From da7b1b2eba534e09d6f321237046e17843f0b34c Mon Sep 17 00:00:00 2001 From: RoyalOughtness <129108030+RoyalOughtness@users.noreply.github.com> Date: Tue, 30 Sep 2025 14:56:53 -0700 Subject: [PATCH] chore: pull 141 patches from Vanadium --- ...fwrapv-in-Clang-for-non-UBSan-builds.patch | 4 +- ...0-enable-ftrivial-auto-var-init-zero.patch | 4 +- ...0014-disable-seed-based-field-trials.patch | 128 +++++++++++++++--- ...vigation-error-correction-by-default.patch | 4 +- ...isable-hyperlink-auditing-by-default.patch | 4 +- ...ble-showing-popular-sites-by-default.patch | 10 +- ...26-disable-sensors-access-by-default.patch | 2 +- ...sable-third-party-cookies-by-default.patch | 2 +- ...9-disable-background-sync-by-default.patch | 2 +- ...0032-disable-media-router-by-default.patch | 4 +- ...e-browser-sign-in-feature-by-default.patch | 2 +- ...browsing-reporting-opt-in-by-default.patch | 2 +- ...used-safe-browsing-option-by-default.patch | 2 +- ...media-DRM-preprovisioning-by-default.patch | 12 +- ...fill-server-communication-by-default.patch | 4 +- ...041-disable-trivial-subdomain-hiding.patch | 2 +- ...-privacy-sandbox-features-by-default.patch | 36 +++-- ...bar-button-Translate-option-by-defau.patch | 2 +- ...f-privacy-aware-analytics-advertisin.patch | 4 +- ...-disable-appending-variations-header.patch | 4 +- ...etailed-language-settings-by-default.patch | 4 +- ...ching-optimization-guides-by-default.patch | 4 +- ...tching-optimization-hints-by-default.patch | 4 +- ...imization-guides-features-by-default.patch | 16 +-- .../0073-enable-split-cache-by-default.patch | 25 ++-- ...-partitioning-connections-by-default.patch | 12 +- ...e-strict-origin-isolation-by-default.patch | 12 +- ...ce-accept-language-header-by-default.patch | 4 +- ...opy-client-hints-with-reduced-user-a.patch | 34 +++-- ...f-supported-languages-for-Language-s.patch | 2 +- ...ent-settings-partitioning-by-default.patch | 6 +- ...andboxed-iframes-per-site-by-default.patch | 8 +- ...-Support-restriction-of-dynamic-code.patch | 8 +- ...ynamic-code-execution-via-seccomp-bp.patch | 6 +- ...ades-for-top-level-navigation-only-b.patch | 14 +- ...te-transparency-feature-by-default-f.patch | 6 +- ...cal-Network-Access-checks-by-default.patch | 25 +--- ...-crashes-on-Web-Reporting-API-calls.patch} | 0 38 files changed, 247 insertions(+), 177 deletions(-) rename vanadium_patches/{0207-bugfix-avoid-crashes-on-Web-Reporting-API-calls.patch => 0206-bugfix-avoid-crashes-on-Web-Reporting-API-calls.patch} (100%) diff --git a/vanadium_patches/0009-enable-fwrapv-in-Clang-for-non-UBSan-builds.patch b/vanadium_patches/0009-enable-fwrapv-in-Clang-for-non-UBSan-builds.patch index 3d700bf3..30ed6d6d 100644 --- a/vanadium_patches/0009-enable-fwrapv-in-Clang-for-non-UBSan-builds.patch +++ b/vanadium_patches/0009-enable-fwrapv-in-Clang-for-non-UBSan-builds.patch @@ -8,10 +8,10 @@ Subject: [PATCH] enable -fwrapv in Clang for non-UBSan builds 1 file changed, 4 insertions(+) diff --git a/build/config/compiler/BUILD.gn b/build/config/compiler/BUILD.gn -index 59fa6f9c57e11..09cc65d305e69 100644 +index edd410e3ddf6b..5d9b3e7c35d4b 100644 --- a/build/config/compiler/BUILD.gn +++ b/build/config/compiler/BUILD.gn -@@ -456,6 +456,10 @@ config("compiler") { +@@ -451,6 +451,10 @@ config("compiler") { } } diff --git a/vanadium_patches/0010-enable-ftrivial-auto-var-init-zero.patch b/vanadium_patches/0010-enable-ftrivial-auto-var-init-zero.patch index deecb471..08d9a9e2 100644 --- a/vanadium_patches/0010-enable-ftrivial-auto-var-init-zero.patch +++ b/vanadium_patches/0010-enable-ftrivial-auto-var-init-zero.patch @@ -8,10 +8,10 @@ Subject: [PATCH] enable -ftrivial-auto-var-init=zero 1 file changed, 4 insertions(+) diff --git a/build/config/compiler/BUILD.gn b/build/config/compiler/BUILD.gn -index 09cc65d305e69..2858240e616e2 100644 +index 5d9b3e7c35d4b..0d7f390a574b0 100644 --- a/build/config/compiler/BUILD.gn +++ b/build/config/compiler/BUILD.gn -@@ -460,6 +460,10 @@ config("compiler") { +@@ -455,6 +455,10 @@ config("compiler") { cflags += [ "-fwrapv" ] } diff --git a/vanadium_patches/0014-disable-seed-based-field-trials.patch b/vanadium_patches/0014-disable-seed-based-field-trials.patch index 64c3cfd4..05c00e19 100644 --- a/vanadium_patches/0014-disable-seed-based-field-trials.patch +++ b/vanadium_patches/0014-disable-seed-based-field-trials.patch @@ -4,64 +4,156 @@ Date: Tue, 25 Dec 2018 16:19:51 -0500 Subject: [PATCH] disable seed-based field trials --- - .../service/variations_field_trial_creator.cc | 10 ++++++++++ - components/variations/synthetic_trial_registry.cc | 2 ++ - 2 files changed, 12 insertions(+) + components/variations/BUILD.gn | 7 +++++++ + components/variations/common_ext/BUILD.gn | 18 ++++++++++++++++++ + components/variations/service/BUILD.gn | 7 +++++++ + .../service/variations_field_trial_creator.cc | 13 +++++++++++++ + .../variations/synthetic_trial_registry.cc | 3 +++ + 5 files changed, 48 insertions(+) + create mode 100644 components/variations/common_ext/BUILD.gn +diff --git a/components/variations/BUILD.gn b/components/variations/BUILD.gn +index 5ae80aba8b1d6..63f055eb52800 100644 +--- a/components/variations/BUILD.gn ++++ b/components/variations/BUILD.gn +@@ -155,6 +155,13 @@ component("variations") { + "//components/variations/android:variations_seed_jni", + ] + } ++ ++ sources += [ ++ ] ++ ++ deps += [ ++ "//components/variations/common_ext:buildflags", ++ ] + } + + if (is_android) { +diff --git a/components/variations/common_ext/BUILD.gn b/components/variations/common_ext/BUILD.gn +new file mode 100644 +index 0000000000000..2c448f85a384f +--- /dev/null ++++ b/components/variations/common_ext/BUILD.gn +@@ -0,0 +1,18 @@ ++# Copyright 2025 GrapheneOS ++# Use of this source code is governed by a GPLv2.0-style license that can be ++# found in the LICENSE file. ++ ++import("//build/buildflag_header.gni") ++ ++declare_args() { ++ # Set to true to allow usage of field trial seeds. ++ fieldtrial_seed_enabled = false ++} ++ ++buildflag_header("buildflags") { ++ header = "buildflags.h" ++ flags = [] ++ flags += [ ++ "FIELDTRIAL_SEED_ENABLED=$fieldtrial_seed_enabled" ++ ] ++} +diff --git a/components/variations/service/BUILD.gn b/components/variations/service/BUILD.gn +index fda6153e144d1..61144785825c6 100644 +--- a/components/variations/service/BUILD.gn ++++ b/components/variations/service/BUILD.gn +@@ -75,6 +75,13 @@ static_library("service") { + "//services/network/public/cpp", + "//ui/base", + ] ++ ++ sources += [ ++ ] ++ ++ deps += [ ++ "//components/variations/common_ext:buildflags", ++ ] + } + + source_set("unit_tests") { diff --git a/components/variations/service/variations_field_trial_creator.cc b/components/variations/service/variations_field_trial_creator.cc -index 2787a0fee8398..41fec9f707b7c 100644 +index c134930f8e20a..abfc117c623c8 100644 --- a/components/variations/service/variations_field_trial_creator.cc +++ b/components/variations/service/variations_field_trial_creator.cc -@@ -249,8 +249,14 @@ bool VariationsFieldTrialCreator::SetUpFieldTrials( - } +@@ -39,6 +39,7 @@ + #include "components/metrics/metrics_state_manager.h" + #include "components/prefs/pref_service.h" + #include "components/variations/active_field_trials.h" ++#include "components/variations/common_ext/buildflags.h" + #include "components/variations/entropy_provider.h" + #include "components/variations/field_trial_config/field_trial_util.h" + #include "components/variations/platform_field_trials.h" +@@ -253,8 +254,14 @@ bool VariationsFieldTrialCreator::SetUpFieldTrials( + // Force the variation ids selected in chrome://flags and/or specified using // the command-line flag. -+#if defined(FIELDTRIAL_SEED_ENABLED) ++#if BUILDFLAG(FIELDTRIAL_SEED_ENABLED) auto result = http_header_provider->ForceVariationIds( variation_ids, command_line_variation_ids); +#else + // Pretend that it was successful without acutally forcing + // variation ids and command line variation ids + auto result = VariationsIdsProvider::ForceIdsResult::SUCCESS; -+#endif // defined(FIELDTRIAL_SEED_ENABLED) ++#endif // BUILDFLAG(FIELDTRIAL_SEED_ENABLED) switch (result) { case VariationsIdsProvider::ForceIdsResult::INVALID_SWITCH_ENTRY: -@@ -315,13 +321,17 @@ bool VariationsFieldTrialCreator::SetUpFieldTrials( +@@ -319,23 +326,29 @@ bool VariationsFieldTrialCreator::SetUpFieldTrials( CreateTrialsResult create_trials_result = {.applied_seed = false}; if (!used_testing_config && client_filterable_state) { -+#if defined(FIELDTRIAL_SEED_ENABLED) ++#if BUILDFLAG(FIELDTRIAL_SEED_ENABLED) + // TODO(crbug.com/410008879): Make use of the result's + // seed_has_active_limited_layer field. create_trials_result = CreateTrialsFromSeed( entropy_providers, feature_list.get(), safe_seed_manager, std::move(client_filterable_state)); -+#endif ++#endif // BUILDFLAG(FIELDTRIAL_SEED_ENABLED) } -+#if defined(FIELDTRIAL_SEED_ENABLED) + if (add_entropy_source_to_variations_ids && + !create_trials_result.AppliedSeedHasActiveLimitedLayer()) { + // TODO(crbug.com/424154785): Consider no longer transmitting LES values + // alongside VariationsIDs. ++#if BUILDFLAG(FIELDTRIAL_SEED_ENABLED) + http_header_provider->SetLowEntropySourceValue( + metrics_state_manager->GetLowEntropySource()); ++#endif // BUILDFLAG(FIELDTRIAL_SEED_ENABLED) + } + ++#if BUILDFLAG(FIELDTRIAL_SEED_ENABLED) platform_field_trials->SetUpClientSideFieldTrials( create_trials_result.applied_seed, entropy_providers, feature_list.get()); -+#endif ++#endif // BUILDFLAG(FIELDTRIAL_SEED_ENABLED) platform_field_trials->RegisterFeatureOverrides(feature_list.get()); diff --git a/components/variations/synthetic_trial_registry.cc b/components/variations/synthetic_trial_registry.cc -index cd3eac8828f2e..574153fb40bee 100644 +index e347472482078..b591cedec0e95 100644 --- a/components/variations/synthetic_trial_registry.cc +++ b/components/variations/synthetic_trial_registry.cc -@@ -122,6 +122,7 @@ SyntheticTrialRegistry::GetCurrentSyntheticFieldTrialsForTest() const { +@@ -10,6 +10,7 @@ + #include "base/observer_list.h" + #include "base/strings/string_number_conversions.h" + #include "components/variations/active_field_trials.h" ++#include "components/variations/common_ext/buildflags.h" + #include "components/variations/hashing.h" + #include "components/variations/variations_associated_data.h" + +@@ -122,6 +123,7 @@ SyntheticTrialRegistry::GetCurrentSyntheticFieldTrialsForTest() const { void SyntheticTrialRegistry::RegisterSyntheticFieldTrial( const SyntheticTrialGroup& trial) { -+#if defined(FIELDTRIAL_SEED_ENABLED) ++#if BUILDFLAG(FIELDTRIAL_SEED_ENABLED) for (auto& entry : synthetic_trial_groups_) { if (entry.id().name == trial.id().name) { if (entry.id().group != trial.id().group || -@@ -139,6 +140,7 @@ void SyntheticTrialRegistry::RegisterSyntheticFieldTrial( +@@ -139,6 +141,7 @@ void SyntheticTrialRegistry::RegisterSyntheticFieldTrial( trial_group.SetStartTime(base::TimeTicks::Now()); synthetic_trial_groups_.push_back(trial_group); NotifySyntheticTrialObservers({trial_group}, {}); -+#endif // defined(FIELDTRIAL_SEED_ENABLED) ++#endif // BUILDFLAG(FIELDTRIAL_SEED_ENABLED) } std::string_view SyntheticTrialRegistry::GetStudyNameForExpId( diff --git a/vanadium_patches/0018-disable-navigation-error-correction-by-default.patch b/vanadium_patches/0018-disable-navigation-error-correction-by-default.patch index 6f250874..f093bd32 100644 --- a/vanadium_patches/0018-disable-navigation-error-correction-by-default.patch +++ b/vanadium_patches/0018-disable-navigation-error-correction-by-default.patch @@ -8,10 +8,10 @@ Subject: [PATCH] disable navigation error correction by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chrome/browser/net/profile_network_context_service.cc b/chrome/browser/net/profile_network_context_service.cc -index a4d22cf5f1618..be06c27627396 100644 +index d63b035df4e9e..839d655c890ae 100644 --- a/chrome/browser/net/profile_network_context_service.cc +++ b/chrome/browser/net/profile_network_context_service.cc -@@ -621,7 +621,7 @@ void ProfileNetworkContextService::ConfigureNetworkContextParams( +@@ -622,7 +622,7 @@ void