diff options
Diffstat (limited to 'chromium/net/base')
35 files changed, 368 insertions, 90 deletions
diff --git a/chromium/net/base/address_tracker_linux.cc b/chromium/net/base/address_tracker_linux.cc index ffb6e6ef211..b9e76f900ef 100644 --- a/chromium/net/base/address_tracker_linux.cc +++ b/chromium/net/base/address_tracker_linux.cc @@ -17,8 +17,13 @@ #include "base/optional.h" #include "base/posix/eintr_wrapper.h" #include "base/threading/scoped_blocking_call.h" +#include "build/build_config.h" #include "net/base/network_interfaces_linux.h" +#if defined(OS_ANDROID) +#include "base/android/build_info.h" +#endif + namespace net { namespace internal { @@ -177,6 +182,14 @@ AddressTrackerLinux::AddressTrackerLinux( AddressTrackerLinux::~AddressTrackerLinux() = default; void AddressTrackerLinux::Init() { +#if defined(OS_ANDROID) + // RTM_GETLINK stopped working in Android 11 (see + // https://developer.android.com/preview/privacy/mac-address), + // so AddressTrackerLinux should not be used in later versions + // of Android. Chromium code doesn't need it past Android P. + DCHECK_LT(base::android::BuildInfo::GetInstance()->sdk_int(), + base::android::SDK_VERSION_P); +#endif netlink_fd_.reset(socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)); if (!netlink_fd_.is_valid()) { PLOG(ERROR) << "Could not create NETLINK socket"; diff --git a/chromium/net/base/address_tracker_linux_unittest.cc b/chromium/net/base/address_tracker_linux_unittest.cc index 0ad83bf0363..eff90ed009e 100644 --- a/chromium/net/base/address_tracker_linux_unittest.cc +++ b/chromium/net/base/address_tracker_linux_unittest.cc @@ -16,9 +16,14 @@ #include "base/test/spin_wait.h" #include "base/test/task_environment.h" #include "base/threading/simple_thread.h" +#include "build/build_config.h" #include "net/base/ip_address.h" #include "testing/gtest/include/gtest/gtest.h" +#if defined(OS_ANDROID) +#include "base/android/build_info.h" +#endif + #ifndef IFA_F_HOMEADDRESS #define IFA_F_HOMEADDRESS 0x10 #endif @@ -685,6 +690,12 @@ TEST_F(AddressTrackerLinuxTest, NonTrackingMode) { } TEST_F(AddressTrackerLinuxTest, NonTrackingModeInit) { +#if defined(OS_ANDROID) + // Calling Init() on Android P+ isn't supported. + if (base::android::BuildInfo::GetInstance()->sdk_int() >= + base::android::SDK_VERSION_P) + return; +#endif AddressTrackerLinux tracker; tracker.Init(); } @@ -721,6 +732,12 @@ class GetCurrentConnectionTypeRunner }; TEST_F(AddressTrackerLinuxTest, BroadcastInit) { +#if defined(OS_ANDROID) + // Calling Init() on Android P+ isn't supported. + if (base::android::BuildInfo::GetInstance()->sdk_int() >= + base::android::SDK_VERSION_P) + return; +#endif base::test::TaskEnvironment task_environment( base::test::TaskEnvironment::MainThreadType::IO); InitializeAddressTracker(true); diff --git a/chromium/net/base/backoff_entry_serializer_fuzzer.cc b/chromium/net/base/backoff_entry_serializer_fuzzer.cc index d66eacbd443..2ec426af293 100644 --- a/chromium/net/base/backoff_entry_serializer_fuzzer.cc +++ b/chromium/net/base/backoff_entry_serializer_fuzzer.cc @@ -8,8 +8,10 @@ #include <memory> #include "base/json/json_reader.h" +#include "base/logging.h" #include "base/optional.h" #include "base/strings/string_piece_forward.h" +#include "base/time/tick_clock.h" #include "base/time/time.h" #include "net/base/backoff_entry.h" #include "net/base/backoff_entry_serializer.h" @@ -32,11 +34,18 @@ class ProtoTranslator { BackoffEntry::Policy policy() const { return PolicyFromProto(input_.policy()); } - base::Time parse_time() const { return TimeFromProto(input_.parse_time()); } + base::Time parse_time() const { + return base::Time() + + base::TimeDelta::FromMicroseconds(input_.parse_time()); + } base::Time serialize_time() const { - return TimeFromProto(input_.serialize_time()); + return base::Time() + + base::TimeDelta::FromMicroseconds(input_.serialize_time()); + } + base::TimeTicks now_ticks() const { + return base::TimeTicks() + + base::TimeDelta::FromMicroseconds(input_.now_ticks()); } - base::Optional<base::Value> serialized_entry() const { json_proto::JsonProtoConverter converter; std::string json_array = converter.Convert(input_.serialized_entry()); @@ -49,24 +58,33 @@ class ProtoTranslator { static BackoffEntry::Policy PolicyFromProto( const fuzz_proto::BackoffEntryPolicy& policy) { - return BackoffEntry::Policy{ - .num_errors_to_ignore = policy.num_errors_to_ignore(), - .initial_delay_ms = policy.initial_delay_ms(), - .multiply_factor = policy.multiply_factor(), - .jitter_factor = policy.jitter_factor(), - .maximum_backoff_ms = policy.maximum_backoff_ms(), - .entry_lifetime_ms = policy.entry_lifetime_ms(), - .always_use_initial_delay = policy.always_use_initial_delay(), - }; + BackoffEntry::Policy new_policy; + new_policy.num_errors_to_ignore = policy.num_errors_to_ignore(); + new_policy.initial_delay_ms = policy.initial_delay_ms(); + new_policy.multiply_factor = policy.multiply_factor(); + new_policy.jitter_factor = policy.jitter_factor(); + new_policy.maximum_backoff_ms = policy.maximum_backoff_ms(); + new_policy.entry_lifetime_ms = policy.entry_lifetime_ms(); + new_policy.always_use_initial_delay = policy.always_use_initial_delay(); + return new_policy; } +}; - static base::Time TimeFromProto(uint64_t raw_time) { - return base::Time() + base::TimeDelta::FromMicroseconds(raw_time); - } +class MockClock : public base::TickClock { + public: + MockClock() = default; + ~MockClock() override = default; + + void SetNow(base::TimeTicks now) { now_ = now; } + base::TimeTicks NowTicks() const override { return now_; } + + private: + base::TimeTicks now_; }; // Tests the "deserialize-reserialize" property. Deserializes