appview tag to embed other Chrome Apps within your
+// Chrome App. (see Usage).
+[documentation_title="chrome.autofillPrivate API to add, remove, or update
+// autofill data from the settings UI.
+namespace autofillPrivate {
+ // Subset of properties from the user account (signin component, AccountInfo).
+ dictionary AccountInfo {
+ DOMString email;
+ boolean isSyncEnabledForAutofillProfiles;
+ boolean isEligibleForAddressAccountStorage;
+ };
+
+ // A copy of FieldType from
+ // chrome/common/extensions/api/autofill_private.idl
+ enum FieldType {
+ NO_SERVER_DATA,
+ UNKNOWN_TYPE,
+ EMPTY_TYPE,
+ NAME_FIRST,
+ NAME_MIDDLE,
+ NAME_LAST,
+ NAME_MIDDLE_INITIAL,
+ NAME_FULL,
+ NAME_SUFFIX,
+ EMAIL_ADDRESS,
+ PHONE_HOME_NUMBER,
+ PHONE_HOME_CITY_CODE,
+ PHONE_HOME_COUNTRY_CODE,
+ PHONE_HOME_CITY_AND_NUMBER,
+ PHONE_HOME_WHOLE_NUMBER,
+ ADDRESS_HOME_LINE1,
+ ADDRESS_HOME_LINE2,
+ ADDRESS_HOME_APT_NUM,
+ ADDRESS_HOME_CITY,
+ ADDRESS_HOME_STATE,
+ ADDRESS_HOME_ZIP,
+ ADDRESS_HOME_COUNTRY,
+ CREDIT_CARD_NAME_FULL,
+ CREDIT_CARD_NUMBER,
+ CREDIT_CARD_EXP_MONTH,
+ CREDIT_CARD_EXP_2_DIGIT_YEAR,
+ CREDIT_CARD_EXP_4_DIGIT_YEAR,
+ CREDIT_CARD_EXP_DATE_2_DIGIT_YEAR,
+ CREDIT_CARD_EXP_DATE_4_DIGIT_YEAR,
+ CREDIT_CARD_TYPE,
+ CREDIT_CARD_VERIFICATION_CODE,
+ COMPANY_NAME,
+ FIELD_WITH_DEFAULT_VALUE,
+ MERCHANT_EMAIL_SIGNUP,
+ MERCHANT_PROMO_CODE,
+ PASSWORD,
+ ACCOUNT_CREATION_PASSWORD,
+ ADDRESS_HOME_STREET_ADDRESS,
+ ADDRESS_HOME_SORTING_CODE,
+ ADDRESS_HOME_DEPENDENT_LOCALITY,
+ ADDRESS_HOME_LINE3,
+ NOT_ACCOUNT_CREATION_PASSWORD,
+ USERNAME,
+ USERNAME_AND_EMAIL_ADDRESS,
+ NEW_PASSWORD,
+ PROBABLY_NEW_PASSWORD,
+ NOT_NEW_PASSWORD,
+ CREDIT_CARD_NAME_FIRST,
+ CREDIT_CARD_NAME_LAST,
+ PHONE_HOME_EXTENSION,
+ CONFIRMATION_PASSWORD,
+ AMBIGUOUS_TYPE,
+ SEARCH_TERM,
+ PRICE,
+ NOT_PASSWORD,
+ SINGLE_USERNAME,
+ NOT_USERNAME,
+ UPI_VPA,
+ ADDRESS_HOME_STREET_NAME,
+ ADDRESS_HOME_HOUSE_NUMBER,
+ ADDRESS_HOME_SUBPREMISE,
+ ADDRESS_HOME_OTHER_SUBUNIT,
+ NAME_LAST_FIRST,
+ NAME_LAST_CONJUNCTION,
+ NAME_LAST_SECOND,
+ NAME_HONORIFIC_PREFIX,
+ ADDRESS_HOME_ADDRESS,
+ ADDRESS_HOME_ADDRESS_WITH_NAME,
+ ADDRESS_HOME_FLOOR,
+ NAME_FULL_WITH_HONORIFIC_PREFIX,
+ BIRTHDATE_DAY,
+ BIRTHDATE_MONTH,
+ BIRTHDATE_4_DIGIT_YEAR,
+ PHONE_HOME_CITY_CODE_WITH_TRUNK_PREFIX,
+ PHONE_HOME_CITY_AND_NUMBER_WITHOUT_TRUNK_PREFIX,
+ PHONE_HOME_NUMBER_PREFIX,
+ PHONE_HOME_NUMBER_SUFFIX,
+ IBAN_VALUE,
+ CREDIT_CARD_STANDALONE_VERIFICATION_CODE,
+ NUMERIC_QUANTITY,
+ ONE_TIME_CODE,
+ DELIVERY_INSTRUCTIONS,
+ ADDRESS_HOME_OVERFLOW,
+ ADDRESS_HOME_LANDMARK,
+ ADDRESS_HOME_OVERFLOW_AND_LANDMARK,
+ ADDRESS_HOME_ADMIN_LEVEL2,
+ ADDRESS_HOME_STREET_LOCATION,
+ ADDRESS_HOME_BETWEEN_STREETS,
+ ADDRESS_HOME_BETWEEN_STREETS_OR_LANDMARK,
+ ADDRESS_HOME_BETWEEN_STREETS_1,
+ ADDRESS_HOME_BETWEEN_STREETS_2,
+ SINGLE_USERNAME_FORGOT_PASSWORD,
+ ADDRESS_HOME_APT,
+ ADDRESS_HOME_APT_TYPE,
+ SINGLE_USERNAME_WITH_INTERMEDIATE_VALUES,
+ MAX_VALID_FIELD_TYPE
+ };
+
+ // The address source origin. Describes where the address is stored.
+ enum AddressSource {
+ // The address is stored in the Chrome infrastructure (locally and
+ // possibly synced between devices).
+ LOCAL_OR_SYNCABLE,
+ // The address is stored in a third party service that is tied
+ // to user's account.
+ ACCOUNT
+ };
+
+ // Metadata about an autofill entry (address or credit card) which is used to
+ // render a summary list of all entries.
+ dictionary AutofillMetadata {
+ // Short summary of the address/credit card which is displayed in the UI; an
+ // undefined value means that this entry has just been created on the client
+ // and has not yet been given a summary.
+ DOMString summaryLabel;
+
+ // Short, secondary summary of the address/credit card which is displayed
+ // in the UI; an undefined value means that this entry has just been created
+ // on the client and has not yet been given a summary.
+ DOMString? summarySublabel;
+
+ // For addresses. Describes where the address is stored.
+ AddressSource? source;
+
+ // For credit cards, whether the entry is locally owned by Chrome (as opposed to
+ // being synced down from the server). Non-local entries may not be editable.
+ boolean? isLocal;
+
+ // For credit cards, whether this is a full copy of the card
+ boolean? isCached;
+
+ // For credit cards, whether this is migratable (both the card number and
+ // expiration date valid and does not have the duplicated server card).
+ boolean? isMigratable;
+
+ // For credit cards. Indicates whether a card is eligible for virtual cards
+ // enrollment.
+ boolean? isVirtualCardEnrollmentEligible;
+
+ // For credit cards. Indicates whether a card has been enrolled in virtual
+ // cards if it is eligible.
+ boolean? isVirtualCardEnrolled;
+ };
+
+ // Represents single entry of the autofill profile, containing field type and
+ // the corresponding field value.
+ dictionary AddressField {
+ FieldType type;
+ DOMString value;
+ };
+
+ // An address entry which can be saved in the autofill section of the
+ // settings UI.
+ dictionary AddressEntry {
+ // Globally unique identifier for this entry.
+ DOMString? guid;
+
+ // Fields have to be stored in the array with every field style stored only
+ // once.
+ AddressField[] fields;
+
+ DOMString? languageCode;
+
+ AutofillMetadata? metadata;
+ };
+
+ // An entry representing a country and its code.
+ dictionary CountryEntry {
+ // The internationalized name of the country.
+ DOMString? name;
+
+ // A two-character string representing the country.
+ DOMString? countryCode;
+ };
+
+ // A component to be shown in an address editor. Different countries have
+ // different components to their addresses.
+ dictionary AddressComponent {
+ // The field type.
+ FieldType field;
+
+ // The name of the field.
+ DOMString fieldName;
+
+ // A hint for the UI regarding whether the input is likely to be long.
+ boolean isLongField;
+
+ // Whether this component is required or not.
+ boolean isRequired;
+
+ // A placeholder for the text field to be used when the user has not yet
+ // input a value for the field.
+ DOMString? placeholder;
+ };
+
+ // A row of address components. Each component in a row should be shown in the
+ // same row in the UI. For example, city, state, and zip code are all included
+ // on the same line for US addresses.
+ dictionary AddressComponentRow {
+ AddressComponent[] row;
+ };
+
+ // The address components for a given country code. Each entry in |components|
+ // constitutes a row in the UI, while each inner array contains the list of
+ // components to use in that row. For example, city, state, and zip code are
+ // all included on the same line for US addresses. This dictionary also
+ // includes the associated language code.
+ dictionary AddressComponents {
+ // The components.
+ AddressComponentRow[] components;
+
+ // The language code.
+ DOMString languageCode;
+ };
+
+ // A credit card entry which can be saved in the autofill section of the
+ // settings UI.
+ dictionary CreditCardEntry {
+ // Globally unique identifier for this entry.
+ DOMString? guid;
+
+ // The card's instrument ID from the GPay server, if applicable.
+ DOMString? instrumentId;
+
+ // Name of the person who owns the credit card.
+ DOMString? name;
+
+ // Credit card number.
+ DOMString? cardNumber;
+
+ // Month as 2-character string ("01" = January, "12" = December).
+ DOMString? expirationMonth;
+
+ // Year as a 4-character string (as in "2015").
+ DOMString? expirationYear;
+
+ // Credit card's nickname.
+ DOMString? nickname;
+
+ // Credit card's network.
+ DOMString? network;
+
+ // Credit card's image source.
+ DOMString? imageSrc;
+
+ // Credit card's masked cvc.
+ DOMString? cvc;
+
+ AutofillMetadata? metadata;
+ };
+
+ // An IBAN entry which can be saved in the autofill section of the
+ // settings UI.
+ dictionary IbanEntry {
+ // Globally unique identifier for this entry.
+ DOMString? guid;
+
+ // IBAN value.
+ DOMString? value;
+
+ // IBAN's nickname.
+ DOMString? nickname;
+
+ AutofillMetadata? metadata;
+ };
+
+ callback GetAccountInfoCallback = void(optional AccountInfo accountInfo);
+ callback GetCountryListCallback = void(CountryEntry[] countries);
+ callback GetAddressComponentsCallback = void(AddressComponents components);
+ callback GetAddressListCallback = void(AddressEntry[] entries);
+ callback GetCreditCardListCallback = void(CreditCardEntry[] entries);
+ callback GetIbanListCallback = void(IbanEntry[] entries);
+ callback IsValidIbanCallback = void(boolean isValid);
+ callback GetCreditCardCallback = void(optional CreditCardEntry card);
+ callback CheckForDeviceAuthCallback = void(boolean isDeviceAuthAvailable);
+
+ interface Functions {
+ // Gets currently signed-in user profile info, no value is returned if
+ // the user is not signed-in.
+ // |callback|: Callback which will be called with the info.
+ [supportsPromises] static void getAccountInfo(
+ GetAccountInfoCallback callback);
+
+ // Saves the given address. If |address| has an empty string as its ID, it
+ // will be assigned a new one and added as a new entry.
+ // |address|: The address entry to save.
+ static void saveAddress(AddressEntry address);
+
+ // Gets the list of all countries.
+ // |callback|: Callback which will be called with the countries.
+ [supportsPromises] static void getCountryList(
+ GetCountryListCallback callback);
+
+ // Gets the address components for a given country code.
+ // |countryCode|: A two-character string representing the address' country
+ // whose components should be returned. See autofill_country.cc for a
+ // list of valid codes.
+ // |callback|: Callback which will be called with components.
+ [supportsPromises] static void getAddressComponents(
+ DOMString countryCode,
+ GetAddressComponentsCallback callback);
+
+ // Gets the list of addresses.
+ // |callback|: Callback which will be called with the list of addresses.
+ [supportsPromises] static void getAddressList(
+ GetAddressListCallback callback);
+
+ // Saves the given credit card. If |card| has an empty string as its
+ // ID, it will be assigned a new one and added as a new entry.
+ // |card|: The card entry to save.
+ static void saveCreditCard(CreditCardEntry card);
+
+ // Saves the given IBAN. If `iban` has an empty string as its ID, it will be
+ // assigned a new one and added as a new entry.
+ // |iban|: The IBAN entry to save.
+ static void saveIban(IbanEntry iban);
+
+ // Removes the entry (address or credit card) with the given ID.
+ // |guid|: ID of the entry to remove.
+ static void removeEntry(DOMString guid);
+
+ // Gets the list of credit cards.
+ // |callback|: Callback which will be called with the list of credit cards.
+ [supportsPromises] static void getCreditCardList(
+ GetCreditCardListCallback callback);
+
+ // Gets the list of IBANs.
+ // `callback`: Callback which will be called with the list of IBANs.
+ [supportsPromises] static void getIbanList(
+ GetIbanListCallback callback);
+
+ // Returns true if the given `ibanValue` is a valid IBAN.
+ // `callback`: Callback which will be called with the result of IBAN
+ // validation.
+ [supportsPromises] static void isValidIban(
+ DOMString ibanValue, IsValidIbanCallback callback);
+
+ // Clears the data associated with a wallet card which was saved
+ // locally so that the saved copy is masked (e.g., "Card ending
+ // in 1234").
+ // |guid|: GUID of the credit card to mask.
+ static void maskCreditCard(DOMString guid);
+
+ // Triggers local credit cards migration.
+ static void migrateCreditCards();
+
+ // Logs that the server cards edit link was clicked.
+ static void logServerCardLinkClicked();
+
+ // Enables or disables FIDO Authentication for credit card unmasking.
+ static void setCreditCardFIDOAuthEnabledState(boolean enabled);
+
+ // Enrolls a credit card into virtual cards.
+ // |cardId|: The server side id of the credit card to be enrolled. Note it
+ // refers to the legacy server id of credit cards, not the instrument ids.
+ static void addVirtualCard(DOMString cardId);
+
+ // Unenrolls a credit card from virtual cards.
+ // |cardId|: The server side id of the credit card to be unenrolled. Note
+ // it refers to the legacy server id of credit cards, not the instrument
+ // ids.
+ static void removeVirtualCard(DOMString cardId);
+
+ // Authenticates the user via device authentication and if successful, it
+ // will then flip the mandatory auth toggle.
+ static void authenticateUserAndFlipMandatoryAuthToggle();
+
+ // Returns the local card based on the `guid` provided. The user could
+ // also be challenged with a reauth if that is enabled. For a successful
+ // auth, the local card is returned otherwise return a null object.
+ [supportsPromises] static void getLocalCard(
+ DOMString guid, GetCreditCardCallback callback);
+
+ // Returns true if there is authentication available on this device
+ // (biometric or screen lock), false otherwise.
+ [supportsPromises] static void checkIfDeviceAuthAvailable(
+ CheckForDeviceAuthCallback callback);
+
+ // Bulk delete all the CVCs (server and local) from the local webdata
+ // database. For server CVCs, this will also clear them from the Chrome
+ // sync server and thus other devices.
+ static void bulkDeleteAllCvcs();
+ };
+
+ interface Events {
+ // Fired when the personal data has changed, meaning that an entry has
+ // been added, removed, or changed.
+ // `addressEntries`: the updated list of addresses.
+ // `creditCardEntries`: the updated list of credit cards.
+ // `ibans`: the updated list of IBANs.
+ // `accountInfo`: account info if the user is signed-in or no value if not.
+ static void onPersonalDataChanged(AddressEntry[] addressEntries,
+ CreditCardEntry[] creditCardEntries,
+ IbanEntry[] ibans,
+ optional AccountInfo accountInfo);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/autotest_private.idl b/tools/under-control/src/chrome/common/extensions/api/autotest_private.idl
new file mode 100755
index 000000000..774d4c86d
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/autotest_private.idl
@@ -0,0 +1,1644 @@
+// Copyright 2012 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// API for integration testing. To be used on test images with a test component
+// extension.
+[platforms=("chromeos"),
+ implemented_in="chrome/browser/ash/extensions/autotest_private/autotest_private_api.h"]
+namespace autotestPrivate {
+
+ enum ShelfAlignmentType {
+ // BottomLocked not supported by shelf_prefs.
+ Bottom, Left, Right
+ };
+
+ // A mapping of ash::ShelfItemType.
+ enum ShelfItemType {
+ PinnedApp,
+ BrowserShortcut,
+ App,
+ UnpinnedBrowserShortcut,
+ Dialog
+ };
+
+ // A mapping of ash::ShelfItemStatus.
+ enum ShelfItemStatus {
+ Closed,
+ Running,
+ Attention
+ };
+
+ // A mapping of apps::mojom::Type
+ enum AppType {
+ Arc,
+ BuiltIn,
+ Crostini,
+ Extension,
+ Web,
+ MacOS,
+ PluginVm,
+ StandaloneBrowser,
+ Remote,
+ Borealis,
+ Bruschetta
+ };
+
+ // A mapping of apps::mojom::InstallSource
+ enum AppInstallSource {
+ Unknown,
+ System,
+ Policy,
+ Oem,
+ Default,
+ Sync,
+ User,
+ SubApp,
+ Kiosk,
+ CommandLine
+ };
+
+ // A mapping of apps::mojom::Readiness
+ enum AppReadiness {
+ Ready,
+ DisabledByBlacklist,
+ DisabledByPolicy,
+ DisabledByUser,
+ Terminated,
+ UninstalledByUser,
+ Removed,
+ UninstalledByMigration
+ };
+
+ // A mapping of arc::mojom::WakefulnessMode
+ enum WakefulnessMode {
+ Unknown,
+ Asleep,
+ Awake,
+ Dreaming,
+ Dozing
+ };
+ callback WakefulnessModeCallback = void (WakefulnessMode mode);
+
+ // A subset of Window State types in ash::WindowStateType. We may add more
+ // into the set in the future.
+ enum WindowStateType {
+ Normal,
+ Minimized,
+ Maximized,
+ Fullscreen,
+ PrimarySnapped,
+ SecondarySnapped,
+ Pinned,
+ TrustedPinned,
+ PIP,
+ Floated
+ };
+
+ // A subset of WM event types in ash::WMEventType. We may add more in the
+ // set in the future.
+ enum WMEventType {
+ WMEventNormal,
+ WMEventMaximize,
+ WMEventMinimize,
+ WMEventFullscreen,
+ WMEventSnapPrimary,
+ WMEventSnapSecondary,
+ WMEventFloat
+ };
+
+ // Display orientation type.
+ enum RotationType {
+ // RotateAny is the auto-rotation status (not locked to a rotation) for
+ // tablet mode. Not working in clamshell mode.
+ RotateAny,
+ Rotate0,
+ Rotate90,
+ Rotate180,
+ Rotate270
+ };
+
+ enum LauncherStateType {
+ Closed,
+ FullscreenAllApps,
+ FullscreenSearch
+ };
+
+ enum OverviewStateType {
+ Shown,
+ Hidden
+ };
+
+ enum MouseButton {
+ Left,
+ Middle,
+ Right,
+ Back,
+ Forward
+ };
+
+ // A paramter used in setArcAppWindowState() function.
+ dictionary WindowStateChangeDict {
+ // The WM event to change the ARC window state.
+ WMEventType eventType;
+
+ // If the initial state is already same as the expected state, should we
+ // treat this case as a failure? Default value is false.
+ boolean? failIfNoChange;
+ };
+
+ dictionary LoginStatusDict {
+ // Are we logged in?
+ boolean isLoggedIn;
+ // Is the logged-in user the owner?
+ boolean isOwner;
+ // Is the screen locked?
+ boolean isScreenLocked;
+ // Is the wallpaper blur layer still animating in?
+ boolean isLockscreenWallpaperAnimating;
+ // Is the screen ready for password?
+ boolean isReadyForPassword;
+ // Are the avatar images loaded for all users?
+ boolean areAllUserImagesLoaded;
+
+ // Is the logged-in user a regular user? Set only if `isLoggedIn`.
+ boolean? isRegularUser;
+ // Are we logged into the guest account? Set only if `isLoggedIn`.
+ boolean? isGuest;
+ // Are we logged into kiosk-app mode? Set only if `isLoggedIn`.
+ boolean? isKiosk;
+
+ // User email. Set only if `isLoggedIn`.
+ DOMString? email;
+ // User display email. Set only if `isLoggedIn`.
+ DOMString? displayEmail;
+ // User display name. Set only if `isLoggedIn`.
+ DOMString? displayName;
+ // User image: 'file', 'profile' or a number. Set only if `isLoggedIn`.
+ DOMString? userImage;
+ // Whether the user has a valid oauth2 token. Only set for gaia user.
+ boolean? hasValidOauth2Token;
+ };
+ callback LoginStatusCallback = void (LoginStatusDict status);
+
+ // |all_policies| will be the full list of policies as returned by the
+ // DictionaryPolicyConversions.ToValue function.
+ callback AllEnterprisePoliciesCallback = void (any all_policies);
+
+ dictionary ExtensionInfoDict {
+ DOMString id;
+ DOMString version;
+ DOMString name;
+ DOMString publicKey;
+ DOMString description;
+ DOMString backgroundUrl;
+ DOMString optionsUrl;
+
+ DOMString[] hostPermissions;
+ DOMString[] effectiveHostPermissions;
+ DOMString[] apiPermissions;
+
+ boolean isComponent;
+ boolean isInternal;
+ boolean isUserInstalled;
+ boolean isEnabled;
+ boolean allowedInIncognito;
+ boolean hasPageAction;
+ };
+ dictionary ExtensionsInfoArray {
+ ExtensionInfoDict[] extensions;
+ };
+ callback ExtensionsInfoCallback = void (ExtensionsInfoArray info);
+
+ dictionary Notification {
+ DOMString id;
+ DOMString type;
+ DOMString title;
+ DOMString message;
+ long priority;
+ long progress;
+ };
+ callback NotificationArrayCallback = void (Notification[] notifications);
+
+ dictionary Printer {
+ DOMString printerName;
+ DOMString? printerId;
+ DOMString? printerType;
+ DOMString? printerDesc;
+ DOMString? printerMakeAndModel;
+ DOMString? printerUri;
+ DOMString? printerPpd;
+ };
+ callback PrinterArrayCallback = void (Printer[] printers);
+
+ callback ArcStartTimeCallback = void (double startTicks);
+
+ dictionary ArcState {
+ // Whether the ARC is provisioned.
+ boolean provisioned;
+ // Whether ARC Terms of Service needs to be shown.
+ boolean tosNeeded;
+ // ARC pre-start time (mini-ARC) or 0 if not pre-started.
+ double preStartTime;
+ // ARC start time or 0 if not started.
+ double startTime;
+ };
+ callback ArcStateCallback = void (ArcState result);
+
+ dictionary PlayStoreState {
+ // Whether the Play Store allowed for the current user.
+ boolean allowed;
+ // Whether the Play Store currently enabled.
+ boolean? enabled;
+ // Whether the Play Store managed by policy.
+ boolean? managed;
+ };
+ callback PlayStoreStateCallback = void (PlayStoreState result);
+
+ dictionary AssistantQueryResponse {
+ // Text response returned from server.
+ DOMString? text;
+ // HTML response returned from server.
+ DOMString? htmlResponse;
+ // Open URL response returned from server.
+ DOMString? openUrl;
+ // Open Android app response returned from server.
+ DOMString? openAppResponse;
+ };
+ dictionary AssistantQueryStatus {
+ // Indicates whether this might be a voice interaction.
+ boolean isMicOpen;
+ // Query text sent to Assistant. In the event of a voice interaction,
+ // this field will be same as the speech recognition final result.
+ DOMString queryText;
+ // Response for the current query.
+ AssistantQueryResponse queryResponse;
+ };
+ callback AssistantQueryStatusCallback = void (AssistantQueryStatus status);
+
+ callback IsAppShownCallback = void (boolean appShown);
+
+ callback IsArcProvisionedCallback = void (boolean arcProvisioned);
+
+ callback IsArcPackageListInitialRefreshedCallback = void (boolean refreshed);
+
+ // A mapping of crosapi::BrowserManager::State
+ enum LacrosState {
+ NotInitialized,
+ Reloading,
+ Mounting,
+ Unavailable,
+ Stopped,
+ PreparingForLaunch,
+ WaitingOwnerFetch,
+ PreLaunched,
+ Starting,
+ Running,
+ Terminating
+ };
+
+ // A mapping of crosapi::browser_util::LacrosMode
+ enum LacrosMode {
+ Disabled,
+ Only
+ };
+
+ dictionary LacrosInfo {
+ // The state of lacros.
+ LacrosState state;
+ // True iff keepalive is enabled for lacros.
+ boolean isKeepAlive;
+ // Path to lacros-chrome directory. Note that this may change over time if
+ // omaha is used. This also may be empty if lacros is not running.
+ DOMString lacrosPath;
+ // Specifies the mode Lacros is currently running.
+ // For a full list of supported mode, see LacrosMode enum definition.
+ // DEPRECATED: please use isEnabled.
+ // TODO(crbug.com/1494005): Remove this field after tests are fixed.
+ LacrosMode mode;
+ // True iff Lacros is enabled for the current user session's primary user.
+ boolean isEnabled;
+ };
+
+ callback GetLacrosInfoCallback = void (LacrosInfo info);
+
+ dictionary ArcAppDict {
+ DOMString name;
+ DOMString packageName;
+ DOMString activity;
+ DOMString intentUri;
+ DOMString iconResourceId;
+ double lastLaunchTime;
+ double installTime;
+ boolean sticky;
+ boolean notificationsEnabled;
+ boolean ready;
+ boolean suspended;
+ boolean showInLauncher;
+ boolean shortcut;
+ boolean launchable;
+ };
+ callback GetArcAppCallback = void (ArcAppDict package);
+
+ dictionary ArcAppKillsDict {
+ double oom;
+ double lmkdForeground;
+ double lmkdPerceptible;
+ double lmkdCached;
+ double pressureForeground;
+ double pressurePerceptible;
+ double pressureCached;
+ };
+ callback GetArcAppKillsCallback = void (ArcAppKillsDict counts);
+
+ dictionary ArcPackageDict {
+ DOMString packageName;
+ long packageVersion;
+ DOMString lastBackupAndroidId;
+ double lastBackupTime;
+ boolean shouldSync;
+ boolean vpnProvider;
+ };
+ callback GetArcPackageCallback = void (ArcPackageDict package);
+
+ dictionary Location {
+ double x;
+ double y;
+ };
+
+ dictionary Bounds {
+ double left;
+ double top;
+ double width;
+ double height;
+ };
+
+ dictionary ArcAppTracingInfo {
+ boolean success;
+ double fps;
+ double perceivedFps;
+ double commitDeviation;
+ double presentDeviation;
+ double renderQuality;
+ };
+
+ callback TakeScreenshotCallback = void (DOMString base64Png);
+
+ callback GetPrimaryDisplayScaleFactorCallback = void (double scaleFactor);
+
+ callback IsTabletModeEnabledCallback = void (boolean enabled);
+
+ callback SetTabletModeEnabledCallback = void(boolean enabled);
+
+ callback SetShelfIconPinCallback = void(DOMString[] results);
+
+ callback SetOverviewModeStateCallback = void(boolean finished);
+
+ enum ThemeStyle {
+ TonalSpot,
+ Vibrant,
+ Expressive,
+ Spritz,
+ Rainbow,
+ FruitSalad
+ };
+
+ callback SendArcOverlayColorCallback = void (boolean result);
+
+ callback ArcAppTracingCallback = void(ArcAppTracingInfo info);
+
+ callback WaitForDisplayRotationCallback = void (boolean success);
+
+ callback InstallPWAForCurrentURLCallback = void (DOMString appId);
+
+ dictionary App {
+ DOMString appId;
+ DOMString name;
+ DOMString shortName;
+ DOMString publisherId;
+ AppType? type;
+ AppInstallSource? installSource;
+ AppReadiness? readiness;
+ DOMString[] additionalSearchTerms;
+ boolean? showInLauncher;
+ boolean? showInSearch;
+ };
+
+ dictionary SystemWebApp {
+ // App's internal name. This isn't user-visible and should only be used
+ // for logging.
+ DOMString internalName;
+
+ // App's install URL. This is a placeholder for installation pipeline,
+ // not used for anything else.
+ DOMString url;
+
+ // App's visible name. This is defined in the Web App manifest, and shown
+ // in Shelf and Launcher. This matches App's name attribute (see above).
+ DOMString name;
+
+ // App's default start_url. This is the default URL that the App will be
+ // launched to.
+ DOMString startUrl;
+ };
+
+ callback GetAllInstalledAppsCallback = void (App[] apps);
+
+ dictionary ShelfItem {
+ DOMString appId;
+ DOMString launchId;
+ DOMString title;
+ ShelfItemType? type;
+ ShelfItemStatus status;
+ boolean showsTooltip;
+ boolean pinnedByPolicy;
+ boolean pinStateForcedByType;
+ boolean hasNotification;
+ };
+
+ // A mapping of ash::AppType.
+ enum AppWindowType {
+ Browser,
+ ChromeApp,
+ ArcApp,
+ CrostiniApp,
+ SystemApp,
+ ExtensionApp,
+ Lacros
+ };
+
+ // A mapping of HotseatState in ash/public/cpp/shelf_types.h.
+ enum HotseatState {
+ Hidden,
+ ShownClamShell,
+ ShownHomeLauncher,
+ Extended
+ };
+
+ // The frame mode of a window. None if the window is framesless.
+ enum FrameMode {
+ Normal,
+ Immersive
+ };
+
+ dictionary OverviewInfo {
+ // Bounds in screen of an OverviewItem.
+ Bounds bounds;
+ // Whether an OverviewItem is being dragged in overview.
+ boolean isDragged;
+ };
+
+ // Used to update an app's shelf pin state.
+ dictionary ShelfIconPinUpdateParam {
+ // The identifier of the target app.
+ DOMString appId;
+
+ // The target pin state for the app.
+ boolean pinned;
+ };
+
+ dictionary AppWindowInfo {
+ // The identifier of the window. This shouldn't change across the time.
+ long id;
+
+ // The name of the window object -- typically internal class name of the
+ // window (like 'BrowserFrame').
+ DOMString name;
+
+ AppWindowType windowType;
+ WindowStateType stateType;
+
+ // The bounds of the window, in the coordinate of the root window (i.e.
+ // relative to the display where this window resides).
+ Bounds boundsInRoot;
+
+ // The identifier of the display where this window resides.
+ DOMString displayId;
+
+ boolean isVisible;
+ boolean canFocus;
+
+ // The title of the window; this can be seen in the window caption, or in
+ // the overview mode. Typically, this provides the title of the webpage or
+ // the title supplied by the application.
+ DOMString title;
+
+ // Whether some animation is ongoing on the window or not.
+ boolean isAnimating;
+
+ // The final bounds of the window when the animation completes. This should
+ // be same as |boundsInRoot| when |isAnimating| is false.
+ Bounds targetBounds;
+
+ // Whether or not the window is going to be visible after the animation
+ // completes. This should be same as |isVisible| when |isAnimating| is
+ // false.
+ boolean targetVisibility;
+
+ // WM Releated states
+ boolean isActive;
+ boolean hasFocus;
+ boolean onActiveDesk;
+ boolean hasCapture;
+ boolean canResize;
+
+ // Stacking order of the window in relation to its siblings. 0 indicates
+ // that the window is topmost. -1 if stacking info is not available
+ long stackingOrder;
+
+ // Window frame info
+ FrameMode frameMode;
+ boolean isFrameVisible;
+ long captionHeight;
+ // The bitset of the enabled caption buttons. See
+ // ui/views/window/caption_button_types.h.
+ long captionButtonEnabledStatus;
+ // The bitset of the caption buttons which are visible on the frame.
+ long captionButtonVisibleStatus;
+
+ DOMString? arcPackageName;
+
+ OverviewInfo? overviewInfo;
+
+ // The identifier of the app associated with the window that was launched
+ // from full restore. This should be same as |appId| when the window was
+ // restored from full restore, otherwise null.
+ DOMString? fullRestoreWindowAppId;
+
+ // The identifier of the app associated with the window.
+ DOMString? appId;
+ };
+
+ dictionary Accelerator {
+ DOMString keyCode;
+ boolean shift;
+ boolean control;
+ boolean alt;
+ boolean search;
+ boolean pressed;
+ };
+
+ // Mapped to ScrollableShelfState in ash/public/cpp/shelf_ui_info.h.
+ // [deprecated="Use ShelfState"]
+ dictionary ScrollableShelfState {
+ double? scrollDistance;
+ };
+
+ // Mapped to ShelfState in ash/public/cpp/shelf_ui_info.h.
+ dictionary ShelfState {
+ double? scrollDistance;
+ };
+
+ // Mapped to ScrollableShelfInfo in ash/public/cpp/shelf_ui_info.h.
+ // |targetMainAxisOffset| is set when ShelfState used in query
+ // specifies the scroll distance.
+ dictionary ScrollableShelfInfo {
+ double mainAxisOffset;
+ double pageOffset;
+ double? targetMainAxisOffset;
+ Bounds leftArrowBounds;
+ Bounds rightArrowBounds;
+ boolean isAnimating;
+ boolean iconsUnderAnimation;
+ boolean isOverflow;
+ Bounds[] iconsBoundsInScreen;
+ boolean isShelfWidgetAnimating;
+ };
+
+ // Mapped to HotseatSwipeDescriptor in ash/public/cpp/shelf_ui_info.h.
+ dictionary HotseatSwipeDescriptor {
+ Location swipeStartLocation;
+ Location swipeEndLocation;
+ };
+
+ // Mapped to HotseatInfo in ash/public/cpp/shelf_ui_info.h.
+ dictionary HotseatInfo {
+ HotseatSwipeDescriptor swipeUp;
+ HotseatState state;
+ boolean isAnimating;
+ // Whether the shelf is hidden with auto-hide enabled.
+ boolean isAutoHidden;
+ };
+
+ // The ui information of shelf components, including hotseat and
+ // scrollable shelf.
+ dictionary ShelfUIInfo {
+ HotseatInfo hotseatInfo;
+ ScrollableShelfInfo scrollableShelfInfo;
+ };
+
+ // Information about all desks.
+ dictionary DesksInfo {
+ long activeDeskIndex;
+ long numDesks;
+ boolean isAnimating;
+ DOMString[] deskContainers;
+ };
+
+ // Information about launcher's search box.
+ dictionary LauncherSearchBoxState {
+ DOMString ghostText;
+ };
+
+ callback GetShelfItemsCallback = void (ShelfItem[] items);
+
+ callback GetDefaultPinnedAppIdsCallback = void (DOMString[] items);
+
+ callback GetShelfAutoHideBehaviorCallback = void (DOMString behavior);
+
+ callback GetLauncherSearchBoxStateCallback = void (
+ LauncherSearchBoxState state);
+
+ callback GetShelfAlignmentCallback = void (ShelfAlignmentType alignment);
+
+ callback WindowStateCallback = void (WindowStateType currentType);
+
+ callback VoidCallback = void ();
+
+ callback DOMStringCallback = void (DOMString data);
+
+ callback GetAppWindowListCallback = void (AppWindowInfo[] window_list);
+
+ callback AcceleratorCallback = void (boolean success);
+
+ callback DesksCallback = void (boolean success);
+
+ callback GetDeskCountCallback = void (long count);
+
+ callback GetDesksInfoCallback = void (DesksInfo desks);
+
+ callback GetScrollableShelfInfoForStateCallback = void (
+ ScrollableShelfInfo info);
+
+ callback GetShelfUIInfoForStateCallback = void (ShelfUIInfo info);
+
+ // Frame counting record for one frame sink/compositor.
+ dictionary FrameCountingPerSinkData {
+ // Type of the frame sink. This corresponds to CompositorFrameSinkType.
+ DOMString sinkType;
+ // Whether the frame sink is the root.
+ boolean isRoot;
+ // Debug label of the frame sink.
+ DOMString debugLabel;
+
+ // Number of presented frames grouped using `bucketSizeInSeconds` arg in
+ // startFrameCounting call. It would be fps if the `bucketSizeInSeconds` is
+ // 1s.
+ long[] presentedFrames;
+ };
+
+ callback StopFrameCountingCallback = void (FrameCountingPerSinkData[] data);
+
+ // Result of calling setWindowBounds, which returns the actual bounds and
+ // display the window was set to. This may be different than the requested
+ // bounds and display, for example if the window is showing an ARC app and
+ // Android modifies the bounds request. Further, this result may never be
+ // returned in some situations (e.g. Android ignoring a bounds request),
+ // causing a timeout.
+ dictionary SetWindowBoundsResult {
+ // Bounds of the window.
+ Bounds bounds;
+ // Display ID of the display the window is on.
+ DOMString displayId;
+ };
+ callback WindowBoundsCallback = void (SetWindowBoundsResult result);
+
+ // Collected DisplaySmoothness data between startSmoothnessTracking and
+ // stopSmoothnessTracking calls.
+ dictionary DisplaySmoothnessData {
+ // Number of frames expected to be shown for this animation.
+ long framesExpected;
+ // Number of frames actually shown for this animation.
+ long framesProduced;
+ // Number of janks during this animation. A jank is counted when the current
+ // frame latency is larger than previous ones.
+ long jankCount;
+ // Display throughput percentage at fixed intervals.
+ long[] throughput;
+ };
+
+ // Callback invoked to report the smoothness after StopSmoothnessTracking is
+ // called.
+ callback StopSmoothnessTrackingCallback = void
+ (DisplaySmoothnessData data);
+
+ // Collected ui::ThroughputTracker data for one animation. It is based on
+ // cc::FrameSequenceMetrics::ThroughputData.
+ dictionary ThroughputTrackerAnimationData {
+ // Animation start time in milliseconds, relative to when
+ // `startThroughputTrackerDataCollection` is called.
+ long startOffsetMs;
+ // Animation stop time in milliseconds, relative to when
+ // `startThroughputTrackerDataCollection` is called.
+ long stopOffsetMs;
+ // Number of frames expected to be shown for this animation.
+ long framesExpected;
+ // Number of frames actually shown for this animation.
+ long framesProduced;
+ // Number of janks during this animation. A jank is counted when the current
+ // frame latency is larger than previous ones.
+ long jankCount;
+ };
+
+ // Callback invoked to report the collection ui::ThroughputTracker data
+ // after stopThroughputTrackerDataCollection is called.
+ callback StopThroughputTrackerDataCollectionCallback = void
+ (ThroughputTrackerAnimationData[] data);
+
+ // Callback invoked to report the currently collected ui::ThroughputTracker
+ // animation data. Note that the data reported is removed to avoid reporting
+ // duplicated data.
+ callback GetThroughtputTrackerDataCallback = void
+ (ThroughputTrackerAnimationData[] data);
+
+ // Callback invoked to report the number of system web apps that should be
+ // installed.
+ callback GetRegisteredSystemWebAppsCallback = void
+ (SystemWebApp[] systemWebApps);
+
+ callback IsSystemWebAppOpenCallback = void (boolean isOpen);
+
+ // Callback invoked to return the smoothness percentage after
+ // getDisplaySmoothness is called.
+ callback GetDisplaySmoothnessCallback = void (long smoothness);
+
+ // Options for resetting the holding space.
+ dictionary ResetHoldingSpaceOptions {
+ // Whether to call `ash::holding_space_prefs::MarkTimeOfFirstAdd()` after
+ // reset. Used to show the holding space tray in tests, since it's otherwise
+ // hidden after OOBE.
+ boolean markTimeOfFirstAdd;
+ };
+
+ callback CouldAllowCrostiniCallback = void (boolean canBeAllowed);
+
+ // Collected ash::LoginEventRecorder data.
+ dictionary LoginEventRecorderData {
+ // Event name
+ DOMString name;
+ // Number of frames actually shown for this animation.
+ double microsecnods_since_unix_epoch;
+ };
+
+ // Callback invoked to report the collection ui::LoginEventRecorder data
+ // after getLoginEventRecorderLoginEvents is called.
+ callback GetLoginEventRecorderLoginEventsCallback = void
+ (LoginEventRecorderData[] data);
+
+ // Request parameters for getAccessToken.
+ dictionary GetAccessTokenParams {
+ // An email associated with the account to get a token for.
+ DOMString email;
+ // A list of OAuth scopes to request.
+ DOMString[] scopes;
+ // An optional timeout in milliseconds for the request.
+ // Default: 90 seconds
+ long? timeoutMs;
+ };
+
+ // Response data for getAccessToken.
+ dictionary GetAccessTokenData {
+ // The access token
+ DOMString accessToken;
+ // The time the access token will expire as a unix timestamp in
+ // milliseconds.
+ DOMString expirationTimeUnixMs;
+ };
+
+ // Reponse callback for getAccessToken.
+ callback GetAccessTokenCallback = void(GetAccessTokenData data);
+
+ // Callback invoked to report whether the current input method is ready to
+ // accept key events from the test.
+ callback IsInputMethodReadyForTestingCallback = void
+ (boolean isReady);
+
+ // Response data for makeFuseboxTempDir.
+ dictionary MakeFuseboxTempDirData {
+ DOMString fuseboxFilePath;
+ DOMString underlyingFilePath;
+ };
+
+ // Callback invoked when the temporary directory was made.
+ callback MakeFuseboxTempDirCallback = void(MakeFuseboxTempDirData data);
+
+ // Callback invoked when the temporary directory was removed.
+ callback RemoveFuseboxTempDirCallback = void();
+
+ callback IsFeatureEnabledCallback = void(boolean enabled);
+
+ // Response data for getCurrentInputMethodDescriptor.
+ // Add more fields from ash/input_method/InputMethodDescriptor as needed.
+ dictionary GetCurrentInputMethodDescriptorData {
+ DOMString keyboardLayout;
+ };
+
+ // Response callback for current input method keyboard layout.
+ callback GetCurrentInputMethodDescriptorCallback = void
+ (GetCurrentInputMethodDescriptorData data);
+
+ // Response callback to report if a field trial exists and has been activated.
+ callback IsFieldTrialActiveCallback = void(boolean active);
+
+ // Request data containing the mock responses from
+ // overrideOrcaResponseForTesting.
+ dictionary OrcaResponseArray {
+ DOMString[] responses;
+ };
+
+ callback OverrideOrcaResponseForTestingCallback = void(boolean success);
+
+ interface Functions {
+ // Must be called to allow autotestPrivateAPI events to be fired.
+ static void initializeEvents();
+
+ // Logout of a user session.
+ static void logout();
+
+ // Restart the browser.
+ static void restart();
+
+ // Shutdown the browser.
+ // |force|: if set, ignore ongoing downloads and onunbeforeunload handlers.
+ static void shutdown(boolean force);
+
+ // Get login status.
+ [supportsPromises] static void loginStatus(LoginStatusCallback callback);
+
+ // Locks the screen.
+ static void lockScreen();
+
+ // Get info about installed extensions.
+ [supportsPromises] static void getExtensionsInfo(
+ ExtensionsInfoCallback callback);
+
+ // Get state of the policies.
+ // Will contain device policies and policies from the active profile.
+ // The policy values are formatted as they would be for exporting in
+ // chrome://policy.
+ [supportsPromises] static void getAllEnterprisePolicies(
+ AllEnterprisePoliciesCallback callback);
+
+ // Refreshes the Enterprise Policies.
+ [supportsPromises] static void refreshEnterprisePolicies(
+ VoidCallback callback);
+
+ // Refreshes the remote commands.
+ [supportsPromises] static void refreshRemoteCommands(VoidCallback callback);
+
+ // Simulates a memory access bug for asan testing.
+ static void simulateAsanMemoryBug();
+
+ // Set the touchpad pointer sensitivity setting.
+ // |value|: the pointer sensitivity setting index.
+ static void setTouchpadSensitivity(long value);
+
+ // Turn on/off tap-to-click for the touchpad.
+ // |enabled|: if set, enable tap-to-click.
+ static void setTapToClick(boolean enabled);
+
+ // Turn on/off three finger click for the touchpad.
+ // |enabled|: if set, enable three finger click.
+ static void setThreeFingerClick(boolean enabled);
+
+ // Turn on/off tap dragging for the touchpad.
+ // |enabled|: if set, enable tap dragging.
+ static void setTapDragging(boolean enabled);
+
+ // Turn on/off Australian scrolling for devices other than wheel mouse.
+ // |enabled|: if set, enable Australian scrolling.
+ static void setNaturalScroll(boolean enabled);
+
+ // Set the mouse pointer sensitivity setting.
+ // |value|: the pointer sensitivity setting index.
+ static void setMouseSensitivity(long value);
+
+ // Swap the primary mouse button for left click.
+ // |right|: if set, swap the primary mouse button.
+ static void setPrimaryButtonRight(boolean right);
+
+ // Turn on/off reverse scrolling for mice.
+ // |enabled|: if set, enable reverse scrolling.
+ static void setMouseReverseScroll(boolean enabled);
+
+ // Get visible notifications on the system.
+ [supportsPromises] static void getVisibleNotifications(
+ NotificationArrayCallback callback);
+
+ // Remove all notifications.
+ [supportsPromises] static void removeAllNotifications(
+ VoidCallback callback);
+
+ // Get ARC start time in ticks.
+ [supportsPromises] static void getArcStartTime(
+ ArcStartTimeCallback callback);
+
+ // Get state of the ARC session.
+ [supportsPromises] static void getArcState(
+ ArcStateCallback callback);
+
+ // Get state of the Play Store.
+ [supportsPromises] static void getPlayStoreState(
+ PlayStoreStateCallback callback);
+
+ // Get list of available printers
+ [supportsPromises] static void getPrinterList(
+ PrinterArrayCallback callback);
+
+ // Returns true if requested app is shown in Chrome.
+ [supportsPromises] static void isAppShown(DOMString appId,
+ IsAppShownCallback callback);
+
+ // Returns true if ARC is provisioned.
+ // [deprecated="Use getArcState()"]
+ [supportsPromises] static void isArcProvisioned(
+ IsArcProvisionedCallback callback);
+
+ // Gets various information about the state of lacros on the system.
+ [supportsPromises] static void getLacrosInfo(
+ GetLacrosInfoCallback callback);
+
+ // Gets information about the requested ARC app.
+ [supportsPromises] static void getArcApp(DOMString appId,
+ GetArcAppCallback callback);
+
+ // Gets counts of how many ARC apps have been killed, by priority.
+ [supportsPromises] static void getArcAppKills(
+ GetArcAppKillsCallback callback);
+
+ // Gets information about requested ARC package.
+ [supportsPromises] static void getArcPackage(
+ DOMString packageName,
+ GetArcPackageCallback callback);
+
+ // Waits for system web apps to complete the installation.
+ [supportsPromises] static void waitForSystemWebAppsInstall(
+ VoidCallback callback);
+
+ // Gets all the default pinned shelf app IDs, these may not be installed.
+ [supportsPromises] static void getDefaultPinnedAppIds(
+ GetDefaultPinnedAppIdsCallback callback);
+
+ // Returns the number of system web apps that should be installed.
+ [supportsPromises] static void getRegisteredSystemWebApps(
+ GetRegisteredSystemWebAppsCallback callback);
+
+ // Returns whether the system web app is currently open or not.
+ [supportsPromises] static void isSystemWebAppOpen(
+ DOMString appId,
+ IsSystemWebAppOpenCallback callback);
+
+ // Launches an application from the launcher with the given appId.
+ [supportsPromises] static void launchApp(DOMString appId,
+ VoidCallback callback);
+
+ // Launches an system web app from the launcher with the given app name and
+ // url.
+ [supportsPromises] static void launchSystemWebApp(DOMString appName,
+ DOMString url,
+ VoidCallback callback);
+
+ // Launches Files app directly to absolutePath, if the path does not
+ // exist, it will launch to the default opening location (i.e. My files).
+ // If the supplied path is a file (and it exists) it will open Files app
+ // to the parent folder instead.
+ [supportsPromises] static void launchFilesAppToPath(
+ DOMString absolutePath,
+ VoidCallback callback);
+
+ // Closes an application the given appId in case it was running.
+ [supportsPromises] static void closeApp(DOMString appId,
+ VoidCallback callback);
+
+ // Update printer. Printer with empty ID is considered new.
+ static void updatePrinter(Printer printer);
+
+ // Remove printer.
+ static void removePrinter(DOMString printerId);
+
+ // Start ARC directly, note this differs from |setPlayStoreEnabled|. It is
+ // used to restart ARC in tests.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void startArc(VoidCallback callback);
+
+ // Stop ARC directly, note this differs from |setPlayStoreEnabled|. It is
+ // used to restart ARC in tests. Note, this preserves ARC data.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void stopArc(VoidCallback callback);
+
+ // Enable/disable the Play Store.
+ // |enabled|: if set, enable the Play Store.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setPlayStoreEnabled(boolean enabled,
+ VoidCallback callback);
+
+ // Get text from ui::Clipboard.
+ // |callback|: Called with result.
+ [supportsPromises] static void getClipboardTextData(
+ DOMStringCallback callback);
+
+ // Set text in ui::Clipbaord.
+ // |callback|: Called when operation is complete.
+ [supportsPromises] static void setClipboardTextData(DOMString data,
+ VoidCallback callback);
+
+ // Run the crostini installer GUI to install the default crostini
+ // vm / container and create sshfs mount. The installer launches the
+ // crostini terminal app on completion. The installer expects that
+ // crostini is not already installed.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void runCrostiniInstaller(VoidCallback callback);
+
+ // Run the crostini uninstaller GUI to remove the default crostini
+ // vm / container. The callback is invoked upon completion.
+ [supportsPromises] static void runCrostiniUninstaller(
+ VoidCallback callback);
+
+ // Enable/disable Crostini in preferences.
+ // |enabled|: Enable Crostini.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setCrostiniEnabled(boolean enabled,
+ VoidCallback callback);
+
+ // Export the crostini container.
+ // |path|: The path in Downloads to save the export.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void exportCrostini(DOMString path,
+ VoidCallback callback);
+
+ // Import the crostini container.
+ // |path|: The path in Downloads to read the import.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void importCrostini(DOMString path,
+ VoidCallback callback);
+
+ // Returns whether crostini could ever be allowed.
+ // |callback|: Called with a boolean indicating if crostini can ever be
+ // allowed in the current profile.
+ [supportsPromises] static void couldAllowCrostini(
+ CouldAllowCrostiniCallback callback);
+
+ // Sets mock Plugin VM policy.
+ // |imageUrl|: URL to the image to install.
+ // |imageHash|: Hash for the provided image.
+ // |licenseKey|: License key for Plugin VM.
+ static void setPluginVMPolicy(DOMString imageUrl,
+ DOMString imageHash,
+ DOMString licenseKey);
+
+ // Shows the Plugin VM installer. Does not start installation.
+ static void showPluginVMInstaller();
+
+ // Installs Borealis without showing the normal installer UI.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void installBorealis(VoidCallback callback);
+
+ // Register a component with CrOSComponentManager.
+ // |name|: The name of the component.
+ // |path|: Path to the component.
+ static void registerComponent(DOMString name, DOMString path);
+
+ // Takes a screenshot and returns the data in base64 encoded PNG format.
+ [supportsPromises] static void takeScreenshot(
+ TakeScreenshotCallback callback);
+
+ // Tasks a screenshot for a display.
+ // |display_id|: the display id of the display.
+ // |callback|: called when the operation has completed.
+ [supportsPromises] static void takeScreenshotForDisplay(
+ DOMString display_id,
+ TakeScreenshotCallback callback);
+
+ // Triggers an on-demand update of smart dim component and checks whether
+ // it's successfully loaded by smart dim ml_agent.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void loadSmartDimComponent(VoidCallback callback);
+
+ // Enables/disables the Google Assistant.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setAssistantEnabled(boolean enabled,
+ long timeout_ms,
+ VoidCallback callback);
+
+ // Bring up the Assistant service, and wait for the ready signal.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void enableAssistantAndWaitForReady(
+ VoidCallback callback);
+
+ // Sends a text query via Google Assistant.
+ // |callback|: Called when response has been received.
+ [supportsPromises] static void sendAssistantTextQuery(
+ DOMString query,
+ long timeout_ms,
+ AssistantQueryStatusCallback callback);
+
+ // Invokes |callback| once the current text/voice interaction is completed.
+ // Responds with the the query status if any valid response was caught
+ // before the timeout. This API should be called before sending the query.
+ // To use it for testing a voice query via OKG in Autotest, for example,
+ // you can do:
+ //
+ // // Enable hotword setting for Assistant.
+ // assistant_util.enable_hotword();
+ //
+ // // Call this API with your callback function.
+ // chrome.autotestPrivate.waitForAssistantQueryStatus(timeout_s,
+ // function(status) {...});
+ //
+ // then start Assistant via OKG and send voice query before timeout.
+ //
+ // TODO(meilinw@): disable warmer welcome to avoid an unintended early
+ // return of this API when launching Assistant via hotkey.
+ // TODO(meilinw@): update the comment above to use Tast instead after
+ // adding API to enable hotword in Tast.
+ [supportsPromises] static void waitForAssistantQueryStatus(
+ long timeout_s,
+ AssistantQueryStatusCallback callback);
+
+ // Whether the local list of installed ARC packages has been refreshed for
+ // the first time after user login.
+ [supportsPromises] static void isArcPackageListInitialRefreshed(
+ IsArcPackageListInitialRefreshedCallback callback);
+
+ // Set value for the specified user pref in the pref tree.
+ [supportsPromises] static void setAllowedPref(DOMString pref_name,
+ any value,
+ VoidCallback callback);
+
+ // Clears value for the specified user pref in the pref tree.
+ [supportsPromises] static void clearAllowedPref(DOMString pref_name,
+ VoidCallback callback);
+
+ // DEPRECATED: use SetAllowedPref instead, see crbug/1262034
+ // Set value for the specified user pref in the pref tree.
+ [supportsPromises] static void setWhitelistedPref(DOMString pref_name,
+ any value,
+ VoidCallback callback);
+
+ // Enable/disable a Crostini app's "scaled" property.
+ // |appId|: The Crostini application ID.
+ // |scaled|: The app is "scaled" when shown, which means it uses low display
+ // density.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setCrostiniAppScaled(DOMString appId,
+ boolean scaled,
+ VoidCallback callback);
+
+ // Get the primary display scale factor.
+ // |callback| is invoked with the scale factor.
+ [supportsPromises] static void getPrimaryDisplayScaleFactor(
+ GetPrimaryDisplayScaleFactorCallback callback);
+
+ // Get the tablet mode enabled status.
+ // |callback| is invoked with the tablet mode enablement status.
+ [supportsPromises] static void isTabletModeEnabled(
+ IsTabletModeEnabledCallback callback);
+
+ // Enable/disable tablet mode. After calling this function, it won't be
+ // possible to physically switch to/from tablet mode since that
+ // functionality will be disabled.
+ // |enabled|: if set, enable tablet mode.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setTabletModeEnabled(
+ boolean enabled,
+ SetTabletModeEnabledCallback callback);
+
+ // Get the list of all installed applications
+ [supportsPromises] static void getAllInstalledApps(
+ GetAllInstalledAppsCallback callback);
+
+ // Get the list of all shelf items
+ [supportsPromises] static void getShelfItems(
+ GetShelfItemsCallback callback);
+
+ // Get the launcher search box search state.
+ [supportsPromises] static void getLauncherSearchBoxState(
+ GetLauncherSearchBoxStateCallback callback);
+
+ // Get the shelf auto hide behavior.
+ // |displayId|: display that contains the shelf.
+ // |callback| is invoked with the shelf auto hide behavior. Possible
+ // behavior values are: "always", "never" or "hidden".
+ [supportsPromises] static void getShelfAutoHideBehavior(
+ DOMString displayId,
+ GetShelfAutoHideBehaviorCallback callback);
+
+ // Set the shelf auto hide behavior.
+ // |displayId|: display that contains the shelf.
+ // |behavior|: an enum of "always", "never" or "hidden".
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setShelfAutoHideBehavior(
+ DOMString displayId,
+ DOMString behavior,
+ VoidCallback callback);
+
+ // Get the shelf alignment.
+ // |displayId|: display that contains the shelf.
+ // |callback| is invoked with the shelf alignment type.
+ [supportsPromises] static void getShelfAlignment(
+ DOMString displayId,
+ GetShelfAlignmentCallback callback);
+
+ // Set the shelf alignment.
+ // |displayId|: display that contains the shelf.
+ // |alignment|: the type of alignment to set.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setShelfAlignment(
+ DOMString displayId,
+ ShelfAlignmentType alignment,
+ VoidCallback callback);
+
+ // Create a pin on shelf for the app specified by |appId|.
+ // Deprecated. Use setShelfIconPin() instead.
+ [supportsPromises] static void pinShelfIcon(DOMString appId,
+ VoidCallback callback);
+
+ // Update pin states of the shelf apps based on |updateParams|. Return a
+ // list of app ids whose pin state changed. Pin states will not be changed
+ // if the method fails.
+ [supportsPromises] static void setShelfIconPin(
+ ShelfIconPinUpdateParam[] updateParams,
+ optional SetShelfIconPinCallback callback);
+
+ // Enter or exit the overview mode.
+ // |start|: whether entering to or exiting from the overview mode.
+ // |callback|: called after the overview mode switch finishes.
+ [supportsPromises] static void setOverviewModeState(
+ boolean start,
+ SetOverviewModeStateCallback callback);
+
+ // Show virtual keyboard of the current input method if it's available.
+ static void showVirtualKeyboardIfEnabled();
+
+ // Sends the overlay color and theme to Android and changes the Android system color and theme to these values.
+ // |color|: the int color of the system ui.
+ // |theme|: the theme of the system ui.
+ // |callback|: callback to deliver sendArcOverlayColor result.
+ [supportsPromises] static void sendArcOverlayColor(
+ long color, ThemeStyle theme, SendArcOverlayColorCallback callback);
+
+ // Start ARC performance tracing for the active ARC app window.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void arcAppTracingStart(VoidCallback callback);
+
+ // Stop ARC performance tracing if it was started and analyze results.
+ // |callback|: callback to deliver tracing results.
+ [supportsPromises] static void arcAppTracingStopAndAnalyze(
+ ArcAppTracingCallback callback);
+
+ // Swap the windows in the split view.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void swapWindowsInSplitView(
+ VoidCallback callback);
+
+ // Set ARC app window focused.
+ // |packageName|: the package name of the ARC app window.
+ // |callback|: called when the operation has completed.
+ [supportsPromises] static void setArcAppWindowFocus(DOMString packageName,
+ VoidCallback callback);
+
+ // Invokes the callback when the display rotation animation is finished, or
+ // invokes it immediately if it is not animating. The callback argument
+ // is true if the display's rotation is same as |rotation|, or false otherwise.
+ // |displayId|: display that contains the shelf.
+ // |rotation|: the target rotation.
+ // |callback|: called when the operation has completed.
+ [supportsPromises] static void waitForDisplayRotation(
+ DOMString displayId,
+ RotationType rotation,
+ WaitForDisplayRotationCallback callback);
+
+ // Get information on all application windows. Callback will be called
+ // with the list of |AppWindowInfo| dictionary.
+ // |callback|: called with window list.
+ [supportsPromises] static void getAppWindowList(
+ GetAppWindowListCallback callback);
+
+ // Send WM event to change the app window's window state.
+ // |id|: the id of the window
+ // |change|: WM event type to send to the app window.
+ // |wait|: whether the method should wait for the window state to change before returning.
+ // |callback|: called when the window state is changed if |wait| is true.
+ // Otherwise, called right after the WM event is sent.
+ [supportsPromises] static void setAppWindowState(
+ long id,
+ WindowStateChangeDict change,
+ optional boolean wait,
+ WindowStateCallback callback);
+
+ // Activate app window given by "id".
+ // |id|: the id of the window
+ // |callback|: called when the window is requested to activate.
+ [supportsPromises] static void activateAppWindow(long id,
+ VoidCallback callback);
+
+ // Closes an app window given by "id".
+ // |id|: the id of the window
+ // |callback|: called when the window is requested to close.
+ [supportsPromises] static void closeAppWindow(long id,
+ VoidCallback callback);
+
+ // Installs the Progressive Web App (PWA) that is in the current URL.
+ // |timeout_ms|: Timeout in milliseconds for the operation to complete.
+ // |callback|: called when the operation has completed. Passes the app Id
+ // of the recently installed PWA as argument.
+ [supportsPromises] static void installPWAForCurrentURL(
+ long timeout_ms,
+ InstallPWAForCurrentURLCallback callback);
+
+ // Activates shortcut.
+ // |accelerator|: the accelerator to activate.
+ // |callback|: called when the operation has completed.
+ [supportsPromises] static void activateAccelerator(
+ Accelerator accelerator,
+ AcceleratorCallback callback);
+
+ // Wwait until the launcher is transitionto the |launcherState|, if it's not
+ // in that state.
+ // |launcherState|: the target launcher state.
+ // |callback|: called when the operation has completed.
+ [supportsPromises] static void waitForLauncherState(
+ LauncherStateType launcherState,
+ VoidCallback callback);
+
+ // Wait until overview has transitioned to |overviewState|, if it is not in
+ // that state.
+ // |overviewState|: the target overview state.
+ // |callback|: called when overview has reached |overviewState|.
+ [supportsPromises] static void waitForOverviewState(
+ OverviewStateType overviewState,
+ VoidCallback callback);
+
+ // Creates a new desk if the maximum number of desks has not been reached.
+ // |callback|: called to indicate success or failure.
+ [supportsPromises] static void createNewDesk(DesksCallback callback);
+
+ // Activates the desk at the given |index| triggering the activate-desk
+ // animation.
+ // |index|: the zero-based index of the desk desired to be activated.
+ // |callback|: called indicating success when the animation completes, or
+ // failure when the desk at |index| is already the active desk.
+ [supportsPromises] static void activateDeskAtIndex(long index,
+ DesksCallback callback);
+
+ // Removes the currently active desk and triggers the remove-desk animation.
+ // |callback|: called indicating success when the animation completes, or
+ // failure if the currently active desk is the last available desk which
+ // cannot be removed.
+ [supportsPromises] static void removeActiveDesk(DesksCallback callback);
+
+ // Activates the desk at the given |index| by chaining multiple
+ // activate-desk animations.
+ // |index|: the zero-based index of the desk desired to be activated.
+ // |callback|: called indicating success when the animation completes, or
+ // failure when the desk at |index| is already the active desk.
+ [supportsPromises] static void activateAdjacentDesksToTargetIndex(
+ long index,
+ DesksCallback callback);
+
+ // Fetches the number of open desks in the `DesksController` at the time of
+ // call.
+ // `callback`: callback that is passed the number of open desks.
+ [supportsPromises] static void getDeskCount(
+ GetDeskCountCallback callback
+ );
+
+ // Fetches info about the open desks at the time of the call.
+ // `callback`: callback that is passed desks information.
+ [supportsPromises] static void getDesksInfo(
+ GetDesksInfoCallback callback
+ );
+
+ // Create mouse events to cause a mouse click.
+ // |button|: the mouse button for the click event.
+ // |callback|: called after the mouse click finishes.
+ [supportsPromises] static void mouseClick(MouseButton button,
+ VoidCallback callback);
+
+ // Create a mouse event to cause mouse pressing. The mouse button stays
+ // in the pressed state.
+ // |button|: the mouse button to be pressed.
+ // |callback|: called after the mouse pressed event is handled.
+ [supportsPromises] static void mousePress(MouseButton button,
+ VoidCallback callback);
+
+ // Create a mouse event to release a mouse button. This does nothing and
+ // returns immediately if the specified button is not pressed.
+ // |button|: the mouse button to be released.
+ // |callback|: called after the mouse is released.
+ [supportsPromises] static void mouseRelease(MouseButton button,
+ VoidCallback callback);
+
+ // Create mouse events to move a mouse cursor to the location. This can
+ // cause a dragging if a button is pressed. It starts from the last mouse
+ // location.
+ // |location|: the target location (in screen coordinate).
+ // |duration_in_ms|: the duration (in milliseconds) for the mouse movement.
+ // The mouse will move linearly. 0 means moving immediately.
+ // |callback|: called after the mouse move finishes.
+ [supportsPromises] static void mouseMove(Location location,
+ double duration_in_ms,
+ VoidCallback callback);
+
+ // Enable/disable metrics reporting in preferences.
+ // |enabled|: Enable metrics reporting.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void setMetricsEnabled(boolean enabled,
+ VoidCallback callback);
+
+ // Sends ARC touch mode enabled or disabled.
+ // |enable|: whether enabled touch mode.
+ // |callback|: called when action performed.
+ [supportsPromises] static void setArcTouchMode(boolean enabled,
+ VoidCallback callback);
+
+ // Fetches ui information of scrollable shelf view for the given shelf
+ // state. This function does not change scrollable shelf.
+ // [deprecated="Use getShelfUIInfoForState()"]
+ [supportsPromises] static void getScrollableShelfInfoForState(
+ ScrollableShelfState state,
+ GetScrollableShelfInfoForStateCallback callback);
+
+ // Fetches UI information of shelf (including scrollable shelf and hotseat)
+ // for the given shelf state. This function does not change any shelf
+ // component.
+ [supportsPromises] static void getShelfUIInfoForState(
+ ShelfState state,
+ GetShelfUIInfoForStateCallback callback);
+
+ // Sends a WM event to change a window's bounds and/or the display it is on.
+ // |id|: the id of the window.
+ // |bounds|: bounds the window should be set to.
+ // |displayId|: id of display to move the window to.
+ // |callback|: called when the window bounds are changed.
+ [supportsPromises] static void setWindowBounds(
+ long id,
+ Bounds bounds,
+ DOMString displayId,
+ WindowBoundsCallback callback);
+
+ // Starts smoothness tracking for a display. If the display id is not
+ // specified, the primary display is used. Otherwise, the display specified
+ // by the display id is used. If `throughputIntervalMs` is not specified,
+ // default 5 seconds interval is used to collect throughput data.
+ [supportsPromises] static void startSmoothnessTracking(
+ optional DOMString displayId,
+ optional long throughputIntervalMs,
+ VoidCallback callback);
+
+ // Stops smoothness tracking for a display and report the smoothness. If
+ // the display id is not specified, the primary display is used. Otherwise,
+ // the display specified by the display id is used.
+ [supportsPromises] static void stopSmoothnessTracking(
+ optional DOMString displayId,
+ StopSmoothnessTrackingCallback callback);
+
+ // When neccesary, disables showing the dialog when Switch Access is disabled.
+ static void disableSwitchAccessDialog();
+
+ // Waits for the completion of photo transition animation in ambient mode.
+ // |numCompletions|: number of completions of the animation.