ProfileNetworkContextService::ConfigureNetworkContextParams( void ProfileNetworkContextService::RegisterProfilePrefs( user_prefs::PrefRegistrySyncable* registry) { registry->RegisterBooleanPref(embedder_support::kAlternateErrorPagesEnabled, diff --git a/vanadium_patches/0022-disable-hyperlink-auditing-by-default.patch b/vanadium_patches/0022-disable-hyperlink-auditing-by-default.patch index bf929fdc..46a94dac 100644 --- a/vanadium_patches/0022-disable-hyperlink-auditing-by-default.patch +++ b/vanadium_patches/0022-disable-hyperlink-auditing-by-default.patch @@ -8,10 +8,10 @@ Subject: [PATCH] disable hyperlink auditing by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc -index a582e4069416d..5f93e35e9c570 100644 +index b8acad00088e2..1d1be81e66a09 100644 --- a/chrome/browser/chrome_content_browser_client.cc +++ b/chrome/browser/chrome_content_browser_client.cc -@@ -1419,7 +1419,7 @@ void ChromeContentBrowserClient::RegisterLocalStatePrefs( +@@ -1462,7 +1462,7 @@ void ChromeContentBrowserClient::RegisterLocalStatePrefs( void ChromeContentBrowserClient::RegisterProfilePrefs( user_prefs::PrefRegistrySyncable* registry) { registry->RegisterBooleanPref(prefs::kDisable3DAPIs, false); diff --git a/vanadium_patches/0023-disable-showing-popular-sites-by-default.patch b/vanadium_patches/0023-disable-showing-popular-sites-by-default.patch index ed54c9cd..96088c4f 100644 --- a/vanadium_patches/0023-disable-showing-popular-sites-by-default.patch +++ b/vanadium_patches/0023-disable-showing-popular-sites-by-default.patch @@ -9,7 +9,7 @@ Subject: [PATCH] disable showing popular sites by default 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/components/ntp_tiles/features.cc b/components/ntp_tiles/features.cc -index d142c1aa45e45..fd9e3cb948293 100644 +index ad99eb2ce208f..b8cb2f180fd82 100644 --- a/components/ntp_tiles/features.cc +++ b/components/ntp_tiles/features.cc @@ -15,7 +15,7 @@ const char kPopularSitesFieldTrialName[] = "NTPPopularSites"; @@ -22,10 +22,10 @@ index d142c1aa45e45..fd9e3cb948293 100644 BASE_FEATURE(kNtpMostLikelyFaviconsFromServerFeature, "NTPMostLikelyFaviconsFromServer", diff --git a/components/ntp_tiles/most_visited_sites.cc b/components/ntp_tiles/most_visited_sites.cc -index 218d9a78014ca..91013a45d4739 100644 +index 3adb8ecd37d96..73da0a97054b0 100644 --- a/components/ntp_tiles/most_visited_sites.cc +++ b/components/ntp_tiles/most_visited_sites.cc -@@ -256,9 +256,11 @@ void MostVisitedSites::AddMostVisitedURLsObserver(Observer* observer, +@@ -260,9 +260,11 @@ void MostVisitedSites::AddMostVisitedURLsObserver(Observer* observer, if (!is_observing_) { is_observing_ = true; if (popular_sites_ && NeedPopularSites(prefs_, GetMaxNumSites())) { @@ -37,7 +37,7 @@ index 218d9a78014ca..91013a45d4739 100644 } if (top_sites_) { -@@ -563,6 +565,7 @@ MostVisitedSites::CreatePopularSitesSections( +@@ -631,6 +633,7 @@ MostVisitedSites::CreatePopularSitesSections( return sections; } @@ -45,7 +45,7 @@ index 218d9a78014ca..91013a45d4739 100644 const std::set no_hosts; for (const auto& section_type_and_sites : popular_sites()->sections()) { SectionType type = section_type_and_sites.first; -@@ -580,6 +583,7 @@ MostVisitedSites::CreatePopularSitesSections( +@@ -648,6 +651,7 @@ MostVisitedSites::CreatePopularSitesSections( /*num_max_tiles=*/GetMaxNumSites()); } } diff --git a/vanadium_patches/0026-disable-sensors-access-by-default.patch b/vanadium_patches/0026-disable-sensors-access-by-default.patch index 71fbc6ef..f3982c2a 100644 --- a/vanadium_patches/0026-disable-sensors-access-by-default.patch +++ b/vanadium_patches/0026-disable-sensors-access-by-default.patch @@ -8,7 +8,7 @@ Subject: [PATCH] disable sensors access by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/content_settings/core/browser/content_settings_registry.cc b/components/content_settings/core/browser/content_settings_registry.cc -index c9b9e27bc415b..a950ef573bd2b 100644 +index 4766cd8817d0b..306114b5ab08d 100644 --- a/components/content_settings/core/browser/content_settings_registry.cc +++ b/components/content_settings/core/browser/content_settings_registry.cc @@ -391,7 +391,7 @@ void ContentSettingsRegistry::Init() { diff --git a/vanadium_patches/0028-disable-third-party-cookies-by-default.patch b/vanadium_patches/0028-disable-third-party-cookies-by-default.patch index 6427f69a..1fd1745e 100644 --- a/vanadium_patches/0028-disable-third-party-cookies-by-default.patch +++ b/vanadium_patches/0028-disable-third-party-cookies-by-default.patch @@ -8,7 +8,7 @@ Subject: [PATCH] disable third party cookies by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/content_settings/core/browser/cookie_settings.cc b/components/content_settings/core/browser/cookie_settings.cc -index f5567359dd911..f5fc49d72b392 100644 +index b977278ac720e..81348f3d2e272 100644 --- a/components/content_settings/core/browser/cookie_settings.cc +++ b/components/content_settings/core/browser/cookie_settings.cc @@ -94,7 +94,7 @@ void CookieSettings::RegisterProfilePrefs( diff --git a/vanadium_patches/0029-disable-background-sync-by-default.patch b/vanadium_patches/0029-disable-background-sync-by-default.patch index c179574b..a338dd72 100644 --- a/vanadium_patches/0029-disable-background-sync-by-default.patch +++ b/vanadium_patches/0029-disable-background-sync-by-default.patch @@ -8,7 +8,7 @@ Subject: [PATCH] disable background sync by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/content_settings/core/browser/content_settings_registry.cc b/components/content_settings/core/browser/content_settings_registry.cc -index 037d1b14dfd1d..67f34ff0793cf 100644 +index 4f5c4d95034f7..d8dc7b39d2707 100644 --- a/components/content_settings/core/browser/content_settings_registry.cc +++ b/components/content_settings/core/browser/content_settings_registry.cc @@ -245,7 +245,7 @@ void ContentSettingsRegistry::Init() { diff --git a/vanadium_patches/0032-disable-media-router-by-default.patch b/vanadium_patches/0032-disable-media-router-by-default.patch index cb207fdd..919ba056 100644 --- a/vanadium_patches/0032-disable-media-router-by-default.patch +++ b/vanadium_patches/0032-disable-media-router-by-default.patch @@ -22,10 +22,10 @@ index daf9060b81282..0308cf507513f 100644 #if !BUILDFLAG(IS_ANDROID) || BUILDFLAG(ENABLE_DESKTOP_ANDROID_EXTENSIONS) diff --git a/chrome/browser/profiles/profile_impl.cc b/chrome/browser/profiles/profile_impl.cc -index 423606c31de58..0b79f5b3c2791 100644 +index 00b5b11b5f9f6..5baa4a4b0e55d 100644 --- a/chrome/browser/profiles/profile_impl.cc +++ b/chrome/browser/profiles/profile_impl.cc -@@ -428,7 +428,7 @@ void ProfileImpl::RegisterProfilePrefs( +@@ -427,7 +427,7 @@ void ProfileImpl::RegisterProfilePrefs( #endif registry->RegisterBooleanPref(prefs::kForceEphemeralProfiles, false); diff --git a/vanadium_patches/0034-disable-browser-sign-in-feature-by-default.patch b/vanadium_patches/0034-disable-browser-sign-in-feature-by-default.patch index 6e05ae0e..59ce537e 100644 --- a/vanadium_patches/0034-disable-browser-sign-in-feature-by-default.patch +++ b/vanadium_patches/0034-disable-browser-sign-in-feature-by-default.patch @@ -22,7 +22,7 @@ index 52a6425d14309..e12a7e812a86b 100644 // static diff --git a/components/signin/internal/identity_manager/primary_account_manager.cc b/components/signin/internal/identity_manager/primary_account_manager.cc -index c14327e3d8a35..d8a6c3213b5b8 100644 +index 1c62d5a6316d4..fb8475f2b3a8b 100644 --- a/components/signin/internal/identity_manager/primary_account_manager.cc +++ b/components/signin/internal/identity_manager/primary_account_manager.cc @@ -331,7 +331,7 @@ void PrimaryAccountManager::RegisterProfilePrefs(PrefRegistrySimple* registry) { diff --git a/vanadium_patches/0035-disable-safe-browsing-reporting-opt-in-by-default.patch b/vanadium_patches/0035-disable-safe-browsing-reporting-opt-in-by-default.patch index 4d05234e..c9a38504 100644 --- a/vanadium_patches/0035-disable-safe-browsing-reporting-opt-in-by-default.patch +++ b/vanadium_patches/0035-disable-safe-browsing-reporting-opt-in-by-default.patch @@ -8,7 +8,7 @@ Subject: [PATCH] disable safe browsing reporting opt-in by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/safe_browsing/core/common/safe_browsing_prefs.cc b/components/safe_browsing/core/common/safe_browsing_prefs.cc -index cbda8e4a12003..7ff4f4734706c 100644 +index 637e113bbf8eb..6580a1d02e69b 100644 --- a/components/safe_browsing/core/common/safe_browsing_prefs.cc +++ b/components/safe_browsing/core/common/safe_browsing_prefs.cc @@ -215,7 +215,7 @@ void RegisterProfilePrefs(PrefRegistrySimple* registry) { diff --git a/vanadium_patches/0036-disable-unused-safe-browsing-option-by-default.patch b/vanadium_patches/0036-disable-unused-safe-browsing-option-by-default.patch index bd8524a0..de1c4d51 100644 --- a/vanadium_patches/0036-disable-unused-safe-browsing-option-by-default.patch +++ b/vanadium_patches/0036-disable-unused-safe-browsing-option-by-default.patch @@ -12,7 +12,7 @@ that privacy is preserved. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/safe_browsing/core/common/safe_browsing_prefs.cc b/components/safe_browsing/core/common/safe_browsing_prefs.cc -index 7ff4f4734706c..6c95bd72d9151 100644 +index 6580a1d02e69b..703319b7045d3 100644 --- a/components/safe_browsing/core/common/safe_browsing_prefs.cc +++ b/components/safe_browsing/core/common/safe_browsing_prefs.cc @@ -221,7 +221,7 @@ void RegisterProfilePrefs(PrefRegistrySimple* registry) { diff --git a/vanadium_patches/0037-disable-media-DRM-preprovisioning-by-default.patch b/vanadium_patches/0037-disable-media-DRM-preprovisioning-by-default.patch index 4c1e8948..eb6b16f7 100644 --- a/vanadium_patches/0037-disable-media-DRM-preprovisioning-by-default.patch +++ b/vanadium_patches/0037-disable-media-DRM-preprovisioning-by-default.patch @@ -10,15 +10,15 @@ support is enabled. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/media/base/media_switches.cc b/media/base/media_switches.cc -index c0c4996e01bb7..a72e17d613f53 100644 +index e6484141d7ca6..658e3ab45f622 100644 --- a/media/base/media_switches.cc +++ b/media/base/media_switches.cc -@@ -1157,7 +1157,7 @@ BASE_FEATURE(kMediaDrmPersistentLicense, +@@ -987,7 +987,7 @@ BASE_FEATURE(MediaDrmPersistentLicense, base::FEATURE_ENABLED_BY_DEFAULT); + // Enables MediaDrmOriginIdManager to provide preprovisioned origin IDs for + // MediaDrmBridge. If disabled, MediaDrmBridge will get unprovisioned origin IDs // which will trigger provisioning process after MediaDrmBridge is created. - BASE_FEATURE(kMediaDrmPreprovisioning, - "MediaDrmPreprovisioning", -- base::FEATURE_ENABLED_BY_DEFAULT); -+ base::FEATURE_DISABLED_BY_DEFAULT); +-BASE_FEATURE(MediaDrmPreprovisioning, base::FEATURE_ENABLED_BY_DEFAULT); ++BASE_FEATURE(MediaDrmPreprovisioning, base::FEATURE_DISABLED_BY_DEFAULT); // Determines if MediaDrmOriginIdManager should attempt to pre-provision origin // IDs at startup (whenever a profile is loaded). Also used by tests that diff --git a/vanadium_patches/0038-disable-autofill-server-communication-by-default.patch b/vanadium_patches/0038-disable-autofill-server-communication-by-default.patch index fb2efd84..bb8cd622 100644 --- a/vanadium_patches/0038-disable-autofill-server-communication-by-default.patch +++ b/vanadium_patches/0038-disable-autofill-server-communication-by-default.patch @@ -8,10 +8,10 @@ Subject: [PATCH] disable autofill server communication by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/autofill/core/common/autofill_features.cc b/components/autofill/core/common/autofill_features.cc -index 8be068e424633..c852688c88e1f 100644 +index c602fd6a4e275..fda38e51887f4 100644 --- a/components/autofill/core/common/autofill_features.cc +++ b/components/autofill/core/common/autofill_features.cc -@@ -1044,7 +1044,7 @@ const base::FeatureParam kAutofillOverridePredictionsJson{ +@@ -1037,7 +1037,7 @@ const base::FeatureParam kAutofillOverridePredictionsJson{ // i.e., https://other.autofill.server:port/tbproxy/af/ BASE_FEATURE(kAutofillServerCommunication, "AutofillServerCommunication", diff --git