Skip to content

/ brave-browser

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable gaia in brave-core #527

Open
jumde opened this issue Jul 12, 2018 · 11 comments
Open

Disable gaia in brave-core #527

jumde opened this issue Jul 12, 2018 · 11 comments
Assignees
@pilgrim-brave
Labels
priority/P2

Comments

@jumde
Copy link
Contributor

@jumde jumde commented Jul 12, 2018

On startup, Brave gets a list of the google accounts from gaia, which connects to accounts.google.com. Disable gaia to avoid these connections.
@jumde jumde mentioned this issue Jul 12, 2018
Closed
@bbondy bbondy added this to the Backlog milestone Jul 12, 2018
@jumde jumde added this to Release channel blockers in Security & Privacy Jul 26, 2018
@diracdeltas
Copy link
Member

@diracdeltas diracdeltas commented Jul 31, 2018

could you list which domains are from gaia? i'm seeing some which might not be
@jumde jumde mentioned this issue Jul 31, 2018
Closed
@jumde
Copy link
Contributor Author

@jumde jumde commented Jul 31, 2018

On v 0.53.0. Here is the list of domains that I see on connect:

- accounts.google.com
- clients2.google.com
- ssl.gstatic.com
- update.googleapis.com
- googleapis.com
- clients2.googleusercontent.com

Here is a set of domains from gaia: https://cs.chromium.org/chromium/src/google_apis/gaia/gaia_urls.cc?q=gaia&dr=CSs

Issue to prevent connection to other google domains is tracked here - #663
@diracdeltas
Copy link
Member

@diracdeltas diracdeltas commented Jul 31, 2018

can this issue be fixed by setting the gaia URL constants to about:blank?
@jumde
Copy link
Contributor Author

@jumde jumde commented Jul 31, 2018

That might be a good solution, there may be side effects though. I can take a shot at this.
@bbondy bbondy modified the milestones: Backlog, Releasable builds 0.55.x Aug 10, 2018
@jumde
Copy link
Contributor Author

@jumde jumde commented Aug 16, 2018
edited

No connections are made to the gaia domains on browser-laptop on startup
@notDavid
Copy link

@notDavid notDavid commented Sep 8, 2018

fyi, on 0.55.2 i see (after installing, on first startup, without any browsing):

www.gstatic.com
ssl.gstatic.com
www.googleapis.com
updates.googleapis.com
clients2.google.com
accounts.google.com
clients2.googleusercontent.com

(See screenshot here)
@bbondy bbondy added this to Security in 0.55.x - Release Sep 9, 2018
@bbondy bbondy moved this from Release channel blockers to Beta channel ASAP in Security & Privacy Sep 27, 2018
@bbondy bbondy mentioned this issue Sep 27, 2018
Merged
2 of 11 tasks complete
@bbondy
Copy link
Member

@bbondy bbondy commented Sep 27, 2018
edited

New change landing in
brave/brave-core#512

Gaia URL will effectively always go to no-thanks.invalid which is a non resolve-able invalid host.
I'll keep this issue open for now though so we can work on seeing if we can not even compile the gaia code.
@bbondy bbondy moved this from Beta channel ASAP to Release channel blockers in Security & Privacy Oct 1, 2018
@bbondy bbondy modified the milestones: Releasable builds 0.55.x, 1.x Backlog Oct 4, 2018
@bbondy bbondy removed the audit-release label Oct 4, 2018
@bbondy bbondy removed this from Release channel blockers in Security & Privacy Oct 4, 2018
@bbondy bbondy removed this from Security in 0.55.x - Release Oct 4, 2018
@bbondy bbondy added the priority/P2 label Oct 4, 2018
@LaurenWags
Copy link
Collaborator

@LaurenWags LaurenWags commented Oct 16, 2018
edited by srirambv

Using

Brave 0.55.14 Chromium: 70.0.3538.54 (Official Build) beta(64-bit)
Revision 4f8e578b6680574714e9ed3bb9f02922b4dde40d-refs/branch-heads/3538@{#937}
OS Mac OS X

This is what I see with LittleSnitch (first run, no browsing, using steps found here: #514 (comment))
screen shot 2018-10-16 at 3 00 44 pm
@diracdeltas
Copy link
Member

@diracdeltas diracdeltas commented Oct 16, 2018

@LaurenWags i think those are all for extension updates (PDFJS), not Gaia related.

cc @tomlowenthal
@tomlowenthal
Copy link
Member

@tomlowenthal tomlowenthal commented Oct 16, 2018

Per discussion in slack, we're planning to serve PDFJS from the go-updater server rather than letting the browser connect to Google.
@tomlowenthal tomlowenthal mentioned this issue Oct 17, 2018
Closed
@tomlowenthal
Copy link
Member

@tomlowenthal tomlowenthal commented Oct 17, 2018

Moved this PDFJS sitch to its own issue: #1669 (nice).
@rebron rebron modified the milestone: 1.x Backlog Feb 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pilgrim-brave pilgrim-brave

Labels
priority/P2
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
8 participants
@diracdeltas @tomlowenthal @bbondy @notDavid @jumde @rebron @LaurenWags @pilgrim-brave
You can’t perform that action at this time.