a BackoffEntry -// from JSON, reserializes it, and checks that the JSON values match. +// from JSON, reserializes it, then deserializes again. Holding time constant, +// we check that the parsed BackoffEntry values are equivalent. void TestDeserialize(const ProtoTranslator& translator) { // Attempt to convert the json_proto.ArrayValue to a base::Value. base::Optional<base::Value> value = translator.serialized_entry(); @@ -76,19 +94,30 @@ void TestDeserialize(const ProtoTranslator& translator) { BackoffEntry::Policy policy = translator.policy(); + MockClock clock; + clock.SetNow(translator.now_ticks()); + // Attempt to deserialize a BackoffEntry. std::unique_ptr<BackoffEntry> entry = - BackoffEntrySerializer::DeserializeFromValue(*value, &policy, nullptr, + BackoffEntrySerializer::DeserializeFromValue(*value, &policy, &clock, translator.parse_time()); if (!entry) return; - // Serializing |entry| it should recreate the original JSON input! std::unique_ptr<base::Value> reserialized = - BackoffEntrySerializer::SerializeToValue(*entry, - translator.serialize_time()); + BackoffEntrySerializer::SerializeToValue(*entry, translator.parse_time()); CHECK(reserialized); - CHECK_EQ(*reserialized, *value); + + // Due to fuzzy interpretation in BackoffEntrySerializer:: + // DeserializeFromValue, we cannot assert that |*reserialized == *value|. + // Rather, we can deserialize |reserialized| and check that the result is + // equivalent to |entry|. + std::unique_ptr<BackoffEntry> entry_reparsed = + BackoffEntrySerializer::DeserializeFromValue( + *reserialized, &policy, &clock, translator.parse_time()); + CHECK(entry_reparsed); + CHECK_EQ(entry->failure_count(), entry_reparsed->failure_count()); + CHECK_EQ(entry->GetReleaseTime(), entry_reparsed->GetReleaseTime()); } // Tests the "serialize-deserialize" property. Serializes an arbitrary @@ -105,10 +134,13 @@ void TestSerialize(const ProtoTranslator& translator) { translator.serialize_time()); CHECK(serialized); + MockClock clock; + clock.SetNow(translator.now_ticks()); + // Deserialize it. std::unique_ptr<BackoffEntry> deserialized_entry = - BackoffEntrySerializer::DeserializeFromValue( - *serialized, &policy, nullptr, translator.parse_time()); + BackoffEntrySerializer::DeserializeFromValue(*serialized, &policy, &clock, + translator.parse_time()); // Even though SerializeToValue was successful, we're not guaranteed to have a // |deserialized_entry|. One reason deserialization may fail is if the parsed // |absolute_release_time_us| is below zero. @@ -134,8 +166,8 @@ DEFINE_PROTO_FUZZER(const fuzz_proto::FuzzerInput& input) { } ProtoTranslator translator(input); - TestSerialize(translator); TestDeserialize(translator); + TestSerialize(translator); } } // namespace net diff --git a/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto b/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto index d92f72eca9b..06cb247dd2a 100644 --- a/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto +++ b/chromium/net/base/backoff_entry_serializer_fuzzer_input.proto @@ -9,9 +9,11 @@ package fuzz_proto; import "testing/libfuzzer/proto/json.proto"; message FuzzerInput { - // Using int64 to match base::Time's internal representation. + // Using int64 to match internal representation of base::Time and + // base::TimeTicks. required int64 parse_time = 1; required int64 serialize_time = 2; + required int64 now_ticks = 5; required BackoffEntryPolicy policy = 3; required json_proto.ArrayValue serialized_entry = 4; } diff --git a/chromium/net/base/features.cc b/chromium/net/base/features.cc index b6b6c2dedd5..1b97b20d324 100644 --- a/chromium/net/base/features.cc +++ b/chromium/net/base/features.cc @@ -3,6 +3,9 @@ // found in the LICENSE file. #include "net/base/features.h" + +#include <vector> + #include "build/build_config.h" namespace net { @@ -11,6 +14,9 @@ namespace features { const base::Feature kAcceptLanguageHeader{"AcceptLanguageHeader", base::FEATURE_ENABLED_BY_DEFAULT}; +const base::Feature kCapReferrerToOriginOnCrossOrigin{ + "CapReferrerToOriginOnCrossOrigin", base::FEATURE_DISABLED_BY_DEFAULT}; + const base::Feature kDnsHttpssvc{"DnsHttpssvc", base::FEATURE_DISABLED_BY_DEFAULT}; @@ -20,12 +26,34 @@ const base::FeatureParam<bool> kDnsHttpssvcUseHttpssvc{ const base::FeatureParam<bool> kDnsHttpssvcUseIntegrity{ &kDnsHttpssvc, "DnsHttpssvcUseIntegrity", false}; +const base::FeatureParam<bool> kDnsHttpssvcEnableQueryOverInsecure{ + &kDnsHttpssvc, "DnsHttpssvcEnableQueryOverInsecure", false}; + const base::FeatureParam<int> kDnsHttpssvcExtraTimeMs{ &kDnsHttpssvc, "DnsHttpssvcExtraTimeMs", 10}; const base::FeatureParam<int> kDnsHttpssvcExtraTimePercent{ &kDnsHttpssvc, "DnsHttpssvcExtraTimePercent", 5}; +const base::FeatureParam<std::string> kDnsHttpssvcExperimentDomains{ + &kDnsHttpssvc, "DnsHttpssvcExperimentDomains", ""}; + +const base::FeatureParam<std::string> kDnsHttpssvcControlDomains{ + &kDnsHttpssvc, "DnsHttpssvcControlDomains", ""}; + +const base::FeatureParam<bool> kDnsHttpssvcControlDomainWildcard{ + &kDnsHttpssvc, "DnsHttpssvcControlDomainWildcard", false}; + +const base::Feature kAvoidH2Reprioritization{"AvoidH2Reprioritization", + base::FEATURE_DISABLED_BY_DEFAULT}; + +namespace dns_httpssvc_experiment { +base::TimeDelta GetExtraTimeAbsolute() { + DCHECK(base::FeatureList::IsEnabled(features::kDnsHttpssvc)); + return base::TimeDelta::FromMilliseconds(kDnsHttpssvcExtraTimeMs.Get()); +} +} // namespace dns_httpssvc_experiment + const base::Feature kEnableTLS13EarlyData{"EnableTLS13EarlyData", base::FEATURE_DISABLED_BY_DEFAULT}; @@ -50,6 +78,28 @@ const base::Feature kPartitionSSLSessionsByNetworkIsolationKey{ "PartitionSSLSessionsByNetworkIsolationKey", base::FEATURE_DISABLED_BY_DEFAULT}; +const base::Feature kPartitionExpectCTStateByNetworkIsolationKey{ + "PartitionExpectCTStateByNetworkIsolationKey", + base::FEATURE_DISABLED_BY_DEFAULT}; + +const base::Feature kExpectCTPruning{"ExpectCTPruning", + base::FEATURE_ENABLED_BY_DEFAULT}; + +NET_EXPORT extern const base::FeatureParam<int> + kExpectCTPruneMax(&kExpectCTPruning, "ExpectCTPruneMax", 2000); +NET_EXPORT extern const base::FeatureParam<int> + kExpectCTPruneMin(&kExpectCTPruning, "ExpectCTPruneMin", 1800); +NET_EXPORT extern const base::FeatureParam<int> kExpectCTSafeFromPruneDays( + &kExpectCTPruning, + "ExpectCTSafeFromPruneDays", + 40); +NET_EXPORT extern const base::FeatureParam<int> kExpectCTMaxEntriesPerNik( + &kExpectCTPruning, + "ExpectCTMaxEntriesPerNik", + 20); +NET_EXPORT extern const base::FeatureParam<int> + kExpectCTPruneDelaySecs(&kExpectCTPruning, "ExpectCTPruneDelaySecs", 60); + const base::Feature kTLS13KeyUpdate{"TLS13KeyUpdate", base::FEATURE_DISABLED_BY_DEFAULT}; @@ -59,24 +109,11 @@ const base::Feature kPostQuantumCECPQ2{"PostQuantumCECPQ2", const base::Feature kNetUnusedIdleSocketTimeout{ "NetUnusedIdleSocketTimeout", base::FEATURE_DISABLED_BY_DEFAULT}; -const base::Feature kRequestEsniDnsRecords{"RequestEsniDnsRecords", - base::FEATURE_DISABLED_BY_DEFAULT}; -base::TimeDelta EsniDnsMaxAbsoluteAdditionalWait() { - DCHECK(base::FeatureList::IsEnabled(kRequestEsniDnsRecords)); - return base::TimeDelta::FromMilliseconds( - kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds.Get()); -} -const base::FeatureParam<int> kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds{ - &kRequestEsniDnsRecords, "EsniDnsMaxAbsoluteAdditionalWaitMilliseconds", - 10}; -const base::FeatureParam<int> kEsniDnsMaxRelativeAdditionalWaitPercent{ - &kRequestEsniDnsRecords, "EsniDnsMaxRelativeAdditionalWaitPercent", 5}; - -const base::Feature kSameSiteByDefaultCookies{ - "SameSiteByDefaultCookies", base::FEATURE_DISABLED_BY_DEFAULT}; +const base::Feature kSameSiteByDefaultCookies{"SameSiteByDefaultCookies", + base::FEATURE_ENABLED_BY_DEFAULT}; const base::Feature kCookiesWithoutSameSiteMustBeSecure{ - "CookiesWithoutSameSiteMustBeSecure", base::FEATURE_DISABLED_BY_DEFAULT}; + "CookiesWithoutSameSiteMustBeSecure", base::FEATURE_ENABLED_BY_DEFAULT}; const base::Feature kShortLaxAllowUnsafeThreshold{ "ShortLaxAllowUnsafeThreshold", base::FEATURE_DISABLED_BY_DEFAULT}; @@ -100,10 +137,6 @@ const base::FeatureParam<int> &kRecentCreationTimeGrantsLegacyCookieSemantics, "RecentCreationTimeGrantsLegacyCookieSemanticsMilliseconds", 0}; -const base::Feature kBlockExternalRequestsFromNonSecureInitiators{ - "BlockExternalRequestsFromNonSecureInitiators", - base::FEATURE_DISABLED_BY_DEFAULT}; - #if BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED) const base::Feature kCertVerifierBuiltinFeature{ "CertVerifierBuiltin", base::FEATURE_DISABLED_BY_DEFAULT}; @@ -114,7 +147,7 @@ const base::Feature kAppendFrameOriginToNetworkIsolationKey{ const base::Feature kUseRegistrableDomainInNetworkIsolationKey{ "UseRegistrableDomainInNetworkIsolationKey", - base::FEATURE_DISABLED_BY_DEFAULT}; + base::FEATURE_ENABLED_BY_DEFAULT}; const base::Feature kTurnOffStreamingMediaCaching{ "TurnOffStreamingMediaCaching", base::FEATURE_DISABLED_BY_DEFAULT}; @@ -128,5 +161,8 @@ const base::Feature kSchemefulSameSite{"SchemefulSameSite", const base::Feature kTLSLegacyCryptoFallbackForMetrics{ "TLSLegacyCryptoFallbackForMetrics", base::FEATURE_ENABLED_BY_DEFAULT}; +const base::Feature kUseLookalikesForNavigationSuggestions{ + "UseLookalikesForNavigationSuggestions", base::FEATURE_DISABLED_BY_DEFAULT}; + } // namespace features } // namespace net diff --git a/chromium/net/base/features.h b/chromium/net/base/features.h index b6b2a4cccf7..a6767bfbe57 100644 --- a/chromium/net/base/features.h +++ b/chromium/net/base/features.h @@ -5,8 +5,12 @@ #ifndef NET_BASE_FEATURES_H_ #define NET_BASE_FEATURES_H_ +#include <string> + #include "base/feature_list.h" #include "base/metrics/field_trial_params.h" +#include "base/strings/string_piece.h" +#include "base/time/time.h" #include "net/base/net_export.h" #include "net/net_buildflags.h" @@ -17,6 +21,10 @@ namespace features { // https://github.com/WICG/lang-client-hint proposes that we deprecate. NET_EXPORT extern const base::Feature kAcceptLanguageHeader; +// When kCapReferrerToOriginOnCrossOrigin is enabled, HTTP referrers on cross- +// origin requests are restricted to contain at most the source origin. +NET_EXPORT extern const base::Feature kCapReferrerToOriginOnCrossOrigin; + // Enables TLS 1.3 early data. NET_EXPORT extern const base::Feature kEnableTLS13EarlyData; @@ -25,6 +33,9 @@ NET_EXPORT extern const base::Feature kEnableTLS13EarlyData; // cause us to upgrade the URL to HTTPS and/or to attempt QUIC. NET_EXPORT extern const base::Feature kDnsHttpssvc; +// Disable H2 reprioritization, in order to measure its impact. +NET_EXPORT extern const base::Feature kAvoidH2Reprioritization; + // Determine which kind of record should be queried: HTTPSSVC or INTEGRITY. No // more than one of these feature parameters should be enabled at once. In the // event that both are enabled, |kDnsHttpssvcUseIntegrity| takes priority, and @@ -32,6 +43,10 @@ NET_EXPORT extern const base::Feature kDnsHttpssvc; NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseHttpssvc; NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseIntegrity; +// Enable HTTPSSVC or INTEGRITY to be queried over insecure DNS. +NET_EXPORT extern const base::FeatureParam<bool> + kDnsHttpssvcEnableQueryOverInsecure; + // If we are still waiting for