+ // |timeout|: the timeout in seconds.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void waitForAmbientPhotoAnimation(
+ long numCompletions,
+ long timeout,
+ VoidCallback callback);
+
+ // Waits for ambient video to successfully start playback.
+ // |timeout|: the timeout in seconds.
+ // |callback|: Called when the operation has completed.
+ [supportsPromises] static void waitForAmbientVideo(
+ long timeout,
+ VoidCallback callback);
+
+ // Disables the automation feature. Note that the event handlers and caches
+ // of automation nodes still remain in the test extension and so the next
+ // automation.getDesktop will miss initialization. The caller should ensure
+ // invalidation of those information (i.e. reloading the entire background
+ // page).
+ [supportsPromises] static void disableAutomation(VoidCallback callback);
+
+ // Starts to ui::ThroughputTracker data collection for tracked animations.
+ [supportsPromises] static void startThroughputTrackerDataCollection(
+ VoidCallback callback);
+
+ // Stops ui::ThroughputTracker data collection and reports the collected
+ // data since the start or the last GetThroughtputTrackerData call.
+ [supportsPromises] static void stopThroughputTrackerDataCollection(
+ StopThroughputTrackerDataCollectionCallback callback);
+
+ // Reports the currently collected animation data.
+ [supportsPromises] static void getThroughputTrackerData(
+ GetThroughtputTrackerDataCallback callback);
+
+ // Gets the smoothness of a display. If the display id is not specified,
+ // the primary display is used.
+ [supportsPromises] static void getDisplaySmoothness(
+ optional DOMString displayId,
+ GetDisplaySmoothnessCallback callback);
+
+ // Resets the holding space by removing all items and clearing the prefs.
+ [supportsPromises] static void resetHoldingSpace(
+ optional ResetHoldingSpaceOptions options,
+ VoidCallback callback);
+
+ // Starts collection of ui::LoginEventRecorder data.
+ [supportsPromises] static void startLoginEventRecorderDataCollection(
+ VoidCallback callback);
+
+ // Stops ui::LoginEventRecorder data collection and reports all the
+ // collected data.
+ [supportsPromises] static void getLoginEventRecorderLoginEvents(
+ GetLoginEventRecorderLoginEventsCallback callback);
+
+ // Adds login event to test LoginEventRecorderDataCollection API.
+ [supportsPromises] static void addLoginEventForTesting(
+ VoidCallback callback);
+
+ // Force auto theme mode in dark mode or light mode for testing.
+ [supportsPromises] static void forceAutoThemeMode(boolean darkModeEnabled, VoidCallback callback);
+
+ // Fetches an access token from Chrome.
+ [supportsPromises] static void getAccessToken(
+ GetAccessTokenParams accessTokenParams,
+ GetAccessTokenCallback callback);
+
+ // Returns whether the current input method is ready to accept key events.
+ [supportsPromises] static void isInputMethodReadyForTesting(
+ IsInputMethodReadyForTestingCallback callback);
+
+ // Creates a temporary directory visible under the Fusebox mount point.
+ [supportsPromises] static void makeFuseboxTempDir(
+ MakeFuseboxTempDirCallback callback);
+
+ // Removes a temporary directory visible under the Fusebox mount point. The
+ // fuseboxFilePath argument was returned by the MakeFuseboxTempDirCallback.
+ [supportsPromises] static void removeFuseboxTempDir(
+ DOMString fuseboxFilePath,
+ RemoveFuseboxTempDirCallback callback);
+
+ // Remove the specified component extension.
+ [supportsPromises] static void removeComponentExtension(
+ DOMString extensionId, VoidCallback callback);
+
+ // Starts frame counting in viz. `bucketSizeInSeconds` decides the bucket
+ // size of the frame count records. If it is X seconds, each record is
+ // the number of presented frames in X seconds.
+ [supportsPromises] static void startFrameCounting(long bucketSizeInSeconds,
+ VoidCallback callback);
+
+ // Ends frame counting in viz and return the collected data.
+ [supportsPromises] static void stopFrameCounting(
+ StopFrameCountingCallback callback);
+
+ // Install a bruschetta VM.
+ [supportsPromises] static void installBruschetta(
+ DOMString vm_name, VoidCallback callback);
+
+ // Delete a bruschetta VM.
+ [supportsPromises] static void removeBruschetta(
+ DOMString vm_name, VoidCallback callback);
+
+ // Returns whether a base::Feature is enabled. The state may change because
+ // a Chrome uprev into ChromeOS changed the default feature state.
+ [supportsPromises] static void isFeatureEnabled(
+ DOMString feature_name, IsFeatureEnabledCallback callback);
+
+ // Returns keyboard layout used for current input method.
+ [supportsPromises] static void getCurrentInputMethodDescriptor(
+ GetCurrentInputMethodDescriptorCallback callback);
+
+ // Overrides the response from Orca Provider and returns the boolean value
+ // that indicates if the overriding is successful or not.
+ [supportsPromises] static void overrideOrcaResponseForTesting(
+ OrcaResponseArray array,
+ OverrideOrcaResponseForTestingCallback callback);
+
+ // ARC set interactive enable/disable state.
+ // |enabled|: Enable ARC interactive.
+ // |callback|: Called when the operation sent to ARC by mojo.
+ [supportsPromises] static void setArcInteractiveState(
+ boolean enabled, VoidCallback callback);
+
+ // Returns whether a field trial exists and has been activated.
+ [supportsPromises] static void isFieldTrialActive(
+ DOMString trial_name,
+ DOMString group_name,
+ IsFieldTrialActiveCallback callback);
+
+ // ARC get wakefulness mode.
+ [supportsPromises] static void getArcWakefulnessMode(
+ WakefulnessModeCallback callback);
+
+ // Sets the default device language.
+ // A restart is required for this change to take effect.
+ // |value|: the locale of the language.
+ static void setDeviceLanguage(DOMString locale, VoidCallback callback);
+ };
+
+ interface Events {
+ // Fired when the data in ui::Clipboard is changed.
+ static void onClipboardDataChanged();
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/braille_display_private.idl b/tools/under-control/src/chrome/common/extensions/api/braille_display_private.idl
new file mode 100755
index 000000000..3c75d456e
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/braille_display_private.idl
@@ -0,0 +1,93 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Braille display access private API.
+namespace brailleDisplayPrivate {
+ // Braille display keyboard command.
+ enum KeyCommand {
+ line_up,
+ line_down,
+ pan_left,
+ pan_right,
+ top,
+ bottom,
+ routing,
+ secondary_routing,
+ dots,
+ chord,
+ standard_key
+ };
+
+ // A keyboard event. This is not a standard keyboard event because
+ // braille display keyboards look significantly different from standard
+ // keyboards.
+ dictionary KeyEvent {
+ KeyCommand command;
+ // 0-based display position for commands that involve a routing key.
+ long? displayPosition;
+ // Braille dot keys that were pressed, stored in the low-order bits.
+ // Dot 1 is stored in bit 0, dot2 in bit 1, etc.
+ long? brailleDots;
+ // DOM keyboard event code. This is present when command is standard_key
+ // and the braille display event represents a non-alphanumeric key such
+ // as an arrow key or function key.
+ // The value is as defined by the |code| property in
+ // http://www.w3.org/TR/uievents/#keyboard-event-interface
+ DOMString? standardKeyCode;
+ // DOM keyboard event character value. This is present if the
+ // braille key event corresponds to a character.
+ DOMString? standardKeyChar;
+ // Whether the space key was pressed.
+ boolean? spaceKey;
+ // Whether the alt key was pressed.
+ boolean? altKey;
+ // Whether the shift key was pressed.
+ boolean? shiftKey;
+ // Whether the ctrl key was pressed.
+ boolean? ctrlKey;
+ };
+
+ // The current braille display state.
+ dictionary DisplayState {
+ // Whether a braille display is currently available.
+ boolean available;
+ // Number of rows of braille cells on the currently connected display.
+ long? textRowCount;
+ // Number of columns of braille cells on the currently connected display.
+ long? textColumnCount;
+ // The number of dots in a braille cell on the currently connected display.
+ long? cellSize;
+ };
+
+ callback DisplayStateCallback = void(DisplayState result);
+
+ interface Functions {
+ // Gets the current display state.
+ [supportsPromises] static void getDisplayState(
+ DisplayStateCallback callback);
+
+ // Write the given dot patterns to the display. The buffer contains one
+ // byte for each braille cell on the display, starting from the leftmost
+ // cell. Each byte contains a bit pattern indicating which dots should be
+ // raised in the corresponding cell with the low-order bit representing
+ // dot 1 and so on until bit 7 which corresponds to dot 8. If the number
+ // of bytes in the buffer is not equal to the display size, the buffer
+ // will either be clipped or padded with blank cells on the right. The
+ // buffer is a 2D array compressed into 1D. The |columns| and |rows|
+ // parameters give the original 2D dimensions of the buffer. To access
+ // an element cells[r][c], simply access cells[r * columns + c].
+ static void writeDots(ArrayBuffer cells, long columns, long rows);
+
+ // Updates the single user-preferred braille device with the given bluetooth
+ // device address and starts or restarts the Brltty daemon.
+ static void updateBluetoothBrailleDisplayAddress(DOMString address);
+ };
+
+ interface Events {
+ // Fired when a braille display is connected or disconnected.
+ static void onDisplayStateChanged(DisplayState state);
+ // Fired when an input event is received from the display.
+ static void onKeyEvent(KeyEvent event);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/certificate_provider.idl b/tools/under-control/src/chrome/common/extensions/api/certificate_provider.idl
new file mode 100755
index 000000000..5143c4c91
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/certificate_provider.idl
@@ -0,0 +1,304 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use this API to expose certificates to the platform which can use these
+// certificates for TLS authentications.
+namespace certificateProvider {
+
+ // Types of supported cryptographic signature algorithms.
+ enum Algorithm {
+ // Specifies the RSASSA PKCS#1 v1.5 signature algorithm with the MD5-SHA-1
+ // hashing. The extension must not prepend a DigestInfo prefix but only
+ // add PKCS#1 padding. This algorithm is deprecated and will never be requested
+ // by Chrome as of version 109.
+ RSASSA_PKCS1_v1_5_MD5_SHA1,
+ // Specifies the RSASSA PKCS#1 v1.5 signature algorithm
+ // with the SHA-1 hash function.
+ RSASSA_PKCS1_v1_5_SHA1,
+ // Specifies the RSASSA PKCS#1 v1.5 signature algorithm
+ // with the SHA-256 hashing function.
+ RSASSA_PKCS1_v1_5_SHA256,
+ // Specifies the RSASSA PKCS#1 v1.5 signature algorithm
+ // with the SHA-384 hashing function.
+ RSASSA_PKCS1_v1_5_SHA384,
+ // Specifies the RSASSA PKCS#1 v1.5 signature algorithm
+ // with the SHA-512 hashing function.
+ RSASSA_PKCS1_v1_5_SHA512,
+ // Specifies the RSASSA PSS signature algorithm with the SHA-256 hashing
+ // function, MGF1 mask generation function and the salt of the same size as
+ // the hash.
+ RSASSA_PSS_SHA256,
+ // Specifies the RSASSA PSS signature algorithm with the SHA-384 hashing
+ // function, MGF1 mask generation function and the salt of the same size as
+ // the hash.
+ RSASSA_PSS_SHA384,
+ // Specifies the RSASSA PSS signature algorithm with the SHA-512 hashing
+ // function, MGF1 mask generation function and the salt of the same size as
+ // the hash.
+ RSASSA_PSS_SHA512
+ };
+
+ // Types of errors that the extension can report.
+ enum Error {
+ // General error that cannot be represented by other more specific
+ // error codes.
+ GENERAL_ERROR
+ };
+
+ // Information about a client certificate.
+ [noinline_doc] dictionary ClientCertificateInfo {
+ // The array must contain the DER encoding of the X.509 client certificate
+ // as its first element.
+ // This must include exactly one certificate.
+ ArrayBuffer[] certificateChain; + // All algorithms supported for this certificate. The extension will only be + // asked for signatures using one of these algorithms. + Algorithm[] supportedAlgorithms; + }; + + dictionary SetCertificatesDetails { + // When called in response to $(ref:onCertificatesUpdateRequested), should + // contain the receivedcertificatesRequestId value. Otherwise,
+ // should be unset.
+ long? certificatesRequestId;
+ // Error that occurred while extracting the certificates, if any. This error
+ // will be surfaced to the user when appropriate.
+ Error? error;
+ // List of currently available client certificates.
+ ClientCertificateInfo[] clientCertificates;
+ };
+
+ dictionary CertificatesUpdateRequest {
+ // Request identifier to be passed to $(ref:setCertificates).
+ long certificatesRequestId;
+ };
+
+ dictionary SignatureRequest {
+ // Request identifier to be passed to $(ref:reportSignature).
+ long signRequestId;
+ // Data to be signed. Note that the data is not hashed.
+ ArrayBuffer input;
+ // Signature algorithm to be used.
+ Algorithm algorithm;
+ // The DER encoding of a X.509 certificate. The extension must sign
+ // input using the associated private key.
+ ArrayBuffer certificate;
+ };
+
+ dictionary ReportSignatureDetails {
+ // Request identifier that was received via the $(ref:onSignatureRequested)
+ // event.
+ long signRequestId;
+ // Error that occurred while generating the signature, if any.
+ Error? error;
+ // The signature, if successfully generated.
+ ArrayBuffer? signature;
+ };
+
+ // Deprecated. Replaced by $(ref:Algorithm).
+ enum Hash {
+ // Specifies the MD5 and SHA1 hashing algorithms.
+ MD5_SHA1,
+ // Specifies the SHA1 hashing algorithm.
+ SHA1,
+ // Specifies the SHA256 hashing algorithm.
+ SHA256,
+ // Specifies the SHA384 hashing algorithm.
+ SHA384,
+ // Specifies the SHA512 hashing algorithm.
+ SHA512
+ };
+
+ // The type of code being requested by the extension with requestPin function.
+ enum PinRequestType {
+ // Specifies the requested code is a PIN.
+ PIN,
+ // Specifies the requested code is a PUK.
+ PUK
+ };
+
+ // The types of errors that can be presented to the user through the
+ // requestPin function.
+ enum PinRequestErrorType {
+ // Specifies the PIN is invalid.
+ INVALID_PIN,
+ // Specifies the PUK is invalid.
+ INVALID_PUK,
+ // Specifies the maximum attempt number has been exceeded.
+ MAX_ATTEMPTS_EXCEEDED,
+ // Specifies that the error cannot be represented by the above types.
+ UNKNOWN_ERROR
+ };
+
+ // Deprecated. Replaced by $(ref:ClientCertificateInfo).
+ dictionary CertificateInfo {
+ // Must be the DER encoding of a X.509 certificate. Currently, only
+ // certificates of RSA keys are supported.
+ ArrayBuffer certificate;
+
+ // Must be set to all hashes supported for this certificate. This extension
+ // will only be asked for signatures of digests calculated with one of these
+ // hash algorithms. This should be in order of decreasing hash preference.
+ Hash[] supportedHashes;
+ };
+
+ // Deprecated. Replaced by $(ref:SignatureRequest).
+ dictionary SignRequest {
+ // The unique ID to be used by the extension should it need to call a method
+ // that requires it, e.g. requestPin.
+ long signRequestId;
+
+ // The digest that must be signed.
+ ArrayBuffer digest;
+
+ // Refers to the hash algorithm that was used to create digest.
+ Hash hash;
+
+ // The DER encoding of a X.509 certificate. The extension must sign
+ // digest using the associated private key.
+ ArrayBuffer certificate;
+ };
+
+ dictionary RequestPinDetails {
+ // The ID given by Chrome in SignRequest.
+ long signRequestId;
+
+ // The type of code requested. Default is PIN.
+ PinRequestType? requestType;
+
+ // The error template displayed to the user. This should be set if the
+ // previous request failed, to notify the user of the failure reason.
+ PinRequestErrorType? errorType;
+
+ // The number of attempts left. This is provided so that any UI can present
+ // this information to the user. Chrome is not expected to enforce this,
+ // instead stopPinRequest should be called by the extension with
+ // errorType = MAX_ATTEMPTS_EXCEEDED when the number of pin requests is
+ // exceeded.
+ long? attemptsLeft;
+ };
+
+ dictionary StopPinRequestDetails {
+ // The ID given by Chrome in SignRequest.
+ long signRequestId;
+
+ // The error template. If present it is displayed to user. Intended to
+ // contain the reason for stopping the flow if it was caused by an error,
+ // e.g. MAX_ATTEMPTS_EXCEEDED.
+ PinRequestErrorType? errorType;
+ };
+
+ dictionary PinResponseDetails {
+ // The code provided by the user. Empty if user closed the dialog or some
+ // other error occurred.
+ DOMString? userInput;
+ };
+
+ callback RequestPinCallback = void (optional PinResponseDetails details);
+
+ callback StopPinRequestCallback = void ();
+
+ callback SetCertificatesCallback = void ();
+
+ callback ReportSignatureCallback = void ();
+
+ // The callback provided by the extension that Chrome uses to report back
+ // rejected certificates. See CertificatesCallback.
+ callback ResultCallback = void (ArrayBuffer[] rejectedCertificates);
+
+ // If no error occurred, this function must be called with the signature of
+ // the digest using the private key of the requested certificate.
+ // For an RSA key, the signature must be a PKCS#1 signature. The extension
+ // is responsible for prepending the DigestInfo prefix and adding PKCS#1
+ // padding. If an error occurred, this callback should be called without
+ // signature.
+ callback SignCallback = void (optional ArrayBuffer signature);
+
+ // Call this exactly once with the list of certificates that this extension is
+ // providing. The list must only contain certificates for which the extension
+ // can sign data using the associated private key. If the list contains
+ // invalid certificates, these will be ignored. All valid certificates are
+ // still registered for the extension. Chrome will call back with the list of
+ // rejected certificates, which might be empty.
+ callback CertificatesCallback =
+ void (CertificateInfo[] certificates, ResultCallback callback);
+
+ interface Events {
+ // This event fires if the certificates set via $(ref:setCertificates)
+ // are insufficient or the browser requests updated information. The
+ // extension must call $(ref:setCertificates) with the updated list of
+ // certificates and the received certificatesRequestId.
+ static void onCertificatesUpdateRequested(
+ CertificatesUpdateRequest request);
+
+ // This event fires every time the browser needs to sign a message using a
+ // certificate provided by this extension via $(ref:setCertificates).
+ // The extension must sign the input data from request using
+ // the appropriate algorithm and private key and return it by calling
+ // $(ref:reportSignature) with the received signRequestId.
This event fires every time the browser requests the current list of
+ // certificates provided by this extension. The extension must call
+ // reportCallback exactly once with the current list of
+ // certificates.
request using the
+ // appropriate algorithm and private key and return it by calling
+ // reportCallback. reportCallback must be called
+ // exactly once.
+ // |request|: Contains the details about the sign request.
+ [deprecated="Use $(ref:onSignatureRequested) instead."]
+ static void onSignDigestRequested(SignRequest request,
+ SignCallback reportCallback);
+ };
+
+ interface Functions {
+ // Requests the PIN from the user. Only one ongoing request at a time is
+ // allowed. The requests issued while another flow is ongoing are rejected.
+ // It's the extension's responsibility to try again later if another flow is
+ // in progress.
+ // |details|: Contains the details about the requested dialog.
+ // |callback|: Is called when the dialog is resolved with the user input, or
+ // when the dialog request finishes unsuccessfully (e.g. the dialog was
+ // canceled by the user or was not allowed to be shown).
+ [supportsPromises] static void requestPin(RequestPinDetails details,
+ RequestPinCallback callback);
+
+ // Stops the pin request started by the $(ref:requestPin) function.
+ // |details|: Contains the details about the reason for stopping the
+ // request flow.
+ // |callback|: To be used by Chrome to send to the extension the status from
+ // their request to close PIN dialog for user.
+ [supportsPromises] static void stopPinRequest(
+ StopPinRequestDetails details,
+ StopPinRequestCallback callback);
+
+ // Sets a list of certificates to use in the browser.
+ // The extension should call this function after initialization and on + // every change in the set of currently available certificates. The + // extension should also call this function in response to + // $(ref:onCertificatesUpdateRequested) every time this event is + // received.
+ // |details|: The certificates to set. Invalid certificates will be ignored. + // |callback|: Called upon completion. + [supportsPromises] static void setCertificates( + SetCertificatesDetails details, + optional SetCertificatesCallback callback); + + // Should be called as a response to $(ref:onSignatureRequested). + //The extension must eventually call this function for every + // $(ref:onSignatureRequested) event; the API implementation will stop + // waiting for this call after some time and respond with a timeout + // error when this function is called.
+ [supportsPromises] static void reportSignature( + ReportSignatureDetails details, + optional ReportSignatureCallback callback); + }; +}; diff --git a/tools/under-control/src/chrome/common/extensions/api/certificate_provider_internal.idl b/tools/under-control/src/chrome/common/extensions/api/certificate_provider_internal.idl new file mode 100755 index 000000000..46af85294 --- /dev/null +++ b/tools/under-control/src/chrome/common/extensions/api/certificate_provider_internal.idl @@ -0,0 +1,34 @@ +// Copyright 2015 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// Internal API backing the chrome.certificateProvider API events. +// The internal API associates events with replies to these events using request +// IDs. A custom binding is used to hide these IDs from the public API. +// Before an event hits the extension, the request ID is removed and instead a +// callback is added to the event arguments. On the way back, when the extension +// runs the callback to report its results, the callback magically prepends the +// request ID to the results and calls the respective internal report function +// (reportSignature or reportCertificates). +[implemented_in = "chrome/browser/extensions/api/certificate_provider/certificate_provider_api.h"] +namespace certificateProviderInternal { + callback DoneCallback = void (); + callback ResultCallback = void (ArrayBuffer[] rejectedCertificates); + + interface Functions { + // Matches certificateProvider.SignCallback. Must be called without the + // signature to report an error. + [supportsPromises] static void reportSignature( + long requestId, + optional ArrayBuffer signature, + optional DoneCallback callback); + + // Matches certificateProvider.CertificatesCallback. Must be called without + // the certificates argument to report an error. + [supportsPromises] static void reportCertificates( + long requestId, + optional certificateProvider.CertificateInfo[] certificates, + optional ResultCallback callback); + }; +}; + diff --git a/tools/under-control/src/chrome/common/extensions/api/chrome_url_overrides.idl b/tools/under-control/src/chrome/common/extensions/api/chrome_url_overrides.idl new file mode 100755 index 000000000..f6cdf569a --- /dev/null +++ b/tools/under-control/src/chrome/common/extensions/api/chrome_url_overrides.idl @@ -0,0 +1,25 @@ +// Copyright 2021 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// Stub namespace for the "chrome_url_overrides" manifest key. +namespace chrome_url_overrides { + dictionary UrlOverrideInfo { + // Override for the chrome://newtab page. + DOMString? newtab; + + // Override for the chrome://bookmarks page. + DOMString? bookmarks; + + // Override for the chrome://history page. + DOMString? history; + + [nodoc, platforms=("chromeos")] DOMString? activationmessage; + [nodoc, platforms=("chromeos")] DOMString? keyboard; + }; + + dictionary ManifestKeys { + // Chrome url overrides. Note that an extension can override only one page. + UrlOverrideInfo chrome_url_overrides; + }; +}; diff --git a/tools/under-control/src/chrome/common/extensions/api/crash_report_private.idl b/tools/under-control/src/chrome/common/extensions/api/crash_report_private.idl new file mode 100755 index 000000000..3bbb81328 --- /dev/null +++ b/tools/under-control/src/chrome/common/extensions/api/crash_report_private.idl @@ -0,0 +1,53 @@ +// Copyright 2019 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// Private API for Chrome component extensions to report errors. +[platforms=("chromeos")] +namespace crashReportPrivate { + // A dictionary containing additional context about the error. + dictionary ErrorInfo { + // The error message. + DOMString message; + + // URL where the error occurred. + // Must be the full URL, containing the protocol (e.g. + // http://www.example.com). + DOMString url; + + // Name of the product where the error occurred. + // Defaults to the product variant of Chrome that is hosting the extension. + // (e.g. "Chrome" or "Chrome_ChromeOS"). + DOMString? product; + + // Version of the product where the error occurred. + // Defaults to the version of Chrome that is hosting the extension (e.g. + // "73.0.3683.75"). + DOMString? version; + + // Line number where the error occurred. + long? lineNumber; + + // Column number where the error occurred. + long? columnNumber; + + // Used to map the obfuscated source code back to a source map. If present, + // must match the debug_id used to upload the source map. + DOMString? debugId; + + // String containing the stack trace for the error. + // Defaults to the empty string. + DOMString? stackTrace; + }; + + // Callback for |reportError|. + callback ReportCallback = void (); + + interface Functions { + // Report and upload an error to Crash. + // |info|: Information about the error. + // |callback|: Called when the error has been uploaded. + [supportsPromises] static void reportError(ErrorInfo info, + ReportCallback callback); + }; +}; diff --git a/tools/under-control/src/chrome/common/extensions/api/developer_private.idl b/tools/under-control/src/chrome/common/extensions/api/developer_private.idl new file mode 100755 index 000000000..ec8608050 --- /dev/null +++ b/tools/under-control/src/chrome/common/extensions/api/developer_private.idl @@ -0,0 +1,869 @@ +// Copyright 2012 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// developerPrivate API. +// This is a private API exposing developing and debugging functionalities for +// apps and extensions. +namespace developerPrivate { + + // DEPRECATED: Prefer ExtensionType. + enum ItemType { + hosted_app, + packaged_app, + legacy_packaged_app, + extension, + theme + }; + + // DEPRECATED: Prefer ExtensionView. + dictionary ItemInspectView { + // path to the inspect page. + DOMString path; + + // For lazy background pages, the value is -1. + long render_process_id; + // This actually refers to a render frame. + long render_view_id; + + boolean incognito; + boolean generatedBackgroundPage; + }; + + // DEPRECATED: Use OpenDevTools. + dictionary InspectOptions { + DOMString extension_id; + (DOMString or long) render_process_id; + (DOMString or long) render_view_id; + boolean incognito; + }; + + dictionary InstallWarning { + DOMString message; + }; + + enum ExtensionType { + HOSTED_APP, + PLATFORM_APP, + LEGACY_PACKAGED_APP, + EXTENSION, + THEME, + SHARED_MODULE + }; + + enum Location { + FROM_STORE, + UNPACKED, + THIRD_PARTY, + INSTALLED_BY_DEFAULT, + // "Unknown" includes crx's installed from chrome://extensions. + UNKNOWN + }; + + enum ViewType { + APP_WINDOW, + BACKGROUND_CONTENTS, + COMPONENT, + EXTENSION_BACKGROUND_PAGE, + EXTENSION_GUEST, + EXTENSION_POPUP, + EXTENSION_SERVICE_WORKER_BACKGROUND, + TAB_CONTENTS, + OFFSCREEN_DOCUMENT, + EXTENSION_SIDE_PANEL + }; + + enum ErrorType { + MANIFEST, + RUNTIME + }; + + enum ErrorLevel { + LOG, + WARN, + ERROR + }; + + enum ExtensionState { + ENABLED, + DISABLED, + TERMINATED, + BLACKLISTED + }; + + enum CommandScope { + GLOBAL, + CHROME + }; + + dictionary AccessModifier { + boolean isEnabled; + boolean isActive; + }; + + dictionary StackFrame { + long lineNumber; + long columnNumber; + DOMString url; + DOMString functionName; + }; + + dictionary ManifestError { + ErrorType type; + DOMString extensionId; + boolean fromIncognito; + DOMString source; + DOMString message; + long id; + DOMString manifestKey; + DOMString? manifestSpecific; + }; + + dictionary RuntimeError { + ErrorType type; + DOMString extensionId; + boolean fromIncognito; + DOMString source; + DOMString message; + long id; + ErrorLevel severity; + DOMString contextUrl; + long occurrences; + long renderViewId; + long renderProcessId; + boolean canInspect; + StackFrame[] stackTrace; + }; + + dictionary DisableReasons { + boolean suspiciousInstall; + boolean corruptInstall; + boolean updateRequired; + boolean publishedInStoreRequired; + boolean blockedByPolicy; + boolean reloading; + boolean custodianApprovalRequired; + boolean parentDisabledPermissions; + }; + + dictionary OptionsPage { + boolean openInTab; + DOMString url; + }; + + dictionary HomePage { + DOMString url; + boolean specified; + }; + + dictionary ExtensionView { + DOMString url; + long renderProcessId; + // This actually refers to a render frame. + long renderViewId; + boolean incognito; + boolean isIframe; + ViewType type; + }; + + enum HostAccess { + ON_CLICK, + ON_SPECIFIC_SITES, + ON_ALL_SITES + }; + + dictionary SafetyCheckStrings { + DOMString? panelString; + DOMString? detailString; + }; + + dictionary ControlledInfo { + DOMString text; + }; + + dictionary Command { + DOMString description; + DOMString keybinding; + DOMString name; + boolean isActive; + CommandScope scope; + boolean isExtensionAction; + }; + + dictionary DependentExtension { + DOMString id; + DOMString name; + }; + + dictionary Permission { + DOMString message; + DOMString[] submessages; + }; + + dictionary SiteControl { + // The host pattern for the site. + DOMString host; + // Whether the pattern has been granted. + boolean granted; + }; + + dictionary RuntimeHostPermissions { + // True if |hosts| contains an all hosts like pattern. + boolean hasAllHosts; + + // The current HostAccess setting for the extension. + HostAccess hostAccess; + + // The site controls for all granted and requested patterns. + SiteControl[] hosts; + }; + + dictionary Permissions { + Permission[] simplePermissions; + + // Only populated for extensions that can be affected by the runtime host + // permissions feature. + RuntimeHostPermissions? runtimeHostPermissions; + + // True if the extension can access site data through host permissions or + // API permissions such as activeTab. + boolean canAccessSiteData; + }; + + dictionary ExtensionInfo { + DOMString? blacklistText; + SafetyCheckStrings? safetyCheckText; + Command[] commands; + ControlledInfo? controlledInfo; + DependentExtension[] dependentExtensions; + DOMString description; + DisableReasons disableReasons; + AccessModifier errorCollection; + AccessModifier fileAccess; + HomePage homePage; + DOMString iconUrl; + DOMString id; + AccessModifier incognitoAccess; + DOMString[] installWarnings; + DOMString? launchUrl; + Location location; + DOMString? locationText; + ManifestError[] manifestErrors; + DOMString manifestHomePageUrl; + boolean mustRemainInstalled; + DOMString name; + boolean offlineEnabled; + OptionsPage? optionsPage; + DOMString? path; + Permissions permissions; + DOMString? prettifiedPath; + RuntimeError[] runtimeErrors; + DOMString[] runtimeWarnings; + ExtensionState state; + ExtensionType type; + DOMString updateUrl; + boolean userMayModify; + DOMString version; + ExtensionView[] views; + DOMString webStoreUrl; + boolean showSafeBrowsingAllowlistWarning; + boolean showAccessRequestsInToolbar; + boolean acknowledgeSafetyCheckWarning; + boolean? pinnedToToolbar; + }; + + dictionary ProfileInfo { + boolean canLoadUnpacked; + boolean inDeveloperMode; + boolean isDeveloperModeControlledByPolicy; + boolean isIncognitoAvailable; + boolean isChildAccount; + }; + + // DEPRECATED: Prefer ExtensionInfo. + dictionary ItemInfo { + DOMString id; + DOMString name; + DOMString version; + DOMString description; + boolean may_disable; + boolean enabled; + boolean isApp; + ItemType type; + boolean allow_activity; + boolean allow_file_access; + boolean wants_file_access; + boolean incognito_enabled; + boolean is_unpacked; + boolean allow_reload; + boolean terminated; + boolean allow_incognito; + DOMString icon_url; + + // Path of an unpacked extension. + DOMString? path; + + // Options settings page for the item. + DOMString? options_url; + DOMString? app_launch_url; + DOMString? homepage_url; + DOMString? update_url; + InstallWarning[] install_warnings; + any[] manifest_errors; + any[] runtime_errors; + boolean offline_enabled; + + // All views of the current extension. + ItemInspectView[] views; + }; + + dictionary GetExtensionsInfoOptions { + boolean? includeDisabled; + boolean? includeTerminated; + }; + + dictionary ExtensionConfigurationUpdate { + DOMString extensionId; + boolean? fileAccess; + boolean? incognitoAccess; + boolean? errorCollection; + HostAccess? hostAccess; + boolean? showAccessRequestsInToolbar; + boolean? acknowledgeSafetyCheckWarning; + boolean? pinnedToToolbar; + }; + + dictionary ProfileConfigurationUpdate { + boolean? inDeveloperMode; + }; + + dictionary ExtensionCommandUpdate { + DOMString extensionId; + DOMString commandName; + CommandScope? scope; + DOMString? keybinding; + }; + + dictionary ReloadOptions { + // If false, an alert dialog will show in the event of a reload error. + // Defaults to false. + boolean? failQuietly; + + // If true, populates a LoadError for the response rather than setting + // lastError. Only relevant for unpacked extensions; it will be ignored for + // any other extension. + boolean? populateErrorForUnpacked; + }; + + dictionary LoadUnpackedOptions { + // If false, an alert dialog will show in the event of a reload error. + // Defaults to false. + boolean? failQuietly; + + // If true, populates a LoadError for the response rather than setting + // lastError. + boolean? populateError; + + // A unique identifier for retrying a previous failed load. This should be + // the identifier returned in the LoadError. If specified, the path + // associated with the identifier will be loaded, and the file chooser + // will be skipped. + DOMString? retryGuid; + + // True if the function should try to load an extension from the drop data + // of the page. notifyDragInstallInProgress() needs to be called prior to + // this being used. This cannot be used with |retryGuid|. + boolean? useDraggedPath; + }; + + // Describes which set of sites a given url/string is associated with. Note + // that a site can belong to multiple sets at the same time. + enum SiteSet { + // The site is specified by the user to automatically grant access to all + // extensions with matching host permissions. Mutually exclusive with + // USER_RESTRICTED but takes precedence over EXTENSION_SPECIFIED. + USER_PERMITTED, + // The site is specified by the user to disallow all extensions from running + // on it. Mutually exclusive with USER_PERMITTED but takes precedence over + // EXTENSION_SPECIFIED. + USER_RESTRICTED, + // The site is specified by one or more extensions' set of host permissions. + EXTENSION_SPECIFIED + }; + + dictionary UserSiteSettingsOptions { + // Specifies which set of user specified sites that the host will be added + // to or removed from. + SiteSet siteSet; + // The sites to add/remove. + DOMString[] hosts; + }; + + dictionary UserSiteSettings { + // The list of origins where the user has allowed all extensions to run on. + DOMString[] permittedSites; + // The list of origins where the user has blocked all extensions from + // running on. + DOMString[] restrictedSites; + }; + + dictionary SiteInfo { + // The site set that `site` belongs to. + SiteSet siteSet; + // The number of extensions with access to `site`. + // TODO(crbug.com/1331137): A tricky edge case is when one extension + // specifies something like *.foo.com and another specifies foo.com. + // Patterns which match all subdomains should be represented differently. + long numExtensions; + // The site itself. This could either be a user specified site or an + // extension host permission pattern. + DOMString site; + }; + + dictionary SiteGroup { + // The common effective top level domain plus one (eTLD+1) for all sites in + // `sites`. + DOMString etldPlusOne; + // The number of extensions that can run on at least one site inside `sites` + // for this eTLD+1. + long numExtensions; + // The list of user or extension specified sites that share the same eTLD+1. + SiteInfo[] sites; + }; + + dictionary MatchingExtensionInfo { + // The id of the matching extension. + DOMString id; + // Describes the extension's access to the queried site from + // getMatchingExtensionsForSite. Note that the meaning is different from the + // original enum: + // - ON_CLICK: The extension requested access to the site but its access is + // withheld. + // - ON_SPECIFIC_SITES: the extension is permitted to run on at least one + // site specified by the queried site but it does not request access to + // all sites or it has its access withheld on at least one site in its + // host permissions. + // - ON_ALL_SITES: the extension is permitted to run on all sites. + HostAccess siteAccess; + // Whether the matching extension requests access to all sites in its + // host permissions. + boolean canRequestAllSites; + }; + + dictionary ExtensionSiteAccessUpdate { + // The id of the extension to update its site access settings for. + DOMString id; + // Describes the update made to the extension's site access for a given site + // Note that this has a different meaning from the original enum: + // - ON_CLICK: Withholds the extension's access to the given site, + // - ON_SPECIFIC_SITES: Grants the extension access to the intersection of + // (given site, extension's specified host permissions.) + // - ON_ALL_SITES: Grants access to all of the extension's specified host + // permissions. + HostAccess siteAccess; + }; + + enum PackStatus { + SUCCESS, + ERROR, + WARNING + }; + + enum FileType { + LOAD, + PEM + }; + + enum SelectType { + FILE, + FOLDER + }; + + enum EventType { + INSTALLED, + UNINSTALLED, + LOADED, + UNLOADED, + // New window / view opened. + VIEW_REGISTERED, + // window / view closed. + VIEW_UNREGISTERED, + ERROR_ADDED, + ERRORS_REMOVED, + PREFS_CHANGED, + WARNINGS_CHANGED, + COMMAND_ADDED, + COMMAND_REMOVED, + PERMISSIONS_CHANGED, + SERVICE_WORKER_STARTED, + SERVICE_WORKER_STOPPED, + CONFIGURATION_CHANGED, + PINNED_ACTIONS_CHANGED + }; + + dictionary PackDirectoryResponse { + // The response message of success or error. + DOMString message; + + // Unpacked items's path. + DOMString item_path; + + // Permanent key path. + DOMString pem_path; + + long override_flags; + PackStatus status; + }; + + dictionary ProjectInfo { + DOMString name; + }; + + dictionary EventData { + EventType event_type; + DOMString item_id; + ExtensionInfo? extensionInfo; + }; + + dictionary ErrorFileSource { + // The region before the "highlight" portion. + // If the region which threw the error was not found, the full contents of + // the file will be in the "beforeHighlight" section. + DOMString beforeHighlight; + + // The region of the code which threw the error, and should be highlighted. + DOMString highlight; + + // The region after the "highlight" portion. + DOMString afterHighlight; + }; + + dictionary LoadError { + // The error that occurred when trying to load the extension. + DOMString error; + + // The path to the extension. + DOMString path; + + // The file source for the error, if it could be retrieved. + ErrorFileSource? source; + + // A unique identifier to pass to developerPrivate.loadUnpacked to retry + // loading the extension at the same path. + DOMString retryGuid; + }; + + dictionary RequestFileSourceProperties { + // The ID of the extension owning the file. + DOMString extensionId; + + // The path of the file, relative to the extension; e.g., manifest.json, + // script.js, or main.html. + DOMString pathSuffix; + + // The error message which was thrown as a result of the error in the file. + DOMString message; + + // The key in the manifest which caused the error (e.g., "permissions"). + // (Required for "manifest.json" files) + DOMString? manifestKey; + + // The specific portion of the manifest key which caused the error (e.g., + // "foo" in the "permissions" key). (Optional for "manifest.json" file). + DOMString? manifestSpecific; + + // The line number which caused the error (optional for non-manifest files). + long? lineNumber; + }; + + dictionary RequestFileSourceResponse { + // The region of the code which threw the error, and should be highlighted. + DOMString highlight; + + // The region before the "highlight" portion. + // If the region which threw the error was not found, the full contents of + // the file will be in the "beforeHighlight" section. + DOMString beforeHighlight; + + // The region after the "highlight" portion. + DOMString afterHighlight; + + // A title for the file in the form 'chrome.documentScan API to discover and retrieve
+// images from attached paper document scanners.
+[platforms=("chromeos", "lacros"),
+implemented_in="chrome/browser/extensions/api/document_scan/document_scan_api.h"]
+namespace documentScan {
+ dictionary ScanOptions {
+ // The MIME types that are accepted by the caller.
+ DOMString[]? mimeTypes;
+
+ // The number of scanned images allowed (defaults to 1).
+ long? maxImages;
+ };
+
+ dictionary ScanResults {
+ // The data image URLs in a form that can be passed as the "src" value to
+ // an image tag.
+ DOMString[] dataUrls;
+
+ // The MIME type of dataUrls.
+ DOMString mimeType;
+ };
+
+ // OperationResult is an enum that indicates the result of each operation
+ // performed by the backend. It contains the same causes as SANE_Status plus
+ // additional statuses that come from the IPC layers and image conversion
+ // stages.
+ [nodoc] enum OperationResult {
+ // An unknown or generic failure occurred.
+ UNKNOWN,
+
+ // Operation succeeded.
+ SUCCESS,
+
+ // The operation is not supported.
+ UNSUPPORTED,
+
+ // The operation was cancelled.
+ CANCELLED,
+
+ // The device is busy.
+ DEVICE_BUSY,
+
+ // Data or argument is invalid.
+ INVALID,
+
+ // Value is the wrong type for the underlying option.
+ WRONG_TYPE,
+
+ // No more data is available.
+ EOF,
+
+ // The document feeder is jammed.
+ ADF_JAMMED,
+
+ // The document feeder is empty.
+ ADF_EMPTY,
+
+ // The flatbed cover is open.
+ COVER_OPEN,
+
+ // An error occurred while communicating with the device.
+ IO_ERROR,
+
+ // The device requires authentication.
+ ACCESS_DENIED,
+
+ // Not enough memory was available to complete the operation.
+ NO_MEMORY,
+
+ // The device was not reachable.
+ UNREACHABLE,
+
+ // The device was disconnected.
+ MISSING,
+
+ // An internal error occurred.
+ INTERNAL_ERROR
+ };
+
+ // How the scanner is connected to the computer.
+ [nodoc] enum ConnectionType {
+ UNSPECIFIED,
+ USB,
+ NETWORK
+ };
+
+ // ScannerInfo contains general information about a scanner device. It is
+ // intended for filtering and constructing user-facing information, not for
+ // configuring a scan.
+ [nodoc] dictionary ScannerInfo {
+ // For connecting with openScanner.
+ DOMString scannerId;
+
+ // Printable name for displaying in the UI.
+ DOMString name;
+
+ // Scanner manufacturer.
+ DOMString manufacturer;
+
+ // Scanner model if available, or a generic description.
+ DOMString model;
+
+ // For matching against other ScannerInfo entries that point
+ // to the same physical device.
+ DOMString deviceUuid;
+
+ // How the scanner is connected to the computer.
+ ConnectionType connectionType;
+
+ // If true, the scanner connection's transport cannot be intercepted by a
+ // passive listener, such as TLS or USB.
+ boolean secure;
+
+ // MIME types that can be requested for returned scans.
+ DOMString[] imageFormats;
+ };
+
+ // The type of an option. This is the same set of types as SANE_Value_Type.
+ [nodoc] enum OptionType {
+ // Unknown option type. value will be unset.
+ UNKNOWN,
+
+ // true/false only. value will be a boolean.
+ BOOL,
+
+ // Signed 32-bit integer. value will be long or long[],
+ // depending on whether the option takes more than one value.
+ INT,
+
+ // Double in the range -32768-32767.9999 with a resolution of 1/65535.
+ // value will be double or double[] depending on whether the
+ // option takes more than one value.
+ FIXED,
+
+ // A sequence of any bytes except NUL ('\0'). value will be a
+ // DOMString.
+ STRING,
+
+ // Hardware button or toggle. No value.
+ BUTTON,
+
+ // Grouping option. No value. This is included for compatibility, but
+ // will not normally be returned in ScannerOption values. Use
+ // getOptionGroups() to retrieve the list of groups with their
+ // member options.
+ GROUP
+ };
+
+ // The unit of measurement for an option. This is the same set of units as
+ // SANE_Unit.
+ [nodoc] enum OptionUnit {
+ // Value is a unitless number, e.g. threshold.
+ UNITLESS,
+
+ // Value is a number of pixels, e.g., scan dimensions.
+ PIXEL,
+
+ // Value is the number of bits, e.g., color depth.
+ BIT,
+
+ // Value is measured in millimeters, e.g., scan dimensions.
+ MM,
+
+ // Value is measured in dots per inch, e.g., resolution.
+ DPI,
+
+ // Value is a percent, e.g., brightness.
+ PERCENT,
+
+ // Value is measured in microseconds, e.g., exposure time.
+ MICROSECOND
+ };
+
+ // The type of constraint represented by an OptionConstraint.
+ [nodoc] enum ConstraintType {
+ // Constraint represents a range of OptionType.INT values.
+ // min, max, and quant will be
+ // long, and list will be unset.
+ INT_RANGE,
+
+ // Constraint represents a range of OptionType.FIXED values.
+ // min, max, and quant will be
+ // double, and list will be unset.
+ FIXED_RANGE,
+
+ // Constraint represents a specific list of OptionType.INT
+ // values. list will contain long values, and
+ // the other fields will be unset.
+ INT_LIST,
+
+ // Constraint represents a specific list of OptionType.FIXED
+ // values. list will contain double values, and
+ // the other fields will be unset.
+ FIXED_LIST,
+
+ // Constraint represents a specific list of OptionType.STRING
+ // values. list will contain DOMString values,
+ // and the other fields will be unset.
+ STRING_LIST
+ };
+
+ // OptionConstraint represents the same set of value constraints
+ // as SANE_Constraint_Type, with the exception that an unconstrained value is
+ // represented by a lack of constraint rather than a special
+ // SANE_CONSTRAINT_NONE value.
+ [nodoc] dictionary OptionConstraint {
+ ConstraintType type;
+ (long or double)? min;
+ (long or double)? max;
+ (long or double)? quant;
+ (double[] or long[] or DOMString[])? list;
+ };
+
+ // How an option can be changed.
+ [nodoc] enum Configurability {
+ // Option is read-only and cannot be changed.
+ NOT_CONFIGURABLE,
+
+ // Option can be set in software.
+ SOFTWARE_CONFIGURABLE,
+
+ // Option can be set by the user toggling/pushing a hardware button.
+ HARDWARE_CONFIGURABLE
+ };
+
+ // A self-describing configurable scanner option and current value, in the
+ // same style as SANE's SANE_Option_Descriptor and sane_control_option().
+ [nodoc] dictionary ScannerOption {
+ // Option name using lowercase a-z, numbers, and dashes.
+ DOMString name;
+
+ // Printable one-line title.
+ DOMString title;
+
+ // Longer description of the option.
+ DOMString description;
+
+ // The type that value will contain and that is needed for
+ // setting this option.
+ OptionType type;
+
+ // Unit of measurement for this option.
+ OptionUnit unit;
+
+ // Current value of the option if relevant. Note the type passed here must
+ // match the type specified in type.
+ (boolean or double or double[] or long or long[] or DOMString)? value;
+
+ // Constraint on possible values.
+ OptionConstraint? constraint;
+
+ // Can be detected from software.
+ boolean isDetectable;
+
+ // Whether/how the option can be changed.
+ Configurability configurability;
+
+ // Can be automatically set by the backend.
+ boolean isAutoSettable;
+
+ // Emulated by the backend if true.
+ boolean isEmulated;
+
+ // Option is active and can be set/retrieved. If false, the
+ // value field will not be set.
+ boolean isActive;
+
+ // UI should not display this option by default.
+ boolean isAdvanced;
+
+ // Option is used for internal configuration and should never be displayed
+ // in the UI.
+ boolean isInternal;
+ };
+
+ // A set of criteria passed to getScannerList(). Only devices
+ // that match all of the criteria will be returned.
+ [nodoc] dictionary DeviceFilter {
+ // Only return scanners that are directly attached to the computer.
+ boolean? local;
+
+ // Only return scanners that use a secure transport, such as USB or TLS.
+ boolean? secure;
+ };
+
+ // OptionGroup is a group containing a list of option names. The groups and
+ // their contents are determined by the backend and do not have any defined
+ // semantics or consistent membership. This structure is primarily intended
+ // for UI layout assistance; it does not affect the individual option
+ // behaviors.
+ [nodoc] dictionary OptionGroup {
+ // Printable title, e.g. "Geometry options".
+ DOMString title;
+
+ // Names of contained options, in backend-provided order.
+ DOMString[] members;
+ };
+
+ // The response from getScannerList().
+ [nodoc] dictionary GetScannerListResponse {
+ // The backend's enumeration result. Note that partial results could be
+ // returned even if this indicates an error.
+ OperationResult result;
+
+ // A possibly-empty list of scanners that match the provided
+ // DeviceFilter.
+ ScannerInfo[] scanners;
+ };
+
+ // The response from openScanner().
+ [nodoc] dictionary OpenScannerResponse {
+ // Same scanner ID passed to openScanner().
+ DOMString scannerId;
+
+ // Backend result of opening the scanner.
+ OperationResult result;
+
+ // If result is OperationResult.SUCCESS, a handle
+ // to the scanner that can be used for further operations.
+ DOMString? scannerHandle;
+
+ // If result is OperationResult.SUCCESS, a
+ // key-value mapping from option names to ScannerOption.
+ object? options;
+ };
+
+ // The response from getOptionGroups().
+ [nodoc] dictionary GetOptionGroupsResponse {
+ // Same scanner handle passed to getOptionGroups().
+ DOMString scannerHandle;
+
+ // The backend's result of getting the option groups.
+ OperationResult result;
+
+ // If result is OperationResult.SUCCESS, a list of
+ // option groups in the order supplied by the backend.
+ OptionGroup[]? groups;
+ };
+
+ // The response from closeScanner().
+ [nodoc] dictionary CloseScannerResponse {
+ // Same scanner handle passed to closeScanner().
+ DOMString scannerHandle;
+
+ // Backend result of closing the scanner. Even if this value is not
+ // OperationResult.SUCCESS, the handle will be invalid and
+ // should not be used for any further operations.
+ OperationResult result;
+ };
+
+ // A subset of ScannerOption that contains enough information to
+ // set an option to a new value.
+ [nodoc] dictionary OptionSetting {
+ // Name of the option to set.
+ DOMString name;
+
+ // Type of the option. The requested type must match the real type of the
+ // underlying option.
+ OptionType type;
+
+ // Value to set. Leave unset to request automatic setting for options that
+ // have autoSettable enabled. The type supplied for
+ // value must match type.
+ (boolean or double or double[] or long or long[] or DOMString)? value;
+ };
+
+ // The result of setting an individual option. Each individual option
+ // supplied to setOptions() produces a separate result on the
+ // backend due to things like rounding and constraints.
+ [nodoc] dictionary SetOptionResult {
+ // Name of the option that was set.
+ DOMString name;
+
+ // Backend result of setting the option.
+ OperationResult result;
+ };
+
+ // The response from a call to setOptions().
+ [nodoc] dictionary SetOptionsResponse {
+ // The same scanner handle passed to setOptions().
+ DOMString scannerHandle;
+
+ // One result per passed-in OptionSetting.
+ SetOptionResult[] results;
+
+ // Updated key-value mapping from option names to
+ // ScannerOption containing the new configuration after
+ // attempting to set all supplied options. This has the same structure as
+ // the options field in OpenScannerResponse.
+ //
+ // This field will be set even if some options were not set successfully,
+ // but will be unset if retrieving the updated configuration fails (e.g.,
+ // if the scanner is disconnected in the middle).
+ object? options;
+ };
+
+ // Used to specify options for startScan().
+ [nodoc] dictionary StartScanOptions {
+ // MIME type to return scanned data in.
+ DOMString format;
+ };
+
+ // The response from startScan().
+ [nodoc] dictionary StartScanResponse {
+ // The same scanner handle that was passed to startScan().
+ DOMString scannerHandle;
+
+ // The backend's start scan result.
+ OperationResult result;
+
+ // If result is OperationResult.SUCCESS, a handle
+ // that can be used to read scan data or cancel the job.
+ DOMString? job;
+ };
+
+ // The response from cancelScan().
+ [nodoc] dictionary CancelScanResponse {
+ // The same job handle that was passed to cancelScan().
+ DOMString job;
+
+ // The backend's cancel scan result.
+ OperationResult result;
+ };
+
+ // The response from readScanData().
+ [nodoc] dictionary ReadScanDataResponse {
+ // Same job handle passed to readScanData().
+ DOMString job;
+
+ // The backend result of reading data. If this is
+ // OperationResult.SUCCESS, data will contain the
+ // next (possibly zero-length) chunk of image data that was ready for
+ // reading. If this is OperationResult.EOF, data
+ // will contain the final chunk of image data.
+ OperationResult result;
+
+ // If result is OperationResult.SUCCESS, the next chunk of
+ // scanned image data.
+ ArrayBuffer? data;
+
+ // If result is OperationResult.SUCCESS, an estimate of how
+ // much of the total scan data has been delivered so far, in the range
+ // 0-100.
+ long? estimatedCompletion;
+ };
+
+ // Callback from the scan method.
+ // |result| The results from the scan, if successful.
+ // Otherwise will return null and set runtime.lastError.
+ callback ScanCallback = void (ScanResults result);
+
+ // Callback from the getScannerList method.
+ // |response| The response from enumeration, if the call was valid.
+ // Otherwise will return null and set runtime.lastError.
+ [nodoc] callback GetScannerListCallback = void (GetScannerListResponse response);
+
+ // Callback from the openScanner method.
+ // |response| The response from opening the scanner, if the call was valid.
+ // Otherwise will return null and set runtime.lastError.
+ [nodoc] callback OpenScannerCallback = void (OpenScannerResponse response);
+
+ // Callback from the getOptionGroups method.
+ // |response| The response from getting the option groups, if the call was
+ // valid. Otherwise will return null and set runtime.lastError.
+ [nodoc] callback GetOptionGroupsCallback =
+ void (GetOptionGroupsResponse response);
+
+ // Callback from the closeScanner method.
+ // |response| The response from closing the scanner, if the call was valid.
+ // Otherwise will return null and set runtime.lastError.
+ [nodoc] callback CloseScannerCallback = void (CloseScannerResponse response);
+
+ // Callback from the setOptions method.
+ // |response| The response from setting the options, if the call was valid.
+ // Otherwise will return null and set runtime.lastError.
+ [nodoc] callback SetOptionsCallback = void (SetOptionsResponse response);
+
+ // Callback from the startScan method.
+ // |response| The response from starting the scan, if the call was valid.
+ // Otherwise will return null and set runtime.lastError.
+ [nodoc] callback StartScanCallback = void (StartScanResponse response);
+
+ // Callback from the cancelScan method.
+ // |response| The response from canceling the scan, if the call was valid.
+ // Otherwise will return null and set runtime.lastError.
+ [nodoc] callback CancelScanCallback = void (CancelScanResponse response);
+
+ // Callback from the readScanData method.
+ // |response| The response from reading the next chunk of scanned image data,
+ // if the call was valid. Otherwise will return null and set
+ // runtime.lastError.
+ [nodoc] callback ReadScanDataCallback = void (ReadScanDataResponse response);
+
+ interface Functions {
+ // Performs a document scan. On success, the PNG data will be
+ // sent to the callback.
+ // |options| : Object containing scan parameters.
+ // |callback| : Called with the result and data from the scan.
+ [supportsPromises] static void scan(ScanOptions options,
+ ScanCallback callback);
+
+ // Gets the list of available scanners. On success, the list will be
+ // sent to the callback.
+ // |filter| : DeviceFilter indicating which types of scanners
+ // should be returned.
+ // |callback| : Called with the result and list of scanners.
+ [nodoc, supportsPromises] static void getScannerList(
+ DeviceFilter filter, GetScannerListCallback callback);
+
+ // Opens a scanner for exclusive access. On success, the response containing
+ // a scanner handle and configuration will be sent to the callback.
+ // |scannerId| : Scanner id previously returned from getScannerList
+ // indicating which scanner should be opened.
+ // |callback| : Called with the result.
+ [nodoc, supportsPromises] static void openScanner(
+ DOMString scannerId, OpenScannerCallback callback);
+
+ // Gets the group names and member options from a scanner handle previously
+ // opened by openScanner.
+ // |scannerHandle| : Open scanner handle previously returned from
+ // openScanner.
+ // |callback| : Called with the result.
+ [nodoc, supportsPromises] static void getOptionGroups(
+ DOMString scannerHandle, GetOptionGroupsCallback callback);
+
+ // Closes a previously opened scanner handle. A response indicating the
+ // outcome will be sent to the callback. Even if the response is not a
+ // success, the supplied handle will become invalid and should not be used
+ // for further operations.
+ // |scannerHandle| : Open scanner handle previously returned from
+ // openScanner.
+ // |callback| : Called with the result.
+ [nodoc, supportsPromises] static void closeScanner(
+ DOMString scannerHandle, CloseScannerCallback callback);
+
+ // Sends the list of new option values in options as a bundle
+ // to be set on scannerHandle. Each option will be set by the
+ // backend the order specified. Returns a backend response indicating the
+ // result of each option setting and a new set of final option values after
+ // all options have been updated.
+ // |scannerHandle| : Open scanner handle previously returned from
+ // openScanner.
+ // |options| : A list of OptionSettings that will be applied to
+ // scannerHandle.
+ // |callback| : Called with the result.
+ [nodoc, supportsPromises] static void setOptions(
+ DOMString scannerHandle, OptionSetting[] options,
+ SetOptionsCallback callback);
+
+ // Starts a scan using a previously opened scanner handle. A response
+ // indicating the outcome will be sent to the callback. If successful, the
+ // response will include a job handle that can be used in subsequent calls
+ // to read scan data or cancel a scan.
+ // |scannerHandle| : Open scanner handle previously returned from
+ // openScanner.
+ // |options| : StartScanOptions indicating what options are to
+ // be used for the scan. StartScanOptions.format must match
+ // one of the entries returned in the scanner's ScannerInfo.
+ // |callback| : Called with the result.
+ [nodoc, supportsPromises] static void startScan(
+ DOMString scannerHandle, StartScanOptions options,
+ StartScanCallback callback);
+
+ // Cancels a scan that was previously started using startScan.
+ // The response is sent to the callback.
+ // |job| : An active scan job previously returned from
+ // startScan.
+ // |callback| : Called with the result.
+ [nodoc, supportsPromises] static void cancelScan(
+ DOMString job, CancelScanCallback callback);
+
+ // Reads the next chunk of available image data from an active job handle.
+ // A response indicating the outcome will be sent to the callback.
+ //
+ // It is valid for a response to have result
+ // OperationResult.SUCCESS with a zero-length
+ // data member. This means the scanner is still working but
+ // does not yet have additional data ready. The caller should wait a short
+ // time and try again.
+ //
+ // When the scan job completes, the response will have the result
+ // OperationResult.EOF. This response may contain a final
+ // non-zero data member.
+ // |job| : Active job handle previously returned from
+ // startScan.
+ // |callback| : Called with the result.
+ [nodoc, supportsPromises] static void readScanData(
+ DOMString job, ReadScanDataCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/downloads.idl b/tools/under-control/src/chrome/common/extensions/api/downloads.idl
new file mode 100755
index 000000000..36d357c6e
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/downloads.idl
@@ -0,0 +1,621 @@
+// Copyright 2012 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.downloads API to programmatically initiate,
+// monitor, manipulate, and search for downloads.
+[permissions=downloads]
+namespace downloads {
+ [inline_doc] dictionary HeaderNameValuePair {
+ // Name of the HTTP header.
+ DOMString name;
+
+ // Value of the HTTP header.
+ DOMString value;
+ };
+
+ // filename is changed to
+ // include a counter before the filename extension.filename is ignored if
+ // there are any $(ref:onDeterminingFilename) listeners registered by any
+ // extensions.
+ DOMString filename;
+
+ // The action to take if filename already exists.
+ FilenameConflictAction? conflictAction;
+ };
+
+ [inline_doc] enum HttpMethod {GET, POST};
+
+ enum InterruptReason {
+ FILE_FAILED,
+ FILE_ACCESS_DENIED,
+ FILE_NO_SPACE,
+ FILE_NAME_TOO_LONG,
+ FILE_TOO_LARGE,
+ FILE_VIRUS_INFECTED,
+ FILE_TRANSIENT_ERROR,
+ FILE_BLOCKED,
+ FILE_SECURITY_CHECK_FAILED,
+ FILE_TOO_SHORT,
+ FILE_HASH_MISMATCH,
+ FILE_SAME_AS_SOURCE,
+ NETWORK_FAILED,
+ NETWORK_TIMEOUT,
+ NETWORK_DISCONNECTED,
+ NETWORK_SERVER_DOWN,
+ NETWORK_INVALID_REQUEST,
+ SERVER_FAILED,
+ SERVER_NO_RANGE,
+ SERVER_BAD_CONTENT,
+ SERVER_UNAUTHORIZED,
+ SERVER_CERT_PROBLEM,
+ SERVER_FORBIDDEN,
+ SERVER_UNREACHABLE,
+ SERVER_CONTENT_LENGTH_MISMATCH,
+ SERVER_CROSS_ORIGIN_REDIRECT,
+ USER_CANCELED,
+ USER_SHUTDOWN,
+ CRASH};
+
+ [inline_doc] dictionary DownloadOptions {
+ // The URL to download.
+ DOMString url;
+
+ // A file path relative to the Downloads directory to contain the downloaded
+ // file, possibly containing subdirectories. Absolute paths, empty paths,
+ // and paths containing back-references ".." will cause an error.
+ // $(ref:onDeterminingFilename) allows suggesting a filename after the file's
+ // MIME type and a tentative filename have been determined.
+ DOMString? filename;
+
+ // The action to take if filename already exists.
+ FilenameConflictAction? conflictAction;
+
+ // Use a file-chooser to allow the user to select a filename regardless of
+ // whether filename is set or already exists.
+ boolean? saveAs;
+
+ // The HTTP method to use if the URL uses the HTTP[S] protocol.
+ HttpMethod? method;
+
+ // Extra HTTP headers to send with the request if the URL uses the HTTP[s]
+ // protocol. Each header is represented as a dictionary containing the keys
+ // name and either value or
+ // binaryValue, restricted to those allowed by XMLHttpRequest.
+ HeaderNameValuePair[]? headers;
+
+ // Post body.
+ DOMString? body;
+ };
+
+ // chrome.downloads.search({},
+ // function(items){items.forEach(function(item){console.log(new
+ // Date(item.startTime))})})
+ DOMString startTime;
+
+ // The time when the download ended in ISO 8601 format. May be passed
+ // directly to the Date constructor: chrome.downloads.search({},
+ // function(items){items.forEach(function(item){if (item.endTime)
+ // console.log(new Date(item.endTime))})})
+ DOMString? endTime;
+
+ // Estimated time when the download will complete in ISO 8601 format. May be
+ // passed directly to the Date constructor:
+ // chrome.downloads.search({},
+ // function(items){items.forEach(function(item){if (item.estimatedEndTime)
+ // console.log(new Date(item.estimatedEndTime))})})
+ DOMString? estimatedEndTime;
+
+ // Indicates whether the download is progressing, interrupted, or complete.
+ State state;
+
+ // True if the download has stopped reading data from the host, but kept the
+ // connection open.
+ boolean paused;
+
+ // True if the download is in progress and paused, or else if it is
+ // interrupted and can be resumed starting from where it was interrupted.
+ boolean canResume;
+
+ // Why the download was interrupted. Several kinds of HTTP errors may be
+ // grouped under one of the errors beginning with SERVER_.
+ // Errors relating to the network begin with NETWORK_, errors
+ // relating to the process of writing the file to the file system begin with
+ // FILE_, and interruptions initiated by the user begin with
+ // USER_.
+ InterruptReason? error;
+
+ // Number of bytes received so far from the host, without considering file
+ // compression.
+ double bytesReceived;
+
+ // Number of bytes in the whole file, without considering file compression,
+ // or -1 if unknown.
+ double totalBytes;
+
+ // Number of bytes in the whole file post-decompression, or -1 if unknown.
+ double fileSize;
+
+ // Whether the downloaded file still exists. This information may be out of
+ // date because Chrome does not automatically watch for file removal. Call
+ // $(ref:search)() in order to trigger the check for file existence. When the
+ // existence check completes, if the file has been deleted, then an
+ // $(ref:onChanged) event will fire. Note that $(ref:search)() does not wait
+ // for the existence check to finish before returning, so results from
+ // $(ref:search)() may not accurately reflect the file system. Also,
+ // $(ref:search)() may be called as often as necessary, but will not check for
+ // file existence any more frequently than once every 10 seconds.
+ boolean exists;
+
+ // The identifier for the extension that initiated this download if this
+ // download was initiated by an extension. Does not change once it is set.
+ DOMString? byExtensionId;
+
+ // The localized name of the extension that initiated this download if this
+ // download was initiated by an extension. May change if the extension
+ // changes its name or if the user changes their locale.
+ DOMString? byExtensionName;
+ };
+
+ [inline_doc] dictionary DownloadQuery {
+ // This array of search terms limits results to $(ref:DownloadItem) whose
+ // filename or url or finalUrl
+ // contain all of the search terms that do not begin with a dash '-' and
+ // none of the search terms that do begin with a dash.
+ DOMString[]? query;
+
+ // Limits results to $(ref:DownloadItem) that
+ // started before the given ms since the epoch.
+ DOMString? startedBefore;
+
+ // Limits results to $(ref:DownloadItem) that
+ // started after the given ms since the epoch.
+ DOMString? startedAfter;
+
+ // Limits results to $(ref:DownloadItem) that ended before the given ms since the
+ // epoch.
+ DOMString? endedBefore;
+
+ // Limits results to $(ref:DownloadItem) that ended after the given ms since the
+ // epoch.
+ DOMString? endedAfter;
+
+ // Limits results to $(ref:DownloadItem) whose
+ // totalBytes is greater than the given integer.
+ double? totalBytesGreater;
+
+ // Limits results to $(ref:DownloadItem) whose
+ // totalBytes is less than the given integer.
+ double? totalBytesLess;
+
+ // Limits results to $(ref:DownloadItem) whose
+ // filename matches the given regular expression.
+ DOMString? filenameRegex;
+
+ // Limits results to $(ref:DownloadItem) whose
+ // url matches the given regular expression.
+ DOMString? urlRegex;
+
+ // Limits results to $(ref:DownloadItem) whose
+ // finalUrl matches the given regular expression.
+ DOMString? finalUrlRegex;
+
+ // The maximum number of matching $(ref:DownloadItem) returned. Defaults to
+ // 1000. Set to 0 in order to return all matching $(ref:DownloadItem). See
+ // $(ref:search) for how to page through results.
+ long? limit;
+
+ // Set elements of this array to $(ref:DownloadItem) properties in order to
+ // sort search results. For example, setting
+ // orderBy=['startTime'] sorts the $(ref:DownloadItem) by their
+ // start time in ascending order. To specify descending order, prefix with a
+ // hyphen: '-startTime'.
+ DOMString[]? orderBy;
+
+ // The id of the $(ref:DownloadItem) to query.
+ long? id;
+
+ // The absolute URL that this download initiated from, before any
+ // redirects.
+ DOMString? url;
+
+ // The absolute URL that this download is being made from, after all
+ // redirects.
+ DOMString? finalUrl;
+
+ // Absolute local path.
