Release 98.0.4758.108

CHANGELOG.md

@@ -1,3 +1,13 @@
+# 98.0.4758.108
+* re-introduce flag for text fragments
+* re-introduce content feature flag to disable field trials
+* disable idle detection
+* disable critical client hints
+* disable supervised users
+* partial fix for incognito notification (thanks to @uazo, fixes https://github.com/bromite/bromite/issues/1503)
+* consider websockets 'unknown' address space as 'public' (thanks to @uazo, fixes https://github.com/bromite/bromite/issues/1693)
+* fix crash when accessing site settings of some sites (thanks to @uazo, fixes https://github.com/bromite/bromite/issues/1355)
+
 # 97.0.4692.106
 * disable url-keyed metrics reporting service (thanks to @uazo)
 * disable mobile identity consistency by default

build/patches/Add-exit-menu-item.patch

@@ -5,11 +5,12 @@ Subject: Add exit menu item
 Corrected Exit functionality
 ---
  chrome/android/java/res/menu/main_menu.xml                  | 6 ++++++
+ .../org/chromium/chrome/browser/ApplicationLifetime.java    | 2 ++
  .../org/chromium/chrome/browser/ChromeTabbedActivity.java   | 4 ++++
  .../src/org/chromium/chrome/browser/app/ChromeActivity.java | 6 ++++++
  .../chrome/browser/init/ChromeLifetimeController.java       | 6 +++++-
  .../browser/ui/android/strings/android_chrome_strings.grd   | 3 +++
- 5 files changed, 24 insertions(+), 1 deletion(-)
+ 6 files changed, 26 insertions(+), 1 deletion(-)
 
 diff --git a/chrome/android/java/res/menu/main_menu.xml b/chrome/android/java/res/menu/main_menu.xml
 --- a/chrome/android/java/res/menu/main_menu.xml
@@ -34,6 +35,25 @@ diff --git a/chrome/android/java/res/menu/main_menu.xml b/chrome/android/java/re
      </group>
  
      <!-- Items shown only when the tablet has no visible tabs -->
+diff --git a/chrome/android/java/src/org/chromium/chrome/browser/ApplicationLifetime.java b/chrome/android/java/src/org/chromium/chrome/browser/ApplicationLifetime.java
+--- a/chrome/android/java/src/org/chromium/chrome/browser/ApplicationLifetime.java
++++ b/chrome/android/java/src/org/chromium/chrome/browser/ApplicationLifetime.java
+@@ -6,6 +6,7 @@ package org.chromium.chrome.browser;
+ 
+ import org.chromium.base.ObserverList;
+ import org.chromium.base.annotations.CalledByNative;
++import org.chromium.chrome.browser.incognito.IncognitoNotificationManager;
+ 
+ /**
+  * Watches for when Chrome is told to restart itself.
+@@ -42,6 +43,7 @@ public class ApplicationLifetime {
+ 
+     @CalledByNative
+     public static void terminate(boolean restart) {
++        IncognitoNotificationManager.dismissIncognitoNotification();
+         for (Observer observer : sObservers) {
+             observer.onTerminate(restart);
+         }
 diff --git a/chrome/android/java/src/org/chromium/chrome/browser/ChromeTabbedActivity.java b/chrome/android/java/src/org/chromium/chrome/browser/ChromeTabbedActivity.java
 --- a/chrome/android/java/src/org/chromium/chrome/browser/ChromeTabbedActivity.java
 +++ b/chrome/android/java/src/org/chromium/chrome/browser/ChromeTabbedActivity.java

build/patches/Block-gateway-attacks-via-websockets.patch

@@ -4,15 +4,15 @@ Subject: Block gateway attacks via websockets
 
 ---
  .../renderer/core/loader/base_fetch_context.h |  1 +
- .../core/loader/frame_fetch_context.cc        | 18 +++++++++++++
+ .../core/loader/frame_fetch_context.cc        | 20 ++++++++++++++
  .../core/loader/frame_fetch_context.h         |  1 +
- .../core/loader/worker_fetch_context.cc       | 19 +++++++++++++
+ .../core/loader/worker_fetch_context.cc       | 21 +++++++++++++++
  .../core/loader/worker_fetch_context.h        |  1 +
  .../background_fetch_manager.cc               |  2 --
  .../websockets/websocket_channel_impl.cc      |  5 ++++
  .../modules/websockets/websocket_common.cc    | 27 +++++++++++++++++++
  .../modules/websockets/websocket_common.h     |  4 +++
- 9 files changed, 76 insertions(+), 2 deletions(-)
+ 9 files changed, 80 insertions(+), 2 deletions(-)
 
 diff --git a/third_party/blink/renderer/core/loader/base_fetch_context.h b/third_party/blink/renderer/core/loader/base_fetch_context.h
 --- a/third_party/blink/renderer/core/loader/base_fetch_context.h
@@ -28,7 +28,7 @@ diff --git a/third_party/blink/renderer/core/loader/base_fetch_context.h b/third
 diff --git a/third_party/blink/renderer/core/loader/frame_fetch_context.cc b/third_party/blink/renderer/core/loader/frame_fetch_context.cc
 --- a/third_party/blink/renderer/core/loader/frame_fetch_context.cc
 +++ b/third_party/blink/renderer/core/loader/frame_fetch_context.cc
-@@ -563,6 +563,24 @@ bool FrameFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
+@@ -563,6 +563,26 @@ bool FrameFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
    return should_block_request;
  }
  
