BASELINE: Update Chromium to 85.0.4183.14085-based

Change-Id: Iaa42f4680837c57725b1344f108c0196741f6057 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
author: Allan Sandfeld Jensen <allan.jensen@qt.io> 2020-10-12 14:27:29 +0200
committer: Allan Sandfeld Jensen <allan.jensen@qt.io> 2020-10-13 09:35:20 +0000
commit: c30a6232df03e1efbd9f3b226777b07e087a1122 (patch)
tree: e992f45784689f373bcc38d1b79a239ebe17ee23 /chromium/net/base
parent: 7b5b123ac58f58ffde0f4f6e488bcd09aa4decd3 (diff)
download: qtwebengine-chromium-85-based.tar.gz
35 files changed, 368 insertions, 90 deletions
diff --git a/chromium/net/base/address_tracker_linux.cc b/chromium/net/base/address_tracker_linux.cc
index ffb6e6ef211..b9e76f900ef 100644
--- a/chromium/net/base/address_tracker_linux.cc
+++ b/chromium/net/base/address_tracker_linux.cc
@@ -17,8 +17,13 @@
 #include "base/optional.h"
 #include "base/posix/eintr_wrapper.h"
 #include "base/threading/scoped_blocking_call.h"
+#include "build/build_config.h"
 #include "net/base/network_interfaces_linux.h"
 
+#if defined(OS_ANDROID)
+#include "base/android/build_info.h"
+#endif
+
 namespace net {
 namespace internal {
 
@@ -177,6 +182,14 @@ AddressTrackerLinux::AddressTrackerLinux(
 AddressTrackerLinux::~AddressTrackerLinux() = default;
 
 void AddressTrackerLinux::Init() {
+#if defined(OS_ANDROID)
+  // RTM_GETLINK stopped working in Android 11 (see
+  // https://developer.android.com/preview/privacy/mac-address),
+  // so AddressTrackerLinux should not be used in later versions
+  // of Android.  Chromium code doesn't need it past Android P.
+  DCHECK_LT(base::android::BuildInfo::GetInstance()->sdk_int(),
+            base::android::SDK_VERSION_P);
+#endif
   netlink_fd_.reset(socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE));
   if (!netlink_fd_.is_valid()) {
     PLOG(ERROR) << "Could not create NETLINK socket";
diff --git a/chromium/net/base/address_tracker_linux_unittest.cc b/chromium/net/base/address_tracker_linux_unittest.cc
index 0ad83bf0363..eff90ed009e 100644
--- a/chromium/net/base/address_tracker_linux_unittest.cc
+++ b/chromium/net/base/address_tracker_linux_unittest.cc
@@ -16,9 +16,14 @@
 #include "base/test/spin_wait.h"
 #include "base/test/task_environment.h"
 #include "base/threading/simple_thread.h"
+#include "build/build_config.h"
 #include "net/base/ip_address.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
+#if defined(OS_ANDROID)
+#include "base/android/build_info.h"
+#endif
+
 #ifndef IFA_F_HOMEADDRESS
 #define IFA_F_HOMEADDRESS 0x10
 #endif
@@ -685,6 +690,12 @@ TEST_F(AddressTrackerLinuxTest, NonTrackingMode) {
 }
 
 TEST_F(AddressTrackerLinuxTest, NonTrackingModeInit) {
+#if defined(OS_ANDROID)
+  // Calling Init() on Android P+ isn't supported.
+  if (base::android::BuildInfo::GetInstance()->sdk_int() >=
+      base::android::SDK_VERSION_P)
+    return;
+#endif
   AddressTrackerLinux tracker;
   tracker.Init();
 }
@@ -721,6 +732,12 @@ class GetCurrentConnectionTypeRunner
 };
 
 TEST_F(AddressTrackerLinuxTest, BroadcastInit) {
+#if defined(OS_ANDROID)
+  // Calling Init() on Android P+ isn't supported.
+  if (base::android::BuildInfo::GetInstance()->sdk_int() >=
+      base::android::SDK_VERSION_P)
+    return;
+#endif
   base::test::TaskEnvironment task_environment(
       base::test::TaskEnvironment::MainThreadType::IO);
   InitializeAddressTracker(true);
diff --git a/chromium/net/base/backoff_entry_serializer_fuzzer.cc b/chromium/net/base/backoff_entry_serializer_fuzzer.cc
index d66eacbd443..2ec426af293 100644
--- a/chromium/net/base/backoff_entry_serializer_fuzzer.cc
+++ b/chromium/net/base/backoff_entry_serializer_fuzzer.cc
@@ -8,8 +8,10 @@
 #include <memory>
 
 #include "base/json/json_reader.h"
+#include "base/logging.h"
 #include "base/optional.h"
 #include "base/strings/string_piece_forward.h"
+#include "base/time/tick_clock.h"
 #include "base/time/time.h"
 #include "net/base/backoff_entry.h"
 #include "net/base/backoff_entry_serializer.h"
@@ -32,11 +34,18 @@ class ProtoTranslator {
   BackoffEntry::Policy policy() const {
     return PolicyFromProto(input_.policy());
   }
-  base::Time parse_time() const { return TimeFromProto(input_.parse_time()); }
+  base::Time parse_time() const {
+    return base::Time() +
+           base::TimeDelta::FromMicroseconds(input_.parse_time());
+  }
   base::Time serialize_time() const {
-    return TimeFromProto(input_.serialize_time());
+    return base::Time() +
+           base::TimeDelta::FromMicroseconds(input_.serialize_time());
+  }
+  base::TimeTicks now_ticks() const {
+    return base::TimeTicks() +
+           base::TimeDelta::FromMicroseconds(input_.now_ticks());
   }
-
   base::Optional<base::Value> serialized_entry() const {
     json_proto::JsonProtoConverter converter;
     std::string json_array = converter.Convert(input_.serialized_entry());
@@ -49,24 +58,33 @@ class ProtoTranslator {
 
   static BackoffEntry::Policy PolicyFromProto(
       const fuzz_proto::BackoffEntryPolicy& policy) {
-    return BackoffEntry::Policy{
-        .num_errors_to_ignore = policy.num_errors_to_ignore(),
-        .initial_delay_ms = policy.initial_delay_ms(),
-        .multiply_factor = policy.multiply_factor(),
-        .jitter_factor = policy.jitter_factor(),
-        .maximum_backoff_ms = policy.maximum_backoff_ms(),
-        .entry_lifetime_ms = policy.entry_lifetime_ms(),
-        .always_use_initial_delay = policy.always_use_initial_delay(),
-    };
+    BackoffEntry::Policy new_policy;
+    new_policy.num_errors_to_ignore = policy.num_errors_to_ignore();
+    new_policy.initial_delay_ms = policy.initial_delay_ms();
+    new_policy.multiply_factor = policy.multiply_factor();
+    new_policy.jitter_factor = policy.jitter_factor();
+    new_policy.maximum_backoff_ms = policy.maximum_backoff_ms();
+    new_policy.entry_lifetime_ms = policy.entry_lifetime_ms();
+    new_policy.always_use_initial_delay = policy.always_use_initial_delay();
+    return new_policy;
   }
+};
 
