and the attestations file has newer version. @@ -94,15 +94,7 @@ diff --git a/components/privacy_sandbox/privacy_sandbox_attestations/privacy_san diff --git a/components/privacy_sandbox/privacy_sandbox_features.cc b/components/privacy_sandbox/privacy_sandbox_features.cc --- a/components/privacy_sandbox/privacy_sandbox_features.cc +++ b/components/privacy_sandbox/privacy_sandbox_features.cc -@@ -145,11 +145,15 @@ BASE_FEATURE(kAttributionDebugReportingCookieDeprecationTesting, - BASE_FEATURE(kPrivateAggregationDebugReportingCookieDeprecationTesting, - "PrivateAggregationDebugReportingCookieDeprecationTesting", - base::FEATURE_DISABLED_BY_DEFAULT); -- -+ - #if BUILDFLAG(IS_ANDROID) - BASE_FEATURE(kTrackingProtectionNoticeRequestTracking, - "TrackingProtectionNoticeRequestTracking", +@@ -164,4 +164,8 @@ BASE_FEATURE(kTrackingProtectionNoticeRequestTracking, base::FEATURE_DISABLED_BY_DEFAULT); #endif // BUILDFLAG(IS_ANDROID) @@ -121,17 +113,17 @@ diff --git a/components/privacy_sandbox/privacy_sandbox_prefs.cc b/components/pr - prefs::kPrivacySandboxApisEnabled, true, + prefs::kPrivacySandboxApisEnabled, false, user_prefs::PrefRegistrySyncable::SYNCABLE_PREF); - registry->RegisterBooleanPref(prefs::kPrivacySandboxApisEnabledV2, false); registry->RegisterBooleanPref(prefs::kPrivacySandboxM1ConsentDecisionMade, -@@ -28,7 +28,7 @@ void RegisterProfilePrefs(PrefRegistrySimple* registry) { + false); +@@ -27,7 +27,7 @@ void RegisterProfilePrefs(PrefRegistrySimple* registry) { registry->RegisterBooleanPref(prefs::kPrivacySandboxM1FledgeEnabled, false); registry->RegisterBooleanPref(prefs::kPrivacySandboxM1AdMeasurementEnabled, false); - registry->RegisterBooleanPref(prefs::kPrivacySandboxM1Restricted, false); + registry->RegisterBooleanPref(prefs::kPrivacySandboxM1Restricted, true); - registry->RegisterBooleanPref(prefs::kPrivacySandboxManuallyControlledV2, - false); + registry->RegisterTimePref(prefs::kPrivacySandboxTopicsDataAccessibleSince, + base::Time()); diff --git a/components/privacy_sandbox/privacy_sandbox_settings_impl.cc b/components/privacy_sandbox/privacy_sandbox_settings_impl.cc --- a/components/privacy_sandbox/privacy_sandbox_settings_impl.cc +++ b/components/privacy_sandbox/privacy_sandbox_settings_impl.cc @@ -182,27 +174,7 @@ diff --git a/components/privacy_sandbox/privacy_sandbox_settings_impl.cc b/compo ScopedDictPrefUpdate scoped_pref_update( pref_service_, prefs::kPrivacySandboxFledgeJoinBlocked); auto& pref_data = scoped_pref_update.Get(); -@@ -693,7 +697,8 @@ bool PrivacySandboxSettingsImpl::IsPrivateAggregationDebugModeAllowed( - delegate_->AreThirdPartyCookiesBlockedByCookieDeprecationExperiment(); - } - --bool PrivacySandboxSettingsImpl::IsPrivacySandboxEnabled() const { -+bool PrivacySandboxSettingsImpl::IsPrivacySandboxEnabled() const { // disabled in Bromite -+ if ((true)) return false; - PrivacySandboxSettingsImpl::Status status = GetPrivacySandboxAllowedStatus(); - if (!IsAllowed(status)) { - return false; -@@ -720,7 +725,8 @@ void PrivacySandboxSettingsImpl::SetTopicsBlockedForTesting() { - pref_service_->SetBoolean(prefs::kPrivacySandboxM1TopicsEnabled, false); - } - --void PrivacySandboxSettingsImpl::SetPrivacySandboxEnabled(bool enabled) { -+void PrivacySandboxSettingsImpl::SetPrivacySandboxEnabled(bool enabled) { // disabled in Bromite -+ enabled = false; - pref_service_->SetBoolean(prefs::kPrivacySandboxApisEnabledV2, enabled); - } - -@@ -767,7 +773,10 @@ void PrivacySandboxSettingsImpl::SetDelegateForTesting( +@@ -742,7 +746,10 @@ void PrivacySandboxSettingsImpl::SetDelegateForTesting( delegate_ = std::move(delegate); } @@ -214,7 +186,7 @@ diff --git a/components/privacy_sandbox/privacy_sandbox_settings_impl.cc b/compo pref_service_->SetTime(prefs::kPrivacySandboxTopicsDataAccessibleSince, base::Time::Now()); -@@ -780,6 +789,7 @@ PrivacySandboxSettingsImpl::Status +@@ -755,6 +762,7 @@ PrivacySandboxSettingsImpl::Status PrivacySandboxSettingsImpl::GetSiteAccessAllowedStatus( const url::Origin& top_frame_origin, const GURL& url) const { @@ -222,6 +194,14 @@ diff --git a/components/privacy_sandbox/privacy_sandbox_settings_impl.cc b/compo // Relying on |host_content_settings_map_| instead of |cookie_settings_| // allows to query whether the site associated with the |url| is allowed to // access Site data (aka ContentSettingsType::COOKIES) without considering any +@@ -769,6 +777,7 @@ PrivacySandboxSettingsImpl::GetSiteAccessAllowedStatus( + PrivacySandboxSettingsImpl::Status + PrivacySandboxSettingsImpl::GetPrivacySandboxAllowedStatus( + bool should_ignore_restriction /*=false*/) const { ++ if ((true)) return Status::kRestricted; + if (delegate_->IsIncognitoProfile()) { + return Status::kIncognitoProfile; + } diff --git a/cromite_flags/third_party/blink/common/features_cc/Disable-FLoC-and-privacy-sandbox.inc b/cromite_flags/third_party/blink/common/features_cc/Disable-FLoC-and-privacy-sandbox.inc new file mode 100644 --- /dev/null @@ -231,7 +211,7 @@ new file mode 100644 diff --git a/third_party/blink/common/features.cc b/third_party/blink/common/features.cc --- a/third_party/blink/common/features.cc +++ b/third_party/blink/common/features.cc -@@ -2239,6 +2239,7 @@ bool IsAllowPageWithIDBConnectionAndTransactionInBFCacheEnabled() { +@@ -2329,6 +2329,7 @@ bool IsAllowPageWithIDBConnectionAndTransactionInBFCacheEnabled() { } bool IsAllowURNsInIframeEnabled() { diff --git a/build/patches/Disable-all-predictors-code.patch b/build/patches/Disable-all-predictors-code.patch index 06de5c2b6..fc99bf057 100644 --- a/build/patches/Disable-all-predictors-code.patch +++ b/build/patches/Disable-all-predictors-code.patch @@ -10,27 +10,26 @@ License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html .../preloading_model_keyed_service_factory.cc | 4 +-- .../chrome_hints_manager.cc | 1 + .../optimization_guide_keyed_service.cc | 1 - - .../browser/predictors/loading_predictor.cc | 4 +-- .../predictors/loading_predictor_config.cc | 4 +-- - .../browser/predictors/predictors_features.cc | 11 ++----- + .../browser/predictors/predictors_features.cc | 11 ++------ chrome/browser/ui/tab_helpers.cc | 1 - - .../ui/webui/omnibox/omnibox_page_handler.cc | 14 +++++++++ + .../ui/webui/omnibox/omnibox_page_handler.cc | 14 +++++++++++ .../browser/autofill_optimization_guide.cc | 5 ++-- .../browser/autocomplete_controller.cc | 2 ++ .../optimization_guide/core/hints_fetcher.cc | 1 + .../optimization_guide/core/hints_manager.cc | 5 ++++ - .../core/optimization_guide_features.cc | 29 ++++++++++--------- - .../core/prediction_model_download_manager.cc | 6 ++-- + .../core/optimization_guide_features.cc | 25 +++++++++++-------- + .../core/prediction_model_download_manager.cc | 6 +++-- .../core/prediction_model_fetcher_impl.cc | 1 + - components/optimization_guide/features.gni | 3 +- - components/search/ntp_features.cc | 3 ++ + components/optimization_guide/features.gni | 3 +-- + components/search/ntp_features.cc | 3 +++ .../Disable-all-predictors-code.inc | 4 +++ - .../Disable-all-predictors-code.inc | 7 +++++ + .../Disable-all-predictors-code.inc | 7 ++++++ .../Disable-all-predictors-code.inc | 4 +++ .../Disable-all-predictors-code.inc | 2 ++ .../document_speculation_rules.cc | 1 + .../platform/runtime_enabled_features.json5 | 2 +- - 25 files changed, 77 insertions(+), 41 deletions(-) + 24 files changed, 75 insertions(+), 35 deletions(-) create mode 100644 cromite_flags/chrome/browser/browser_features_cc/Disable-all-predictors-code.inc create mode 100644 cromite_flags/chrome/common/chrome_features_cc/Disable-all-predictors-code.inc create mode 100644 cromite_flags/components/permissions/features_cc/Disable-all-predictors-code.inc @@ -39,7 +38,7 @@ License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn --- a/chrome/browser/BUILD.gn +++ b/chrome/browser/BUILD.gn -@@ -840,8 +840,6 @@ static_library("browser") { +@@ -845,8 +845,6 @@ static_library("browser") { "navigation_predictor/navigation_predictor_keyed_service_factory.h", "navigation_predictor/navigation_predictor_metrics_document_data.cc", "navigation_predictor/navigation_predictor_metrics_document_data.h", @@ -75,7 +74,7 @@ diff --git a/chrome/browser/optimization_guide/chrome_hints_manager.cc b/chrome/ --- a/chrome/browser/optimization_guide/chrome_hints_manager.cc +++ b/chrome/browser/optimization_guide/chrome_hints_manager.cc @@ -27,6 +27,7 @@ bool IsAllowedToFetchForNavigationPrediction( - const absl::optional + const std::optional prediction) { DCHECK(prediction); + if ((true)) return false; @@ -85,7 +84,7 @@ diff --git a/chrome/browser/optimization_guide/chrome_hints_manager.cc b/chrome/ diff --git a/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc b/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc --- a/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc +++ b/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc -@@ -520,7 +520,6 @@ void OptimizationGuideKeyedService::RemoveObserverForOptimizationTargetModel( +@@ -560,7 +560,6 @@ void OptimizationGuideKeyedService::RemoveObserverForOptimizationTargetModel( void OptimizationGuideKeyedService::RegisterOptimizationTypes( const std::vector& optimization_types) { @@ -93,27 +92,6 @@ diff --git a/chrome/browser/optimization_guide/optimization_guide_keyed_service. } optimization_guide::OptimizationGuideDecision -diff --git a/chrome/browser/predictors/loading_predictor.cc b/chrome/browser/predictors/loading_predictor.cc ---- a/chrome/browser/predictors/loading_predictor.cc -+++ b/chrome/browser/predictors/loading_predictor.cc -@@ -212,7 +212,7 @@ ResourcePrefetchPredictor* LoadingPredictor::resource_prefetch_predictor() { - } - - PreconnectManager* LoadingPredictor::preconnect_manager() { -- if (shutdown_) { -+ if ((true)) { - return nullptr; - } - -@@ -228,7 +228,7 @@ PrefetchManager* LoadingPredictor::prefetch_manager() { - if (!base::FeatureList::IsEnabled(features::kLoadingPredictorPrefetch)) - return nullptr; - -- if (shutdown_) { -+ if ((true)) { - return nullptr; - } - diff --git a/chrome/browser/predictors/loading_predictor_config.cc b/chrome/browser/predictors/loading_predictor_config.cc --- a/chrome/browser/predictors/loading_predictor_config.cc +++ b/chrome/browser/predictors/loading_predictor_config.cc @@ -165,7 +143,7 @@ diff --git a/chrome/browser/predictors/predictors_features.cc b/chrome/browser/p diff --git a/chrome/browser/ui/tab_helpers.cc b/chrome/browser/ui/tab_helpers.cc --- a/chrome/browser/ui/tab_helpers.cc +++ b/chrome/browser/ui/tab_helpers.cc -@@ -404,7 +404,6 @@ void TabHelpers::AttachTabHelpers(WebContents* web_contents) { +@@ -410,7 +410,6 @@ void TabHelpers::AttachTabHelpers(WebContents* web_contents) { } MixedContentSettingsTabHelper::CreateForWebContents(web_contents); NavigationMetricsRecorder::CreateForWebContents(web_contents); @@ -209,7 +187,7 @@ diff --git a/chrome/browser/ui/webui/omnibox/omnibox_page_handler.cc b/chrome/br if (auto* service = GetMlService()) { AutocompleteMatch::ScoringSignals signals = mojo::ConvertTo(mojom_signals); -@@ -526,6 +533,9 @@ void OmniboxPageHandler::StartMl(mojom::SignalsPtr mojom_signals, +@@ -525,6 +532,9 @@ void OmniboxPageHandler::StartMl(mojom::SignalsPtr mojom_signals, } else { std::move(callback).Run(-1); } @@ -219,12 +197,12 @@ diff --git a/chrome/browser/ui/webui/omnibox/omnibox_page_handler.cc b/chrome/br } std::unique_ptr OmniboxPageHandler::CreateController( -@@ -550,8 +560,12 @@ OmniboxPageHandler::GetAutocompleteControllerType( +@@ -549,8 +559,12 @@ OmniboxPageHandler::GetAutocompleteControllerType( } AutocompleteScoringModelService* OmniboxPageHandler::GetMlService() { +#if BUILDFLAG(BUILD_WITH_TFLITE_LIB) - return OmniboxFieldTrial::IsMlSyncBatchUrlScoringEnabled() + return OmniboxFieldTrial::IsMlUrlScoringEnabled() ? AutocompleteScoringModelServiceFactory::GetInstance() ->GetForProfile(profile_) : nullptr; @@ -235,7 +213,7 @@ diff --git a/chrome/browser/ui/webui/omnibox/omnibox_page_handler.cc b/chrome/br diff --git a/components/autofill/core/browser/autofill_optimization_guide.cc b/components/autofill/core/browser/autofill_optimization_guide.cc --- a/components/autofill/core/browser/autofill_optimization_guide.cc +++ b/components/autofill/core/browser/autofill_optimization_guide.cc -@@ -94,6 +94,7 @@ void AutofillOptimizationGuide::OnDidParseForm( +@@ -137,6 +137,7 @@ void AutofillOptimizationGuide::OnDidParseForm( // If we do not have any optimization types to register, do not do anything. if (!optimization_types.empty()) { // Register all optimization types that we need based on `form_structure`. @@ -243,7 +221,7 @@ diff --git a/components/autofill/core/browser/autofill_optimization_guide.cc b/c decider_->RegisterOptimizationTypes( std::vector( std::move(optimization_types).extract())); -@@ -105,7 +106,7 @@ bool AutofillOptimizationGuide::ShouldBlockSingleFieldSuggestions( +@@ -148,7 +149,7 @@ bool AutofillOptimizationGuide::ShouldBlockSingleFieldSuggestions( AutofillField* field) const { // If the field's storable type is `IBAN_VALUE`, check whether IBAN // suggestions should be blocked based on `url`. @@ -252,10 +230,10 @@ diff --git a/components/autofill/core/browser/autofill_optimization_guide.cc b/c optimization_guide::OptimizationGuideDecision decision = decider_->CanApplyOptimization( url, optimization_guide::proto::IBAN_AUTOFILL_BLOCKED, -@@ -136,7 +137,7 @@ bool AutofillOptimizationGuide::ShouldBlockFormFieldSuggestion( - +@@ -174,7 +175,7 @@ bool AutofillOptimizationGuide::ShouldBlockFormFieldSuggestion( + const CreditCard* card) const { if (auto optimization_type = - GetVcnMerchantOptOutOptimizationTypeForCard(card); + GetVcnMerchantOptOutOptimizationTypeForCard(*card); - optimization_type != optimization_guide::proto::TYPE_UNSPECIFIED) { + decider_ && optimization_type != optimization_guide::proto::TYPE_UNSPECIFIED) { optimization_guide::OptimizationGuideDecision decision = @@ -264,7 +242,7 @@ diff --git a/components/autofill/core/browser/autofill_optimization_guide.cc b/c diff --git a/components/omnibox/browser/autocomplete_controller.cc b/components/omnibox/browser/autocomplete_controller.cc --- a/components/omnibox/browser/autocomplete_controller.cc +++ b/components/omnibox/browser/autocomplete_controller.cc -@@ -46,7 +46,9 @@ +@@ -44,7 +44,9 @@ #include "components/omnibox/browser/autocomplete_input.h" #include "components/omnibox/browser/autocomplete_match_type.h" #include "components/omnibox/browser/autocomplete_provider.h" @@ -277,10 +255,10 @@ diff --git a/components/omnibox/browser/autocomplete_controller.cc b/components/ diff --git a/components/optimization_guide/core/hints_fetcher.cc b/components/optimization_guide/core/hints_fetcher.cc --- a/components/optimization_guide/core/hints_fetcher.cc +++ b/components/optimization_guide/core/hints_fetcher.cc -@@ -182,6 +182,7 @@ bool HintsFetcher::FetchOptimizationGuideServiceHints( - const std::string& access_token, +@@ -183,6 +183,7 @@ bool HintsFetcher::FetchOptimizationGuideServiceHints( bool skip_cache, - HintsFetchedCallback hints_fetched_callback) { + HintsFetchedCallback hints_fetched_callback, + proto::RequestContextMetadata* request_context_metadata) { + if ((true)) return false; DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); DCHECK_GT(optimization_types.size(), 