0ct0pu5/bromite
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Updated patch for third-party origin trials as suggested by @uazo

Browse source 
New patch to never use HTTP probes
This commit is contained in:
csagan5 2021-11-06 10:04:12 +01:00 committed by Allen Luce
parent 09022856e6
commit 7bb605d71f
2 changed files with 101 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

76
build/patches/Disable-third-party-origin-trials.patch
View file

@ -3,11 +3,85 @@ Date: Thu, 4 Nov 2021 09:19:24 +0100
Subject: Disable third-party origin trials
---
.../origin_trials/origin_trial_policy_impl.cc | 7 ++++---
.../origin_trials/origin_trial_policy_impl.h | 2 +-
.../shell/common/shell_origin_trial_policy.cc | 10 ++++------
.../blink/renderer/core/loader/http_equiv.cc | 16 ----------------
.../core/origin_trials/origin_trial_context.cc | 13 ++-----------
.../platform/runtime_enabled_features.json5 | 4 ----
3 files changed, 2 insertions(+), 31 deletions(-)
6 files changed, 11 insertions(+), 41 deletions(-)
diff --git a/components/embedder_support/origin_trials/origin_trial_policy_impl.cc b/components/embedder_support/origin_trials/origin_trial_policy_impl.cc
--- a/components/embedder_support/origin_trials/origin_trial_policy_impl.cc
+++ b/components/embedder_support/origin_trials/origin_trial_policy_impl.cc
@@ -20,10 +20,10 @@
namespace embedder_support {
-// This is the default public key used for validating signatures.
+// This is an invalid public key that will match no origin trial signature
static const blink::OriginTrialPublicKey kDefaultPublicKey = {
0x7c, 0xc4, 0xb8, 0x9a, 0x93, 0xba, 0x6e, 0xe2, 0xd0, 0xfd, 0x03,
- 0x1d, 0xfb, 0x32, 0x66, 0xc7, 0x3b, 0x72, 0xfd, 0x54, 0x3a, 0x07,
+ 0x1d, 0xfb, 0x32, 0x66, 0x00, 0x01, 0x02, 0xfd, 0x54, 0x3a, 0x07,
0x51, 0x14, 0x66, 0xaa, 0x02, 0x53, 0x4e, 0x33, 0xa1, 0x15,
};
@@ -54,7 +54,8 @@ OriginTrialPolicyImpl::OriginTrialPolicyImpl() {
OriginTrialPolicyImpl::~OriginTrialPolicyImpl() = default;
bool OriginTrialPolicyImpl::IsOriginTrialsSupported() const {
- return true;
+ // third-party origin trials are always disabled
+ return false;
}
const std::vector<blink::OriginTrialPublicKey>&
diff --git a/components/embedder_support/origin_trials/origin_trial_policy_impl.h b/components/embedder_support/origin_trials/origin_trial_policy_impl.h
--- a/components/embedder_support/origin_trials/origin_trial_policy_impl.h
+++ b/components/embedder_support/origin_trials/origin_trial_policy_impl.h
@@ -31,11 +31,11 @@ class OriginTrialPolicyImpl : public blink::OriginTrialPolicy {
bool IsTokenDisabled(base::StringPiece token_signature) const override;
bool IsOriginSecure(const GURL& url) const override;
+ private:
bool SetPublicKeysFromASCIIString(const std::string& ascii_public_key);
bool SetDisabledFeatures(const std::string& disabled_feature_list);
bool SetDisabledTokens(const std::string& disabled_token_list);
- private:
std::vector<blink::OriginTrialPublicKey> public_keys_;
std::set<std::string> disabled_features_;
std::set<std::string> disabled_tokens_;
diff --git a/content/shell/common/shell_origin_trial_policy.cc b/content/shell/common/shell_origin_trial_policy.cc
--- a/content/shell/common/shell_origin_trial_policy.cc
+++ b/content/shell/common/shell_origin_trial_policy.cc
@@ -13,13 +13,10 @@ namespace content {
namespace {
-// This is the public key which the content shell will use to enable origin
-// trial features. Trial tokens for use in web tests can be created with the
-// tool in /tools/origin_trials/generate_token.py, using the private key
-// contained in /tools/origin_trials/eftest.key.
+// This is an invalid public key that does not allow any origin trial verification
static const blink::OriginTrialPublicKey kOriginTrialPublicKey = {
0x75, 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2,
- 0x9a, 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f,
+ 0x9a, 0xd0, 0x00, 0x01, 0x02, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f,
0x64, 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0,
};
@@ -32,7 +29,8 @@ ShellOriginTrialPolicy::ShellOriginTrialPolicy() {
ShellOriginTrialPolicy::~ShellOriginTrialPolicy() {}
bool ShellOriginTrialPolicy::IsOriginTrialsSupported() const {
- return true;
+ // third-party origin trials are always disabled
+ return false;
}
const std::vector<blink::OriginTrialPublicKey>&
diff --git a/third_party/blink/renderer/core/loader/http_equiv.cc b/third_party/blink/renderer/core/loader/http_equiv.cc
--- a/third_party/blink/renderer/core/loader/http_equiv.cc
+++ b/third_party/blink/renderer/core/loader/http_equiv.cc

26
build/patches/Never-use-HTTP-probes-for-connection-detection.patch Normal file
View file

@ -0,0 +1,26 @@
From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Sat, 6 Nov 2021 09:46:24 +0100
Subject: Never use HTTP probes for connection detection
This patch disables the use of HTTP probes on Android < M devices
Connection will be always considered valid on such devices
---
.../browser/net/connectivitydetector/ConnectivityDetector.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/net/connectivitydetector/ConnectivityDetector.java b/chrome/android/java/src/org/chromium/chrome/browser/net/connectivitydetector/ConnectivityDetector.java
--- a/chrome/android/java/src/org/chromium/chrome/browser/net/connectivitydetector/ConnectivityDetector.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/net/connectivitydetector/ConnectivityDetector.java
@@ -178,7 +178,8 @@ public class ConnectivityDetector implements NetworkChangeNotifier.ConnectionTyp
@Override
public boolean shouldSkipHttpProbes() {
- return false;
+ // always assume that connection is valid on Android < M
+ return true;
}
}
--
2.17.1