-  static base::Time TimeFromProto(uint64_t raw_time) {
-    return base::Time() + base::TimeDelta::FromMicroseconds(raw_time);
-  }
+class MockClock : public base::TickClock {
+ public:
+  MockClock() = default;
+  ~MockClock() override = default;
+
+  void SetNow(base::TimeTicks now) { now_ = now; }
+  base::TimeTicks NowTicks() const override { return now_; }
+
+ private:
+  base::TimeTicks now_;
 };
 
 // Tests the "deserialize-reserialize" property. Deserializes a BackoffEntry
-// from JSON, reserializes it, and checks that the JSON values match.
+// from JSON, reserializes it, then deserializes again. Holding time constant,
+// we check that the parsed BackoffEntry values are equivalent.
 void TestDeserialize(const ProtoTranslator& translator) {
   // Attempt to convert the json_proto.ArrayValue to a base::Value.
   base::Optional<base::Value> value = translator.serialized_entry();
@@ -76,19 +94,30 @@ void TestDeserialize(const ProtoTranslator& translator) {
 
   BackoffEntry::Policy policy = translator.policy();
 
+  MockClock clock;
+  clock.SetNow(translator.now_ticks());
+
   // Attempt to deserialize a BackoffEntry.
   std::unique_ptr<BackoffEntry> entry =
-      BackoffEntrySerializer::DeserializeFromValue(*value, &policy, nullptr,
+      BackoffEntrySerializer::DeserializeFromValue(*value, &policy, &clock,
                                                    translator.parse_time());
   if (!entry)
     return;
 
-  // Serializing |entry| it should recreate the original JSON input!
   std::unique_ptr<base::Value> reserialized =
-      BackoffEntrySerializer::SerializeToValue(*entry,
-                                               translator.serialize_time());
+      BackoffEntrySerializer::SerializeToValue(*entry, translator.parse_time());
   CHECK(reserialized);
-  CHECK_EQ(*reserialized, *value);
+
+  // Due to fuzzy interpretation in BackoffEntrySerializer::
+  // DeserializeFromValue, we cannot assert that |*reserialized == *value|.
+  // Rather, we can deserialize |reserialized| and check that the result is
+  // equivalent to |entry|.
+  std::unique_ptr<BackoffEntry> entry_reparsed =
+      BackoffEntrySerializer::DeserializeFromValue(
+          *reserialized, &policy, &clock, translator.parse_time());
+  CHECK(entry_reparsed);
+  CHECK_EQ(entry->failure_count(), entry_reparsed->failure_count());
+  CHECK_EQ(entry->GetReleaseTime(), entry_reparsed->GetReleaseTime());
 }
 
 // Tests the "serialize-deserialize" property. Serializes an arbitrary
@@ -105,10 +134,13 @@ void TestSerialize(const ProtoTranslator& translator) {
                                                translator.serialize_time());
   CHECK(serialized);
 
+  MockClock clock;
+  clock.SetNow(translator.now_ticks());
+
   // Deserialize it.
   std::unique_ptr<BackoffEntry> deserialized_entry =
-      BackoffEntrySerializer::DeserializeFromValue(
-          *serialized, &policy, nullptr, translator.parse_time());
+      BackoffEntrySerializer::DeserializeFromValue(*serialized, &policy, &clock,
+                                                   translator.parse_time());
   // Even though SerializeToValue was successful, we're not guaranteed to have a
   // |deserialized_entry|. One reason deserialization may fail is if the parsed
   // |absolute_release_time_us| is below zero.
@@ -134,8 +166,8 @@ DEFINE_PROTO_FUZZER(const fuzz_proto::FuzzerInput& input) {
   }
 
   ProtoTranslator translator(input);
-  TestSerialize(translator);
   TestDeserialize(translator);
+  TestSerialize(translator);
 }
 
 }  // namespace net
diff --git a/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto b/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto
index d92f72eca9b..06cb247dd2a 100644
--- a/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto
+++ b/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto
@@ -9,9 +9,11 @@ package fuzz_proto;
 import "testing/libfuzzer/proto/json.proto";
 
 message FuzzerInput {
-  // Using int64 to match base::Time's internal representation.
+  // Using int64 to match internal representation of base::Time and
+  // base::TimeTicks.
   required int64 parse_time = 1;
   required int64 serialize_time = 2;
+  required int64 now_ticks = 5;
   required BackoffEntryPolicy policy = 3;
   required json_proto.ArrayValue serialized_entry = 4;
 }
diff --git a/chromium/net/base/features.cc b/chromium/net/base/features.cc
index b6b6c2dedd5..1b97b20d324 100644
--- a/chromium/net/base/features.cc
+++ b/chromium/net/base/features.cc
@@ -3,6 +3,9 @@
 // found in the LICENSE file.
 
 #include "net/base/features.h"
+
+#include <vector>
+
 #include "build/build_config.h"
 
 namespace net {
@@ -11,6 +14,9 @@ namespace features {
 const base::Feature kAcceptLanguageHeader{"AcceptLanguageHeader",
                                           base::FEATURE_ENABLED_BY_DEFAULT};
 
+const base::Feature kCapReferrerToOriginOnCrossOrigin{
+    "CapReferrerToOriginOnCrossOrigin", base::FEATURE_DISABLED_BY_DEFAULT};
+
 const base::Feature kDnsHttpssvc{"DnsHttpssvc",
                                  base::FEATURE_DISABLED_BY_DEFAULT};
 
@@ -20,12 +26,34 @@ const base::FeatureParam<bool> kDnsHttpssvcUseHttpssvc{
 const base::FeatureParam<bool> kDnsHttpssvcUseIntegrity{
     &kDnsHttpssvc, "DnsHttpssvcUseIntegrity", false};
 
+const base::FeatureParam<bool> kDnsHttpssvcEnableQueryOverInsecure{
+    &kDnsHttpssvc, "DnsHttpssvcEnableQueryOverInsecure", false};
+
 const base::FeatureParam<int> kDnsHttpssvcExtraTimeMs{
     &kDnsHttpssvc, "DnsHttpssvcExtraTimeMs", 10};
 
 const base::FeatureParam<int> kDnsHttpssvcExtraTimePercent{
     &kDnsHttpssvc, "DnsHttpssvcExtraTimePercent", 5};
 
+const base::FeatureParam<std::string> kDnsHttpssvcExperimentDomains{
+    &kDnsHttpssvc, "DnsHttpssvcExperimentDomains", ""};
+
+const base::FeatureParam<std::string> kDnsHttpssvcControlDomains{
+    &kDnsHttpssvc, "DnsHttpssvcControlDomains", ""};
+
+const base::FeatureParam<bool> kDnsHttpssvcControlDomainWildcard{
+    &kDnsHttpssvc, "DnsHttpssvcControlDomainWildcard", false};
+
+const base::Feature kAvoidH2Reprioritization{"AvoidH2Reprioritization",
+                                             base::FEATURE_DISABLED_BY_DEFAULT};
+
+namespace dns_httpssvc_experiment {
+base::TimeDelta GetExtraTimeAbsolute() {
+  DCHECK(base::FeatureList::IsEnabled(features::kDnsHttpssvc));
+  return base::TimeDelta::FromMilliseconds(kDnsHttpssvcExtraTimeMs.Get());
+}
+}  // namespace dns_httpssvc_experiment
+
 const base::Feature kEnableTLS13EarlyData{"EnableTLS13EarlyData",
                                           base::FEATURE_DISABLED_BY_DEFAULT};
 