0u); @@ -296,15 +274,15 @@ diff --git a/components/optimization_guide/core/hints_manager.cc b/components/op switch (optimization_type_decision) { case OptimizationTypeDecision::kAllowedByOptimizationFilter: case OptimizationTypeDecision::kAllowedByHint: -@@ -1096,6 +1097,7 @@ void HintsManager::CanApplyOptimizationOnDemand( - proto::RequestContext request_context, - OnDemandOptimizationGuideDecisionRepeatingCallback callback) { +@@ -1108,6 +1109,7 @@ void HintsManager::CanApplyOptimizationOnDemand( + OnDemandOptimizationGuideDecisionRepeatingCallback callback, + proto::RequestContextMetadata* request_context_metadata) { DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); + if ((true)) return; // no consent on bromite InsertionOrderedSet urls_to_fetch; InsertionOrderedSet hosts_to_fetch; -@@ -1392,6 +1394,9 @@ OptimizationTypeDecision HintsManager::CanApplyOptimization( +@@ -1414,6 +1416,9 @@ OptimizationTypeDecision HintsManager::CanApplyOptimization( bool skip_cache, OptimizationMetadata* optimization_metadata) { DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); @@ -317,7 +295,7 @@ diff --git a/components/optimization_guide/core/hints_manager.cc b/components/op diff --git a/components/optimization_guide/core/optimization_guide_features.cc b/components/optimization_guide/core/optimization_guide_features.cc --- a/components/optimization_guide/core/optimization_guide_features.cc +++ b/components/optimization_guide/core/optimization_guide_features.cc -@@ -35,25 +35,13 @@ namespace features { +@@ -37,18 +37,10 @@ namespace features { namespace { constexpr auto enabled_by_default_desktop_only = @@ -329,13 +307,6 @@ diff --git a/components/optimization_guide/core/optimization_guide_features.cc b constexpr auto enabled_by_default_mobile_only = -#if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_IOS) -- true; --#else - false; --#endif - - constexpr auto enabled_by_default_ios_only = --#if BUILDFLAG(IS_IOS) - base::FEATURE_ENABLED_BY_DEFAULT; -#else base::FEATURE_DISABLED_BY_DEFAULT; @@ -343,7 +314,7 @@ diff --git a/components/optimization_guide/core/optimization_guide_features.cc b // Returns whether |locale| is a supported locale for |feature|. // -@@ -587,8 +575,7 @@ size_t MaxURLKeyedHintCacheSize() { +@@ -587,8 +579,7 @@ size_t MaxURLKeyedHintCacheSize() { } bool ShouldPersistHintsToDisk() { @@ -353,8 +324,8 @@ diff --git a/components/optimization_guide/core/optimization_guide_features.cc b } bool ShouldEnablePersonalizedMetadata(proto::RequestContext request_context) { -@@ -1007,5 +994,19 @@ bool CanLaunchOnDeviceModelService() { - base::FeatureList::IsEnabled(kLogOnDeviceMetricsOnStartup); +@@ -1101,5 +1092,19 @@ bool GetOnDeviceModelRetractRepeats() { + return kOnDeviceModelRetractRepeats.Get(); } +SET_CROMITE_FEATURE_DISABLED(kOptimizationHints); @@ -437,7 +408,7 @@ diff --git a/components/optimization_guide/features.gni b/components/optimizatio diff --git a/components/search/ntp_features.cc b/components/search/ntp_features.cc --- a/components/search/ntp_features.cc +++ b/components/search/ntp_features.cc -@@ -502,4 +502,7 @@ std::vector GetModulesOrder() { +@@ -511,4 +511,7 @@ std::vector GetModulesOrder() { base::SplitResult::SPLIT_WANT_NONEMPTY); } @@ -496,7 +467,7 @@ diff --git a/third_party/blink/renderer/core/speculation_rules/document_speculat diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 b/third_party/blink/renderer/platform/runtime_enabled_features.json5 --- a/third_party/blink/renderer/platform/runtime_enabled_features.json5 +++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5 -@@ -2969,7 +2969,7 @@ +@@ -3027,7 +3027,7 @@ { // https://crbug.com/1126305 name: "Prerender2", diff --git a/build/patches/Disable-prefers-reduced-transparency-media-query.patch b/build/patches/Disable-prefers-reduced-transparency-media-query.patch index c397ab8b8..c579663a3 100644 --- a/build/patches/Disable-prefers-reduced-transparency-media-query.patch +++ b/build/patches/Disable-prefers-reduced-transparency-media-query.patch @@ -51,7 +51,7 @@ diff --git a/third_party/blink/renderer/core/preferences/preference_manager.idl diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 b/third_party/blink/renderer/platform/runtime_enabled_features.json5 --- a/third_party/blink/renderer/platform/runtime_enabled_features.json5 +++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5 -@@ -3010,10 +3010,14 @@ +@@ -3013,10 +3013,14 @@ settable_from_internals: true, }, { diff --git a/build/patches/Evict-the-entire-FrameTree-like-desktop.patch b/build/patches/Evict-the-entire-FrameTree-like-desktop.patch index 95b4126bb..49683b92e 100644 --- a/build/patches/Evict-the-entire-FrameTree-like-desktop.patch +++ b/build/patches/Evict-the-entire-FrameTree-like-desktop.patch @@ -4,23 +4,10 @@ Subject: Evict the entire FrameTree like desktop License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html --- - components/viz/common/features.cc | 2 +- - .../features_cc/Evict-the-entire-FrameTree-like-desktop.inc | 1 + - 2 files changed, 2 