+ DOMString? filename;
+
+ // Indication of whether this download is thought to be safe or known to be
+ // suspicious.
+ DangerType? danger;
+
+ // The file's MIME type.
+ DOMString? mime;
+
+ // The time when the download began in ISO 8601 format.
+ DOMString? startTime;
+
+ // The time when the download ended in ISO 8601 format.
+ DOMString? endTime;
+
+ // Indicates whether the download is progressing, interrupted, or complete.
+ State? state;
+
+ // True if the download has stopped reading data from the host, but kept the
+ // connection open.
+ boolean? paused;
+
+ // Why a download was interrupted.
+ InterruptReason? error;
+
+ // Number of bytes received so far from the host, without considering file
+ // compression.
+ double? bytesReceived;
+
+ // Number of bytes in the whole file, without considering file compression,
+ // or -1 if unknown.
+ double? totalBytes;
+
+ // Number of bytes in the whole file post-decompression, or -1 if unknown.
+ double? fileSize;
+
+ // Whether the downloaded file exists;
+ boolean? exists;
+ };
+
+ dictionary StringDelta {
+ DOMString? previous;
+ DOMString? current;
+ };
+
+ dictionary DoubleDelta {
+ double? previous;
+ double? current;
+ };
+
+ dictionary BooleanDelta {
+ boolean? previous;
+ boolean? current;
+ };
+
+ // Encapsulates a change in a DownloadItem.
+ [inline_doc] dictionary DownloadDelta {
+ // The id of the $(ref:DownloadItem)
+ // that changed.
+ long id;
+
+ // The change in url, if any.
+ StringDelta? url;
+
+ // The change in finalUrl, if any.
+ StringDelta? finalUrl;
+
+ // The change in filename, if any.
+ StringDelta? filename;
+
+ // The change in danger, if any.
+ StringDelta? danger;
+
+ // The change in mime, if any.
+ StringDelta? mime;
+
+ // The change in startTime, if any.
+ StringDelta? startTime;
+
+ // The change in endTime, if any.
+ StringDelta? endTime;
+
+ // The change in state, if any.
+ StringDelta? state;
+
+ // The change in canResume, if any.
+ BooleanDelta? canResume;
+
+ // The change in paused, if any.
+ BooleanDelta? paused;
+
+ // The change in error, if any.
+ StringDelta? error;
+
+ // The change in totalBytes, if any.
+ DoubleDelta? totalBytes;
+
+ // The change in fileSize, if any.
+ DoubleDelta? fileSize;
+
+ // The change in exists, if any.
+ BooleanDelta? exists;
+ };
+
+ [inline_doc] dictionary GetFileIconOptions {
+ // The size of the returned icon. The icon will be square with dimensions
+ // size * size pixels. The default and largest size for the icon is 32x32
+ // pixels. The only supported sizes are 16 and 32. It is an error to specify
+ // any other size.
+ [legalValues=(16,32)] long? size;
+ };
+
+ // Encapsulates a change in the download UI.
+ [inline_doc] dictionary UiOptions {
+ // Enable or disable the download UI.
+ boolean enabled;
+ };
+
+ callback DownloadCallback = void(long downloadId);
+ callback SearchCallback = void(DownloadItem[] results);
+ callback EraseCallback = void(long[] erasedIds);
+ callback NullCallback = void();
+ callback GetFileIconCallback = void(optional DOMString iconURL);
+ callback SuggestFilenameCallback = void(
+ optional FilenameSuggestion suggestion);
+
+ interface Functions {
+ // Download a URL. If the URL uses the HTTP[S] protocol, then the request
+ // will include all cookies currently set for its hostname. If both
+ // filename and saveAs are specified, then the
+ // Save As dialog will be displayed, pre-populated with the specified
+ // filename. If the download started successfully,
+ // callback will be called with the new $(ref:DownloadItem)'s
+ // downloadId. If there was an error starting the download,
+ // then callback will be called with
+ // downloadId=undefined and $(ref:runtime.lastError) will contain
+ // a descriptive string. The error strings are not guaranteed to remain
+ // backwards compatible between releases. Extensions must not parse it.
+ // |options|: What to download and how.
+ // |callback|: Called with the id of the new $(ref:DownloadItem).
+ [supportsPromises] static void download(
+ DownloadOptions options,
+ optional DownloadCallback callback);
+
+ // Find $(ref:DownloadItem). Set query to the empty object to get
+ // all $(ref:DownloadItem). To get a specific $(ref:DownloadItem), set only the
+ // id field. To page through a large number of items, set
+ // orderBy: ['-startTime'], set limit to the
+ // number of items per page, and set startedAfter to the
+ // startTime of the last item from the last page.
+ [supportsPromises] static void search(DownloadQuery query,
+ SearchCallback callback);
+
+ // Pause the download. If the request was successful the download is in a
+ // paused state. Otherwise $(ref:runtime.lastError) contains an error message.
+ // The request will fail if the download is not active.
+ // |downloadId|: The id of the download to pause.
+ // |callback|: Called when the pause request is completed.
+ [supportsPromises] static void pause(long downloadId,
+ optional NullCallback callback);
+
+ // Resume a paused download. If the request was successful the download is
+ // in progress and unpaused. Otherwise $(ref:runtime.lastError) contains an
+ // error message. The request will fail if the download is not active.
+ // |downloadId|: The id of the download to resume.
+ // |callback|: Called when the resume request is completed.
+ [supportsPromises] static void resume(long downloadId,
+ optional NullCallback callback);
+
+ // Cancel a download. When callback is run, the download is
+ // cancelled, completed, interrupted or doesn't exist anymore.
+ // |downloadId|: The id of the download to cancel.
+ // |callback|: Called when the cancel request is completed.
+ [supportsPromises] static void cancel(long downloadId,
+ optional NullCallback callback);
+
+ // Retrieve an icon for the specified download. For new downloads, file
+ // icons are available after the $(ref:onCreated) event has been received. The
+ // image returned by this function while a download is in progress may be
+ // different from the image returned after the download is complete. Icon
+ // retrieval is done by querying the underlying operating system or toolkit
+ // depending on the platform. The icon that is returned will therefore
+ // depend on a number of factors including state of the download, platform,
+ // registered file types and visual theme. If a file icon cannot be
+ // determined, $(ref:runtime.lastError) will contain an error message.
+ // |downloadId|: The identifier for the download.
+ // |callback|: A URL to an image that represents the download.
+ [supportsPromises] static void getFileIcon(
+ long downloadId,
+ optional GetFileIconOptions options,
+ GetFileIconCallback callback);
+
+ // Opens the downloaded file now if the $(ref:DownloadItem) is complete;
+ // otherwise returns an error through $(ref:runtime.lastError). This method
+ // requires the "downloads.open" permission in addition to the
+ // "downloads" permission. An $(ref:onChanged) event fires
+ // when the item is opened for the first time. This method can only be called
+ // in response to a user gesture.
+ // |downloadId|: The identifier for the downloaded file.
+ static void open(long downloadId);
+
+ // Show the downloaded file in its folder in a file manager.
+ // |downloadId|: The identifier for the downloaded file.
+ static void show(long downloadId);
+
+ // Show the default Downloads folder in a file manager.
+ static void showDefaultFolder();
+
+ // Erase matching $(ref:DownloadItem) from history without deleting the
+ // downloaded file. An $(ref:onErased) event will fire for each
+ // $(ref:DownloadItem) that matches query, then
+ // callback will be called.
+ [supportsPromises] static void erase(DownloadQuery query,
+ optional EraseCallback callback);
+
+ // Remove the downloaded file if it exists and the $(ref:DownloadItem) is
+ // complete; otherwise return an error through $(ref:runtime.lastError).
+ [supportsPromises] static void removeFile(long downloadId,
+ optional NullCallback callback);
+
+ // Prompt the user to accept a dangerous download. Can only be called from a
+ // visible context (tab, window, or page/browser action popup). Does not
+ // automatically accept dangerous downloads. If the download is accepted,
+ // then an $(ref:onChanged) event will fire, otherwise nothing will happen.
+ // When all the data is fetched into a temporary file and either the
+ // download is not dangerous or the danger has been accepted, then the
+ // temporary file is renamed to the target filename, the |state| changes to
+ // 'complete', and $(ref:onChanged) fires.
+ // |downloadId|: The identifier for the $(ref:DownloadItem).
+ // |callback|: Called when the danger prompt dialog closes.
+ [supportsPromises] static void acceptDanger(long downloadId,
+ optional NullCallback callback);
+
+ // Enable or disable the gray shelf at the bottom of every window associated
+ // with the current browser profile. The shelf will be disabled as long as
+ // at least one extension has disabled it. Enabling the shelf while at least
+ // one other extension has disabled it will return an error through
+ // $(ref:runtime.lastError). Requires the "downloads.shelf"
+ // permission in addition to the "downloads" permission.
+ [deprecated="Use $(ref:setUiOptions) instead."]
+ static void setShelfEnabled(boolean enabled);
+
+ // Change the download UI of every window associated with the current
+ // browser profile. As long as at least one extension has set
+ // $(ref:UiOptions.enabled) to false, the download UI will be hidden.
+ // Setting $(ref:UiOptions.enabled) to true while at least one other
+ // extension has disabled it will return an error through
+ // $(ref:runtime.lastError). Requires the "downloads.ui"
+ // permission in addition to the "downloads" permission.
+ // |options|: Encapsulate a change to the download UI.
+ // |callback|: Called when the UI update is completed.
+ [supportsPromises] static void setUiOptions(UiOptions options,
+ optional NullCallback callback);
+ };
+
+ interface Events {
+ // This event fires with the $(ref:DownloadItem) object when a download
+ // begins.
+ static void onCreated(DownloadItem downloadItem);
+
+ // Fires with the downloadId when a download is erased from
+ // history.
+ // |downloadId|: The id of the $(ref:DownloadItem) that was
+ // erased.
+ static void onErased(long downloadId);
+
+ // When any of a $(ref:DownloadItem)'s properties except
+ // bytesReceived and estimatedEndTime changes,
+ // this event fires with the downloadId and an object
+ // containing the properties that changed.
+ static void onChanged(DownloadDelta downloadDelta);
+
+ // During the filename determination process, extensions will be given the
+ // opportunity to override the target $(ref:DownloadItem.filename). Each
+ // extension may not register more than one listener for this event. Each
+ // listener must call suggest exactly once, either
+ // synchronously or asynchronously. If the listener calls
+ // suggest asynchronously, then it must return
+ // true. If the listener neither calls suggest
+ // synchronously nor returns true, then suggest
+ // will be called automatically. The $(ref:DownloadItem) will not complete
+ // until all listeners have called suggest. Listeners may call
+ // suggest without any arguments in order to allow the download
+ // to use downloadItem.filename for its filename, or pass a
+ // suggestion object to suggest in order to
+ // override the target filename. If more than one extension overrides the
+ // filename, then the last extension installed whose listener passes a
+ // suggestion object to suggest wins. In order to
+ // avoid confusion regarding which extension will win, users should not
+ // install extensions that may conflict. If the download is initiated by
+ // $(ref:download) and the target filename is known before the MIME type and
+ // tentative filename have been determined, pass filename to
+ // $(ref:download) instead.
+ [maxListeners=1] static void onDeterminingFilename(
+ DownloadItem downloadItem, SuggestFilenameCallback suggest);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/downloads_internal.idl b/tools/under-control/src/chrome/common/extensions/api/downloads_internal.idl
new file mode 100755
index 000000000..aa75a073d
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/downloads_internal.idl
@@ -0,0 +1,14 @@
+// Copyright 2012 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// downloadsInternal
+[nodoc=true]
+namespace downloadsInternal {
+ interface Functions {
+ // Secretly called when onDeterminingFilename handlers return.
+ static void determineFilename(long downloadId,
+ DOMString filename,
+ DOMString conflict_action);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/enterprise_device_attributes.idl b/tools/under-control/src/chrome/common/extensions/api/enterprise_device_attributes.idl
new file mode 100755
index 000000000..cc42bff43
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/enterprise_device_attributes.idl
@@ -0,0 +1,61 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.enterprise.deviceAttributes API to read device
+// attributes.
+// Note: This API is only available to extensions force-installed by enterprise
+// policy.
+namespace enterprise.deviceAttributes {
+ callback GetDirectoryDeviceIdCallback = void (DOMString deviceId);
+
+ callback GetDeviceSerialNumberCallback = void (DOMString serialNumber);
+
+ callback GetDeviceAssetIdCallback = void (DOMString assetId);
+
+ callback GetDeviceAnnotatedLocationCallback = void (DOMString annotatedLocation);
+
+ callback GetDeviceHostnameCallback = void (DOMString hostname);
+
+ interface Functions {
+ // Fetches the value of
+ // the device identifier of the directory API,
+ // that is generated by the server and identifies the cloud record of the
+ // device for querying in the cloud directory API.
+ // If the current user is not affiliated, returns an empty string.
+ // |callback| : Called with the device identifier of the directory API when
+ // received.
+ [supportsPromises] void getDirectoryDeviceId(
+ GetDirectoryDeviceIdCallback callback);
+
+ // Fetches the device's serial number. Please note the purpose of this API
+ // is to administrate the device (e.g. generating Certificate Sign Requests
+ // for device-wide certificates). This API may not be used for tracking
+ // devices without the consent of the device's administrator.
+ // If the current user is not affiliated, returns an empty string.
+ // |callback| : Called with the serial number of the device.
+ [supportsPromises] void getDeviceSerialNumber(
+ GetDeviceSerialNumberCallback callback);
+
+ // Fetches the administrator-annotated Asset Id.
+ // If the current user is not affiliated or no Asset Id has been set by the
+ // administrator, returns an empty string.
+ // |callback| : Called with the Asset ID of the device.
+ [supportsPromises] void getDeviceAssetId(GetDeviceAssetIdCallback callback);
+
+ // Fetches the administrator-annotated Location.
+ // If the current user is not affiliated or no Annotated Location has been
+ // set by the administrator, returns an empty string.
+ // |callback| : Called with the Annotated Location of the device.
+ [supportsPromises] void getDeviceAnnotatedLocation(
+ GetDeviceAnnotatedLocationCallback callback);
+
+ // Fetches the device's hostname as set by DeviceHostnameTemplate policy.
+ // If the current user is not affiliated or no hostname has been set by the
+ // enterprise policy, returns an empty string.
+ // |callback| : Called with hostname of the device.
+ [supportsPromises] void getDeviceHostname(
+ GetDeviceHostnameCallback callback);
+ };
+
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/enterprise_hardware_platform.idl b/tools/under-control/src/chrome/common/extensions/api/enterprise_hardware_platform.idl
new file mode 100755
index 000000000..8776c3cf5
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/enterprise_hardware_platform.idl
@@ -0,0 +1,24 @@
+// Copyright 2018 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.enterprise.hardwarePlatform API to get the
+// manufacturer and model of the hardware platform where the browser runs.
+// Note: This API is only available to extensions installed by enterprise
+// policy.
+namespace enterprise.hardwarePlatform {
+ dictionary HardwarePlatformInfo {
+ DOMString model;
+ DOMString manufacturer;
+ };
+
+ callback HardwarePlatformInfoCallback = void(HardwarePlatformInfo info);
+
+ interface Functions {
+ // Obtains the manufacturer and model for the hardware platform and, if
+ // the extension is authorized, returns it via |callback|.
+ // |callback|: Called with the hardware platform info.
+ [supportsPromises] static void getHardwarePlatformInfo(
+ HardwarePlatformInfoCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/enterprise_kiosk_input.idl b/tools/under-control/src/chrome/common/extensions/api/enterprise_kiosk_input.idl
new file mode 100755
index 000000000..ec06549ea
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/enterprise_kiosk_input.idl
@@ -0,0 +1,36 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.enterprise.kioskInput API to change input
+// settings for Kiosk sessions.
+// Note: This API is only available extensions and Chrome apps installed
+// by enterprise policy in ChromeOS Kiosk sessions.
+[platforms = ("chromeos"),
+ implemented_in = "chrome/browser/extensions/api/enterprise_kiosk_input/enterprise_kiosk_input_api.h"]
+namespace enterprise.kioskInput {
+ dictionary SetCurrentInputMethodOptions {
+ // The input method ID to set as current input method. This input
+ // method has to be enabled by enterprise policies. Supported IDs
+ // are located in https://crsrc.org/c/chrome/browser/resources/chromeos/input_method.
+ DOMString inputMethodId;
+ };
+
+ callback SetCurrentInputMethodCallback = void();
+
+ interface Functions {
+ // Sets the current input method. This function only changes
+ // the current input method to an enabled input method.
+ // Input methods can be enabled by enterprise polices.
+ // If the input method ID is invalid, or not enabled,
+ // $(ref:runtime.lastError) will be set with a failure reason.
+ // |options|: Object containing the fields defined in
+ // $(ref:SetCurrentInputMethodOptions).
+ // |callback|: Called when the input method is changed or if
+ // there is an error.
+ [supportsPromises] static void setCurrentInputMethod(
+ SetCurrentInputMethodOptions options,
+ SetCurrentInputMethodCallback callback);
+};
+
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/enterprise_networking_attributes.idl b/tools/under-control/src/chrome/common/extensions/api/enterprise_networking_attributes.idl
new file mode 100755
index 000000000..a5e96daa6
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/enterprise_networking_attributes.idl
@@ -0,0 +1,34 @@
+// Copyright 2020 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.enterprise.networkingAttributes API to read
+// information about your current network.
+// Note: This API is only available to extensions force-installed by enterprise
+// policy.
+[platforms = ("chromeos", "lacros"),
+ implemented_in = "chrome/browser/extensions/api/enterprise_networking_attributes/enterprise_networking_attributes_api.h"]
+namespace enterprise.networkingAttributes {
+ [noinline_doc] dictionary NetworkDetails {
+ // The device's MAC address.
+ DOMString macAddress;
+
+ // The device's local IPv4 address (undefined if not configured).
+ DOMString? ipv4;
+
+ // The device's local IPv6 address (undefined if not configured).
+ DOMString? ipv6;
+ };
+
+ callback GetNetworkDetailsCallback = void(NetworkDetails networkAddresses);
+
+ interface Functions {
+ // Retrieves the network details of the device's default network.
+ // If the user is not affiliated or the device is not connected to a
+ // network, $(ref:runtime.lastError) will be set with a failure reason.
+ // |callback| : Called with the device's default network's
+ // $(ref:NetworkDetails).
+ [supportsPromises] void getNetworkDetails(
+ GetNetworkDetailsCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/enterprise_platform_keys.idl b/tools/under-control/src/chrome/common/extensions/api/enterprise_platform_keys.idl
new file mode 100755
index 000000000..3e26da0b5
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/enterprise_platform_keys.idl
@@ -0,0 +1,230 @@
+// Copyright 2014 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.enterprise.platformKeys API to generate keys and
+// install certificates for these keys. The certificates will be managed by the
+// platform and can be used for TLS authentication, network access or by other
+// extension through $(ref:platformKeys chrome.platformKeys).
+[platforms = ("chromeos", "lacros")]
+namespace enterprise.platformKeys {
+ [nocompile, noinline_doc] dictionary Token {
+ // Uniquely identifies this Token.
+ // Static IDs are "user" and "system",
+ // referring to the platform's user-specific and the system-wide hardware
+ // token, respectively. Any other tokens (with other identifiers) might be
+ // returned by $(ref:enterprise.platformKeys.getTokens).
Only non-extractable RSASSA-PKCS1-V1_5 keys with
+ // modulusLength up to 2048 and ECDSA with
+ // namedCurve P-256 can be generated. Each key can be
+ // used for signing data at most once.
Keys generated on a specific Token cannot be used with
+ // any other Tokens, nor can they be used with
+ // window.crypto.subtle. Equally, Key objects
+ // created with window.crypto.subtle cannot be used with this
+ // interface.
Only non-extractable RSASSA-PKCS1-V1_5 keys with
+ // modulusLength up to 2048 can be generated. Each key can be
+ // used for signing data at most once.
Keys generated on a specific Token cannot be used with
+ // any other Tokens, nor can they be used with
+ // window.crypto.subtle. Equally, Key objects
+ // created with window.crypto.subtle cannot be used with this
+ // interface.
getTokens with the list of available Tokens.
+ // |tokens|: The list of available tokens.
+ callback GetTokensCallback = void(Token[] tokens);
+
+ // Callback to which the certificates are passed.
+ // |certificates|: The list of certificates, each in DER encoding of a X.509
+ // certificate.
+ callback GetCertificatesCallback = void(ArrayBuffer[] certificates);
+
+ // Invoked by importCertificate or removeCertificate when the respective
+ // operation is finished.
+ callback DoneCallback = void();
+
+ // Invoked by challengeMachineKey or
+ // challengeUserKey with the challenge response.
+ // |response|: The challenge response.
+ callback ChallengeCallback = void(ArrayBuffer response);
+
+ dictionary RegisterKeyOptions {
+ // Which algorithm the registered key should use.
+ Algorithm algorithm;
+ };
+
+ dictionary ChallengeKeyOptions {
+ // A challenge as emitted by the Verified Access Web API.
+ ArrayBuffer challenge;
+ // If present, registers the challenged key with the specified
+ // scope's token. The key can then be associated with a
+ // certificate and used like any other signing key. Subsequent calls to
+ // this function will then generate a new Enterprise Key in the specified
+ // scope.
+ RegisterKeyOptions? registerKey;
+ // Which Enterprise Key to challenge.
+ Scope scope;
+ };
+
+
+ interface Functions {
+ // Returns the available Tokens. In a regular user's session the list will
+ // always contain the user's token with id "user".
+ // If a system-wide TPM token is available, the returned list will also
+ // contain the system-wide token with id "system".
+ // The system-wide token will be the same for all sessions on this device
+ // (device in the sense of e.g. a Chromebook).
+ [nocompile] static void getTokens(GetTokensCallback callback);
+
+ // Returns the list of all client certificates available from the given
+ // token. Can be used to check for the existence and expiration of client
+ // certificates that are usable for a certain authentication.
+ // |tokenId|: The id of a Token returned by getTokens.
+ // |callback|: Called back with the list of the available certificates.
+ static void getCertificates(DOMString tokenId,
+ GetCertificatesCallback callback);
+
+ // Imports certificate to the given token if the certified key
+ // is already stored in this token.
+ // After a successful certification request, this function should be used to
+ // store the obtained certificate and to make it available to the operating
+ // system and browser for authentication.
+ // |tokenId|: The id of a Token returned by getTokens.
+ // |certificate|: The DER encoding of a X.509 certificate.
+ // |callback|: Called back when this operation is finished.
+ static void importCertificate(DOMString tokenId,
+ ArrayBuffer certificate,
+ optional DoneCallback callback);
+
+ // Removes certificate from the given token if present.
+ // Should be used to remove obsolete certificates so that they are not
+ // considered during authentication and do not clutter the certificate
+ // choice. Should be used to free storage in the certificate store.
+ // |tokenId|: The id of a Token returned by getTokens.
+ // |certificate|: The DER encoding of a X.509 certificate.
+ // |callback|: Called back when this operation is finished.
+ static void removeCertificate(DOMString tokenId,
+ ArrayBuffer certificate,
+ optional DoneCallback callback);
+
+ // Similar to challengeMachineKey and
+ // challengeUserKey, but allows specifying the algorithm of a
+ // registered key. Challenges a hardware-backed Enterprise Machine Key and
+ // emits the response as part of a remote attestation protocol. Only useful
+ // on Chrome OS and in conjunction with the Verified Access Web API which
+ // both issues challenges and verifies responses.
+ //
+ // A successful verification by the Verified Access Web API is a strong
+ // signal that the current device is a legitimate Chrome OS device, the
+ // current device is managed by the domain specified during verification,
+ // the current signed-in user is managed by the domain specified during
+ // verification, and the current device state complies with enterprise
+ // device policy. For example, a policy may specify that the device must not
+ // be in developer mode. Any device identity emitted by the verification is
+ // tightly bound to the hardware of the current device. If
+ // "user" Scope is specified, the identity is also tighly bound
+ // to the current signed-in user.
+ //
+ // This function is highly restricted and will fail if the current device is
+ // not managed, the current user is not managed, or if this operation has
+ // not explicitly been enabled for the caller by enterprise device policy.
+ // The challenged key does not reside in the "system" or
+ // "user" token and is not accessible by any other API.
+ // |options|: Object containing the fields defined in
+ // $(ref:ChallengeKeyOptions).
+ // |callback|: Called back with the challenge response.
+ static void challengeKey(ChallengeKeyOptions options,
+ ChallengeCallback callback);
+
+ // Challenges a hardware-backed Enterprise Machine Key and emits the
+ // response as part of a remote attestation protocol. Only useful on Chrome
+ // OS and in conjunction with the Verified Access Web API which both issues
+ // challenges and verifies responses. A successful verification by the
+ // Verified Access Web API is a strong signal of all of the following:
+ // * The current device is a legitimate Chrome OS device.
+ // * The current device is managed by the domain specified during
+ // verification.
+ // * The current signed-in user is managed by the domain specified during
+ // verification.
+ // * The current device state complies with enterprise device policy. For
+ // example, a policy may specify that the device must not be in developer
+ // mode.
+ // * Any device identity emitted by the verification is tightly bound to the
+ // hardware of the current device.
+ // This function is highly restricted and will fail if the current device
+ // is not managed, the current user is not managed, or if this operation
+ // has not explicitly been enabled for the caller by enterprise device
+ // policy. The Enterprise Machine Key does not reside in the
+ // "system" token and is not accessible by any other API.
+ // |challenge|: A challenge as emitted by the Verified Access Web API.
+ // |registerKey|: If set, the current Enterprise Machine Key is registered
+ // with the "system" token and relinquishes the
+ // Enterprise Machine Key role. The key can then be
+ // associated with a certificate and used like any other
+ // signing key. This key is 2048-bit RSA. Subsequent calls
+ // to this function will then generate a new Enterprise
+ // Machine Key.
+ // |callback|: Called back with the challenge response.
+ [deprecated="Use $(ref:challengeKey) instead."]
+ static void challengeMachineKey(ArrayBuffer challenge,
+ optional boolean registerKey,
+ ChallengeCallback callback);
+
+ // Challenges a hardware-backed Enterprise User Key and emits the response
+ // as part of a remote attestation protocol. Only useful on Chrome OS and in
+ // conjunction with the Verified Access Web API which both issues challenges
+ // and verifies responses. A successful verification by the Verified Access
+ // Web API is a strong signal of all of the following:
+ // * The current device is a legitimate Chrome OS device.
+ // * The current device is managed by the domain specified during
+ // verification.
+ // * The current signed-in user is managed by the domain specified during
+ // verification.
+ // * The current device state complies with enterprise user policy. For
+ // example, a policy may specify that the device must not be in developer
+ // mode.
+ // * The public key emitted by the verification is tightly bound to the
+ // hardware of the current device and to the current signed-in user.
+ // This function is highly restricted and will fail if the current device is
+ // not managed, the current user is not managed, or if this operation has
+ // not explicitly been enabled for the caller by enterprise user policy.
+ // The Enterprise User Key does not reside in the "user" token
+ // and is not accessible by any other API.
+ // |challenge|: A challenge as emitted by the Verified Access Web API.
+ // |registerKey|: If set, the current Enterprise User Key is registered with
+ // the "user" token and relinquishes the
+ // Enterprise User Key role. The key can then be associated
+ // with a certificate and used like any other signing key.
+ // This key is 2048-bit RSA. Subsequent calls to this
+ // function will then generate a new Enterprise User Key.
+ // |callback|: Called back with the challenge response.
+ [deprecated="Use $(ref:challengeKey) instead."]
+ static void challengeUserKey(ArrayBuffer challenge,
+ boolean registerKey,
+ ChallengeCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/enterprise_platform_keys_internal.idl b/tools/under-control/src/chrome/common/extensions/api/enterprise_platform_keys_internal.idl
new file mode 100755
index 000000000..73f84feea
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/enterprise_platform_keys_internal.idl
@@ -0,0 +1,60 @@
+// Copyright 2014 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Internal API for platform keys and certificate management.
+[ platforms = ("chromeos", "lacros"),
+ implemented_in = "chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.h" ]
+namespace enterprise.platformKeysInternal {
+ dictionary Hash {
+ DOMString name;
+ };
+
+ // For more information about the RSA key generation parameters, please refer
+ // to: https://www.w3.org/TR/WebCryptoAPI/#RsaHashedKeyGenParams-dictionary
+ // For more information about the ECDSA key generation parameters, please
+ // refer to: https://www.w3.org/TR/WebCryptoAPI/#dfn-EcdsaParams
+ // Note: |hash| is not used by generateKey() but is added to completely
+ // mirror WebCrypto in using RsaHashedKeyAlgorithm to be able to wrap all
+ // parameters in one structure.
+ dictionary Algorithm {
+ // Provided for all algorithms.
+ DOMString name;
+
+ // Provided in case of RSASSA-PKCS1-v1_5.
+ long? modulusLength;
+ ArrayBuffer? publicExponent;
+ Hash? hash;
+
+ // Provided in case of ECDSA.
+ DOMString? namedCurve;
+ };
+
+ // Invoked by getTokens.
+ // |tokenIds| The list of IDs of the avialable Tokens.
+ callback GetTokensCallback = void(DOMString[] tokenIds);
+
+ // Invoked by generateKey.
+ // |publicKey| The Subject Public Key Info (see X.509) of the generated key
+ // in DER encoding.
+ callback GenerateKeyCallback = void(ArrayBuffer publicKey);
+
+ interface Functions {
+ // Internal version of entrprise.platformKeys.getTokens. Returns a list of
+ // token IDs instead of token objects.
+ static void getTokens(GetTokensCallback callback);
+
+ // Internal version of Token.generateKey, currently supporting only
+ // RSASSA-PKCS1-v1_5 and ECDSA.
+ // |tokenId| The id of a Token returned by |getTokens|.
+ // |algorithm| The algorithm parameters as specified by WebCrypto.
+ // |softwareBacked| Whether the key operations should be executed in
+ // software.
+ // |callback| Called back with the Subject Public Key Info of the generated
+ // key.
+ static void generateKey(DOMString tokenId,
+ Algorithm algorithm,
+ boolean softwareBacked,
+ GenerateKeyCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/enterprise_reporting_private.idl b/tools/under-control/src/chrome/common/extensions/api/enterprise_reporting_private.idl
new file mode 100755
index 000000000..9691ba094
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/enterprise_reporting_private.idl
@@ -0,0 +1,405 @@
+// Copyright 2018 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Private API for reporting Chrome browser status to admin console.
+namespace enterprise.reportingPrivate {
+
+ // Invoked by UploadChromeDesktopReport when the upload is
+ // finished.
+ // Also Invoked by setDeviceData when data is stored.
+ [platforms = ("win", "mac", "linux")]
+ callback DoneCallback = void();
+
+ // Invoked by getDeviceId to return the ID.
+ [platforms = ("win", "mac", "linux")]
+ callback GetDeviceIdCallback = void(DOMString id);
+
+ // Invoked by getPersistentSecret to return the secret.
+ [platforms = ("win", "mac")]
+ callback GetPersistentSecretCallback = void(ArrayBuffer secret);
+
+ // Invoked by getDeviceDataCallback to return the device data.
+ [platforms = ("win", "mac", "linux")]
+ callback GetDeviceDataCallback = void(ArrayBuffer data);
+
+ // Possible states a particular device setting can be in.
+ [platforms = ("win", "mac", "linux")]
+ enum SettingValue { UNKNOWN, DISABLED, ENABLED };
+
+ // Device info fields returned by the getDeviceInfo API.
+ [platforms = ("win", "mac", "linux")]
+ dictionary DeviceInfo {
+ DOMString osName;
+ DOMString osVersion;
+ DOMString deviceHostName;
+ DOMString deviceModel;
+ DOMString serialNumber;
+ SettingValue screenLockSecured;
+ SettingValue diskEncrypted;
+ DOMString[] macAddresses;
+ DOMString? windowsMachineDomain;
+ DOMString? windowsUserDomain;
+ DOMString securityPatchLevel;
+
+ // This value is only returned on Windows for now.
+ SettingValue? secureBootEnabled;
+ };
+
+ // Invoked by getDeviceInfo to return device information.
+ [platforms = ("win", "mac", "linux")]
+ callback GetDeviceInfoCallback = void(DeviceInfo deviceInfo);
+
+ // Possible states for the EnterpriseRealTimeUrlCheckMode policy.
+ enum RealtimeUrlCheckMode { DISABLED, ENABLED_MAIN_FRAME };
+
+ // Possible states for the SafeBrowsingProtectionLevel policy.
+ enum SafeBrowsingLevel { DISABLED, STANDARD, ENHANCED };
+
+ // Possible states for the PasswordProtectionWarningTrigger policy
+ enum PasswordProtectionTrigger {
+ PASSWORD_PROTECTION_OFF,
+ PASSWORD_REUSE,
+ PHISHING_REUSE,
+ POLICY_UNSET
+ };
+
+ // Context info fields returned by the getContextInfo API.
+ dictionary ContextInfo {
+ DOMString[] browserAffiliationIds;
+ DOMString[] profileAffiliationIds;
+ DOMString[] onFileAttachedProviders;
+ DOMString[] onFileDownloadedProviders;
+ DOMString[] onBulkDataEntryProviders;
+ DOMString[] onPrintProviders;
+ RealtimeUrlCheckMode realtimeUrlCheckMode;
+ DOMString[] onSecurityEventProviders;
+ DOMString browserVersion;
+ SafeBrowsingLevel safeBrowsingProtectionLevel;
+ boolean siteIsolationEnabled;
+ boolean builtInDnsClientEnabled;
+ PasswordProtectionTrigger passwordProtectionWarningTrigger;
+ boolean chromeRemoteDesktopAppBlocked;
+ boolean? thirdPartyBlockingEnabled;
+ SettingValue osFirewall;
+ DOMString[] systemDnsServers;
+ DOMString? enterpriseProfileId;
+ };
+
+ // Invoked by getContextInfo to return context information.
+ callback GetContextInfoCallback = void(ContextInfo contextInfo);
+
+ // The status passed to the callback of getCertificate to
+ // indicate if the required policy is set.
+ enum CertificateStatus { OK, POLICY_UNSET };
+
+ // The certificate, if one meets the requirements, returned by the
+ // $(ref:getCertificate) API. encodedCertificate will be
+ // the DER encoding (binary encoding following X.690 Distinguished Encoding
+ // Rules) of the X.509 certificate.
+ dictionary Certificate {
+ CertificateStatus status;
+ ArrayBuffer? encodedCertificate;
+ };
+
+ // Invoked by getCertificate to return the selected certificate.
+ callback CertificateCallback = void(Certificate certificate);
+
+ // Captures the type of event so it can be associated with user or device in
+ // Chrome for reporting purposes
+ [platforms = ("chromeos", "lacros")]
+ enum EventType { DEVICE, USER };
+
+ // Composite object that captures the information we need to report events.
+ // Some fields like the record and priority are serialized to avoid any
+ // dependency on proto definitions here, given the fact that they will likely
+ // change in the future. These will be deserialized and validated in Chrome.
+ [platforms = ("chromeos", "lacros")]
+ dictionary EnqueueRecordRequest {
+ // Serialized record data binary based on the proto definition in
+ // //components/reporting/proto/synced/record.proto.
+ [instanceOf=Uint8Array] ArrayBufferView recordData;
+ // Serialized priority based on the proto definition in
+ // //components/reporting/proto/synced/record_constants.proto. Used to
+ // determine which records are shed first.
+ long priority;
+ EventType eventType;
+ };
+
+ // Context object containing the content-area user's ID for whom the signals
+ // collection request is for. This will be used to identify the organization
+ // in which the user is, and can then be used to determine their affiliation
+ // with the current browser management state.
+ [platforms = ("win")]
+ dictionary UserContext {
+ DOMString userId;
+ };
+
+ // Enumeration of the various states an AntiVirus software product can be in.
+ [platforms = ("win")]
+ enum AntiVirusProductState { ON, OFF, SNOOZED, EXPIRED };
+
+ // Metadata about a specific AntiVirus software product.
+ [platforms = ("win")]
+ dictionary AntiVirusSignal {
+ DOMString displayName;
+ DOMString productId;
+ AntiVirusProductState state;
+ };
+
+ // Invoked by getAvInfo to return information about installed
+ // AntiVirus software.
+ [platforms = ("win")]
+ callback AvInfoCallback = void(AntiVirusSignal[] avSignals);
+
+ // ID of an installed hotfix system update.
+ [platforms = ("win")]
+ dictionary HotfixSignal {
+ DOMString hotfixId;
+ };
+
+ // Invoked by getHotfixes to return the IDs of installed hotfix
+ // system updates.
+ [platforms = ("win")]
+ callback HotfixesCallback = void(HotfixSignal[] hotfixSignals);
+
+ // Used to indicate whether a given signal was correctly found or not, or
+ // indicate a reason for not being able to find it.
+ [platforms = ("win", "mac", "linux")]
+ enum PresenceValue {
+ // Was unable to determine whether the signal source exists or not. This
+ // typically indicates that a failure occurred before even trying to assess
+ // its presence.
+ UNSPECIFIED,
+
+ // Current user does not have access to the signal's source.
+ ACCESS_DENIED,
+
+ // The resource was not found.
+ NOT_FOUND,
+
+ // The resource was found.
+ FOUND
+ };
+
+ // Parameter used to collect information about a specific file system
+ // resource.
+ [platforms = ("win", "mac", "linux")]
+ dictionary GetFileSystemInfoOptions {
+ DOMString path;
+ boolean computeSha256;
+ boolean computeExecutableMetadata;
+ };
+
+ [platforms = ("win", "mac", "linux")]
+ dictionary GetFileSystemInfoRequest {
+ // Information about the for whom the signal collection request is for.
+ UserContext userContext;
+
+ // Collection of parameters used to conduct signals collection about
+ // specific file system resources.
+ GetFileSystemInfoOptions[] options;
+ };
+
+ [platforms = ("win", "mac", "linux")]
+ dictionary GetFileSystemInfoResponse {
+ // Path to the file system object for whom those signals were collected.
+ DOMString path;
+
+ // Value indicating whether the specific resource could be found or not.
+ PresenceValue presence;
+
+ // Sha256 hash of a file's bytes. Ignored when path points to a
+ // directory. Collected only when computeSha256 is set to true in the
+ // given signals collection parameters.
+ DOMString? sha256Hash;
+
+ // Set of properties only relevant for executable files. Will only be
+ // collected if computeExecutableMetadata is set to true in the given
+ // signals collection parameters and if path points to an executable file.
+
+ // Is true if a currently running process was spawned from this file.
+ boolean? isRunning;
+
+ // SHA-256 hashes of the public keys of the certificates used to sign the
+ // executable. A hash is computed over the DER-encoded SubjectPublicKeyInfo
+ // representation of the key.
+ DOMString[]? publicKeysHashes;
+
+ // Product name of this executable.
+ DOMString? productName;
+
+ // Version of this executable.
+ DOMString? version;
+ };
+
+ [platforms = ("win", "mac", "linux")]
+ callback FileSystemInfoCallback =
+ void(GetFileSystemInfoResponse[] fileSystemSignals);
+
+ [platforms = ("win")]
+ enum RegistryHive {
+ HKEY_CLASSES_ROOT,
+ HKEY_LOCAL_MACHINE,
+ HKEY_CURRENT_USER
+ };
+
+ [platforms = ("win", "mac")]
+ dictionary GetSettingsOptions {
+ // Path to a collection of settings.
+ // On Windows it would be the path to the reg key inside the hive.
+ // On Mac it would be the path to the plist file.
+ DOMString path;
+
+ // Key specifying the setting entry we're looking for.
+ // On Windows, that will be the registry key itself.
+ // On Mac, this is a key path used to retrieve a value from
+ // valueForKeyPath:.
+ DOMString key;
+
+ // When set to true, the retrieved signal will also include the setting's
+ // value. When false, the signal will only contain the setting's
+ // presence.
+ // Supported setting types on Windows:
+ // - REG_SZ
+ // - REG_DWORD
+ // - REG_QWORD
+ // Supported setting types on Mac:
+ // - NSString
+ // - NSNumber
+ boolean getValue;
+
+ // Windows registry hive containing the desired value.
+ // Required value on Windows, will be ignored on other platforms.
+ RegistryHive? hive;
+ };
+
+ [platforms = ("win", "mac")]
+ dictionary GetSettingsRequest {
+ // Information about the for whom the signal collection request is for.
+ UserContext userContext;
+
+ // Collection of parameters used to conduct signals collection about
+ // specific settings of the system.
+ GetSettingsOptions[] options;
+ };
+
+ [platforms = ("win", "mac")]
+ dictionary GetSettingsResponse {
+ // Path as given in the corresponding GetSettingsOptions
+ // request.
+ DOMString path;
+
+ // Key as given in the corresponding GetSettingsOptions
+ // request.
+ DOMString key;
+
+ // Hive as given in the corresponding GetSettingsOptions
+ // request.
+ // Present on Windows only.
+ RegistryHive? hive;
+
+ // Value indicating whether the specific resource could be found or not.
+ PresenceValue presence;
+
+ // JSON-stringified value of the setting. Only set if getValue
+ // was true in the corresponding request, and if the setting value was
+ // retrievable.
+ DOMString? value;
+ };
+
+ [platforms = ("win", "mac")]
+ callback SettingsCallback =
+ void(GetSettingsResponse[] settings);
+
+ interface Functions {
+ // Gets the identity of device that Chrome browser is running on. The ID is
+ // retrieved from the local device and used by the Google admin console.
+ [platforms = ("win", "mac", "linux"), supportsPromises]
+ static void getDeviceId(optional GetDeviceIdCallback callback);
+
+ // Gets a randomly generated persistent secret (symmetric key) that
+ // can be used to encrypt the data stored with |setDeviceData|. If the
+ // optional parameter |forceCreation| is set to true the secret is recreated
+ // in case of any failure to retrieve the currently stored one. Sets
+ // $(ref:runtime.lastError) on failure.
+ [platforms = ("win", "mac"), supportsPromises]
+ static void getPersistentSecret(
+ optional boolean resetSecret,
+ GetPersistentSecretCallback callback);
+
+ // Gets the device data for |id|. Sets $(ref:runtime.lastError) on failure.
+ [platforms = ("win", "mac", "linux"), supportsPromises]
+ static void getDeviceData(DOMString id, GetDeviceDataCallback callback);
+
+ // Sets the device data for |id|. Sets $(ref:runtime.lastError) on failure.
+ // If the |data| parameter is undefined and there is already data
+ // associated with |id| it will be cleared.
+ [platforms = ("win", "mac", "linux"), supportsPromises]
+ static void setDeviceData(DOMString id,
+ optional ArrayBuffer data,
+ optional DoneCallback callback);
+
+ // Gets the device information (including disk encryption status,
+ // screen lock status, serial number, model).
+ [platforms = ("win", "mac", "linux"), supportsPromises]
+ static void getDeviceInfo(GetDeviceInfoCallback callback);
+
+ // Gets the context information (including management status of the browser,
+ // state of key security policies, browser version).
+ [supportsPromises] static void getContextInfo(
+ GetContextInfoCallback callback);
+
+ // Returns the certificate that would be selected by the filters in the
+ // AutoSelectCertificateForUrls policy for url.
+ [supportsPromises] static void getCertificate(DOMString url,
+ CertificateCallback callback);
+
+ // Enqueues a record for upload to the reporting service
+ // |request|: Composite object that captures everything
+ // we need for uploading records.
+ // |callback|: Callback that is triggered upon completion
+ [platforms = ("chromeos", "lacros"), supportsPromises]
+ static void enqueueRecord(
+ EnqueueRecordRequest request,
+ optional DoneCallback callback);
+
+ // Gets information about file system resources, specified by the contents
+ // of request, on the current device. request must
+ // hold a user context to be used to verify the affiliation between the
+ // user's organization and the organization managing the browser. If the
+ // management or affiliation states are not suitable, no results will be
+ // returned.
+ [platforms = ("win", "mac", "linux"), supportsPromises]
+ static void getFileSystemInfo(
+ GetFileSystemInfoRequest request,
+ FileSystemInfoCallback callback);
+
+ // Gets information about system settings specified by the contents of
+ // request. request must hold a user context to be
+ // used to verify the affiliation between the user's organization and the
+ // organization managing the browser. If the management or affiliation
+ // states are not suitable, no results will be returned.
+ [platforms = ("win", "mac"), supportsPromises]
+ static void getSettings(
+ GetSettingsRequest request,
+ SettingsCallback callback);
+
+ // Gets information about AntiVirus software installed on the current
+ // device. userContext is used to verify the affiliation
+ // between the user's organization and the organization managing the
+ // browser. If the management, or affiliation, state is not suitable, no
+ // results will be returned.
+ [platforms = ("win"), supportsPromises]
+ static void getAvInfo(UserContext userContext, AvInfoCallback callback);
+
+ // Gets information about hotfix system updates installed on the current
+ // device. userContext is used to verify the affiliation
+ // between the user's organization and the organization managing the
+ // browser. If the management, or affiliation, state is not suitable, no
+ // results will be returned.
+ [platforms = ("win"), supportsPromises]
+ static void getHotfixes(UserContext userContext, HotfixesCallback callback);
+ };
+
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/file_manager_private.idl b/tools/under-control/src/chrome/common/extensions/api/file_manager_private.idl
new file mode 100755
index 000000000..1fde25a59
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/file_manager_private.idl
@@ -0,0 +1,2085 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// fileManagerPrivate API.
+// This is a private API used by the file manager on ChromeOS. The API can
+// roughly be divided into two parts: functions and events.
+//
+// Functions: The Functions interface defines a number of privileged operations
+// that allow File Manager to execute tasks not available via public APIs. Most
+// of the time this is due to the fact that enabling those tasks via public APIs
+// would allow malicious applications to either take control of the hardware
+// or leak private information about the user. None of these API must be exposed
+// in any public services.
+//
+// Events: The Event interface defines a number of events that are supported
+// by the API. These events allow one to register, in JavaScript, a listener
+// that is invoked with event's parameters, every time the event is observed
+// by the file_manager::EventRouter.
+//
+// Both the functions and events interface are only available to clients that
+// are explicitly granted permission to use the fileManagerPrivate API. This
+// API is not available to any client without code reviewed changes
+// (eg. via _api_features.json)
+//
+// CAVEAT: An application A registering as a listener to any events must assume
+// that an application B can listen to any events that are destined for A, where
+// A and B are any applications that are granted access to fileManagerPrivate.
+// For example, if applications A and B listen to onDirectoryChanged events on
+// two unique paths, they both receive events about changes in either path. This
+// is due to the fact that events are broadcasted to ALL listeners. It is the
+// responsibility of the listener to discard events not destined for it. It is
+// also the responsibility of all listeners not to log information transmitted
+// in those events, as it may record in logs information that is private to a
+// given user (e.g., the full paths and name of a given file). This API is
+// designed with the assumption that all users are equal in terms of their
+// permission to observe events, call the function interface and access the file
+// system of the device. As the API is only used by Chrome OS' File Manager, and
+// the File Manager is being used by the user to access their own files, this
+// assumption holds true.
+//
+// The API defined in this file may use W3C Entry object (FileEntry and
+// DirectoryEntry). Since these cannot be directly sent or received by the C++
+// code, there exists an additional layer, in file_manager_private_internal.idl,
+// that provides translation from or to W3C Entry objects.
+[platforms=("chromeos"),
+ implemented_in="chrome/browser/ash/extensions/file_manager/file_manager_private_api_functions.h"]
+namespace fileManagerPrivate {
+// Type of the mounted volume.
+enum VolumeType { drive, downloads, removable, archive, provided, mtp,
+ media_view, crostini, android_files, documents_provider,
+ testing, smb, system_internal, guest_os };
+
+// Device type. Available if this is removable volume.
+enum DeviceType { usb, sd, optical, mobile, unknown };
+
+// List of device connection statuses.
+enum DeviceConnectionState {OFFLINE, ONLINE};
+
+// List of connection types of drive.
+enum DriveConnectionStateType {OFFLINE, METERED, ONLINE};
+
+// List of reasons of DriveConnectionStateType.
+enum DriveOfflineReason {NOT_READY, NO_NETWORK, NO_SERVICE};
+
+// Additional information of the context the volume was mounted.
+enum MountContext { user, auto };
+
+// Is the event raised for mounting or unmounting.
+enum MountCompletedEventType { mount, unmount };
+
+// Event type that tells listeners if mount was successful or an error
+// occurred. It also specifies the error.
+enum MountError {
+ success,
+ in_progress,
+ unknown_error,
+ internal_error,
+ invalid_argument,
+ invalid_path,
+ path_already_mounted,
+ path_not_mounted,
+ directory_creation_failed,
+ invalid_mount_options,
+ insufficient_permissions,
+ mount_program_not_found,
+ mount_program_failed,
+ invalid_device_path,
+ unknown_filesystem,
+ unsupported_filesystem,
+ need_password,
+ cancelled,
+ busy
+};
+
+// Filesystem to format to.
+enum FormatFileSystemType { vfat, exfat, ntfs };
+
+// File transfer progress state.
+enum TransferState { in_progress, queued, completed, failed };
+
+// The response when starting installing a Linux package.
+enum InstallLinuxPackageStatus {
+ started,
+ failed,
+ install_already_active
+};
+
+// Specifies type of event that is raised.
+enum FileWatchEventType { changed, error };
+
+// Specifies type of change in file watch event.
+enum ChangeType { add_or_update, delete };
+
+// The type of entry that is needed. Default to ALL.
+enum SearchType { EXCLUDE_DIRECTORIES, SHARED_WITH_ME, OFFLINE, ALL };
+
+// Zooming mode.
+enum ZoomOperationType { in, out, reset };
+
+// Specifies how to open inspector.
+enum InspectionType {
+ // Open inspector for foreground page.
+ normal,
+ // Open inspector for foreground page and bring focus to the console.
+ console,
+ // Open inspector for foreground page in inspect element mode.
+ element,
+ // Open inspector for background page.
+ background
+};
+
+// Device event type.
+enum DeviceEventType {
+ // If the device is disabled by preference.
+ disabled,
+ // Device is removed.
+ removed,
+ // Device is hard unplugged.
+ hard_unplugged,
+ // Format started.
+ format_start,
+ // Format succeeded.
+ format_success,
+ // Format failed.
+ format_fail,
+ // Rename started.
+ rename_start,
+ // Rename succeeded.
+ rename_success,
+ // Rename failed.
+ rename_fail,
+ // Partition started.
+ partition_start,
+ // Partition succeeded.
+ partition_success,
+ // Partition failed.
+ partition_fail
+};
+
+// Drive sync error type.
+// Keep it synced with DriveError::Type in drivefs.mojom.
+enum DriveSyncErrorType {
+ // Request to delete a file without permission.
+ delete_without_permission,
+ // Google Drive is temporarily unavailable.
+ service_unavailable,
+ // There is no server space for the user to sync a file.
+ no_server_space,
+ // There is no server space for the organization to sync a file.
+ no_server_space_organization,
+ // There is no local space to sync a file.
+ no_local_space,
+ // There is no space left on a shared drive.
+ no_shared_drive_space,
+ // Miscellaneous errors other than listed above.
+ misc
+};
+
+// Drive confirm dialog type.
+// Keep it synced with DialogReason::Type in drivefs.mojom.
+enum DriveConfirmDialogType {
+ // Request to enable Docs Offline to allow saving hosted files offline.
+ enable_docs_offline
+};
+
+// Possible result of dialog displayed as a result of the onDriveConfirmDialog
+// event. Sent back to the browser via notifyDriveDialogResult().
+enum DriveDialogResult {
+ // The dialog was not displayed to the user.
+ not_displayed,
+ // The user accepted the action proposed by the dialog.
+ accept,
+ // The user rejected the action proposed by the dialog.
+ reject,
+ // The user closed the dialog without selecting an option.
+ dismiss
+};
+
+// Result of task execution. If changing, update the strings used in
+// ui/file_manager/file_manager/foreground/js/file_tasks.js
+enum TaskResult {
+ // The task execution succeeded and a new window/tab was opened on the current
+ // desktop.
+ opened,
+ // The task execution succeeded and the message was sent to the proper
+ // extension or app. This could result in a window being opened on a different
+ // desktop.
+ message_sent,
+ // The task execution failed.
+ failed,
+ // No URL is specified.
+ empty,
+ // The task was a |plugin_vm| task, and the file was in an unshared directory
+ failed_plugin_vm_directory_not_shared
+};
+
+// Drive share type.
+enum DriveShareType {
+ can_edit,
+ can_comment,
+ can_view
+};
+
+// Names of properties for getEntryProperties().
+enum EntryPropertyName {
+ size,
+ modificationTime,
+ modificationByMeTime,
+ thumbnailUrl,
+ croppedThumbnailUrl,
+ imageWidth,
+ imageHeight,
+ imageRotation,
+ pinned,
+ present,
+ hosted,
+ availableOffline,
+ availableWhenMetered,
+ dirty,
+ customIconUrl,
+ contentMimeType,
+ sharedWithMe,
+ shared,
+ starred,
+ externalFileUrl,
+ alternateUrl,
+ shareUrl,
+ canCopy,
+ canDelete,
+ canRename,
+ canAddChildren,
+ canShare,
+ canPin,
+ isMachineRoot,
+ isExternalMedia,
+ isArbitrarySyncFolder,
+ syncStatus,
+ progress,
+ shortcut,
+ syncCompletedTime
+};
+
+// Source of the volume data.
+enum Source {
+ file,
+ device,
+ network,
+ system
+};
+
+// Recent file sources allowed in getRecentFiles().
+enum SourceRestriction {
+ // Allows any source.
+ any_source,
+
+ // Allows source with native local file system only.
+ native_source
+};
+
+// File categories to filter results from getRecentFiles().
+enum FileCategory {
+ all,
+ audio,
+ image,
+ video,
+ document
+};
+
+enum CrostiniEventType {
+ enable,
+ disable,
+ share,
+ unshare,
+ drop_failed_plugin_vm_directory_not_shared
+};
+
+enum ProviderSource {
+ file,
+ device,
+ network
+};
+
+enum SharesheetLaunchSource {
+ context_menu,
+ sharesheet_button,
+ unknown
+};
+
+enum IoTaskState {
+ queued,
+ scanning,
+ in_progress,
+ paused,
+ success,
+ error,
+ need_password,
+ cancelled
+};
+
+enum IoTaskType {
+ copy,
+ delete,
+ empty_trash,
+ extract,
+ move,
+ restore,
+ restore_to_destination,
+ trash,
+ zip
+};
+
+enum PolicyErrorType {
+ dlp,
+ enterprise_connectors,
+ dlp_warning_timeout
+};
+
+enum PolicyDialogType {
+ warning,
+ error
+};
+
+enum RecentDateBucket {
+ today,
+ yesterday,
+ earlier_this_week,
+ earlier_this_month,
+ earlier_this_year,
+ older
+};
+
+enum VmType { termina, plugin_vm, borealis, bruschetta, arcvm };
+
+enum UserType {
+ // User doesn't belong to any organization.
+ unmanaged,
+ // User is a member of an organization.
+ organization
+};
+
+enum DlpLevel {
+ // Report every action to the admin, doesn't affect the user.
+ report,
+ // Warn the user on every action.
+ warn,
+ // Block the user on every action.
+ block,
+ // No restriction.
+ allow
+};
+
+enum SyncStatus {
+ // No sync status available for file.
+ not_found,
+ // File is queued up for syncing.
+ queued,
+ // File is currently being synced.
+ in_progress,
+ // File is done syncing.
+ completed,
+ // There was an error syncing the file.
+ error
+};
+
+// Describes how admin policy affects the default task in a ResultingTasks.
+// See chrome/browser/ash/file_manager/file_tasks.h for details.
+enum PolicyDefaultHandlerStatus {
+ default_handler_assigned_by_policy,
+ incorrect_assignment
+};
+
+// Describes the stage the bulk pinning manager is in. This enum should be kept
+// in sync with chromeos/ash/components/drivefs/mojom/pin_manager_types.mojom.
+enum BulkPinStage {
+ // Initial stage.
+ stopped,
+
+ // Paused because of unfavorable network conditions.
+ paused_offline,
+ // Paused due to battery saver mode active.
+ paused_battery_saver,
+
+ // In-progress stages.
+ getting_free_space,
+ listing_files,
+ syncing,
+
+ // Final success stage.
+ success,
+
+ // Final error stages.
+ not_enough_space,
+ cannot_get_free_space,
+ cannot_list_files,
+ cannot_enable_docs_offline
+};
+
+// These three fields together uniquely identify a task.
+dictionary FileTaskDescriptor {
+ DOMString appId;
+ DOMString taskType;
+ DOMString actionId;
+};
+
+// A file task represents an action that the file manager can perform over the
+// currently selected files. See chrome/browser/ash/file_manager/file_tasks.h
+// for details about how file tasks are handled.
+dictionary FileTask {
+ // Unique identifier for the task.
+ FileTaskDescriptor descriptor;
+
+ // Task title (ex. App name).
+ DOMString title;
+
+ // Task icon url (from chrome://extension-icon/...)
+ DOMString? iconUrl;
+
+ // True if this task is a default task for the selected files.
+ boolean? isDefault;
+
+ // True if this task is from generic file handler. Generic file handler is a
+ // file handler which handles any type of files (e.g. extensions: ["*"],
+ // types: ["*/*"]). Partial wild card (e.g. types: ["image/*"]) is not
+ // generic file handler.
+ boolean? isGenericFileHandler;
+
+ // True if this is task is blocked by Data Leak Prevention (DLP).
+ boolean? isDlpBlocked;
+};
+
+// Represents a set of tasks capable of handling file entries.
+// See chrome/browser/ash/file_manager/file_tasks.h for details.
+dictionary ResultingTasks {
+ FileTask[] tasks;
+
+ // Note that this field is non-null if and only if at least one entry has been affected by policy.
+ PolicyDefaultHandlerStatus? policyDefaultHandlerStatus;
+};
+
+// Additional entry properties.
+dictionary EntryProperties {
+ // Size of this file.
+ double? size;
+
+ // Timestamp of entry update time, in milliseconds past the epoch.
+ double? modificationTime;
+
+ // Timestamp of entry update time by me, in milliseconds past the epoch.
+ double? modificationByMeTime;
+
+ // Date bucket calculated by |modificationTime| or |modificationByMeTime|.
+ RecentDateBucket? recentDateBucket;
+
+ // URL to the Drive thumbnail image for this file.
+ DOMString? thumbnailUrl;
+
+ // URL to the Drive cropped thumbnail image for this file.
+ DOMString? croppedThumbnailUrl;
+
+ // Width, if the entry is an image.
+ long? imageWidth;
+
+ // Height, if the entry is an image.
+ long? imageHeight;
+
+ // Rotation in clockwise degrees, if the entry is an image.
+ long? imageRotation;
+
+ // True if the file is pinned in cache.
+ boolean? pinned;
+
+ // True if the file is present in cache.
+ boolean? present;
+
+ // True if the file is hosted on a server instead of local.
+ boolean? hosted;
+
+ // True if the file is available offline.
+ boolean? availableOffline;
+
+ // True if the file is available on metered connection.
+ boolean? availableWhenMetered;
+
+ // True if the file has local change (has not been fully synced to the cloud).
+ boolean? dirty;
+
+ // URL to the custom icon for this file.
+ DOMString? customIconUrl;
+
+ // Drive MIME type for this file.
+ DOMString? contentMimeType;
+
+ // True if the entry is labeled as shared-with-me.
+ boolean? sharedWithMe;
+
+ // True if the entry is labeled as shared (either from me to others or to me
+ // by others.)
+ boolean? shared;
+
+ // True if the entry is starred by the user.
+ boolean? starred;
+
+ // externalfile:// URL to open the file in browser.
+ DOMString? externalFileUrl;
+
+ // https:// URL to open the file or folder in the Drive website.
+ DOMString? alternateUrl;
+
+ // https:// URL to open the file or folder in the Drive website with the
+ // sharing dialog open.
+ DOMString? shareUrl;
+
+ // True if the entry can be copied by the user.
+ boolean? canCopy;
+
+ // True if the entry can be deleted by the user.
+ boolean? canDelete;
+
+ // True if the entry can be renamed by the user.
+ boolean? canRename;
+
+ // True if the entry can have children added to it by the user (directories
+ // only).
+ boolean? canAddChildren;
+
+ // True if the entry can be shared by the user.
+ boolean? canShare;
+
+ // True if the entry can be pinned by the user.
+ boolean? canPin;
+
+ // True if the entry is a machine root for backup and sync.
+ boolean? isMachineRoot;
+
+ // True if the entry is a external media folder, that contains one time only
+ // uploads for USB devices, SD cards etc.
+ boolean? isExternalMedia;
+
+ // True if the entry is an arbitrary sync folder.
+ boolean? isArbitrarySyncFolder;
+
+ // Sync status for files tracked by different cloud filesystem providers.
+ SyncStatus? syncStatus;
+
+ // Progress representing some ongoing operation with the file.
+ // E.g., pasting, syncing. Note: currently, this is exclusively being used
+ // for Drive syncing.
+ double? progress;
+
+ // Time in milliseconds since the epoch when the file last received a
+ // "completed" sync status.
+ double? syncCompletedTime;
+
+ // True if the entry is a shortcut.
+ boolean? shortcut;
+};
+
+// Information about total and remaining size on the mount point.
+dictionary MountPointSizeStats {
+ // Approximate total available size on the mount point.
+ double totalSize;
+
+ // Approximate remaining available size on the mount point.
+ double remainingSize;
+};
+
+dictionary SearchDriveResponse {
+ // Search results.
+ [instanceOf=Entry] object[] entries;
+
+ // ID of the feed that contains next chunk of the search result.
+ // Should be sent to the next searchDrive request to perform
+ // incremental search.
+ DOMString nextFeed;
+};
+
+// Free and total space available in Drive relative to both the user and their
+// organization, if they belong to one.
+dictionary DriveQuotaMetadata {
+ UserType userType;
+
+ // How much space the individual user, or shared drive has used.
+ double usedBytes;
+ // The individual user, or shared drive limit. -1 means infinite.
+ double totalBytes;
+
+ // The following two fields only have meaning if user_type is kOrganization.
+ // Whether the organization has exceeded its storage limit.
+ boolean organizationLimitExceeded;
+ // Name of the organization the user belongs to.
+ DOMString organizationName;
+};
+
+// Information about a profile.
+dictionary ProfileInfo {
+ // Profile ID. This is currently e-mail address of the profile.
+ DOMString profileId;
+
+ // The name of the profile for display purpose.
+ DOMString displayName;
+
+ // True if the profile is the one running the current file manager instance.
+ // TODO(hirono): Remove the property because of the design change of
+ // multi-profile suuport.
+ boolean isCurrentProfile;
+};
+
+// The return data for getProfiles() API.
+dictionary ProfilesResponse {
+ // List of profile information.
+ ProfileInfo[] profiles;
+
+ // ID of the profile that runs the application instance.
+ DOMString currentProfileId;
+
+ // ID of the profile that shows the application window.
+ DOMString displayedProfileId;
+};
+
+// Represents an icon in multiple dimensions. All are optional.
+dictionary IconSet {
+ DOMString? icon16x16Url;
+ DOMString? icon32x32Url;
+};
+
+// Mounted disk volume metadata.
+dictionary VolumeMetadata {
+ // ID of the disk volume.
+ DOMString volumeId;
+
+ // Id the provided file system (for provided file systems).
+ DOMString? fileSystemId;
+
+ // ID of the provider, if the volume is backed by FSP.
+ DOMString? providerId;
+
+ // Source of the volume's data.
+ Source source;
+
+ // Label of the volume (if available).
+ DOMString? volumeLabel;
+
+ // Description of the profile where the volume belongs.
+ // TODO(hirono): Remove the property because of the design change of
+ // multi-profile support.
+ ProfileInfo profile;
+
+ // The path to the mounted device, archive file or network resource.
+ DOMString? sourcePath;
+
+ // Type of the mounted volume.
+ VolumeType volumeType;
+
+ // Device type. Available if this is removable volume.
+ DeviceType? deviceType;
+
+ // Path to identify the device. This is consistent with DeviceEvent's
+ // devicePath.
+ DOMString? devicePath;
+
+ // Whether the device is parent or not (i.e. sdb rather than sdb1).
+ boolean? isParentDevice;
+
+ // Flag that specifies if volume is mounted in read-only mode.
+ boolean isReadOnly;
+
+ // Flag that specifies if the device is write-protected.
+ // Valid only for the volumes of removable device partitions.
+ boolean isReadOnlyRemovableDevice;
+
+ // Flag that specifies whether the volume contains media.
+ boolean hasMedia;
+
+ // Flag that specifies whether the volume is configurable.
+ boolean configurable;
+
+ // Flag that specifies whether the volume is watchable.
+ boolean watchable;
+
+ // Additional data about mount, for example, that the filesystem is not
+ // supported.
+ MountError? mountCondition;
+
+ // Context in which the volume has been mounted.
+ MountContext? mountContext;
+
+ // File system type indentifier.
+ DOMString? diskFileSystemType;
+
+ // Icons for the volume.
+ IconSet iconSet;
+
+ // Drive label of the volume. Removable partitions that belong to the
+ // same physical removable device share the same drive label.
+ DOMString? driveLabel;
+
+ // The path on the remote host where this volume is mounted, for crostini this
+ // is the user's homedir (/home/chrome.fileSystemProvider API to create file systems,
+// that can be accessible from the file manager on Chrome OS.
+[implemented_in="chrome/browser/chromeos/extensions/file_system_provider/file_system_provider_api.h"]
+namespace fileSystemProvider {
+ // Error codes used by providing extensions in response to requests as well
+ // as in case of errors when calling methods of the API. For success,
+ // "OK" must be used.
+ enum ProviderError {
+ OK,
+ FAILED,
+ IN_USE,
+ EXISTS,
+ NOT_FOUND,
+ ACCESS_DENIED,
+ TOO_MANY_OPENED,
+ NO_MEMORY,
+ NO_SPACE,
+ NOT_A_DIRECTORY,
+ INVALID_OPERATION,
+ SECURITY,
+ ABORT,
+ NOT_A_FILE,
+ NOT_EMPTY,
+ INVALID_URL,
+ IO
+ };
+
+ // Mode of opening a file. Used by $(ref:onOpenFileRequested).
+ enum OpenFileMode {
+ READ,
+ WRITE
+ };
+
+ // Type of a change detected on the observed directory.
+ enum ChangeType {
+ CHANGED,
+ DELETED
+ };
+
+ // List of common actions. "SHARE" is for sharing files with
+ // others. "SAVE_FOR_OFFLINE" for pinning (saving for offline
+ // access). "OFFLINE_NOT_NECESSARY" for notifying that the file
+ // doesn't need to be stored for offline access anymore.
+ // Used by $(ref:onGetActionsRequested) and $(ref:onExecuteActionRequested).