an HTTPSSVC or INTEGRITY query after all the // other queries in a DnsTask have completed, we will compute a timeout for the // remaining query. The timeout will be the min of: @@ -41,6 +56,35 @@ NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseIntegrity; NET_EXPORT extern const base::FeatureParam<int> kDnsHttpssvcExtraTimeMs; NET_EXPORT extern const base::FeatureParam<int> kDnsHttpssvcExtraTimePercent; +// These parameters, respectively, are the list of experimental and control +// domains for which we will query HTTPSSVC or INTEGRITY records. We expect +// valid INTEGRITY results for experiment domains. We expect no INTEGRITY +// results for control domains. +// +// The format of both parameters is a comma-separated list of domains. +// Whitespace around domain names is permitted. Trailing comma is optional. +// +// See helper functions: +// |dns_httpssvc_experiment::GetDnsHttpssvcExperimentDomains| and +// |dns_httpssvc_experiment::GetDnsHttpssvcControlDomains|. +NET_EXPORT extern const base::FeatureParam<std::string> + kDnsHttpssvcExperimentDomains; +NET_EXPORT extern const base::FeatureParam<std::string> + kDnsHttpssvcControlDomains; + +// This param controls how we determine whether a domain is an experimental or +// control domain. When false, domains must be in |kDnsHttpssvcControlDomains| +// to be considered a control. When true, we ignore |kDnsHttpssvcControlDomains| +// and any non-experiment domain (not in |kDnsHttpssvcExperimentDomains|) is +// considered a control domain. +NET_EXPORT extern const base::FeatureParam<bool> + kDnsHttpssvcControlDomainWildcard; + +namespace dns_httpssvc_experiment { +// Get the value of |kDnsHttpssvcExtraTimeMs|. +NET_EXPORT base::TimeDelta GetExtraTimeAbsolute(); +} // namespace dns_httpssvc_experiment + // Enables optimizing the network quality estimation algorithms in network // quality estimator (NQE). NET_EXPORT extern const base::Feature kNetworkQualityEstimator; @@ -72,6 +116,36 @@ NET_EXPORT extern const base::Feature NET_EXPORT extern const base::Feature kPartitionSSLSessionsByNetworkIsolationKey; +// Partitions Expect-CT data by NetworkIsolationKey. This only affects the +// Expect-CT data itself. Regardless of this value, reports will be uploaded +// using the associated NetworkIsolationKey, when one's available. +// +// This feature requires kPartitionConnectionsByNetworkIsolationKey, +// kPartitionHttpServerPropertiesByNetworkIsolationKey, and +// kPartitionConnectionsByNetworkIsolationKey to all be enabled to work. +NET_EXPORT extern const base::Feature + kPartitionExpectCTStateByNetworkIsolationKey; + +// Enables limiting the size of Expect-CT table. +NET_EXPORT extern const base::Feature kExpectCTPruning; + +// FeatureParams associated with kExpectCTPruning. + +// Expect-CT pruning runs when this many entries are hit. +NET_EXPORT extern const base::FeatureParam<int> kExpectCTPruneMax; +// The Expect-CT pruning logic attempts to reduce entries to at most this many. +NET_EXPORT extern const base::FeatureParam<int> kExpectCTPruneMin; +// Non-transient entries with |enforce| set are safe from being pruned if +// they're less than this many days old, unless the number of entries exceeds +// |kExpectCTMaxEntriesPerNik|. +NET_EXPORT extern const base::FeatureParam<int> kExpectCTSafeFromPruneDays; +// If, after pruning transient, non-enforced, old Expect-CT entries, +// kExpectCTPruneMin is still exceeded, then all NetworkIsolationKeys will be +// capped to this many entries, based on last observation date. +NET_EXPORT extern const base::FeatureParam<int> kExpectCTMaxEntriesPerNik; +// Minimum delay between successive prunings of Expect-CT entries, in seconds. +NET_EXPORT extern const base::FeatureParam<int> kExpectCTPruneDelaySecs; + // Enables sending TLS 1.3 Key Update messages on TLS 1.3 connections in order // to ensure that this corner of the spec is exercised. This is currently // disabled by default because we discovered incompatibilities with some @@ -84,25 +158,6 @@ NET_EXPORT extern const base::Feature kPostQuantumCECPQ2; // Changes the timeout after which unused sockets idle sockets are cleaned up. NET_EXPORT extern const base::Feature kNetUnusedIdleSocketTimeout; -// Enables the built-in resolver requesting ESNI (TLS 1.3 Encrypted -// Server Name Indication) records alongside IPv4 and IPv6 address records -// during DNS over HTTPS (DoH) host resolution. -NET_EXPORT extern const base::Feature kRequestEsniDnsRecords; -// Returns a TimeDelta of value kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds -// milliseconds (see immediately below). -NET_EXPORT base::TimeDelta EsniDnsMaxAbsoluteAdditionalWait(); -// The following two parameters specify the amount of extra time to wait for a -// long-running ESNI DNS transaction after the successful conclusion of -// concurrent A and AAAA transactions. This timeout will have value -// min{kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds, -// (100% + kEsniDnsMaxRelativeAdditionalWaitPercent) -// * max{time elapsed for the concurrent A query, -// time elapsed for the concurrent AAAA query}}. -NET_EXPORT extern const base::FeatureParam<int> - kEsniDnsMaxAbsoluteAdditionalWaitMilliseconds; -NET_EXPORT extern const base::FeatureParam<int> - kEsniDnsMaxRelativeAdditionalWaitPercent; - // When enabled, makes cookies without a SameSite attribute behave like // SameSite=Lax cookies by default, and requires SameSite=None to be specified // in order to make cookies available in a third-party context. When disabled, @@ -158,12 +213,6 @@ NET_EXPORT extern const base::Feature NET_EXPORT extern const