insertions(+), 1 deletion(-) + .../features_cc/Evict-the-entire-FrameTree-like-desktop.inc | 1 + + 1 file changed, 1 insertion(+) create mode 100644 cromite_flags/content/common/features_cc/Evict-the-entire-FrameTree-like-desktop.inc -diff --git a/components/viz/common/features.cc b/components/viz/common/features.cc ---- a/components/viz/common/features.cc -+++ b/components/viz/common/features.cc -@@ -252,7 +252,7 @@ BASE_FEATURE(kRendererAllocatesImages, - // evicts itself. This differs from Destkop platforms which evict the entire - // FrameTree along with the topmost viz::Surface. When this feature is enabled, - // Android will begin also evicting the entire FrameTree. --BASE_FEATURE(kEvictSubtree, "EvictSubtree", base::FEATURE_ENABLED_BY_DEFAULT); -+BASE_FEATURE(kEvictSubtree, "EvictSubtree", base::FEATURE_ENABLED_BY_DEFAULT); // enabled by default - - // If enabled, CompositorFrameSinkClient::OnBeginFrame is also treated as the - // DidReceiveCompositorFrameAck. Both in providing the Ack for the previous diff --git a/cromite_flags/content/common/features_cc/Evict-the-entire-FrameTree-like-desktop.inc b/cromite_flags/content/common/features_cc/Evict-the-entire-FrameTree-like-desktop.inc new file mode 100644 --- /dev/null diff --git a/build/patches/Internal-firewall.patch b/build/patches/Internal-firewall.patch index 82cac70d8..2db19fcf3 100644 --- a/build/patches/Internal-firewall.patch +++ b/build/patches/Internal-firewall.patch @@ -35,11 +35,11 @@ License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html services/network/network_context.cc | 73 +++ .../network/public/cpp/simple_url_loader.cc | 18 + .../network/public/cpp/simple_url_loader.h | 3 + - .../platform/loader/fetch/fetch_utils.cc | 193 +++++++- + .../platform/loader/fetch/fetch_utils.cc | 195 +++++++- .../loader/fetch/url_loader/url_loader.cc | 4 +- .../scripts/auditor/auditor.py | 1 + .../scripts/auditor/util.py | 1 + - 30 files changed, 1574 insertions(+), 21 deletions(-) + 30 files changed, 1575 insertions(+), 22 deletions(-) create mode 100644 cromite_flags/chrome/browser/about_flags_cc/Internal-firewall.inc create mode 100644 services/firewall/public/BUILD.gn create mode 100644 services/firewall/public/firewall_features.cc @@ -58,7 +58,7 @@ License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn --- a/chrome/browser/BUILD.gn +++ b/chrome/browser/BUILD.gn -@@ -2527,6 +2527,7 @@ static_library("browser") { +@@ -2522,6 +2522,7 @@ static_library("browser") { "//third_party/ungoogled:switches", "//services/device/public/mojom", "//services/device/public/mojom:usb", @@ -69,7 +69,7 @@ diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc --- a/chrome/browser/about_flags.cc +++ b/chrome/browser/about_flags.cc -@@ -207,6 +207,7 @@ +@@ -209,6 +209,7 @@ #include "sandbox/policy/features.h" #include "sandbox/policy/switches.h" #include "services/device/public/cpp/device_features.h" @@ -239,7 +239,7 @@ new file mode 100644 diff --git a/net/BUILD.gn b/net/BUILD.gn --- a/net/BUILD.gn +++ b/net/BUILD.gn -@@ -1035,6 +1035,7 @@ component("net") { +@@ -1030,6 +1030,7 @@ component("net") { "//build:chromeos_buildflags", "//components/miracle_parameter/common", "//net/http:transport_security_state_generated_files", @@ -264,7 +264,7 @@ diff --git a/net/traffic_annotation/network_traffic_annotation.h b/net/traffic_a diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc -@@ -322,6 +322,9 @@ URLRequestHttpJob::URLRequestHttpJob( +@@ -336,6 +336,9 @@ URLRequestHttpJob::URLRequestHttpJob( throttling_entry_ = manager->RegisterRequestUrl(request->url()); ResetTimer(); @@ -274,7 +274,7 @@ diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_reque } URLRequestHttpJob::~URLRequestHttpJob() { -@@ -611,6 +614,18 @@ void URLRequestHttpJob::MaybeStartTransactionInternal(int result) { +@@ -625,6 +628,18 @@ void URLRequestHttpJob::MaybeStartTransactionInternal(int result) { void URLRequestHttpJob::StartTransactionInternal() { DCHECK(!override_response_headers_); @@ -1554,7 +1554,7 @@ new file mode 100644 diff --git a/services/network/network_context.cc b/services/network/network_context.cc --- a/services/network/network_context.cc +++ b/services/network/network_context.cc -@@ -89,6 +89,7 @@ +@@ -90,6 +90,7 @@ #include "net/url_request/url_request.h" #include "net/url_request/url_request_context.h" #include "net/url_request/url_request_context_builder.h" @@ -1562,7 +1562,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont #include "services/network/brokered_client_socket_factory.h" #include "services/network/cookie_manager.h" #include "services/network/cors/cors_url_loader_factory.h" -@@ -1603,6 +1604,9 @@ void NetworkContext::OnNewSCTAuditingReportSent() { +@@ -1610,6 +1611,9 @@ void NetworkContext::OnNewSCTAuditingReportSent() { void NetworkContext::CreateUDPSocket( mojo::PendingReceiver receiver, mojo::PendingRemote listener) { @@ -1572,7 +1572,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont socket_factory_->CreateUDPSocket(std::move(receiver), std::move(listener)); } -@@ -1615,6 +1619,17 @@ void