@@ -50,6 +78,28 @@ const base::Feature kPartitionSSLSessionsByNetworkIsolationKey{
     "PartitionSSLSessionsByNetworkIsolationKey",
     base::FEATURE_DISABLED_BY_DEFAULT};
 
+const base::Feature kPartitionExpectCTStateByNetworkIsolationKey{
+    "PartitionExpectCTStateByNetworkIsolationKey",
+    base::FEATURE_DISABLED_BY_DEFAULT};
+
+const base::Feature kExpectCTPruning{"ExpectCTPruning",
+                                     base::FEATURE_ENABLED_BY_DEFAULT};
+
+NET_EXPORT extern const base::FeatureParam<int>
+    kExpectCTPruneMax(&kExpectCTPruning, "ExpectCTPruneMax", 2000);
+NET_EXPORT extern const base::FeatureParam<int>
+    kExpectCTPruneMin(&kExpectCTPruning, "ExpectCTPruneMin", 1800);
+NET_EXPORT extern const base::FeatureParam<int> kExpectCTSafeFromPruneDays(
+    &kExpectCTPruning,
+    "ExpectCTSafeFromPruneDays",
+    40);
+NET_EXPORT extern const base::FeatureParam<int> kExpectCTMaxEntriesPerNik(
+    &kExpectCTPruning,
+    "ExpectCTMaxEntriesPerNik",
+    20);
+NET_EXPORT extern const base::FeatureParam<int>
+    kExpectCTPruneDelaySecs(&kExpectCTPruning, "ExpectCTPruneDelaySecs", 60);
+
 const base::Feature kTLS13KeyUpdate{"TLS13KeyUpdate",
                                     base::FEATURE_DISABLED_BY_DEFAULT};
 
@@ -59,24 +109,11 @@ const base::Feature kPostQuantumCECPQ2{"PostQuantumCECPQ2",
 const base::Feature kNetUnusedIdleSocketTimeout{
     "NetUnusedIdleSocketTimeout", base::FEATURE_DISABLED_BY_DEFAULT};
 
-const base::Feature kRequestEsniDnsRecords{"RequestEsniDnsRecords",
-                                           base::FEATURE_DISABLED_BY_DEFAULT};
-base::TimeDelta EsniDnsMaxAbsoluteAdditionalWait() {
-  DCHECK(base::FeatureList::IsEnabled(kRequestEsniDnsRecords));
-  return base::TimeDelta::FromMilliseconds(
-      kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds.Get());
-}
-const base::FeatureParam<int> kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds{
-    &kRequestEsniDnsRecords, "EsniDnsMaxAbsoluteAdditionalWaitMilliseconds",
-    10};
-const base::FeatureParam<int> kEsniDnsMaxRelativeAdditionalWaitPercent{
-    &kRequestEsniDnsRecords, "EsniDnsMaxRelativeAdditionalWaitPercent", 5};
-
-const base::Feature kSameSiteByDefaultCookies{
-    "SameSiteByDefaultCookies", base::FEATURE_DISABLED_BY_DEFAULT};
+const base::Feature kSameSiteByDefaultCookies{"SameSiteByDefaultCookies",
+                                              base::FEATURE_ENABLED_BY_DEFAULT};
 
 const base::Feature kCookiesWithoutSameSiteMustBeSecure{
-    "CookiesWithoutSameSiteMustBeSecure", base::FEATURE_DISABLED_BY_DEFAULT};
+    "CookiesWithoutSameSiteMustBeSecure", base::FEATURE_ENABLED_BY_DEFAULT};
 
 const base::Feature kShortLaxAllowUnsafeThreshold{
     "ShortLaxAllowUnsafeThreshold", base::FEATURE_DISABLED_BY_DEFAULT};
@@ -100,10 +137,6 @@ const base::FeatureParam<int>
         &kRecentCreationTimeGrantsLegacyCookieSemantics,
         "RecentCreationTimeGrantsLegacyCookieSemanticsMilliseconds", 0};
 
-const base::Feature kBlockExternalRequestsFromNonSecureInitiators{
-    "BlockExternalRequestsFromNonSecureInitiators",
-    base::FEATURE_DISABLED_BY_DEFAULT};
-
 #if BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED)
 const base::Feature kCertVerifierBuiltinFeature{
     "CertVerifierBuiltin", base::FEATURE_DISABLED_BY_DEFAULT};
@@ -114,7 +147,7 @@ const base::Feature kAppendFrameOriginToNetworkIsolationKey{
 
 const base::Feature kUseRegistrableDomainInNetworkIsolationKey{
     "UseRegistrableDomainInNetworkIsolationKey",
-    base::FEATURE_DISABLED_BY_DEFAULT};
+    base::FEATURE_ENABLED_BY_DEFAULT};
 
 const base::Feature kTurnOffStreamingMediaCaching{
     "TurnOffStreamingMediaCaching", base::FEATURE_DISABLED_BY_DEFAULT};
@@ -128,5 +161,8 @@ const base::Feature kSchemefulSameSite{"SchemefulSameSite",
 const base::Feature kTLSLegacyCryptoFallbackForMetrics{
     "TLSLegacyCryptoFallbackForMetrics", base::FEATURE_ENABLED_BY_DEFAULT};
 
+const base::Feature kUseLookalikesForNavigationSuggestions{
+    "UseLookalikesForNavigationSuggestions", base::FEATURE_DISABLED_BY_DEFAULT};
+
 }  // namespace features
 }  // namespace net
diff --git a/chromium/net/base/features.h b/chromium/net/base/features.h
index b6b2a4cccf7..a6767bfbe57 100644
--- a/chromium/net/base/features.h
+++ b/chromium/net/base/features.h
@@ -5,8 +5,12 @@
 #ifndef NET_BASE_FEATURES_H_
 #define NET_BASE_FEATURES_H_
 
+#include <string>
+
 #include "base/feature_list.h"
 #include "base/metrics/field_trial_params.h"
+#include "base/strings/string_piece.h"
+#include "base/time/time.h"
 #include "net/base/net_export.h"
 #include "net/net_buildflags.h"
 
@@ -17,6 +21,10 @@ namespace features {
 // https://github.com/WICG/lang-client-hint proposes that we deprecate.
 NET_EXPORT extern const base::Feature kAcceptLanguageHeader;
 
+// When kCapReferrerToOriginOnCrossOrigin is enabled, HTTP referrers on cross-
+// origin requests are restricted to contain at most the source origin.
+NET_EXPORT extern const base::Feature kCapReferrerToOriginOnCrossOrigin;
+
 // Enables TLS 1.3 early data.
 NET_EXPORT extern const base::Feature kEnableTLS13EarlyData;
 