a/vanadium_patches/0041-disable-trivial-subdomain-hiding.patch b/vanadium_patches/0041-disable-trivial-subdomain-hiding.patch index 3c356dbb..5af7a963 100644 --- a/vanadium_patches/0041-disable-trivial-subdomain-hiding.patch +++ b/vanadium_patches/0041-disable-trivial-subdomain-hiding.patch @@ -8,7 +8,7 @@ Subject: [PATCH] disable trivial subdomain hiding 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/components/url_formatter/url_formatter.cc b/components/url_formatter/url_formatter.cc -index a11dcb954fcdc..d526a37b16156 100644 +index 6e827a0f9bfc2..d20339c6bb5ca 100644 --- a/components/url_formatter/url_formatter.cc +++ b/components/url_formatter/url_formatter.cc @@ -676,8 +676,7 @@ std::u16string FormatUrlWithAdjustments( diff --git a/vanadium_patches/0046-Disable-newer-privacy-sandbox-features-by-default.patch b/vanadium_patches/0046-Disable-newer-privacy-sandbox-features-by-default.patch index 2956f50a..7149bfa6 100644 --- a/vanadium_patches/0046-Disable-newer-privacy-sandbox-features-by-default.patch +++ b/vanadium_patches/0046-Disable-newer-privacy-sandbox-features-by-default.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Mon, 25 Sep 2023 09:26:57 +0000 Subject: [PATCH] Disable newer privacy sandbox features by default @@ -10,23 +10,23 @@ Subject: [PATCH] Disable newer privacy sandbox features by default 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/privacy_sandbox/privacy_sandbox_features.cc b/components/privacy_sandbox/privacy_sandbox_features.cc -index d8e0b70ca333a..0e3762fc12fdb 100644 +index dbd12a82cabaf..19996e134a7a1 100644 --- a/components/privacy_sandbox/privacy_sandbox_features.cc +++ b/components/privacy_sandbox/privacy_sandbox_features.cc -@@ -24,7 +24,7 @@ const base::FeatureParam kPrivacySandboxAdsNoticeCCTAppId{ +@@ -20,7 +20,7 @@ const base::FeatureParam kPrivacySandboxAdsNoticeCCTAppId{ + kAndroidGoogleSearchAppIdName}; + #endif // BUILDFLAG(IS_ANDROID) - BASE_FEATURE(kPrivacySandboxSettings4, - "PrivacySandboxSettings4", -- base::FEATURE_ENABLED_BY_DEFAULT); -+ base::FEATURE_DISABLED_BY_DEFAULT); +-BASE_FEATURE(PrivacySandboxSettings4, base::FEATURE_ENABLED_BY_DEFAULT); ++BASE_FEATURE(PrivacySandboxSettings4, base::FEATURE_DISABLED_BY_DEFAULT); const char kPrivacySandboxSettings4ConsentRequiredName[] = "consent-required"; const char kPrivacySandboxSettings4NoticeRequiredName[] = "notice-required"; diff --git a/services/network/public/cpp/features.cc b/services/network/public/cpp/features.cc -index 793fb772f0326..036b9cb23bf99 100644 +index 7dd8e53b54132..5386ed2a9ad89 100644 --- a/services/network/public/cpp/features.cc +++ b/services/network/public/cpp/features.cc -@@ -479,7 +479,7 @@ BASE_FEATURE(kUpdateRequestForCorsRedirect, +@@ -487,7 +487,7 @@ BASE_FEATURE(kUpdateRequestForCorsRedirect, // Kill switch for the Topics API. BASE_FEATURE(kBrowsingTopics, "BrowsingTopics", @@ -36,22 +36,20 @@ index 793fb772f0326..036b9cb23bf99 100644 // Enable the shared storage API. Note that enabling this feature does not // automatically expose this API to the web, it only allows the element to be diff --git a/third_party/blink/common/features.cc b/third_party/blink/common/features.cc -index 5f1b4c3014c98..d711383cbdcd0 100644 +index 080c003ec1112..f64b9fd802513 100644 --- a/third_party/blink/common/features.cc +++ b/third_party/blink/common/features.cc -@@ -260,13 +260,13 @@ BASE_FEATURE(kBrowsingTopicsBypassIPIsPubliclyRoutableCheck, +@@ -195,11 +195,11 @@ BASE_FEATURE(BrowsingTopicsBypassIPIsPubliclyRoutableCheck, + // feature has to be enabled first (i.e. `kBrowsingTopics` is enabled, and, + // either a valid Origin Trial token exists or `kPrivacySandboxAdsAPIsOverride` // is enabled.) - BASE_FEATURE(kBrowsingTopicsDocumentAPI, - "BrowsingTopicsDocumentAPI", -- base::FEATURE_ENABLED_BY_DEFAULT); -+ base::FEATURE_DISABLED_BY_DEFAULT); +-BASE_FEATURE(BrowsingTopicsDocumentAPI, base::FEATURE_ENABLED_BY_DEFAULT); ++BASE_FEATURE(BrowsingTopicsDocumentAPI, base::FEATURE_DISABLED_BY_DEFAULT); // Decoupled with the main `kBrowsingTopics` feature, so it allows us to // decouple the server side configs. - BASE_FEATURE(kBrowsingTopicsParameters, - "BrowsingTopicsParameters", -- base::FEATURE_ENABLED_BY_DEFAULT); -+ base::FEATURE_DISABLED_BY_DEFAULT); +-BASE_FEATURE(BrowsingTopicsParameters, base::FEATURE_ENABLED_BY_DEFAULT); ++BASE_FEATURE(BrowsingTopicsParameters, base::FEATURE_DISABLED_BY_DEFAULT); // The periodic topics calculation interval. BASE_FEATURE_PARAM(base::TimeDelta, kBrowsingTopicsTimePeriodPerEpoch, diff --git a/vanadium_patches/0048-Disable-top-toolbar-button-Translate-option-by-defau.patch b/vanadium_patches/0048-Disable-top-toolbar-button-Translate-option-by-defau.patch index cc7813c9..ac0c859f 100644 --- a/vanadium_patches/0048-Disable-top-toolbar-button-Translate-option-by-defau.patch +++ b/vanadium_patches/0048-Disable-top-toolbar-button-Translate-option-by-defau.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Tue, 18 Jun 2024 18:50:35 +0000 Subject: [PATCH] Disable top toolbar button Translate option by default diff --git a/vanadium_patches/0055-disable-trials-of-privacy-aware-analytics-advertisin.patch b/vanadium_patches/0055-disable-trials-of-privacy-aware-analytics-advertisin.patch index 4628b652..ce8363fc 100644 --- a/vanadium_patches/0055-disable-trials-of-privacy-aware-analytics-advertisin.patch +++ b/vanadium_patches/0055-disable-trials-of-privacy-aware-analytics-advertisin.patch @@ -8,10 +8,10 @@ Subject: [PATCH] disable trials of privacy-aware analytics/advertising APIs 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/privacy_sandbox/privacy_sandbox_prefs.cc b/components/privacy_sandbox/privacy_sandbox_prefs.cc -index efbbac2801591..764d7907618a1 100644 +index 21ef1302ca2de..6fca2aace7ea5 100644 --- a/components/privacy_sandbox/privacy_sandbox_prefs.cc +++ b/components/privacy_sandbox/privacy_sandbox_prefs.cc -@@ -49,7 +49,7 @@ void RegisterProfilePrefs(PrefRegistrySimple* registry) { +@@ -50,7 +50,7 @@ void