+ enum CommonActionId {
+ SAVE_FOR_OFFLINE,
+ OFFLINE_NOT_NECESSARY,
+ SHARE
+ };
+
+ // Cloud storage representation of a file system entry.
+ dictionary CloudIdentifier {
+ // Identifier for the cloud storage provider (e.g. 'drive.google.com').
+ DOMString providerName;
+
+ // The provider's identifier for the given file/directory.
+ DOMString id;
+ };
+
+ // Represents metadata of a file or a directory.
+ dictionary EntryMetadata {
+ // True if it is a directory. Must be provided if requested in
+ // options.
+ boolean? isDirectory;
+
+ // Name of this entry (not full path name). Must not contain '/'. For root
+ // it must be empty. Must be provided if requested in options.
+ DOMString? name;
+
+ // File size in bytes. Must be provided if requested in
+ // options.
+ double? size;
+
+ // The last modified time of this entry. Must be provided if requested in
+ // options.
+ [instanceOf=Date] object? modificationTime;
+
+ // Mime type for the entry. Always optional, but should be provided if
+ // requested in options.
+ DOMString? mimeType;
+
+ // Thumbnail image as a data URI in either PNG, JPEG or WEBP format, at most
+ // 32 KB in size. Optional, but can be provided only when explicitly
+ // requested by the $(ref:onGetMetadataRequested) event.
+ DOMString? thumbnail;
+
+ // Cloud storage representation of this entry. Must be provided if requested
+ // in options and the file is backed by cloud storage. For
+ // local files not backed by cloud storage, it should be undefined when
+ // requested.
+ CloudIdentifier? cloudIdentifier;
+ };
+
+ // Represents a watcher.
+ dictionary Watcher {
+ // The path of the entry being observed.
+ DOMString entryPath;
+
+ // Whether watching should include all child entries recursively. It can be
+ // true for directories only.
+ boolean recursive;
+
+ // Tag used by the last notification for the watcher.
+ DOMString? lastTag;
+ };
+
+ // Represents an opened file.
+ dictionary OpenedFile {
+ // A request ID to be be used by consecutive read/write and close requests.
+ long openRequestId;
+
+ // The path of the opened file.
+ DOMString filePath;
+
+ // Whether the file was opened for reading or writing.
+ OpenFileMode mode;
+ };
+
+ // Represents a mounted file system.
+ dictionary FileSystemInfo {
+ // The identifier of the file system.
+ DOMString fileSystemId;
+
+ // A human-readable name for the file system.
+ DOMString displayName;
+
+ // Whether the file system supports operations which may change contents
+ // of the file system (such as creating, deleting or writing to files).
+ boolean writable;
+
+ // The maximum number of files that can be opened at once. If 0, then not
+ // limited.
+ long openedFilesLimit;
+
+ // List of currently opened files.
+ OpenedFile[] openedFiles;
+
+ // Whether the file system supports the tag field for observing
+ // directories.
+ boolean? supportsNotifyTag;
+
+ // List of watchers.
+ Watcher[] watchers;
+ };
+
+ // Options for the $(ref:mount) method.
+ dictionary MountOptions {
+ // The string indentifier of the file system. Must be unique per each
+ // extension.
+ DOMString fileSystemId;
+
+ // A human-readable name for the file system.
+ DOMString displayName;
+
+ // Whether the file system supports operations which may change contents
+ // of the file system (such as creating, deleting or writing to files).
+ boolean? writable;
+
+ // The maximum number of files that can be opened at once. If not specified,
+ // or 0, then not limited.
+ long? openedFilesLimit;
+
+ // Whether the file system supports the tag field for observed
+ // directories.
+ boolean? supportsNotifyTag;
+
+ // Whether the framework should resume the file system at the next sign-in
+ // session. True by default.
+ boolean? persistent;
+ };
+
+ // Options for the $(ref:unmount) method.
+ dictionary UnmountOptions {
+ // The identifier of the file system to be unmounted.
+ DOMString fileSystemId;
+ };
+
+ // Options for the $(ref:onUnmountRequested) event.
+ dictionary UnmountRequestedOptions {
+ // The identifier of the file system to be unmounted.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+ };
+
+ // Options for the $(ref:onGetMetadataRequested) event.
+ dictionary GetMetadataRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the entry to fetch metadata about.
+ DOMString entryPath;
+
+ // Set to true if is_directory value is requested.
+ boolean isDirectory;
+
+ // Set to true if name value is requested.
+ boolean name;
+
+ // Set to true if size value is requested.
+ boolean size;
+
+ // Set to true if modificationTime value is
+ // requested.
+ boolean modificationTime;
+
+ // Set to true if mimeType value is requested.
+ boolean mimeType;
+
+ // Set to true if thumbnail value is requested.
+ boolean thumbnail;
+
+ // Set to true if cloudIdentifier value is
+ // requested.
+ boolean cloudIdentifier;
+ };
+
+ // Options for the $(ref:onGetActionsRequested) event.
+ dictionary GetActionsRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // List of paths of entries for the list of actions.
+ DOMString[] entryPaths;
+ };
+
+ // Options for the $(ref:onReadDirectoryRequested) event.
+ dictionary ReadDirectoryRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the directory which contents are requested.
+ DOMString directoryPath;
+
+ // Set to true if is_directory value is requested.
+ boolean isDirectory;
+
+ // Set to true if name value is requested.
+ boolean name;
+
+ // Set to true if size value is requested.
+ boolean size;
+
+ // Set to true if modificationTime value is
+ // requested.
+ boolean modificationTime;
+
+ // Set to true if mimeType value is requested.
+ boolean mimeType;
+
+ // Set to true if thumbnail value is requested.
+ boolean thumbnail;
+ };
+
+ // Options for the $(ref:onOpenFileRequested) event.
+ dictionary OpenFileRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // A request ID which will be used by consecutive read/write and close
+ // requests.
+ long requestId;
+
+ // The path of the file to be opened.
+ DOMString filePath;
+
+ // Whether the file will be used for reading or writing.
+ OpenFileMode mode;
+ };
+
+ // Options for the $(ref:onCloseFileRequested) event.
+ dictionary CloseFileRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // A request ID used to open the file.
+ long openRequestId;
+ };
+
+ // Options for the $(ref:onReadFileRequested) event.
+ dictionary ReadFileRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // A request ID used to open the file.
+ long openRequestId;
+
+ // Position in the file (in bytes) to start reading from.
+ double offset;
+
+ // Number of bytes to be returned.
+ double length;
+ };
+
+ // Options for the $(ref:onCreateDirectoryRequested) event.
+ dictionary CreateDirectoryRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the directory to be created.
+ DOMString directoryPath;
+
+ // Whether the operation is recursive (for directories only).
+ boolean recursive;
+ };
+
+ // Options for the $(ref:onDeleteEntryRequested) event.
+ dictionary DeleteEntryRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the entry to be deleted.
+ DOMString entryPath;
+
+ // Whether the operation is recursive (for directories only).
+ boolean recursive;
+ };
+
+ // Options for the $(ref:onCreateFileRequested) event.
+ dictionary CreateFileRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the file to be created.
+ DOMString filePath;
+ };
+
+ // Options for the $(ref:onCopyEntryRequested) event.
+ dictionary CopyEntryRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The source path of the entry to be copied.
+ DOMString sourcePath;
+
+ // The destination path for the copy operation.
+ DOMString targetPath;
+ };
+
+ // Options for the $(ref:onMoveEntryRequested) event.
+ dictionary MoveEntryRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The source path of the entry to be moved into a new place.
+ DOMString sourcePath;
+
+ // The destination path for the copy operation.
+ DOMString targetPath;
+ };
+
+ // Options for the $(ref:onTruncateRequested) event.
+ dictionary TruncateRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the file to be truncated.
+ DOMString filePath;
+
+ // Number of bytes to be retained after the operation completes.
+ double length;
+ };
+
+ // Options for the $(ref:onWriteFileRequested) event.
+ dictionary WriteFileRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // A request ID used to open the file.
+ long openRequestId;
+
+ // Position in the file (in bytes) to start writing the bytes from.
+ double offset;
+
+ // Buffer of bytes to be written to the file.
+ ArrayBuffer data;
+ };
+
+ // Options for the $(ref:onAbortRequested) event.
+ dictionary AbortRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // An ID of the request to be aborted.
+ long operationRequestId;
+ };
+
+ // Options for the $(ref:onAddWatcherRequested) event.
+ dictionary AddWatcherRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the entry to be observed.
+ DOMString entryPath;
+
+ // Whether observing should include all child entries recursively. It can be
+ // true for directories only.
+ boolean recursive;
+ };
+
+ // Options for the $(ref:onRemoveWatcherRequested) event.
+ dictionary RemoveWatcherRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The path of the watched entry.
+ DOMString entryPath;
+
+ // Mode of the watcher.
+ boolean recursive;
+ };
+
+ // Information about an action for an entry.
+ dictionary Action {
+ // The identifier of the action. Any string or $(ref:CommonActionId) for
+ // common actions.
+ DOMString id;
+
+ // The title of the action. It may be ignored for common actions.
+ DOMString? title;
+ };
+
+ // Options for the $(ref:onExecuteActionRequested) event.
+ dictionary ExecuteActionRequestedOptions {
+ // The identifier of the file system related to this operation.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+
+ // The set of paths of the entries to be used for the action.
+ DOMString[] entryPaths;
+
+ // The identifier of the action to be executed.
+ DOMString actionId;
+ };
+
+ // Information about a change happened to an entry within the observed
+ // directory (including the entry itself).
+ dictionary Change {
+ // The path of the changed entry.
+ DOMString entryPath;
+
+ // The type of the change which happened to the entry.
+ ChangeType changeType;
+ };
+
+ // Options for the $(ref:notify) method.
+ dictionary NotifyOptions {
+ // The identifier of the file system related to this change.
+ DOMString fileSystemId;
+
+ // The path of the observed entry.
+ DOMString observedPath;
+
+ // Mode of the observed entry.
+ boolean recursive;
+
+ // The type of the change which happened to the observed entry. If it is
+ // DELETED, then the observed entry will be automatically removed from the
+ // list of observed entries.
+ ChangeType changeType;
+
+ // List of changes to entries within the observed directory (including the
+ // entry itself)
+ Change[]? changes;
+
+ // Tag for the notification. Required if the file system was mounted with
+ // the supportsNotifyTag option. Note, that this flag is
+ // necessary to provide notifications about changes which changed even
+ // when the system was shutdown.
+ DOMString? tag;
+ };
+
+ // Options for the $(ref:onConfigureRequested) event.
+ dictionary ConfigureRequestedOptions {
+ // The identifier of the file system to be configured.
+ DOMString fileSystemId;
+
+ // The unique identifier of this request.
+ long requestId;
+ };
+
+ // Callback to receive the result of $(ref:getAll) function.
+ callback GetAllCallback = void(FileSystemInfo[] fileSystems);
+
+ // Callback to receive the result of $(ref:get) function.
+ callback GetCallback = void(FileSystemInfo fileSystem);
+
+ // Callback to be called by the providing extension in case of a success.
+ [nocompile] callback ProviderSuccessCallback = void();
+
+ // Callback to be called by the providing extension in case of an error.
+ // Any error code is allowed except OK.
+ [nocompile] callback ProviderErrorCallback = void(ProviderError error);
+
+ // Success callback for the $(ref:onGetMetadataRequested) event.
+ [nocompile] callback MetadataCallback = void(EntryMetadata metadata);
+
+ // Success callback for the $(ref:onGetActionsRequested) event.
+ [nocompile] callback ActionsCallback = void(Action[] actions);
+
+ // Success callback for the $(ref:onReadDirectoryRequested) event. If more
+ // entries will be returned, then hasMore must be true, and it
+ // has to be called again with additional entries. If no more entries are
+ // available, then hasMore must be set to false.
+ [nocompile] callback EntriesCallback = void(
+ EntryMetadata[] entries, boolean hasMore);
+
+ // Success callback for the $(ref:onReadFileRequested) event. If more
+ // data will be returned, then hasMore must be true, and it
+ // has to be called again with additional entries. If no more data is
+ // available, then hasMore must be set to false.
+ [nocompile] callback FileDataCallback = void(
+ ArrayBuffer data, boolean hasMore);
+
+ // A generic result callback to indicate success or failure.
+ callback ResultCallback = void();
+
+ interface Functions {
+ // Mounts a file system with the given fileSystemId and
+ // displayName. displayName will be shown in the
+ // left panel of the Files app. displayName can contain any
+ // characters including '/', but cannot be an empty string.
+ // displayName must be descriptive but doesn't have to be
+ // unique. The fileSystemId must not be an empty string.
+ //
+ // Depending on the type of the file system being mounted, the
+ // source option must be set appropriately.
+ //
+ // In case of an error, $(ref:runtime.lastError) will be set with a
+ // corresponding error code.
+ [supportsPromises] static void mount(MountOptions options,
+ optional ResultCallback callback);
+
+ // Unmounts a file system with the given fileSystemId. It
+ // must be called after $(ref:onUnmountRequested) is invoked. Also,
+ // the providing extension can decide to perform unmounting if not requested
+ // (eg. in case of lost connection, or a file error).
+ //
+ // In case of an error, $(ref:runtime.lastError) will be set with a
+ // corresponding error code.
+ [supportsPromises] static void unmount(UnmountOptions options,
+ optional ResultCallback callback);
+
+ // Returns all file systems mounted by the extension.
+ [supportsPromises] static void getAll(GetAllCallback callback);
+
+ // Returns information about a file system with the passed
+ // fileSystemId.
+ [supportsPromises] static void get(DOMString fileSystemId,
+ GetCallback callback);
+
+ // Notifies about changes in the watched directory at
+ // observedPath in recursive mode. If the file
+ // system is mounted with supportsNotifyTag, then
+ // tag must be provided, and all changes since the last
+ // notification always reported, even if the system was shutdown. The last
+ // tag can be obtained with $(ref:getAll).
+ //
+ // To use, the file_system_provider.notify manifest option
+ // must be set to true.
+ //
+ // Value of tag can be any string which is unique per call,
+ // so it's possible to identify the last registered notification. Eg. if
+ // the providing extension starts after a reboot, and the last registered
+ // notification's tag is equal to "123", then it should call $(ref:notify)
+ // for all changes which happened since the change tagged as "123". It
+ // cannot be an empty string.
+ //
+ // Not all providers are able to provide a tag, but if the file system has
+ // a changelog, then the tag can be eg. a change number, or a revision
+ // number.
+ //
+ // Note that if a parent directory is removed, then all descendant entries
+ // are also removed, and if they are watched, then the API must be notified
+ // about the fact. Also, if a directory is renamed, then all descendant
+ // entries are in fact removed, as there is no entry under their original
+ // paths anymore.
+ //
+ // In case of an error, $(ref:runtime.lastError) will be set
+ // will a corresponding error code.
+ [supportsPromises] static void notify(NotifyOptions options,
+ optional ResultCallback callback);
+ };
+
+ interface Events {
+ // Raised when unmounting for the file system with the
+ // fileSystemId identifier is requested. In the response, the
+ // $(ref:unmount) API method must be called together with
+ // successCallback. If unmounting is not possible (eg. due to
+ // a pending operation), then errorCallback must be called.
+ [maxListeners=1] static void onUnmountRequested(
+ UnmountRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when metadata of a file or a directory at entryPath
+ // is requested. The metadata must be returned with the
+ // successCallback call. In case of an error,
+ // errorCallback must be called.
+ [maxListeners=1] static void onGetMetadataRequested(
+ GetMetadataRequestedOptions options,
+ MetadataCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when a list of actions for a set of files or directories at
+ // entryPaths is requested. All of the returned actions must
+ // be applicable to each entry. If there are no such actions, an empty array
+ // should be returned. The actions must be returned with the
+ // successCallback call. In case of an error,
+ // errorCallback must be called.
+ [maxListeners=1] static void onGetActionsRequested(
+ GetActionsRequestedOptions options,
+ ActionsCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when contents of a directory at directoryPath are
+ // requested. The results must be returned in chunks by calling the
+ // successCallback several times. In case of an error,
+ // errorCallback must be called.
+ [maxListeners=1] static void onReadDirectoryRequested(
+ ReadDirectoryRequestedOptions options,
+ EntriesCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when opening a file at filePath is requested. If the
+ // file does not exist, then the operation must fail. Maximum number of
+ // files opened at once can be specified with MountOptions.
+ [maxListeners=1] static void onOpenFileRequested(
+ OpenFileRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when opening a file previously opened with
+ // openRequestId is requested to be closed.
+ [maxListeners=1] static void onCloseFileRequested(
+ CloseFileRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when reading contents of a file opened previously with
+ // openRequestId is requested. The results must be returned in
+ // chunks by calling successCallback several times. In case of
+ // an error, errorCallback must be called.
+ [maxListeners=1] static void onReadFileRequested(
+ ReadFileRequestedOptions options,
+ FileDataCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when creating a directory is requested. The operation must fail
+ // with the EXISTS error if the target directory already exists.
+ // If recursive is true, then all of the missing directories
+ // on the directory path must be created.
+ [maxListeners=1] static void onCreateDirectoryRequested(
+ CreateDirectoryRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when deleting an entry is requested. If recursive is
+ // true, and the entry is a directory, then all of the entries inside
+ // must be recursively deleted as well.
+ [maxListeners=1] static void onDeleteEntryRequested(
+ DeleteEntryRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when creating a file is requested. If the file already exists,
+ // then errorCallback must be called with the
+ // "EXISTS" error code.
+ [maxListeners=1] static void onCreateFileRequested(
+ CreateFileRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when copying an entry (recursively if a directory) is requested.
+ // If an error occurs, then errorCallback must be called.
+ [maxListeners=1] static void onCopyEntryRequested(
+ CopyEntryRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when moving an entry (recursively if a directory) is requested.
+ // If an error occurs, then errorCallback must be called.
+ [maxListeners=1] static void onMoveEntryRequested(
+ MoveEntryRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when truncating a file to a desired length is requested.
+ // If an error occurs, then errorCallback must be called.
+ [maxListeners=1] static void onTruncateRequested(
+ TruncateRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when writing contents to a file opened previously with
+ // openRequestId is requested.
+ [maxListeners=1] static void onWriteFileRequested(
+ WriteFileRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when aborting an operation with operationRequestId
+ // is requested. The operation executed with operationRequestId
+ // must be immediately stopped and successCallback of this
+ // abort request executed. If aborting fails, then
+ // errorCallback must be called. Note, that callbacks of the
+ // aborted operation must not be called, as they will be ignored. Despite
+ // calling errorCallback, the request may be forcibly aborted.
+ [maxListeners=1] static void onAbortRequested(
+ AbortRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when showing a configuration dialog for fileSystemId
+ // is requested. If it's handled, the
+ // file_system_provider.configurable manfiest option must be
+ // set to true.
+ [maxListeners=1] static void onConfigureRequested(
+ ConfigureRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when showing a dialog for mounting a new file system is requested.
+ // If the extension/app is a file handler, then this event shouldn't be
+ // handled. Instead app.runtime.onLaunched should be handled in
+ // order to mount new file systems when a file is opened. For multiple
+ // mounts, the file_system_provider.multiple_mounts manifest
+ // option must be set to true.
+ [maxListeners=1] static void onMountRequested(
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when setting a new directory watcher is requested. If an error
+ // occurs, then errorCallback must be called.
+ [maxListeners=1] static void onAddWatcherRequested(
+ AddWatcherRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when the watcher should be removed. If an error occurs, then
+ // errorCallback must be called.
+ [maxListeners=1] static void onRemoveWatcherRequested(
+ RemoveWatcherRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+
+ // Raised when executing an action for a set of files or directories is\
+ // requested. After the action is completed, successCallback
+ // must be called. On error, errorCallback must be called.
+ [maxListeners=1] static void onExecuteActionRequested(
+ ExecuteActionRequestedOptions options,
+ ProviderSuccessCallback successCallback,
+ ProviderErrorCallback errorCallback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/file_system_provider_internal.idl b/tools/under-control/src/chrome/common/extensions/api/file_system_provider_internal.idl
new file mode 100755
index 000000000..1390d1b2a
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/file_system_provider_internal.idl
@@ -0,0 +1,74 @@
+// Copyright 2014 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Internal, used by fileSystemProvider's custom bindings. These functions are
+// called when events' callbacks are invoked.
+[implemented_in="chrome/browser/chromeos/extensions/file_system_provider/file_system_provider_api.h",
+ nodoc]
+namespace fileSystemProviderInternal {
+ interface Functions {
+ // Internal. Callback for mount requests.
+ static void respondToMountRequest(
+ long requestId,
+ fileSystemProvider.ProviderError error,
+ long executionTime);
+
+ // Internal. Success callback of the onUnmountRequested
+ // event. Must be called when unmounting is completed.
+ static void unmountRequestedSuccess(
+ DOMString fileSystemId,
+ long requestId,
+ long executionTime);
+
+ // Internal. Success callback of the onGetMetadataRequested
+ // event. Must be called if metadata is available.
+ static void getMetadataRequestedSuccess(
+ DOMString fileSystemId,
+ long requestId,
+ fileSystemProvider.EntryMetadata metadata,
+ long executionTime);
+
+ // Internal. Success callback of the onGetActionsRequested
+ // event. Must be called if actions are available.
+ static void getActionsRequestedSuccess(
+ DOMString fileSystemId,
+ long requestId,
+ fileSystemProvider.Action[] actions,
+ long executionTime);
+
+ // Internal. Success callback of the onReadDirectoryRequested
+ // event. Can be called multiple times per request.
+ static void readDirectoryRequestedSuccess(
+ DOMString fileSystemId,
+ long requestId,
+ fileSystemProvider.EntryMetadata[] entries,
+ boolean hasMore,
+ long executionTime);
+
+ // Internal. Success callback of the onReadFileRequested
+ // event. Can be called multiple times per request.
+ static void readFileRequestedSuccess(
+ DOMString fileSystemId,
+ long requestId,
+ ArrayBuffer data,
+ boolean hasMore,
+ long executionTime);
+
+ // Internal. Success callback of all of the operation requests, which do not
+ // return any value. Must be called in case of a success.
+ static void operationRequestedSuccess(
+ DOMString fileSystemId,
+ long requestId,
+ long executionTime);
+
+ // Internal. Error callback of all of the operation requests. Must be called
+ // if an operation fails.
+ static void operationRequestedError(
+ DOMString fileSystemId,
+ long requestId,
+ fileSystemProvider.ProviderError error,
+ long executionTime);
+ };
+};
+
diff --git a/tools/under-control/src/chrome/common/extensions/api/identity.idl b/tools/under-control/src/chrome/common/extensions/api/identity.idl
new file mode 100755
index 000000000..cccc2f6dc
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/identity.idl
@@ -0,0 +1,243 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.identity API to get OAuth2 access tokens.
+namespace identity {
+
+ dictionary AccountInfo {
+ // A unique identifier for the account. This ID will not change
+ // for the lifetime of the account.
+ DOMString id;
+ };
+
+ enum AccountStatus {
+ // Specifies that Sync is enabled for the primary account.
+ SYNC,
+ // Specifies the existence of a primary account, if any.
+ ANY
+ };
+
+ dictionary ProfileDetails {
+ // A status of the primary account signed into a profile whose
+ // ProfileUserInfo should be returned. Defaults to
+ // SYNC account status.
+ AccountStatus? accountStatus;
+ };
+
+ dictionary ProfileUserInfo {
+ // An email address for the user account signed into the current
+ // profile. Empty if the user is not signed in or the
+ // identity.email manifest permission is not
+ // specified.
+ DOMString email;
+
+ // A unique identifier for the account. This ID will not change
+ // for the lifetime of the account. Empty if the user is not
+ // signed in or (in M41+) the identity.email
+ // manifest permission is not specified.
+ DOMString id;
+ };
+
+ dictionary TokenDetails {
+ // Fetching a token may require the user to sign-in to Chrome, or
+ // approve the application's requested scopes. If the interactive
+ // flag is true, getAuthToken will
+ // prompt the user as necessary. When the flag is
+ // false or omitted, getAuthToken will
+ // return failure any time a prompt would be required.
+ boolean? interactive;
+
+ // The account ID whose token should be returned. If not specified, the
+ // function will use an account from the Chrome profile: the Sync account if
+ // there is one, or otherwise the first Google web account.
+ AccountInfo? account;
+
+ // A list of OAuth2 scopes to request.
+ //
+ // When the scopes field is present, it overrides the
+ // list of scopes specified in manifest.json.
+ DOMString[]? scopes;
+
+ // The enableGranularPermissions flag allows extensions to
+ // opt-in early to the granular permissions consent screen, in which
+ // requested permissions are granted or denied individually.
+ boolean? enableGranularPermissions;
+ };
+
+ dictionary InvalidTokenDetails {
+ // The specific token that should be removed from the cache.
+ DOMString token;
+ };
+
+ dictionary WebAuthFlowDetails {
+ // The URL that initiates the auth flow.
+ DOMString url;
+
+ // Whether to launch auth flow in interactive mode.
+ //
+ // Since some auth flows may immediately redirect to a result URL,
+ // launchWebAuthFlow hides its web view until the first
+ // navigation either redirects to the final URL, or finishes loading a page
+ // meant to be displayed.
+ //
+ // If the interactive flag is true, the window
+ // will be displayed when a page load completes. If the flag is
+ // false or omitted, launchWebAuthFlow will return
+ // with an error if the initial navigation does not complete the flow.
+ //
+ // For flows that use JavaScript for redirection,
+ // abortOnLoadForNonInteractive can be set to false
+ // in combination with setting timeoutMsForNonInteractive to give
+ // the page a chance to perform any redirects.
+ boolean? interactive;
+
+ // Whether to terminate launchWebAuthFlow for non-interactive
+ // requests after the page loads. This parameter does not affect interactive
+ // flows.
+ //
+ // When set to true (default) the flow will terminate
+ // immediately after the page loads. When set to false, the
+ // flow will only terminate after the
+ // timeoutMsForNonInteractive passes. This is useful for
+ // identity providers that use JavaScript to perform redirections after the
+ // page loads.
+ boolean? abortOnLoadForNonInteractive;
+
+ // The maximum amount of time, in miliseconds,
+ // launchWebAuthFlow is allowed to run in non-interactive mode
+ // in total. Only has an effect if interactive is
+ // false.
+ long? timeoutMsForNonInteractive;
+ };
+
+ dictionary GetAuthTokenResult {
+ // The specific token associated with the request.
+ DOMString? token;
+
+ // A list of OAuth2 scopes granted to the extension.
+ DOMString[]? grantedScopes;
+ };
+
+ callback GetAuthTokenCallback = void (GetAuthTokenResult result);
+ callback GetAccountsCallback = void (AccountInfo[] accounts);
+ callback GetProfileUserInfoCallback = void (ProfileUserInfo userInfo);
+ callback InvalidateAuthTokenCallback = void ();
+ callback ClearAllCachedAuthTokensCallback = void ();
+ callback LaunchWebAuthFlowCallback = void (optional DOMString responseUrl);
+
+ interface Functions {
+ // Retrieves a list of AccountInfo objects describing the accounts
+ // present on the profile.
+ //
+ // getAccounts is only supported on dev channel.
+ [supportsPromises] static void getAccounts(GetAccountsCallback callback);
+
+ // Gets an OAuth2 access token using the client ID and scopes
+ // specified in the oauth2
+ // section of manifest.json.
+ //
+ // The Identity API caches access tokens in memory, so it's ok to
+ // call getAuthToken non-interactively any time a token is
+ // required. The token cache automatically handles expiration.
+ //
+ // For a good user experience it is important interactive token requests are
+ // initiated by UI in your app explaining what the authorization is for.
+ // Failing to do this will cause your users to get authorization requests,
+ // or Chrome sign in screens if they are not signed in, with with no
+ // context. In particular, do not use getAuthToken
+ // interactively when your app is first launched.
+ //
+ // Note: When called with a callback, instead of returning an object this
+ // function will return the two properties as separate arguments passed to
+ // the callback.
+ //
+ // |details| : Token options.
+ // |callback| : Called with an OAuth2 access token as specified by the
+ // manifest, or undefined if there was an error. The
+ // grantedScopes parameter is populated since Chrome 87. When
+ // available, this parameter contains the list of granted scopes
+ // corresponding with the returned token.
+ [supportsPromises] static void getAuthToken(
+ optional TokenDetails details,
+ optional GetAuthTokenCallback callback);
+
+ // Retrieves email address and obfuscated gaia id of the user
+ // signed into a profile.
+ //
+ // Requires the identity.email manifest permission. Otherwise,
+ // returns an empty result.
+ //
+ // This API is different from identity.getAccounts in two
+ // ways. The information returned is available offline, and it
+ // only applies to the primary account for the profile.
+ //
+ // |details|: Profile options.
+ // |callback|: Called with the ProfileUserInfo of the primary
+ // Chrome account, of an empty ProfileUserInfo if the account
+ // with given details doesn't exist.
+ [supportsPromises] static void getProfileUserInfo(
+ optional ProfileDetails details,
+ GetProfileUserInfoCallback callback);
+
+ // Removes an OAuth2 access token from the Identity API's token cache.
+ //
+ // If an access token is discovered to be invalid, it should be
+ // passed to removeCachedAuthToken to remove it from the
+ // cache. The app may then retrieve a fresh token with
+ // getAuthToken.
+ //
+ // |details| : Token information.
+ // |callback| : Called when the token has been removed from the cache.
+ [supportsPromises] static void removeCachedAuthToken(
+ InvalidTokenDetails details,
+ optional InvalidateAuthTokenCallback callback);
+
+ // Resets the state of the Identity API:
+ // https://<app-id>.chromiumapp.org/*, the
+ // window will close, and the final redirect URL will be passed to
+ // the callback function.
+ //
+ // For a good user experience it is important interactive auth flows are
+ // initiated by UI in your app explaining what the authorization is for.
+ // Failing to do this will cause your users to get authorization requests
+ // with no context. In particular, do not launch an interactive auth flow
+ // when your app is first launched.
+ //
+ // |details| : WebAuth flow options.
+ // |callback| : Called with the URL redirected back to your application.
+ [supportsPromises] static void launchWebAuthFlow(
+ WebAuthFlowDetails details,
+ LaunchWebAuthFlowCallback callback);
+
+ // Generates a redirect URL to be used in |launchWebAuthFlow|.
+ //
+ // The generated URLs match the pattern
+ // https://<app-id>.chromiumapp.org/*.
+ //
+ // |path| : The path appended to the end of the generated URL.
+ [nocompile] static DOMString getRedirectURL(optional DOMString path);
+ };
+
+ interface Events {
+ // Fired when signin state changes for an account on the user's profile.
+ static void onSignInChanged(AccountInfo account, boolean signedIn);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/idltest.idl b/tools/under-control/src/chrome/common/extensions/api/idltest.idl
new file mode 100755
index 000000000..6502f9de3
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/idltest.idl
@@ -0,0 +1,32 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// An API to test IDL schema specifications.
+namespace idltest {
+
+ callback LongArrayCallback = void(long[] array);
+ callback ArrayBufferCallback = void(ArrayBuffer buffer);
+
+ interface Functions {
+ // Functions for testing binary data request/response parameters. The first
+ // two just return back the bytes they were passed in an array.
+ [supportsPromises] static void sendArrayBuffer(ArrayBuffer input,
+ LongArrayCallback callback);
+
+ // TODO(asargent) - we currently can't have [instanceOf=ArrayBufferView],
+ // I think because ArrayBufferView isn't an instantiable type. The best
+ // we might be able to do is have a 'choices' list including all the
+ // typed array subclasses like Uint8Array, Uint16Array, Float32Array, etc.
+ [supportsPromises] static void sendArrayBufferView(
+ [instanceOf=Uint8Array] ArrayBufferView input,
+ LongArrayCallback callback);
+ [supportsPromises] static void getArrayBuffer(ArrayBufferCallback callback);
+
+ // This function should not have C++ code autogenerated (the variable name
+ // |switch| should cause compile errors if it does). But the name should
+ // get defined and made visible from within extensions/apps code.
+ [nocompile] static void nocompileFunc(long switch);
+ };
+
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/image_loader_private.idl b/tools/under-control/src/chrome/common/extensions/api/image_loader_private.idl
new file mode 100755
index 000000000..06442ffe5
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/image_loader_private.idl
@@ -0,0 +1,42 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// imageLoaderPrivate API.
+// This is a private API used by the ChromeOS FilesApp ImageLoader extension.
+[platforms=("chromeos"),
+ implemented_in="chrome/browser/ash/extensions/file_manager/image_loader_private_api.h"]
+namespace imageLoaderPrivate {
+ // |thumbnailDataUrl| A data URL for the thumbnail; |thumbnailDataUrl| is
+ // empty if no thumbnail was available.
+ callback GetThumbnailCallback = void(DOMString thumbnailDataUrl);
+
+ interface Functions {
+ // For a file in DriveFS, retrieves its thumbnail. If |cropToSquare| is
+ // true, returns a thumbnail appropriate for file list or grid views;
+ // otherwise, returns a thumbnail appropriate for quickview.
+ static void getDriveThumbnail(DOMString url,
+ boolean cropToSquare,
+ GetThumbnailCallback callback);
+
+ // For a local PDF file, retrieves its thumbnail with a given |width| and
+ // |height|.
+ static void getPdfThumbnail(DOMString url,
+ long width,
+ long height,
+ GetThumbnailCallback callback);
+
+ // Retrieves a thumbnail of an ARC DocumentsProvider file, closely matching
+ // the hinted size specified by |widthHint| and |heightHint|, but not
+ // necessarily the exact size. |callback| is called with thumbnail data
+ // encoded as a data URL. If the document does not support thumbnails,
+ // |callback| is called with an empty string.
+ // Note: The thumbnail data may originate from third-party application code,
+ // and is untrustworthy (Security).
+ static void getArcDocumentsProviderThumbnail(DOMString url,
+ long widthHint,
+ long heightHint,
+ GetThumbnailCallback callback);
+ };
+};
+
diff --git a/tools/under-control/src/chrome/common/extensions/api/image_writer_private.idl b/tools/under-control/src/chrome/common/extensions/api/image_writer_private.idl
new file mode 100755
index 000000000..e4914874d
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/image_writer_private.idl
@@ -0,0 +1,145 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.image_writer API to write images to
+// removable media.
+//
+// See the design doc for a detailed description of this API.
+// https://goo.gl/KzMEFq
+namespace imageWriterPrivate {
+ // The different stages of a write call.
+ //
+ // chrome.languageSettingsPrivate API to get or change
+// language and input method settings.
+namespace languageSettingsPrivate {
+ enum MoveType {
+ TOP,
+ UP,
+ DOWN,
+ UNKNOWN
+ };
+
+ dictionary Language {
+ // The unique code identifying the language.
+ DOMString code;
+
+ // The name of the language, in the current UI language.
+ DOMString displayName;
+
+ // The name of the language as it is in its own language.
+ DOMString nativeDisplayName;
+
+ // Whether the UI can be displayed in this language. Defaults to false.
+ boolean? supportsUI;
+
+ // Whether this language can be used for spell checking. Defaults to false.
+ boolean? supportsSpellcheck;
+
+ // Whether this language has translations for the current target language.
+ // Defaults to false.
+ boolean? supportsTranslate;
+
+ // Whether this language is prohibited as a UI locale (not in the list of
+ // the 'AllowedLanguages' policy). Defaults to false.
+ boolean? isProhibitedLanguage;
+ };
+
+ dictionary SpellcheckDictionaryStatus {
+ // The language code of the dictionary that the status describes.
+ DOMString languageCode;
+
+ // Whether the dictionary is ready (has been loaded from disk or
+ // successfully downloaded).
+ boolean isReady;
+
+ // Whether the dictionary is being downloaded. Defaults to false.
+ boolean? isDownloading;
+
+ // Whether the dictionary download failed. Defaults to false.
+ boolean? downloadFailed;
+ };
+
+ dictionary InputMethod {
+ // The ID of the input method descriptor.
+ DOMString id;
+
+ // The human-readable name of the input method.
+ DOMString displayName;
+
+ // The language codes this input method supports.
+ DOMString[] languageCodes;
+
+ // The search terms for the input method.
+ DOMString[] tags;
+
+ // True if the input method is enabled.
+ boolean? enabled;
+
+ // True if the input method extension has an options page.
+ boolean? hasOptionsPage;
+
+ // True if the input method is not allowed by policy.
+ boolean? isProhibitedByPolicy;
+ };
+
+ dictionary InputMethodLists {
+ // The list of component extension input methods.
+ InputMethod[] componentExtensionImes;
+
+ // The list of third-party extension input methods.
+ InputMethod[] thirdPartyExtensionImes;
+ };
+
+ callback GetLanguageListCallback = void (Language[] languages);
+ callback GetAlwaysTranslateLanguagesCallback =
+ void (DOMString[] languageCodes);
+ callback GetNeverTranslateLanguagesCallback =
+ void (DOMString[] languageCodes);
+ callback GetInputMethodListsCallback = void (InputMethodLists lists);
+ callback GetSpellcheckWordsCallback = void (DOMString[] words);
+ callback GetTranslateTargetLanguageCallback = void (DOMString languageCode);
+ callback GetSpellcheckDictionaryStatusesCallback =
+ void (SpellcheckDictionaryStatus[] status);
+
+ interface Functions {
+ // Gets languages available for translate, spell checking, input and locale.
+ [supportsPromises] static void getLanguageList(
+ GetLanguageListCallback callback);
+
+ // Enables a language, adding it to the Accept-Language list (used to decide
+ // which languages to translate, generate the Accept-Language header, etc.).
+ static void enableLanguage(DOMString languageCode);
+
+ // Disables a language, removing it from the Accept-Language list.
+ static void disableLanguage(DOMString languageCode);
+
+ // Enables or disables translation for a given language.
+ static void setEnableTranslationForLanguage(
+ DOMString languageCode, boolean enable);
+
+ // Moves a language inside the language list.
+ static void moveLanguage(DOMString languageCode, MoveType moveType);
+
+ // Gets languages that should always be automatically translated.
+ [supportsPromises] static void getAlwaysTranslateLanguages(
+ GetAlwaysTranslateLanguagesCallback callback);
+
+ // Sets whether a given language should always be automatically translated.
+ static void setLanguageAlwaysTranslateState(
+ DOMString languageCode, boolean alwaysTranslate);
+
+ // Gets languages that should never be offered to translate.
+ [supportsPromises] static void getNeverTranslateLanguages(
+ GetNeverTranslateLanguagesCallback callback);
+
+ // Gets the current status of the chosen spell check dictionaries.
+ [supportsPromises] static void getSpellcheckDictionaryStatuses(
+ GetSpellcheckDictionaryStatusesCallback callback);
+
+ // Gets the custom spell check words, in sorted order.
+ [supportsPromises] static void getSpellcheckWords(
+ GetSpellcheckWordsCallback callback);
+
+ // Adds a word to the custom dictionary.
+ static void addSpellcheckWord(DOMString word);
+
+ // Removes a word from the custom dictionary.
+ static void removeSpellcheckWord(DOMString word);
+
+ // Gets the translate target language (in most cases, the display locale).
+ [supportsPromises] static void getTranslateTargetLanguage(
+ GetTranslateTargetLanguageCallback callback);
+
+ // Sets the translate target language given a language code.
+ static void setTranslateTargetLanguage(DOMString languageCode);
+
+ // Gets all supported input methods, including third-party IMEs.
+ // Chrome OS only.
+ [supportsPromises] static void getInputMethodLists(
+ GetInputMethodListsCallback callback);
+
+ // Adds the input method to the current user's list of enabled input
+ // methods, enabling the input method for the current user. Chrome OS only.
+ static void addInputMethod(DOMString inputMethodId);
+
+ // Removes the input method from the current user's list of enabled input
+ // methods, disabling the input method for the current user. Chrome OS only.
+ static void removeInputMethod(DOMString inputMethodId);
+
+ // Tries to download the dictionary after a failed download.
+ static void retryDownloadDictionary(DOMString languageCode);
+ };
+
+ interface Events {
+ // Called when the pref for the dictionaries used for spell checking changes
+ // or the status of one of the spell check dictionaries changes.
+ static void onSpellcheckDictionariesChanged(
+ SpellcheckDictionaryStatus[] statuses);
+
+ // Called when words are added to and/or removed from the custom spell check
+ // dictionary.
+ static void onCustomDictionaryChanged(
+ DOMString[] wordsAdded, DOMString[] wordsRemoved);
+
+ // Called when an input method is added.
+ static void onInputMethodAdded(DOMString inputMethodId);
+
+ // Called when an input method is removed.
+ static void onInputMethodRemoved(DOMString inputMethodId);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/login.idl b/tools/under-control/src/chrome/common/extensions/api/login.idl
new file mode 100755
index 000000000..c83dd16f2
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/login.idl
@@ -0,0 +1,180 @@
+// Copyright 2019 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.login API to launch and exit user sessions.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/login_screen/login/login_api.h"]
+namespace login {
+ callback VoidCallback = void ();
+ callback StringCallback = void (DOMString result);
+ dictionary SamlUserSessionProperties {
+ // User's email address.
+ DOMString email;
+
+ // User's Gaia ID.
+ DOMString gaiaId;
+
+ // User's password.
+ DOMString password;
+
+ // Oauth_code cookie set in the SAML handshake.
+ DOMString oauthCode;
+ };
+
+ interface Functions {
+ // Launches a managed guest session if one is set up via the admin console.
+ // If there are several managed guest sessions set up, it will launch the
+ // first available one.
+ // |password|: If provided, the launched managed guest session will be
+ // lockable, and can only be unlocked by calling
+ // $(ref:unlockManagedGuestSession) with the same password.
+ // |callback|: Note: If the function succeeds, the callback is not
+ // guaranteed to be invoked as the extension will be disabled when the
+ // session starts. Use this callback only to handle the failure case by
+ // checking $(ref:runtime.lastError).
+ [supportsPromises] static void launchManagedGuestSession(
+ optional DOMString password,
+ optional VoidCallback callback);
+
+ // Exits the current session.
+ // |dataForNextLoginAttempt|: If set, stores data which can be read by
+ // $(ref:fetchDataForNextLoginAttempt) from the login screen. If unset, any
+ // currently stored data will be cleared.
+ [supportsPromises] static void exitCurrentSession(
+ optional DOMString dataForNextLoginAttempt,
+ optional VoidCallback callback);
+
+ // Reads the $(ref:dataForNextLoginAttempt) set by
+ // $(ref:exitCurrentSession). Clears the previously stored data after
+ // reading so it can only be read once.
+ // |callback|: Called with the stored data, or an empty string if there was
+ // no previously stored data.
+ [supportsPromises] static void fetchDataForNextLoginAttempt(
+ StringCallback callback);
+
+ // Deprecated. Please use $(ref:lockCurrentSession) instead.
+ [supportsPromises, deprecated="Use $(ref:lockCurrentSession) instead."]
+ static void lockManagedGuestSession(optional VoidCallback callback);
+
+ // Locks the current session. The session has to be either a user session or
+ // a Managed Guest Session launched by $(ref:launchManagedGuestSession) with
+ // a password.
+ [supportsPromises] static void lockCurrentSession(
+ optional VoidCallback callback);
+
+ // Deprecated. Please use $(ref:unlockCurrentSession) instead.
+ [supportsPromises, deprecated="Use $(ref:unlockCurrentSession) instead."]
+ static void unlockManagedGuestSession(
+ DOMString password,
+ optional VoidCallback callback);
+
+ // Unlocks the current session. The session has to be either a user session
+ // or a Managed Guest Session launched by $(ref:launchManagedGuestSession)
+ // with a password. The session will unlock if the provided password matches
+ // the one used to launch the session.
+ // |password|: The password which will be used to unlock the session.
+ // |callback|: Note: If the function succeeds, the callback is not
+ // guaranteed to be invoked as the extension will be disabled when the
+ // session starts. Use this callback only to handle the failure case by
+ // checking $(ref:runtime.lastError).
+ [supportsPromises] static void unlockCurrentSession(
+ DOMString password,
+ optional VoidCallback callback);
+
+ // Launches a SAML-backed user session.
+ // |properties|: User's email address, gaia ID, password and oauth_code.
+ // |callback|: Note: If the function succeeds, the callback is not
+ // guaranteed to be invoked as the extension will be disabled when the
+ // session starts. Use this callback only to handle the failure case by
+ // checking $(ref:runtime.lastError).
+ [supportsPromises] static void launchSamlUserSession(
+ SamlUserSessionProperties properties,
+ optional VoidCallback callback);
+
+ // Starts a ChromeOS Managed Guest Session which will host the shared user
+ // sessions. An initial shared session is entered with |password| as the
+ // password. When this shared session is locked, it can only be unlocked by
+ // the same extension calling $(ref:unlockSharedSession) with the same
+ // password.
+ // Fails when another shared ChromeOS Managed Guest Session has already
+ // been launched. Can only be called from the login screen.
+ // |password|: The password which can be used to unlock the shared session.
+ // |callback|: Note: If the function succeeds, the callback is not
+ // guaranteed to be invoked as the extension will be disabled when the
+ // session starts. Use this callback only to handle the failure case by
+ // checking $(ref:runtime.lastError).
+ [supportsPromises] static void launchSharedManagedGuestSession(
+ DOMString password,
+ optional VoidCallback callback);
+
+ // Enters the shared session with the given password. If the session is
+ // locked, it can only be unlocked by calling $(ref:unlockSharedSession)
+ // with the same password.
+ // Fails if calling extension is not the same as the one which called
+ // $(ref:launchSharedManagedGuestSession) or there is already a shared
+ // session running. Can only be called from the lock screen.
+ // |password|: The password which can be used to unlock the shared session.
+ // |callback|: Note: If the function succeeds, the callback is not
+ // guaranteed to be invoked as the extension will be disabled when the
+ // session starts. Use this callback only to handle the failure case by
+ // checking $(ref:runtime.lastError).
+ [supportsPromises] static void enterSharedSession(
+ DOMString password,
+ optional VoidCallback callback);
+
+ // Unlocks the shared session with the provided password. Fails if the
+ // password does not match the one provided to
+ // $(ref:launchSharedManagedGuestSession) or $(ref:enterSharedSession).
+ // Fails if the calling extension is not the same as the one which called
+ // $(ref:launchSharedManagedGuestSession) or if there is no existing shared
+ // session. Can only be called from the lock screen.
+ // |password|: The password used to unlock the shared session.
+ // |callback|: Note: If the function succeeds, the callback is not
+ // guaranteed to be invoked as the extension will be disabled when the
+ // session starts. Use this callback only to handle the failure case by
+ // checking $(ref:runtime.lastError).
+ [supportsPromises] static void unlockSharedSession(
+ DOMString password,
+ optional VoidCallback callback);
+
+ // Ends the shared session. Security- and privacy-sensitive data in the
+ // session will be cleaned up on a best effort basis.
+ // The calling extension does not have to be the same one which called
+ // $(ref:launchSharedManagedGuestSession). Can be called from both the
+ // lock screen or in session.
+ // Fails if there is no existing shared session.
+ // |callback|: Invoked after cleanup operations have finished and the
+ // session is locked.
+ [supportsPromises] static void endSharedSession(
+ optional VoidCallback callback);
+
+ // Sets data for the next login attempt. The data can be retrieved by
+ // calling $(ref:fetchDataForNextLoginAttempt). The data is cleared when
+ // it is fetched so it can only be read once.
+ // |dataForNextLoginAttempt|: The data to be set.
+ [supportsPromises] static void setDataForNextLoginAttempt(
+ DOMString dataForNextLoginAttempt,
+ optional VoidCallback callback);
+
+ // Dispatches a $(ref:onRequestExternalLogout) event. Called from the login
+ // screen extension on the lock screen.
+ [supportsPromises] static void requestExternalLogout(
+ optional VoidCallback callback);
+
+ // Dispatches a $(ref:onExternalLogoutDone) event. Called from the
+ // in-session extension.
+ [supportsPromises] static void notifyExternalLogoutDone(
+ optional VoidCallback callback);
+ };
+
+ interface Events {
+ // Event dispatched when an external logout is requested. The in-session
+ // extension listens for this event.
+ static void onRequestExternalLogout();
+
+ // Event dispatched when an external logout is completed. The login screen
+ // extension on the lock screen listens for this event.
+ static void onExternalLogoutDone();
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/login_screen_storage.idl b/tools/under-control/src/chrome/common/extensions/api/login_screen_storage.idl
new file mode 100755
index 000000000..2a7a041e3
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/login_screen_storage.idl
@@ -0,0 +1,49 @@
+// Copyright 2019 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.loginScreenStorage API to store persistent data
+// from the login screen or inject data into the session.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/login_screen/login_screen_storage/login_screen_storage_api.h"]
+namespace loginScreenStorage {
+ callback StoreCallback = void ();
+ callback RetrieveCallback = void (DOMString data);
+
+ interface Functions {
+ // Stores persistent data from the login screen. This data can be accessed
+ // later using $(ref:retrievePersistentData) by any extension from the
+ // specified extension ids. This method will fail if called while a user
+ // session is active.
+ // |extensionIds|: IDs of the extensions that should have access to the
+ // stored data.
+ // |data|: The data to store.
+ [supportsPromises] static void storePersistentData(DOMString[] extensionIds,
+ DOMString data,
+ StoreCallback callback);
+
+ // Retrieves persistent data that was previously stored using
+ // $(ref:storePersistentData) for the caller's extension ID.
+ // |ownerId|: ID of the extension that saved the data that the caller is
+ // trying to retrieve.
+ [supportsPromises] static void retrievePersistentData(
+ DOMString ownerId,
+ RetrieveCallback callback);
+
+ // Stores credentials for later access from the user session. This method
+ // will fail if called while a user session is active.
+ // |extensionId|: ID of the in-session extension that should have access to
+ // these credentials. Credentials stored using this method are deleted on
+ // session exit.
+ // |credentials|: The credentials to store.
+ [supportsPromises] static void storeCredentials(DOMString extensionId,
+ DOMString credentials,
+ StoreCallback callback);
+
+ // Retrieves credentials that were previosly stored using
+ // $(ref:storeCredentials). The caller's extension ID should be the same as
+ // the extension id passed to the $(ref:storeCredentials).
+ [supportsPromises] static void retrieveCredentials(
+ RetrieveCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/login_screen_ui.idl b/tools/under-control/src/chrome/common/extensions/api/login_screen_ui.idl
new file mode 100755
index 000000000..dfe3503c1
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/login_screen_ui.idl
@@ -0,0 +1,32 @@
+// Copyright 2019 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.loginScreenUi API to show and hide custom
+// login UI.
+[platforms=("chromeos"),
+ implemented_in="chrome/browser/ash/extensions/login_screen_ui/login_screen_ui_api.h"]
+namespace loginScreenUi {
+
+ dictionary ShowOptions {
+ // Relative url of the contents to show.
+ DOMString url;
+
+ // Whether the user can close the window, defaults to false.
+ boolean? userCanClose;
+ };
+
+ // Callback that does not take arguments.
+ callback SimpleCallback = void ();
+
+ interface Functions {
+ // Opens a window, which is visible on top of the login and lock screen.
+ // |options|: Options for the custom login UI window.
+ [supportsPromises] static void show(ShowOptions options,
+ optional SimpleCallback callback);
+
+ // Closes the login/lock screen UI window previously opened by this
+ // extension.
+ [supportsPromises] static void close(optional SimpleCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/login_state.idl b/tools/under-control/src/chrome/common/extensions/api/login_state.idl
new file mode 100755
index 000000000..d8f2b2df4
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/login_state.idl
@@ -0,0 +1,55 @@
+// Copyright 2019 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.loginState API to read and monitor the login
+// state.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/login_screen/login_state/login_state_api.h"]
+namespace loginState {
+ enum ProfileType {
+ // Specifies that the extension is in the signin profile.
+ SIGNIN_PROFILE,
+
+ // Specifies that the extension is in the user profile.
+ USER_PROFILE
+ };
+
+ enum SessionState {
+ // Specifies that the session state is unknown.
+ UNKNOWN,
+
+ // Specifies that the user is in the out-of-box-experience screen.
+ IN_OOBE_SCREEN,
+
+ // Specifies that the user is in the login screen.
+ IN_LOGIN_SCREEN,
+
+ // Specifies that the user is in the session.
+ IN_SESSION,
+
+ // Specifies that the user is in the lock screen.
+ IN_LOCK_SCREEN,
+
+ // Specifies that the device is in RMA mode, finalizing repairs.
+ IN_RMA_SCREEN
+ };
+
+ callback ProfileTypeCallback = void (ProfileType result);
+ callback SessionStateCallback = void (SessionState result);
+
+ interface Functions {
+ // Gets the type of the profile the extension is in.
+ [supportsPromises] static void getProfileType(ProfileTypeCallback callback);
+
+ // Gets the current session state.
+ [supportsPromises] static void getSessionState(
+ SessionStateCallback callback);
+ };
+
+ interface Events {
+ // Dispatched when the session state changes. sessionState
+ // is the new session state.
+ static void onSessionStateChanged(SessionState sessionState);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/mdns.idl b/tools/under-control/src/chrome/common/extensions/api/mdns.idl
new file mode 100755
index 000000000..31b227a80
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/mdns.idl
@@ -0,0 +1,53 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.mdns API to discover services over mDNS.
+// This comprises a subset of the features of the NSD spec:
+// http://www.w3.org/TR/discovery-api/
+namespace mdns {
+
+ // Represents a mDNS/DNS-SD service.
+ dictionary MDnsService {
+ // The service name of an mDNS advertised service,
+ // chrome.notifications API to create rich notifications
+// using templates and show these notifications to users in the system tray.
+namespace notifications {
+ [noinline_doc] enum TemplateType {
+ // Contains an icon, title, message, expandedMessage, and up to two
+ // buttons.
+ basic,
+
+ // Contains an icon, title, message, expandedMessage, image, and up
+ // to two buttons.
+ [deprecated="The image is not visible for Mac OS X users."]
+ image,
+
+ // Contains an icon, title, message, items, and up to two buttons.
+ // Users on Mac OS X only see the first item.
+ list,
+
+ // Contains an icon, title, message, progress, and up to two buttons.
+ progress
+ };
+
+ enum PermissionLevel {
+ // Specifies that the user has elected to show notifications
+ // from the app or extension. This is the default at install time.
+ granted,
+
+ // Specifies that the user has elected not to show notifications
+ // from the app or extension.
+ denied
+ };
+
+ dictionary NotificationItem {
+ // Title of one item of a list notification.
+ DOMString title;
+
+ // Additional details about this item.
+ DOMString message;
+ };
+
+ [nodoc] dictionary NotificationBitmap {
+ long width;
+ long height;
+ ArrayBuffer? data;
+ };
+
+ dictionary NotificationButton {
+ DOMString title;
+ [deprecated="Button icons not visible for Mac OS X users."]
+ DOMString? iconUrl;
+ [nodoc] NotificationBitmap? iconBitmap;
+ };
+
+ dictionary NotificationOptions {
+ // Which type of notification to display.
+ // Required for $(ref:notifications.create) method.
+ TemplateType? type;
+
+ // A URL to the sender's avatar, app icon, or a thumbnail for image
+ // notifications.
+ //
+ // URLs can be a data URL, a blob URL, or a URL relative to a resource
+ // within this extension's .crx file
+ // Required for $(ref:notifications.create) method.
+ DOMString? iconUrl;
+ [nodoc] NotificationBitmap? iconBitmap;
+
+ // A URL to the app icon mask. URLs have the same restrictions as
+ // $(ref:notifications.NotificationOptions.iconUrl iconUrl).
+ //
+ // The app icon mask should be in alpha channel, as only the alpha channel
+ // of the image will be considered.
+ [deprecated="The app icon mask is not visible for Mac OS X users."]
+ DOMString? appIconMaskUrl;
+ [nodoc] NotificationBitmap? appIconMaskBitmap;
+
+ // Title of the notification (e.g. sender name for email).
+ // Required for $(ref:notifications.create) method.
+ DOMString? title;
+
+ // Main notification content.
+ // Required for $(ref:notifications.create) method.
+ DOMString? message;
+
+ // Alternate notification content with a lower-weight font.
+ DOMString? contextMessage;
+
+ // Priority ranges from -2 to 2. -2 is lowest priority. 2 is highest. Zero
+ // is default. On platforms that don't support a notification center
+ // (Windows, Linux & Mac), -2 and -1 result in an error as notifications
+ // with those priorities will not be shown at all.
+ long? priority;
+
+ // A timestamp associated with the notification, in milliseconds past the
+ // epoch (e.g. Date.now() + n).
+ double? eventTime;
+
+ // Text and icons for up to two notification action buttons.
+ NotificationButton[]? buttons;
+
+ // Secondary notification content.
+ [nodoc] DOMString? expandedMessage;
+
+ // A URL to the image thumbnail for image-type notifications.
+ // URLs have the same restrictions as
+ // $(ref:notifications.NotificationOptions.iconUrl iconUrl).
+ [deprecated="The image is not visible for Mac OS X users."]
+ DOMString? imageUrl;
+ [nodoc] NotificationBitmap? imageBitmap;
+
+ // Items for multi-item notifications. Users on Mac OS X only see the first
+ // item.
+ NotificationItem[]? items;
+
+ // Current progress ranges from 0 to 100.
+ long? progress;
+
+ [deprecated="This UI hint is ignored as of Chrome 67"]
+ boolean? isClickable;
+
+ // Indicates that the notification should remain visible on screen until the
+ // user activates or dismisses the notification. This defaults to false.
+ boolean? requireInteraction;
+
+ // Indicates that no sounds or vibrations should be made when the
+ // notification is being shown. This defaults to false.
+ boolean? silent;
+ };
+
+ callback CreateCallback = void (DOMString notificationId);
+
+ callback UpdateCallback = void (boolean wasUpdated);
+
+ callback ClearCallback = void (boolean wasCleared);
+
+ callback GetAllCallback = void (object notifications);
+
+ callback PermissionLevelCallback = void (PermissionLevel level);
+
+ interface Functions {
+ // Creates and displays a notification.
+ // |notificationId|: Identifier of the notification. If not set or empty, an
+ // ID will automatically be generated. If it matches an existing
+ // notification, this method first clears that notification before
+ // proceeding with the create operation. The identifier may not be longer
+ // than 500 characters.
+ //
+ // The notificationId parameter is required before Chrome 42.
+ // |options|: Contents of the notification.
+ // |callback|: Returns the notification id (either supplied or generated)
+ // that represents the created notification.
+ //
+ // The callback is required before Chrome 42.
+ [supportsPromises] static void create(optional DOMString notificationId,
+ NotificationOptions options,
+ optional CreateCallback callback);
+
+ // Updates an existing notification.
+ // |notificationId|: The id of the notification to be updated. This is
+ // returned by $(ref:notifications.create) method.
+ // |options|: Contents of the notification to update to.
+ // |callback|: Called to indicate whether a matching notification existed.
+ //
+ // The callback is required before Chrome 42.
+ [supportsPromises] static void update(DOMString notificationId,
+ NotificationOptions options,
+ optional UpdateCallback callback);
+
+ // Clears the specified notification.
+ // |notificationId|: The id of the notification to be cleared. This is
+ // returned by $(ref:notifications.create) method.
+ // |callback|: Called to indicate whether a matching notification existed.
+ //
+ // The callback is required before Chrome 42.
+ [supportsPromises] static void clear(DOMString notificationId,
+ optional ClearCallback callback);
+
+ // Retrieves all the notifications of this app or extension.
+ // |callback|: Returns the set of notification_ids currently in the system.
+ [supportsPromises] static void getAll(GetAllCallback callback);
+
+ // Retrieves whether the user has enabled notifications from this app
+ // or extension.
+ // |callback|: Returns the current permission level.
+ [supportsPromises] static void getPermissionLevel(
+ PermissionLevelCallback callback);
+ };
+
+ interface Events {
+ // The notification closed, either by the system or by user action.
+ static void onClosed(DOMString notificationId, boolean byUser);
+
+ // The user clicked in a non-button area of the notification.
+ static void onClicked(DOMString notificationId);
+
+ // The user pressed a button in the notification.
+ static void onButtonClicked(DOMString notificationId, long buttonIndex);
+
+ // The user changes the permission level. As of Chrome 47, only ChromeOS
+ // has UI that dispatches this event.
+ static void onPermissionLevelChanged(PermissionLevel level);
+
+ // The user clicked on a link for the app's notification settings. As of
+ // Chrome 47, only ChromeOS has UI that dispatches this event.
+ // As of Chrome 65, that UI has been removed from ChromeOS, too.
+ [deprecated="Custom notification settings button is no longer supported."]
+ static void onShowSettings();
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/odfs_config_private.idl b/tools/under-control/src/chrome/common/extensions/api/odfs_config_private.idl
new file mode 100755
index 000000000..db349fa5a
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/odfs_config_private.idl
@@ -0,0 +1,57 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.odfsConfigPrivate API to configure the
+// Microsoft OneDrive integration.
+[implemented_in = "chrome/browser/chromeos/extensions/odfs_config_private/odfs_config_private_api.h",
+modernised_enums]
+namespace odfsConfigPrivate {
+
+ enum Mount {
+ allowed,
+ disallowed,
+ automated
+ };
+
+ dictionary MountInfo {
+ Mount mode;
+ };
+
+ dictionary AccountRestrictionsInfo {
+ DOMString[] restrictions;
+ };
+
+ callback GetMountCallback = void(MountInfo mount);
+ callback GetAccountRestrictionsCallback = void(
+ AccountRestrictionsInfo restrictions);
+ callback ShowAutomatedMountErrorCallback = void();
+
+ interface Functions {
+ // Returns the OneDrive mount mode from the admin policy.
+ // |callback|: Invoked when the policy value was retrieved.
+ static void getMount(
+ GetMountCallback callback);
+
+ // Returns the OneDrive account restrictions from the admin policy.
+ // |callback|: Invoked when the policy value was retrieved.
+ static void getAccountRestrictions(
+ GetAccountRestrictionsCallback callback);
+
+ // Shows a notification that the automated mount failed.
+ static void showAutomatedMountError(
+ ShowAutomatedMountErrorCallback callback);
+ };
+
+ interface Events {
+ // Fired when the OneDrive mount mode changed.
+ // |event|: A OneDrive mount mode changed event.
+ static void onMountChanged(MountInfo event);
+
+ // Fired when the OneDrive restrictions changed.
+ // |event|: A OneDrive restrictions changed event.
+ static void onAccountRestrictionsChanged(
+ AccountRestrictionsInfo event);
+ };
+
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/passwords_private.idl b/tools/under-control/src/chrome/common/extensions/api/passwords_private.idl
new file mode 100755
index 000000000..d3f18d43d
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/passwords_private.idl
@@ -0,0 +1,585 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.passwordsPrivate API to add or remove password
+// data from the settings UI.
+namespace passwordsPrivate {
+ // Possible reasons why a plaintext password was requested.
+ enum PlaintextReason {
+ // The user wants to view the password.
+ VIEW,
+ // The user wants to copy the password.
+ COPY,
+ // The user wants to edit the password.
+ EDIT
+ };
+
+ enum ExportProgressStatus {
+ // No export was started.
+ NOT_STARTED,
+ // Data is being written to the destination.
+ IN_PROGRESS,
+ // Data has been written.
+ SUCCEEDED,
+ // The user rejected the file selection prompts.
+ FAILED_CANCELLED,
+ // Writing to the destination failed.
+ FAILED_WRITE_FAILED
+ };
+
+ enum CompromiseType {
+ // If the credentials was leaked by a data breach.
+ LEAKED,
+ // If the credentials was reused on a phishing site.
+ PHISHED,
+ // If the credentials have a password which was reused by other credentials.
+ REUSED,
+ // If the credentials have a weak password.
+ WEAK
+ };
+
+ enum PasswordStoreSet {
+ // Corresponds to profile-scoped password store.
+ DEVICE,
+ // Corresponds to Gaia-account-scoped password store (i.e. account store).
+ ACCOUNT,
+ // Corresponds to both profile-scoped and Gaia-account-scoped password
+ // stores.
+ DEVICE_AND_ACCOUNT
+ };
+
+ enum PasswordCheckState {
+ // idle state, e.g. after successfully running to completion.
+ IDLE,
+ // Running, following an explicit user action to start the check.
+ RUNNING,
+ // Canceled, entered when the user explicitly cancels a check.
+ CANCELED,
+ // Offline, the user is offline.
+ OFFLINE,
+ // The user is not signed into Chrome.
+ SIGNED_OUT,
+ // The user does not have any passwords saved.
+ NO_PASSWORDS,
+ // The user hit the quota limit.
+ QUOTA_LIMIT,
+ // Any other error state.
+ OTHER_ERROR
+ };
+
+ enum ImportResultsStatus {
+ // Any other error state.
+ UNKNOWN_ERROR,
+ // Data was fully or partially imported.
+ SUCCESS,
+ // Failed to read provided file.
+ IO_ERROR,
+ // Header is missing, invalid or could not be read.
+ BAD_FORMAT,
+ // File selection dismissed.
+ DISMISSED,
+ // Size of the chosen file exceeds the limit.
+ MAX_FILE_SIZE,
+ // User has already started the import flow in a different window.
+ IMPORT_ALREADY_ACTIVE,
+ // User tried to import too many passwords from one file.
+ NUM_PASSWORDS_EXCEEDED,
+ // Conflicts found and they need to be resolved by the user.
+ CONFLICTS
+ };
+
+ enum ImportEntryStatus {
+ // Any other error state.
+ UNKNOWN_ERROR,
+ // Missing password field.
+ MISSING_PASSWORD,
+ // Missing url field.
+ MISSING_URL,
+ // Bad url formatting.
+ INVALID_URL,
+ // URL contains non-ASCII chars.
+ NON_ASCII_URL,
+ // URL is too long.
+ LONG_URL,
+ // Password is too long.
+ LONG_PASSWORD,
+ // Username is too long.
+ LONG_USERNAME,
+ // Credential is already stored in profile store.
+ CONFLICT_PROFILE,
+ // Credential is already stored in account store.
+ CONFLICT_ACCOUNT,
+ // Note is too long.
+ LONG_NOTE,
+ // Concatenation of imported and local notes is too long.
+ LONG_CONCATENATED_NOTE,
+ // Valid credential.
+ VALID
+ };
+
+ enum FamilyFetchStatus {
+ // Unknown or network error.
+ UNKNOWN_ERROR,
+ // No family members found.
+ NO_MEMBERS,
+ // At least one family member found.
+ SUCCESS
+ };
+
+ dictionary PublicKey {
+ // The value of the public key.
+ DOMString value;
+ // The version of the public key.
+ long version;
+ };
+
+ dictionary RecipientInfo {
+ // User ID of the recipient.
+ DOMString userId;
+ // Email of the recipient.
+ DOMString email;
+ // Name of the recipient.
+ DOMString displayName;
+ // Profile image URL of the recipient.
+ DOMString profileImageUrl;
+ // Whether the user can receive passwords.