@@ -25,6 +33,9 @@ NET_EXPORT extern const base::Feature kEnableTLS13EarlyData;
 // cause us to upgrade the URL to HTTPS and/or to attempt QUIC.
 NET_EXPORT extern const base::Feature kDnsHttpssvc;
 
+// Disable H2 reprioritization, in order to measure its impact.
+NET_EXPORT extern const base::Feature kAvoidH2Reprioritization;
+
 // Determine which kind of record should be queried: HTTPSSVC or INTEGRITY. No
 // more than one of these feature parameters should be enabled at once. In the
 // event that both are enabled, |kDnsHttpssvcUseIntegrity| takes priority, and
@@ -32,6 +43,10 @@ NET_EXPORT extern const base::Feature kDnsHttpssvc;
 NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseHttpssvc;
 NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseIntegrity;
 
+// Enable HTTPSSVC or INTEGRITY to be queried over insecure DNS.
+NET_EXPORT extern const base::FeatureParam<bool>
+    kDnsHttpssvcEnableQueryOverInsecure;
+
 // If we are still waiting for an HTTPSSVC or INTEGRITY query after all the
 // other queries in a DnsTask have completed, we will compute a timeout for the
 // remaining query. The timeout will be the min of:
@@ -41,6 +56,35 @@ NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseIntegrity;
 NET_EXPORT extern const base::FeatureParam<int> kDnsHttpssvcExtraTimeMs;
 NET_EXPORT extern const base::FeatureParam<int> kDnsHttpssvcExtraTimePercent;
 
+// These parameters, respectively, are the list of experimental and control
+// domains for which we will query HTTPSSVC or INTEGRITY records. We expect
+// valid INTEGRITY results for experiment domains. We expect no INTEGRITY
+// results for control domains.
+//
+// The format of both parameters is a comma-separated list of domains.
+// Whitespace around domain names is permitted. Trailing comma is optional.
+//
+// See helper functions:
+// |dns_httpssvc_experiment::GetDnsHttpssvcExperimentDomains| and
+// |dns_httpssvc_experiment::GetDnsHttpssvcControlDomains|.
+NET_EXPORT extern const base::FeatureParam<std::string>
+    kDnsHttpssvcExperimentDomains;
+NET_EXPORT extern const base::FeatureParam<std::string>
+    kDnsHttpssvcControlDomains;
+
+// This param controls how we determine whether a domain is an experimental or
+// control domain. When false, domains must be in |kDnsHttpssvcControlDomains|
+// to be considered a control. When true, we ignore |kDnsHttpssvcControlDomains|
+// and any non-experiment domain (not in |kDnsHttpssvcExperimentDomains|) is
+// considered a control domain.
+NET_EXPORT extern const base::FeatureParam<bool>
+    kDnsHttpssvcControlDomainWildcard;
+
+namespace dns_httpssvc_experiment {
+// Get the value of |kDnsHttpssvcExtraTimeMs|.
+NET_EXPORT base::TimeDelta GetExtraTimeAbsolute();
+}  // namespace dns_httpssvc_experiment
+
 // Enables optimizing the network quality estimation algorithms in network
 // quality estimator (NQE).
 NET_EXPORT extern const base::Feature kNetworkQualityEstimator;
@@ -72,6 +116,36 @@ NET_EXPORT extern const base::Feature
 NET_EXPORT extern const base::Feature
     kPartitionSSLSessionsByNetworkIsolationKey;
 
+// Partitions Expect-CT data by NetworkIsolationKey. This only affects the
+// Expect-CT data itself. Regardless of this value, reports will be uploaded
+// using the associated NetworkIsolationKey, when one's available.
+//
+// This feature requires kPartitionConnectionsByNetworkIsolationKey,
+// kPartitionHttpServerPropertiesByNetworkIsolationKey, and
+// kPartitionConnectionsByNetworkIsolationKey to all be enabled to work.
+NET_EXPORT extern const base::Feature
+    kPartitionExpectCTStateByNetworkIsolationKey;
+
+// Enables limiting the size of Expect-CT table.
+NET_EXPORT extern const base::Feature kExpectCTPruning;
+
+// FeatureParams associated with kExpectCTPruning.
+
+// Expect-CT pruning runs when this many entries are hit.
+NET_EXPORT extern const base::FeatureParam<int> kExpectCTPruneMax;
+// The Expect-CT pruning logic attempts to reduce entries to at most this many.
+NET_EXPORT extern const base::FeatureParam<int> kExpectCTPruneMin;
+// Non-transient entries with |enforce| set are safe from being pruned if
+// they're less than this many days old, unless the number of entries exceeds
+// |kExpectCTMaxEntriesPerNik|.
+NET_EXPORT extern const base::FeatureParam<int> kExpectCTSafeFromPruneDays;
+// If, after pruning transient, non-enforced, old Expect-CT entries,
+// kExpectCTPruneMin is still exceeded, then all NetworkIsolationKeys will be
+// capped to this many entries, based on last observation date.
+NET_EXPORT extern const base::FeatureParam<int> kExpectCTMaxEntriesPerNik;
+// Minimum delay between successive prunings of Expect-CT entries, in seconds.
+NET_EXPORT extern const base::FeatureParam<int> kExpectCTPruneDelaySecs;
+
 // Enables sending TLS 1.3 Key Update messages on TLS 1.3 connections in order
 // to ensure that this corner of the spec is exercised. This is currently
 // disabled by default because we discovered incompatibilities with some
@@ -84,25 +158,6 @@ NET_EXPORT extern const base::Feature kPostQuantumCECPQ2;
 // Changes the timeout after which unused sockets idle sockets are cleaned up.
 NET_EXPORT extern const base::Feature kNetUnusedIdleSocketTimeout;
 
-// Enables the built-in resolver requesting ESNI (TLS 1.3 Encrypted
-// Server Name Indication) records alongside IPv4 and IPv6 address records
-// during DNS over HTTPS (DoH) host resolution.
-NET_EXPORT extern const base::Feature kRequestEsniDnsRecords;
-// Returns a TimeDelta of value kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds
-// milliseconds (see immediately below).
-NET_EXPORT base::TimeDelta EsniDnsMaxAbsoluteAdditionalWait();
-// The following two parameters specify the amount of extra time to wait for a
-// long-running ESNI DNS transaction after the successful conclusion of
-// concurrent A and AAAA transactions. This timeout will have value
-// min{kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds,
-//     (100% + kEsniDnsMaxRelativeAdditionalWaitPercent)
-//       * max{time elapsed for the concurrent A query,
-//             time elapsed for the concurrent AAAA query}}.
-NET_EXPORT extern const base::FeatureParam<int>
-    kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds;
-NET_EXPORT extern const base::FeatureParam<int>
-    kEsniDnsMaxRelativeAdditionalWaitPercent;
-
 // When enabled, makes cookies without a SameSite attribute behave like
 // SameSite=Lax cookies by default, and requires SameSite=None to be specified
 // in order to make cookies available in a third-party context. When disabled,
@@ -158,12 +213,6 @@ NET_EXPORT extern const base::Feature
 NET_EXPORT extern const base::FeatureParam<int>
     kRecentCreationTimeGrantsLegacyCookieSemanticsMilliseconds;
 
