Add flag IsCleartextPermitted default true (#1111)

Co-authored-by: Carl <32685696+csagan5@users.noreply.github.com>
2021-04-26 21:41:23 +02:00 · 2021-04-26 21:41:23 +02:00 · ad010db02d
commit ad010db02d
parent b3f5b62956
2 changed files with 98 additions and 0 deletions
--- a/build/bromite_patches_list.txt
+++ b/build/bromite_patches_list.txt
@ -147,4 +147,5 @@ Add-Alt-D-hotkey-to-focus-address-bar.patch
 Remove-offline-measurement-background-task.patch
 User-agent-customization.patch
 Add-a-flag-to-disallow-user-certificates.patch
+Add-a-flag-to-disallow-connections-over-HTTP.patch
 Automated-domain-substitution.patch
--- a/build/patches/Add-a-flag-to-disallow-connections-over-HTTP.patch
+++ b/build/patches/Add-a-flag-to-disallow-connections-over-HTTP.patch
@ -0,0 +1,97 @@
+From: uazo <uazo@users.noreply.github.com>
+Date: Mon, 26 Apr 2021 15:04:11 +0000
+Subject: Add flag IsCleartextPermitted default true
+
+---
+ chrome/browser/about_flags.cc           | 5 +++++
+ chrome/browser/flag_descriptions.cc     | 4 ++++
+ chrome/browser/flag_descriptions.h      | 3 +++
+ net/base/features.cc                    | 3 +++
+ net/base/features.h                     | 2 ++
+ net/url_request/url_request_http_job.cc | 4 ++++
+ 6 files changed, 21 insertions(+)
+
+diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc
+--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
+@@ -7362,6 +7362,11 @@ const FeatureEntry kFeatureEntries[] = {
+      FEATURE_VALUE_TYPE(
+          chrome::android::kBookmarksExportUseSaf)},
+ 
+    {"cleartext-permitted",
+     flag_descriptions::kIsCleartextPermittedName,
+     flag_descriptions::kIsCleartextPermittedDescription, kOsAndroid,
+     FEATURE_VALUE_TYPE(net::features::kIsCleartextPermitted)},
+
+     // NOTE: Adding a new flag requires adding a corresponding entry to enum
+     // "LoginCustomFlags" in tools/metrics/histograms/enums.xml. See "Flag
+     // Histograms" in tools/metrics/histograms/README.md (run the
+diff --git a/chrome/browser/flag_descriptions.cc b/chrome/browser/flag_descriptions.cc
+--- a/chrome/browser/flag_descriptions.cc
+++ b/chrome/browser/flag_descriptions.cc
+@@ -1363,6 +1363,10 @@ const char kHostedAppShimCreationName[] =
+ const char kHostedAppShimCreationDescription[] =
+     "Create app shims on Mac when creating a hosted app.";
+ 
+const char kIsCleartextPermittedName[] = "Allow cleartext traffic";
+const char kIsCleartextPermittedDescription[] =
+    "Allow insecure connections over HTTP";
+
+ const char kIgnoreGpuBlocklistName[] = "Override software rendering list";
+ const char kIgnoreGpuBlocklistDescription[] =
+     "Overrides the built-in software rendering list and enables "
+diff --git a/chrome/browser/flag_descriptions.h b/chrome/browser/flag_descriptions.h
+--- a/chrome/browser/flag_descriptions.h
+++ b/chrome/browser/flag_descriptions.h
+@@ -810,6 +810,9 @@ extern const char kHostedAppQuitNotificationDescription[];
+ extern const char kHostedAppShimCreationName[];
+ extern const char kHostedAppShimCreationDescription[];
+ 
+extern const char kIsCleartextPermittedName[];
+extern const char kIsCleartextPermittedDescription[];
+
+ extern const char kIgnoreGpuBlocklistName[];
+ extern const char kIgnoreGpuBlocklistDescription[];
+ 
+diff --git a/net/base/features.cc b/net/base/features.cc
+--- a/net/base/features.cc
+++ b/net/base/features.cc
+@@ -67,6 +67,9 @@ base::TimeDelta GetExtraTimeAbsolute() {
+ const base::Feature kEnableTLS13EarlyData{"EnableTLS13EarlyData",
+                                           base::FEATURE_DISABLED_BY_DEFAULT};
+ 
+const base::Feature kIsCleartextPermitted{"IsCleartextPermitted",
+                                      base::FEATURE_ENABLED_BY_DEFAULT};
+
+ const base::Feature kNetworkQualityEstimator{"NetworkQualityEstimator",
+                                              base::FEATURE_DISABLED_BY_DEFAULT};
+ 
+diff --git a/net/base/features.h b/net/base/features.h
+--- a/net/base/features.h
+++ b/net/base/features.h
+@@ -28,6 +28,8 @@ NET_EXPORT extern const base::Feature kCapReferrerToOriginOnCrossOrigin;
+ // Enables TLS 1.3 early data.
+ NET_EXPORT extern const base::Feature kEnableTLS13EarlyData;
+ 
+NET_EXPORT extern const base::Feature kIsCleartextPermitted;
+
+ // Support for altering the parameters used for DNS transaction timeout. See
+ // ResolveContext::SecureTransactionTimeout().
+ NET_EXPORT extern const base::Feature kDnsTransactionDynamicTimeouts;
+diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
+--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
+@@ -201,6 +201,10 @@ std::unique_ptr<URLRequestJob> URLRequestHttpJob::Create(URLRequest* request) {
+     }
+ 
+ #if defined(OS_ANDROID)
+    if (base::FeatureList::IsEnabled(net::features::kIsCleartextPermitted) == false) {
+      return std::make_unique<URLRequestErrorJob>(request,
+                                                  ERR_CLEARTEXT_NOT_PERMITTED);
+    }
+     // Check whether the app allows cleartext traffic to this host, and return
+     // ERR_CLEARTEXT_NOT_PERMITTED if not.
+     if (request->context()->check_cleartext_permitted() &&
+-- 
+2.17.1
+