+ boolean isEligible;
+ // The public key of the recipient.
+ PublicKey? publicKey;
+ };
+
+ dictionary FamilyFetchResults {
+ // Status of the family members fetch.
+ FamilyFetchStatus status;
+ // List of family members.
+ RecipientInfo[] familyMembers;
+ };
+
+ dictionary ImportEntry {
+ // The parsing status of individual row that represents
+ // credential during import process.
+ ImportEntryStatus status;
+ // The url of the credential.
+ DOMString url;
+ // The username of the credential.
+ DOMString username;
+ // The password of the credential.
+ DOMString password;
+ // Unique identifier of the credential.
+ long id;
+ };
+
+ dictionary ImportResults {
+ // General status of the triggered passwords import process.
+ ImportResultsStatus status;
+ // Number of successfully imported passwords.
+ long numberImported;
+ // Possibly emtpy, list of credentials that couldn't be imported.
+ ImportEntry[] displayedEntries;
+ // Name of file that user has chosen for the import.
+ DOMString fileName;
+ };
+
+ dictionary UrlCollection {
+ // The signon realm of the credential.
+ DOMString signonRealm;
+
+ // A human readable version of the URL of the credential's origin. For
+ // android credentials this is usually App name.
+ DOMString shown;
+
+ // The URL that will be linked to when an entry is clicked.
+ DOMString link;
+ };
+
+ // Information specific to compromised credentials.
+ dictionary CompromisedInfo {
+ // The timestamp of when this credential was determined to be compromised.
+ // Specified in milliseconds since the UNIX epoch. Intended to be passed to
+ // the JavaScript Date() constructor.
+ double compromiseTime;
+
+ // The elapsed time since this credential was determined to be compromised.
+ // This is passed as an already formatted string, since JavaScript lacks the
+ // required formatting APIs. Example: "5 minutes ago"
+ DOMString elapsedTimeSinceCompromise;
+
+ // The types of credential issues.
+ CompromiseType[] compromiseTypes;
+
+ // Indicates whether this credential is muted.
+ boolean isMuted;
+ };
+
+ // Structure which hold required information to display a link.
+ dictionary DomainInfo {
+ // A human readable version of the URL of the credential's origin. For
+ // android credentials this is usually the app name.
+ DOMString name;
+
+ // The URL that will be linked to when an entry is clicked.
+ DOMString url;
+
+ // The signon_realm of corresponding PasswordForm.
+ DOMString signonRealm;
+ };
+
+ // Entry used to display a password in the settings UI.
+ dictionary PasswordUiEntry {
+ // The URL collection corresponding to this saved password entry.
+ DomainInfo[] affiliatedDomains;
+
+ // The username used in conjunction with the saved password.
+ DOMString username;
+
+ // If this is a passkey, the user's display name. Empty otherwise.
+ DOMString? displayName;
+
+ // The password of the credential. Empty by default, only set if explicitly
+ // requested.
+ DOMString? password;
+
+ // Text shown if the password was obtained via a federated identity.
+ DOMString? federationText;
+
+ // An index to refer back to a unique password entry record.
+ long id;
+
+ // Corresponds to where the credential is stored.
+ PasswordStoreSet storedIn;
+
+ // Indicates whether this credential is a passkey.
+ boolean isPasskey;
+
+ // The value of the attached note.
+ DOMString? note;
+
+ // The URL where the insecure password can be changed. Might be not set for
+ // Android apps.
+ DOMString? changePasswordUrl;
+
+ // Additional information in case a credential is compromised.
+ CompromisedInfo? compromisedInfo;
+ };
+
+ // Group representing affiliated PasswordUiEntries.
+ dictionary CredentialGroup {
+ // Group name being displayed.
+ DOMString name;
+
+ // Icon url for the given group.
+ DOMString iconUrl;
+
+ // Entries in the group.
+ PasswordUiEntry[] entries;
+ };
+
+ dictionary ExceptionEntry {
+ // The URL collection corresponding to this exception entry.
+ UrlCollection urls;
+
+ // An id to refer back to a unique exception entry record.
+ long id;
+ };
+
+ dictionary PasswordExportProgress {
+ // The current status of the export task.
+ ExportProgressStatus status;
+
+ // If |status| is $ref(ExportProgressStatus.SUCCEEDED), this will
+ // be the full path of the written file.
+ DOMString? filePath;
+
+ // If |status| is $ref(ExportProgressStatus.FAILED_WRITE_FAILED), this will
+ // be the name of the selected folder to export to.
+ DOMString? folderName;
+ };
+
+ // Object describing the current state of the password check. The check could
+ // be in any of the above described states.
+ dictionary PasswordCheckStatus {
+ // The state of the password check.
+ PasswordCheckState state;
+
+ // Total number of saved passwords.
+ long? totalNumberOfPasswords;
+
+ // How many passwords have already been processed. Populated if and only if
+ // the password check is currently running.
+ long? alreadyProcessed;
+
+ // How many passwords are remaining in the queue. Populated if and only if
+ // the password check is currently running.
+ long? remainingInQueue;
+
+ // The elapsed time since the last full password check was performed. This
+ // is passed as a string, since JavaScript lacks the required formatting
+ // APIs. If no check has been performed yet this is not set.
+ DOMString? elapsedTimeSinceLastCheck;
+ };
+
+ // Object describing a password entry to be saved and storage to be used.
+ dictionary AddPasswordOptions {
+ // The url to save the password for.
+ DOMString url;
+
+ // The username to save the password for.
+ DOMString username;
+
+ // The password value to be saved.
+ DOMString password;
+
+ // The note attached the password.
+ DOMString note;
+
+ // True for account store, false for device store.
+ boolean useAccountStore;
+ };
+
+ // An object holding an array of PasswordUiEntries.
+ dictionary PasswordUiEntryList {
+ PasswordUiEntry[] entries;
+ };
+
+ callback PlaintextPasswordCallback = void(DOMString password);
+ callback PasswordListCallback = void(PasswordUiEntry[] entries);
+ callback CredentialsGroupCallback = void(CredentialGroup[] entries);
+ callback ExceptionListCallback = void(ExceptionEntry[] exceptions);
+ callback ExportProgressStatusCallback = void(ExportProgressStatus status);
+ callback VoidCallback = void();
+ callback OptInCallback = void(boolean optedIn);
+ callback PasswordCheckStatusCallback = void(PasswordCheckStatus status);
+ callback ImportPasswordsCallback = void(ImportResults results);
+ callback FetchFamilyResultsCallback = void(FamilyFetchResults results);
+ callback IsAccountStoreDefaultCallback = void(boolean isDefault);
+ callback GetUrlCollectionCallback = void(UrlCollection urlCollection);
+ callback CredentialsWithReusedPasswordCallback =
+ void(PasswordUiEntryList[] entries);
+
+ interface Functions {
+ // Function that logs that the Passwords page was accessed from the Chrome
+ // Settings WebUI.
+ static void recordPasswordsPageAccessInSettings();
+
+ // Changes the credential. Not all attributes can be updated.
+ // Optional attributes that are not set will be unchanged.
+ // Returns a promise that resolves if successful, and rejects otherwise.
+ // |credential|: The credential to update. This will be matched to the
+ // existing credential by id.
+ [supportsPromises] static void changeCredential(
+ PasswordUiEntry credential,
+ optional VoidCallback callback);
+
+ // Removes the credential corresponding to |id| in |fromStores|. If no
+ // credential for this pair exists, this function is a no-op.
+ // |id|: The id for the credential being removed.
+ // |fromStores|: The store(s) from which the credential is being removed.
+ static void removeCredential(long id, PasswordStoreSet fromStores);
+
+ // Removes the saved password exception corresponding to |id|. If
+ // no exception with this id exists, this function is a no-op. This will
+ // remove exception from both stores.
+ // |id|: The id for the exception url entry is being removed.
+ static void removePasswordException(long id);
+
+ // Undoes the last removal of saved password(s) or exception(s).
+ static void undoRemoveSavedPasswordOrException();
+
+ // Returns the plaintext password corresponding to |id|. Note that on
+ // some operating systems, this call may result in an OS-level
+ // reauthentication. Once the password has been fetched, it will be returned
+ // via |callback|.
+ // |id|: The id for the password entry being being retrieved.
+ // |reason|: The reason why the plaintext password is requested.
+ // |callback|: The callback that gets invoked with the retrieved password.
+ [supportsPromises] static void requestPlaintextPassword(
+ long id,
+ PlaintextReason reason,
+ PlaintextPasswordCallback callback);
+
+ // Returns the PasswordUiEntries (with |password|, |note| field filled) corresponding
+ // to |ids|. Note that on some operating systems, this call may result in an
+ // OS-level reauthentication. Once the PasswordUiEntry has been fetched, it
+ // will be returned via |callback|.
+ // |ids|: Ids for the password entries being retrieved.
+ // |callback|: The callback that gets invoked with the retrieved
+ // PasswordUiEntries.
+ [supportsPromises] static void requestCredentialsDetails(
+ long[] ids,
+ PasswordListCallback callback);
+
+ // Returns the list of saved passwords.
+ // |callback|: Called with the list of saved passwords.
+ [supportsPromises] static void getSavedPasswordList(
+ PasswordListCallback callback);
+
+ // Returns the list of Credential groups.
+ // |callback|: Called with the list of groups.
+ [supportsPromises] static void getCredentialGroups(CredentialsGroupCallback callback);
+
+ // Returns the list of password exceptions.
+ // |callback|: Called with the list of password exceptions.
+ [supportsPromises] static void getPasswordExceptionList(
+ ExceptionListCallback callback);
+
+ // Moves passwords currently stored on the device to being stored in the
+ // signed-in, non-syncing Google Account. For each id, the result is a
+ // no-op if any of these is true: |id| is invalid; |id| corresponds to a
+ // password already stored in the account; or the user is not using the
+ // account-scoped password storage.
+ // |ids|: The ids for the password entries being moved.
+ static void movePasswordsToAccount(long[] ids);
+
+ // Fetches family members (password share recipients).
+ [supportsPromises] static void fetchFamilyMembers(
+ FetchFamilyResultsCallback callback);
+
+ // Sends sharing invitations to the recipients.
+ // |id|: The id of the password entry to be shared.
+ // |recipients|: The list of selected recipients.
+ // |callback|: The callback that gets invoked on success.
+ [supportsPromises] static void sharePassword(
+ long id,
+ RecipientInfo[] recipients,
+ optional VoidCallback callback);
+
+ // Triggers the Password Manager password import functionality.
+ [supportsPromises] static void importPasswords(
+ PasswordStoreSet toStore,
+ ImportPasswordsCallback callback);
+
+ // Resumes the password import process when user has selected which
+ // passwords to replace.
+ // |selectedIds|: The ids of passwords that need to be replaced.
+ [supportsPromises] static void continueImport(
+ long[] selectedIds,
+ ImportPasswordsCallback callback);
+
+ // Resets the PasswordImporter if it is in the CONFLICTS/FINISHED state
+ // and the user closes the dialog. Only when the PasswordImporter is in
+ // FINISHED state, |deleteFile| option is taken into account.
+ // |deleteFile|: Whether to trigger deletion of the last imported file.
+ [supportsPromises] static void resetImporter(
+ boolean deleteFile,
+ optional VoidCallback callback);
+
+ // Triggers the Password Manager password export functionality. Completion
+ // Will be signaled by the onPasswordsFileExportProgress event.
+ // |callback| will be called when the request is started or rejected. If
+ // rejected $(ref:runtime.lastError) will be set to
+ // 'in-progress' or 'reauth-failed'.
+ [supportsPromises] static void exportPasswords(VoidCallback callback);
+
+ // Requests the export progress status. This is the same as the last value
+ // seen on the onPasswordsFileExportProgress event. This function is useful
+ // for checking if an export has already been initiated from an older tab,
+ // where we might have missed the original event.
+ [supportsPromises] static void requestExportProgressStatus(
+ ExportProgressStatusCallback callback);
+
+ // Requests the account-storage opt-in state of the current user.
+ [supportsPromises] static void isOptedInForAccountStorage(
+ OptInCallback callback);
+
+ // Triggers the opt-in or opt-out flow for the account storage.
+ static void optInForAccountStorage(boolean optIn);
+
+ // Requests the latest insecure credentials.
+ [supportsPromises] static void getInsecureCredentials(
+ PasswordListCallback callback);
+
+ // Requests group of credentials which reuse passwords. Each group contains
+ // credentials with the same password value.
+ [supportsPromises] static void getCredentialsWithReusedPassword(
+ CredentialsWithReusedPasswordCallback callback);
+
+ // Requests to mute |credential| from the password store.
+ // Invokes |callback| on completion.
+ [supportsPromises] static void muteInsecureCredential(
+ PasswordUiEntry credential, optional VoidCallback callback);
+
+ // Requests to unmute |credential| from the password store.
+ // Invokes |callback| on completion.
+ [supportsPromises] static void unmuteInsecureCredential(
+ PasswordUiEntry credential, optional VoidCallback callback);
+
+ // Starts a check for insecure passwords. Invokes |callback| on completion.
+ [supportsPromises] static void startPasswordCheck(
+ optional VoidCallback callback);
+
+ // Returns the current status of the check via |callback|.
+ [supportsPromises] static void getPasswordCheckStatus(
+ PasswordCheckStatusCallback callback);
+
+ // Requests whether the account store is a default location for saving
+ // passwords. False means the device store is a default one. Must be called
+ // when the current user has already opted-in for account storage.
+ [supportsPromises] static void isAccountStoreDefault(
+ IsAccountStoreDefaultCallback callback);
+
+ // Requests whether the given |url| meets the requirements to save a
+ // password for it (e.g. valid, has proper scheme etc.) and returns the
+ // corresponding URLCollection on success. Otherwise it raises an error.
+ [supportsPromises] static void getUrlCollection(
+ DOMString url,
+ GetUrlCollectionCallback callback);
+
+ // Saves a new password entry described by the given |options|. Invokes
+ // |callback| or raises an error depending on whether the operation
+ // succeeded.
+ // |options|: Details about a new password and storage to be used.
+ // |callback|: The callback that gets invoked on success.
+ [supportsPromises] static void addPassword(
+ AddPasswordOptions options,
+ optional VoidCallback callback);
+
+ // Restarts the authentication timeout timer if the user is authenticated.
+ // |callback|: The callback that gets invoked on success.
+ [supportsPromises] static void extendAuthValidity(
+ optional VoidCallback callback);
+
+ // Switches Biometric authentication before filling state after
+ // successful authentication.
+ [platforms = ("win", "mac")] static void
+ switchBiometricAuthBeforeFillingState();
+
+ // Shows a dialog for creating a shortcut for the Password Manager page.
+ static void showAddShortcutDialog();
+
+ // Opens a file with exported passwords in the OS shell.
+ static void showExportedFileInShell(DOMString file_path);
+ };
+
+ interface Events {
+ // Fired when the saved passwords list has changed, meaning that an entry
+ // has been added or removed.
+ // |entries|: The updated list of password entries.
+ static void onSavedPasswordsListChanged(PasswordUiEntry[] entries);
+
+ // Fired when the password exceptions list has changed, meaning that an
+ // entry has been added or removed.
+ // |exceptions|: The updated list of password exceptions.
+ static void onPasswordExceptionsListChanged(ExceptionEntry[] exceptions);
+
+ // Fired when the status of the export has changed.
+ // |status|: The progress status and an optional UI message.
+ static void onPasswordsFileExportProgress(PasswordExportProgress status);
+
+ // Fired when the opt-in state for the account-scoped storage has changed.
+ // |optedIn|: The new opt-in state.
+ static void onAccountStorageOptInStateChanged(boolean optedIn);
+
+ // Fired when the insecure credentials changed.
+ // |insecureCredentials|: The updated insecure credentials.
+ static void onInsecureCredentialsChanged(
+ PasswordUiEntry[] insecureCredentials);
+
+ // Fired when the status of the password check changes.
+ // |status|: The updated status of the password check.
+ static void onPasswordCheckStatusChanged(PasswordCheckStatus status);
+
+ // Fired when the password manager access timed out.
+ static void onPasswordManagerAuthTimeout();
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/pdf_viewer_private.idl b/tools/under-control/src/chrome/common/extensions/api/pdf_viewer_private.idl
new file mode 100755
index 000000000..43a0dac67
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/pdf_viewer_private.idl
@@ -0,0 +1,85 @@
+// Copyright 2022 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.pdfViewerPrivate API for specific browser
+// functionality that the PDF Viewer needs from outside the PDF plugin. This API
+// is exclusively for the PDF Viewer.
+namespace pdfViewerPrivate {
+ // Nearly identical to mimeHandlerPrivate.StreamInfo, but without a mime type
+ // nor a response header field. Those fields are unused by the PDF viewer.
+ dictionary StreamInfo {
+ // The original URL that was intercepted.
+ DOMString originalUrl;
+
+ // The URL that the stream can be read from.
+ DOMString streamUrl;
+
+ // The ID of the tab that opened the stream. If the stream is not opened in
+ // a tab, it will be -1.
+ long tabId;
+
+ // Whether the stream is embedded within another document.
+ boolean embedded;
+ };
+
+ // Identical to mimeHandlerPrivate.StreamInfo.
+ dictionary PdfPluginAttributes {
+ // The background color in ARGB format for painting. Since the background
+ // color is an unsigned 32-bit integer which can be outside the range of
+ // "long" type, define it as a "double" type here.
+ double backgroundColor;
+
+ // Indicates whether the plugin allows to execute JavaScript and maybe XFA.
+ // Loading XFA for PDF forms will automatically be disabled if this flag is
+ // false.
+ boolean allowJavascript;
+ };
+
+ callback GetStreamInfoCallback = void(StreamInfo streamInfo);
+ callback IsAllowedLocalFileAccessCallback = void(boolean result);
+ callback IsPdfOcrAlwaysActiveCallback = void(boolean result);
+ callback OnPdfOcrPrefSetCallback = void(boolean result);
+ callback VoidCallback = void();
+
+ interface Functions {
+ // Returns the StreamInfo for the stream for this context if there is one.
+ [supportsPromises] static void getStreamInfo(
+ GetStreamInfoCallback callback);
+
+ // Determines if the given URL should be allowed to access local files from
+ // the PDF Viewer. |callback|: Called with true if URL should be allowed to
+ // access local files from the PDF Viewer, false otherwise.
+ [supportsPromises] static void isAllowedLocalFileAccess(
+ DOMString url,
+ IsAllowedLocalFileAccessCallback callback);
+
+ // Determines if the preference for PDF OCR is set to run PDF OCR always.
+ // |callback|: Called with true if PDF OCR is set to be always active;
+ // false otherwise.
+ [supportsPromises] static void isPdfOcrAlwaysActive(
+ IsPdfOcrAlwaysActiveCallback callback);
+
+ // Sets a pref value for PDF OCR.
+ // |value|: The new value of the pref.
+ // |callback|: The callback for whether the pref was set or not.
+ [supportsPromises] static void setPdfOcrPref(
+ boolean value, OnPdfOcrPrefSetCallback callback);
+
+ // Sets PDF plugin attributes in the stream for this context if there is
+ // one.
+ [supportsPromises] static void setPdfPluginAttributes(
+ PdfPluginAttributes attributes,
+ optional VoidCallback callback);
+ };
+
+ interface Events {
+ // Fired when a pref value for PDF OCR has changed.
+ // |value| The pref value that changed.
+ static void onPdfOcrPrefChanged(boolean value);
+
+ // Fired when the browser wants the listener to perform a save.
+ // `streamUrl`: Unique ID for the instance that should perform the save.
+ static void onSave(DOMString streamUrl);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/platform_keys.idl b/tools/under-control/src/chrome/common/extensions/api/platform_keys.idl
new file mode 100755
index 000000000..916abf8f6
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/platform_keys.idl
@@ -0,0 +1,185 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.platformKeys API to access client certificates
+// managed by the platform. If the user or policy grants the permission, an
+// extension can use such a certficate in its custom authentication protocol.
+// E.g. this allows usage of platform managed certificates in third party VPNs
+// (see $(ref:vpnProvider chrome.vpnProvider)).
+namespace platformKeys {
+ [noinline_doc] dictionary Match {
+ // The DER encoding of a X.509 certificate.
+ ArrayBuffer certificate;
+
+ // The
+ //
+ // KeyAlgorithm of the certified key. This contains algorithm
+ // parameters that are inherent to the key of the certificate (e.g. the key
+ // length). Other parameters like the hash function used by the sign
+ // function are not included.
+ object keyAlgorithm;
+ };
+
+ enum ClientCertificateType {
+ rsaSign,
+ ecdsaSign
+ };
+
+ // Analogous to TLS1.1's CertificateRequest.
+ // See http://tools.ietf.org/html/rfc4346#section-7.4.4 .
+ dictionary ClientCertificateRequest {
+ // This field is a list of the types of certificates requested, sorted in
+ // order of the server's preference. Only certificates of a type contained
+ // in this list will be retrieved. If certificateTypes is the
+ // empty list, however, certificates of any type will be returned.
+ ClientCertificateType[] certificateTypes;
+
+ // List of distinguished names of certificate authorities allowed by the
+ // server. Each entry must be a DER-encoded X.509 DistinguishedName.
+ ArrayBuffer[] certificateAuthorities;
+ };
+
+ dictionary SelectDetails {
+ // Only certificates that match this request will be returned.
+ ClientCertificateRequest request;
+
+ // If given, the selectClientCertificates operates on this
+ // list. Otherwise, obtains the list of all certificates from the platform's
+ // certificate stores that are available to this extensions.
+ // Entries that the extension doesn't have permission for or which doesn't
+ // match the request, are removed.
+ ArrayBuffer[]? clientCerts;
+
+ // If true, the filtered list is presented to the user to manually select a
+ // certificate and thereby granting the extension access to the
+ // certificate(s) and key(s). Only the selected certificate(s) will be
+ // returned. If is false, the list is reduced to all certificates that the
+ // extension has been granted access to (automatically or manually).
+ boolean interactive;
+ };
+
+ dictionary VerificationDetails {
+ // Each chain entry must be the DER encoding of a X.509 certificate, the
+ // first entry must be the server certificate and each entry must certify
+ // the entry preceding it.
+ ArrayBuffer[] serverCertificateChain;
+
+ // The hostname of the server to verify the certificate for, e.g. the server
+ // that presented the serverCertificateChain.
+ DOMString hostname;
+ };
+
+ dictionary VerificationResult {
+ // The result of the trust verification: true if trust for the given
+ // verification details could be established and false if trust is rejected
+ // for any reason.
+ boolean trusted;
+
+ // If the trust verification failed, this array contains the errors reported
+ // by the underlying network layer. Otherwise, this array is empty.
+ //
+ // Note: This list is meant for debugging only and may not
+ // contain all relevant errors. The errors returned may change in future
+ // revisions of this API, and are not guaranteed to be forwards or backwards
+ // compatible.
+ DOMString[] debug_errors;
+ };
+
+ // |matches|: The list of certificates that match the request, that the
+ // extension has permission for and, if interactive is true, that
+ // were selected by the user.
+ callback SelectCallback = void (Match[] matches);
+
+ // The public and private
+ // CryptoKey
+ // of a certificate which can only be used with
+ // $(ref:platformKeys.subtleCrypto).
+ // |privateKey|: Might be null if this extension does not have
+ // access to it.
+ callback GetKeyPairCallback = void (object publicKey,
+ optional object privateKey);
+
+ callback VerificationCallback = void (VerificationResult result);
+
+ interface Functions {
+ // This method filters from a list of client certificates the ones that
+ // are known to the platform, match request and for which the
+ // extension has permission to access the certificate and its private key.
+ // If interactive is true, the user is presented a dialog where
+ // they can select from matching certificates and grant the extension access
+ // to the certificate.
+ // The selected/filtered client certificates will be passed to
+ // callback.
+ [nocompile] static void selectClientCertificates(
+ SelectDetails details,
+ SelectCallback callback);
+
+ // Passes the key pair of certificate for usage with
+ // $(ref:platformKeys.subtleCrypto) to callback.
+ // |certificate|: The certificate of a $(ref:Match) returned by
+ // $(ref:selectClientCertificates).
+ // |parameters|: Determines signature/hash algorithm parameters additionally
+ // to the parameters fixed by the key itself. The same parameters are
+ // accepted as by WebCrypto's importKey
+ // function, e.g. RsaHashedImportParams for a RSASSA-PKCS1-v1_5
+ // key and EcKeyImportParams for EC key.
+ // Additionally for RSASSA-PKCS1-v1_5 keys, hashing algorithm name parameter
+ // can be specified with one of the following values: "none", "SHA-1",
+ // "SHA-256", "SHA-384", or "SHA-512", e.g.
+ // {"hash": { "name": "none" } }. The sign function will then
+ // apply PKCS#1 v1.5 padding but not hash the given data.
+ // Currently, this method only supports the "RSASSA-PKCS1-v1_5" and + // "ECDSA" algorithms.
+ [nocompile, doesNotSupportPromises= + "Multi-parameter callback crbug.com/1313625"] + static void getKeyPair(ArrayBuffer certificate, + object parameters, + GetKeyPairCallback callback); + + // Passes the key pair identified bypublicKeySpkiDer for
+ // usage with $(ref:platformKeys.subtleCrypto) to callback.
+ // |publicKeySpkiDer|: A DER-encoded X.509 SubjectPublicKeyInfo, obtained
+ // e.g. by calling WebCrypto's exportKey function with format="spki".
+ // |parameters|: Provides signature and hash algorithm parameters, in
+ // addition to those fixed by the key itself. The same parameters are
+ // accepted as by WebCrypto's importKey
+ // function, e.g. RsaHashedImportParams for a RSASSA-PKCS1-v1_5
+ // key. For RSASSA-PKCS1-v1_5 keys, we need to also pass a "hash" parameter
+ // { "hash": { "name": string } }. The "hash" parameter
+ // represents the name of the hashing algorithm to be used in the digest
+ // operation before a sign. It is possible to pass "none" as the hash name,
+ // in which case the sign function will apply PKCS#1 v1.5 padding and but
+ // not hash the given data.
+ // Currently, this method supports the "ECDSA" algorithm with + // named-curve P-256 and "RSASSA-PKCS1-v1_5" algorithm with one of the + // hashing algorithms "none", "SHA-1", "SHA-256", "SHA-384", and + // "SHA-512".
+ [nocompile, doesNotSupportPromises= + "Multi-parameter callback crbug.com/1313625"] + static void getKeyPairBySpki(ArrayBuffer publicKeySpkiDer, + object parameters, + GetKeyPairCallback callback); + + // An implementation of WebCrypto's + // + // SubtleCrypto + // that allows crypto operations on keys of client certificates that are + // available to this extension. + [nocompile] static object subtleCrypto(); + + // Checks whetherdetails.serverCertificateChain can be trusted
+ // for details.hostname according to the trust settings of the
+ // platform.
+ // Note: The actual behavior of the trust verification is not fully
+ // specified and might change in the future.
+ // The API implementation verifies certificate expiration, validates the
+ // certification path and checks trust by a known CA.
+ // The implementation is supposed to respect the EKU serverAuth and to
+ // support subject alternative names.
+ static void verifyTLSServerCertificate(VerificationDetails details,
+ VerificationCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/platform_keys_internal.idl b/tools/under-control/src/chrome/common/extensions/api/platform_keys_internal.idl
new file mode 100755
index 000000000..ba8568e8f
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/platform_keys_internal.idl
@@ -0,0 +1,76 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Internal API for to implement the platformKeys and enterprise.platformKeys
+// APIs.
+[implemented_in = "chrome/browser/extensions/api/platform_keys/platform_keys_api.h"]
+namespace platformKeysInternal {
+ callback SelectCallback = void (platformKeys.Match[] certs);
+
+ // Invoked by sign.
+ // |signature| The signature, a octet string.
+ callback SignCallback = void(ArrayBuffer signature);
+
+ // Called back by getPublicKey.
+ // |publicKey| The Subject Public Key Info (see X.509) of the requested
+ // certificate.
+ // |algorithm| A partial WebCrypto KeyAlgorithm containing all information
+ // that is available from the Subject Public Key Info. It does not contain
+ // signature/hash parameters.
+ callback GetPublicKeyCallback = void(ArrayBuffer publicKey, object algorithm);
+
+ interface Functions {
+ // See documentation in platformKeys.
+ static void selectClientCertificates(
+ platformKeys.SelectDetails details,
+ SelectCallback callback);
+
+ // Internal version of platformKeys.subtleCrypto.sign and
+ // enterprise.platformKeys.Token.subtleCrypto.sign.
+ // |tokenId| The id of a Token returned by |getTokens|.
+ // |publicKey| The Subject Public Key Info of a key previously generated by
+ // |generateKey| in DER encoding.
+ // |algorithmName| The name of the algorithm used to generate the key pair.
+ // |hashAlgorithmName| The recognized algorithm name of the hash algorithm,
+ // as specified by WebCrypto, that will be used to digest |data|
+ // before signing. Currently supported are: SHA-{1,256,384,512}.
+ // If instead the algorithm name "none" is provided, no hashing will be
+ // applied, the data is PKCS#1 v1.5 padded but not hashed.
+ // TODO(pneubeck): use an enum once supported:
+ // http://www.crbug.com/385539 .
+ // |data| The data to sign.
+ // |callback| Called back with the signature of |data|.
+ // TODO: Instead of ArrayBuffer should be (ArrayBuffer or ArrayBufferView),
+ // or at least (ArrayBuffer or Uint8Array).
+ static void sign(DOMString tokenId,
+ ArrayBuffer publicKey,
+ DOMString algorithmName,
+ DOMString hashAlgorithmName,
+ ArrayBuffer data,
+ SignCallback callback);
+
+ // Checks whether certificate certifies a key that allows usage
+ // of the WebCrypto algorithm algorithmName. If so, calls back
+ // callback with the key info and a WebCrypto
+ // KeyAlgorithm dictionary describing the key's algorithm. The
+ // name property will equal algorithmName.
+ // Otherwise, calls back with an error.
+ [doesNotSupportPromises="Multi-parameter callback crbug.com/1313625"]
+ static void getPublicKey(ArrayBuffer certificate,
+ DOMString algorithmName,
+ GetPublicKeyCallback callback);
+
+ // Takes as arguments a publicKeySpkiDer and
+ // algorithmName. Checks if publicKeySpkiDer is
+ // not empty and if the algorithmName specified is supported.
+ // If so, calls back callback with the key info and a WebCrypto
+ // KeyAlgorithm dictionary describing the key's algorithm. The
+ // name property will equal algorithmName.
+ // Otherwise, calls back with an error.
+ [doesNotSupportPromises="Multi-parameter callback crbug.com/1313625"]
+ static void getPublicKeyBySpki(ArrayBuffer publicKeySpkiDer,
+ DOMString algorithmName,
+ GetPublicKeyCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/printing.idl b/tools/under-control/src/chrome/common/extensions/api/printing.idl
new file mode 100755
index 000000000..a031e3817
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/printing.idl
@@ -0,0 +1,201 @@
+// Copyright 2019 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.printing API to send print jobs to printers
+// installed on Chromebook.
+[platforms=("chromeos", "lacros"),
+implemented_in="chrome/browser/extensions/api/printing/printing_api.h"]
+namespace printing {
+ dictionary SubmitJobRequest {
+ // The print job to be submitted.
+ // The only supported content type is "application/pdf", and the
+ // Cloud Job Ticket
+ // shouldn't include FitToPageTicketItem,
+ // PageRangeTicketItem, ReverseOrderTicketItem
+ // and VendorTicketItem fields since they are
+ // irrelevant for native printing. All other fields must be present.
+ printerProvider.PrintJob job;
+
+ // Used internally to store the blob uuid after parameter customization and
+ // shouldn't be populated by the extension.
+ [nodoc] DOMString? documentBlobUuid;
+ };
+
+ // The status of $(ref:submitJob) request.
+ enum SubmitJobStatus {
+ // Sent print job request is accepted.
+ OK,
+
+ // Sent print job request is rejected by the user.
+ USER_REJECTED
+ };
+
+ // Response for $(ref:submitJob) request.
+ dictionary SubmitJobResponse {
+ // The status of the request.
+ SubmitJobStatus status;
+
+ // The id of created print job. This is a unique identifier among all print
+ // jobs on the device. If status is not OK, jobId will be null.
+ DOMString? jobId;
+ };
+
+ // The source of the printer.
+ enum PrinterSource {
+ // Printer was added by user.
+ USER,
+
+ // Printer was added via policy.
+ POLICY
+ };
+
+ // Description of the printer.
+ dictionary Printer {
+ // The printer's identifier; guaranteed to be unique among printers on the
+ // device.
+ DOMString id;
+
+ // The name of the printer.
+ DOMString name;
+
+ // The human-readable description of the printer.
+ DOMString description;
+
+ // The printer URI. This can be used by extensions to choose the printer for
+ // the user.
+ DOMString uri;
+
+ // The source of the printer (user or policy configured).
+ PrinterSource source;
+
+ // The flag which shows whether the printer fits
+ //
+ // DefaultPrinterSelection rules.
+ // Note that several printers could be flagged.
+ boolean isDefault;
+
+ // The value showing how recent the printer was used for printing from
+ // Chrome. The lower the value is the more recent the printer was used. The
+ // minimum value is 0. Missing value indicates that the printer wasn't used
+ // recently. This value is guaranteed to be unique amongst printers.
+ long? recentlyUsedRank;
+ };
+
+ // The status of the printer.
+ enum PrinterStatus {
+ // The door of the printer is open. Printer still accepts print jobs.
+ DOOR_OPEN,
+
+ // The tray of the printer is missing. Printer still accepts print jobs.
+ TRAY_MISSING,
+
+ // The printer is out of ink. Printer still accepts print jobs.
+ OUT_OF_INK,
+
+ // The printer is out of paper. Printer still accepts print jobs.
+ OUT_OF_PAPER,
+
+ // The output area of the printer (e.g. tray) is full. Printer still accepts
+ // print jobs.
+ OUTPUT_FULL,
+
+ // The printer has a paper jam. Printer still accepts print jobs.
+ PAPER_JAM,
+
+ // Some generic issue. Printer still accepts print jobs.
+ GENERIC_ISSUE,
+
+ // The printer is stopped and doesn't print but still accepts print jobs.
+ STOPPED,
+
+ // The printer is unreachable and doesn't accept print jobs.
+ UNREACHABLE,
+
+ // The SSL certificate is expired. Printer accepts jobs but they fail.
+ EXPIRED_CERTIFICATE,
+
+ // The printer is available.
+ AVAILABLE
+ };
+
+ // Response for $(ref:getPrinterInfo) request.
+ dictionary GetPrinterInfoResponse {
+ // Printer capabilities in
+ //
+ // CDD format.
+ // The property may be missing.
+ object? capabilities;
+
+ // The status of the printer.
+ PrinterStatus status;
+ };
+
+ // Status of the print job.
+ enum JobStatus {
+ // Print job is received on Chrome side but was not processed yet.
+ PENDING,
+
+ // Print job is sent for printing.
+ IN_PROGRESS,
+
+ // Print job was interrupted due to some error.
+ FAILED,
+
+ // Print job was canceled by the user or via API.
+ CANCELED,
+
+ // Print job was printed without any errors.
+ PRINTED
+ };
+
+ callback SubmitJobCallback = void(SubmitJobResponse response);
+ callback CancelJobCallback = void();
+ callback GetPrintersCallback = void(Printer[] printers);
+ callback GetPrinterInfoCallback = void(GetPrinterInfoResponse response);
+
+ interface Functions {
+ // Submits the job for printing. If the extension is not listed in
+ // the
+ // PrintingAPIExtensionsAllowlist policy,
+ // the user is prompted to accept the print job.chrome.printingMetrics API to fetch data about
+// printing usage.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/printing_metrics/printing_metrics_api.h"]
+namespace printingMetrics {
+ // The source of the print job.
+ enum PrintJobSource {
+ // Specifies that the job was created from the Print Preview page
+ // initiated by the user.
+ PRINT_PREVIEW,
+
+ // Specifies that the job was created from an Android App.
+ ANDROID_APP,
+
+ // Specifies that the job was created by extension via Chrome API.
+ EXTENSION,
+
+ // Specifies that the job was created by an Isolated Web App via API.
+ ISOLATED_WEB_APP
+ };
+
+ // Specifies the final status of the print job.
+ enum PrintJobStatus {
+ // Specifies that the print job was interrupted due to some error.
+ FAILED,
+
+ // Specifies that the print job was canceled by the user or via API.
+ CANCELED,
+
+ // Specifies that the print job was printed without any errors.
+ PRINTED
+ };
+
+ // The source of the printer.
+ enum PrinterSource {
+ // Specifies that the printer was added by user.
+ USER,
+
+ // Specifies that the printer was added via policy.
+ POLICY
+ };
+
+ enum ColorMode {
+ // Specifies that black and white mode was used.
+ BLACK_AND_WHITE,
+
+ // Specifies that color mode was used.
+ COLOR
+ };
+
+ enum DuplexMode {
+ // Specifies that one-sided printing was used.
+ ONE_SIDED,
+
+ // Specifies that two-sided printing was used, flipping on long edge.
+ TWO_SIDED_LONG_EDGE,
+
+ // Specifies that two-sided printing was used, flipping on short edge.
+ TWO_SIDED_SHORT_EDGE
+ };
+
+ // The size of requested media.
+ dictionary MediaSize {
+ // Width (in micrometers) of the media used for printing.
+ long width;
+
+ // Height (in micrometers) of the media used for printing.
+ long height;
+
+ // Vendor-provided ID, e.g. "iso_a3_297x420mm" or "na_index-3x5_3x5in".
+ // Possible values are values of "media" IPP attribute and can be found on
+ //
+ // IANA page .
+ DOMString vendorId;
+ };
+
+ // The requested settings of print job.
+ dictionary PrintSettings {
+ // The requested color mode.
+ ColorMode color;
+
+ // The requested duplex mode.
+ DuplexMode duplex;
+
+ // The requested media size.
+ MediaSize mediaSize;
+
+ // The requested number of copies.
+ long copies;
+ };
+
+ // The printer info.
+ dictionary Printer {
+ // Displayed name of the printer.
+ DOMString name;
+
+ // The full path for the printer.
+ // Contains protocol, hostname, port, and queue.
+ DOMString uri;
+
+ // The source of the printer.
+ PrinterSource source;
+ };
+
+ // Print job information.
+ dictionary PrintJobInfo {
+ // The ID of the job.
+ DOMString id;
+
+ // The title of the document which was printed.
+ DOMString title;
+
+ // Source showing who initiated the print job.
+ PrintJobSource source;
+
+ // ID of source. Null if source is PRINT_PREVIEW or ANDROID_APP.
+ DOMString? sourceId;
+
+ // The final status of the job.
+ PrintJobStatus status;
+
+ // The job creation time (in milliseconds past the Unix epoch).
+ double creationTime;
+
+ // The job completion time (in milliseconds past the Unix epoch).
+ double completionTime;
+
+ // The info about the printer which printed the document.
+ Printer printer;
+
+ // The settings of the print job.
+ PrintSettings settings;
+
+ // The number of pages in the document.
+ long numberOfPages;
+
+ // The status of the printer.
+ printing.PrinterStatus printer_status;
+ };
+
+ callback GetPrintJobsCallback = void(PrintJobInfo[] jobs);
+
+ interface Functions {
+ // Returns the list of the finished print jobs.
+ [supportsPromises] static void getPrintJobs(GetPrintJobsCallback callback);
+ };
+
+ interface Events {
+ // Event fired when the print job is finished.
+ // This includes any of termination statuses: FAILED, CANCELED and PRINTED.
+ static void onPrintJobFinished(PrintJobInfo jobInfo);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/processes.idl b/tools/under-control/src/chrome/common/extensions/api/processes.idl
new file mode 100755
index 000000000..129c47cb6
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/processes.idl
@@ -0,0 +1,183 @@
+// Copyright 2016 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.processes API to interact with the browser's
+// processes.
+namespace processes {
+ // The types of the browser processes.
+ enum ProcessType {
+ browser,
+ renderer,
+ extension,
+ notification,
+ plugin,
+ worker,
+ nacl,
+ service_worker,
+ utility,
+ gpu,
+ other
+ };
+
+ // An object that represents a Chrome task running on a process. Several tasks
+ // can share the same process.
+ dictionary TaskInfo {
+ // The title of the task.
+ DOMString title;
+ // Optional tab ID, if this task represents a tab running on a renderer
+ // process.
+ long? tabId;
+ };
+
+ // The Cache object contains information about the size and utilization of a
+ // cache used by the browser.
+ dictionary Cache {
+ // The size of the cache, in bytes.
+ double size;
+ // The part of the cache that is utilized, in bytes.
+ double liveSize;
+ };
+
+ // An object containing information about one of the browser's processes.
+ dictionary Process {
+ // Unique ID of the process provided by the browser.
+ long id;
+ // The ID of the process, as provided by the OS.
+ long osProcessId;
+ // The type of process.
+ ProcessType type;
+ // The profile which the process is associated with.
+ DOMString profile;
+ // The debugging port for Native Client processes. Zero for other process
+ // types and for NaCl processes that do not have debugging enabled.
+ long naclDebugPort;
+ // Array of TaskInfos representing the tasks running on this process.
+ TaskInfo[] tasks;
+ // The most recent measurement of the process's CPU usage, expressed as the
+ // percentage of a single CPU core used in total, by all of the process's
+ // threads. This gives a value from zero to CpuInfo.numOfProcessors*100,
+ // which can exceed 100% in multi-threaded processes.
+ // Only available when receiving the object as part of a callback from
+ // onUpdated or onUpdatedWithMemory.
+ double? cpu;
+ // The most recent measurement of the process network usage, in bytes per
+ // second. Only available when receiving the object as part of a callback
+ // from onUpdated or onUpdatedWithMemory.
+ double? network;
+ // The most recent measurement of the process private memory usage, in
+ // bytes. Only available when receiving the object as part of a callback
+ // from onUpdatedWithMemory or getProcessInfo with the includeMemory flag.
+ double? privateMemory;
+ // The most recent measurement of the process JavaScript allocated memory,
+ // in bytes. Only available when receiving the object as part of a callback
+ // from onUpdated or onUpdatedWithMemory.
+ double? jsMemoryAllocated;
+ // The most recent measurement of the process JavaScript memory used, in
+ // bytes. Only available when receiving the object as part of a callback
+ // from onUpdated or onUpdatedWithMemory.
+ double? jsMemoryUsed;
+ // The most recent measurement of the process's SQLite memory usage, in
+ // bytes. Only available when receiving the object as part of a callback
+ // from onUpdated or onUpdatedWithMemory.
+ double? sqliteMemory;
+ // The most recent information about the image cache for the process. Only
+ // available when receiving the object as part of a callback from onUpdated
+ // or onUpdatedWithMemory.
+ Cache? imageCache;
+ // The most recent information about the script cache for the process. Only
+ // available when receiving the object as part of a callback from onUpdated
+ // or onUpdatedWithMemory.
+ Cache? scriptCache;
+ // The most recent information about the CSS cache for the process. Only
+ // available when receiving the object as part of a callback from onUpdated
+ // or onUpdatedWithMemory.
+ Cache? cssCache;
+ };
+
+ // A callback to report the status of the termination.
+ // |didTerminate|: True if terminating the process was successful, and false
+ // otherwise.
+ callback TerminateCallback = void(boolean didTerminate);
+
+ // A callback to return the ID of the renderer process of a tab.
+ // |processId|: Process ID of the tab's renderer process.
+ callback GetProcessIdForTabCallback = void(long processId);
+
+ // A callback called when the processes information is collected.
+ // |processes|: A dictionary of $(ref:Process) objects for each requested
+ // process that is a live child process of the current browser process,
+ // indexed by process ID. Metrics requiring aggregation over time will not be
+ // populated in each Process object.
+ callback GetProcessInfoCallback = void(object processes);
+
+ interface Functions {
+ // Returns the ID of the renderer process for the specified tab.
+ // |tabId|: The ID of the tab for which the renderer process ID is to be
+ // returned.
+ [supportsPromises] static void getProcessIdForTab(
+ long tabId,
+ GetProcessIdForTabCallback callback);
+
+ // Terminates the specified renderer process. Equivalent to visiting
+ // about:crash, but without changing the tab's URL.
+ // |processId|: The ID of the process to be terminated.
+ [supportsPromises] static void terminate(
+ long processId,
+ optional TerminateCallback callback);
+
+ // Retrieves the process information for each process ID specified.
+ // |processIds|: The list of process IDs or single process ID for which
+ // to return the process information. An empty list indicates all processes
+ // are requested.
+ // |includeMemory|: True if detailed memory usage is required. Note,
+ // collecting memory usage information incurs extra CPU usage and should
+ // only be queried for when needed.
+ [supportsPromises] static void getProcessInfo(
+ (long or long[]) processIds,
+ boolean includeMemory,
+ GetProcessInfoCallback callback);
+ };
+
+ interface Events {
+ // Fired each time the Task Manager updates its process statistics,
+ // providing the dictionary of updated Process objects, indexed by process
+ // ID.
+ // |processes|: A dictionary of updated $(ref:Process) objects for each live
+ // process in the browser, indexed by process ID. Metrics requiring
+ // aggregation over time will be populated in each Process object.
+ static void onUpdated(object processes);
+
+ // Fired each time the Task Manager updates its process statistics,
+ // providing the dictionary of updated Process objects, indexed by process
+ // ID. Identical to onUpdate, with the addition of memory usage details
+ // included in each Process object. Note, collecting memory usage
+ // information incurs extra CPU usage and should only be listened for when
+ // needed.
+ // |processes|: A dictionary of updated $(ref:Process) objects for each live
+ // process in the browser, indexed by process ID. Memory usage details will
+ // be included in each Process object.
+ static void onUpdatedWithMemory(object processes);
+
+ // Fired each time a process is created, providing the corrseponding Process
+ // object.
+ // |process|: Details of the process that was created. Metrics requiring
+ // aggregation over time will not be populated in the object.
+ static void onCreated(Process process);
+
+ // Fired each time a process becomes unresponsive, providing the
+ // corrseponding Process object.
+ // |process|: Details of the unresponsive process. Metrics requiring
+ // aggregation over time will not be populated in the object. Only available
+ // for renderer processes.
+ static void onUnresponsive(Process process);
+
+ // Fired each time a process is terminated, providing the type of exit.
+ // |processId|: The ID of the process that exited.
+ // |exitType|: The type of exit that occurred for the process - normal,
+ // abnormal, killed, crashed. Only available for renderer processes.
+ // |exitCode|: The exit code if the process exited abnormally. Only
+ // available for renderer processes.
+ static void onExited(long processId, long exitType, long exitCode);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/quick_unlock_private.idl b/tools/under-control/src/chrome/common/extensions/api/quick_unlock_private.idl
new file mode 100755
index 000000000..f70bcaea6
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/quick_unlock_private.idl
@@ -0,0 +1,151 @@
+// Copyright 2016 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.quickUnlockPrivate API to change whether the
+// lock screen is enabled and which modes are allowed (active) for unlocking a
+// Chrome OS device from the lock screen. The API is also used to set quick
+// unlock credentials.
+// Note: The API is named 'quickUnlock' for historical reasons but it should be
+// used for all lock screen settings.
+// Note: This API can not be used to actually unlock the device.
+
+[platforms=("chromeos", "lacros")]
+namespace quickUnlockPrivate {
+ dictionary TokenInfo {
+ // The authentication token that can be passed to $(ref:setModes) calls.
+ DOMString token;
+
+ // The number of seconds until the token expires. The UI should refresh the
+ // token before it expires.
+ long lifetimeSeconds;
+ };
+
+ // TODO(jdufault): Add more quick unlock modes, such as a pattern unlock.
+ enum QuickUnlockMode {
+ PIN
+ };
+
+ // The problems a given PIN might have.
+ enum CredentialProblem {
+ TOO_SHORT,
+ TOO_LONG,
+ TOO_WEAK,
+ CONTAINS_NONDIGIT
+ };
+
+ dictionary CredentialCheck {
+ // The given PINs errors. Users cannot proceed with an error.
+ CredentialProblem[] errors;
+
+ // THe given PINs warnings. Users can, but are not advised to proceed with
+ // a warning.
+ CredentialProblem[] warnings;
+ };
+
+ dictionary CredentialRequirements {
+ // The minimum allowed length for a PIN.
+ long minLength;
+
+ // The maximum allowed length for a PIN. A value of 0 indicates no maximum
+ // length.
+ long maxLength;
+ };
+
+ callback VoidResultCallback = void ();
+ callback BooleanResultCallback = void (boolean value);
+ callback TokenResultCallback = void (TokenInfo result);
+ callback ModesCallback = void (QuickUnlockMode[] modes);
+ callback CredentialCheckCallback = void (CredentialCheck check);
+ callback CredentialRequirementsCallback =
+ void (CredentialRequirements requirements);
+
+ interface Functions {
+ // Returns a token that can be used for future operations and the number
+ // of seconds until the token expires.
+ // |accountPassword|: The account password for the logged in user.
+ [supportsPromises] static void getAuthToken(DOMString accountPassword,
+ TokenResultCallback onComplete);
+
+ // Sets the lock screen enabled state. NOTE: The lock enabled state is
+ // reflected in the settings.enable_screen_lock pref, which can be read
+ // but not written using the settings_private API (which also provides
+ // policy information). This API must be used to change the pref.
+ // |token|: The token returned by $(ref:getAuthToken).
+ // |enabled|: Whether to enable the lock screen.
+ [platforms=("chromeos"), supportsPromises] static void setLockScreenEnabled(
+ DOMString token,
+ boolean enabled,
+ optional VoidResultCallback onComplete);
+
+ // Sets the PIN auto submit enabled state. NOTE: The PIN autosubmit state is
+ // reflected in the pin_unlock_autosubmit_enabled pref, which can be read
+ // but not written using the settings_private API (which also provides
+ // policy information). This API must be used to change the pref.
+ // |token|: The authentication token.
+ // |pin|: The PIN of the logged in user.
+ // |enabled|: Whether to enable PIN auto submit.
+ // |onComplete|: Called with true if the quick unlock state was updated,
+ // false otherwise. The update is treated as a single atomic operation.
+ [platforms=("chromeos"), supportsPromises]
+ static void setPinAutosubmitEnabled(
+ DOMString token,
+ DOMString pin,
+ boolean enabled,
+ BooleanResultCallback onComplete);
+
+ // Tests wether it is currently possible to authenticate using PIN.
+ [platforms=("chromeos"), supportsPromises] static void canAuthenticatePin(
+ BooleanResultCallback onComplete);
+
+ // Returns the set of quick unlock modes that are available for the user to
+ // use. Some quick unlock modes may be disabled by policy.
+ [platforms=("chromeos"), supportsPromises] static void getAvailableModes(
+ ModesCallback onComplete);
+
+ // Returns the quick unlock modes that are currently enabled and usable on
+ // the lock screen.
+ [platforms=("chromeos"), supportsPromises]
+ static void getActiveModes(ModesCallback onComplete);
+
+
+ // Checks if the given credential can be used for the given unlock mode.
+ // Enterprise policy can change credential requirements.
+ // |mode|: The quick unlock mode that is used.
+ // |credential|: The given credential.
+ // |onComplete|: Called with a list of warnings and errors the given
+ // |credential| has (or an empty list if there are none).
+ [platforms=("chromeos"), supportsPromises] static void checkCredential(
+ QuickUnlockMode mode,
+ DOMString credential,
+ CredentialCheckCallback onComplete);
+
+ // Gets the credential requirements for the given unlock mode.
+ // |mode|: The quick unlock mode that is used.
+ // |onComplete|: Called with the credential requirements of the given
+ // |mode|.
+ [platforms=("chromeos"), supportsPromises]
+ static void getCredentialRequirements(
+ QuickUnlockMode mode,
+ CredentialRequirementsCallback onComplete);
+
+ // Update the set of quick unlock modes that are currently active/enabled.
+ // |token|: The token returned by $(ref:getAuthToken).
+ // |modes|: The quick unlock modes that should be active.
+ // |credentials|: The associated credential for each mode. To keep the
+ // credential the same for the associated mode, pass an empty string.
+ // |onComplete|: Called with true if the quick unlock state was updated,
+ // false otherwise. The update is treated as a single atomic operation.
+ [platforms=("chromeos"), supportsPromises]
+ static void setModes(DOMString token,
+ QuickUnlockMode[] modes,
+ DOMString[] credentials,
+ VoidResultCallback onComplete);
+ };
+
+ interface Events {
+ // Called after the active set of quick unlock modes has changed.
+ // |activeModes|: The set of quick unlock modes which are now active.
+ static void onActiveModesChanged(QuickUnlockMode[] activeModes);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/reading_list.idl b/tools/under-control/src/chrome/common/extensions/api/reading_list.idl
new file mode 100755
index 000000000..d648705c0
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/reading_list.idl
@@ -0,0 +1,116 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.readingList API to read from and modify
+// the items in the
+// Reading List.
+namespace readingList{
+ dictionary ReadingListEntry {
+ // The url of the entry.
+ DOMString url;
+
+ // The title of the entry.
+ DOMString title;
+
+ // Will be true if the entry has been read.
+ boolean hasBeenRead;
+
+ // The last time the entry was updated.
+ // This value is in milliseconds since Jan 1, 1970.
+ double lastUpdateTime;
+
+ // The time the entry was created.
+ // Recorded in milliseconds since Jan 1, 1970.
+ double creationTime;
+ };
+
+ dictionary AddEntryOptions {
+ // The url of the entry.
+ DOMString url;
+
+ // The title of the entry.
+ DOMString title;
+
+ // Will be true if the entry has been read.
+ boolean hasBeenRead;
+ };
+
+ dictionary RemoveOptions {
+ // The url to remove.
+ DOMString url;
+ };
+
+ dictionary UpdateEntryOptions {
+ // The url that will be updated.
+ DOMString url;
+
+ // The new title. The existing tile remains if a value isn't provided.
+ DOMString? title;
+
+ // The updated read status. The existing status remains if a value
+ // isn't provided.
+ boolean? hasBeenRead;
+ };
+
+ dictionary QueryInfo {
+ // A url to search for.
+ DOMString? url;
+
+ // A title to search for.
+ DOMString? title;
+
+ // Indicates whether to search for read (true) or unread
+ // (false) items.
+ boolean? hasBeenRead;
+ };
+
+ callback AddEntryCallback = void ();
+ callback RemoveEntryCallback = void();
+ callback UpdateEntryCallback = void();
+ callback QueryCallback = void(ReadingListEntry[] entries);
+
+ interface Functions {
+ // Adds an entry to the reading list if it does not exist.
+ // |entry|: The entry to add to the reading list.
+ // |callback|: Invoked once the entry has been added.
+ [supportsPromises] static void addEntry(
+ AddEntryOptions entry,
+ optional AddEntryCallback callback);
+
+ // Removes an entry from the reading list if it exists.
+ // |info|: The entry to remove from the reading list.
+ // |callback|: Invoked once the entry has been removed.
+ [supportsPromises] static void removeEntry(
+ RemoveOptions info,
+ optional RemoveEntryCallback callback);
+
+ // Updates a reading list entry if it exists.
+ // |info|: The entry to update.
+ // |callback|: Invoked once the matched entries have been updated.
+ [supportsPromises] static void updateEntry(
+ UpdateEntryOptions info,
+ optional UpdateEntryCallback callback);
+
+ // Retrieves all entries that match the QueryInfo properties.
+ // Properties that are not provided will not be matched.
+ // |info|: The properties to search for.
+ // |callback|: Invoked once the entries have been matched.
+ [supportsPromises] static void query(QueryInfo info,
+ QueryCallback callback);
+ };
+
+ interface Events {
+ // Triggered when a ReadingListEntry is added to the reading list.
+ // |entry|: The entry that was added.
+ static void onEntryAdded(ReadingListEntry entry);
+
+ // Triggered when a ReadingListEntry is removed from the reading list.
+ // |entry|: The entry that was removed.
+ static void onEntryRemoved(ReadingListEntry entry);
+
+ // Triggered when a ReadingListEntry is updated in the reading list.
+ // |entry|: The entry that was updated.
+ static void onEntryUpdated(ReadingListEntry entry);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/resources_private.idl b/tools/under-control/src/chrome/common/extensions/api/resources_private.idl
new file mode 100755
index 000000000..31a85ce5c
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/resources_private.idl
@@ -0,0 +1,23 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// resourcesPrivate.
+namespace resourcesPrivate {
+ enum Component { identity, pdf };
+
+ callback GetStringsCallback = void (object result);
+
+ interface Functions {
+ // Gets localized strings for a component extension. Includes default WebUI
+ // loadTimeData values for text and language settings (fontsize, fontfamily,
+ // language, textdirection). See
+ // chrome/browser/extensions/api/resources_private/resources_private_api.cc
+ // for instructions on adding a new component to this API.
+ //
+ // |component| : Internal Chrome component to get strings for.
+ // |callback| : Called with a dictionary mapping names to strings.
+ [supportsPromises] static void getStrings(Component component,
+ GetStringsCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/safe_browsing_private.idl b/tools/under-control/src/chrome/common/extensions/api/safe_browsing_private.idl
new file mode 100755
index 000000000..e33f4590a
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/safe_browsing_private.idl
@@ -0,0 +1,173 @@
+// Copyright 2018 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.safeBrowsingPrivate API to observe events
+// or retrieve referrer chain.
+namespace safeBrowsingPrivate {
+
+ enum URLType {
+ // Ends with the final URL of the referrer chain.
+ EVENT_URL,
+
+ // One gesture away from the EVENT_URL, i.e. the user will click on the
+ // LANDING_PAGE, go through zero or more CLIENT_REDIRECTS, then end up
+ // at EVENT_URL.
+ LANDING_PAGE,
+
+ // One gesture away from LANDING_PAGE.
+ LANDING_REFERRER,
+
+ // The navigation is RENDER_INITIATED_WITHOUT_USER_GESTURE.
+ CLIENT_REDIRECT,
+
+ // Doesn't directly lead to the EVENT_URL, but the navigation occurred
+ // recently, so it might be involved in the event.
+ RECENT_NAVIGATION,
+
+ // Triggered by a user gesture and precedes the LANDING_REFERRER.
+ REFERRER
+ };
+
+ enum NavigationInitiation {
+ // Typically from Chrome UI, e.g. bookmarks or omnibox.
+ BROWSER_INITIATED,
+
+ // Renderer initiated navigations involve interactions with the content
+ // area, such as link clicks or JS.
+ RENDERER_INITIATED_WITHOUT_USER_GESTURE,
+ RENDERER_INITIATED_WITH_USER_GESTURE,
+
+ // Navigation is initiated by the browser process and it is believed the
+ // navigation is the result of the user copy and paste the address from the
+ // browser into the address bar.
+ COPY_PASTE_USER_INITIATED,
+
+ // Navigation is initiated by a click on a Push Notification.
+ NOTIFICATION_INITIATED
+ };
+
+ dictionary PolicySpecifiedPasswordReuse {
+ // URL where this reuse happened.
+ DOMString url;
+
+ // The user name of the policy specified password.
+ DOMString userName;
+
+ // If this a phishing url.
+ boolean isPhishingUrl;
+ };
+
+ dictionary DangerousDownloadInfo {
+ // URL of the download.
+ DOMString url;
+
+ // File name and path of the download on user's machine.
+ DOMString fileName;
+
+ // SHA256 digest of this download.
+ DOMString downloadDigestSha256;
+
+ // User name of the profile. Empty string if user name not available.
+ DOMString userName;
+ };
+
+ dictionary InterstitialInfo {
+ // Top level URL that triggers this interstitial.
+ DOMString url;
+
+ // Human-readable string indicate why this interstitial is shown.
+ DOMString reason;
+
+ // Net error code.
+ DOMString? netErrorCode;
+
+ // User name of the profile. Empty string if user name not available.
+ DOMString userName;
+ };
+
+ dictionary ServerRedirect {
+ // Server redirect URL.
+ DOMString? url;
+ };
+
+ // From ReferrerChainEntry in //src/components/safe_browsing/core/common/proto/csd.proto
+ dictionary ReferrerChainEntry {
+ // URL of this entry.
+ DOMString url;
+
+ // Only set if different from |url|.
+ DOMString? mainFrameUrl;
+
+ // Types of URLs, such as event url, landing page, etc.
+ URLType urlType;
+
+ // IP addresses corresponding to this host.
+ DOMString[]? ipAddresses;
+
+ // Referrer URL of this entry.
+ DOMString? referrerUrl;
+
+ // Main frame URL of referrer. Only set if different from |referrer_url|.
+ DOMString? referrerMainFrameUrl;
+
+ // If this URL loads in a different tab/frame from previous one.
+ boolean? isRetargeting;
+
+ double? navigationTimeMs;
+
+ // Set only if server redirects happened in navigation.
+ ServerRedirect[]? serverRedirectChain;
+
+ // How this navigation is initiated.
+ NavigationInitiation? navigationInitiation;
+
+ // Whether this entry may have been launched by an external application.
+ boolean? maybeLaunchedByExternalApp;
+
+ // Whether subframe URLs are removed due to user consent restriction.
+ boolean? isSubframeUrlRemoved;
+
+ // Whether subframe referrer URLs are removed due to user consent
+ // restriction.
+ boolean? isSubframeReferrerUrlRemoved;
+
+ // Whether any of the URLs are removed because the URL matches the
+ // SafeBrowsingAllowlistDomains enterprise policy in Chrome.
+ boolean isUrlRemovedByPolicy;
+ };
+
+ callback GetReferrerChainCallback = void(ReferrerChainEntry[] entries);
+
+ interface Functions {
+ // Gets referrer chain for the specified tab.
+ // |tabId|: Id of the tab from which to retrieve the referrer.
+ // |callback|: Called with the list of referrer chain entries.
+ [supportsPromises] static void getReferrerChain(
+ long tabId,
+ GetReferrerChainCallback callback);
+ };
+
+ interface Events {
+ // Fired when Chrome detects a reuse of a policy specified password.
+ //
+ // |reuseDetails|: Details about where the password reuse occurred.
+ static void onPolicySpecifiedPasswordReuseDetected(
+ PolicySpecifiedPasswordReuse reuseDetails);
+
+ // Fired when the user changed their policy specified password.
+ //
+ // |userName|: The user name of the policy specified password.
+ static void onPolicySpecifiedPasswordChanged(DOMString userName);
+
+ // Fired when the user opened a dangerous download.
+ static void onDangerousDownloadOpened(DangerousDownloadInfo dict);
+
+ // Fired when a security interstitial is shown to the user.
+ static void onSecurityInterstitialShown(InterstitialInfo dict);
+
+ // Fired when the user clicked-through a security interstitial.
+ static void onSecurityInterstitialProceeded(InterstitialInfo dict);
+ };
+
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/scripting.idl b/tools/under-control/src/chrome/common/extensions/api/scripting.idl
new file mode 100755
index 000000000..2bdfeae9f
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/scripting.idl
@@ -0,0 +1,266 @@
+// Copyright 2020 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.scripting API to execute script in different
+// contexts.
+namespace scripting {
+ callback InjectedFunction = void();
+
+ // The origin for a style change.
+ // See style origins
+ // for more info.
+ enum StyleOrigin {
+ AUTHOR,
+ USER
+ };
+
+ // The JavaScript world for a script to execute within.
+ enum ExecutionWorld {
+ // Specifies the isolated world, which is the execution environment unique
+ // to this extension.
+ ISOLATED,
+ // Specifies the main world of the DOM, which is the execution environment
+ // shared with the host page's JavaScript.
+ MAIN
+ };
+
+ dictionary InjectionTarget {
+ // The ID of the tab into which to inject.
+ long tabId;
+
+ // The IDs
+ // of specific frames to inject into.
+ long[]? frameIds;
+
+ // The IDs
+ // of specific documentIds to inject into. This must not be set if
+ // frameIds is set.
+ DOMString[]? documentIds;
+
+ // Whether the script should inject into all frames within the tab. Defaults
+ // to false.
+ // This must not be true if frameIds is specified.
+ boolean? allFrames;
+ };
+
+ dictionary ScriptInjection {
+ // A JavaScript function to inject. This function will be serialized, and
+ // then deserialized for injection. This means that any bound parameters
+ // and execution context will be lost.
+ // Exactly one of files or func must be
+ // specified.
+ [serializableFunction]InjectedFunction? func;
+
+ // The arguments to pass to the provided function. This is only valid if
+ // the func parameter is specified. These arguments must be
+ // JSON-serializable.
+ any[]? args;
+
+ // We used to call the injected function `function`, but this is
+ // incompatible with JavaScript's object declaration shorthand (see
+ // https://crbug.com/1166438). We leave this silently in for backwards
+ // compatibility.
+ // TODO(devlin): Remove this in M95.
+ [nodoc, serializableFunction]InjectedFunction? function;
+
+ // The path of the JS or CSS files to inject, relative to the extension's
+ // root directory.
+ // Exactly one of files or func must be
+ // specified.
+ DOMString[]? files;
+
+ // Details specifying the target into which to inject the script.
+ InjectionTarget target;
+
+ // The JavaScript "world" to run the script in. Defaults to
+ // ISOLATED.
+ ExecutionWorld? world;
+
+ // Whether the injection should be triggered in the target as soon as
+ // possible. Note that this is not a guarantee that injection will occur
+ // prior to page load, as the page may have already loaded by the time the
+ // script reaches the target.
+ boolean? injectImmediately;
+ };
+
+ dictionary CSSInjection {
+ // Details specifying the target into which to insert the CSS.
+ InjectionTarget target;
+
+ // A string containing the CSS to inject.
+ // Exactly one of files and css must be
+ // specified.
+ DOMString? css;
+
+ // The path of the CSS files to inject, relative to the extension's root
+ // directory.
+ // Exactly one of files and css must be
+ // specified.
+ DOMString[]? files;
+
+ // The style origin for the injection. Defaults to 'AUTHOR'.
+ StyleOrigin? origin;
+ };
+
+ dictionary InjectionResult {
+ // The result of the script execution.
+ any? result;
+
+ // The frame associated with the injection.
+ long frameId;
+
+ // The document associated with the injection.
+ DOMString documentId;
+ };
+
+ // Describes a content script to be injected into a web page registered
+ // through this API.
+ dictionary RegisteredContentScript {
+ // The id of the content script, specified in the API call. Must not start
+ // with a '_' as it's reserved as a prefix for generated script IDs.
+ DOMString id;
+ // Specifies which pages this content script will be injected into. See
+ // Match Patterns for more
+ // details on the syntax of these strings. Must be specified for
+ // $(ref:registerContentScripts).
+ DOMString[]? matches;
+ // Excludes pages that this content script would otherwise be injected into.
+ // See Match Patterns for
+ // more details on the syntax of these strings.
+ DOMString[]? excludeMatches;
+ // The list of CSS files to be injected into matching pages. These are
+ // injected in the order they appear in this array, before any DOM is
+ // constructed or displayed for the page.