-// When enabled, blocks external requests coming from non-secure contexts. An
-// external request is a request that crosses a network boundary from a more
-// public address space into a less public address space.
-NET_EXPORT extern const base::Feature
-    kBlockExternalRequestsFromNonSecureInitiators;
-
 #if BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED)
 // When enabled, use the builtin cert verifier instead of the platform verifier.
 NET_EXPORT extern const base::Feature kCertVerifierBuiltinFeature;
@@ -192,6 +241,10 @@ NET_EXPORT extern const base::Feature kSchemefulSameSite;
 // those algorithms. If disabled, the algorithms will always be offered.
 NET_EXPORT extern const base::Feature kTLSLegacyCryptoFallbackForMetrics;
 
+// When enabled, DNS_PROBE_FINISHED_NXDOMAIN error pages may show
+// locally-generated suggestions to visit similar domains.
+NET_EXPORT extern const base::Feature kUseLookalikesForNavigationSuggestions;
+
 }  // namespace features
 }  // namespace net
 
diff --git a/chromium/net/base/file_stream_context.cc b/chromium/net/base/file_stream_context.cc
index 73e4843b902..f2009c8aef5 100644
--- a/chromium/net/base/file_stream_context.cc
+++ b/chromium/net/base/file_stream_context.cc
@@ -9,6 +9,7 @@
 #include "base/bind.h"
 #include "base/files/file_path.h"
 #include "base/location.h"
+#include "base/logging.h"
 #include "base/task_runner.h"
 #include "base/task_runner_util.h"
 #include "base/threading/thread_restrictions.h"
diff --git a/chromium/net/base/file_stream_context.h b/chromium/net/base/file_stream_context.h
index dcd5b3fae1a..7aae431b4d1 100644
--- a/chromium/net/base/file_stream_context.h
+++ b/chromium/net/base/file_stream_context.h
@@ -30,6 +30,7 @@
 #include <stdint.h>
 
 #include "base/files/file.h"
+#include "base/logging.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "base/message_loop/message_pump_for_io.h"
diff --git a/chromium/net/base/ip_address.cc b/chromium/net/base/ip_address.cc
index 03a4df02dfc..ec095c44934 100644
--- a/chromium/net/base/ip_address.cc
+++ b/chromium/net/base/ip_address.cc
@@ -22,6 +22,8 @@
 namespace net {
 namespace {
 
+bool g_consider_loopback_ip_to_be_publicly_routable_for_testing = false;
+
 // The prefix for IPv6 mapped IPv4 addresses.
 // https://tools.ietf.org/html/rfc4291#section-2.5.5.2
 constexpr uint8_t kIPv4MappedPrefix[] = {0, 0, 0, 0, 0,    0,
@@ -234,6 +236,11 @@ bool IPAddress::IsValid() const {
 }
 
 bool IPAddress::IsPubliclyRoutable() const {
+  if (g_consider_loopback_ip_to_be_publicly_routable_for_testing &&
+      IsLoopback()) {
+    return true;
+  }
+
   if (IsIPv4()) {
     return IsPubliclyRoutableIPv4(ip_address_);
   } else if (IsIPv6()) {
@@ -242,6 +249,11 @@ bool IPAddress::IsPubliclyRoutable() const {
   return true;
 }
 
+// static
+void IPAddress::ConsiderLoopbackIPToBePubliclyRoutableForTesting() {
+  g_consider_loopback_ip_to_be_publicly_routable_for_testing = true;
+}
+
 bool IPAddress::IsZero() const {
   for (auto x : ip_address_) {
     if (x != 0)
diff --git a/chromium/net/base/ip_address.h b/chromium/net/base/ip_address.h
index 829095bc3a4..c3249b7c88d 100644
--- a/chromium/net/base/ip_address.h
+++ b/chromium/net/base/ip_address.h
@@ -157,6 +157,10 @@ class NET_EXPORT IPAddress {
   // IPv4-mapped-to-IPv6 addresses are considered publicly routable.
   bool IsPubliclyRoutable() const;
 
+  // Let future IsPubliclyRoutable() calls in the current process always return
+  // true for a loopback ip.
+  static void ConsiderLoopbackIPToBePubliclyRoutableForTesting();
+
   // Returns true if the IP is "zero" (e.g. the 0.0.0.0 IPv4 address).
   bool IsZero() const;
 
diff --git a/chromium/net/base/ip_address_unittest.cc b/chromium/net/base/ip_address_unittest.cc
index 6ec78d6c38e..8a9b90022b1 100644
--- a/chromium/net/base/ip_address_unittest.cc
+++ b/chromium/net/base/ip_address_unittest.cc
@@ -302,6 +302,16 @@ TEST(IPAddressTest, IsPubliclyRoutableIPv6) {
   }
 }
 
+TEST(IPAddressTest, ConsiderLoopbackIPToBePubliclyRoutableForTestingMethod) {
+  IPAddress address;
+  EXPECT_TRUE(address.AssignFromIPLiteral("127.0.0.1"));
+  ASSERT_TRUE(address.IsValid());
+  EXPECT_FALSE(address.IsPubliclyRoutable());
+
+  IPAddress::ConsiderLoopbackIPToBePubliclyRoutableForTesting();
+  EXPECT_TRUE(address.IsPubliclyRoutable());
+}
+
 TEST(IPAddressTest, IsZero) {
   uint8_t address1[4] = {};
   IPAddress zero_ipv4_address(address1);
diff --git a/chromium/net/base/load_timing_info.h b/chromium/net/base/load_timing_info.h
index e3ff12e34da..6952fc557ce 100644
--- a/chromium/net/base/load_timing_info.h
+++ b/chromium/net/base/load_timing_info.h
@@ -27,7 +27,6 @@ namespace net {
 // The general order for events is:
 // request_start
 // service_worker_start_time
-// service_worker_ready_time
 // proxy_start
 // proxy_end
 // dns_start
@@ -38,6 +37,10 @@ namespace net {
 // connect_end
 // send_start
 // send_end
+// service_worker_ready_time
+// service_worker_fetch_start
+// service_worker_respond_with_settled
+// first_early_hints_time
 // receive_headers_start
 // receive_headers_end
 //
@@ -149,7 +152,16 @@ struct NET_EXPORT LoadTimingInfo {
   // if this is greater than |request_start|.
   base::TimeTicks service_worker_ready_time;
 
-  // The time spent determing which proxy to use.  Null when there is no PAC.
+  // The time when serviceworker fetch event was popped off the event queue
+  // and fetch event handler started running.
+  // If the response is not provided by the ServiceWorker, kept empty.
+  base::TimeTicks service_worker_fetch_start;
+
+  // The time when serviceworker's fetch event's respondWith promise was
+  // settled. If the response is not provided by the ServiceWorker, kept empty.
+  base::TimeTicks service_worker_respond_with_settled;
+
+  // The time spent determining which proxy to use.  Null when there is no PAC.
   base::TimeTicks proxy_resolve_start;
   base::TimeTicks proxy_resolve_end;
 
@@ -167,6 +179,9 @@ struct NET_EXPORT LoadTimingInfo {
   base::TimeTicks receive_headers_start;
   base::TimeTicks receive_headers_end;
 