base::FeatureParam<int> kRecentCreationTimeGrantsLegacyCookieSemanticsMilliseconds; -// When enabled, blocks external requests coming from non-secure contexts. An -// external request is a request that crosses a network boundary from a more -// public address space into a less public address space. -NET_EXPORT extern const base::Feature - kBlockExternalRequestsFromNonSecureInitiators; - #if BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED) // When enabled, use the builtin cert verifier instead of the platform verifier. NET_EXPORT extern const base::Feature kCertVerifierBuiltinFeature; @@ -192,6 +241,10 @@ NET_EXPORT extern const base::Feature kSchemefulSameSite; // those algorithms. If disabled, the algorithms will always be offered. NET_EXPORT extern const base::Feature kTLSLegacyCryptoFallbackForMetrics; +// When enabled, DNS_PROBE_FINISHED_NXDOMAIN error pages may show +// locally-generated suggestions to visit similar domains. +NET_EXPORT extern const base::Feature kUseLookalikesForNavigationSuggestions; + } // namespace features } // namespace net diff --git a/chromium/net/base/file_stream_context.cc b/chromium/net/base/file_stream_context.cc index 73e4843b902..f2009c8aef5 100644 --- a/chromium/net/base/file_stream_context.cc +++ b/chromium/net/base/file_stream_context.cc @@ -9,6 +9,7 @@ #include "base/bind.h" #include "base/files/file_path.h" #include "base/location.h" +#include "base/logging.h" #include "base/task_runner.h" #include "base/task_runner_util.h" #include "base/threading/thread_restrictions.h" diff --git a/chromium/net/base/file_stream_context.h b/chromium/net/base/file_stream_context.h index dcd5b3fae1a..7aae431b4d1 100644 --- a/chromium/net/base/file_stream_context.h +++ b/chromium/net/base/file_stream_context.h @@ -30,6 +30,7 @@ #include <stdint.h> #include "base/files/file.h" +#include "base/logging.h" #include "base/macros.h" #include "base/memory/weak_ptr.h" #include "base/message_loop/message_pump_for_io.h" diff --git a/chromium/net/base/ip_address.cc b/chromium/net/base/ip_address.cc index 03a4df02dfc..ec095c44934 100644 --- a/chromium/net/base/ip_address.cc +++ b/chromium/net/base/ip_address.cc @@ -22,6 +22,8 @@ namespace net { namespace { +bool g_consider_loopback_ip_to_be_publicly_routable_for_testing = false; + // The prefix for IPv6 mapped IPv4 addresses. // https://tools.ietf.org/html/rfc4291#section-2.5.5.2 constexpr uint8_t kIPv4MappedPrefix[] = {0, 0, 0, 0, 0, 0, @@ -234,6 +236,11 @@ bool IPAddress::IsValid() const { } bool IPAddress::IsPubliclyRoutable() const { + if (g_consider_loopback_ip_to_be_publicly_routable_for_testing && + IsLoopback()) { + return true; + } + if (IsIPv4()) { return IsPubliclyRoutableIPv4(ip_address_); } else if (IsIPv6()) { @@ -242,6 +249,11 @@ bool IPAddress::IsPubliclyRoutable() const { return true; } +// static +void IPAddress::ConsiderLoopbackIPToBePubliclyRoutableForTesting() { + g_consider_loopback_ip_to_be_publicly_routable_for_testing = true; +} + bool IPAddress::IsZero() const { for (auto x : ip_address_) { if (x != 0) diff --git a/chromium/net/base/ip_address.h b/chromium/net/base/ip_address.h index 829095bc3a4..c3249b7c88d 100644 --- a/chromium/net/base/ip_address.h +++ b/chromium/net/base/ip_address.h @@ -157,6 +157,10 @@ class NET_EXPORT IPAddress { // IPv4-mapped-to-IPv6 addresses are considered publicly routable. bool IsPubliclyRoutable() const; + // Let future IsPubliclyRoutable() calls in the current process always return + // true for a loopback ip. + static void ConsiderLoopbackIPToBePubliclyRoutableForTesting(); + // Returns true if the IP is "zero" (e.g. the 0.0.0.0 IPv4 address). bool IsZero() const; diff --git a/chromium/net/base/ip_address_unittest.cc b/chromium/net/base/ip_address_unittest.cc index 6ec78d6c38e..8a9b90022b1 100644 --- a/chromium/net/base/ip_address_unittest.cc +++ b/chromium/net/base/ip_address_unittest.cc @@ -302,6 +302,16 @@ TEST(IPAddressTest, IsPubliclyRoutableIPv6) { } } +TEST(IPAddressTest, ConsiderLoopbackIPToBePubliclyRoutableForTestingMethod) { + IPAddress address; + EXPECT_TRUE(address.AssignFromIPLiteral("127.0.0.1")); + ASSERT_TRUE(address.IsValid()); + EXPECT_FALSE(address.IsPubliclyRoutable()); + + IPAddress::ConsiderLoopbackIPToBePubliclyRoutableForTesting(); + EXPECT_TRUE(address.IsPubliclyRoutable()); +} + TEST(IPAddressTest, IsZero) { uint8_t address1[4] = {}; IPAddress zero_ipv4_address(address1); diff --git a/chromium/net/base/load_timing_info.h b/chromium/net/base/load_timing_info.h index e3ff12e34da..6952fc557ce 100644 --- a/chromium/net/base/load_timing_info.h +++ b/chromium/net/base/load_timing_info.h @@ -27,7 +27,6 @@ namespace net { // The general order for events is: // request_start // service_worker_start_time -// service_worker_ready_time // proxy_start // proxy_end // dns_start @@ -38,6 +37,10 @@ namespace net { // connect_end // send_start // send_end +// service_worker_ready_time +// service_worker_fetch_start +// service_worker_respond_with_settled +// first_early_hints_time // receive_headers_start // receive_headers_end // @@ -149,7 +152,16 @@ struct NET_EXPORT LoadTimingInfo { // if this is greater than |request_start|. base::TimeTicks service_worker_ready_time; - // The time spent determing which proxy to use. Null when there is no PAC. + // The time when serviceworker fetch event was popped off the event queue + // and fetch event handler started running. + // If the response is not provided by the ServiceWorker, kept empty. + base::TimeTicks service_worker_fetch_start; + + // The time when serviceworker's fetch event's respondWith promise was + // settled. If the response is not provided by the ServiceWorker, kept empty. + base::TimeTicks