+ DOMString[]? css;
+ // The list of JavaScript files to be injected into matching pages. These
+ // are injected in the order they appear in this array.
+ DOMString[]? js;
+ // If specified true, it will inject into all frames, even if the frame is
+ // not the top-most frame in the tab. Each frame is checked independently
+ // for URL requirements; it will not inject into child frames if the URL
+ // requirements are not met. Defaults to false, meaning that only the top
+ // frame is matched.
+ boolean? allFrames;
+ // Indicates whether the script can be injected into frames where the URL
+ // contains an unsupported scheme; specifically: about:, data:, blob:, or
+ // filesystem:. In these cases, the URL's origin is checked to determine if
+ // the script should be injected. If the origin is `null` (as is the case
+ // for data: URLs) then the used origin is either the frame that created
+ // the current frame or the frame that initiated the navigation to this
+ // frame. Note that this may not be the parent frame.
+ boolean? matchOriginAsFallback;
+ // Specifies when JavaScript files are injected into the web page. The
+ // preferred and default value is document_idle.
+ extensionTypes.RunAt? runAt;
+ // Specifies if this content script will persist into future sessions. The
+ // default is true.
+ boolean? persistAcrossSessions;
+ // The JavaScript "world" to run the script in. Defaults to
+ // ISOLATED.
+ ExecutionWorld? world;
+ };
+
+ // An object used to filter content scripts for
+ // ${ref:getRegisteredContentScripts}.
+ dictionary ContentScriptFilter {
+ // If specified, $(ref:getRegisteredContentScripts) will only return scripts
+ // with an id specified in this list.
+ DOMString[]? ids;
+ };
+
+ callback ScriptInjectionCallback = void(InjectionResult[] results);
+
+ callback CSSInjectionCallback = void();
+
+ callback RegisterContentScriptsCallback = void();
+
+ callback GetRegisteredContentScriptsCallback = void(
+ RegisteredContentScript[] scripts);
+
+ callback UnregisterContentScriptsCallback = void();
+
+ callback UpdateContentScriptsCallback = void();
+
+ interface Properties {
+ // An object available for content scripts running in isolated worlds to use
+ // and modify as a JS object. One instance exists per frame and is shared
+ // between all content scripts for a given extension. This object is
+ // initialized when the frame is created, before document_start.
+ // TODO(crbug.com/1054624): Enable this once implementation is complete.
+ [nodoc, nocompile] static long globalParams();
+ };
+
+ interface Functions {
+ // Injects a script into a target context. The script will be run at
+ // document_idle. If the script evaluates to a promise,
+ // the browser will wait for the promise to settle and return the
+ // resulting value.
+ // |injection|: The details of the script which to inject.
+ // |callback|: Invoked upon completion of the injection. The resulting
+ // array contains the result of execution for each frame where the
+ // injection succeeded.
+ [supportsPromises] static void executeScript(
+ ScriptInjection injection,
+ optional ScriptInjectionCallback callback);
+
+ // Inserts a CSS stylesheet into a target context.
+ // If multiple frames are specified, unsuccessful injections are ignored.
+ // |injection|: The details of the styles to insert.
+ // |callback|: Invoked upon completion of the insertion.
+ [supportsPromises] static void insertCSS(
+ CSSInjection injection,
+ optional CSSInjectionCallback callback);
+
+ // Removes a CSS stylesheet that was previously inserted by this extension
+ // from a target context.
+ // |injection|: The details of the styles to remove. Note that the
+ // css, files, and origin properties
+ // must exactly match the stylesheet inserted through $(ref:insertCSS).
+ // Attempting to remove a non-existent stylesheet is a no-op.
+ // |callback|: A callback to be invoked upon the completion of the removal.
+ [supportsPromises] static void removeCSS(
+ CSSInjection injection,
+ optional CSSInjectionCallback callback);
+
+ // Registers one or more content scripts for this extension.
+ // |scripts|: Contains a list of scripts to be registered. If there are
+ // errors during script parsing/file validation, or if the IDs specified
+ // already exist, then no scripts are registered.
+ // |callback|: A callback to be invoked once scripts have been fully
+ // registered or if an error has occurred.
+ [supportsPromises] static void registerContentScripts(
+ RegisteredContentScript[] scripts,
+ optional RegisterContentScriptsCallback callback);
+
+ // Returns all dynamically registered content scripts for this extension
+ // that match the given filter.
+ // |filter|: An object to filter the extension's dynamically registered
+ // scripts.
+ [supportsPromises] static void getRegisteredContentScripts(
+ optional ContentScriptFilter filter,
+ GetRegisteredContentScriptsCallback callback);
+
+ // Unregisters content scripts for this extension.
+ // |filter|: If specified, only unregisters dynamic content scripts which
+ // match the filter. Otherwise, all of the extension's dynamic content
+ // scripts are unregistered.
+ // |callback|: A callback to be invoked once scripts have been unregistered
+ // or if an error has occurred.
+ [supportsPromises] static void unregisterContentScripts(
+ optional ContentScriptFilter filter,
+ optional UnregisterContentScriptsCallback callback);
+
+ // Updates one or more content scripts for this extension.
+ // |scripts|: Contains a list of scripts to be updated. A property is only
+ // updated for the existing script if it is specified in this object. If
+ // there are errors during script parsing/file validation, or if the IDs
+ // specified do not correspond to a fully registered script, then no scripts
+ // are updated.
+ // |callback|: A callback to be invoked once scripts have been updated or
+ // if an error has occurred.
+ [supportsPromises] static void updateContentScripts(
+ RegisteredContentScript[] scripts,
+ optional RegisterContentScriptsCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/search.idl b/tools/under-control/src/chrome/common/extensions/api/search.idl
new file mode 100755
index 000000000..db3bea429
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/search.idl
@@ -0,0 +1,41 @@
+// Copyright 2020 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.search API to search via the default provider.
+namespace search {
+ enum Disposition {
+ // Specifies that the search results display in the calling tab or the tab
+ // from the active browser.
+ CURRENT_TAB,
+
+ // Specifies that the search results display in a new tab.
+ NEW_TAB,
+
+ // Specifies that the search results display in a new window.
+ NEW_WINDOW
+ };
+
+ dictionary QueryInfo {
+ // String to query with the default search provider.
+ DOMString text;
+
+ // Location where search results should be displayed.
+ // CURRENT_TAB is the default.
+ Disposition? disposition;
+
+ // Location where search results should be displayed.
+ // tabId cannot be used with disposition.
+ long? tabId;
+ };
+
+ callback QueryCallback = void();
+
+ interface Functions {
+ // Used to query the default search provider.
+ // In case of an error,
+ // $(ref:runtime.lastError) will be set.
+ [supportsPromises] static void query(QueryInfo queryInfo,
+ optional QueryCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/settings_private.idl b/tools/under-control/src/chrome/common/extensions/api/settings_private.idl
new file mode 100755
index 000000000..e0ee0b111
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/settings_private.idl
@@ -0,0 +1,124 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.settingsPrivate API to get or set preferences
+// from the settings UI. Access is restricted to a set of allowed user facing
+// preferences.
+namespace settingsPrivate {
+ enum PrefType { BOOLEAN, NUMBER, STRING, URL, LIST, DICTIONARY };
+
+ enum ControlledBy {
+ DEVICE_POLICY,
+ USER_POLICY,
+ OWNER,
+ PRIMARY_USER,
+ EXTENSION,
+
+ // Preferences are controlled by the parent of the child user.
+ PARENT,
+
+ // Preferences are controlled neither by parent nor the child user.
+ // Preference values are hard-coded values and can not be changed.
+ CHILD_RESTRICTION
+ };
+
+ enum Enforcement {
+ // Value cannot be changed by user.
+ ENFORCED,
+ // Value can be changed, but the administrator recommends a default.
+ RECOMMENDED,
+ // Value is protected by a code that only parents can access. The logic to
+ // require the code is NOT automatically added to a preference using this
+ // enforcement. This is only used to display the correct pref indicator.
+ PARENT_SUPERVISED
+ };
+
+ dictionary PrefObject {
+ // The key for the pref.
+ DOMString key;
+
+ // The type of the pref (e.g., boolean, string, etc.).
+ PrefType type;
+
+ // The current value of the pref.
+ any? value;
+
+ // The policy source of the pref; an undefined value means there is no
+ // policy.
+ ControlledBy? controlledBy;
+
+ // The owner name if controlledBy == OWNER.
+ // The primary user name if controlledBy == PRIMARY_USER.
+ // The extension name if controlledBy == EXTENSION.
+ DOMString? controlledByName;
+
+ // The policy enforcement of the pref; must be specified if controlledBy is
+ // also present.
+ Enforcement? enforcement;
+
+ // The recommended value if enforcement == RECOMMENDED.
+ any? recommendedValue;
+
+ // If enforcement == ENFORCED this optionally specifies preference values
+ // that are still available for selection by the user. If set, must contain
+ // at least 2 distinct values, as must contain |value| and
+ // |recommendedValue| (if present).
+ any[]? userSelectableValues;
+
+ // If true, user control of the preference is disabled for reasons unrelated
+ // to controlledBy (e.g. no signed-in profile is present). A false value is
+ // a no-op.
+ boolean? userControlDisabled;
+
+ // The extension ID if controlledBy == EXTENSION.
+ DOMString? extensionId;
+
+ // Whether the controlling extension can be disabled if controlledBy ==
+ // EXTENSION.
+ boolean? extensionCanBeDisabled;
+ };
+
+ callback OnPrefSetCallback = void (boolean success);
+ callback GetAllPrefsCallback = void (PrefObject[] prefs);
+ callback GetPrefCallback = void (PrefObject pref);
+ callback GetDefaultZoomCallback = void (double zoom);
+ callback SetDefaultZoomCallback = void (boolean success);
+
+ interface Functions {
+ // Sets a pref value.
+ // |name|: The name of the pref.
+ // |value|: The new value of the pref.
+ // |pageId|: An optional user metrics identifier.
+ // |callback|: The callback for whether the pref was set or not.
+ [supportsPromises] static void setPref(DOMString name,
+ any value,
+ optional DOMString pageId,
+ optional OnPrefSetCallback callback);
+
+ // Gets an array of all the prefs.
+ [supportsPromises] static void getAllPrefs(GetAllPrefsCallback callback);
+
+ // Gets the value of a specific pref.
+ [supportsPromises] static void getPref(DOMString name,
+ GetPrefCallback callback);
+
+ // Gets the default page zoom factor. Possible values are currently between
+ // 0.25 and 5. For a full list, see zoom::kPresetZoomFactors.
+ [supportsPromises] static void getDefaultZoom(
+ GetDefaultZoomCallback callback);
+
+ // Sets the page zoom factor. Must be less than 0.001 different than a value
+ // in zoom::kPresetZoomFactors.
+ [supportsPromises] static void setDefaultZoom(
+ double zoom,
+ optional SetDefaultZoomCallback callback);
+ };
+
+ interface Events {
+ // Fired when a set of prefs has changed.
+ //
+ // |prefs| The prefs that changed.
+ static void onPrefsChanged(PrefObject[] prefs);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/shared_storage_private.idl b/tools/under-control/src/chrome/common/extensions/api/shared_storage_private.idl
new file mode 100755
index 000000000..4f965efab
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/shared_storage_private.idl
@@ -0,0 +1,30 @@
+// Copyright 2022 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Used by gnubbyd in ash and lacros. Stores small amounts of data in ash prefs
+// which is shared by ash and lacros versions of the extension.
+// TODO(b/231890240): Once Terminal SWA runs in lacros rather than ash, we can
+// migrate gnubbyd back to using chrome.storage.local and remove this private
+// API.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/extensions/api/shared_storage/shared_storage_private_api.h"]
+namespace sharedStoragePrivate {
+
+ callback GetCallback = void (object items);
+ callback SetCallback = void ();
+ callback RemoveCallback = void ();
+
+ interface Functions {
+ // Gets all items from shared extension local storage.
+ [supportsPromises] static void get(GetCallback callback);
+
+ // Sets given items into shared extension local storage.
+ [supportsPromises] static void set(object items, SetCallback callback);
+
+ // Removes item from shared extension local storage.
+ [supportsPromises] static void remove(
+ DOMString[] keys, RemoveCallback callback);
+ };
+};
+
diff --git a/tools/under-control/src/chrome/common/extensions/api/side_panel.idl b/tools/under-control/src/chrome/common/extensions/api/side_panel.idl
new file mode 100755
index 000000000..d04424c9b
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/side_panel.idl
@@ -0,0 +1,106 @@
+// Copyright 2022 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the `chrome.sidePanel` API to host content in the browser's side panel
+// alongside the main content of a webpage.
+namespace sidePanel {
+ dictionary SidePanel {
+ // Developer specified path for side panel display.
+ DOMString default_path;
+ };
+
+ dictionary ManifestKeys {
+ SidePanel side_panel;
+ };
+
+ // The options used when setting a side panel. Omitted properties are
+ // unchanged.
+ dictionary PanelOptions {
+ // If specified, the side panel options will only apply to the tab with
+ // this id. If omitted, these options set the default behavior (used for any
+ // tab that doesn't have specific settings). Note: if the same path is set
+ // for this tabId and the default tabId, then the panel for this tabId will
+ // be a different instance than the panel for the default tabId.
+ long? tabId;
+ // The path to the side panel HTML file to use. This must be a local
+ // resource within the extension package.
+ DOMString? path;
+ // Whether the side panel should be enabled. This is optional. The default
+ // value is true.
+ boolean? enabled;
+ };
+
+ // A dictionary containing the extension's options for how its side panel
+ // behaves.
+ dictionary PanelBehavior {
+ // Whether clicking the extension's icon will toggle showing the extension's
+ // entry in the side panel. Defaults to false.
+ boolean? openPanelOnActionClick;
+ };
+
+ dictionary GetPanelOptions {
+ // If specified, the side panel options for the given tab will be returned.
+ // Otherwise, returns the default side panel options (used for any tab that
+ // doesn't have specific settings).
+ long? tabId;
+ };
+
+ // Options for opening the side panel.
+ // At least one of `tabId` or `windowId` must be specified.
+ dictionary OpenOptions {
+ // The window in which to open the side panel. This is only applicable if
+ // the extension has a global (non-tab-specific) side panel or
+ // tabId is also specified. This will override any
+ // currently-active global side panel the user has open in the given
+ // window. At least one of this or tabId must be provided.
+ long? windowId;
+
+ // The tab in which to open the side panel. If the corresponding tab has
+ // a tab-specific side panel, the panel will only be open for that tab.
+ // If there is not a tab-specific panel, the global panel will be open in
+ // the specified tab and any other tabs without a currently-open tab-
+ // specific panel. This will override any currently-active side panel
+ // (global or tab-specific) in the corresponding tab. At least one of this
+ // or windowId must be provided.
+ long? tabId;
+ };
+
+ callback VoidCallback = void();
+ callback PanelOptionsCallback = void(PanelOptions options);
+ callback PanelBehaviorCallback = void(PanelBehavior behavior);
+
+ interface Functions {
+ // Configures the side panel.
+ // |options|: The configuration options to apply to the panel.
+ // |callback|: Invoked when the options have been set.
+ [supportsPromises] static void setOptions(PanelOptions options,
+ optional VoidCallback callback);
+
+ // Returns the active panel configuration.
+ // |options|: Specifies the context to return the configuration for.
+ // |callback|: Called with the active panel configuration.
+ [supportsPromises] static void getOptions(GetPanelOptions options,
+ PanelOptionsCallback callback);
+
+ // Configures the extension's side panel behavior. This is an upsert
+ // operation.
+ // |behavior|: The new behavior to be set.
+ // |callback|: Called when the new behavior has been set.
+ [supportsPromises] static void setPanelBehavior(
+ PanelBehavior behavior,
+ optional VoidCallback callback);
+
+ // Returns the extension's current side panel behavior.
+ // |callback|: Called with the extension's side panel behavior.
+ [supportsPromises] static void getPanelBehavior(
+ PanelBehaviorCallback callback);
+
+ // Opens the side panel for the extension.
+ // This may only be called in response to a user action.
+ // |options|: Specifies the context in which to open the side panel.
+ // |callback|: Called when the side panel has been opened.
+ [supportsPromises] static void open(OpenOptions options,
+ VoidCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/smart_card_provider_private.idl b/tools/under-control/src/chrome/common/extensions/api/smart_card_provider_private.idl
new file mode 100755
index 000000000..344c444a5
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/smart_card_provider_private.idl
@@ -0,0 +1,268 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use this API to give the browser access to a winscard.h[1] compatible
+// PC/SC[2] implementation, which will be the backend of the browser's
+// Web Smart Card API[3].
+//
+// [1] https://pcsclite.apdu.fr/api/winscard_8h.html
+// [2] https://en.wikipedia.org/wiki/PC/SC
+// [3] https://github.com/WICG/web-smart-card/blob/main/README.md#web-idl
+//
+// TODO(crbug.com/1386175): Add API for the remaining SCard* functions.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/smart_card_provider_private/smart_card_provider_private_api.h"]
+namespace smartCardProviderPrivate {
+
+ // PC/SC error codes we can expect to hit (thus a non-exhaustive list).
+ // UNKNOWN means an SCARD error code that is not mapped in this enum (and
+ // thus should probably be added here).
+ enum ResultCode {
+ SUCCESS,
+ REMOVED_CARD,
+ RESET_CARD,
+ UNPOWERED_CARD,
+ UNRESPONSIVE_CARD,
+ UNSUPPORTED_CARD,
+ READER_UNAVAILABLE,
+ SHARING_VIOLATION,
+ NOT_TRANSACTED,
+ NO_SMARTCARD,
+ PROTO_MISMATCH,
+ SYSTEM_CANCELLED,
+ NOT_READY,
+ CANCELLED,
+ INSUFFICIENT_BUFFER,
+ INVALID_HANDLE,
+ INVALID_PARAMETER,
+ INVALID_VALUE,
+ NO_MEMORY,
+ TIMEOUT,
+ UNKNOWN_READER,
+ UNSUPPORTED_FEATURE,
+ NO_READERS_AVAILABLE,
+ SERVICE_STOPPED,
+ NO_SERVICE,
+ COMM_ERROR,
+ INTERNAL_ERROR,
+ UNKNOWN_ERROR,
+ SERVER_TOO_BUSY,
+ UNEXPECTED,
+ SHUTDOWN,
+ UNKNOWN
+ };
+
+ // Maps to the SCARD_SHARE_* values defined in the winscard.h API.
+ enum ShareMode {
+ SHARED,
+ EXCLUSIVE,
+ DIRECT
+ };
+
+ // What the reader should do with the card inserted in it.
+ enum Disposition {
+ // SCARD_LEAVE_CARD - Do nothing.
+ LEAVE_CARD,
+ // SCARD_RESET_CARD - Reset the card (warm reset).
+ RESET_CARD,
+ // SCARD_UNPOWER_CARD - Power down the card (cold reset).
+ UNPOWER_CARD,
+ // SCARD_EJECT_CARD - Eject the card.
+ EJECT_CARD
+ };
+
+ enum ConnectionState {
+ // SCARD_ABSENT
+ ABSENT,
+ // SCARD_PRESENT
+ PRESENT,
+ // SCARD_SWALLOWED
+ SWALLOWED,
+ // SCARD_POWERED
+ POWERED,
+ // SCARD_NEGOTIABLE
+ NEGOTIABLE,
+ // SCARD_SPECIFIC
+ SPECIFIC
+ };
+
+ // Maps to the SCARD_STATE_* flags defined in the winscard.h API.
+ dictionary ReaderStateFlags {
+ boolean? unaware;
+ boolean? ignore;
+ boolean? changed;
+ boolean? unknown;
+ boolean? unavailable;
+ boolean? empty;
+ boolean? present;
+ boolean? exclusive;
+ boolean? inuse;
+ boolean? mute;
+ boolean? unpowered;
+ };
+
+ // Maps to the SCARD_PROTOCOL_* flags defined in the winscard.h API.
+ dictionary Protocols {
+ boolean? t0;
+ boolean? t1;
+ boolean? raw;
+ };
+
+ // Maps to the SCARD_PROTOCOL_* values defined in the winscard.h API.
+ enum Protocol {
+ UNDEFINED,
+ T0,
+ T1,
+ RAW
+ };
+
+ dictionary ReaderStateIn {
+ DOMString reader;
+ ReaderStateFlags currentState;
+ // Number of card insertion and removal events that happened in this reader,
+ // as known by the application.
+ long currentCount;
+ };
+
+ dictionary ReaderStateOut {
+ DOMString reader;
+ ReaderStateFlags eventState;
+ // The actual number of card insertion and removal events that happened in
+ // this reader.
+ // Set to zero if not supported.
+ long eventCount;
+ ArrayBuffer atr;
+ };
+
+ dictionary Timeout {
+ // If absent, it means "infinite" or "never timeout"
+ long? milliseconds;
+ };
+
+ interface Events {
+ // Browser requested a SCardEstablishContext call.
+ // Extension must report the result to the browser by calling
+ // reportEstablishContextResult.
+ [maxListeners=1] static void onEstablishContextRequested(long requestId);
+
+ // Browser requested a SCardReleaseContext call.
+ // Extension must report the result to the browser by calling
+ // reportReleaseContextResult.
+ [maxListeners=1] static void onReleaseContextRequested(long requestId,
+ long scardContext);
+
+ // Browser requested a SCardListReaders call.
+ // Extension must report the result to the browser by calling
+ // reportListReadersResult.
+ [maxListeners=1] static void onListReadersRequested(long requestId,
+ long scardContext);
+
+ // Browser requested a SCardGetStatusChange call.
+ // Extension must report the result to the browser by calling
+ // reportGetStatusChangeResult.
+ [maxListeners=1] static void onGetStatusChangeRequested(long requestId,
+ long scardContext,
+ Timeout timeout,
+ ReaderStateIn[] readerStates);
+
+ // Browser requested a SCardCancel call.
+ // Extension must report the result to the browser by calling
+ // reportPlainResult.
+ [maxListeners=1] static void onCancelRequested(long requestId,
+ long scardContext);
+
+ // Browser requested a SCardConnect call.
+ // Extension must report the result to the browser by calling
+ // reportConnectResult.
+ [maxListeners=1] static void onConnectRequested(long requestId,
+ long scardContext,
+ DOMString reader,
+ ShareMode shareMode,
+ Protocols preferredProtocols);
+
+ // Browser requested a SCardDisconnect call.
+ // Extension must report the result to the browser by calling
+ // reportPlainResult.
+ [maxListeners=1] static void onDisconnectRequested(long requestId,
+ long scardHandle, Disposition disposition);
+
+ // Browser requested a SCardTransmit call.
+ // Extension must report the result to the browser by calling
+ // reportDataResult.
+ [maxListeners=1] static void onTransmitRequested(long requestId,
+ long scardHandle, Protocol protocol, ArrayBuffer data);
+
+ // Browser requested a SCardControl call.
+ // Extension must report the result to the browser by calling
+ // reportDataResult.
+ [maxListeners=1] static void onControlRequested(long requestId,
+ long scardHandle, long controlCode, ArrayBuffer data);
+
+ // Browser requested a SCardGetAttrib call.
+ // Extension must report the result to the browser by calling
+ // reportDataResult.
+ [maxListeners=1] static void onGetAttribRequested(long requestId,
+ long scardHandle, long attribId);
+
+ // Browser requested a SCardSetAttrib call.
+ // Extension must report the result to the browser by calling
+ // reportPlainResult.
+ [maxListeners=1] static void onSetAttribRequested(long requestId,
+ long scardHandle, long attribId, ArrayBuffer data);
+
+ // Browser requested a SCardStatus call.
+ // Extension must report the result to the browser by calling
+ // reportStatusResult.
+ [maxListeners=1] static void onStatusRequested(long requestId,
+ long scardHandle);
+
+ // Browser requested a SCardBeginTransaction call.
+ // Extension must report the result to the browser by calling
+ // reportPlainResult.
+ [maxListeners=1] static void onBeginTransactionRequested(long requestId,
+ long scardHandle);
+
+ // Browser requested a SCardEndTransaction call.
+ // Extension must report the result to the browser by calling
+ // reportPlainResult.
+ [maxListeners=1] static void onEndTransactionRequested(long requestId,
+ long scardHandle, Disposition disposition);
+ };
+
+ interface Functions {
+ // Reports the result of a SCardEstablishContext call.
+ static void reportEstablishContextResult(long requestId,
+ long scardContext, ResultCode resultCode);
+
+ // Reports the result of a SCardReleaseContext call.
+ static void reportReleaseContextResult(long requestId,
+ ResultCode resultCode);
+
+ // Reports the result of a SCardListReaders call.
+ static void reportListReadersResult(long requestId,
+ DOMString[] readers, ResultCode resultCode);
+
+ // Reports the result of a SCardGetStatusChange call.
+ static void reportGetStatusChangeResult(long requestId,
+ ReaderStateOut[] readerStates, ResultCode resultCode);
+
+ // Reports the result of a call which doesn't send back any other
+ // information.
+ static void reportPlainResult(long requestId,
+ ResultCode resultCode);
+
+ // Reports the result of a SCardConnect call.
+ static void reportConnectResult(long requestId, long scardHandle,
+ Protocol activeProtocol, ResultCode resultCode);
+
+ // Reports the result of a call that sends back data on success.
+ static void reportDataResult(long requestId, ArrayBuffer data,
+ ResultCode resultCode);
+
+ // Reports the result of a SCardStatus call.
+ static void reportStatusResult(long requestId, DOMString readerName,
+ ConnectionState state, Protocol protocol, ArrayBuffer atr,
+ ResultCode resultCode);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/speech_recognition_private.idl b/tools/under-control/src/chrome/common/extensions/api/speech_recognition_private.idl
new file mode 100755
index 000000000..117dadf54
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/speech_recognition_private.idl
@@ -0,0 +1,86 @@
+// Copyright 2021 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// The chrome.speechRecognitionPrivate API allows internal
+// extensions to use either network-based or on-device speech recognition.
+[platforms=("chromeos"), implemented_in="chrome/browser/ash/extensions/speech/speech_recognition_private_api.h"]
+
+namespace speechRecognitionPrivate {
+ // Possible types of speech recognition.
+ enum SpeechRecognitionType {
+ onDevice,
+ network
+ };
+
+ // Interface for an onStop event.
+ dictionary SpeechRecognitionStopEvent {
+ // Optional client ID.
+ long? clientId;
+ };
+
+ // Interface for a speech recognition result event.
+ dictionary SpeechRecognitionResultEvent {
+ // Optional client ID.
+ long? clientId;
+ // The recognized phrase or sentence.
+ DOMString transcript;
+ // Whether the result is a final or an interim result.
+ boolean isFinal;
+ };
+
+ // Interface for a speech recognition error event.
+ dictionary SpeechRecognitionErrorEvent {
+ // Optional client ID.
+ long? clientId;
+ // A message describing the error.
+ DOMString message;
+ };
+
+ // Interface for options used when starting speech recognition.
+ dictionary StartOptions {
+ // An optional ID to specify the client.
+ long? clientId;
+ // The locale, in BCP-47 format e.g. "en-US", to use for speech recognition.
+ DOMString? locale;
+ // Whether interim speech results should be returned.
+ boolean? interimResults;
+ };
+
+ // Interface for options used when stopping speech recognition.
+ dictionary StopOptions {
+ // An optional ID to specify the client. This must match the clientId
+ // used when starting speech recognition to work as intended.
+ long? clientId;
+ };
+
+ // Called when speech recognition has begun listening to the user's audio.
+ // The callback's parameter specifies which type of speech recognition
+ // is being used.
+ callback OnStartCallback = void(SpeechRecognitionType type);
+ // Called when speech recognition has stopped listening to the user's audio.
+ callback OnStopCallback = void();
+
+ interface Functions {
+ // Starts listening to audio from the user. The callback is invoked when
+ // speech recognition has started. If speech recognition is already active
+ // when calling start(), the callback is run with an error.
+ [supportsPromises] static void start(StartOptions options,
+ OnStartCallback callback);
+
+ // Stops listening to audio from the user. The callback is invoked when
+ // speech recognition has stopped. If speech recognition has already stopped
+ // when calling stop(), the callback is run with an error.
+ [supportsPromises] static void stop(StopOptions options,
+ OnStopCallback callback);
+ };
+
+ interface Events {
+ // Fired when speech recognition stops.
+ static void onStop(SpeechRecognitionStopEvent event);
+ // Fired when a speech recognition result is returned.
+ static void onResult(SpeechRecognitionResultEvent event);
+ // Fired when a speech recognition error occurs.
+ static void onError(SpeechRecognitionErrorEvent event);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/system_indicator.idl b/tools/under-control/src/chrome/common/extensions/api/system_indicator.idl
new file mode 100755
index 000000000..47fdadf70
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/system_indicator.idl
@@ -0,0 +1,37 @@
+// Copyright 2012 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Manages an app's system indicator icon, an image displayed in the system's
+// menubar, system tray, or other visible area provided by the OS.
+// This is modelled after the other extension action APIs, such as
+// chrome.browserAction and chrome.pageAction.
+namespace systemIndicator {
+ dictionary SetIconDetails {
+ any? path;
+ any? imageData;
+ };
+
+ callback DoneCallback = void ();
+
+ interface Functions {
+ // Set the image to be used as an indicator icon, using a set of ImageData
+ // objects. These objects should have multiple resolutions so that an
+ // appropriate size can be selected for the given icon size and DPI scaling
+ // settings. Only square ImageData objects are accepted.
+ [supportsPromises] static void setIcon(SetIconDetails details,
+ optional DoneCallback callback);
+
+ // Show the icon in the status tray.
+ static void enable();
+
+ // Hide the icon from the status tray.
+ static void disable();
+ };
+
+ interface Events {
+ // Fired only when a click on the icon does not result in a menu being
+ // shown.
+ static void onClicked();
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/system_log.idl b/tools/under-control/src/chrome/common/extensions/api/system_log.idl
new file mode 100755
index 000000000..05138453d
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/system_log.idl
@@ -0,0 +1,25 @@
+// Copyright 2022 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.systemLog API to record Chrome system logs from
+// extensions.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/system_log/system_log_api.h"]
+namespace systemLog {
+ callback VoidCallback = void ();
+
+ // Options for $(ref:add).
+ // |message|: A log message to record.
+ dictionary MessageOptions {
+ DOMString message;
+ };
+
+ interface Functions {
+ // Adds a new log record.
+ // |options|: The logging options.
+ // |callback|: A callback to invoke once the log has been added.
+ [supportsPromises] static void add(MessageOptions options,
+ optional VoidCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/tab_capture.idl b/tools/under-control/src/chrome/common/extensions/api/tab_capture.idl
new file mode 100755
index 000000000..2cf2a4ef0
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/tab_capture.idl
@@ -0,0 +1,130 @@
+// Copyright 2012 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.tabCapture API to interact with tab media
+// streams.
+namespace tabCapture {
+
+ enum TabCaptureState {
+ pending,
+ active,
+ stopped,
+ error
+ };
+
+ dictionary CaptureInfo {
+ // The id of the tab whose status changed.
+ long tabId;
+
+ // The new capture status of the tab.
+ TabCaptureState status;
+
+ // Whether an element in the tab being captured is in fullscreen mode.
+ boolean fullscreen;
+ };
+
+ // MediaTrackConstraints for the media streams that will be passed to WebRTC.
+ // See section on MediaTrackConstraints:
+ // http://dev.w3.org/2011/webrtc/editor/getusermedia.html
+ dictionary MediaStreamConstraint {
+ object mandatory;
+ object? _optional;
+ };
+
+ // Whether we are requesting tab video and/or audio and the
+ // MediaTrackConstraints that should be set for these streams.
+ dictionary CaptureOptions {
+ boolean? audio;
+ boolean? video;
+ MediaStreamConstraint? audioConstraints;
+ MediaStreamConstraint? videoConstraints;
+ [nodoc] DOMString? presentationId;
+ };
+
+ dictionary GetMediaStreamOptions {
+ // Optional tab id of the tab which will later invoke
+ // getUserMedia() to consume the stream. If not specified
+ // then the resulting stream can be used only by the calling extension.
+ // The stream can only be used by frames in the given tab whose security
+ // origin matches the consumber tab's origin. The tab's origin must be a
+ // secure origin, e.g. HTTPS.
+ long? consumerTabId;
+
+ // Optional tab id of the tab which will be captured. If not specified
+ // then the current active tab will be selected. Only tabs for which the
+ // extension has been granted the activeTab permission can be
+ // used as the target tab.
+ long? targetTabId;
+ };
+
+ callback GetTabMediaCallback =
+ void ([instanceOf=LocalMediaStream] object stream);
+
+ callback GetCapturedTabsCallback = void (CaptureInfo[] result);
+
+ // To assemble MediaConstraints with this |streamId|, source type must be
+ // assigned as 'tab'. For example:
+ //
+ // const constraints = {
+ // mandatory: {
+ // chromeMediaSource: 'tab',
+ // chromeMediaSourceId: streamId
+ // }
+ // };
+ // navigator.getUserMedia({audio: constraints, video: constraints},
+ // successCallback, failCallback);
+ //
+ callback GetMediaStreamIdCallback = void (DOMString streamId);
+
+ interface Functions {
+ // Captures the visible area of the currently active tab. Capture can
+ // only be started on the currently active tab after the extension has been
+ // invoked, similar to the way that
+ // activeTab works.
+ // Capture is maintained across page navigations within
+ // the tab, and stops when the tab is closed, or the media stream is closed
+ // by the extension.
+ //
+ // |options| : Configures the returned media stream.
+ // |callback| : Callback with either the tab capture MediaStream or
+ // null. null indicates an error has occurred
+ // and the client may query $(ref:runtime.lastError) to access the error
+ // details.
+ [doesNotSupportPromises="Custom hook sets lastError crbug.com/1504349"]
+ static void capture(CaptureOptions options,
+ GetTabMediaCallback callback);
+
+ // Returns a list of tabs that have requested capture or are being
+ // captured, i.e. status != stopped and status != error.
+ // This allows extensions to inform the user that there is an existing
+ // tab capture that would prevent a new tab capture from succeeding (or
+ // to prevent redundant requests for the same tab).
+ // |callback| : Callback invoked with CaptureInfo[] for captured tabs.
+ [supportsPromises] static void getCapturedTabs(
+ GetCapturedTabsCallback callback);
+
+ // Creates a stream ID to capture the target tab.
+ // Similar to chrome.tabCapture.capture() method, but returns a media
+ // stream ID, instead of a media stream, to the consumer tab.
+ //
+ // |GetMediaStreamOptions| : Options for the media stream id to retrieve.
+ // |callback| : Callback to invoke with the result. If successful, the
+ // result is an opaque string that can be passed to the
+ // getUserMedia() API to generate a media stream that
+ // corresponds to the target tab. The created streamId can
+ // only be used once and expires after a few seconds if it is not used.
+ [supportsPromises] static void getMediaStreamId(
+ optional GetMediaStreamOptions options,
+ GetMediaStreamIdCallback callback);
+ };
+
+ interface Events {
+ // Event fired when the capture status of a tab changes.
+ // This allows extension authors to keep track of the capture status of
+ // tabs to keep UI elements like page actions in sync.
+ // |info| : CaptureInfo with new capture status for the tab.
+ static void onStatusChanged(CaptureInfo info);
+ };
+
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/users_private.idl b/tools/under-control/src/chrome/common/extensions/api/users_private.idl
new file mode 100755
index 000000000..b165c59f3
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/users_private.idl
@@ -0,0 +1,74 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.usersPrivate API to manage users.
+[platforms=("chromeos"),
+ implemented_in="chrome/browser/ash/extensions/users_private/users_private_api.h"]
+namespace usersPrivate {
+
+ dictionary User {
+ // Email for the user.
+ DOMString email;
+
+ // Display email for the user.
+ DOMString displayEmail;
+
+ // Display name for the user.
+ DOMString name;
+
+ // Whether this user is the device owner.
+ boolean isOwner;
+
+ // Whether this user is Child.
+ boolean isChild;
+ };
+
+ dictionary LoginStatusDict {
+ // True if a user is logged in (including guest, public session, etc).
+ boolean isLoggedIn;
+
+ // True if the screen is locked.
+ boolean isScreenLocked;
+ };
+
+ callback UsersCallback = void (User[] users);
+ callback UserAddedCallback = void (boolean success);
+ callback UserRemovedCallback = void (boolean success);
+ callback ManagedCallback = void (boolean managed);
+ callback UserCallback = void (User user);
+ callback LoginStatusCallback = void (LoginStatusDict status);
+ callback IsUserInListCallback = void (boolean found);
+
+ interface Functions {
+ // Gets a list of known users.
+ [supportsPromises] static void getUsers(UsersCallback callback);
+
+ // Checks to see if the user is already present in the user list.
+ [supportsPromises] static void isUserInList(DOMString email,
+ IsUserInListCallback callback);
+
+ // Adds a new user with the given email to the user list.
+ // The callback is called with true if the user was added succesfully, or
+ // with false if not (e.g. because the user was already present, or the
+ // current user isn't the owner).
+ [supportsPromises] static void addUser(DOMString email,
+ UserAddedCallback callback);
+
+ // Removes the user with the given email from the user list.
+ // The callback is called with true if the user was removed succesfully, or
+ // with false if not (e.g. because the user was not already present, or
+ // the current user isn't the owner).
+ [supportsPromises] static void removeUser(DOMString email,
+ UserRemovedCallback callback);
+
+ // Whether the user list is managed by enterprise.
+ [supportsPromises] static void isUserListManaged(ManagedCallback callback);
+
+ // Returns the current user.
+ [supportsPromises] static void getCurrentUser(UserCallback callback);
+
+ // Get login status.
+ [supportsPromises] static void getLoginStatus(LoginStatusCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/vpn_provider.idl b/tools/under-control/src/chrome/common/extensions/api/vpn_provider.idl
new file mode 100755
index 000000000..980a1545e
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/vpn_provider.idl
@@ -0,0 +1,200 @@
+// Copyright 2014 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.vpnProvider API to implement a VPN
+// client.
+[platforms=("chromeos", "lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/vpn_provider/vpn_provider_api.h"]
+namespace vpnProvider {
+ // A parameters class for the VPN interface.
+ dictionary Parameters {
+ // IP address for the VPN interface in CIDR notation.
+ // IPv4 is currently the only supported mode.
+ DOMString address;
+ // Broadcast address for the VPN interface. (default: deduced
+ // from IP address and mask)
+ DOMString? broadcastAddress;
+ // MTU setting for the VPN interface. (default: 1500 bytes)
+ DOMString? mtu;
+ // Exclude network traffic to the list of IP blocks in CIDR notation from
+ // the tunnel. This can be used to bypass traffic to and from the VPN
+ // server.
+ // When many rules match a destination, the rule with the longest matching
+ // prefix wins.
+ // Entries that correspond to the same CIDR block are treated as duplicates.
+ // Such duplicates in the collated (exclusionList + inclusionList) list are
+ // eliminated and the exact duplicate entry that will be eliminated is
+ // undefined.
+ DOMString[] exclusionList;
+ // Include network traffic to the list of IP blocks in CIDR notation to the
+ // tunnel. This parameter can be used to set up a split tunnel. By default
+ // no traffic is directed to the tunnel. Adding the entry "0.0.0.0/0" to
+ // this list gets all the user traffic redirected to the tunnel.
+ // When many rules match a destination, the rule with the longest matching
+ // prefix wins.
+ // Entries that correspond to the same CIDR block are treated as duplicates.
+ // Such duplicates in the collated (exclusionList + inclusionList) list are
+ // eliminated and the exact duplicate entry that will be eliminated is
+ // undefined.
+ DOMString[] inclusionList;
+ // A list of search domains. (default: no search domain)
+ DOMString[]? domainSearch;
+ // A list of IPs for the DNS servers.
+ DOMString[] dnsServers;
+ // Whether or not the VPN extension implements auto-reconnection.
+ //
+ // If true, the linkDown, linkUp,
+ // linkChanged, suspend, and resume
+ // platform messages will be used to signal the respective events.
+ // If false, the system will forcibly disconnect the VPN if the network
+ // topology changes, and the user will need to reconnect manually.
+ // (default: false)
+ //
+ // This property is new in Chrome 51; it will generate an exception in
+ // earlier versions. try/catch can be used to conditionally enable the
+ // feature based on browser support.
+ DOMString? reconnect;
+ };
+
+ // The enum is used by the platform to notify the client of the VPN session
+ // status.
+ enum PlatformMessage {
+ // Indicates that the VPN configuration connected.
+ connected,
+ // Indicates that the VPN configuration disconnected.
+ disconnected,
+ // Indicates that an error occurred in VPN connection, for example a timeout. A description
+ // of the error is given as the
+ // error argument to onPlatformMessage.
+ error,
+ // Indicates that the default physical network connection is down.
+ linkDown,
+ // Indicates that the default physical network connection is back up.
+ linkUp,
+ // Indicates that the default physical network connection changed, e.g. wifi->mobile.
+ linkChanged,
+ // Indicates that the OS is preparing to suspend, so the VPN should drop its connection.
+ // The extension is not guaranteed to receive this event prior to
+ // suspending.
+ suspend,
+ // Indicates that the OS has resumed and the user has logged back in, so the VPN should
+ // try to reconnect.
+ resume
+ };
+
+ // The enum is used by the VPN client to inform the platform
+ // of its current state. This helps provide meaningful messages
+ // to the user.
+ enum VpnConnectionState {
+ // Specifies that VPN connection was successful.
+ connected,
+ // Specifies that VPN connection has failed.
+ failure
+ };
+
+ // The enum is used by the platform to indicate the event that triggered
+ // onUIEvent.
+ enum UIEvent {
+ // Requests that the VPN client show the add configuration dialog box to
+ // the user.
+ showAddDialog,
+ // Requests that the VPN client show the configuration settings dialog box
+ // to the user.
+ showConfigureDialog
+ };
+
+ // The callback is used by setParameters, sendPacket
+ // to signal completion. The callback is called with
+ // chrome.runtime.lastError set to error code if
+ // there is an error.
+ [inline_doc] callback CallCompleteCallback = void ();
+
+ // The callback is used by createConfig to signal completion.
+ // The callback is called with chrome.runtime.lastError set to
+ // an error code if there is an error.
+ // |id|: A unique ID for the created configuration, or undefined
+ // on failure.
+ [inline_doc] callback CreateConfigCompleteCallback = void (DOMString id);
+
+ interface Functions {
+ // Creates a new VPN configuration that persists across multiple login
+ // sessions of the user.
+ // |name|: The name of the VPN configuration.
+ // |callback|: Called when the configuration is created or if there is an
+ // error.
+ [supportsPromises] static void createConfig(
+ DOMString name,
+ CreateConfigCompleteCallback callback);
+
+ // Destroys a VPN configuration created by the extension.
+ // |id|: ID of the VPN configuration to destroy.
+ // |callback|: Called when the configuration is destroyed or if there is an
+ // error.
+ [supportsPromises] static void destroyConfig(
+ DOMString id,
+ optional CallCompleteCallback callback);
+
+ // Sets the parameters for the VPN session. This should be called
+ // immediately after "connected" is received from the platform.
+ // This will succeed only when the VPN session is owned by the extension.
+ // |parameters|: The parameters for the VPN session.
+ // |callback|: Called when the parameters are set or if there is an error.
+ [supportsPromises] static void setParameters(Parameters parameters,
+ CallCompleteCallback callback);
+
+ // Sends an IP packet through the tunnel created for the VPN session.
+ // This will succeed only when the VPN session is owned by the extension.
+ // |data|: The IP packet to be sent to the platform.
+ // |callback|: Called when the packet is sent or if there is an error.
+ [supportsPromises] static void sendPacket(
+ ArrayBuffer data,
+ optional CallCompleteCallback callback);
+
+ // Notifies the VPN session state to the platform.
+ // This will succeed only when the VPN session is owned by the extension.
+ // |state|: The VPN session state of the VPN client.
+ // |callback|: Called when the notification is complete or if there is an
+ // error.
+ [supportsPromises] static void notifyConnectionStateChanged(
+ VpnConnectionState state,
+ optional CallCompleteCallback callback);
+ };
+
+ interface Events {
+ // Triggered when a message is received from the platform for a
+ // VPN configuration owned by the extension.
+ // |id|: ID of the configuration the message is intended for.
+ // |message|: The message received from the platform. Note that new
+ // message types may be added in future Chrome versions to support new
+ // features.
+ // |error|: Error message when there is an error.
+ static void onPlatformMessage(DOMString id,
+ PlatformMessage message,
+ DOMString error);
+
+ // Triggered when an IP packet is received via the tunnel for the VPN
+ // session owned by the extension.
+ // |data|: The IP packet received from the platform.
+ static void onPacketReceived(ArrayBuffer data);
+
+ // Triggered when a configuration created by the extension is removed by the
+ // platform.
+ // |id|: ID of the removed configuration.
+ static void onConfigRemoved(DOMString id);
+
+ // Triggered when a configuration is created by the platform for the
+ // extension.
+ // |id|: ID of the configuration created.
+ // |name|: Name of the configuration created.
+ // |data|: Configuration data provided by the administrator.
+ static void onConfigCreated(DOMString id, DOMString name, object data);
+
+ // Triggered when there is a UI event for the extension. UI events are
+ // signals from the platform that indicate to the app that a UI dialog
+ // needs to be shown to the user.
+ // |event|: The UI event that is triggered.
+ // |id|: ID of the configuration for which the UI event was triggered.
+ static void onUIEvent(UIEvent event, optional DOMString id);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/web_authentication_proxy.idl b/tools/under-control/src/chrome/common/extensions/api/web_authentication_proxy.idl
new file mode 100755
index 000000000..bff2c6f98
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/web_authentication_proxy.idl
@@ -0,0 +1,196 @@
+// Copyright 2021 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// The chrome.webAuthenticationProxy API lets remote desktop
+// software running on a remote host intercept Web Authentication API
+// (WebAuthn) requests in order to handle them on a local client.
+namespace webAuthenticationProxy {
+ // An object representing a
+ // PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()
+ // call.
+ dictionary IsUvpaaRequest {
+ // An opaque identifier for the request.
+ long requestId;
+ };
+
+ // An object representing a WebAuthn
+ // navigator.credentials.create() call.
+ dictionary CreateRequest {
+ // An opaque identifier for the request.
+ long requestId;
+
+ // The PublicKeyCredentialCreationOptions passed to
+ // navigator.credentials.create(), serialized as a JSON
+ // string. The serialization format is compatible with
+ // PublicKeyCredential.parseCreationOptionsFromJSON().
+ DOMString requestDetailsJson;
+ };
+
+ // An object representing a WebAuthn navigator.credentials.get()
+ // call.
+ dictionary GetRequest {
+ // An opaque identifier for the request.
+ long requestId;
+
+ // The PublicKeyCredentialRequestOptions passed to
+ // navigator.credentials.get(), serialized as a JSON string.
+ // The serialization format is compatible with
+ // PublicKeyCredential.parseRequestOptionsFromJSON().
+ DOMString requestDetailsJson;
+ };
+
+ // This interface defines Events that fire when any website makes a WebAuthn
+ // request. Regular processing of WebAuthn requests in the local Chrome
+ // instance is disabled when these events are subscribed to.
+ interface Events {
+ // A native application associated with this extension can cause this
+ // event to be fired by writing to a file with a name equal to the
+ // extension's ID in a directory named
+ // WebAuthenticationProxyRemoteSessionStateChange inside the
+ // default
+ // user data directory
+ //
+ // The contents of the file should be empty. I.e., it is not necessary to
+ // change the contents of the file in order to trigger this event.
+ //
+ // The native host application may use this event mechanism to signal a
+ // possible remote session state change (i.e. from detached to attached, or
+ // vice versa) while the extension service worker is possibly suspended. In
+ // the handler for this event, the extension can call the
+ // attach() or detach() API methods accordingly.
+ //
+ // The event listener must be registered synchronously at load time.
+ static void onRemoteSessionStateChange();
+
+ // Fires when a WebAuthn navigator.credentials.create() call
+ // occurs. The extension must supply a response by calling
+ // completeCreateRequest() with the requestId from
+ // requestInfo.
+ static void onCreateRequest(CreateRequest requestInfo);
+
+ // Fires when a WebAuthn navigator.credentials.get() call occurs. The
+ // extension must supply a response by calling
+ // completeGetRequest() with the requestId from
+ // requestInfo
+ static void onGetRequest(GetRequest requestInfo);
+
+ // Fires when a
+ // PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable()
+ // call occurs. The extension must supply a response by calling
+ // completeIsUvpaaRequest() with the requestId
+ // from requestInfo
+ static void onIsUvpaaRequest(IsUvpaaRequest requestInfo);
+
+ // Fires when a onCreateRequest or onGetRequest
+ // event is canceled (because the WebAuthn request was aborted by the
+ // caller, or because it timed out). When receiving this event, the
+ // extension should cancel processing of the corresponding request on the
+ // client side. Extensions cannot complete a request once it has been
+ // canceled.
+ static void onRequestCanceled(long requestId);
+ };
+
+ callback ErrorCallback = void(optional DOMString error);
+ callback VoidCallback = void();
+
+ dictionary DOMExceptionDetails {
+ DOMString name;
+ DOMString message;
+ };
+
+ dictionary CreateResponseDetails {
+ // The requestId of the CreateRequest.
+ long requestId;
+
+ // The DOMException yielded by the remote request, if any.
+ DOMExceptionDetails? error;
+
+ // The PublicKeyCredential, yielded by the remote request, if
+ // any, serialized as a JSON string by calling
+ // href="https://w3c.github.io/webauthn/#dom-publickeycredential-tojson">
+ // PublicKeyCredential.toJSON().
+ DOMString? responseJson;
+ };
+
+ dictionary GetResponseDetails {
+ // The requestId of the CreateRequest.
+ long requestId;
+
+ // The DOMException yielded by the remote request, if any.
+ DOMExceptionDetails? error;
+
+ // The PublicKeyCredential, yielded by the remote request, if
+ // any, serialized as a JSON string by calling
+ // href="https://w3c.github.io/webauthn/#dom-publickeycredential-tojson">
+ // PublicKeyCredential.toJSON().
+ DOMString? responseJson;
+ };
+
+ dictionary IsUvpaaResponseDetails {
+ long requestId;
+ boolean isUvpaa;
+ };
+
+ interface Functions {
+ // Reports the result of a navigator.credentials.create()
+ // call. The extension must call this for every
+ // onCreateRequest event it has received, unless the request
+ // was canceled (in which case, an onRequestCanceled event is
+ // fired).
+ [supportsPromises] static void completeCreateRequest(
+ CreateResponseDetails details,
+ VoidCallback callback);
+
+ // Reports the result of a navigator.credentials.get() call.
+ // The extension must call this for every onGetRequest event
+ // it has received, unless the request was canceled (in which case, an
+ // onRequestCanceled event is fired).
+ [supportsPromises] static void completeGetRequest(
+ GetResponseDetails details,
+ VoidCallback callback);
+
+ // Reports the result of a
+ // PublicKeyCredential.isUserVerifyingPlatformAuthenticator()
+ // call. The extension must call this for every
+ // onIsUvpaaRequest event it has received.
+ [supportsPromises] static void completeIsUvpaaRequest(
+ IsUvpaaResponseDetails details,
+ VoidCallback callback);
+
+ // Makes this extension the active Web Authentication API request proxy.
+ //
+ // Remote desktop extensions typically call this method after detecting
+ // attachment of a remote session to this host. Once this method returns
+ // without error, regular processing of WebAuthn requests is suspended, and
+ // events from this extension API are raised.
+ //
+ // This method fails with an error if a different extension is already
+ // attached.
+ //
+ // The attached extension must call detach() once the remote
+ // desktop session has ended in order to resume regular WebAuthn request
+ // processing. Extensions automatically become detached if they are
+ // unloaded.
+ //
+ // Refer to the onRemoteSessionStateChange event for signaling
+ // a change of remote session attachment from a native application to to
+ // the (possibly suspended) extension.
+ [supportsPromises] static void attach(ErrorCallback callback);
+
+ // Removes this extension from being the active Web Authentication API
+ // request proxy.
+ //
+ // This method is typically called when the extension detects that a remote
+ // desktop session was terminated. Once this method returns, the extension
+ // ceases to be the active Web Authentication API request proxy.
+ //
+ // Refer to the onRemoteSessionStateChange event for signaling
+ // a change of remote session attachment from a native application to to
+ // the (possibly suspended) extension.
+ [supportsPromises] static void detach(ErrorCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/webrtc_audio_private.idl b/tools/under-control/src/chrome/common/extensions/api/webrtc_audio_private.idl
new file mode 100755
index 000000000..89c05b750
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/webrtc_audio_private.idl
@@ -0,0 +1,63 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// The chrome.webrtcAudioPrivate API allows enumeration
+// of audio output (sink) devices.
+//
+// Note that device IDs as used in this API are opaque (i.e. they are
+// not the hardware identifier of the device) and while they are
+// unique and persistent across sessions, they are valid only to the
+// extension calling this API (i.e. they cannot be shared between
+// extensions).
+//
+// See http://goo.gl/8rOmgk for further documentation of this API.
+
+namespace webrtcAudioPrivate {
+
+ dictionary SinkInfo {
+ // The opaque identifier of the audio sink device, which is unique
+ // and static for the extension calling the API but invalid for
+ // others.
+ DOMString sinkId;
+ // The user-friendly name (e.g. "Bose Amplifier").
+ DOMString sinkLabel;
+ // Current sample rate of the device, in Hz. Useful e.g. to know
+ // if the remote side should be asked to send a lower sampling
+ // rate.
+ long sampleRate;
+ // True if the device is ready to play out audio. E.g. if it is a
+ // device that takes an audio jack, whether a jack is plugged in.
+ //
+ // TODO(joi): Do unplugged devices even get included in enumeration?
+ boolean isReady;
+ // True if this device is the default audio sink device on the
+ // machine.
+ boolean isDefault;
+ };
+
+ callback GetSinksCallback = void(SinkInfo[] sinkInfo);
+ callback SinkIdCallback = void(DOMString sinkId);
+
+ interface Functions {
+ // Retrieves a list of available audio sink devices.
+ [supportsPromises] static void getSinks(GetSinksCallback callback);
+
+ // Given a security origin and an input device ID valid for that
+ // security origin, retrieve an audio sink ID valid for the
+ // extension, or the empty string if there is no associated audio
+ // sink.
+ //
+ // The associated sink ID can be used as a sink ID for
+ // setActiveSink. It is valid irrespective of which process you are
+ // setting the active sink for.
+ [supportsPromises] static void getAssociatedSink(DOMString securityOrigin,
+ DOMString sourceIdInOrigin,
+ SinkIdCallback callback);
+ };
+
+ interface Events {
+ // Fired when audio sink devices are added or removed.
+ static void onSinksChanged();
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/webrtc_desktop_capture_private.idl b/tools/under-control/src/chrome/common/extensions/api/webrtc_desktop_capture_private.idl
new file mode 100755
index 000000000..a7463aa60
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/webrtc_desktop_capture_private.idl
@@ -0,0 +1,34 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.webrtcDesktopCapturePrivate API to capture
+// desktop media requested from a WebView.
+namespace webrtcDesktopCapturePrivate {
+ dictionary RequestInfo {
+ // The guest process id for the requester.
+ long guestProcessId;
+
+ // The webview render frame id for the requester.
+ long guestRenderFrameId;
+ };
+
+ enum DesktopCaptureSourceType {
+ screen,
+ window,
+ tab
+ };
+
+ callback chooseDesktopMediaCallback = void (DOMString streamId);
+
+ interface Functions {
+ // Shows desktop media picker UI with the specified set of sources.
+ [doesNotSupportPromises="Synchronous return and callback crbug.com/1143032"]
+ static long chooseDesktopMedia(DesktopCaptureSourceType[] sources,
+ RequestInfo request,
+ chooseDesktopMediaCallback callback);
+
+ // Hides desktop media picker dialog shown by chooseDesktopMedia().
+ static void cancelChooseDesktopMedia(long desktopMediaRequestId);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/webrtc_logging_private.idl b/tools/under-control/src/chrome/common/extensions/api/webrtc_logging_private.idl
new file mode 100755
index 000000000..fca8e3ddd
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/webrtc_logging_private.idl
@@ -0,0 +1,186 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Use the chrome.webrtcLoggingPrivate API to control diagnostic
+// WebRTC logging.
+namespace webrtcLoggingPrivate {
+ dictionary MetaDataEntry {
+ // The meta data entry key.
+ DOMString key;
+
+ // The meta data entry value.
+ DOMString value;
+ };
+
+ dictionary UploadResult {
+ // The report ID for the uploaded log. Will be empty if not successful.
+ DOMString reportId;
+ };
+
+ dictionary RequestInfo {
+ // The tab identifier from the chrome.tabs API, if the request is from a
+ // tab.
+ long? tabId;
+
+ // The guest process id for the requester, if the request is from a
+ // webview.
+ long? guestProcessId;
+
+ // Use the render process of the webview in the current page. This allows an
+ // app to make a request for a webview it contains. If there are more or
+ // less than 1 webview, this will fail with a runtime error.
+ boolean? targetWebview;
+ };
+
+ // This contains information about the result of audio debug recordings.
+ dictionary RecordingInfo {
+ // Absolute path prefix for the files with the audio debug recordings.
+ DOMString prefixPath;
+
+ // Indicates if recording was stopped (either by a timed callback after the
+ // time limit has elapsed, or by a manual call).
+ boolean didStop;
+
+ // Indicates if recording was stopped manually through a
+ // stopAudioDebugRecordings() call.
+ boolean didManualStop;
+ };
+
+ dictionary StartEventLoggingResult {
+ // The log ID. Non-empty if and only if StartEventLogging() was successful.
+ DOMString logId;
+ };
+
+ callback GenericDoneCallback = void ();
+ callback RecordingDoneCallback = void (RecordingInfo info);
+ callback UploadDoneCallback = void (UploadResult result);
+ callback GetLogsDirectoryCallback = void ([instanceOf = DirectoryEntry] object entry);
+ callback StartEventLoggingCallback = void (StartEventLoggingResult result);
+
+ interface Functions {
+ // For all functions, |request| determines which render process to apply
+ // the operation on. |request| identifies the requesting process.
+ // |securityOrigin| is the security origin for the tab identified by |tabId|
+ // and is used for verifying that the tab is the correct one and has not
+ // been navigated away from.
+
+ // Sets additional custom meta data that will be uploaded along with the
+ // log. |metaData| is a dictionary of the metadata (key, value).
+ static void setMetaData(RequestInfo request,
+ DOMString securityOrigin,
+ MetaDataEntry[] metaData,
+ GenericDoneCallback callback);
+
+ // Starts logging. If logging has already been started for this render
+ // process, the call will be ignored. |appSessionId| is the unique session
+ // ID which will be added to the log.
+ static void start(RequestInfo request,
+ DOMString securityOrigin,
+ GenericDoneCallback callback);
+
+ // Sets whether the log should be uploaded automatically for the case when
+ // the render process goes away (tab is closed or crashes) and stop has not
+ // been called before that. If |shouldUpload| is true it will be uploaded,
+ // otherwise it will be discarded. The default setting is to discard it.
+ static void setUploadOnRenderClose(RequestInfo request,
+ DOMString securityOrigin,
+ boolean shouldUpload);
+
+ // Stops logging. After stop has finished, either upload() or discard()
+ // should be called, otherwise the log will be kept in memory until the
+ // render process is closed or logging restarted.
+ static void stop(RequestInfo request,
+ DOMString securityOrigin,
+ GenericDoneCallback callback);
+
+ // Stores the current log without uploading. The log may stay around for
+ // as much as 5 days. The application has the option of supplying an id
+ // for uniquely identifying the log for later upload via a call to
+ // uploadStored().
+ static void store(RequestInfo request,
+ DOMString securityOrigin,
+ DOMString logId,
+ GenericDoneCallback callback);
+
+ // Uploads a previously kept log that was stored via a call to store().
+ // The caller needs to know the logId as was originally provided in the
+ // call to store().
+ static void uploadStored(RequestInfo request,
+ DOMString securityOrigin,
+ DOMString logId,
+ UploadDoneCallback callback);
+
+ // Uploads the log and the RTP dumps, if they exist. Logging and RTP dumping
+ // must be stopped before this function is called.
+ static void upload(RequestInfo request,
+ DOMString securityOrigin,
+ UploadDoneCallback callback);
+
+ // Discards the log. Logging must be stopped before this function is called.
+ static void discard(RequestInfo request,
+ DOMString securityOrigin,
+ GenericDoneCallback callback);
+
+ // Starts RTP dumping. If it has already been started for this render
+ // process, the call will be ignored.
+ static void startRtpDump(RequestInfo request,
+ DOMString securityOrigin,
+ boolean incoming,
+ boolean outgoing,
+ GenericDoneCallback callback);
+
+ // Stops RTP dumping. After stop has finished, the dumps will be
+ // uploaded with the log if upload is called. Otherwise, the dumps will be
+ // discarded.
+ static void stopRtpDump(RequestInfo request,
+ DOMString securityOrigin,
+ boolean incoming,
+ boolean outgoing,
+ GenericDoneCallback callback);
+
+ // Starts audio debug recordings.
+ // |seconds| indicates how many seconds of audio to record. |callback|
+ // is invoked once recording stops.
+ // If |seconds| is zero, recording will continue until
+ // stopAudioDebugRecordings() is explicitly called. In this case,
+ // |callback| is invoked once recording starts and will report
+ // that recording has not stopped.
+ // If |seconds| is negative, startAudioDebugRecordings() fails.
+ static void startAudioDebugRecordings(RequestInfo request,
+ DOMString securityOrigin,
+ long seconds,
+ RecordingDoneCallback callback);
+
+ // Stops audio debug recordings. |callback| is invoked once recording
+ // stops. If there is no recording in progress, stopAudioDebugRecordings()
+ // fails.
+ static void stopAudioDebugRecordings(RequestInfo request,
+ DOMString securityOrigin,
+ RecordingDoneCallback callback);
+
+ // Start remote-bound event logging for a specific peer connection,
+ // indicated by its session description's ID.
+ // If successful, the callback will carry the ID of the log.
+ // * |webAppId| must be a number between 1 and 99 (inclusive), which will be
+ // incorporated into the uploaded log, so as to help distinugish logs
+ // captured by different web-apps.
+ // * |outputPeriodMs| refers to the time between emissions of logs.
+ // Only non-negative values are allowed. If set to zero, logs will be
+ // produced as soon as an event occurs. If positive, events will be
+ // batched together and emitted approximately every |outputPeriodMs| ms.
+ static void startEventLogging(RequestInfo request,
+ DOMString securityOrigin,
+ DOMString sessionId,
+ long maxLogSizeBytes,
+ long outputPeriodMs,
+ long webAppId,
+ StartEventLoggingCallback callback);
+
+ // Returns the directory entry for the "WebRTC Logs" directory. If the
+ // directory doesn't exist yet, this will create it. If the directory
+ // cannot be created, this call will fail with a runtime error.
+ [doesNotSupportPromises="Custom hook sets lastError crbug.com/1504349"]
+ static void getLogsDirectory(GetLogsDirectoryCallback callback);
+ };
+};
diff --git a/tools/under-control/src/chrome/common/extensions/api/wm_desks_private.idl b/tools/under-control/src/chrome/common/extensions/api/wm_desks_private.idl
new file mode 100755
index 000000000..94a8314b4
--- /dev/null
+++ b/tools/under-control/src/chrome/common/extensions/api/wm_desks_private.idl
@@ -0,0 +1,143 @@
+// Copyright 2021 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Private API for trusted extensions/apps to do desk related operations.
+[platforms=("chromeos","lacros"),
+ implemented_in="chrome/browser/chromeos/extensions/wm/wm_desks_private_api.h"]
+namespace wmDesksPrivate {
+ enum SavedDeskType {
+ // Desk saved for regular desk template.
+ kTemplate,
+
+ // Desk saved for Save & Recall.
+ kSaveAndRecall,
+
+ // Unknown desk type.
+ kUnknown
+ };
+
+ dictionary RemoveDeskOptions {
+ // Define whether close all windows on the desk and combine them to the
+ // active desk to the left.
+ boolean combineDesks;
+
+ // Define whether removed desk is retrievable.
+ boolean? allowUndo;
+ };
+
+ dictionary Desk {
+ // Unique ID for a desk.
+ DOMString deskUuid;
+
+ // User readable name of the desk.
+ DOMString deskName;
+ };
+
+ dictionary SavedDesk {
+ // Unique ID for a saved desk.
+ DOMString savedDeskUuid;
+
+ // User readable name of the saved desk.
+ DOMString savedDeskName;
+
+ // Saved desk type.
+ SavedDeskType savedDeskType;
+ };
+
+ // Launch desk options
+ dictionary LaunchOptions {
+ // User readable name of the desk.
+ DOMString? deskName;
+ };
+
+ // Window properties
+ dictionary WindowProperties {
+ // If window show up on all desks.
+ boolean allDesks;
+ };
+
+ callback DeskIdCallback = void (DOMString deskId);
+ callback VoidCallback = void ();
+ callback GetDeskTemplateJsonCallback = void (DOMString templateJson);
+ callback GetAllDesksCallback = void (Desk[] desks);
+ callback GetSavedDesksCallback = void (SavedDesk[] saveDesks);
+ callback SaveActiveDeskCallback = void (SavedDesk desk);
+ callback GetDeskByIDCallback = void (Desk desk);
+
+ interface Functions {
+ // Returns all available previously-saved desks.
+ [supportsPromises] static void getSavedDesks(
+ GetSavedDesksCallback callback);
+
+ // Launches a desk, if `templateUuid` is present in the options, launches a
+ // desk template, otherwise launches an empty desk. If `deskName` is present
+ // in the options, using provided name as desk name, otherwise launches with
+ // auto generated name.
+ [supportsPromises] static void launchDesk(LaunchOptions launchOptions,
+ DeskIdCallback callback);
+
+ // Gets the template associated with the templateUuid and returns its JSON
+ // representation. Returns an error if either the template could not be
+ // found or the user profile is not valid.
+ [supportsPromises] static void getDeskTemplateJson(
+ DOMString templateUuid,
+ GetDeskTemplateJsonCallback callback);
+
+ // Removes a desk as specified in `deskId`. If `combineDesks` of
+ // `RemoveDeskOptions` is present or set to true, remove the desk and
+ // combine windows to the active desk to the left. If `allowUndo` is
+ // present or set to true, prompt the user with a notification allowing for
+ // the desk to be retrieved. Otherwise close all windows on the desk.
+ [supportsPromises] static void removeDesk(
+ DOMString deskId,
+ optional RemoveDeskOptions removeDeskOptions,
+ optional VoidCallback callback);
+
+ // Returns all available desks.
+ [supportsPromises] static void getAllDesks(GetAllDesksCallback callback);
+
+ // Sets the window properties for window identified by the `windowId`.