+  // The time that the first 103 Early Hints response is received.
+  base::TimeTicks first_early_hints_time;
+
   // In case the resource was proactively pushed by the server, these are
   // the times that push started and ended. Note that push_end will be null
   // if the request is still being transmitted, i.e. the underlying h2 stream
diff --git a/chromium/net/base/load_timing_info_test_util.cc b/chromium/net/base/load_timing_info_test_util.cc
index 84410d560b9..e84d4bd127b 100644
--- a/chromium/net/base/load_timing_info_test_util.cc
+++ b/chromium/net/base/load_timing_info_test_util.cc
@@ -54,6 +54,7 @@ void ExpectLoadTimingHasOnlyConnectionTimes(
   EXPECT_TRUE(load_timing_info.send_start.is_null());
   EXPECT_TRUE(load_timing_info.send_end.is_null());
   EXPECT_TRUE(load_timing_info.receive_headers_end.is_null());
+  EXPECT_TRUE(load_timing_info.first_early_hints_time.is_null());
   EXPECT_TRUE(load_timing_info.push_start.is_null());
   EXPECT_TRUE(load_timing_info.push_end.is_null());
 }
diff --git a/chromium/net/base/net_error_list.h b/chromium/net/base/net_error_list.h
index 758c9b18350..7682241352a 100644
--- a/chromium/net/base/net_error_list.h
+++ b/chromium/net/base/net_error_list.h
@@ -121,6 +121,12 @@ NET_ERROR(BLOCKED_BY_RESPONSE, -27)
 // requests. Used for NetworkSecurityPolicy on Android.
 NET_ERROR(CLEARTEXT_NOT_PERMITTED, -29)
 
+// The request was blocked by a Content Security Policy
+NET_ERROR(BLOCKED_BY_CSP, -30)
+
+// The request was blocked because of no H/2 or QUIC session.
+NET_ERROR(H2_OR_QUIC_REQUIRED, -31)
+
 // A connection was closed (corresponding to a TCP FIN).
 NET_ERROR(CONNECTION_CLOSED, -100)
 
diff --git a/chromium/net/base/net_errors.cc b/chromium/net/base/net_errors.cc
index 25d46b434d0..06ba2d9174c 100644
--- a/chromium/net/base/net_errors.cc
+++ b/chromium/net/base/net_errors.cc
@@ -69,6 +69,17 @@ bool IsHostnameResolutionError(int error) {
   return error == ERR_NAME_NOT_RESOLVED;
 }
 
+bool IsRequestBlockedError(int error) {
+  switch (error) {
+    case ERR_BLOCKED_BY_CLIENT:
+    case ERR_BLOCKED_BY_ADMINISTRATOR:
+    case ERR_BLOCKED_BY_CSP:
+      return true;
+    default:
+      return false;
+  }
+}
+
 Error FileErrorToNetError(base::File::Error file_error) {
   switch (file_error) {
     case base::File::FILE_OK:
diff --git a/chromium/net/base/net_errors.h b/chromium/net/base/net_errors.h
index bbd870e1c16..d2807f53999 100644
--- a/chromium/net/base/net_errors.h
+++ b/chromium/net/base/net_errors.h
@@ -50,6 +50,9 @@ NET_EXPORT bool IsClientCertificateError(int error);
 // Returns true if |error| is an error from hostname resolution.
 NET_EXPORT bool IsHostnameResolutionError(int error);
 
+// Returns true if |error| means that the request has been blocked.
+NET_EXPORT bool IsRequestBlockedError(int error);
+
 // Map system error code to Error.
 NET_EXPORT Error MapSystemError(logging::SystemErrorCode os_error);
 
diff --git a/chromium/net/base/net_errors_posix.cc b/chromium/net/base/net_errors_posix.cc
index 13e14a736c8..2e4fd240aaa 100644
--- a/chromium/net/base/net_errors_posix.cc
+++ b/chromium/net/base/net_errors_posix.cc
@@ -17,7 +17,8 @@ namespace net {
 
 Error MapSystemError(logging::SystemErrorCode os_error) {
   if (os_error != 0)
-    DVLOG(2) << "Error " << os_error;
+    DVLOG(2) << "Error " << os_error << ": "
+             << logging::SystemErrorCodeToString(os_error);
 
   // There are numerous posix error codes, but these are the ones we thus far
   // find interesting.
diff --git a/chromium/net/base/network_change_notifier_fuchsia.cc b/chromium/net/base/network_change_notifier_fuchsia.cc
index a6d67e35f42..e5cde0787f8 100644
--- a/chromium/net/base/network_change_notifier_fuchsia.cc
+++ b/chromium/net/base/network_change_notifier_fuchsia.cc
@@ -11,8 +11,8 @@
 #include <vector>
 
 #include "base/bind.h"
-#include "base/fuchsia/default_context.h"
 #include "base/fuchsia/fuchsia_logging.h"
+#include "base/fuchsia/process_context.h"
 #include "base/optional.h"
 #include "base/run_loop.h"
 #include "net/base/network_interfaces.h"
@@ -22,11 +22,10 @@ namespace net {
 
 NetworkChangeNotifierFuchsia::NetworkChangeNotifierFuchsia(
     uint32_t required_features)
-    : NetworkChangeNotifierFuchsia(
-          base::fuchsia::ComponentContextForCurrentProcess()
-              ->svc()
-              ->Connect<fuchsia::netstack::Netstack>(),
-          required_features) {}
+    : NetworkChangeNotifierFuchsia(base::ComponentContextForProcess()
+                                       ->svc()
+                                       ->Connect<fuchsia::netstack::Netstack>(),
+                                   required_features) {}
 
 NetworkChangeNotifierFuchsia::NetworkChangeNotifierFuchsia(
     fuchsia::netstack::NetstackPtr netstack,
diff --git a/chromium/net/base/network_change_notifier_fuchsia_unittest.cc b/chromium/net/base/network_change_notifier_fuchsia_unittest.cc
index e5ca7faa080..f6354fadb8e 100644
--- a/chromium/net/base/network_change_notifier_fuchsia_unittest.cc
+++ b/chromium/net/base/network_change_notifier_fuchsia_unittest.cc
@@ -12,6 +12,7 @@
 
 #include "base/auto_reset.h"
 #include "base/bind.h"
+#include "base/logging.h"
 #include "base/run_loop.h"
 #include "base/test/task_environment.h"
 #include "base/threading/sequence_bound.h"
diff --git a/chromium/net/base/network_change_notifier_mac.cc b/chromium/net/base/network_change_notifier_mac.cc
index 91cf418ef43..23cc7fd3536 100644
--- a/chromium/net/base/network_change_notifier_mac.cc
+++ b/chromium/net/base/network_change_notifier_mac.cc
@@ -8,6 +8,7 @@
 #include <resolv.h>
 
 #include "base/bind.h"
+#include "base/logging.h"
 #include "base/macros.h"
 #include "base/sequenced_task_runner.h"
 #include "base/task/post_task.h"
diff --git a/chromium/net/base/network_config_watcher_mac.cc b/chromium/net/base/network_config_watcher_mac.cc
index fb6362c832e..ea499cf3126 100644
--- a/chromium/net/base/network_config_watcher_mac.cc
+++ b/chromium/net/base/network_config_watcher_mac.cc
@@ -8,6 +8,7 @@
 