service_worker_respond_with_settled; + + // The time spent determining which proxy to use. Null when there is no PAC. base::TimeTicks proxy_resolve_start; base::TimeTicks proxy_resolve_end; @@ -167,6 +179,9 @@ struct NET_EXPORT LoadTimingInfo { base::TimeTicks receive_headers_start; base::TimeTicks receive_headers_end; + // The time that the first 103 Early Hints response is received. + base::TimeTicks first_early_hints_time; + // In case the resource was proactively pushed by the server, these are // the times that push started and ended. Note that push_end will be null // if the request is still being transmitted, i.e. the underlying h2 stream diff --git a/chromium/net/base/load_timing_info_test_util.cc b/chromium/net/base/load_timing_info_test_util.cc index 84410d560b9..e84d4bd127b 100644 --- a/chromium/net/base/load_timing_info_test_util.cc +++ b/chromium/net/base/load_timing_info_test_util.cc @@ -54,6 +54,7 @@ void ExpectLoadTimingHasOnlyConnectionTimes( EXPECT_TRUE(load_timing_info.send_start.is_null()); EXPECT_TRUE(load_timing_info.send_end.is_null()); EXPECT_TRUE(load_timing_info.receive_headers_end.is_null()); + EXPECT_TRUE(load_timing_info.first_early_hints_time.is_null()); EXPECT_TRUE(load_timing_info.push_start.is_null()); EXPECT_TRUE(load_timing_info.push_end.is_null()); } diff --git a/chromium/net/base/net_error_list.h b/chromium/net/base/net_error_list.h index 758c9b18350..7682241352a 100644 --- a/chromium/net/base/net_error_list.h +++ b/chromium/net/base/net_error_list.h @@ -121,6 +121,12 @@ NET_ERROR(BLOCKED_BY_RESPONSE, -27) // requests. Used for NetworkSecurityPolicy on Android. NET_ERROR(CLEARTEXT_NOT_PERMITTED, -29) +// The request was blocked by a Content Security Policy +NET_ERROR(BLOCKED_BY_CSP, -30) + +// The request was blocked because of no H/2 or QUIC session. +NET_ERROR(H2_OR_QUIC_REQUIRED, -31) + // A connection was closed (corresponding to a TCP FIN). NET_ERROR(CONNECTION_CLOSED, -100) diff --git a/chromium/net/base/net_errors.cc b/chromium/net/base/net_errors.cc index 25d46b434d0..06ba2d9174c 100644 --- a/chromium/net/base/net_errors.cc +++ b/chromium/net/base/net_errors.cc @@ -69,6 +69,17 @@ bool IsHostnameResolutionError(int error) { return error == ERR_NAME_NOT_RESOLVED; } +bool IsRequestBlockedError(int error) { + switch (error) { + case ERR_BLOCKED_BY_CLIENT: + case ERR_BLOCKED_BY_ADMINISTRATOR: + case ERR_BLOCKED_BY_CSP: + return true; + default: + return false; + } +} + Error FileErrorToNetError(base::File::Error file_error) { switch (file_error) { case base::File::FILE_OK: diff --git a/chromium/net/base/net_errors.h b/chromium/net/base/net_errors.h index bbd870e1c16..d2807f53999 100644 --- a/chromium/net/base/net_errors.h +++ b/chromium/net/base/net_errors.h @@ -50,6 +50,9 @@ NET_EXPORT bool IsClientCertificateError(int error); // Returns true if |error| is an error from hostname resolution. NET_EXPORT bool IsHostnameResolutionError(int error); +// Returns true if |error| means that the request has been blocked. +NET_EXPORT bool IsRequestBlockedError(int error); + // Map system error code to Error. NET_EXPORT Error MapSystemError(logging::SystemErrorCode os_error); diff --git a/chromium/net/base/net_errors_posix.cc b/chromium/net/base/net_errors_posix.cc index 13e14a736c8..2e4fd240aaa 100644 --- a/chromium/net/base/net_errors_posix.cc +++ b/chromium/net/base/net_errors_posix.cc @@ -17,7 +17,8 @@ namespace net { Error MapSystemError(logging::SystemErrorCode os_error) { if (os_error != 0) - DVLOG(2) << "Error " << os_error; + DVLOG(2) << "Error " << os_error << ": " + << logging::SystemErrorCodeToString(os_error); // There are numerous posix error codes, but these are the ones we thus far // find interesting. diff --git a/chromium/net/base/network_change_notifier_fuchsia.cc b/chromium/net/base/network_change_notifier_fuchsia.cc index a6d67e35f42..e5cde0787f8 100644 --- a/chromium/net/base/network_change_notifier_fuchsia.cc +++ b/chromium/net/base/network_change_notifier_fuchsia.cc @@ -11,8 +11,8 @@ #include <vector> #include "base/bind.h" -#include "base/fuchsia/default_context.h" #include "base/fuchsia/fuchsia_logging.h" +#include "base/fuchsia/process_context.h" #include "base/optional.h" #include "base/run_loop.h" #include "net/base/network_interfaces.h" @@ -22,11 +22,10 @@ namespace net { NetworkChangeNotifierFuchsia::NetworkChangeNotifierFuchsia( uint32_t required_features) - : NetworkChangeNotifierFuchsia( - base::fuchsia::ComponentContextForCurrentProcess() - ->svc() - ->Connect<fuchsia::netstack::Netstack>(), - required_features) {} + : NetworkChangeNotifierFuchsia(base::ComponentContextForProcess() + ->svc() + ->Connect<fuchsia::netstack::Netstack>(), + required_features) {} NetworkChangeNotifierFuchsia::NetworkChangeNotifierFuchsia( fuchsia::netstack::NetstackPtr netstack, diff --git a/chromium/net/base/network_change_notifier_fuchsia_unittest.cc b/chromium/net/base/network_change_notifier_fuchsia_unittest.cc index e5ca7faa080..f6354fadb8e 100644 --- a/chromium/net/base/network_change_notifier_fuchsia_unittest.cc +++ b/chromium/net/base/network_change_notifier_fuchsia_unittest.cc @@ -12,6 +12,7 @@ #include "base/auto_reset.h" #include "base/bind.h" +#include "base/logging.h" #include "base/run_loop.h" #include "base/test/task_environment.h" #include "base/threading/sequence_bound.h" diff --git a/chromium/net/base/network_change_notifier_mac.cc b/chromium/net/base/network_change_notifier_mac.cc index 91cf418ef43..23cc7fd3536 100644 --- a/chromium/net/base/network_change_notifier_mac.cc +++ b/chromium/net/base/network_change_notifier_mac.cc @@ -8,6 +8,7 @@ #include <resolv.h> #include "base/bind.h" +#include "base/logging.h" #include "base/macros.h" #include "base/sequenced_task_runner.h" #include "base/task/post_task.h" diff --git a/chromium/net/base/network_config_watcher_mac.cc b/chromium/net/base/network_config_watcher_mac.cc index fb6362c832e..ea499cf3126 100644 --- a/chromium/net/base/network_config_watcher_mac.cc +++ b/chromium/net/base/network_config_watcher_mac.cc @@ -8,6 +8,7 @@ #include "base/bind.h" #include "base/compiler_specific.h" +#include "base/logging.h" #include "base/macros.h" #include "base/memory/weak_ptr.h" #include "base/message_loop/message_pump_type.h" diff --git a/chromium/net/base/network_delegate.cc b/chromium/net/base/network_delegate.cc index a98b95e8e8c..80592ea985d 100644 --- a/chromium/net/base/network_delegate.cc +++ b/chromium/net/base/network_delegate.cc @@ -101,11 +101,10 @@ void NetworkDelegate::NotifyPACScriptError(int line_number, } bool NetworkDelegate::CanGetCookies(const URLRequest& request, - const CookieList& cookie_list, bool allowed_from_caller) { DCHECK_CALLED_ON_VALID_THREAD(thread_checker_); DCHECK(!(request.load_flags() & LOAD_DO_NOT_SEND_COOKIES)); - return OnCanGetCookies(request, cookie_list, allowed_from_caller); + return OnCanGetCookies(request, allowed_from_caller); } bool NetworkDelegate::CanSetCookie(const URLRequest& request, diff --git a/chromium/net/base/network_delegate.h b/chromium/net/base/network_delegate.h index c06f365312e..c00f0ccd3b5 100644 --- a/chromium/net/base/network_delegate.h +++ b/chromium/net/base/network_delegate.h @@ -73,7 +73,6 @@ class NET_EXPORT NetworkDelegate { void NotifyURLRequestDestroyed(URLRequest* request); void NotifyPACScriptError(int line_number, const base::string16& error); bool CanGetCookies(const URLRequest& request, - const CookieList& cookie_list, bool allowed_from_caller); bool CanSetCookie(const URLRequest& request, const net::CanonicalCookie& cookie, @@ -206,7 +205,6 @@ class NET_EXPORT NetworkDelegate { // allowed from any higher level delegates (for example, in a // LayeredNetworkDelegate). Any custom logic should be ANDed with this bool. virtual bool OnCanGetCookies(const URLRequest& request, - const CookieList& cookie_list, bool allowed_from_caller) = 0; // Called when a cookie is set to allow the network delegate to block access diff --git a/chromium/net/base/network_delegate_impl.cc b/chromium/net/base/network_delegate_impl.cc index 44a232b5a60..822bedc22a8 100644 --- a/chromium/net/base/network_delegate_impl.cc +++ b/chromium/net/base/network_delegate_impl.cc @@ -49,7 +49,6 @@ void NetworkDelegateImpl::OnPACScriptError(int line_number, } bool NetworkDelegateImpl::OnCanGetCookies(const URLRequest& request, - const CookieList& cookie_list, bool allowed_from_caller) { return allowed_from_caller; } diff --git a/chromium/net/base/network_delegate_impl.h b/chromium/net/base/network_delegate_impl.h index 46554d70035..323dade2a5a 100644 --- a/chromium/net/base/network_delegate_impl.h +++ b/chromium/net/base/network_delegate_impl.h @@ -62,7 +62,6 @@ class NET_EXPORT NetworkDelegateImpl : public NetworkDelegate { void OnPACScriptError(int line_number, const base::string16& error) override; bool OnCanGetCookies(const URLRequest& request, - const CookieList& cookie_list, bool allowed_from_caller) override; bool OnCanSetCookie(const URLRequest& request, diff --git a/chromium/net/base/network_interfaces.cc b/chromium/net/base/network_interfaces.cc index 8ba3df11e2f..29df129a49b 100644 --- a/chromium/net/base/network_interfaces.cc +++ b/chromium/net/base/network_interfaces.cc @@ -4,6 +4,7 @@ #include "net/base/network_interfaces.h" +#include "base/logging.h" #include "build/build_config.h" #if defined(OS_POSIX) diff --git a/chromium/net/base/network_interfaces_fuchsia.cc b/chromium/net/base/network_interfaces_fuchsia.cc index 794f6d157fe..864f68ab8b5 100644 --- a/chromium/net/base/network_interfaces_fuchsia.cc +++ b/chromium/net/base/network_interfaces_fuchsia.cc @@ -13,8 +13,8 @@ #include <utility> #include "base/format_macros.h" -#include "base/fuchsia/default_context.h" #include "base/fuchsia/fuchsia_logging.h" +#include "base/fuchsia/process_context.h" #include "base/strings/stringprintf.h" #include "net/base/ip_endpoint.h" #include "net/base/network_interfaces.h" @@ -107,8 +107,7 @@ bool GetNetworkList(NetworkInterfaceList* networks, int policy) { DCHECK(networks); fuchsia::netstack::NetstackSyncPtr netstack; - base::fuchsia::ComponentContextForCurrentProcess()->svc()->Connect( - netstack.NewRequest()); + base::ComponentContextForProcess()->svc()->Connect(netstack.NewRequest()); // TODO(kmarshall): Use NetworkChangeNotifier's cached interface list. std::vector<fuchsia::netstack::NetInterface> interfaces; diff --git a/chromium/net/base/network_interfaces_getifaddrs.cc b/chromium/net/base/network_interfaces_getifaddrs.cc index c340cced979..7ce0429489e 100644 --- a/chromium/net/base/network_interfaces_getifaddrs.cc +++ b/chromium/net/base/network_interfaces_getifaddrs.cc @@ -30,6 +30,16 @@ #include <sys/ioctl.h> #endif // !OS_IOS +#if defined(OS_ANDROID) +#include "base/android/build_info.h" +// Declare getifaddrs() and freeifaddrs() weakly as they're only available +// on Android N+. +extern "C" { +int getifaddrs(struct ifaddrs** __list_ptr) __attribute__((weak_import)); +void freeifaddrs(struct ifaddrs* __ptr) __attribute__((weak_import)); +} +#endif // OS_ANDROID + namespace net { namespace internal { @@ -209,7 +219,18 @@ bool IfaddrsToNetworkInterfaceList(int policy, } // namespace internal +// This version of GetNetworkList() can only be called on Android N+, so give it +// a different and internal name so it isn't invoked mistakenly. +#if defined(OS_ANDROID) +namespace