+ [supportsPromises] static void setWindowProperties(
+ long windowId,
+ WindowProperties windowProperties,
+ optional VoidCallback callback);
+
+ // Saves the current active desk to the library and remove it from the desk
+ // bar.
+ [supportsPromises] static void saveActiveDesk(
+ SaveActiveDeskCallback callback);
+
+ // Deletes the saved desk from the library.
+ [supportsPromises] static void deleteSavedDesk(
+ DOMString savedDeskUuid,
+ optional VoidCallback callback);
+
+ // Launches a saved desk from the library back to active desk.
+ [supportsPromises] static void recallSavedDesk(DOMString savedDeskUuid,
+ DeskIdCallback callback);
+
+ // Retrieves the UUID of the current active desk.
+ [supportsPromises] static void getActiveDesk(DeskIdCallback callback);
+
+ // Switches to the target desk.
+ [supportsPromises] static void switchDesk(
+ DOMString deskUuid, VoidCallback callback);
+
+ // Retrieves desk by the desk UUID.
+ [supportsPromises] static void getDeskByID(
+ DOMString deskUuid, GetDeskByIDCallback callback);
+ };
+
+ interface Events {
+ // Fires when new desks is added.
+ static void OnDeskAdded(DOMString deskId, boolean fromUndo);
+
+ // Fires when desk removal is finalized.
+ static void OnDeskRemoved(DOMString deskId);
+
+ // Fires when desk activation changed.
+ static void OnDeskSwitched(DOMString activated, DOMString deactivated);
+ };
+
+};
diff --git a/tools/under-control/src/chrome/renderer/chrome_content_renderer_client.cc b/tools/under-control/src/chrome/renderer/chrome_content_renderer_client.cc
new file mode 100755
index 000000000..1521706e2
--- /dev/null
+++ b/tools/under-control/src/chrome/renderer/chrome_content_renderer_client.cc
@@ -0,0 +1,1847 @@
+// Copyright 2012 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/renderer/chrome_content_renderer_client.h"
+
+#include
+#include
+#include
+#include
+
+#include "base/check_op.h"
+#include "base/command_line.h"
+#include "base/debug/crash_logging.h"
+#include "base/functional/bind.h"
+#include "base/metrics/histogram_functions.h"
+#include "base/metrics/histogram_macros.h"
+#include "base/metrics/user_metrics_action.h"
+#include "base/no_destructor.h"
+#include "base/notreached.h"
+#include "base/process/current_process.h"
+#include "base/strings/string_number_conversions.h"
+#include "base/strings/string_util.h"
+#include "base/strings/utf_string_conversions.h"
+#include "base/task/single_thread_task_runner.h"
+#include "base/time/time.h"
+#include "base/values.h"
+#include "build/build_config.h"
+#include "build/chromeos_buildflags.h"
+#include "chrome/common/buildflags.h"
+#include "chrome/common/channel_info.h"
+#include "chrome/common/chrome_content_client.h"
+#include "chrome/common/chrome_features.h"
+#include "chrome/common/chrome_isolated_world_ids.h"
+#include "chrome/common/chrome_paths.h"
+#include "chrome/common/chrome_switches.h"
+#include "chrome/common/crash_keys.h"
+#include "chrome/common/pdf_util.h"
+#include "chrome/common/pepper_permission_util.h"
+#include "chrome/common/ppapi_utils.h"
+#include "chrome/common/privacy_budget/privacy_budget_settings_provider.h"
+#include "chrome/common/profiler/thread_profiler.h"
+#include "chrome/common/profiler/unwind_util.h"
+#include "chrome/common/secure_origin_allowlist.h"
+#include "chrome/common/url_constants.h"
+#include "chrome/common/webui_url_constants.h"
+#include "chrome/grit/branded_strings.h"
+#include "chrome/grit/generated_resources.h"
+#include "chrome/grit/renderer_resources.h"
+#include "chrome/renderer/benchmarking_extension.h"
+#include "chrome/renderer/browser_exposed_renderer_interfaces.h"
+#include "chrome/renderer/cart/commerce_hint_agent.h"
+#include "chrome/renderer/chrome_content_settings_agent_delegate.h"
+#include "chrome/renderer/chrome_render_frame_observer.h"
+#include "chrome/renderer/chrome_render_thread_observer.h"
+#include "chrome/renderer/controlled_frame/controlled_frame_extensions_renderer_api_provider.h"
+#include "chrome/renderer/google_accounts_private_api_extension.h"
+#include "chrome/renderer/loadtimes_extension_bindings.h"
+#include "chrome/renderer/media/flash_embed_rewrite.h"
+#include "chrome/renderer/media/webrtc_logging_agent_impl.h"
+#include "chrome/renderer/net/net_error_helper.h"
+#include "chrome/renderer/net_benchmarking_extension.h"
+#include "chrome/renderer/plugins/non_loadable_plugin_placeholder.h"
+#include "chrome/renderer/plugins/pdf_plugin_placeholder.h"
+#include "chrome/renderer/plugins/plugin_uma.h"
+#include "chrome/renderer/trusted_vault_encryption_keys_extension.h"
+#include "chrome/renderer/url_loader_throttle_provider_impl.h"
+#include "chrome/renderer/v8_unwinder.h"
+#include "chrome/renderer/websocket_handshake_throttle_provider_impl.h"
+#include "chrome/renderer/worker_content_settings_client.h"
+#include "chrome/services/speech/buildflags/buildflags.h"
+#include "components/autofill/content/renderer/autofill_agent.h"
+#include "components/autofill/content/renderer/password_autofill_agent.h"
+#include "components/autofill/content/renderer/password_generation_agent.h"
+#include "components/autofill/core/common/autofill_features.h"
+#include "components/commerce/content/renderer/commerce_web_extractor.h"
+#include "components/commerce/core/commerce_feature_list.h"
+#include "components/content_capture/common/content_capture_features.h"
+#include "components/content_capture/renderer/content_capture_sender.h"
+#include "components/content_settings/core/common/content_settings_pattern.h"
+#include "components/continuous_search/renderer/search_result_extractor_impl.h"
+#include "components/dom_distiller/content/renderer/distillability_agent.h"
+#include "components/dom_distiller/content/renderer/distiller_js_render_frame_observer.h"
+#include "components/dom_distiller/core/dom_distiller_features.h"
+#include "components/dom_distiller/core/dom_distiller_switches.h"
+#include "components/dom_distiller/core/url_constants.h"
+#include "components/error_page/common/error.h"
+#include "components/error_page/common/localized_error.h"
+#include "components/feed/buildflags.h"
+#include "components/grit/components_scaled_resources.h"
+#include "components/heap_profiling/in_process/heap_profiler_controller.h"
+#include "components/history_clusters/core/config.h"
+#include "components/metrics/call_stacks/call_stack_profile_builder.h"
+#include "components/network_hints/renderer/web_prescient_networking_impl.h"
+#include "components/no_state_prefetch/renderer/no_state_prefetch_client.h"
+#include "components/no_state_prefetch/renderer/no_state_prefetch_helper.h"
+#include "components/no_state_prefetch/renderer/no_state_prefetch_utils.h"
+#include "components/no_state_prefetch/renderer/prerender_render_frame_observer.h"
+#include "components/optimization_guide/core/optimization_guide_features.h"
+#include "components/page_load_metrics/renderer/metrics_render_frame_observer.h"
+#include "components/paint_preview/buildflags/buildflags.h"
+#include "components/password_manager/core/common/password_manager_features.h"
+#include "components/permissions/features.h"
+#include "components/safe_browsing/buildflags.h"
+#include "components/safe_browsing/content/renderer/threat_dom_details.h"
+#include "components/spellcheck/spellcheck_buildflags.h"
+#include "components/subresource_filter/content/renderer/subresource_filter_agent.h"
+#include "components/subresource_filter/content/renderer/unverified_ruleset_dealer.h"
+#include "components/subresource_filter/core/common/common_features.h"
+#include "components/supervised_user/core/common/buildflags.h"
+#include "components/variations/net/variations_http_headers.h"
+#include "components/variations/variations_switches.h"
+#include "components/version_info/version_info.h"
+#include "components/visitedlink/renderer/visitedlink_reader.h"
+#include "components/web_cache/renderer/web_cache_impl.h"
+#include "components/webapps/renderer/web_page_metadata_agent.h"
+#include "content/public/common/content_constants.h"
+#include "content/public/common/content_switches.h"
+#include "content/public/common/page_visibility_state.h"
+#include "content/public/common/url_constants.h"
+#include "content/public/common/webplugininfo.h"
+#include "content/public/renderer/render_frame.h"
+#include "content/public/renderer/render_frame_visitor.h"
+#include "extensions/buildflags/buildflags.h"
+#include "extensions/renderer/extensions_renderer_api_provider.h"
+#include "extensions/renderer/worker_script_context_set.h"
+#include "ipc/ipc_sync_channel.h"
+#include "media/base/media_switches.h"
+#include "media/media_buildflags.h"
+#include "mojo/public/cpp/bindings/generic_pending_receiver.h"
+#include "mojo/public/cpp/bindings/remote.h"
+#include "net/base/net_errors.h"
+#include "pdf/buildflags.h"
+#include "ppapi/buildflags/buildflags.h"
+#include "printing/buildflags/buildflags.h"
+#include "services/network/public/cpp/is_potentially_trustworthy.h"
+#include "services/service_manager/public/cpp/interface_provider.h"
+#include "services/tracing/public/cpp/stack_sampling/tracing_sampler_profiler.h"
+#include "third_party/blink/public/common/associated_interfaces/associated_interface_provider.h"
+#include "third_party/blink/public/common/features.h"
+#include "third_party/blink/public/common/privacy_budget/identifiability_study_settings.h"
+#include "third_party/blink/public/mojom/fetch/fetch_api_request.mojom-shared.h"
+#include "third_party/blink/public/mojom/page/page_visibility_state.mojom.h"
+#include "third_party/blink/public/platform/platform.h"
+#include "third_party/blink/public/platform/scheduler/web_renderer_process_type.h"
+#include "third_party/blink/public/platform/url_conversion.h"
+#include "third_party/blink/public/platform/web_cache.h"
+#include "third_party/blink/public/platform/web_content_security_policy_struct.h"
+#include "third_party/blink/public/platform/web_runtime_features.h"
+#include "third_party/blink/public/platform/web_security_origin.h"
+#include "third_party/blink/public/platform/web_string.h"
+#include "third_party/blink/public/platform/web_url.h"
+#include "third_party/blink/public/platform/web_url_error.h"
+#include "third_party/blink/public/platform/web_url_request.h"
+#include "third_party/blink/public/platform/web_url_response.h"
+#include "third_party/blink/public/web/web_document.h"
+#include "third_party/blink/public/web/web_element.h"
+#include "third_party/blink/public/web/web_heap.h"
+#include "third_party/blink/public/web/web_local_frame.h"
+#include "third_party/blink/public/web/web_origin_trials.h"
+#include "third_party/blink/public/web/web_plugin.h"
+#include "third_party/blink/public/web/web_plugin_container.h"
+#include "third_party/blink/public/web/web_plugin_params.h"
+#include "third_party/blink/public/web/web_script_controller.h"
+#include "third_party/blink/public/web/web_security_policy.h"
+#include "third_party/blink/public/web/web_view.h"
+#include "ui/base/l10n/l10n_util.h"
+#include "ui/base/resource/resource_bundle.h"
+#include "ui/base/webui/jstemplate_builder.h"
+#include "url/origin.h"
+#include "v8/include/v8-isolate.h"
+
+#if BUILDFLAG(IS_ANDROID)
+#include "chrome/renderer/sandbox_status_extension_android.h"
+#include "chrome/renderer/wallet/boarding_pass_extractor.h"
+#include "components/facilitated_payments/content/renderer/facilitated_payments_agent.h"
+#include "components/facilitated_payments/core/features/features.h"
+#else
+#include "chrome/renderer/searchbox/searchbox.h"
+#include "chrome/renderer/searchbox/searchbox_extension.h"
+#include "components/search/ntp_features.h" // nogncheck
+#endif
+
+#if BUILDFLAG(ENABLE_SPEECH_SERVICE)
+#include "chrome/renderer/media/chrome_speech_recognition_client.h"
+#endif // BUILDFLAG(ENABLE_SPEECH_SERVICE)
+
+#if BUILDFLAG(IS_WIN)
+#include "chrome/renderer/render_frame_font_family_accessor.h"
+#endif
+
+#if BUILDFLAG(ENABLE_FEED_V2)
+#include "components/feed/content/renderer/rss_link_reader.h"
+#include "components/feed/feed_feature_list.h"
+#endif
+
+#if BUILDFLAG(ENABLE_NACL)
+#include "components/nacl/common/nacl_constants.h"
+#include "components/nacl/renderer/nacl_helper.h"
+#endif
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+#include "chrome/common/controlled_frame/controlled_frame.h"
+#include "chrome/common/initialize_extensions_client.h"
+#include "chrome/renderer/extensions/chrome_extensions_renderer_client.h"
+#include "extensions/common/constants.h"
+#include "extensions/common/context_data.h"
+#include "extensions/common/extension_urls.h"
+#include "extensions/common/manifest_handlers/csp_info.h"
+#include "extensions/common/manifest_handlers/web_accessible_resources_info.h"
+#include "extensions/common/switches.h"
+#include "extensions/renderer/dispatcher.h"
+#include "extensions/renderer/guest_view/mime_handler_view/mime_handler_view_container_manager.h"
+#include "extensions/renderer/renderer_extension_registry.h"
+#include "third_party/blink/public/mojom/css/preferred_color_scheme.mojom.h"
+#include "third_party/blink/public/web/web_settings.h"
+#endif
+
+#if BUILDFLAG(ENABLE_PDF)
+#include "chrome/renderer/pdf/chrome_pdf_internal_plugin_delegate.h"
+#include "components/pdf/common/internal_plugin_helpers.h"
+#include "components/pdf/renderer/internal_plugin_renderer_helpers.h"
+#endif // BUILDFLAG(ENABLE_PDF)
+
+#if BUILDFLAG(ENABLE_PLUGINS)
+#include "chrome/renderer/plugins/chrome_plugin_placeholder.h"
+#endif // BUILDFLAG(ENABLE_PLUGINS)
+
+#if BUILDFLAG(ENABLE_PPAPI)
+#include "chrome/renderer/pepper/pepper_helper.h"
+#include "ppapi/shared_impl/ppapi_switches.h" // nogncheck crbug.com/1125897
+#endif
+
+#if BUILDFLAG(ENABLE_PRINTING)
+#include "chrome/renderer/printing/chrome_print_render_frame_helper_delegate.h"
+#include "components/printing/renderer/print_render_frame_helper.h" // nogncheck
+#include "printing/metafile_agent.h" // nogncheck
+#endif
+
+#if BUILDFLAG(ENABLE_PAINT_PREVIEW)
+#include "components/paint_preview/renderer/paint_preview_recorder_impl.h" // nogncheck
+#endif
+
+#if BUILDFLAG(ENABLE_SPELLCHECK)
+#include "components/spellcheck/renderer/spellcheck.h"
+#include "components/spellcheck/renderer/spellcheck_provider.h"
+
+#if BUILDFLAG(HAS_SPELLCHECK_PANEL)
+#include "components/spellcheck/renderer/spellcheck_panel.h"
+#endif // BUILDFLAG(HAS_SPELLCHECK_PANEL)
+#endif // BUILDFLAG(ENABLE_SPELLCHECK)
+
+#if BUILDFLAG(ENABLE_SUPERVISED_USERS)
+#include "chrome/renderer/supervised_user/supervised_user_error_page_controller_delegate_impl.h"
+#endif
+
+#if BUILDFLAG(ENABLE_LIBRARY_CDMS) || BUILDFLAG(IS_WIN) || BUILDFLAG(IS_ANDROID)
+#include "chrome/renderer/media/chrome_key_systems.h"
+#endif
+
+#if !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_CHROMEOS)
+#include "chrome/renderer/cco/multiline_detector.h"
+#endif
+
+using autofill::AutofillAgent;
+using autofill::PasswordAutofillAgent;
+using autofill::PasswordGenerationAgent;
+using base::ASCIIToUTF16;
+using base::UserMetricsAction;
+using blink::WebCache;
+using blink::WebConsoleMessage;
+using blink::WebDocument;
+using blink::WebFrame;
+using blink::WebLocalFrame;
+using blink::WebPlugin;
+using blink::WebPluginParams;
+using blink::WebSecurityOrigin;
+using blink::WebSecurityPolicy;
+using blink::WebString;
+using blink::WebURL;
+using blink::WebURLError;
+using blink::WebURLRequest;
+using blink::WebURLResponse;
+using blink::WebVector;
+using blink::mojom::FetchCacheMode;
+using content::RenderFrame;
+using content::RenderThread;
+using content::WebPluginInfo;
+using content::WebPluginMimeType;
+using UsesKeyboardAccessoryForSuggestions =
+ AutofillAgent::UsesKeyboardAccessoryForSuggestions;
+using ExtractAllDatalists = autofill::AutofillAgent::ExtractAllDatalists;
+
+namespace {
+
+// Allow PPAPI for Android Runtime for Chromium. (See crbug.com/383937)
+#if BUILDFLAG(ENABLE_PLUGINS)
+const char* const kPredefinedAllowedCameraDeviceOrigins[] = {
+ "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F",
+ "4EB74897CB187C7633357C2FE832E0AD6A44883A"};
+#endif
+
+#if BUILDFLAG(ENABLE_PLUGINS)
+void AppendParams(
+ const std::vector& additional_params,
+ WebVector* existing_names,
+ WebVector* existing_values) {
+ DCHECK(existing_names->size() == existing_values->size());
+ size_t existing_size = existing_names->size();
+ size_t total_size = existing_size + additional_params.size();
+
+ WebVector names(total_size);
+ WebVector values(total_size);
+
+ for (size_t i = 0; i < existing_size; ++i) {
+ names[i] = (*existing_names)[i];
+ values[i] = (*existing_values)[i];
+ }
+
+ for (size_t i = 0; i < additional_params.size(); ++i) {
+ names[existing_size + i] = WebString::FromUTF16(additional_params[i].name);
+ values[existing_size + i] =
+ WebString::FromUTF16(additional_params[i].value);
+ }
+
+ existing_names->swap(names);
+ existing_values->swap(values);
+}
+#endif // BUILDFLAG(ENABLE_PLUGINS)
+
+bool IsStandaloneContentExtensionProcess() {
+#if !BUILDFLAG(ENABLE_EXTENSIONS)
+ return false;
+#else
+ return base::CommandLine::ForCurrentProcess()->HasSwitch(
+ extensions::switches::kExtensionProcess);
+#endif
+}
+
+std::unique_ptr CreateV8Unwinder(v8::Isolate* isolate) {
+ return std::make_unique(isolate);
+}
+
+// Web Share is conditionally enabled here in chrome/, to avoid it being
+// made available in other clients of content/ that do not have a Web Share
+// Mojo implementation (e.g. WebView).
+void MaybeEnableWebShare() {
+#if BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC)
+ if (base::FeatureList::IsEnabled(features::kWebShare))
+#endif
+#if BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_WIN) || BUILDFLAG(IS_MAC) || \
+ BUILDFLAG(IS_ANDROID)
+ blink::WebRuntimeFeatures::EnableWebShare(true);
+#endif
+}
+
+#if BUILDFLAG(ENABLE_NACL) && BUILDFLAG(ENABLE_EXTENSIONS) && \
+ BUILDFLAG(IS_CHROMEOS_ASH)
+bool IsTerminalSystemWebAppNaClPage(GURL url) {
+ GURL::Replacements replacements;
+ replacements.ClearQuery();
+ replacements.ClearRef();
+ url = url.ReplaceComponents(replacements);
+ return url == "chrome-untrusted://terminal/html/terminal_ssh.html";
+}
+#endif
+
+} // namespace
+
+ChromeContentRendererClient::ChromeContentRendererClient()
+ :
+#if BUILDFLAG(IS_WIN)
+ remote_module_watcher_(nullptr, base::OnTaskRunnerDeleter(nullptr)),
+#endif
+ main_thread_profiler_(
+#if BUILDFLAG(IS_CHROMEOS)
+ // The profiler can't start before the sandbox is initialized on
+ // ChromeOS due to ChromeOS's sandbox initialization code's use of
+ // AssertSingleThreaded().
+ nullptr
+#else
+ ThreadProfiler::CreateAndStartOnMainThread()
+#endif
+ ) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ EnsureExtensionsClientInitialized(
+ controlled_frame::CreateAvailabilityCheckMap());
+ extensions::ExtensionsRendererClient::Set(
+ ChromeExtensionsRendererClient::GetInstance());
+#endif
+#if BUILDFLAG(ENABLE_PLUGINS)
+ for (const char* origin : kPredefinedAllowedCameraDeviceOrigins)
+ allowed_camera_device_origins_.insert(origin);
+#endif
+}
+
+ChromeContentRendererClient::~ChromeContentRendererClient() {}
+
+void ChromeContentRendererClient::RenderThreadStarted() {
+ RenderThread* thread = RenderThread::Get();
+
+ main_thread_profiler_->SetAuxUnwinderFactory(base::BindRepeating(
+ &CreateV8Unwinder, base::Unretained(v8::Isolate::GetCurrent())));
+
+ // In the case of single process mode, the v8 unwinding will not work.
+ tracing::TracingSamplerProfiler::SetAuxUnwinderFactoryOnMainThread(
+ base::BindRepeating(&CreateV8Unwinder,
+ base::Unretained(v8::Isolate::GetCurrent())));
+
+ const bool is_extension = IsStandaloneContentExtensionProcess();
+
+ thread->SetRendererProcessType(
+ is_extension
+ ? blink::scheduler::WebRendererProcessType::kExtensionRenderer
+ : blink::scheduler::WebRendererProcessType::kRenderer);
+
+ if (is_extension) {
+ // The process name was set to "Renderer" in RendererMain(). Update it to
+ // "Extension Renderer" to highlight that it's hosting an extension.
+ base::CurrentProcess::GetInstance().SetProcessType(
+ base::CurrentProcessType::PROCESS_RENDERER_EXTENSION);
+ }
+
+#if BUILDFLAG(IS_WIN)
+ mojo::PendingRemote module_event_sink;
+ thread->BindHostReceiver(module_event_sink.InitWithNewPipeAndPassReceiver());
+ remote_module_watcher_ = RemoteModuleWatcher::Create(
+ thread->GetIOTaskRunner(), std::move(module_event_sink));
+#endif
+
+ browser_interface_broker_ =
+ blink::Platform::Current()->GetBrowserInterfaceBroker();
+
+ chrome_observer_ = std::make_unique();
+ web_cache_impl_ = std::make_unique();
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient* chrome_extensions_renderer_client =
+ ChromeExtensionsRendererClient::GetInstance();
+ chrome_extensions_renderer_client->AddAPIProvider(
+ std::make_unique<
+ controlled_frame::ControlledFrameExtensionsRendererAPIProvider>());
+ chrome_extensions_renderer_client->RenderThreadStarted();
+ WebSecurityPolicy::RegisterURLSchemeAsExtension(
+ WebString::FromASCII(extensions::kExtensionScheme));
+#endif
+
+#if BUILDFLAG(ENABLE_SPELLCHECK)
+ if (!spellcheck_)
+ InitSpellCheck();
+#endif
+
+ subresource_filter_ruleset_dealer_ =
+ std::make_unique();
+
+ phishing_model_setter_ =
+ std::make_unique();
+
+ thread->AddObserver(chrome_observer_.get());
+ thread->AddObserver(subresource_filter_ruleset_dealer_.get());
+ thread->AddObserver(phishing_model_setter_.get());
+
+ blink::WebScriptController::RegisterExtension(
+ extensions_v8::LoadTimesExtension::Get());
+
+ base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
+ if (command_line->HasSwitch(variations::switches::kEnableBenchmarking)) {
+ blink::WebScriptController::RegisterExtension(
+ extensions_v8::BenchmarkingExtension::Get());
+ }
+
+ if (command_line->HasSwitch(switches::kEnableNetBenchmarking)) {
+ blink::WebScriptController::RegisterExtension(
+ extensions_v8::NetBenchmarkingExtension::Get());
+ }
+
+ // chrome: is also to be permitted to embeds https:// things and have them
+ // treated as first-party.
+ // See
+ // ChromeContentBrowserClient::ShouldTreatURLSchemeAsFirstPartyWhenTopLevel
+ WebString chrome_scheme(WebString::FromASCII(content::kChromeUIScheme));
+ WebSecurityPolicy::RegisterURLSchemeAsFirstPartyWhenTopLevelEmbeddingSecure(
+ chrome_scheme);
+
+ // chrome-native: is a scheme used for placeholder navigations that allow
+ // UIs to be drawn with platform native widgets instead of HTML. These pages
+ // should not be accessible. No code should be runnable in these pages,
+ // so it should not need to access anything nor should it allow javascript
+ // URLs since it should never be visible to the user.
+ // See also ChromeContentClient::AddAdditionalSchemes that adds it as an
+ // empty document scheme.
+ WebString native_scheme(WebString::FromASCII(chrome::kChromeNativeScheme));
+ WebSecurityPolicy::RegisterURLSchemeAsDisplayIsolated(native_scheme);
+ WebSecurityPolicy::RegisterURLSchemeAsNotAllowingJavascriptURLs(
+ native_scheme);
+
+ // chrome-search: and chrome-distiller: pages should not be accessible by
+ // normal content, and should also be unable to script anything but themselves
+ // (to help limit the damage that a corrupt page could cause).
+ WebString chrome_search_scheme(
+ WebString::FromASCII(chrome::kChromeSearchScheme));
+
+ // IWAs can be enabled by either the feature flag or by enterprise
+ // policy. In either case the kEnableIsolatedWebAppsInRenderer flag is passed
+ // to the renderer process.
+ if (base::CommandLine::ForCurrentProcess()->HasSwitch(
+ switches::kEnableIsolatedWebAppsInRenderer)) {
+ // isolated-app: is the scheme used for Isolated Web Apps, which are web
+ // applications packaged in Signed Web Bundles.
+ WebString isolated_app_scheme(
+ WebString::FromASCII(chrome::kIsolatedAppScheme));
+ // Resources contained in Isolated Web Apps are HTTP-like and safe to expose
+ // to the fetch API.
+ WebSecurityPolicy::RegisterURLSchemeAsSupportingFetchAPI(
+ isolated_app_scheme);
+ WebSecurityPolicy::RegisterURLSchemeAsAllowingServiceWorkers(
+ isolated_app_scheme);
+ WebSecurityPolicy::RegisterURLSchemeAsAllowedForReferrer(
+ isolated_app_scheme);
+ }
+
+ // The Instant process can only display the content but not read it. Other
+ // processes can't display it or read it.
+ if (!command_line->HasSwitch(switches::kInstantProcess))
+ WebSecurityPolicy::RegisterURLSchemeAsDisplayIsolated(chrome_search_scheme);
+
+ WebString dom_distiller_scheme(
+ WebString::FromASCII(dom_distiller::kDomDistillerScheme));
+ // TODO(nyquist): Add test to ensure this happens when the flag is set.
+ WebSecurityPolicy::RegisterURLSchemeAsDisplayIsolated(dom_distiller_scheme);
+
+#if BUILDFLAG(IS_ANDROID)
+ WebSecurityPolicy::RegisterURLSchemeAsAllowedForReferrer(
+ WebString::FromUTF8(content::kAndroidAppScheme));
+#endif
+
+ // chrome-search: pages should not be accessible by bookmarklets
+ // or javascript: URLs typed in the omnibox.
+ WebSecurityPolicy::RegisterURLSchemeAsNotAllowingJavascriptURLs(
+ chrome_search_scheme);
+
+ for (auto& scheme :
+ secure_origin_allowlist::GetSchemesBypassingSecureContextCheck()) {
+ WebSecurityPolicy::AddSchemeToSecureContextSafelist(
+ WebString::FromASCII(scheme));
+ }
+
+ // This doesn't work in single-process mode.
+ if (!base::CommandLine::ForCurrentProcess()->HasSwitch(
+ switches::kSingleProcess)) {
+ using HeapProfilerController = heap_profiling::HeapProfilerController;
+ // The HeapProfilerController should have been created in
+ // ChromeMainDelegate::PostEarlyInitialization.
+ DCHECK_NE(HeapProfilerController::GetProfilingEnabled(),
+ HeapProfilerController::ProfilingEnabled::kNoController);
+ if (ThreadProfiler::ShouldCollectProfilesForChildProcess() ||
+ HeapProfilerController::GetProfilingEnabled() ==
+ HeapProfilerController::ProfilingEnabled::kEnabled) {
+ ThreadProfiler::SetMainThreadTaskRunner(
+ base::SingleThreadTaskRunner::GetCurrentDefault());
+ mojo::PendingRemote collector;
+ thread->BindHostReceiver(collector.InitWithNewPipeAndPassReceiver());
+ metrics::CallStackProfileBuilder::
+ SetParentProfileCollectorForChildProcess(std::move(collector));
+ }
+
+ // This is superfluous in single-process mode and triggers a DCHECK
+ blink::IdentifiabilityStudySettings::SetGlobalProvider(
+ std::make_unique());
+ }
+}
+
+void ChromeContentRendererClient::ExposeInterfacesToBrowser(
+ mojo::BinderMap* binders) {
+ // NOTE: Do not add binders directly within this method. Instead, modify the
+ // definition of |ExposeChromeRendererInterfacesToBrowser()| to ensure
+ // security review coverage.
+ ExposeChromeRendererInterfacesToBrowser(this, binders);
+}
+
+void ChromeContentRendererClient::RenderFrameCreated(
+ content::RenderFrame* render_frame) {
+ ChromeRenderFrameObserver* render_frame_observer =
+ new ChromeRenderFrameObserver(render_frame, web_cache_impl_.get());
+ service_manager::BinderRegistry* registry = render_frame_observer->registry();
+
+ new prerender::PrerenderRenderFrameObserver(render_frame);
+
+ bool should_allow_for_content_settings =
+ base::CommandLine::ForCurrentProcess()->HasSwitch(
+ switches::kInstantProcess);
+ auto content_settings_delegate =
+ std::make_unique(render_frame);
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ content_settings_delegate->SetExtensionDispatcher(
+ ChromeExtensionsRendererClient::GetInstance()->extension_dispatcher());
+#endif
+ content_settings::ContentSettingsAgentImpl* content_settings =
+ new content_settings::ContentSettingsAgentImpl(
+ render_frame, should_allow_for_content_settings,
+ std::move(content_settings_delegate));
+ if (chrome_observer_.get()) {
+ if (chrome_observer_->content_settings_manager()) {
+ mojo::Remote manager;
+ chrome_observer_->content_settings_manager()->Clone(
+ manager.BindNewPipeAndPassReceiver());
+ content_settings->SetContentSettingsManager(std::move(manager));
+ }
+ }
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()->RenderFrameCreated(
+ render_frame, registry);
+#endif
+
+#if BUILDFLAG(ENABLE_PPAPI)
+ new PepperHelper(render_frame);
+#endif
+
+#if BUILDFLAG(ENABLE_NACL)
+ new nacl::NaClHelper(render_frame);
+#endif
+
+#if BUILDFLAG(SAFE_BROWSING_DB_LOCAL) || BUILDFLAG(SAFE_BROWSING_DB_REMOTE)
+ safe_browsing::ThreatDOMDetails::Create(render_frame, registry);
+#endif
+
+#if BUILDFLAG(ENABLE_PRINTING)
+ new printing::PrintRenderFrameHelper(
+ render_frame, std::make_unique());
+#endif
+
+#if BUILDFLAG(ENABLE_PAINT_PREVIEW)
+ new paint_preview::PaintPreviewRecorderImpl(render_frame);
+#endif
+
+#if BUILDFLAG(IS_ANDROID)
+ SandboxStatusExtension::Create(render_frame);
+#endif
+
+ TrustedVaultEncryptionKeysExtension::Create(render_frame);
+ GoogleAccountsPrivateApiExtension::Create(render_frame);
+
+ if (render_frame->IsMainFrame())
+ new webapps::WebPageMetadataAgent(render_frame);
+
+ const bool search_result_extractor_enabled =
+ render_frame->IsMainFrame() &&
+ optimization_guide::features::IsPageContentAnnotationEnabled();
+ if (search_result_extractor_enabled) {
+ continuous_search::SearchResultExtractorImpl::Create(render_frame);
+ }
+
+ new NetErrorHelper(render_frame);
+
+#if BUILDFLAG(ENABLE_SUPERVISED_USERS)
+ new SupervisedUserErrorPageControllerDelegateImpl(render_frame);
+#endif
+
+ if (!render_frame->IsMainFrame()) {
+ auto* main_frame_no_state_prefetch_helper =
+ prerender::NoStatePrefetchHelper::Get(
+ render_frame->GetMainRenderFrame());
+ if (main_frame_no_state_prefetch_helper) {
+ // Avoid any race conditions from having the browser tell subframes that
+ // they're no-state prefetching.
+ new prerender::NoStatePrefetchHelper(
+ render_frame,
+ main_frame_no_state_prefetch_helper->histogram_prefix());
+ }
+ }
+
+ // Set up a render frame observer to test if this page is a distiller page.
+ new dom_distiller::DistillerJsRenderFrameObserver(
+ render_frame, ISOLATED_WORLD_ID_CHROME_INTERNAL);
+
+ if (dom_distiller::ShouldStartDistillabilityService()) {
+ // Create DistillabilityAgent to send distillability updates to
+ // DistillabilityDriver in the browser process.
+ new dom_distiller::DistillabilityAgent(render_frame, DCHECK_IS_ON());
+ }
+
+ blink::AssociatedInterfaceRegistry* associated_interfaces =
+ render_frame_observer->associated_interfaces();
+
+ if (!render_frame->IsInFencedFrameTree() ||
+ base::FeatureList::IsEnabled(blink::features::kFencedFramesAPIChanges)) {
+ auto password_autofill_agent = std::make_unique(
+ render_frame, associated_interfaces);
+ auto password_generation_agent = std::make_unique(
+ render_frame, password_autofill_agent.get(), associated_interfaces);
+ new AutofillAgent(
+ render_frame,
+ {UsesKeyboardAccessoryForSuggestions(BUILDFLAG(IS_ANDROID)),
+ ExtractAllDatalists(false)},
+ std::move(password_autofill_agent),
+ std::move(password_generation_agent), associated_interfaces);
+
+#if BUILDFLAG(IS_ANDROID)
+ if (render_frame->IsMainFrame() &&
+ base::FeatureList::IsEnabled(
+ payments::facilitated::kEnablePixDetection)) {
+ new payments::facilitated::FacilitatedPaymentsAgent(
+ render_frame, associated_interfaces);
+ }
+#endif
+ }
+
+ if (content_capture::features::IsContentCaptureEnabled()) {
+ new content_capture::ContentCaptureSender(render_frame,
+ associated_interfaces);
+ }
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ associated_interfaces
+ ->AddInterface(
+ base::BindRepeating(
+ &extensions::MimeHandlerViewContainerManager::BindReceiver,
+ base::Unretained(render_frame)));
+#endif
+
+ // Owned by |render_frame|.
+ new page_load_metrics::MetricsRenderFrameObserver(render_frame);
+ // There is no render thread, thus no UnverifiedRulesetDealer in
+ // ChromeRenderViewTests.
+ if (subresource_filter_ruleset_dealer_) {
+ auto* subresource_filter_agent =
+ new subresource_filter::SubresourceFilterAgent(
+ render_frame, subresource_filter_ruleset_dealer_.get());
+ subresource_filter_agent->Initialize();
+ }
+
+#if !BUILDFLAG(IS_ANDROID)
+ base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
+ if (command_line->HasSwitch(switches::kInstantProcess) &&
+ render_frame->IsMainFrame()) {
+ new SearchBox(render_frame);
+ }
+#endif
+
+// We should create CommerceHintAgent only for a main frame except a fenced
+// frame that is the main frame as well, so we should check if |render_frame|
+// is the fenced frame.
+#if !BUILDFLAG(IS_ANDROID)
+ if (command_line->HasSwitch(commerce::switches::kEnableChromeCart) &&
+#else
+ if (base::FeatureList::IsEnabled(commerce::kCommerceHintAndroid) &&
+#endif // !BUILDFLAG(IS_ANDROID)
+ render_frame->GetWebFrame()->IsOutermostMainFrame()) {
+ new cart::CommerceHintAgent(render_frame);
+ }
+
+#if BUILDFLAG(ENABLE_SPELLCHECK)
+ new SpellCheckProvider(render_frame, spellcheck_.get());
+
+#if BUILDFLAG(HAS_SPELLCHECK_PANEL)
+ new SpellCheckPanel(render_frame, registry, this);
+#endif // BUILDFLAG(HAS_SPELLCHECK_PANEL)
+#endif
+#if BUILDFLAG(ENABLE_FEED_V2)
+ if (render_frame->IsMainFrame() &&
+ base::FeatureList::IsEnabled(feed::kWebFeed)) {
+ new feed::RssLinkReader(render_frame, registry);
+ }
+#endif
+
+#if BUILDFLAG(IS_WIN)
+ if (render_frame->IsMainFrame()) {
+ associated_interfaces
+ ->AddInterface(
+ base::BindRepeating(&RenderFrameFontFamilyAccessor::Bind,
+ render_frame));
+ }
+#endif
+
+#if !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_CHROMEOS)
+ MultilineDetector::InstallIfNecessary(render_frame);
+#endif
+
+ if (render_frame->IsMainFrame()) {
+ new commerce::CommerceWebExtractor(render_frame, registry);
+ }
+
+#if BUILDFLAG(IS_ANDROID)
+ if (base::FeatureList::IsEnabled(features::kBoardingPassDetector) &&
+ render_frame->IsMainFrame()) {
+ new wallet::BoardingPassExtractor(render_frame, registry);
+ }
+#endif
+}
+
+void ChromeContentRendererClient::WebViewCreated(
+ blink::WebView* web_view,
+ bool was_created_by_renderer,
+ const url::Origin* outermost_origin) {
+ new prerender::NoStatePrefetchClient(web_view);
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()->WebViewCreated(
+ web_view, outermost_origin);
+#endif
+}
+
+SkBitmap* ChromeContentRendererClient::GetSadPluginBitmap() {
+ return const_cast(ui::ResourceBundle::GetSharedInstance()
+ .GetImageNamed(IDR_SAD_PLUGIN)
+ .ToSkBitmap());
+}
+
+SkBitmap* ChromeContentRendererClient::GetSadWebViewBitmap() {
+ return const_cast(ui::ResourceBundle::GetSharedInstance()
+ .GetImageNamed(IDR_SAD_WEBVIEW)
+ .ToSkBitmap());
+}
+
+bool ChromeContentRendererClient::IsPluginHandledExternally(
+ content::RenderFrame* render_frame,
+ const blink::WebElement& plugin_element,
+ const GURL& original_url,
+ const std::string& mime_type) {
+#if BUILDFLAG(ENABLE_EXTENSIONS) && BUILDFLAG(ENABLE_PLUGINS)
+ DCHECK(plugin_element.HasHTMLTagName("object") ||
+ plugin_element.HasHTMLTagName("embed"));
+
+ mojo::AssociatedRemote plugin_info_host;
+ render_frame->GetRemoteAssociatedInterfaces()->GetInterface(
+ &plugin_info_host);
+ // Blink will next try to load a WebPlugin which would end up in
+ // OverrideCreatePlugin, sending another IPC only to find out the plugin is
+ // not supported. Here it suffices to return false but there should perhaps be
+ // a more unified approach to avoid sending the IPC twice.
+ chrome::mojom::PluginInfoPtr plugin_info = chrome::mojom::PluginInfo::New();
+ plugin_info_host->GetPluginInfo(
+ original_url, render_frame->GetWebFrame()->Top()->GetSecurityOrigin(),
+ mime_type, &plugin_info);
+ // TODO(ekaramad): Not continuing here due to a disallowed status should take
+ // us to CreatePlugin. See if more in depths investigation of |status| is
+ // necessary here (see https://crbug.com/965747). For now, returning false
+ // should take us to CreatePlugin after HTMLPlugInElement which is called
+ // through HTMLPlugInElement::LoadPlugin code path.
+ if (plugin_info->status != chrome::mojom::PluginStatus::kAllowed &&
+ plugin_info->status !=
+ chrome::mojom::PluginStatus::kPlayImportantContent) {
+ // We could get here when a MimeHandlerView is loaded inside a
+ // which is using permissions API (see WebViewPluginTests).
+ ChromeExtensionsRendererClient::DidBlockMimeHandlerViewForDisallowedPlugin(
+ plugin_element);
+ return false;
+ }
+#if BUILDFLAG(ENABLE_PDF)
+ if (plugin_info->actual_mime_type == pdf::kInternalPluginMimeType) {
+ // Only actually treat the internal PDF plugin as externally handled if
+ // used within an origin allowed to create the internal PDF plugin;
+ // otherwise, let Blink try to create the in-process PDF plugin.
+ if (IsPdfInternalPluginAllowedOrigin(
+ render_frame->GetWebFrame()->GetSecurityOrigin())) {
+ return true;
+ }
+ }
+#endif // BUILDFLAG(ENABLE_PDF)
+ return ChromeExtensionsRendererClient::MaybeCreateMimeHandlerView(
+ plugin_element, original_url, plugin_info->actual_mime_type,
+ plugin_info->plugin);
+#else // !(BUILDFLAG(ENABLE_EXTENSIONS) && BUILDFLAG(ENABLE_PLUGINS))
+ return false;
+#endif // BUILDFLAG(ENABLE_EXTENSIONS) && BUILDFLAG(ENABLE_PLUGINS)
+}
+
+v8::Local ChromeContentRendererClient::GetScriptableObject(
+ const blink::WebElement& plugin_element,
+ v8::Isolate* isolate) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ return ChromeExtensionsRendererClient::GetInstance()->GetScriptableObject(
+ plugin_element, isolate);
+#else
+ return v8::Local();
+#endif
+}
+
+bool ChromeContentRendererClient::OverrideCreatePlugin(
+ content::RenderFrame* render_frame,
+ const WebPluginParams& params,
+ WebPlugin** plugin) {
+ std::string orig_mime_type = params.mime_type.Utf8();
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ if (!ChromeExtensionsRendererClient::GetInstance()->OverrideCreatePlugin(
+ render_frame, params)) {
+ return false;
+ }
+#endif
+
+ GURL url(params.url);
+#if BUILDFLAG(ENABLE_PLUGINS)
+ mojo::AssociatedRemote plugin_info_host;
+ render_frame->GetRemoteAssociatedInterfaces()->GetInterface(
+ &plugin_info_host);
+
+ chrome::mojom::PluginInfoPtr plugin_info = chrome::mojom::PluginInfo::New();
+ plugin_info_host->GetPluginInfo(
+ url, render_frame->GetWebFrame()->Top()->GetSecurityOrigin(),
+ orig_mime_type, &plugin_info);
+ *plugin = CreatePlugin(render_frame, params, *plugin_info);
+#else // !BUILDFLAG(ENABLE_PLUGINS)
+ PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
+ if (orig_mime_type == kPDFMimeType) {
+ ReportPDFLoadStatus(
+ PDFLoadStatus::kShowedDisabledPluginPlaceholderForEmbeddedPdf);
+
+ PDFPluginPlaceholder* placeholder =
+ PDFPluginPlaceholder::CreatePDFPlaceholder(render_frame, params);
+ *plugin = placeholder->plugin();
+ return true;
+ }
+ auto* placeholder = NonLoadablePluginPlaceholder::CreateNotSupportedPlugin(
+ render_frame, params);
+ *plugin = placeholder->plugin();
+
+#endif // BUILDFLAG(ENABLE_PLUGINS)
+ return true;
+}
+
+#if BUILDFLAG(ENABLE_PLUGINS)
+WebPlugin* ChromeContentRendererClient::CreatePluginReplacement(
+ content::RenderFrame* render_frame,
+ const base::FilePath& plugin_path) {
+ auto* placeholder = NonLoadablePluginPlaceholder::CreateErrorPlugin(
+ render_frame, plugin_path);
+ return placeholder->plugin();
+}
+#endif // BUILDFLAG(ENABLE_PLUGINS)
+
+bool ChromeContentRendererClient::DeferMediaLoad(
+ content::RenderFrame* render_frame,
+ bool has_played_media_before,
+ base::OnceClosure closure) {
+ return prerender::DeferMediaLoad(render_frame, has_played_media_before,
+ std::move(closure));
+}
+
+#if BUILDFLAG(ENABLE_PLUGINS)
+
+// static
+WebPlugin* ChromeContentRendererClient::CreatePlugin(
+ content::RenderFrame* render_frame,
+ const WebPluginParams& original_params,
+ const chrome::mojom::PluginInfo& plugin_info) {
+ const WebPluginInfo& info = plugin_info.plugin;
+ const std::string& actual_mime_type = plugin_info.actual_mime_type;
+ const std::u16string& group_name = plugin_info.group_name;
+ const std::string& identifier = plugin_info.group_identifier;
+ chrome::mojom::PluginStatus status = plugin_info.status;
+ GURL url(original_params.url);
+ std::string orig_mime_type = original_params.mime_type.Utf8();
+ ChromePluginPlaceholder* placeholder = nullptr;
+
+ // If the browser plugin is to be enabled, this should be handled by the
+ // renderer, so the code won't reach here due to the early exit in
+ // OverrideCreatePlugin.
+ if (status == chrome::mojom::PluginStatus::kNotFound ||
+ orig_mime_type == content::kBrowserPluginMimeType) {
+ // Flash has been thoroughly removed in M88+, so we need to have a special
+ // case here to display a deprecated message instead of a generic
+ // plugin-missing message.
+ if (orig_mime_type == "application/x-shockwave-flash" ||
+ orig_mime_type == "application/futuresplash") {
+ return NonLoadablePluginPlaceholder::CreateFlashDeprecatedPlaceholder(
+ render_frame, original_params)
+ ->plugin();
+ } else {
+ PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type,
+ url);
+ placeholder = ChromePluginPlaceholder::CreateLoadableMissingPlugin(
+ render_frame, original_params);
+ }
+ } else {
+ // TODO(bauerb): This should be in content/.
+ WebPluginParams params(original_params);
+ for (const auto& mime_type : info.mime_types) {
+ if (mime_type.mime_type == actual_mime_type) {
+ AppendParams(mime_type.additional_params, ¶ms.attribute_names,
+ ¶ms.attribute_values);
+ break;
+ }
+ }
+ if (params.mime_type.IsNull() && (actual_mime_type.size() > 0)) {
+ // Webkit might say that mime type is null while we already know the
+ // actual mime type via ChromeViewHostMsg_GetPluginInfo. In that case
+ // we should use what we know since WebpluginDelegateProxy does some
+ // specific initializations based on this information.
+ params.mime_type = WebString::FromUTF8(actual_mime_type);
+ }
+
+ auto* content_settings_agent =
+ content_settings::ContentSettingsAgentImpl::Get(render_frame);
+ auto* content_settings_agent_delegate =
+ ChromeContentSettingsAgentDelegate::Get(render_frame);
+
+ const ContentSettingsType content_type = ContentSettingsType::JAVASCRIPT;
+
+ if ((status == chrome::mojom::PluginStatus::kUnauthorized ||
+ status == chrome::mojom::PluginStatus::kBlocked) &&
+ content_settings_agent_delegate->IsPluginTemporarilyAllowed(
+ identifier)) {
+ status = chrome::mojom::PluginStatus::kAllowed;
+ }
+
+ auto create_blocked_plugin = [&render_frame, ¶ms, &info, &identifier,
+ &group_name](int template_id,
+ const std::u16string& message) {
+ return ChromePluginPlaceholder::CreateBlockedPlugin(
+ render_frame, params, info, identifier, group_name, template_id,
+ message);
+ };
+ switch (status) {
+ case chrome::mojom::PluginStatus::kNotFound: {
+ NOTREACHED();
+ break;
+ }
+ case chrome::mojom::PluginStatus::kAllowed:
+ case chrome::mojom::PluginStatus::kPlayImportantContent: {
+#if BUILDFLAG(ENABLE_NACL) && BUILDFLAG(ENABLE_EXTENSIONS)
+ WebLocalFrame* frame = render_frame->GetWebFrame();
+ const bool is_nacl_plugin =
+ info.name == ASCIIToUTF16(nacl::kNaClPluginName);
+ const bool is_nacl_mime_type =
+ actual_mime_type == nacl::kNaClPluginMimeType;
+ const bool is_pnacl_mime_type =
+ actual_mime_type == nacl::kPnaclPluginMimeType;
+ if (is_nacl_plugin || is_nacl_mime_type || is_pnacl_mime_type) {
+ bool has_enable_nacl_switch =
+ base::CommandLine::ForCurrentProcess()->HasSwitch(
+ switches::kEnableNaCl);
+ bool is_nacl_unrestricted =
+ has_enable_nacl_switch || is_pnacl_mime_type;
+ GURL manifest_url;
+ GURL app_url;
+ if (is_nacl_mime_type || is_pnacl_mime_type) {
+ // Normal NaCl/PNaCl embed. The app URL is the page URL.
+ manifest_url = url;
+ app_url = frame->GetDocument().Url();
+ } else {
+ // NaCl is being invoked as a content handler. Look up the NaCl
+ // module using the MIME type. The app URL is the manifest URL.
+ manifest_url = GetNaClContentHandlerURL(actual_mime_type, info);
+ app_url = manifest_url;
+ }
+ bool is_module_allowed = false;
+ const extensions::Extension* extension =
+ extensions::RendererExtensionRegistry::Get()
+ ->GetExtensionOrAppByURL(manifest_url);
+ if (IsNaclAllowed()) {
+ if (extension) {
+ is_module_allowed =
+ IsNativeNaClAllowed(app_url, is_nacl_unrestricted, extension);
+#if BUILDFLAG(IS_CHROMEOS_ASH)
+ // Allow Terminal System App to load the SSH extension NaCl
+ // module.
+ } else if (IsTerminalSystemWebAppNaClPage(app_url)) {
+ is_module_allowed = true;
+#endif
+ } else {
+ WebDocument document = frame->GetDocument();
+ is_module_allowed =
+ has_enable_nacl_switch ||
+ (is_pnacl_mime_type &&
+ blink::WebOriginTrials::isTrialEnabled(&document, "PNaCl"));
+ }
+ }
+ if (!is_module_allowed) {
+ WebString error_message;
+ if (!IsNaclAllowed()) {
+ error_message = "NaCl is disabled.";
+ } else if (is_nacl_mime_type) {
+ error_message =
+ "Only unpacked extensions and apps installed from the Chrome "
+ "Web Store can load NaCl modules without enabling Native "
+ "Client in about:flags.";
+ } else if (is_pnacl_mime_type) {
+ error_message =
+ "PNaCl modules can only be used on the open web (non-app/"
+ "extension) when the PNaCl Origin Trial is enabled";
+ }
+ frame->AddMessageToConsole(WebConsoleMessage(
+ blink::mojom::ConsoleMessageLevel::kError, error_message));
+ placeholder = create_blocked_plugin(
+ IDR_BLOCKED_PLUGIN_HTML,
+#if BUILDFLAG(IS_CHROMEOS_ASH)
+ l10n_util::GetStringUTF16(IDS_NACL_PLUGIN_BLOCKED));
+#else
+ l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
+#endif
+ break;
+ }
+ ReportNaClAppType(is_pnacl_mime_type, extension);
+ }
+#endif // BUILDFLAG(ENABLE_NACL) && BUILDFLAG(ENABLE_EXTENSIONS)
+
+ if (info.path.value() == ChromeContentClient::kPDFExtensionPluginPath) {
+ // Report PDF load metrics. Since the PDF plugin is comprised of an
+ // extension that loads a second plugin, avoid double counting by
+ // ignoring the creation of the second plugin.
+ bool is_main_frame_plugin_document =
+ render_frame->IsMainFrame() &&
+ render_frame->GetWebFrame()->GetDocument().IsPluginDocument();
+ ReportPDFLoadStatus(
+ is_main_frame_plugin_document
+ ? PDFLoadStatus::kLoadedFullPagePdfWithPdfium
+ : PDFLoadStatus::kLoadedEmbeddedPdfWithPdfium);
+ }
+
+ // Delay loading plugins if no-state prefetching.
+ // TODO(mmenke): In the case of NoStatePrefetch, feed into
+ // ChromeContentRendererClient::CreatePlugin instead, to
+ // reduce the chance of future regressions.
+ bool is_no_state_prefetching =
+ prerender::NoStatePrefetchHelper::IsPrefetching(render_frame);
+
+ if (is_no_state_prefetching) {
+ placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
+ render_frame, params, info, identifier, group_name,
+ IDR_BLOCKED_PLUGIN_HTML,
+ l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
+ placeholder->set_blocked_for_prerendering(is_no_state_prefetching);
+ placeholder->AllowLoading();
+ break;
+ }
+
+#if BUILDFLAG(ENABLE_PDF)
+ if (info.path.value() == ChromeContentClient::kPDFInternalPluginPath) {
+ return pdf::CreateInternalPlugin(
+ std::move(params), render_frame,
+ std::make_unique());
+ }
+#endif // BUILDFLAG(ENABLE_PDF)
+
+ return render_frame->CreatePlugin(info, params);
+ }
+ case chrome::mojom::PluginStatus::kDisabled: {
+ PluginUMAReporter::GetInstance()->ReportPluginDisabled(orig_mime_type,
+ url);
+ if (info.path.value() == ChromeContentClient::kPDFExtensionPluginPath) {
+ ReportPDFLoadStatus(
+ PDFLoadStatus::kShowedDisabledPluginPlaceholderForEmbeddedPdf);
+
+ return PDFPluginPlaceholder::CreatePDFPlaceholder(render_frame,
+ params)
+ ->plugin();
+ }
+
+ placeholder = create_blocked_plugin(
+ IDR_DISABLED_PLUGIN_HTML,
+ l10n_util::GetStringFUTF16(IDS_PLUGIN_DISABLED, group_name));
+ break;
+ }
+ case chrome::mojom::PluginStatus::kUnauthorized: {
+ placeholder = create_blocked_plugin(
+ IDR_BLOCKED_PLUGIN_HTML,
+ l10n_util::GetStringFUTF16(IDS_PLUGIN_NOT_AUTHORIZED, group_name));
+ placeholder->AllowLoading();
+ mojo::AssociatedRemote plugin_auth_host;
+ render_frame->GetRemoteAssociatedInterfaces()->GetInterface(
+ plugin_auth_host.BindNewEndpointAndPassReceiver());
+ plugin_auth_host->BlockedUnauthorizedPlugin(group_name, identifier);
+ content_settings_agent->DidBlockContentType(content_type);
+ break;
+ }
+ case chrome::mojom::PluginStatus::kBlocked: {
+ placeholder = create_blocked_plugin(
+ IDR_BLOCKED_PLUGIN_HTML,
+ l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
+ placeholder->AllowLoading();
+ RenderThread::Get()->RecordAction(UserMetricsAction("Plugin_Blocked"));
+ content_settings_agent->DidBlockContentType(content_type);
+ break;
+ }
+ case chrome::mojom::PluginStatus::kBlockedByPolicy: {
+ placeholder = create_blocked_plugin(
+ IDR_BLOCKED_PLUGIN_HTML,
+ l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED_BY_POLICY,
+ group_name));
+ RenderThread::Get()->RecordAction(
+ UserMetricsAction("Plugin_BlockedByPolicy"));
+ content_settings_agent->DidBlockContentType(content_type);
+ break;
+ }
+ }
+ }
+ placeholder->SetStatus(status);
+ return placeholder->plugin();
+}
+#endif // BUILDFLAG(ENABLE_PLUGINS)
+
+// For NaCl content handling plugins, the NaCl manifest is stored in an
+// additonal 'nacl' param associated with the MIME type.
+// static
+GURL ChromeContentRendererClient::GetNaClContentHandlerURL(
+ const std::string& actual_mime_type,
+ const content::WebPluginInfo& plugin) {
+ // Look for the manifest URL among the MIME type's additonal parameters.
+ for (const auto& mime_type : plugin.mime_types) {
+ if (mime_type.mime_type == actual_mime_type) {
+ for (const auto& p : mime_type.additional_params) {
+ if (p.name == u"nacl")
+ return GURL(p.value);
+ }
+ break;
+ }
+ }
+ return GURL();
+}
+
+void ChromeContentRendererClient::GetInterface(
+ const std::string& interface_name,
+ mojo::ScopedMessagePipeHandle interface_pipe) {
+ // TODO(crbug.com/977637): Get rid of the use of this implementation of
+ // |service_manager::LocalInterfaceProvider|. This was done only to avoid
+ // churning spellcheck code while eliminting the "chrome" and
+ // "chrome_renderer" services. Spellcheck is (and should remain) the only
+ // consumer of this implementation.
+ RenderThread::Get()->BindHostReceiver(
+ mojo::GenericPendingReceiver(interface_name, std::move(interface_pipe)));
+}
+
+#if BUILDFLAG(ENABLE_NACL)
+// static
+bool ChromeContentRendererClient::IsNativeNaClAllowed(
+ const GURL& app_url,
+ bool is_nacl_unrestricted,
+ const extensions::Extension* extension) {
+ bool is_invoked_by_webstore_installed_extension = false;
+ bool is_extension_unrestricted = false;
+ bool is_extension_force_installed = false;
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ bool is_extension_from_webstore = extension && extension->from_webstore();
+
+ bool is_invoked_by_extension = app_url.SchemeIs(extensions::kExtensionScheme);
+ bool is_invoked_by_hosted_app = extension && extension->is_hosted_app() &&
+ extension->web_extent().MatchesURL(app_url);
+
+ is_invoked_by_webstore_installed_extension =
+ is_extension_from_webstore &&
+ (is_invoked_by_extension || is_invoked_by_hosted_app);
+
+ // Allow built-in extensions and developer mode extensions.
+ is_extension_unrestricted =
+ extension &&
+ (extensions::Manifest::IsUnpackedLocation(extension->location()) ||
+ extensions::Manifest::IsComponentLocation(extension->location()));
+ // Allow extensions force installed by admin policy.
+ is_extension_force_installed =
+ extension &&
+ extensions::Manifest::IsPolicyLocation(extension->location());
+#endif // BUILDFLAG(ENABLE_EXTENSIONS)
+
+ // Allow NaCl under any of the following circumstances:
+ // 1) An extension is loaded unpacked or built-in (component) to Chrome.
+ // 2) An extension is force installed by policy.
+ // 3) An extension is installed from the webstore, and invoked in that
+ // context (hosted app URL or chrome-extension:// scheme).
+ // 4) --enable-nacl is set.
+ bool is_nacl_allowed_by_location = is_extension_unrestricted ||
+ is_extension_force_installed ||
+ is_invoked_by_webstore_installed_extension;
+ bool is_nacl_allowed = is_nacl_allowed_by_location || is_nacl_unrestricted;
+ return is_nacl_allowed;
+}
+
+// static
+void ChromeContentRendererClient::ReportNaClAppType(
+ bool is_pnacl,
+ const extensions::Extension* extension) {
+ // These values are persisted to logs. Entries should not be renumbered and
+ // numeric values should never be reused.
+ enum class NaClAppType {
+ kPNaClOpenWeb = 0,
+ kPNaClHostedApp = 1,
+ kPNaClPlatformApp = 2,
+ kPNaClLegacyPackagedApp = 3,
+ kPNaClMv2Extension = 4,
+ kPNaClMv3Extension = 5,
+ kPNaClLoginScreenMv2Extension = 6,
+ kPNaClLoginScreenMv3Extension = 7,
+ kNaClOpenWeb = 8,
+ kNaClHostedApp = 9,
+ kNaClPlatformApp = 10,
+ kNaClLegacyPackagedApp = 11,
+ kNaClMv2Extension = 12,
+ kNaClMv3Extension = 13,
+ kNaClLoginScreenMv2Extension = 14,
+ kNaClLoginScreenMv3Extension = 15,
+ kMaxValue = kNaClLoginScreenMv3Extension
+ };
+
+ // Not all combinations are allowed by default (e.g. kNaClOpenWeb), but they
+ // can be used with the --enable-nacl flag.
+ NaClAppType app_type =
+ is_pnacl ? NaClAppType::kPNaClOpenWeb : NaClAppType::kNaClOpenWeb;
+ if (extension) {
+ if (extension->is_extension()) {
+ if (extension->manifest_version() >= 3) {
+ app_type = is_pnacl ? NaClAppType::kPNaClMv3Extension
+ : NaClAppType::kNaClMv3Extension;
+ } else {
+ app_type = is_pnacl ? NaClAppType::kPNaClMv2Extension
+ : NaClAppType::kNaClMv2Extension;
+ }
+ } else if (extension->is_hosted_app()) {
+ app_type =
+ is_pnacl ? NaClAppType::kPNaClHostedApp : NaClAppType::kNaClHostedApp;
+ } else if (extension->is_legacy_packaged_app()) {
+ app_type = is_pnacl ? NaClAppType::kPNaClLegacyPackagedApp
+ : NaClAppType::kNaClLegacyPackagedApp;
+ } else if (extension->is_platform_app()) {
+ app_type = is_pnacl ? NaClAppType::kPNaClPlatformApp
+ : NaClAppType::kNaClPlatformApp;
+ } else if (extension->is_login_screen_extension()) {
+ if (extension->manifest_version() >= 3) {
+ app_type = is_pnacl ? NaClAppType::kPNaClLoginScreenMv3Extension
+ : NaClAppType::kNaClLoginScreenMv3Extension;
+ } else {
+ app_type = is_pnacl ? NaClAppType::kPNaClLoginScreenMv2Extension
+ : NaClAppType::kNaClLoginScreenMv2Extension;
+ }
+ } else {
+ // We found an extension that is not covered by any metric
+ NOTREACHED() << "Invalid NaCl usage in extension. Extension name: "
+ << extension->name() << ", type: " << extension->GetType();
+ }
+ }
+
+ base::UmaHistogramEnumeration("NaCl.EmbedderType", app_type);
+}
+#endif // BUILDFLAG(ENABLE_NACL)
+
+void ChromeContentRendererClient::PrepareErrorPage(
+ content::RenderFrame* render_frame,
+ const blink::WebURLError& web_error,
+ const std::string& http_method,
+ content::mojom::AlternativeErrorPageOverrideInfoPtr
+ alternative_error_page_info,
+ std::string* error_html) {
+ NetErrorHelper::Get(render_frame)
+ ->PrepareErrorPage(
+ error_page::Error::NetError(
+ web_error.url(), web_error.reason(), web_error.extended_reason(),
+ web_error.resolve_error_info(), web_error.has_copy_in_cache()),
+ http_method == "POST", std::move(alternative_error_page_info),
+ error_html);
+
+#if BUILDFLAG(ENABLE_SUPERVISED_USERS)
+ SupervisedUserErrorPageControllerDelegateImpl::Get(render_frame)
+ ->PrepareForErrorPage();
+#endif
+}
+
+void ChromeContentRendererClient::PrepareErrorPageForHttpStatusError(
+ content::RenderFrame* render_frame,
+ const blink::WebURLError& error,
+ const std::string& http_method,
+ int http_status,
+ content::mojom::AlternativeErrorPageOverrideInfoPtr
+ alternative_error_page_info,
+ std::string* error_html) {
+ NetErrorHelper::Get(render_frame)
+ ->PrepareErrorPage(error_page::Error::HttpError(error.url(), http_status),
+ http_method == "POST",
+ std::move(alternative_error_page_info), error_html);
+}
+
+void ChromeContentRendererClient::PostSandboxInitialized() {
+#if BUILDFLAG(IS_CHROMEOS)
+ DCHECK(!main_thread_profiler_);
+ main_thread_profiler_ = ThreadProfiler::CreateAndStartOnMainThread();
+#endif // BUILDFLAG(IS_CHROMEOS)
+}
+
+void ChromeContentRendererClient::PostIOThreadCreated(
+ base::SingleThreadTaskRunner* io_thread_task_runner) {
+ io_thread_task_runner->PostTask(
+ FROM_HERE, base::BindOnce(&ThreadProfiler::StartOnChildThread,
+ metrics::CallStackProfileParams::Thread::kIo));
+}
+
+void ChromeContentRendererClient::PostCompositorThreadCreated(
+ base::SingleThreadTaskRunner* compositor_thread_task_runner) {
+ compositor_thread_task_runner->PostTask(
+ FROM_HERE,
+ base::BindOnce(&ThreadProfiler::StartOnChildThread,
+ metrics::CallStackProfileParams::Thread::kCompositor));
+ // Enable stack sampling for tracing.
+ // We pass in CreateCoreUnwindersFactory here since it lives in the chrome/
+ // layer while TracingSamplerProfiler is outside of chrome/.
+ compositor_thread_task_runner->PostTask(
+ FROM_HERE,
+ base::BindOnce(&tracing::TracingSamplerProfiler::
+ CreateOnChildThreadWithCustomUnwinders,
+#if BUILDFLAG(IS_ANDROID)
+ base::BindRepeating(&CreateCoreUnwindersFactory, false)));
+#else
+ base::BindRepeating(&CreateCoreUnwindersFactory)));
+#endif // BUILDFLAG(IS_ANDROID)
+}
+
+bool ChromeContentRendererClient::RunIdleHandlerWhenWidgetsHidden() {
+ return !IsStandaloneContentExtensionProcess();
+}
+
+bool ChromeContentRendererClient::AllowPopup() {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ return ChromeExtensionsRendererClient::GetInstance()->AllowPopup();
+#else
+ return false;
+#endif
+}
+
+bool ChromeContentRendererClient::ShouldNotifyServiceWorkerOnWebSocketActivity(
+ v8::Local context) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ extensions::ScriptContext* script_context =
+ ChromeExtensionsRendererClient::GetInstance()
+ ->extension_dispatcher()
+ ->GetWorkerScriptContextSet()
+ ->GetContextByV8Context(context);
+ // Only notify on web socket activity if the service worker is the background
+ // service worker for an extension.
+ return script_context &&
+ ChromeExtensionsRendererClient::GetInstance()
+ ->ExtensionAPIEnabledForServiceWorkerScript(
+ script_context->service_worker_scope(), script_context->url());
+#else
+ return false;
+#endif
+}
+
+blink::ProtocolHandlerSecurityLevel
+ChromeContentRendererClient::GetProtocolHandlerSecurityLevel(
+ const url::Origin& origin) {
+ if (origin.scheme() == chrome::kIsolatedAppScheme) {
+ return blink::ProtocolHandlerSecurityLevel::kSameOrigin;
+ }
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ return ChromeExtensionsRendererClient::GetInstance()
+ ->GetProtocolHandlerSecurityLevel();
+#else
+ return blink::ProtocolHandlerSecurityLevel::kStrict;
+#endif
+}
+
+void ChromeContentRendererClient::WillSendRequest(
+ WebLocalFrame* frame,
+ ui::PageTransition transition_type,
+ const blink::WebURL& url,
+ const net::SiteForCookies& site_for_cookies,
+ const url::Origin* initiator_origin,
+ GURL* new_url) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ // Check whether the request should be allowed. If not allowed, we reset the
+ // URL to something invalid to prevent the request and cause an error.