@@ -36,6 +36,8 @@ diff --git a/third_party/blink/renderer/core/loader/frame_fetch_context.cc b/thi
 +  // TODO(mkwst): This only checks explicit IP addresses. We'll have to move
 +  // all this up to //net and //content in order to have any real impact on
 +  // gateway attacks. That turns out to be a TON of work (crbug.com/378566).
++  if (requestor_space == network::mojom::IPAddressSpace::kUnknown)
++    requestor_space = network::mojom::IPAddressSpace::kPublic;
 +  network::mojom::IPAddressSpace target_space =
 +      network::mojom::IPAddressSpace::kPublic;
 +  if (network_utils::IsReservedIPAddress(request_url.Host()))
@@ -75,7 +77,7 @@ diff --git a/third_party/blink/renderer/core/loader/worker_fetch_context.cc b/th
  #include "third_party/blink/renderer/platform/runtime_enabled_features.h"
  #include "third_party/blink/renderer/platform/supplementable.h"
  #include "third_party/blink/renderer/platform/weborigin/security_policy.h"
-@@ -90,6 +91,24 @@ bool WorkerFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
+@@ -90,6 +91,26 @@ bool WorkerFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
    return should_block_request;
  }
  
@@ -83,6 +85,8 @@ diff --git a/third_party/blink/renderer/core/loader/worker_fetch_context.cc b/th
 +  // TODO(mkwst): This only checks explicit IP addresses. We'll have to move
 +  // all this up to //net and //content in order to have any real impact on
 +  // gateway attacks. That turns out to be a TON of work (crbug.com/378566).
++  if (requestor_space == network::mojom::IPAddressSpace::kUnknown)
++    requestor_space = network::mojom::IPAddressSpace::kPublic;
 +  network::mojom::IPAddressSpace target_space =
 +      network::mojom::IPAddressSpace::kPublic;
 +  if (network_utils::IsReservedIPAddress(request_url.Host()))
@@ -188,15 +192,15 @@ diff --git a/third_party/blink/renderer/modules/websockets/websocket_common.cc b
 diff --git a/third_party/blink/renderer/modules/websockets/websocket_common.h b/third_party/blink/renderer/modules/websockets/websocket_common.h
 --- a/third_party/blink/renderer/modules/websockets/websocket_common.h
 +++ b/third_party/blink/renderer/modules/websockets/websocket_common.h
-@@ -8,6 +8,8 @@
+@@ -7,6 +7,8 @@
+ #ifndef THIRD_PARTY_BLINK_RENDERER_MODULES_WEBSOCKETS_WEBSOCKET_COMMON_H_
  #define THIRD_PARTY_BLINK_RENDERER_MODULES_WEBSOCKETS_WEBSOCKET_COMMON_H_
  
- #include "third_party/blink/renderer/modules/modules_export.h"
 +#include "services/network/public/mojom/ip_address_space.mojom.h"
 +#include "third_party/blink/renderer/platform/network/network_utils.h"
+ #include "third_party/blink/renderer/modules/modules_export.h"
  #include "third_party/blink/renderer/platform/weborigin/kurl.h"
  #include "third_party/blink/renderer/platform/wtf/allocator/allocator.h"
- #include "third_party/blink/renderer/platform/wtf/forward.h"
 @@ -54,6 +56,8 @@ class MODULES_EXPORT WebSocketCommon {
    void SetState(State state) { state_ = state; }
    const KURL& Url() const { return url_; }

build/patches/Show-site-settings-for-cookies-javascript-and-ads.patch

@@ -66,7 +66,7 @@ diff --git a/components/browser_ui/site_settings/android/java/src/org/chromium/c
 +        Integer currentValue =
 +                mSite.getContentSetting(browserContextHandle, ContentSettingsType.COOKIES);
 +        // Always show the cookies permission
-+        if (currentValue == null) {
++        if (currentValue == null || currentValue == ContentSettingValues.DEFAULT) {
 +            currentValue = WebsitePreferenceBridge.isCategoryEnabled(
 +                                   browserContextHandle, ContentSettingsType.COOKIES)
 +                    ? ContentSettingValues.ALLOW