internal { +bool GetNetworkListUsingGetifaddrs(NetworkInterfaceList* networks, int policy) { + DCHECK_GE(base::android::BuildInfo::GetInstance()->sdk_int(), + base::android::SDK_VERSION_NOUGAT); + DCHECK(getifaddrs); + DCHECK(freeifaddrs); +#else bool GetNetworkList(NetworkInterfaceList* networks, int policy) { +#endif if (networks == NULL) return false; @@ -235,9 +256,14 @@ bool GetNetworkList(NetworkInterfaceList* networks, int policy) { return result; } +#if defined(OS_ANDROID) +} // namespace internal +// For Android use GetWifiSSID() impl in network_interfaces_linux.cc. +#else std::string GetWifiSSID() { NOTIMPLEMENTED(); return std::string(); } +#endif } // namespace net diff --git a/chromium/net/base/network_interfaces_getifaddrs.h b/chromium/net/base/network_interfaces_getifaddrs.h index 7ec8081a648..f2d9ae1578c 100644 --- a/chromium/net/base/network_interfaces_getifaddrs.h +++ b/chromium/net/base/network_interfaces_getifaddrs.h @@ -13,6 +13,7 @@ // This file defines IfaddrsToNetworkInterfaceList() so it can be called in // unittests. +#include "build/build_config.h" #include "net/base/net_export.h" #include "net/base/network_interfaces.h" @@ -51,6 +52,12 @@ NET_EXPORT_PRIVATE bool IfaddrsToNetworkInterfaceList( IPAttributesGetter* ip_attributes_getter, NetworkInterfaceList* networks); +#if defined(OS_ANDROID) +// A version of GetNetworkList() that uses getifaddrs(). Only callable on +// Android N+ where getifaddrs() was available. +bool GetNetworkListUsingGetifaddrs(NetworkInterfaceList* networks, int policy); +#endif + } // namespace internal } // namespace net diff --git a/chromium/net/base/network_interfaces_linux.cc b/chromium/net/base/network_interfaces_linux.cc index 616e77a83be..cad5f1d8721 100644 --- a/chromium/net/base/network_interfaces_linux.cc +++ b/chromium/net/base/network_interfaces_linux.cc @@ -22,6 +22,7 @@ #include "base/strings/string_tokenizer.h" #include "base/strings/string_util.h" #include "base/threading/thread_restrictions.h" +#include "build/build_config.h" #include "net/base/address_tracker_linux.h" #include "net/base/escape.h" #include "net/base/ip_endpoint.h" @@ -30,7 +31,9 @@ #include "url/gurl.h" #if defined(OS_ANDROID) +#include "base/android/build_info.h" #include "net/android/network_library.h" +#include "net/base/network_interfaces_getifaddrs.h" #endif namespace net { @@ -211,6 +214,20 @@ bool GetNetworkList(NetworkInterfaceList* networks, int policy) { if (networks == NULL) return false; +#if defined(OS_ANDROID) + // On Android 11 RTM_GETLINK (used by AddressTrackerLinux) no longer works as + // per https://developer.android.com/preview/privacy/mac-address so instead + // use getifaddrs() which is supported since Android N. + if (base::android::BuildInfo::GetInstance()->sdk_int() >= + base::android::SDK_VERSION_NOUGAT) { + bool ret = internal::GetNetworkListUsingGetifaddrs(networks, policy); + // Use GetInterfaceConnectionType() to sharpen up interface types. + for (NetworkInterface& network : *networks) + network.type = internal::GetInterfaceConnectionType(network.name); + return ret; + } +#endif + internal::AddressTrackerLinux tracker; tracker.Init(); diff --git a/chromium/net/base/network_interfaces_win_unittest.cc b/chromium/net/base/network_interfaces_win_unittest.cc index 51417189fa0..32763aa95d2 100644 --- a/chromium/net/base/network_interfaces_win_unittest.cc +++ b/chromium/net/base/network_interfaces_win_unittest.cc @@ -11,6 +11,7 @@ #include <string> #include <unordered_set> +#include "base/logging.h" #include "base/strings/utf_string_conversions.h" #include "build/build_config.h" #include "net/base/ip_endpoint.h" diff --git a/chromium/net/base/priority_queue.h b/chromium/net/base/priority_queue.h index ab8ee22a019..c4c30fa45c0 100644 --- a/chromium/net/base/priority_queue.h +++ b/chromium/net/base/priority_queue.h @@ -13,7 +13,7 @@ #include "base/bind.h" #include "base/callback.h" -#include "base/logging.h" +#include "base/check_op.h" #include "base/macros.h" #include "base/threading/thread_checker.h" diff --git a/chromium/net/base/privacy_mode.h b/chromium/net/base/privacy_mode.h index c3d128d83ac..90e99dd3bcc 100644 --- a/chromium/net/base/privacy_mode.h +++ b/chromium/net/base/privacy_mode.h @@ -12,6 +12,10 @@ namespace net { enum PrivacyMode { PRIVACY_MODE_DISABLED = 0, PRIVACY_MODE_ENABLED = 1, + + // Due to http://crbug.com/775438, PRIVACY_MODE_ENABLED still sends client + // certs. This mode ensures that the request is sent without client certs. + PRIVACY_MODE_ENABLED_WITHOUT_CLIENT_CERTS = 2, }; } // namespace net diff --git a/chromium/net/base/upload_data_stream.cc b/chromium/net/base/upload_data_stream.cc index edcba234fc5..bd5aea1bf31 100644 --- a/chromium/net/base/upload_data_stream.cc +++ b/chromium/net/base/upload_data_stream.cc @@ -190,4 +190,8 @@ UploadProgress UploadDataStream::GetUploadProgress() const { return UploadProgress(current_position_, total_size_); } +bool UploadDataStream::AllowHTTP1() const { + return true; +} + } // namespace net diff --git a/chromium/net/base/upload_data_stream.h b/chromium/net/base/upload_data_stream.h index b9645ec5a09..807efa13978 100644 --- a/chromium/net/base/upload_data_stream.h +++ b/chromium/net/base/upload_data_stream.h @@ -95,6 +95,10 @@ class NET_EXPORT UploadDataStream { // empty UploadProgress. virtual UploadProgress GetUploadProgress() const; + // Indicates whether fetch upload streaming is allowed/rejected over H/1. + // Even if this is false but there is a QUIC/H2 stream, the upload is allowed. + virtual bool AllowHTTP1() const; + protected: // Must be called by subclasses when InitInternal and ReadInternal complete // asynchronously. |