NetworkContext::CreateRestrictedUDPSocket( +@@ -1622,6 +1626,17 @@ void NetworkContext::CreateRestrictedUDPSocket( mojo::PendingRemote listener, CreateRestrictedUDPSocketCallback callback) { // SimpleHostResolver is transitively owned by |this|. @@ -1590,7 +1590,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont socket_factory_->CreateRestrictedUDPSocket( addr, mode, traffic_annotation, std::move(params), std::move(receiver), std::move(listener), SimpleHostResolver::Create(this), -@@ -1627,6 +1642,17 @@ void NetworkContext::CreateTCPServerSocket( +@@ -1634,6 +1649,17 @@ void NetworkContext::CreateTCPServerSocket( const net::MutableNetworkTrafficAnnotationTag& traffic_annotation, mojo::PendingReceiver receiver, CreateTCPServerSocketCallback callback) { @@ -1608,7 +1608,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont socket_factory_->CreateTCPServerSocket( local_addr, std::move(options), static_cast(traffic_annotation), -@@ -1641,6 +1667,21 @@ void NetworkContext::CreateTCPConnectedSocket( +@@ -1648,6 +1674,21 @@ void NetworkContext::CreateTCPConnectedSocket( mojo::PendingReceiver receiver, mojo::PendingRemote observer, CreateTCPConnectedSocketCallback callback) { @@ -1630,7 +1630,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont socket_factory_->CreateTCPConnectedSocket( local_addr, remote_addr_list, std::move(tcp_connected_socket_options), static_cast(traffic_annotation), -@@ -1652,6 +1693,20 @@ void NetworkContext::CreateTCPBoundSocket( +@@ -1659,6 +1700,20 @@ void NetworkContext::CreateTCPBoundSocket( const net::MutableNetworkTrafficAnnotationTag& traffic_annotation, mojo::PendingReceiver receiver, CreateTCPBoundSocketCallback callback) { @@ -1651,7 +1651,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont socket_factory_->CreateTCPBoundSocket( local_addr, static_cast(traffic_annotation), -@@ -1718,6 +1773,24 @@ void NetworkContext::CreateWebSocket( +@@ -1725,6 +1780,24 @@ void NetworkContext::CreateWebSocket( mojo::PendingRemote auth_handler, mojo::PendingRemote header_client, const absl::optional& throttling_profile_id) { @@ -1734,7 +1734,7 @@ diff --git a/services/network/public/cpp/simple_url_loader.h b/services/network/ diff --git a/third_party/blink/renderer/platform/loader/fetch/fetch_utils.cc b/third_party/blink/renderer/platform/loader/fetch/fetch_utils.cc --- a/third_party/blink/renderer/platform/loader/fetch/fetch_utils.cc +++ b/third_party/blink/renderer/platform/loader/fetch/fetch_utils.cc -@@ -97,30 +97,199 @@ net::NetworkTrafficAnnotationTag FetchUtils::GetTrafficAnnotationTag( +@@ -97,31 +97,200 @@ net::NetworkTrafficAnnotationTag FetchUtils::GetTrafficAnnotationTag( case network::mojom::RequestDestination::kIframe: case network::mojom::RequestDestination::kFrame: case network::mojom::RequestDestination::kFencedframe: @@ -1884,6 +1884,7 @@ diff --git a/third_party/blink/renderer/platform/loader/fetch/fetch_utils.cc b/t case network::mojom::RequestDestination::kFont: + case network::mojom::RequestDestination::kSpeculationRules: case network::mojom::RequestDestination::kImage: +- case network::mojom::RequestDestination::kJson: - case network::mojom::RequestDestination::kManifest: - case network::mojom::RequestDestination::kPaintWorklet: - case network::mojom::RequestDestination::kReport: @@ -1896,6 +1897,7 @@ diff --git a/third_party/blink/renderer/platform/loader/fetch/fetch_utils.cc b/t case network::mojom::RequestDestination::kVideo: - case network::mojom::RequestDestination::kWebBundle: - case network::mojom::RequestDestination::kWorker: ++ case network::mojom::RequestDestination::kJson: // https://source.chromium.org/chromium/chromium/src/+/7eed8cae107c258d1dee953856a33155ed5f5911 + return net::DefineNetworkTrafficAnnotation("blink_resource_loader", R"( + semantics { + sender: "Blink Resource Loader" @@ -1945,7 +1947,7 @@ diff --git a/third_party/blink/renderer/platform/loader/fetch/fetch_utils.cc b/t semantics { sender: "Blink Resource Loader" description: -@@ -144,7 +313,7 @@ net::NetworkTrafficAnnotationTag FetchUtils::GetTrafficAnnotationTag( +@@ -145,7 +314,7 @@ net::NetworkTrafficAnnotationTag FetchUtils::GetTrafficAnnotationTag( case network::mojom::RequestDestination::kEmbed: case network::mojom::RequestDestination::kObject: return net::DefineNetworkTrafficAnnotation( diff --git a/build/patches/Keep-Manta-Service-Disabled.patch b/build/patches/Keep-Manta-Service-Disabled.patch index 8c9fa289e..c0804532a 100644 --- a/build/patches/Keep-Manta-Service-Disabled.patch +++ b/build/patches/Keep-Manta-Service-Disabled.patch @@ -3,18 +3,23 @@ Date: Tue, 31 Oct 2023 16:20:12 +0000 Subject: Keep Manta Service Disabled --- - components/manta/features.cc | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) + components/manta/features.cc | 2 ++ + 1 file changed, 2 insertions(+) diff --git a/components/manta/features.cc b/components/manta/features.cc --- a/components/manta/features.cc +++ b/components/manta/features.cc -@@ -8,7 +8,7 @@ - +@@ -9,11 +9,13 @@ namespace manta::features { --BASE_FEATURE(kMantaService, "MantaService", base::FEATURE_DISABLED_BY_DEFAULT); -+BASE_FEATURE(kMantaService, "MantaService", base::FEATURE_DISABLED_BY_DEFAULT); // keep disabled + BASE_FEATURE(kMantaService, "MantaService", base::FEATURE_ENABLED_BY_DEFAULT); ++SET_CROMITE_FEATURE_DISABLED(kMantaService); + + // Enables Orca Prod Server + BASE_FEATURE(kOrcaUseProdServer, + "OrcaUseProdServer", + base::FEATURE_ENABLED_BY_DEFAULT); ++SET_CROMITE_FEATURE_DISABLED(kOrcaUseProdServer); bool IsMantaServiceEnabled() { return base::FeatureList::IsEnabled(kMantaService); diff --git a/build/patches/Keep-Side-Panel-Companion-disabled.patch b/build/patches/Keep-Side-Panel-Companion-disabled.patch index 3313bb097..9dec75944 100644 --- a/build/patches/Keep-Side-Panel-Companion-disabled.patch +++ b/build/patches/Keep-Side-Panel-Companion-disabled.patch @@ -4,11 +4,12 @@ Subject: Keep Side Panel Companion disabled License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html --- - chrome/browser/companion/core/features.cc | 6 ++++++ - chrome/browser/ui/side_search/side_search_prefs.cc | 2 +- - chrome/browser/ui/ui_features.cc | 1 + - components/search_engines/template_url.cc | 2 +- + chrome/browser/companion/core/features.cc | 6 ++++++ + chrome/browser/ui/side_search/side_search_prefs.cc | 2 +- + components/search_engines/template_url.cc | 2 +- + .../ui_features_cc/Keep-Side-Panel-Companion-disabled.inc | 1 + 4 files changed, 9 insertions(+), 2 deletions(-) + create mode 100755 cromite_flags/chrome/browser/ui/ui_features_cc/Keep-Side-Panel-Companion-disabled.inc diff --git a/chrome/browser/companion/core/features.cc b/chrome/browser/companion/core/features.cc --- a/chrome/browser/companion/core/features.cc @@ -45,17 +46,6 @@ diff --git a/chrome/browser/ui/side_search/side_search_prefs.cc b/chrome/browser } } // namespace side_search_prefs -diff --git a/chrome/browser/ui/ui_features.cc b/chrome/browser/ui/ui_features.cc ---- a/chrome/browser/ui/ui_features.cc -+++ b/chrome/browser/ui/ui_features.cc -@@ -112,6 +112,7 @@ BASE_FEATURE(kResponsiveToolbar, - // Enables the side search feature for Google Search. Presents recent Google - // search results in a browser side panel. - BASE_FEATURE(kSideSearch, "SideSearch", base::FEATURE_DISABLED_BY_DEFAULT); -+SET_CROMITE_FEATURE_DISABLED(kSideSearch); - - BASE_FEATURE(kSideSearchFeedback, - "SideSearchFeedback", diff --git a/components/search_engines/template_url.cc b/components/search_engines/template_url.cc --- a/components/search_engines/template_url.cc +++ b/components/search_engines/template_url.cc @@ -68,4 +58,10 @@ diff --git a/components/search_engines/template_url.cc b/components/search_engin } bool TemplateURL::IsSideImageSearchSupported() const { +diff --git a/cromite_flags/chrome/browser/ui/ui_features_cc/Keep-Side-Panel-Companion-disabled.inc b/cromite_flags/chrome/browser/ui/ui_features_cc/Keep-Side-Panel-Companion-disabled.inc +new file mode 100755 +--- /dev/null ++++ b/cromite_flags/chrome/browser/ui/ui_features_cc/Keep-Side-Panel-Companion-disabled.inc +@@ -0,0 +1 @@ ++SET_CROMITE_FEATURE_DISABLED(kSideSearch); -- diff --git a/build/patches/Keep-disabled-FetchLaterAPI.patch b/build/patches/Keep-disabled-FetchLaterAPI.patch index 7d312c147..60acc5be3 100644 --- a/build/patches/Keep-disabled-FetchLaterAPI.patch +++ b/build/patches/Keep-disabled-FetchLaterAPI.patch @@ -3,9 +3,9 @@ Date: Thu, 28 Sep 2023 08:11:00 +0000 Subject: Keep disabled FetchLaterAPI --- - .../blink/common/features_cc/Keep-disabled-FetchLaterAPI.inc | 4 ++++ - .../blink/renderer/platform/runtime_enabled_features.json5 | 4 ++-- - 2 files changed, 6 insertions(+), 2 deletions(-) + .../blink/common/features_cc/Keep-disabled-FetchLaterAPI.inc | 4 ++++ + .../blink/renderer/platform/runtime_enabled_features.json5 | 5 ++--- + 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 cromite_flags/third_party/blink/common/features_cc/Keep-disabled-FetchLaterAPI.inc diff --git a/cromite_flags/third_party/blink/common/features_cc/Keep-disabled-FetchLaterAPI.inc b/cromite_flags/third_party/blink/common/features_cc/Keep-disabled-FetchLaterAPI.inc @@ -20,7 +20,7 @@ new file mode 100644 diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 b/third_party/blink/renderer/platform/runtime_enabled_features.json5 --- a/third_party/blink/renderer/platform/runtime_enabled_features.json5 +++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5 -@@ -1686,8 +1686,8 @@ +@@ -1713,10 +1713,9 @@ }, { // The Blink runtime-enabled feature name for the API's IDL. @@ -29,6 +29,8 @@ diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 + name: "FetchLaterAPI", // disable + status: "experimental", // by default origin_trial_feature_name: "FetchLaterAPI", +- origin_trial_allows_third_party: true, base_feature: "FetchLaterAPI", // base_feature is meant as kill-switch. This runtime-enabled feature + // should follow the Origin Trial unless explicitly overriden by Finch or -- diff --git a/build/patches/WIN-Disable-TabHoverCard-images.patch b/build/patches/WIN-Disable-TabHoverCard-images.patch index 99adf9280..0d7b332da 100644 --- a/build/patches/WIN-Disable-TabHoverCard-images.patch +++ b/build/patches/WIN-Disable-TabHoverCard-images.patch @@ -4,22 +4,14 @@ Subject: WIN Disable TabHoverCard images License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html --- - chrome/browser/ui/ui_features.cc | 4 ---- - 1 file changed, 4 deletions(-) + .../ui/ui_features_cc/WIN-Disable-TabHoverCard-images.inc | 1 + + 1 file changed, 1 insertion(+) + create mode 100755 cromite_flags/chrome/browser/ui/ui_features_cc/WIN-Disable-TabHoverCard-images.inc -diff --git a/chrome/browser/ui/ui_features.cc b/chrome/browser/ui/ui_features.cc ---- a/chrome/browser/ui/ui_features.cc -+++ b/chrome/browser/ui/ui_features.cc -@@ -232,11 +232,7 @@ BASE_FEATURE(kTabHoverCardImageSettings, - // https://crbug.com/928954 - BASE_FEATURE(kTabHoverCardImages, - "TabHoverCardImages", --#if BUILDFLAG(IS_MAC) - base::FEATURE_DISABLED_BY_DEFAULT --#else -- base::FEATURE_ENABLED_BY_DEFAULT --#endif - ); - - const char kTabHoverCardImagesNotReadyDelayParameterName[] = +diff --git a/cromite_flags/chrome/browser/ui/ui_features_cc/WIN-Disable-TabHoverCard-images.inc b/cromite_flags/chrome/browser/ui/ui_features_cc/WIN-Disable-TabHoverCard-images.inc +new file mode 100755 +--- /dev/null ++++ b/cromite_flags/chrome/browser/ui/ui_features_cc/WIN-Disable-TabHoverCard-images.inc +@@ -0,0 +1 @@ ++SET_CROMITE_FEATURE_DISABLED(kTabHoverCardImages); -- diff --git a/build/patches/WIN-enable-HighEfficiencyMode-by-default.patch b/build/patches/WIN-enable-HighEfficiencyMode-by-default.patch index d39c4e6ef..f0b2578ee 100644 --- a/build/patches/WIN-enable-HighEfficiencyMode-by-default.patch +++ b/build/patches/WIN-enable-HighEfficiencyMode-by-default.patch @@ -10,19 +10,18 @@ License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html diff --git a/components/performance_manager/user_tuning/prefs.cc b/components/performance_manager/user_tuning/prefs.cc --- a/components/performance_manager/user_tuning/prefs.cc +++ b/components/performance_manager/user_tuning/prefs.cc -@@ -12,13 +12,13 @@ +@@ -13,12 +13,12 @@ namespace performance_manager::user_tuning::prefs { void RegisterLocalStatePrefs(PrefRegistrySimple* registry) { -- registry->RegisterBooleanPref(kHighEfficiencyModeEnabled, false); -+ registry->RegisterBooleanPref(kHighEfficiencyModeEnabled, true); +- registry->RegisterBooleanPref(kMemorySaverModeEnabled, false); ++ registry->RegisterBooleanPref(kMemorySaverModeEnabled, true); registry->RegisterIntegerPref( - kHighEfficiencyModeTimeBeforeDiscardInMinutes, - kDefaultHighEfficiencyModeTimeBeforeDiscardInMinutes); + kMemorySaverModeTimeBeforeDiscardInMinutes, + kDefaultMemorySaverModeTimeBeforeDiscardInMinutes); registry->RegisterIntegerPref( - kHighEfficiencyModeState, -- static_cast(HighEfficiencyModeState::kDisabled)); -+ static_cast(HighEfficiencyModeState::kEnabled)); +- kMemorySaverModeState, static_cast(MemorySaverModeState::kDisabled)); ++ kMemorySaverModeState, static_cast(MemorySaverModeState::kEnabled)); registry->RegisterIntegerPref( kBatterySaverModeState, static_cast(BatterySaverModeState::kEnabledBelowThreshold)); diff --git a/build/patches/dns-send-IPv6-connectivity-probes-to-RIPE-DNS.patch b/build/patches/dns-send-IPv6-connectivity-probes-to-RIPE-DNS.patch index 6d326bb0b..6ba704bc7 100644 --- a/build/patches/dns-send-IPv6-connectivity-probes-to-RIPE-DNS.patch +++ b/build/patches/dns-send-IPv6-connectivity-probes-to-RIPE-DNS.patch @@ -9,8 +9,9 @@ Increase probe period from 1s to 15s License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html --- - net/dns/host_resolver_manager.cc | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) + net/dns/host_resolver_manager.cc | 10 +++++----- + net/dns/host_resolver_manager_request_impl.cc | 5 +++++ + 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/net/dns/host_resolver_manager.cc b/net/dns/host_resolver_manager.cc --- a/net/dns/host_resolver_manager.cc @@ -33,4 +34,26 @@ diff --git a/net/dns/host_resolver_manager.cc b/net/dns/host_resolver_manager.cc // True if |hostname| ends with either ".local" or ".local.". bool ResemblesMulticastDNSName(base::StringPiece hostname) { +diff --git a/net/dns/host_resolver_manager_request_impl.cc b/net/dns/host_resolver_manager_request_impl.cc +--- a/net/dns/host_resolver_manager_request_impl.cc ++++ b/net/dns/host_resolver_manager_request_impl.cc +@@ -33,6 +33,8 @@ + #include "net/socket/client_socket_factory.h" + #include "net/url_request/url_request_context.h" + ++#include "services/network/public/cpp/features.h" ++ + namespace net { + + HostResolverManager::RequestImpl::RequestImpl( +@@ -280,6 +282,9 @@ void HostResolverManager::RequestImpl::OnIOComplete(int rv) { + + int HostResolverManager::RequestImpl::DoIPv6Reachability() { + next_state_ = STATE_GET_PARAMETERS; ++ if (!base::FeatureList::IsEnabled(features::kIPv6Probing)) { ++ return OK; ++ } + // If a single reachability probe has not been completed, and the latest + // probe will return asynchronously, return ERR_NAME_NOT_RESOLVED when the + // request source is LOCAL_ONLY. This is due to LOCAL_ONLY requiring a --