 #include "base/bind.h"
 #include "base/compiler_specific.h"
+#include "base/logging.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "base/message_loop/message_pump_type.h"
diff --git a/chromium/net/base/network_delegate.cc b/chromium/net/base/network_delegate.cc
index a98b95e8e8c..80592ea985d 100644
--- a/chromium/net/base/network_delegate.cc
+++ b/chromium/net/base/network_delegate.cc
@@ -101,11 +101,10 @@ void NetworkDelegate::NotifyPACScriptError(int line_number,
 }
 
 bool NetworkDelegate::CanGetCookies(const URLRequest& request,
-                                    const CookieList& cookie_list,
                                     bool allowed_from_caller) {
   DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
   DCHECK(!(request.load_flags() & LOAD_DO_NOT_SEND_COOKIES));
-  return OnCanGetCookies(request, cookie_list, allowed_from_caller);
+  return OnCanGetCookies(request, allowed_from_caller);
 }
 
 bool NetworkDelegate::CanSetCookie(const URLRequest& request,
diff --git a/chromium/net/base/network_delegate.h b/chromium/net/base/network_delegate.h
index c06f365312e..c00f0ccd3b5 100644
--- a/chromium/net/base/network_delegate.h
+++ b/chromium/net/base/network_delegate.h
@@ -73,7 +73,6 @@ class NET_EXPORT NetworkDelegate {
   void NotifyURLRequestDestroyed(URLRequest* request);
   void NotifyPACScriptError(int line_number, const base::string16& error);
   bool CanGetCookies(const URLRequest& request,
-                     const CookieList& cookie_list,
                      bool allowed_from_caller);
   bool CanSetCookie(const URLRequest& request,
                     const net::CanonicalCookie& cookie,
@@ -206,7 +205,6 @@ class NET_EXPORT NetworkDelegate {
   // allowed from any higher level delegates (for example, in a
   // LayeredNetworkDelegate). Any custom logic should be ANDed with this bool.
   virtual bool OnCanGetCookies(const URLRequest& request,
-                               const CookieList& cookie_list,
                                bool allowed_from_caller) = 0;
 
   // Called when a cookie is set to allow the network delegate to block access
diff --git a/chromium/net/base/network_delegate_impl.cc b/chromium/net/base/network_delegate_impl.cc
index 44a232b5a60..822bedc22a8 100644
--- a/chromium/net/base/network_delegate_impl.cc
+++ b/chromium/net/base/network_delegate_impl.cc
@@ -49,7 +49,6 @@ void NetworkDelegateImpl::OnPACScriptError(int line_number,
 }
 
 bool NetworkDelegateImpl::OnCanGetCookies(const URLRequest& request,
-                                          const CookieList& cookie_list,
                                           bool allowed_from_caller) {
   return allowed_from_caller;
 }
diff --git a/chromium/net/base/network_delegate_impl.h b/chromium/net/base/network_delegate_impl.h
index 46554d70035..323dade2a5a 100644
--- a/chromium/net/base/network_delegate_impl.h
+++ b/chromium/net/base/network_delegate_impl.h
@@ -62,7 +62,6 @@ class NET_EXPORT NetworkDelegateImpl : public NetworkDelegate {
   void OnPACScriptError(int line_number, const base::string16& error) override;
 
   bool OnCanGetCookies(const URLRequest& request,
-                       const CookieList& cookie_list,
                        bool allowed_from_caller) override;
 
   bool OnCanSetCookie(const URLRequest& request,
diff --git a/chromium/net/base/network_interfaces.cc b/chromium/net/base/network_interfaces.cc
index 8ba3df11e2f..29df129a49b 100644
--- a/chromium/net/base/network_interfaces.cc
+++ b/chromium/net/base/network_interfaces.cc
@@ -4,6 +4,7 @@
 
 #include "net/base/network_interfaces.h"
 
+#include "base/logging.h"
 #include "build/build_config.h"
 
 #if defined(OS_POSIX)
diff --git a/chromium/net/base/network_interfaces_fuchsia.cc b/chromium/net/base/network_interfaces_fuchsia.cc
index 794f6d157fe..864f68ab8b5 100644
--- a/chromium/net/base/network_interfaces_fuchsia.cc
+++ b/chromium/net/base/network_interfaces_fuchsia.cc
@@ -13,8 +13,8 @@
 #include <utility>
 
 #include "base/format_macros.h"
-#include "base/fuchsia/default_context.h"
 #include "base/fuchsia/fuchsia_logging.h"
+#include "base/fuchsia/process_context.h"
 #include "base/strings/stringprintf.h"
 #include "net/base/ip_endpoint.h"
 #include "net/base/network_interfaces.h"
@@ -107,8 +107,7 @@ bool GetNetworkList(NetworkInterfaceList* networks, int policy) {
   DCHECK(networks);
 
   fuchsia::netstack::NetstackSyncPtr netstack;
-  base::fuchsia::ComponentContextForCurrentProcess()->svc()->Connect(
-      netstack.NewRequest());
+  base::ComponentContextForProcess()->svc()->Connect(netstack.NewRequest());
 
   // TODO(kmarshall): Use NetworkChangeNotifier's cached interface list.
   std::vector<fuchsia::netstack::NetInterface> interfaces;
diff --git a/chromium/net/base/network_interfaces_getifaddrs.cc b/chromium/net/base/network_interfaces_getifaddrs.cc
index c340cced979..7ce0429489e 100644
--- a/chromium/net/base/network_interfaces_getifaddrs.cc
+++ b/chromium/net/base/network_interfaces_getifaddrs.cc
@@ -30,6 +30,16 @@
 #include <sys/ioctl.h>
 #endif  // !OS_IOS
 
+#if defined(OS_ANDROID)
+#include "base/android/build_info.h"
+// Declare getifaddrs() and freeifaddrs() weakly as they're only available
+// on Android N+.
+extern "C" {
+int getifaddrs(struct ifaddrs** __list_ptr) __attribute__((weak_import));
+void freeifaddrs(struct ifaddrs* __ptr) __attribute__((weak_import));
+}
+#endif  // OS_ANDROID
+
 namespace net {
 namespace internal {
 
@@ -209,7 +219,18 @@ bool IfaddrsToNetworkInterfaceList(int policy,
 
 }  // namespace internal
 
+// This version of GetNetworkList() can only be called on Android N+, so give it
+// a different and internal name so it isn't invoked mistakenly.
+#if defined(OS_ANDROID)
+namespace internal {
+bool GetNetworkListUsingGetifaddrs(NetworkInterfaceList* networks, int policy) {
+  DCHECK_GE(base::android::BuildInfo::GetInstance()->sdk_int(),
+            base::android::SDK_VERSION_NOUGAT);
+  DCHECK(getifaddrs);
+  DCHECK(freeifaddrs);
+#else
 bool GetNetworkList(NetworkInterfaceList* networks, int policy) {
+#endif
   if (networks == NULL)
     return false;
 
@@ -235,9 +256,14 @@ bool GetNetworkList(NetworkInterfaceList* networks, int policy) {
   return result;
 }
 
+#if defined(OS_ANDROID)
+}  // namespace internal
+// For Android use GetWifiSSID() impl in network_interfaces_linux.cc.
+#else
 std::string GetWifiSSID() {
   NOTIMPLEMENTED();
   return std::string();
 }
+#endif
 
 }  // namespace net
diff --git a/chromium/net/base/network_interfaces_getifaddrs.h b/chromium/net/base/network_interfaces_getifaddrs.h
index 7ec8081a648..f2d9ae1578c 100644
--- a/chromium/net/base/network_interfaces_getifaddrs.h
+++ b/chromium/net/base/network_interfaces_getifaddrs.h
@@ -13,6 +13,7 @@
 // This file defines IfaddrsToNetworkInterfaceList() so it can be called in
 // unittests.
 
