How to test:
- Official builds
- Release builds done manually
- Debug builds, but for assertions make sure to take Debug only things with a
- There's currently only two milestones for Releasable builds and Backlog.
- Things are triaged into either of those milestones, things not in a milestone are not triaged yet.
- Zenhub is used to give point estimations for timelines.
- Component updater is used for updating extensions.
- There are 2 component updaters: Google server, Brave server.
- Test that components come from Chrome's server by default and not Brave server.
- Test that Brave extensions go from Brave component updater (ad-block, https-everywhere).
- Widevine goes to the Google server.
- Flash has no UI if it is not installed. If installed, Flash is disabled by default, you can enable in the urlbar which enables click to play.
- Extensions will be allowed but require click through, PWAs are allowed too.
- Test to make sure DAT files get updated periodically.
- There is a whitelist of extensions, things not in the allowed list should be disabled.
- Allow all extensions but with click through prompt.
- Extensions can be installed from extensions.brave.com, there are some Brave only extensions.
Enabled/disabled features over Chromium:
- Enabled progressive web apps flag are enabled. (mobile.twitter.com, login and you can install Twitter Lite app).
- Emoji picker control when right clicking in an input text control.
- Tab muting is enabled by default (icon clickable in tabs)
- Sign into Chrome/Brave feature disabled
- Restoring last tab value default pref value set to remember last session
- Search suggestions are disabled by default and replaced with a top sites provider for alexa top 500.
- Tests: We are currently running our own browser tests and unit tests, we are not currently running Chromium unit and browser tests, but we'd like to enable some subset of them that apply.
- PDF handling via the Chromium PDF Viewer extension is explicitly disabled by blocking the extension ID.
- PDF.js is force installed on startup via a setting that's used for administration management policy. It can't currently be disabled, but if we decide to allow that we can make it part of the recommended extension list instead.
- The page action extension button should not show up.
- I believe we store our passwords in our own keychain, I believe we will ask to unlock the keychain of other apps during imports. (Check with Garrett and/or Anthony)
- Site hacks should be reviewed individually, they are managed here:
- Shield exceptions are managed here
Browser level network delegate helper:
- Network redirects mapping Chrome URLs to Brave ones are done for the browser context here:
- Sparkle (macOS)
- Omaha (Windows)
- Check with Jarv and Simon Hong for details.
Installers and build signing:
- Installers should be signed.
- Newtab WebUI page (it currently does outgoing network requests to s3). Code exists at
- Welcome page (currently remote, but changing to local before we ship, muon is remote though).
- Payments page
package.json deps in use. In particular we use some node modules and webpack them together to create a bundle which is loaded from a pak file.
- Cookie blocking is managed here:
- Referrer blocking works by TLD+1 comparisons, and if they are different it will:
- override a referring URL as its own origin for sub-resources (e.g. images, iframes)
- strip the referrer out entirely for navigations
- Talk to Jocelyn for more details
Command line switches:
- Brave specific command line switches exist here:
Brave specific preferences:
- Brave specific preferences are added here:
- There is a brave:// equivalent to chrome:// but it just forwards to chrome://