+ ChromeExtensionsRendererClient::GetInstance()->WillSendRequest(
+ frame, transition_type, url, site_for_cookies, initiator_origin, new_url);
+ if (!new_url->is_empty())
+ return;
+#endif
+
+ if (!url.ProtocolIs(chrome::kChromeSearchScheme))
+ return;
+
+#if !BUILDFLAG(IS_ANDROID)
+ SearchBox* search_box =
+ SearchBox::Get(content::RenderFrame::FromWebFrame(frame->LocalRoot()));
+ if (search_box) {
+ // Note: this GURL copy could be avoided if host() were added to WebURL.
+ GURL gurl(url);
+ if (gurl.host_piece() == chrome::kChromeUIFaviconHost)
+ search_box->GenerateImageURLFromTransientURL(url, new_url);
+ }
+#endif // !BUILDFLAG(IS_ANDROID)
+}
+
+bool ChromeContentRendererClient::IsPrefetchOnly(
+ content::RenderFrame* render_frame) {
+ return prerender::NoStatePrefetchHelper::IsPrefetching(render_frame);
+}
+
+uint64_t ChromeContentRendererClient::VisitedLinkHash(
+ std::string_view canonical_url) {
+ return chrome_observer_->visited_link_reader()->ComputeURLFingerprint(
+ canonical_url);
+}
+
+bool ChromeContentRendererClient::IsLinkVisited(uint64_t link_hash) {
+ return chrome_observer_->visited_link_reader()->IsVisited(link_hash);
+}
+
+std::unique_ptr
+ChromeContentRendererClient::CreatePrescientNetworking(
+ content::RenderFrame* render_frame) {
+ return std::make_unique(
+ render_frame);
+}
+
+bool ChromeContentRendererClient::IsExternalPepperPlugin(
+ const std::string& module_name) {
+ // TODO(bbudge) remove this when the trusted NaCl plugin has been removed.
+ // We must defer certain plugin events for NaCl instances since we switch
+ // from the in-process to the out-of-process proxy after instantiating them.
+ return module_name == "Native Client";
+}
+
+bool ChromeContentRendererClient::IsOriginIsolatedPepperPlugin(
+ const base::FilePath& plugin_path) {
+ // Hosting plugins in-process is inherently incompatible with attempting to
+ // process-isolate plugins from different origins.
+ auto* cmdline = base::CommandLine::ForCurrentProcess();
+ if (cmdline->HasSwitch(switches::kPpapiInProcess)) {
+ // The kPpapiInProcess switch should only be used by tests. In particular,
+ // we expect that the PDF plugin should always be isolated in the product
+ // (and that the switch won't interfere with PDF isolation).
+ CHECK_NE(ChromeContentClient::kPDFInternalPluginPath, plugin_path.value());
+
+ return false;
+ }
+
+#if BUILDFLAG(ENABLE_NACL)
+ // Don't isolate the NaCl plugin (preserving legacy behavior).
+ if (plugin_path.value() == nacl::kInternalNaClPluginFileName)
+ return false;
+#endif
+
+ // Isolate all the other plugins (including the PDF plugin + test plugins).
+ return true;
+}
+
+#if BUILDFLAG(ENABLE_PLUGINS) && BUILDFLAG(ENABLE_EXTENSIONS)
+bool ChromeContentRendererClient::IsExtensionOrSharedModuleAllowed(
+ const GURL& url,
+ const std::set& allowlist) {
+ const extensions::ExtensionSet* extension_set =
+ extensions::RendererExtensionRegistry::Get()->GetMainThreadExtensionSet();
+ return ::IsExtensionOrSharedModuleAllowed(url, extension_set, allowlist);
+}
+#endif
+
+#if BUILDFLAG(ENABLE_SPELLCHECK)
+void ChromeContentRendererClient::InitSpellCheck() {
+ spellcheck_ = std::make_unique(this);
+}
+#endif
+
+ChromeRenderThreadObserver* ChromeContentRendererClient::GetChromeObserver()
+ const {
+ return chrome_observer_.get();
+}
+
+web_cache::WebCacheImpl* ChromeContentRendererClient::GetWebCache() {
+ return web_cache_impl_.get();
+}
+
+chrome::WebRtcLoggingAgentImpl*
+ChromeContentRendererClient::GetWebRtcLoggingAgent() {
+ if (!webrtc_logging_agent_impl_) {
+ webrtc_logging_agent_impl_ =
+ std::make_unique();
+ }
+ return webrtc_logging_agent_impl_.get();
+}
+
+#if BUILDFLAG(ENABLE_SPELLCHECK)
+SpellCheck* ChromeContentRendererClient::GetSpellCheck() {
+ return spellcheck_.get();
+}
+#endif // BUILDFLAG(ENABLE_SPELLCHECK)
+
+std::unique_ptr
+ChromeContentRendererClient::CreateWebSocketHandshakeThrottleProvider() {
+ return std::make_unique(
+ browser_interface_broker_.get());
+}
+
+void ChromeContentRendererClient::GetSupportedKeySystems(
+ media::GetSupportedKeySystemsCB cb) {
+#if BUILDFLAG(ENABLE_LIBRARY_CDMS) || BUILDFLAG(IS_WIN) || BUILDFLAG(IS_ANDROID)
+ GetChromeKeySystems(std::move(cb));
+#else
+ std::move(cb).Run({});
+#endif
+}
+
+bool ChromeContentRendererClient::ShouldReportDetailedMessageForSource(
+ const std::u16string& source) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ return extensions::IsSourceFromAnExtension(source);
+#else
+ return false;
+#endif
+}
+
+std::unique_ptr
+ChromeContentRendererClient::CreateWorkerContentSettingsClient(
+ content::RenderFrame* render_frame) {
+ return std::make_unique(render_frame);
+}
+
+#if BUILDFLAG(ENABLE_SPEECH_SERVICE)
+std::unique_ptr
+ChromeContentRendererClient::CreateSpeechRecognitionClient(
+ content::RenderFrame* render_frame) {
+ return std::make_unique(render_frame);
+}
+#endif // BUILDFLAG(ENABLE_SPEECH_SERVICE)
+
+bool ChromeContentRendererClient::IsPluginAllowedToUseCameraDeviceAPI(
+ const GURL& url) {
+#if BUILDFLAG(ENABLE_PLUGINS) && BUILDFLAG(ENABLE_EXTENSIONS)
+#if BUILDFLAG(ENABLE_PPAPI)
+ if (base::CommandLine::ForCurrentProcess()->HasSwitch(
+ switches::kEnablePepperTesting))
+ return true;
+#endif // BUILDFLAG(ENABLE_PPAPI)
+
+ if (IsExtensionOrSharedModuleAllowed(url, allowed_camera_device_origins_))
+ return true;
+#endif
+
+ return false;
+}
+
+void ChromeContentRendererClient::RunScriptsAtDocumentStart(
+ content::RenderFrame* render_frame) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()->RunScriptsAtDocumentStart(
+ render_frame);
+ // |render_frame| might be dead by now.
+#endif
+}
+
+void ChromeContentRendererClient::RunScriptsAtDocumentEnd(
+ content::RenderFrame* render_frame) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()->RunScriptsAtDocumentEnd(
+ render_frame);
+ // |render_frame| might be dead by now.
+#endif
+}
+
+void ChromeContentRendererClient::RunScriptsAtDocumentIdle(
+ content::RenderFrame* render_frame) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()->RunScriptsAtDocumentIdle(
+ render_frame);
+ // |render_frame| might be dead by now.
+#endif
+}
+
+void ChromeContentRendererClient::
+ SetRuntimeFeaturesDefaultsBeforeBlinkInitialization() {
+ // The performance manager service interfaces are provided by the chrome
+ // embedder only.
+ blink::WebRuntimeFeatures::EnablePerformanceManagerInstrumentation(true);
+
+ MaybeEnableWebShare();
+
+ if (base::FeatureList::IsEnabled(
+ autofill::features::kAutofillSharedAutofill)) {
+ blink::WebRuntimeFeatures::EnableSharedAutofill(true);
+ }
+
+ if (base::FeatureList::IsEnabled(subresource_filter::kAdTagging))
+ blink::WebRuntimeFeatures::EnableAdTagging(true);
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ // WebHID and WebUSB on service workers is only available in extensions.
+ if (IsStandaloneContentExtensionProcess()) {
+ if (base::FeatureList::IsEnabled(
+ features::kEnableWebUsbOnExtensionServiceWorker)) {
+ blink::WebRuntimeFeatures::EnableWebUSBOnServiceWorkers(true);
+ }
+#if !BUILDFLAG(IS_ANDROID)
+ if (base::FeatureList::IsEnabled(
+ features::kEnableWebHidOnExtensionServiceWorker)) {
+ blink::WebRuntimeFeatures::EnableWebHIDOnServiceWorkers(true);
+ }
+#endif // !BUILDFLAG(IS_ANDROID)
+ }
+#endif // BUILDFLAG(ENABLE_EXTENSIONS)
+}
+
+bool ChromeContentRendererClient::AllowScriptExtensionForServiceWorker(
+ const url::Origin& script_origin) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ return script_origin.scheme() == extensions::kExtensionScheme;
+#else
+ return false;
+#endif
+}
+
+void ChromeContentRendererClient::
+ WillInitializeServiceWorkerContextOnWorkerThread() {
+ // This is called on the service worker thread.
+ ThreadProfiler::StartOnChildThread(
+ metrics::CallStackProfileParams::Thread::kServiceWorker);
+}
+
+void ChromeContentRendererClient::
+ DidInitializeServiceWorkerContextOnWorkerThread(
+ blink::WebServiceWorkerContextProxy* context_proxy,
+ const GURL& service_worker_scope,
+ const GURL& script_url) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()
+ ->extension_dispatcher()
+ ->DidInitializeServiceWorkerContextOnWorkerThread(
+ context_proxy, service_worker_scope, script_url);
+#endif
+}
+
+void ChromeContentRendererClient::WillEvaluateServiceWorkerOnWorkerThread(
+ blink::WebServiceWorkerContextProxy* context_proxy,
+ v8::Local v8_context,
+ int64_t service_worker_version_id,
+ const GURL& service_worker_scope,
+ const GURL& script_url) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()
+ ->extension_dispatcher()
+ ->WillEvaluateServiceWorkerOnWorkerThread(
+ context_proxy, v8_context, service_worker_version_id,
+ service_worker_scope, script_url);
+#endif
+}
+
+void ChromeContentRendererClient::DidStartServiceWorkerContextOnWorkerThread(
+ int64_t service_worker_version_id,
+ const GURL& service_worker_scope,
+ const GURL& script_url) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()
+ ->extension_dispatcher()
+ ->DidStartServiceWorkerContextOnWorkerThread(
+ service_worker_version_id, service_worker_scope, script_url);
+#endif
+}
+
+void ChromeContentRendererClient::WillDestroyServiceWorkerContextOnWorkerThread(
+ v8::Local context,
+ int64_t service_worker_version_id,
+ const GURL& service_worker_scope,
+ const GURL& script_url) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ ChromeExtensionsRendererClient::GetInstance()
+ ->extension_dispatcher()
+ ->WillDestroyServiceWorkerContextOnWorkerThread(
+ context, service_worker_version_id, service_worker_scope, script_url);
+#endif
+}
+
+// If we're in an extension, there is no need disabling multiple routes as
+// chrome.system.network.getNetworkInterfaces provides the same
+// information. Also, the enforcement of sending and binding UDP is already done
+// by chrome extension permission model.
+bool ChromeContentRendererClient::ShouldEnforceWebRTCRoutingPreferences() {
+ return !IsStandaloneContentExtensionProcess();
+}
+
+GURL ChromeContentRendererClient::OverrideFlashEmbedWithHTML(const GURL& url) {
+ if (!url.is_valid())
+ return GURL();
+
+ return FlashEmbedRewrite::RewriteFlashEmbedURL(url);
+}
+
+std::unique_ptr
+ChromeContentRendererClient::CreateURLLoaderThrottleProvider(
+ blink::URLLoaderThrottleProviderType provider_type) {
+ return URLLoaderThrottleProviderImpl::Create(provider_type, this,
+ browser_interface_broker_.get());
+}
+
+blink::WebFrame* ChromeContentRendererClient::FindFrame(
+ blink::WebLocalFrame* relative_to_frame,
+ const std::string& name) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ return ChromeExtensionsRendererClient::FindFrame(relative_to_frame, name);
+#else
+ return nullptr;
+#endif // BUILDFLAG(ENABLE_EXTENSIONS)
+}
+
+bool ChromeContentRendererClient::IsSafeRedirectTarget(const GURL& from_url,
+ const GURL& to_url) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+ if (to_url.SchemeIs(extensions::kExtensionScheme)) {
+ const extensions::Extension* extension =
+ extensions::RendererExtensionRegistry::Get()->GetByID(to_url.host());
+ if (!extension)
+ return false;
+ // TODO(solomonkinard): Use initiator_origin and add tests.
+ if (extensions::WebAccessibleResourcesInfo::IsResourceWebAccessible(
+ extension, to_url.path(), nullptr)) {
+ return true;
+ }
+ return extension->guid() == from_url.host();
+ }
+#endif // BUILDFLAG(ENABLE_EXTENSIONS)
+ return true;
+}
+
+void ChromeContentRendererClient::DidSetUserAgent(
+ const std::string& user_agent) {
+#if BUILDFLAG(ENABLE_PRINTING)
+ printing::SetAgent(user_agent);
+#endif
+}
+
+void ChromeContentRendererClient::AppendContentSecurityPolicy(
+ const blink::WebURL& url,
+ blink::WebVector* csp) {
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+#if BUILDFLAG(ENABLE_PDF)
+ // Don't apply default CSP to PDF renderers.
+ // TODO(crbug.com/1252096): Lock down the CSP once style and script are no
+ // longer injected inline by `pdf::PluginResponseWriter`. That class may be a
+ // better place to define such CSP, or we may continue doing so here.
+ if (pdf::IsPdfRenderer())
+ return;
+#endif // BUILDFLAG(ENABLE_PDF)
+
+ DCHECK(csp);
+ GURL gurl(url);
+ const extensions::Extension* extension =
+ extensions::RendererExtensionRegistry::Get()->GetExtensionOrAppByURL(
+ gurl);
+ if (!extension)
+ return;
+
+ // Append a minimum CSP to ensure the extension can't relax the default
+ // applied CSP through means like Service Worker.
+ const std::string* default_csp =
+ extensions::CSPInfo::GetMinimumCSPToAppend(*extension, gurl.path());
+ if (!default_csp)
+ return;
+
+ csp->push_back({blink::WebString::FromUTF8(*default_csp),
+ network::mojom::ContentSecurityPolicyType::kEnforce,
+ network::mojom::ContentSecurityPolicySource::kHTTP});
+#endif
+}
diff --git a/tools/under-control/src/content/child/runtime_features.cc b/tools/under-control/src/content/child/runtime_features.cc
new file mode 100755
index 000000000..5a5b3c03b
--- /dev/null
+++ b/tools/under-control/src/content/child/runtime_features.cc
@@ -0,0 +1,793 @@
+// Copyright 2013 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/child/runtime_features.h"
+
+#include
+#include
+
+#include "base/base_switches.h"
+#include "base/command_line.h"
+#include "base/feature_list.h"
+#include "base/memory/raw_ref.h"
+#include "base/metrics/field_trial.h"
+#include "base/metrics/field_trial_params.h"
+#include "base/strings/string_number_conversions.h"
+#include "base/strings/string_util.h"
+#include "build/build_config.h"
+#include "build/chromeos_buildflags.h"
+#include "cc/base/features.h"
+#include "components/attribution_reporting/features.h"
+#include "components/ml/webnn/features.mojom-features.h"
+#include "content/common/content_navigation_policy.h"
+#include "content/common/content_switches_internal.h"
+#include "content/common/features.h"
+#include "content/public/common/content_features.h"
+#include "content/public/common/content_switches.h"
+#include "device/base/features.h"
+#include "device/fido/features.h"
+#include "device/gamepad/public/cpp/gamepad_features.h"
+#include "device/vr/buildflags/buildflags.h"
+#include "gpu/config/gpu_finch_features.h"
+#include "gpu/config/gpu_switches.h"
+#include "media/base/media_switches.h"
+#include "net/base/features.h"
+#include "services/device/public/cpp/device_features.h"
+#include "services/network/public/cpp/features.h"
+#include "third_party/blink/public/common/buildflags.h"
+#include "third_party/blink/public/common/features.h"
+#include "third_party/blink/public/common/loader/referrer_utils.h"
+#include "third_party/blink/public/common/switches.h"
+#include "third_party/blink/public/platform/web_runtime_features.h"
+#include "ui/accessibility/accessibility_features.h"
+#include "ui/base/ui_base_features.h"
+#include "ui/events/blink/blink_features.h"
+#include "ui/gfx/switches.h"
+#include "ui/gl/gl_switches.h"
+#include "ui/native_theme/native_theme_features.h"
+
+#if BUILDFLAG(IS_ANDROID)
+#include "base/android/build_info.h"
+#endif
+
+#if BUILDFLAG(ENABLE_VR)
+#include "device/vr/public/cpp/features.h"
+#endif
+
+using blink::WebRuntimeFeatures;
+
+namespace {
+
+// Sets blink runtime features for specific platforms.
+// This should be a last resort vs runtime_enabled_features.json5.
+void SetRuntimeFeatureDefaultsForPlatform(
+ const base::CommandLine& command_line) {
+ // Please consider setting up feature defaults for different platforms
+ // in runtime_enabled_features.json5 instead of here
+ // TODO(rodneyding): Move the more common cases here
+ // to baseFeature/switch functions below and move more complex
+ // ones to special case functions.
+#if defined(USE_AURA)
+ WebRuntimeFeatures::EnableCompositedSelectionUpdate(true);
+#endif
+
+#if BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_CHROMEOS_LACROS)
+ const bool enable_canvas_2d_image_chromium =
+ command_line.HasSwitch(
+ blink::switches::kEnableGpuMemoryBufferCompositorResources) &&
+ !command_line.HasSwitch(switches::kDisable2dCanvasImageChromium) &&
+ !command_line.HasSwitch(switches::kDisableGpu) &&
+ base::FeatureList::IsEnabled(features::kCanvas2DImageChromium);
+#else
+ constexpr bool enable_canvas_2d_image_chromium = false;
+#endif
+ WebRuntimeFeatures::EnableCanvas2dImageChromium(
+ enable_canvas_2d_image_chromium);
+
+#if BUILDFLAG(IS_APPLE)
+ const bool enable_web_gl_image_chromium =
+ command_line.HasSwitch(
+ blink::switches::kEnableGpuMemoryBufferCompositorResources) &&
+ !command_line.HasSwitch(switches::kDisableWebGLImageChromium) &&
+ !command_line.HasSwitch(switches::kDisableGpu);
+#else
+ const bool enable_web_gl_image_chromium =
+ command_line.HasSwitch(switches::kEnableWebGLImageChromium);
+#endif
+ WebRuntimeFeatures::EnableWebGLImageChromium(enable_web_gl_image_chromium);
+
+#if BUILDFLAG(IS_ANDROID)
+ if (command_line.HasSwitch(switches::kDisableMediaSessionAPI)) {
+ WebRuntimeFeatures::EnableMediaSession(false);
+ }
+#endif
+
+#if BUILDFLAG(IS_ANDROID)
+ if (base::android::BuildInfo::GetInstance()->sdk_int() >=
+ base::android::SDK_VERSION_P) {
+ // Display Cutout is limited to Android P+.
+ WebRuntimeFeatures::EnableDisplayCutoutAPI(true);
+ }
+#endif
+
+#if BUILDFLAG(IS_ANDROID)
+ WebRuntimeFeatures::EnableMediaControlsExpandGesture(
+ base::FeatureList::IsEnabled(media::kMediaControlsExpandGesture));
+#endif
+}
+
+enum RuntimeFeatureEnableOptions {
+ // - If the base::Feature default is overridden by field trial or command
+ // line, set Blink feature to the state of the base::Feature;
+ // - Otherwise if the base::Feature is enabled, enable the Blink feature.
+ // - Otherwise no change.
+ kDefault,
+ // Enables the Blink feature when the base::Feature is overridden by field
+ // trial or command line. Otherwise no change. Its difference from kDefault is
+ // that the Blink feature isn't affected by the default state of the
+ // base::Feature. This is useful for Blink origin trial features especially
+ // those implemented in both Chromium and Blink. As origin trial only controls
+ // the Blink features, for now we require the base::Feature to be enabled by
+ // default, but we don't want the default enabled status affect the Blink
+ // feature. See also https://crbug.com/1048656#c10.
+ // This can also be used for features that are enabled by default in Chromium
+ // but not in Blink on all platforms and we want to use the Blink status.
+ // However, we would prefer consistent Chromium and Blink status to this.
+ kSetOnlyIfOverridden,
+};
+
+template
+// Helper class that describes the desired actions for the runtime feature
+// depending on a check for chromium base::Feature.
+struct RuntimeFeatureToChromiumFeatureMap {
+ // This can be either an enabler function defined in web_runtime_features.cc
+ // or the string name of the feature in runtime_enabled_features.json5.
+ T feature_enabler;
+ // The chromium base::Feature to check.
+ const raw_ref chromium_feature;
+ const RuntimeFeatureEnableOptions option = kDefault;
+};
+
+template
+void SetRuntimeFeatureFromChromiumFeature(const base::Feature& chromium_feature,
+ RuntimeFeatureEnableOptions option,
+ const Enabler& enabler) {
+ using FeatureList = base::FeatureList;
+ const bool feature_enabled = FeatureList::IsEnabled(chromium_feature);
+ const bool is_overridden =
+ FeatureList::GetInstance()->IsFeatureOverridden(chromium_feature.name);
+ switch (option) {
+ case kSetOnlyIfOverridden:
+ if (is_overridden) {
+ enabler(feature_enabled);
+ }
+ break;
+ case kDefault:
+ if (feature_enabled || is_overridden) {
+ enabler(feature_enabled);
+ }
+ break;
+ default:
+ NOTREACHED();
+ }
+}
+
+// Sets blink runtime features that are either directly
+// controlled by Chromium base::Feature or are overridden
+// by base::Feature states.
+void SetRuntimeFeaturesFromChromiumFeatures() {
+ using wf = WebRuntimeFeatures;
+ // To add a runtime feature control, add a new
+ // RuntimeFeatureToChromiumFeatureMap entry here if there is a custom
+ // enabler function defined. Otherwise add the entry with string name
+ // in the next list.
+ const RuntimeFeatureToChromiumFeatureMap
+ blinkFeatureToBaseFeatureMapping[] = {
+ {wf::EnableAccessibilityAriaVirtualContent,
+ raw_ref(features::kEnableAccessibilityAriaVirtualContent)},
+ {wf::EnableAccessibilityExposeHTMLElement,
+ raw_ref(features::kEnableAccessibilityExposeHTMLElement)},
+ {wf::EnableAccessibilityExposeIgnoredNodes,
+ raw_ref(features::kEnableAccessibilityExposeIgnoredNodes)},
+#if BUILDFLAG(IS_ANDROID)
+ {wf::EnableAccessibilityPageZoom,
+ raw_ref(features::kAccessibilityPageZoom)},
+ {wf::EnableAutoDisableAccessibilityV2,
+ raw_ref(features::kAutoDisableAccessibilityV2)},
+#endif
+ {wf::EnableAccessibilityUseAXPositionForDocumentMarkers,
+ raw_ref(features::kUseAXPositionForDocumentMarkers)},
+ {wf::EnableAOMAriaRelationshipProperties,
+ raw_ref(features::kEnableAriaElementReflection)},
+ {wf::EnableAutoplayIgnoresWebAudio,
+ raw_ref(media::kAutoplayIgnoreWebAudio)},
+ {wf::EnableBackgroundFetch, raw_ref(features::kBackgroundFetch)},
+ {wf::EnableBoundaryEventDispatchTracksNodeRemoval,
+ raw_ref(blink::features::kBoundaryEventDispatchTracksNodeRemoval)},
+ {wf::EnableBrowserVerifiedUserActivationKeyboard,
+ raw_ref(features::kBrowserVerifiedUserActivationKeyboard)},
+ {wf::EnableBrowserVerifiedUserActivationMouse,
+ raw_ref(features::kBrowserVerifiedUserActivationMouse)},
+ {wf::EnableCompositeBGColorAnimation,
+ raw_ref(features::kCompositeBGColorAnimation)},
+ {wf::EnableConsolidatedMovementXY,
+ raw_ref(features::kConsolidatedMovementXY)},
+ {wf::EnableCooperativeScheduling,
+ raw_ref(features::kCooperativeScheduling)},
+ {wf::EnableDevicePosture, raw_ref(features::kDevicePosture)},
+ {wf::EnableDigitalGoods, raw_ref(features::kDigitalGoodsApi),
+ kSetOnlyIfOverridden},
+ {wf::EnableDocumentPolicyNegotiation,
+ raw_ref(features::kDocumentPolicyNegotiation)},
+ {wf::EnableFedCm, raw_ref(features::kFedCm), kSetOnlyIfOverridden},
+ {wf::EnableFedCmAutoSelectedFlag,
+ raw_ref(features::kFedCmAutoSelectedFlag), kSetOnlyIfOverridden},
+ {wf::EnableFedCmButtonMode, raw_ref(features::kFedCmButtonMode),
+ kSetOnlyIfOverridden},
+ {wf::EnableFedCmAuthz, raw_ref(features::kFedCmAuthz), kDefault},
+ {wf::EnableFedCmError, raw_ref(features::kFedCmError),
+ kSetOnlyIfOverridden},
+ {wf::EnableFedCmDomainHint, raw_ref(features::kFedCmDomainHint),
+ kSetOnlyIfOverridden},
+ {wf::EnableFedCmIdPRegistration,
+ raw_ref(features::kFedCmIdPRegistration), kDefault},
+ {wf::EnableFedCmIdpSigninStatus,
+ raw_ref(features::kFedCmIdpSigninStatusEnabled),
+ kSetOnlyIfOverridden},
+ {wf::EnableGamepadMultitouch,
+ raw_ref(features::kEnableGamepadMultitouch)},
+ {wf::EnableSharedStorageAPI,
+ raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {wf::EnableSharedStorageAPI,
+ raw_ref(features::kPrivacySandboxAdsAPIsM1Override),
+ kSetOnlyIfOverridden},
+ {wf::EnableSharedStorageAPIM118,
+ raw_ref(blink::features::kSharedStorageAPIM118),
+ kSetOnlyIfOverridden},
+ {wf::EnableFedCmMultipleIdentityProviders,
+ raw_ref(features::kFedCmMultipleIdentityProviders), kDefault},
+ {wf::EnableFedCmDisconnect, raw_ref(features::kFedCmDisconnect),
+ kSetOnlyIfOverridden},
+ {wf::EnableFedCmSelectiveDisclosure,
+ raw_ref(features::kFedCmSelectiveDisclosure), kDefault},
+ {wf::EnableFencedFrames,
+ raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {wf::EnableFencedFrames,
+ raw_ref(features::kPrivacySandboxAdsAPIsM1Override),
+ kSetOnlyIfOverridden},
+ // FledgeFeatureDetection should be on if any of the features it aims
+ // to help detect is on.
+ {wf::EnableFledgeFeatureDetection,
+ raw_ref(blink::features::kFledgeCustomMaxAuctionAdComponents)},
+ {wf::EnableForcedColors, raw_ref(features::kForcedColors)},
+ {wf::EnableFractionalScrollOffsets,
+ raw_ref(features::kFractionalScrollOffsets)},
+ {wf::EnableSensorExtraClasses,
+ raw_ref(features::kGenericSensorExtraClasses)},
+#if BUILDFLAG(IS_ANDROID)
+ {wf::EnableGetDisplayMedia,
+ raw_ref(features::kUserMediaScreenCapturing)},
+#endif
+ {wf::EnableInstalledApp, raw_ref(features::kInstalledApp)},
+ {wf::EnableLazyInitializeMediaControls,
+ raw_ref(features::kLazyInitializeMediaControls)},
+#if BUILDFLAG(IS_CHROMEOS)
+ {wf::EnableLockedMode, raw_ref(blink::features::kLockedMode)},
+#endif
+ {wf::EnableMachineLearningModelLoader,
+ raw_ref(features::kEnableMachineLearningModelLoaderWebPlatformApi),
+ kSetOnlyIfOverridden},
+ {wf::EnableMediaCastOverlayButton,
+ raw_ref(media::kMediaCastOverlayButton)},
+ {wf::EnableMediaEngagementBypassAutoplayPolicies,
+ raw_ref(media::kMediaEngagementBypassAutoplayPolicies)},
+ {wf::EnableNotificationContentImage,
+ raw_ref(features::kNotificationContentImage), kSetOnlyIfOverridden},
+ {wf::EnablePaymentApp, raw_ref(features::kServiceWorkerPaymentApps)},
+ {wf::EnablePaymentRequest, raw_ref(features::kWebPayments)},
+ {wf::EnablePercentBasedScrolling,
+ raw_ref(features::kWindowsScrollingPersonality)},
+ {wf::EnablePeriodicBackgroundSync,
+ raw_ref(features::kPeriodicBackgroundSync)},
+ {wf::EnablePushMessagingSubscriptionChange,
+ raw_ref(features::kPushSubscriptionChangeEvent)},
+ {wf::EnableRestrictGamepadAccess,
+ raw_ref(features::kRestrictGamepadAccess)},
+ {wf::EnableSecurePaymentConfirmation,
+ raw_ref(features::kSecurePaymentConfirmation)},
+ {wf::EnableSecurePaymentConfirmationDebug,
+ raw_ref(features::kSecurePaymentConfirmationDebug)},
+ {wf::EnableSendBeaconThrowForBlobWithNonSimpleType,
+ raw_ref(features::kSendBeaconThrowForBlobWithNonSimpleType)},
+ {wf::EnableSharedArrayBuffer, raw_ref(features::kSharedArrayBuffer)},
+ {wf::EnableSharedArrayBufferOnDesktop,
+ raw_ref(features::kSharedArrayBufferOnDesktop)},
+#if BUILDFLAG(IS_ANDROID)
+ {wf::EnableSmartZoom, raw_ref(features::kSmartZoom)},
+#endif
+ {wf::EnableTouchDragAndContextMenu,
+ raw_ref(features::kTouchDragAndContextMenu)},
+ {wf::EnableUserActivationSameOriginVisibility,
+ raw_ref(features::kUserActivationSameOriginVisibility)},
+ {wf::EnableVideoPlaybackQuality,
+ raw_ref(features::kVideoPlaybackQuality)},
+ {wf::EnableViewportSegments, raw_ref(features::kViewportSegments)},
+ {wf::EnableWebBluetooth, raw_ref(features::kWebBluetooth),
+ kSetOnlyIfOverridden},
+ {wf::EnableWebBluetoothGetDevices,
+ raw_ref(features::kWebBluetoothNewPermissionsBackend),
+ kSetOnlyIfOverridden},
+ {wf::EnableWebBluetoothWatchAdvertisements,
+ raw_ref(features::kWebBluetoothNewPermissionsBackend),
+ kSetOnlyIfOverridden},
+#if BUILDFLAG(IS_ANDROID)
+ {wf::EnableWebNFC, raw_ref(features::kWebNfc), kSetOnlyIfOverridden},
+#endif
+ {wf::EnableWebIdentityDigitalCredentials,
+ raw_ref(features::kWebIdentityDigitalCredentials), kDefault},
+ {wf::EnableMachineLearningNeuralNetwork,
+ raw_ref(webnn::mojom::features::kWebMachineLearningNeuralNetwork),
+ kDefault},
+ {wf::EnableWebOTP, raw_ref(features::kWebOTP), kSetOnlyIfOverridden},
+ {wf::EnableWebOTPAssertionFeaturePolicy,
+ raw_ref(features::kWebOTPAssertionFeaturePolicy),
+ kSetOnlyIfOverridden},
+ {wf::EnableWebUSB, raw_ref(features::kWebUsb)},
+ {wf::EnableWebXR, raw_ref(features::kWebXr)},
+#if BUILDFLAG(ENABLE_VR)
+ {wf::EnableWebXRFrontFacing,
+ raw_ref(device::features::kWebXrIncubations)},
+ {wf::EnableWebXRFrameRate,
+ raw_ref(device::features::kWebXrIncubations)},
+ {wf::EnableWebXRHandInput,
+ raw_ref(device::features::kWebXrHandInput)},
+ {wf::EnableWebXRImageTracking,
+ raw_ref(device::features::kWebXrIncubations)},
+ {wf::EnableWebXRLayers, raw_ref(device::features::kWebXrLayers)},
+ {wf::EnableWebXRPlaneDetection,
+ raw_ref(device::features::kWebXrIncubations)},
+ {wf::EnableWebXRPoseMotionData,
+ raw_ref(device::features::kWebXrIncubations)},
+#endif
+ {wf::EnableRemoveMobileViewportDoubleTap,
+ raw_ref(features::kRemoveMobileViewportDoubleTap)},
+ {wf::EnableServiceWorkerBypassFetchHandler,
+ raw_ref(features::kServiceWorkerBypassFetchHandler)},
+ {wf::EnableServiceWorkerStaticRouter,
+ raw_ref(features::kServiceWorkerStaticRouter)},
+ };
+ for (const auto& mapping : blinkFeatureToBaseFeatureMapping) {
+ SetRuntimeFeatureFromChromiumFeature(
+ *mapping.chromium_feature, mapping.option, mapping.feature_enabler);
+ }
+
+ // TODO(crbug/832393): Cleanup the inconsistency between custom WRF enabler
+ // function and using feature string name with EnableFeatureFromString.
+ const RuntimeFeatureToChromiumFeatureMap
+ runtimeFeatureNameToChromiumFeatureMapping[] = {
+ {"AllowContentInitiatedDataUrlNavigations",
+ raw_ref(features::kAllowContentInitiatedDataUrlNavigations)},
+ {"AllowURNsInIframes", raw_ref(blink::features::kAllowURNsInIframes)},
+ {"AllowURNsInIframes",
+ raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {"AllowURNsInIframes",
+ raw_ref(features::kPrivacySandboxAdsAPIsM1Override),
+ kSetOnlyIfOverridden},
+ {"AttributionReporting",
+ raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {"AttributionReporting",
+ raw_ref(features::kPrivacySandboxAdsAPIsM1Override),
+ kSetOnlyIfOverridden},
+ {"AttributionReportingCrossAppWeb",
+ raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {"AttributionReportingCrossAppWeb",
+ raw_ref(features::kAttributionReportingCrossAppWebOverride)},
+ {"AndroidDownloadableFontsMatching",
+ raw_ref(features::kAndroidDownloadableFontsMatching)},
+#if BUILDFLAG(IS_ANDROID)
+ {"CCTNewRFMPushBehavior",
+ raw_ref(blink::features::kCCTNewRFMPushBehavior)},
+#endif
+ {"CompressionDictionaryTransport",
+ raw_ref(network::features::kCompressionDictionaryTransport)},
+ {"CompressionDictionaryTransportBackend",
+ raw_ref(network::features::kCompressionDictionaryTransportBackend)},
+ {"CookieDeprecationFacilitatedTesting",
+ raw_ref(features::kCookieDeprecationFacilitatedTesting)},
+ {"Database", raw_ref(blink::features::kWebSQLAccess),
+ kSetOnlyIfOverridden},
+ {"FencedFramesLocalUnpartitionedDataAccess",
+ raw_ref(blink::features::kFencedFramesLocalUnpartitionedDataAccess)},
+ {"Fledge", raw_ref(blink::features::kFledge), kSetOnlyIfOverridden},
+ {"Fledge", raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {"Fledge", raw_ref(features::kPrivacySandboxAdsAPIsM1Override),
+ kSetOnlyIfOverridden},
+#if BUILDFLAG(USE_FONTATIONS_BACKEND)
+ {"FontationsFontBackend",
+ raw_ref(blink::features::kFontationsFontBackend)},
+#endif
+ {"FontSrcLocalMatching", raw_ref(features::kFontSrcLocalMatching)},
+ {"LegacyWindowsDWriteFontFallback",
+ raw_ref(features::kLegacyWindowsDWriteFontFallback)},
+ {"OriginIsolationHeader", raw_ref(features::kOriginIsolationHeader)},
+ {"PartitionedCookies", raw_ref(net::features::kPartitionedCookies)},
+ {"ReduceAcceptLanguage",
+ raw_ref(network::features::kReduceAcceptLanguage)},
+ {"TopicsAPI", raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {"TopicsAPI", raw_ref(features::kPrivacySandboxAdsAPIsM1Override),
+ kSetOnlyIfOverridden},
+ {"TopicsDocumentAPI",
+ raw_ref(features::kPrivacySandboxAdsAPIsOverride),
+ kSetOnlyIfOverridden},
+ {"TopicsDocumentAPI",
+ raw_ref(features::kPrivacySandboxAdsAPIsM1Override),
+ kSetOnlyIfOverridden},
+ {"TouchTextEditingRedesign",
+ raw_ref(features::kTouchTextEditingRedesign)},
+ {"TrustedTypesFromLiteral",
+ raw_ref(features::kTrustedTypesFromLiteral)},
+ {"WebSerialBluetooth",
+ raw_ref(features::kEnableBluetoothSerialPortProfileInSerialApi)},
+ {"MediaStreamTrackTransfer",
+ raw_ref(features::kMediaStreamTrackTransfer)},
+ {"PrivateNetworkAccessPermissionPrompt",
+ raw_ref(network::features::kPrivateNetworkAccessPermissionPrompt),
+ kSetOnlyIfOverridden},
+ {"PermissionElement", raw_ref(features::kPermissionElement)}};
+ for (const auto& mapping : runtimeFeatureNameToChromiumFeatureMapping) {
+ SetRuntimeFeatureFromChromiumFeature(
+ *mapping.chromium_feature, mapping.option, [&mapping](bool enabled) {
+ wf::EnableFeatureFromString(mapping.feature_enabler, enabled);
+ });
+ }
+
+ WebRuntimeFeatures::UpdateStatusFromBaseFeatures();
+}
+
+// Helper class that describes the desired enable/disable action
+// for a runtime feature when a command line switch exists.
+struct SwitchToFeatureMap {
+ // The enabler function defined in web_runtime_features.cc.
+ void (*feature_enabler)(bool);
+ // The switch to check for on command line.
+ const char* switch_name;
+ // This is the desired state for the runtime feature if the
+ // switch exists on command line.
+ bool target_enabled_state;
+};
+
+// Sets blink runtime features controlled by command line switches.
+void SetRuntimeFeaturesFromCommandLine(const base::CommandLine& command_line) {
+ // To add a new switch-controlled runtime feature, add a new
+ // SwitchToFeatureMap entry to the initializer list below.
+ // Note: command line switches are now discouraged, please consider
+ // using base::Feature instead.
+ // https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/configuration.md#switches
+ using wrf = WebRuntimeFeatures;
+ const SwitchToFeatureMap switchToFeatureMapping[] = {
+ // Stable Features
+ {wrf::EnablePermissions, switches::kDisablePermissionsAPI, false},
+ {wrf::EnablePresentation, switches::kDisablePresentationAPI, false},
+ {wrf::EnableRemotePlayback, switches::kDisableRemotePlaybackAPI, false},
+ {wrf::EnableTimerThrottlingForBackgroundTabs,
+ switches::kDisableBackgroundTimerThrottling, false},
+ // End of Stable Features
+ {wrf::EnableAutomationControlled, switches::kEnableAutomation, true},
+ {wrf::EnableAutomationControlled, switches::kHeadless, true},
+ {wrf::EnableAutomationControlled, switches::kRemoteDebuggingPipe, true},
+ {wrf::EnableDatabase, switches::kDisableDatabases, false},
+ {wrf::EnableFileSystem, switches::kDisableFileSystem, false},
+ {wrf::EnableNetInfoDownlinkMax,
+ switches::kEnableNetworkInformationDownlinkMax, true},
+ {wrf::EnableNotifications, switches::kDisableNotifications, false},
+ {wrf::EnablePreciseMemoryInfo, switches::kEnablePreciseMemoryInfo, true},
+ // Chrome's Push Messaging implementation relies on Web Notifications.
+ {wrf::EnablePushMessaging, switches::kDisableNotifications, false},
+ {wrf::EnableScriptedSpeechRecognition, switches::kDisableSpeechAPI,
+ false},
+ {wrf::EnableScriptedSpeechSynthesis, switches::kDisableSpeechAPI, false},
+ {wrf::EnableScriptedSpeechSynthesis, switches::kDisableSpeechSynthesisAPI,
+ false},
+ {wrf::EnableSharedWorker, switches::kDisableSharedWorkers, false},
+ {wrf::EnableTextFragmentIdentifiers,
+ switches::kDisableScrollToTextFragment, false},
+ {wrf::EnableWebAuthenticationRemoteDesktopSupport,
+ switches::kWebAuthRemoteDesktopSupport, true},
+ {wrf::EnableWebGLDeveloperExtensions,
+ switches::kEnableWebGLDeveloperExtensions, true},
+ {wrf::EnableWebGLDraftExtensions, switches::kEnableWebGLDraftExtensions,
+ true},
+ {wrf::EnableWebGPUDeveloperFeatures,
+ switches::kEnableWebGPUDeveloperFeatures, true},
+ {wrf::EnableDirectSockets, switches::kEnableIsolatedWebAppsInRenderer,
+ true},
+ };
+
+ for (const auto& mapping : switchToFeatureMapping) {
+ if (command_line.HasSwitch(mapping.switch_name)) {
+ mapping.feature_enabler(mapping.target_enabled_state);
+ }
+ }
+
+ // Set EnableAutomationControlled if the caller passes
+ // --remote-debugging-port=0 on the command line. This means
+ // the caller has requested an ephemeral port which is how ChromeDriver
+ // launches the browser by default.
+ // If the caller provides a specific port number, this is
+ // more likely for attaching a debugger, so we should leave
+ // EnableAutomationControlled unset to ensure the browser behaves as it does
+ // when not under automation control.
+ if (command_line.HasSwitch(switches::kRemoteDebuggingPort)) {
+ std::string port_str =
+ command_line.GetSwitchValueASCII(::switches::kRemoteDebuggingPort);
+ int port;
+ if (base::StringToInt(port_str, &port) && port == 0) {
+ WebRuntimeFeatures::EnableAutomationControlled(true);
+ }
+ }
+
+ // Enable or disable BeforeunloadEventCancelByPreventDefault for Enterprise
+ // Policy. This overrides any existing settings via base::Feature.
+ if (command_line.HasSwitch(
+ blink::switches::kBeforeunloadEventCancelByPreventDefaultPolicy)) {
+ const std::string value = command_line.GetSwitchValueASCII(
+ blink::switches::kBeforeunloadEventCancelByPreventDefaultPolicy);
+ if (value ==
+ blink::switches::
+ kBeforeunloadEventCancelByPreventDefaultPolicy_ForceEnable) {
+ WebRuntimeFeatures::EnableBeforeunloadEventCancelByPreventDefault(true);
+ }
+ if (value ==
+ blink::switches::
+ kBeforeunloadEventCancelByPreventDefaultPolicy_ForceDisable) {
+ WebRuntimeFeatures::EnableBeforeunloadEventCancelByPreventDefault(false);
+ }
+ }
+}
+
+// Sets blink runtime features that depend on a combination
+// of args rather than a single check of base::Feature or switch.
+// This can be a combination of both or custom checking logic
+// not covered by other functions. In short, this should be used
+// as a last resort.
+void SetCustomizedRuntimeFeaturesFromCombinedArgs(
+ const base::CommandLine& command_line) {
+ // CAUTION: Only add custom enabling logic here if it cannot
+ // be covered by the other functions.
+
+ // These checks are custom wrappers around base::FeatureList::IsEnabled
+ // They're moved here to distinguish them from actual base checks
+ WebRuntimeFeatures::EnableOverlayScrollbars(ui::IsOverlayScrollbarEnabled());
+ WebRuntimeFeatures::EnableFluentScrollbars(ui::IsFluentScrollbarEnabled());
+ WebRuntimeFeatures::EnableFluentOverlayScrollbars(
+ ui::IsFluentOverlayScrollbarEnabled());
+
+ // TODO(rodneyding): This is a rare case for a stable feature
+ // Need to investigate more to determine whether to refactor it.
+ if (command_line.HasSwitch(switches::kDisableV8IdleTasks)) {
+ WebRuntimeFeatures::EnableV8IdleTasks(false);
+ } else {
+ WebRuntimeFeatures::EnableV8IdleTasks(true);
+ }
+
+ WebRuntimeFeatures::EnableBackForwardCache(
+ content::IsBackForwardCacheEnabled());
+
+ if (base::FeatureList::IsEnabled(network::features::kPrivateStateTokens)) {
+ WebRuntimeFeatures::EnablePrivateStateTokens(true);
+ WebRuntimeFeatures::EnablePrivateStateTokensAlwaysAllowIssuance(true);
+ } else if (base::FeatureList::IsEnabled(network::features::kFledgePst)) {
+ // See https://bit.ly/configuring-trust-tokens.
+ using network::features::TrustTokenOriginTrialSpec;
+ switch (
+ network::features::kTrustTokenOperationsRequiringOriginTrial.Get()) {
+ case TrustTokenOriginTrialSpec::kOriginTrialNotRequired:
+ // Setting PrivateStateTokens=true enables the Trust Tokens interface;
+ // PrivateStateTokensAlwaysAllowIssuance disables a runtime check
+ // during issuance that the origin trial is active (see
+ // blink/.../trust_token_issuance_authorization.h).
+ WebRuntimeFeatures::EnablePrivateStateTokens(true);
+ WebRuntimeFeatures::EnablePrivateStateTokensAlwaysAllowIssuance(true);
+ break;
+ case TrustTokenOriginTrialSpec::kAllOperationsRequireOriginTrial:
+ // The origin trial itself will be responsible for enabling the
+ // PrivateStateTokens RuntimeEnabledFeature.
+ WebRuntimeFeatures::EnablePrivateStateTokens(false);
+ WebRuntimeFeatures::EnablePrivateStateTokensAlwaysAllowIssuance(false);
+ break;
+ case TrustTokenOriginTrialSpec::kOnlyIssuanceRequiresOriginTrial:
+ // At issuance, a runtime check will be responsible for checking that
+ // the origin trial is present.
+ WebRuntimeFeatures::EnablePrivateStateTokens(true);
+ WebRuntimeFeatures::EnablePrivateStateTokensAlwaysAllowIssuance(false);
+ break;
+ }
+ }
+
+ if (base::FeatureList::IsEnabled(blink::features::kPendingBeaconAPI)) {
+ // The Chromium flag `kPendingBeaconAPI` is true, which enables the
+ // parts of the API's implementation in Chromium.
+ if (blink::features::kPendingBeaconAPIRequiresOriginTrial.Get()) {
+ // `kPendingBeaconAPIRequiresOriginTrial`=true specifies that
+ // execution context needs to have an origin trial token in order to use
+ // the PendingBeacon web API.
+ // So disable the RuntimeEnabledFeature flag PendingBeaconAPI here and let
+ // the existence of OT token to decide whether the web API is enabled.
+ WebRuntimeFeatures::EnablePendingBeaconAPI(false);
+ } else {
+ WebRuntimeFeatures::EnablePendingBeaconAPI(true);
+ }
+ }
+}
+
+// Ensures that the various ways of enabling/disabling features do not produce
+// an invalid configuration.
+void ResolveInvalidConfigurations() {
+ // Fenced frames cannot be enabled without the support of the
+ // browser process.
+ if ((base::FeatureList::IsEnabled(features::kPrivacySandboxAdsAPIsOverride) ||
+ base::FeatureList::IsEnabled(
+ features::kPrivacySandboxAdsAPIsM1Override)) &&
+ !base::FeatureList::IsEnabled(blink::features::kFencedFrames)) {
+ LOG_IF(WARNING, WebRuntimeFeatures::IsFencedFramesEnabled())
+ << "Fenced frames cannot be enabled in this configuration. Use --"
+ << switches::kEnableFeatures << "="
+ << blink::features::kFencedFrames.name << " instead.";
+ WebRuntimeFeatures::EnableFencedFrames(false);
+ }
+
+ if (!base::FeatureList::IsEnabled(blink::features::kFencedFrames) &&
+ base::FeatureList::IsEnabled(
+ blink::features::kFencedFramesLocalUnpartitionedDataAccess)) {
+ LOG_IF(
+ WARNING,
+ WebRuntimeFeatures::IsFencedFramesLocalUnpartitionedDataAccessEnabled())
+ << "Fenced frames must be enabled in order to enable local "
+ "unpartitioned "
+ << "data access. Use --" << switches::kEnableFeatures << "="
+ << blink::features::kFencedFrames.name << " in addition.";
+ WebRuntimeFeatures::EnableFeatureFromString(
+ "FencedFramesLocalUnpartitionedDataAccess", false);
+ }
+
+ // Topics API cannot be enabled without the support of the browser process.
+ // The Document API should be additionally gated by the
+ // `kBrowsingTopicsDocumentAPI` feature.
+ if (!base::FeatureList::IsEnabled(blink::features::kBrowsingTopics)) {
+ LOG_IF(WARNING, WebRuntimeFeatures::IsTopicsAPIEnabled())
+ << "Topics cannot be enabled in this configuration. Use --"
+ << switches::kEnableFeatures << "="
+ << blink::features::kBrowsingTopics.name << " in addition.";
+ WebRuntimeFeatures::EnableTopicsAPI(false);
+ WebRuntimeFeatures::EnableTopicsDocumentAPI(false);
+ } else {
+ if (!base::FeatureList::IsEnabled(
+ blink::features::kBrowsingTopicsDocumentAPI)) {
+ LOG_IF(WARNING, WebRuntimeFeatures::IsTopicsDocumentAPIEnabled())
+ << "Topics Document API cannot be enabled in this configuration. Use "
+ "--"
+ << switches::kEnableFeatures << "="
+ << blink::features::kBrowsingTopicsDocumentAPI.name
+ << " in addition.";
+ WebRuntimeFeatures::EnableTopicsDocumentAPI(false);
+ }
+ }
+
+ if (!base::FeatureList::IsEnabled(blink::features::kSharedStorageAPI)) {
+ LOG_IF(WARNING, WebRuntimeFeatures::IsSharedStorageAPIEnabled())
+ << "SharedStorage cannot be enabled in this "
+ "configuration. Use --"
+ << switches::kEnableFeatures << "="
+ << blink::features::kSharedStorageAPI.name << " in addition.";
+ WebRuntimeFeatures::EnableSharedStorageAPI(false);
+ }
+
+ if (!base::FeatureList::IsEnabled(blink::features::kSharedStorageAPIM118) ||
+ !base::FeatureList::IsEnabled(blink::features::kSharedStorageAPI)) {
+ LOG_IF(WARNING, WebRuntimeFeatures::IsSharedStorageAPIM118Enabled())
+ << "SharedStorage for M118+ cannot be enabled in this "
+ "configuration. Use --"
+ << switches::kEnableFeatures << "="
+ << blink::features::kSharedStorageAPI.name << ","
+ << blink::features::kSharedStorageAPIM118.name << " in addition.";
+ WebRuntimeFeatures::EnableSharedStorageAPIM118(false);
+ }
+
+ if (!base::FeatureList::IsEnabled(
+ attribution_reporting::features::kConversionMeasurement)) {
+ LOG_IF(WARNING, WebRuntimeFeatures::IsAttributionReportingEnabled())
+ << "AttributionReporting cannot be enabled in this "
+ "configuration. Use --"
+ << switches::kEnableFeatures << "="
+ << attribution_reporting::features::kConversionMeasurement.name
+ << " in addition.";
+ WebRuntimeFeatures::EnableAttributionReporting(false);
+ }
+
+ if (!base::FeatureList::IsEnabled(
+ attribution_reporting::features::kConversionMeasurement) ||
+ !base::FeatureList::IsEnabled(
+ network::features::kAttributionReportingCrossAppWeb)) {
+ LOG_IF(WARNING,
+ WebRuntimeFeatures::IsAttributionReportingCrossAppWebEnabled())
+ << "AttributionReportingCrossAppWeb cannot be enabled in this "
+ "configuration. Use --"
+ << switches::kEnableFeatures << "="
+ << attribution_reporting::features::kConversionMeasurement.name << ","
+ << network::features::kAttributionReportingCrossAppWeb.name
+ << " in addition.";
+ WebRuntimeFeatures::EnableAttributionReportingCrossAppWeb(false);
+ }
+
+ if (!base::FeatureList::IsEnabled(blink::features::kInterestGroupStorage)) {
+ LOG_IF(WARNING, WebRuntimeFeatures::IsAdInterestGroupAPIEnabled())
+ << "AdInterestGroupAPI cannot be enabled in this "
+ "configuration. Use --"
+ << switches::kEnableFeatures << "="
+ << blink::features::kInterestGroupStorage.name << " in addition.";
+ WebRuntimeFeatures::EnableAdInterestGroupAPI(false);
+ WebRuntimeFeatures::EnableFledge(false);
+ }
+}
+
+} // namespace
+
+namespace content {
+
+void SetRuntimeFeaturesDefaultsAndUpdateFromArgs(
+ const base::CommandLine& command_line) {
+ // Sets experimental features.
+ bool enable_experimental_web_platform_features =
+ command_line.HasSwitch(switches::kEnableExperimentalWebPlatformFeatures);
+ bool enable_blink_test_features =
+ command_line.HasSwitch(switches::kEnableBlinkTestFeatures);
+
+ if (enable_blink_test_features) {
+ enable_experimental_web_platform_features = true;
+ WebRuntimeFeatures::EnableTestOnlyFeatures(true);
+ }
+
+ if (enable_experimental_web_platform_features) {
+ WebRuntimeFeatures::EnableExperimentalFeatures(true);
+ }
+
+ SetRuntimeFeatureDefaultsForPlatform(command_line);
+
+ // Sets origin trial features.
+ if (command_line.HasSwitch(
+ switches::kDisableOriginTrialControlledBlinkFeatures)) {
+ WebRuntimeFeatures::EnableOriginTrialControlledFeatures(false);
+ }
+
+ // TODO(rodneyding): add doc explaining ways to add new runtime features
+ // controls in the following functions.
+
+ SetRuntimeFeaturesFromChromiumFeatures();
+
+ SetRuntimeFeaturesFromCommandLine(command_line);
+
+ SetCustomizedRuntimeFeaturesFromCombinedArgs(command_line);
+
+ // Enable explicitly enabled features, and then disable explicitly disabled
+ // ones.
+ for (const std::string& feature :
+ FeaturesFromSwitch(command_line, switches::kEnableBlinkFeatures)) {
+ WebRuntimeFeatures::EnableFeatureFromString(feature, true);
+ }
+ for (const std::string& feature :
+ FeaturesFromSwitch(command_line, switches::kDisableBlinkFeatures)) {
+ WebRuntimeFeatures::EnableFeatureFromString(feature, false);
+ }
+
+ ResolveInvalidConfigurations();
+}
+
+} // namespace content
diff --git a/tools/under-control/src/content/public/browser/content_browser_client.cc b/tools/under-control/src/content/public/browser/content_browser_client.cc
new file mode 100755
index 000000000..d004abc6f
--- /dev/null
+++ b/tools/under-control/src/content/public/browser/content_browser_client.cc
@@ -0,0 +1,1671 @@
+// Copyright 2012 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/public/browser/content_browser_client.h"
+
+#include
+#include
+
+#include "base/check.h"
+#include "base/feature_list.h"
+#include "base/files/file_path.h"
+#include "base/functional/callback_helpers.h"
+#include "base/no_destructor.h"
+#include "base/notreached.h"
+#include "base/strings/string_piece.h"
+#include "base/task/sequenced_task_runner.h"
+#include "base/task/thread_pool/thread_pool_instance.h"
+#include "base/values.h"
+#include "build/build_config.h"
+#include "build/buildflag.h"
+#include "build/chromeos_buildflags.h"
+#include "content/browser/webid/digital_credentials/digital_credential_provider.h"
+#include "content/public/browser/anchor_element_preconnect_delegate.h"
+#include "content/public/browser/authenticator_request_client_delegate.h"
+#include "content/public/browser/browser_accessibility_state.h"
+#include "content/public/browser/browser_context.h"
+#include "content/public/browser/browser_main_parts.h"
+#include "content/public/browser/client_certificate_delegate.h"
+#include "content/public/browser/devtools_manager_delegate.h"
+#include "content/public/browser/identity_request_dialog_controller.h"
+#include "content/public/browser/legacy_tech_cookie_issue_details.h"
+#include "content/public/browser/login_delegate.h"
+#include "content/public/browser/navigation_throttle.h"
+#include "content/public/browser/navigation_ui_data.h"
+#include "content/public/browser/network_service_instance.h"
+#include "content/public/browser/overlay_window.h"
+#include "content/public/browser/page_navigator.h"
+#include "content/public/browser/prefetch_service_delegate.h"
+#include "content/public/browser/prerender_web_contents_delegate.h"
+#include "content/public/browser/private_network_device_delegate.h"
+#include "content/public/browser/render_frame_host.h"
+#include "content/public/browser/responsiveness_calculator_delegate.h"
+#include "content/public/browser/sms_fetcher.h"
+#include "content/public/browser/speculation_host_delegate.h"
+#include "content/public/browser/url_loader_request_interceptor.h"
+#include "content/public/browser/vpn_service_proxy.h"
+#include "content/public/browser/web_contents.h"
+#include "content/public/browser/web_contents_view_delegate.h"
+#include "content/public/common/alternative_error_page_override_info.mojom.h"
+#include "content/public/common/content_features.h"
+#include "content/public/common/url_utils.h"
+#include "media/audio/audio_manager.h"
+#include "media/capture/content/screen_enumerator.h"
+#include "media/mojo/mojom/media_service.mojom.h"
+#include "mojo/public/cpp/bindings/message.h"
+#include "net/cookies/site_for_cookies.h"
+#include "net/ssl/client_cert_identity.h"
+#include "net/ssl/client_cert_store.h"
+#include "sandbox/policy/features.h"
+#include "sandbox/policy/mojom/sandbox.mojom.h"
+#include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom.h"
+#include "services/device/public/cpp/geolocation/geolocation_manager.h"
+#include "services/device/public/cpp/geolocation/location_provider.h"
+#include "services/metrics/public/cpp/ukm_source_id.h"
+#include "services/network/public/cpp/features.h"
+#include "services/network/public/cpp/resource_request.h"
+#include "services/network/public/cpp/shared_url_loader_factory.h"
+#include "services/network/public/mojom/network_context.mojom.h"
+#include "services/network/public/mojom/network_service.mojom.h"
+#include "services/network/public/mojom/web_transport.mojom.h"
+#include "storage/browser/quota/quota_manager.h"
+#include "third_party/blink/public/common/features.h"
+#include "third_party/blink/public/common/loader/url_loader_throttle.h"
+#include "third_party/blink/public/common/renderer_preferences/renderer_preferences.h"
+#include "third_party/blink/public/common/user_agent/user_agent_metadata.h"
+#include "third_party/blink/public/mojom/browsing_topics/browsing_topics.mojom.h"
+#include "third_party/blink/public/mojom/file_system_access/file_system_access_cloud_identifier.mojom.h"
+#include "third_party/blink/public/mojom/file_system_access/file_system_access_error.mojom.h"
+#include "third_party/blink/public/mojom/origin_trials/origin_trials_settings.mojom.h"
+#include "third_party/blink/public/mojom/payments/payment_credential.mojom.h"
+#include "ui/gfx/image/image_skia.h"
+#include "ui/shell_dialogs/select_file_policy.h"
+#include "url/gurl.h"
+#include "url/origin.h"
+
+#if BUILDFLAG(IS_ANDROID)
+#include "content/public/browser/tts_environment_android.h"
+#endif
+
+namespace content {
+
+std::unique_ptr ContentBrowserClient::CreateBrowserMainParts(
+ bool /* is_integration_test */) {
+ return nullptr;
+}
+
+void ContentBrowserClient::PostAfterStartupTask(
+ const base::Location& from_here,
+ const scoped_refptr& task_runner,
+ base::OnceClosure task) {
+ task_runner->PostTask(from_here, std::move(task));
+}
+
+bool ContentBrowserClient::IsBrowserStartupComplete() {
+ return true;
+}
+
+void ContentBrowserClient::SetBrowserStartupIsCompleteForTesting() {}
+
+std::unique_ptr
+ContentBrowserClient::GetWebContentsViewDelegate(WebContents* web_contents) {
+ return nullptr;
+}
+
+bool ContentBrowserClient::IsShuttingDown() {
+ return false;
+}
+
+bool ContentBrowserClient::AllowGpuLaunchRetryOnIOThread() {
+ return true;
+}
+
+bool ContentBrowserClient::CanShutdownGpuProcessNowOnIOThread() {
+ return false;
+}
+
+GURL ContentBrowserClient::GetEffectiveURL(BrowserContext* browser_context,
+ const GURL& url) {
+ DCHECK(browser_context);
+ return url;
+}
+
+bool ContentBrowserClient::ShouldCompareEffectiveURLsForSiteInstanceSelection(
+ BrowserContext* browser_context,
+ content::SiteInstance* candidate_site_instance,
+ bool is_outermost_main_frame,
+ const GURL& candidate_url,
+ const GURL& destination_url) {
+ DCHECK(browser_context);
+ return true;
+}
+
+bool ContentBrowserClient::IsExplicitNavigation(ui::PageTransition transition) {
+ return transition & ui::PAGE_TRANSITION_FROM_ADDRESS_BAR;
+}
+
+bool ContentBrowserClient::ShouldUseProcessPerSite(
+ BrowserContext* browser_context,
+ const GURL& site_url) {
+ DCHECK(browser_context);
+ return false;
+}
+
+bool ContentBrowserClient::ShouldUseSpareRenderProcessHost(
+ BrowserContext* browser_context,
+ const GURL& site_url) {
+ return true;
+}
+
+bool ContentBrowserClient::DoesSiteRequireDedicatedProcess(
+ BrowserContext* browser_context,
+ const GURL& effective_site_url) {
+ DCHECK(browser_context);
+ return false;
+}
+
+bool ContentBrowserClient::ShouldAllowCrossProcessSandboxedFrameForPrecursor(
+ BrowserContext* browser_context,
+ const GURL& precursor) {
+ DCHECK(browser_context);
+ return true;
+}
+
+bool ContentBrowserClient::ShouldLockProcessToSite(
+ BrowserContext* browser_context,
+ const GURL& effective_url) {
+ DCHECK(browser_context);
+ return true;
+}
+
+bool ContentBrowserClient::DoesWebUIUrlRequireProcessLock(const GURL& url) {
+ return true;
+}
+
+bool ContentBrowserClient::ShouldTreatURLSchemeAsFirstPartyWhenTopLevel(
+ base::StringPiece scheme,
+ bool is_embedded_origin_secure) {
+ return false;
+}
+
+bool ContentBrowserClient::ShouldIgnoreSameSiteCookieRestrictionsWhenTopLevel(
+ base::StringPiece scheme,
+ bool is_embedded_origin_secure) {
+ return false;
+}
+
+std::string ContentBrowserClient::GetSiteDisplayNameForCdmProcess(
+ BrowserContext* browser_context,
+ const GURL& site_url) {
+ return site_url.spec();
+}
+
+void ContentBrowserClient::OverrideURLLoaderFactoryParams(
+ BrowserContext* browser_context,
+ const url::Origin& origin,
+ bool is_for_isolated_world,
+ network::mojom::URLLoaderFactoryParams* factory_params) {}
+
+void ContentBrowserClient::GetAdditionalViewSourceSchemes(
+ std::vector* additional_schemes) {
+ GetAdditionalWebUISchemes(additional_schemes);
+}
+
+network::mojom::IPAddressSpace
+ContentBrowserClient::DetermineAddressSpaceFromURL(const GURL& url) {
+ return network::mojom::IPAddressSpace::kUnknown;
+}
+
+bool ContentBrowserClient::LogWebUIUrl(const GURL& web_ui_url) {
+ return false;
+}
+
+bool ContentBrowserClient::IsWebUIAllowedToMakeNetworkRequests(
+ const url::Origin& origin) {
+ return false;
+}
+
+bool ContentBrowserClient::IsHandledURL(const GURL& url) {
+ return false;
+}
+
+bool ContentBrowserClient::HasCustomSchemeHandler(
+ content::BrowserContext* browser_context,
+ const std::string& scheme) {
+ return false;
+}
+
+bool ContentBrowserClient::CanCommitURL(RenderProcessHost* process_host,
+ const GURL& site_url) {
+ return true;
+}
+
+bool ContentBrowserClient::ShouldStayInParentProcessForNTP(
+ const GURL& url,
+ const GURL& parent_site_url) {
+ return false;
+}
+
+bool ContentBrowserClient::IsSuitableHost(RenderProcessHost* process_host,
+ const GURL& site_url) {
+ return true;
+}
+
+bool ContentBrowserClient::MayReuseHost(RenderProcessHost* process_host) {
+ return true;
+}
+
+size_t ContentBrowserClient::GetProcessCountToIgnoreForLimit() {
+ return 0;
+}
+
+std::optional
+ContentBrowserClient::GetPermissionsPolicyForIsolatedWebApp(
+ content::BrowserContext* browser_context,
+ const url::Origin& app_origin) {
+ return blink::ParsedPermissionsPolicy();
+}
+
+bool ContentBrowserClient::ShouldTryToUseExistingProcessHost(
+ BrowserContext* browser_context,
+ const GURL& url) {
+ DCHECK(browser_context);
+ return false;
+}
+
+bool ContentBrowserClient::ShouldEmbeddedFramesTryToReuseExistingProcess(
+ RenderFrameHost* outermost_main_frame) {
+ return true;
+}
+
+bool ContentBrowserClient::ShouldAllowNoLongerUsedProcessToExit() {
+ return true;
+}
+
+bool ContentBrowserClient::ShouldSwapBrowsingInstancesForNavigation(
+ SiteInstance* site_instance,
+ const GURL& current_effective_url,
+ const GURL& destination_effective_url) {
+ return false;
+}
+
+bool ContentBrowserClient::ShouldIsolateErrorPage(bool in_main_frame) {
+ return in_main_frame;
+}
+
+std::unique_ptr ContentBrowserClient::CreateAudioManager(
+ media::AudioLogFactory* audio_log_factory) {
+ return nullptr;
+}
+
+std::unique_ptr
+ContentBrowserClient::CreateScreenEnumerator() const {
+ return nullptr;
+}
+
+bool ContentBrowserClient::OverridesAudioManager() {
+ return false;
+}
+
+bool ContentBrowserClient::EnforceSystemAudioEchoCancellation() {
+ return false;
+}
+
+std::vector