+#include "build/build_config.h"
 #include "net/base/net_export.h"
 #include "net/base/network_interfaces.h"
 
@@ -51,6 +52,12 @@ NET_EXPORT_PRIVATE bool IfaddrsToNetworkInterfaceList(
     IPAttributesGetter* ip_attributes_getter,
     NetworkInterfaceList* networks);
 
+#if defined(OS_ANDROID)
+// A version of GetNetworkList() that uses getifaddrs(). Only callable on
+// Android N+ where getifaddrs() was available.
+bool GetNetworkListUsingGetifaddrs(NetworkInterfaceList* networks, int policy);
+#endif
+
 }  // namespace internal
 }  // namespace net
 
diff --git a/chromium/net/base/network_interfaces_linux.cc b/chromium/net/base/network_interfaces_linux.cc
index 616e77a83be..cad5f1d8721 100644
--- a/chromium/net/base/network_interfaces_linux.cc
+++ b/chromium/net/base/network_interfaces_linux.cc
@@ -22,6 +22,7 @@
 #include "base/strings/string_tokenizer.h"
 #include "base/strings/string_util.h"
 #include "base/threading/thread_restrictions.h"
+#include "build/build_config.h"
 #include "net/base/address_tracker_linux.h"
 #include "net/base/escape.h"
 #include "net/base/ip_endpoint.h"
@@ -30,7 +31,9 @@
 #include "url/gurl.h"
 
 #if defined(OS_ANDROID)
+#include "base/android/build_info.h"
 #include "net/android/network_library.h"
+#include "net/base/network_interfaces_getifaddrs.h"
 #endif
 
 namespace net {
@@ -211,6 +214,20 @@ bool GetNetworkList(NetworkInterfaceList* networks, int policy) {
   if (networks == NULL)
     return false;
 
+#if defined(OS_ANDROID)
+  // On Android 11 RTM_GETLINK (used by AddressTrackerLinux) no longer works as
+  // per https://developer.android.com/preview/privacy/mac-address so instead
+  // use getifaddrs() which is supported since Android N.
+  if (base::android::BuildInfo::GetInstance()->sdk_int() >=
+      base::android::SDK_VERSION_NOUGAT) {
+    bool ret = internal::GetNetworkListUsingGetifaddrs(networks, policy);
+    // Use GetInterfaceConnectionType() to sharpen up interface types.
+    for (NetworkInterface& network : *networks)
+      network.type = internal::GetInterfaceConnectionType(network.name);
+    return ret;
+  }
+#endif
+
   internal::AddressTrackerLinux tracker;
   tracker.Init();
 
diff --git a/chromium/net/base/network_interfaces_win_unittest.cc b/chromium/net/base/network_interfaces_win_unittest.cc
index 51417189fa0..32763aa95d2 100644
--- a/chromium/net/base/network_interfaces_win_unittest.cc
+++ b/chromium/net/base/network_interfaces_win_unittest.cc
@@ -11,6 +11,7 @@
 #include <string>
 #include <unordered_set>
 
+#include "base/logging.h"
 #include "base/strings/utf_string_conversions.h"
 #include "build/build_config.h"
 #include "net/base/ip_endpoint.h"
diff --git a/chromium/net/base/priority_queue.h b/chromium/net/base/priority_queue.h
index ab8ee22a019..c4c30fa45c0 100644
--- a/chromium/net/base/priority_queue.h
+++ b/chromium/net/base/priority_queue.h
@@ -13,7 +13,7 @@
 
 #include "base/bind.h"
 #include "base/callback.h"
-#include "base/logging.h"
+#include "base/check_op.h"
 #include "base/macros.h"
 #include "base/threading/thread_checker.h"
 
diff --git a/chromium/net/base/privacy_mode.h b/chromium/net/base/privacy_mode.h
index c3d128d83ac..90e99dd3bcc 100644
--- a/chromium/net/base/privacy_mode.h
+++ b/chromium/net/base/privacy_mode.h
@@ -12,6 +12,10 @@ namespace net {
 enum PrivacyMode {
   PRIVACY_MODE_DISABLED = 0,
   PRIVACY_MODE_ENABLED = 1,
+
+  // Due to http://crbug.com/775438, PRIVACY_MODE_ENABLED still sends client
+  // certs. This mode ensures that the request is sent without client certs.
+  PRIVACY_MODE_ENABLED_WITHOUT_CLIENT_CERTS = 2,
 };
 
 }  // namespace net
diff --git a/chromium/net/base/upload_data_stream.cc b/chromium/net/base/upload_data_stream.cc
index edcba234fc5..bd5aea1bf31 100644
--- a/chromium/net/base/upload_data_stream.cc
+++ b/chromium/net/base/upload_data_stream.cc
@@ -190,4 +190,8 @@ UploadProgress UploadDataStream::GetUploadProgress() const {
   return UploadProgress(current_position_, total_size_);
 }
 
+bool UploadDataStream::AllowHTTP1() const {
+  return true;
+}
+
 }  // namespace net
diff --git a/chromium/net/base/upload_data_stream.h b/chromium/net/base/upload_data_stream.h
index b9645ec5a09..807efa13978 100644
--- a/chromium/net/base/upload_data_stream.h
+++ b/chromium/net/base/upload_data_stream.h
@@ -95,6 +95,10 @@ class NET_EXPORT UploadDataStream {
   // empty UploadProgress.
   virtual UploadProgress GetUploadProgress() const;
 
+  // Indicates whether fetch upload streaming is allowed/rejected over H/1.
+  // Even if this is false but there is a QUIC/H2 stream, the upload is allowed.
+  virtual bool AllowHTTP1() const;
+
  protected:
   // Must be called by subclasses when InitInternal and ReadInternal complete
   // asynchronously.
author	Allan Sandfeld Jensen <allan.jensen@qt.io>	2020-10-12 14:27:29 +0200
committer	Allan Sandfeld Jensen <allan.jensen@qt.io>	2020-10-13 09:35:20 +0000
commit	c30a6232df03e1efbd9f3b226777b07e087a1122 (patch)
tree	e992f45784689f373bcc38d1b79a239ebe17ee23 /chromium/net/base
parent	7b5b123ac58f58ffde0f4f6e488bcd09aa4decd3 (diff)
download	qtwebengine-chromium-85-based.tar.gz