RegisterProfilePrefs(PrefRegistrySimple* registry) { prefs::kPrivacySandboxRelatedWebsiteSetsDataAccessAllowedInitialized, false); registry->RegisterBooleanPref( diff --git a/vanadium_patches/0057-disable-appending-variations-header.patch b/vanadium_patches/0057-disable-appending-variations-header.patch index 90c91660..e4f3c41a 100644 --- a/vanadium_patches/0057-disable-appending-variations-header.patch +++ b/vanadium_patches/0057-disable-appending-variations-header.patch @@ -8,10 +8,10 @@ Subject: [PATCH] disable appending variations header 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/components/variations/net/variations_http_headers.cc b/components/variations/net/variations_http_headers.cc -index 9b6ed6630c7cb..5bf0d95756a42 100644 +index b67b22928c67f..d9f6ef788f263 100644 --- a/components/variations/net/variations_http_headers.cc +++ b/components/variations/net/variations_http_headers.cc -@@ -116,10 +116,7 @@ URLValidationResult GetUrlValidationResult(const GURL& url) { +@@ -120,10 +120,7 @@ URLValidationResult GetUrlValidationResult(const GURL& url) { // Also, logs the result of validating |url| in histograms, one of which ends in // |suffix|. bool ShouldAppendVariationsHeader(const GURL& url, const std::string& suffix) { diff --git a/vanadium_patches/0058-Disable-detailed-language-settings-by-default.patch b/vanadium_patches/0058-Disable-detailed-language-settings-by-default.patch index 40655db3..ca8be41e 100644 --- a/vanadium_patches/0058-Disable-detailed-language-settings-by-default.patch +++ b/vanadium_patches/0058-Disable-detailed-language-settings-by-default.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Tue, 8 Feb 2022 03:04:20 +0000 Subject: [PATCH] Disable detailed language settings by default @@ -8,7 +8,7 @@ Subject: [PATCH] Disable detailed language settings by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/language/core/common/language_experiments.cc b/components/language/core/common/language_experiments.cc -index 6c563b6083905..0f5855ee98760 100644 +index 6aead5f64107a..6c7ce5a2d6933 100644 --- a/components/language/core/common/language_experiments.cc +++ b/components/language/core/common/language_experiments.cc @@ -13,7 +13,7 @@ namespace language { diff --git a/vanadium_patches/0059-disable-fetching-optimization-guides-by-default.patch b/vanadium_patches/0059-disable-fetching-optimization-guides-by-default.patch index 0f902a79..e676c5d4 100644 --- a/vanadium_patches/0059-disable-fetching-optimization-guides-by-default.patch +++ b/vanadium_patches/0059-disable-fetching-optimization-guides-by-default.patch @@ -8,10 +8,10 @@ Subject: [PATCH] disable fetching optimization guides by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/optimization_guide/core/optimization_guide_features.cc b/components/optimization_guide/core/optimization_guide_features.cc -index 7dec04561cba3..e8c5fe22127db 100644 +index 00f3d964d48bb..4472b03e14292 100644 --- a/components/optimization_guide/core/optimization_guide_features.cc +++ b/components/optimization_guide/core/optimization_guide_features.cc -@@ -89,7 +89,7 @@ BASE_FEATURE(kOptGuideEnableXNNPACKDelegateWithTFLite, +@@ -90,7 +90,7 @@ BASE_FEATURE(kOptGuideEnableXNNPACKDelegateWithTFLite, // Service. BASE_FEATURE(kOptimizationGuideFetchingForSRP, "OptimizationHintsFetchingSRP", diff --git a/vanadium_patches/0061-disable-fetching-optimization-hints-by-default.patch b/vanadium_patches/0061-disable-fetching-optimization-hints-by-default.patch index 7f080e1b..2eb3b9ad 100644 --- a/vanadium_patches/0061-disable-fetching-optimization-hints-by-default.patch +++ b/vanadium_patches/0061-disable-fetching-optimization-hints-by-default.patch @@ -8,10 +8,10 @@ Subject: [PATCH] disable fetching optimization hints by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/optimization_guide/core/optimization_guide_features.cc b/components/optimization_guide/core/optimization_guide_features.cc -index e8c5fe22127db..15ab1ae560338 100644 +index 4472b03e14292..12f69aeb49905 100644 --- a/components/optimization_guide/core/optimization_guide_features.cc +++ b/components/optimization_guide/core/optimization_guide_features.cc -@@ -50,7 +50,7 @@ constexpr auto enabled_by_default_mobile_only = +@@ -51,7 +51,7 @@ constexpr auto enabled_by_default_mobile_only = // hints for what optimizations can be applied on a page load. BASE_FEATURE(kOptimizationHints, "OptimizationHints", diff --git a/vanadium_patches/0062-disable-more-optimization-guides-features-by-default.patch b/vanadium_patches/0062-disable-more-optimization-guides-features-by-default.patch index 0712938e..59407318 100644 --- a/vanadium_patches/0062-disable-more-optimization-guides-features-by-default.patch +++ b/vanadium_patches/0062-disable-more-optimization-guides-features-by-default.patch @@ -25,10 +25,10 @@ index bde438ed438c6..71911553c4c65 100644 download::DownloadClient::OPTIMIZATION_GUIDE_PREDICTION_MODELS, std::make_unique( diff --git a/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc b/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc -index f6fa9dfef659e..53e2bdb2784c3 100644 +index 6b3b0916937c7..69dc27ae87a9f 100644 --- a/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc +++ b/chrome/browser/optimization_guide/optimization_guide_keyed_service.cc -@@ -531,6 +531,10 @@ void OptimizationGuideKeyedService::OnProfileInitializationComplete( +@@ -530,6 +530,10 @@ void OptimizationGuideKeyedService::OnProfileInitializationComplete( DCHECK(profile_observation_.IsObservingSource(profile)); profile_observation_.Reset(); @@ -40,10 +40,10 @@ index f6fa9dfef659e..53e2bdb2784c3 100644 return; } diff --git a/components/optimization_guide/core/optimization_guide_features.cc b/components/optimization_guide/core/optimization_guide_features.cc -index 15ab1ae560338..0f9a7a4c4c962 100644 +index 12f69aeb49905..1713c49d43a17 100644 --- a/components/optimization_guide/core/optimization_guide_features.cc +++ b/components/optimization_guide/core/optimization_guide_features.cc -@@ -57,6 +57,11 @@ BASE_FEATURE(kOptimizationTargetPrediction, +@@ -58,6 +58,11 @@ BASE_FEATURE(kOptimizationTargetPrediction, "OptimizationTargetPrediction", base::FEATURE_ENABLED_BY_DEFAULT); @@ -55,7 +55,7 @@ index 15ab1ae560338..0f9a7a4c4c962 100644 // Enables push notification of hints. BASE_FEATURE(kPushNotifications, "OptimizationGuidePushNotifications", -@@ -391,6 +396,10 @@ base::TimeDelta ModelExecutionWatchdogDefaultTimeout() { +@@ -392,6 +397,10 @@ base::TimeDelta ModelExecutionWatchdogDefaultTimeout() { )); } @@ -67,10 +67,10 @@ index 15ab1ae560338..0f9a7a4c4c962 100644 DCHECK(base::FeatureList::IsEnabled(kOptimizationGuideMetadataValidation)); return GetFieldTrialParamByFeatureAsBool(kOptimizationGuideMetadataValidation, diff --git a/components/optimization_guide/core/optimization_guide_features.h b/components/optimization_guide/core/optimization_guide_features.h -index b48165dae5d59..9705eff894766 100644 +index f56f69ea94dcb..5110a9f51010a 100644 --- a/components/optimization_guide/core/optimization_guide_features.h +++ b/components/optimization_guide/core/optimization_guide_features.h -@@ -38,6 +38,8 @@ BASE_DECLARE_FEATURE(kOptimizationGuideFetchingForSRP); +@@ -39,6 +39,8 @@ BASE_DECLARE_FEATURE(kOptimizationGuideFetchingForSRP); COMPONENT_EXPORT(OPTIMIZATION_GUIDE_FEATURES) BASE_DECLARE_FEATURE(kOptimizationTargetPrediction); COMPONENT_EXPORT(OPTIMIZATION_GUIDE_FEATURES) @@ -79,7 +79,7 @@ index b48165dae5d59..9705eff894766 100644 BASE_DECLARE_FEATURE(kPageTextExtraction); COMPONENT_EXPORT(OPTIMIZATION_GUIDE_FEATURES) BASE_DECLARE_FEATURE(kPushNotifications); -@@ -227,6 +229,10 @@ bool IsModelExecutionWatchdogEnabled(); +@@ -230,6 +232,10 @@ bool IsModelExecutionWatchdogEnabled(); COMPONENT_EXPORT(OPTIMIZATION_GUIDE_FEATURES) base::TimeDelta ModelExecutionWatchdogDefaultTimeout(); diff --git a/vanadium_patches/0073-enable-split-cache-by-default.patch b/vanadium_patches/0073-enable-split-cache-by-default.patch index 8ba65447..0277cd76 100644 --- a/vanadium_patches/0073-enable-split-cache-by-default.patch +++ b/vanadium_patches/0073-enable-split-cache-by-default.patch @@ -8,29 +8,28 @@ Subject: [PATCH] enable split cache by default 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/base/features.cc b/net/base/features.cc -index 91a1e8fbe44bb..cd47588f1629b 100644 +index 58aa8a22e7e64..04b31805982a4 100644 --- a/net/base/features.cc +++ b/net/base/features.cc -@@ -124,11 +124,11 @@ const base::FeatureParam +@@ -104,10 +104,10 @@ const base::FeatureParam + &kNetworkQualityEstimator, + "EffectiveConnectionTypeRecomputationInterval", base::Seconds(10)}; - BASE_FEATURE(kSplitCacheByIncludeCredentials, - "SplitCacheByIncludeCredentials", -- base::FEATURE_DISABLED_BY_DEFAULT); -+ base::FEATURE_ENABLED_BY_DEFAULT); +-BASE_FEATURE(SplitCacheByIncludeCredentials, base::FEATURE_DISABLED_BY_DEFAULT); ++BASE_FEATURE(SplitCacheByIncludeCredentials, base::FEATURE_ENABLED_BY_DEFAULT); - BASE_FEATURE(kSplitCacheByNetworkIsolationKey, - "SplitCacheByNetworkIsolationKey", + BASE_FEATURE(SplitCacheByNetworkIsolationKey, - base::FEATURE_DISABLED_BY_DEFAULT); + base::FEATURE_ENABLED_BY_DEFAULT); // Note: Use of this feature is gated on the HTTP cache itself being // partitioned, which is controlled by the kSplitCacheByNetworkIsolationKey -@@ -139,7 +139,7 @@ BASE_FEATURE(kSplitCacheByCrossSiteMainFrameNavigationBoolean, +@@ -116,7 +116,7 @@ BASE_FEATURE(SplitCacheByCrossSiteMainFrameNavigationBoolean, + base::FEATURE_ENABLED_BY_DEFAULT); - BASE_FEATURE(kSplitCodeCacheByNetworkIsolationKey, - "SplitCodeCacheByNetworkIsolationKey", + BASE_FEATURE(SplitCodeCacheByNetworkIsolationKey, - base::FEATURE_DISABLED_BY_DEFAULT); + base::FEATURE_ENABLED_BY_DEFAULT); - BASE_FEATURE(kPartitionConnectionsByNetworkIsolationKey, - "PartitionConnectionsByNetworkIsolationKey", + BASE_FEATURE(PartitionConnectionsByNetworkIsolationKey, + base::FEATURE_DISABLED_BY_DEFAULT); diff --git a/vanadium_patches/0074-enable-partitioning-connections-by-default.patch b/vanadium_patches/0074-enable-partitioning-connections-by-default.patch index 587913f1..4b78e808 100644 --- a/vanadium_patches/0074-enable-partitioning-connections-by-default.patch +++ b/vanadium_patches/0074-enable-partitioning-connections-by-default.patch @@ -8,15 +8,15 @@ Subject: [PATCH] enable partitioning connections by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/base/features.cc b/net/base/features.cc -index cd47588f1629b..4bf905e59296b 100644 +index 04b31805982a4..5ada078b68889 100644 --- a/net/base/features.cc +++ b/net/base/features.cc -@@ -143,7 +143,7 @@ BASE_FEATURE(kSplitCodeCacheByNetworkIsolationKey, +@@ -119,7 +119,7 @@ BASE_FEATURE(SplitCodeCacheByNetworkIsolationKey, + base::FEATURE_ENABLED_BY_DEFAULT); - BASE_FEATURE(kPartitionConnectionsByNetworkIsolationKey, - "PartitionConnectionsByNetworkIsolationKey", + BASE_FEATURE(PartitionConnectionsByNetworkIsolationKey, - base::FEATURE_DISABLED_BY_DEFAULT); + base::FEATURE_ENABLED_BY_DEFAULT); - BASE_FEATURE(kPrefixCookieHttp, - "PrefixCookieHttp", + BASE_FEATURE(PrefixCookieHttp, base::FEATURE_ENABLED_BY_DEFAULT); + diff --git a/vanadium_patches/0077-Enable-strict-origin-isolation-by-default.patch b/vanadium_patches/0077-Enable-strict-origin-isolation-by-default.patch index effc6307..c6d7e4b1 100644 --- a/vanadium_patches/0077-Enable-strict-origin-isolation-by-default.patch +++ b/vanadium_patches/0077-Enable-strict-origin-isolation-by-default.patch @@ -15,15 +15,15 @@ for more detail. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/public/common/content_features.cc b/content/public/common/content_features.cc -index 97f31360e7bf5..c53122877c7d3 100644 +index 695f82f8def50..f14f98b33dac2 100644 --- a/content/public/common/content_features.cc +++ b/content/public/common/content_features.cc -@@ -1215,7 +1215,7 @@ BASE_FEATURE(kSpareRendererForSitePerProcess, +@@ -1014,7 +1014,7 @@ BASE_FEATURE(SpareRendererForSitePerProcess, base::FEATURE_ENABLED_BY_DEFAULT); + + // Controls whether site isolation should use origins instead of scheme and // eTLD+1. - BASE_FEATURE(kStrictOriginIsolation, - "StrictOriginIsolation", -- base::FEATURE_DISABLED_BY_DEFAULT); -+ base::FEATURE_ENABLED_BY_DEFAULT); +-BASE_FEATURE(StrictOriginIsolation, base::FEATURE_DISABLED_BY_DEFAULT); ++BASE_FEATURE(StrictOriginIsolation, base::FEATURE_ENABLED_BY_DEFAULT); // Controls whether subframe process reuse should be restricted according to // resource usage policies. Namely, a process that is already consuming too diff --git a/vanadium_patches/0078-Enable-reduce-accept-language-header-by-default.patch b/vanadium_patches/0078-Enable-reduce-accept-language-header-by-default.patch index 2267fceb..5aa1dded 100644 --- a/vanadium_patches/0078-Enable-reduce-accept-language-header-by-default.patch +++ b/vanadium_patches/0078-Enable-reduce-accept-language-header-by-default.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Tue, 14 Feb 2023 21:35:28 +0000 Subject: [PATCH] Enable reduce accept language header by default @@ -8,7 +8,7 @@ Subject: [PATCH] Enable reduce accept language header by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/network/public/cpp/features.cc b/services/network/public/cpp/features.cc -index 036b9cb23bf99..dc3449db4966d 100644 +index 5386ed2a9ad89..4d3f013c3d198 100644 --- a/services/network/public/cpp/features.cc +++ b/services/network/public/cpp/features.cc @@ -199,7 +199,7 @@ BASE_FEATURE(kOmitCorsClientCert, diff --git a/vanadium_patches/0116-Derive-high-entropy-client-hints-with-reduced-user-a.patch b/vanadium_patches/0116-Derive-high-entropy-client-hints-with-reduced-user-a.patch index d15b805c..15a81d74 100644 --- a/vanadium_patches/0116-Derive-high-entropy-client-hints-with-reduced-user-a.patch +++ b/vanadium_patches/0116-Derive-high-entropy-client-hints-with-reduced-user-a.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Sun, 12 Nov 2023 04:26:12 +0000 Subject: [PATCH] Derive high entropy client hints with reduced user agent by default @@ -10,9 +10,9 @@ Android. --- .../embedder_support/user_agent_utils.cc | 29 +++++++++++++++++++ content/browser/client_hints/client_hints.cc | 14 +++++++++ - third_party/blink/common/features.cc | 10 +++++++ + third_party/blink/common/features.cc | 8 +++++ third_party/blink/public/common/features.h | 3 ++ - 4 files changed, 56 insertions(+) + 4 files changed, 54 insertions(+) diff --git a/components/embedder_support/user_agent_utils.cc b/components/embedder_support/user_agent_utils.cc index 2bb4faa0bc911..9c695d90b1a72 100644 @@ -55,10 +55,10 @@ index 2bb4faa0bc911..9c695d90b1a72 100644 return metadata; } diff --git a/content/browser/client_hints/client_hints.cc b/content/browser/client_hints/client_hints.cc -index 8d443bdcc6270..1a1e0705ec425 100644 +index 93c29179eab48..fa7abf849365e 100644 --- a/content/browser/client_hints/client_hints.cc +++ b/content/browser/client_hints/client_hints.cc -@@ -848,6 +848,20 @@ void AddRequestClientHintsHeaders( +@@ -860,6 +860,20 @@ void AddRequestClientHintsHeaders( GURL url = origin.GetURL(); @@ -72,7 +72,7 @@ index 8d443bdcc6270..1a1e0705ec425 100644 + UpdateNavigationRequestClientUaHeadersImpl( + delegate, is_ua_override_on, frame_tree_node, + ClientUaHeaderCallType::kDuringCreation, headers, container_policy, -+ request_url, data); ++ data, frame_tree_node); + return; + } + @@ -80,31 +80,29 @@ index 8d443bdcc6270..1a1e0705ec425 100644 if (ShouldAddClientHint(data, WebClientHintsType::kDeviceMemory_DEPRECATED)) { AddDeviceMemoryHeader(headers, /*use_deprecated_version*/ true); diff --git a/third_party/blink/common/features.cc b/third_party/blink/common/features.cc -index d711383cbdcd0..7f4650c89f751 100644 +index f64b9fd802513..11fbec08248dc 100644 --- a/third_party/blink/common/features.cc +++ b/third_party/blink/common/features.cc -@@ -435,6 +435,16 @@ BASE_FEATURE(kCheckHTMLParserBudgetLessOften, - "CheckHTMLParserBudgetLessOften", - base::FEATURE_DISABLED_BY_DEFAULT); +@@ -359,6 +359,14 @@ BASE_FEATURE(CaptureJSExecutionLocation, base::FEATURE_ENABLED_BY_DEFAULT); + + BASE_FEATURE(CheckHTMLParserBudgetLessOften, base::FEATURE_DISABLED_BY_DEFAULT); +// Enable low-entropy client hints only. -+BASE_FEATURE(kClientHintsLowEntropyOnly, -+ "ClientHintsLowEntropyOnly", ++BASE_FEATURE(ClientHintsLowEntropyOnly, + base::FEATURE_DISABLED_BY_DEFAULT); + +// Use information from reduced user agent for high entropy client hints. -+BASE_FEATURE(kClientHintsFromReducedUA, -+ "ClientHintsFromReducedUA", ++BASE_FEATURE(ClientHintsFromReducedUA, + base::FEATURE_ENABLED_BY_DEFAULT); + - BASE_FEATURE(kClearSiteDataPrefetchPrerenderCache, - "ClearSiteDataPrefetchPrerenderCache", + BASE_FEATURE(ClearSiteDataPrefetchPrerenderCache, base::FEATURE_ENABLED_BY_DEFAULT); + diff --git a/third_party/blink/public/common/features.h b/third_party/blink/public/common/features.h -index 0a04d02ad60f3..882bc88dc2577 100644 +index cf2874e216bfb..44c9c40783f05 100644 --- a/third_party/blink/public/common/features.h +++ b/third_party/blink/public/common/features.h -@@ -227,6 +227,9 @@ BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kCaptureJSExecutionLocation); +@@ -230,6 +230,9 @@ BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kCaptureJSExecutionLocation); // is a no-op if kTimedHTMLParserBudget is disabled. BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kCheckHTMLParserBudgetLessOften); diff --git a/vanadium_patches/0122-Use-local-list-of-supported-languages-for-Language-s.patch b/vanadium_patches/0122-Use-local-list-of-supported-languages-for-Language-s.patch index 51285bc2..dc8ac41b 100644 --- a/vanadium_patches/0122-Use-local-list-of-supported-languages-for-Language-s.patch +++ b/vanadium_patches/0122-Use-local-list-of-supported-languages-for-Language-s.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Sat, 25 Feb 2023 05:11:12 +0100 Subject: [PATCH] Use local list of supported languages for Language settings diff --git a/vanadium_patches/0161-Enable-content-settings-partitioning-by-default.patch b/vanadium_patches/0161-Enable-content-settings-partitioning-by-default.patch index 10249be1..b952b1f0 100644 --- a/vanadium_patches/0161-Enable-content-settings-partitioning-by-default.patch +++ b/vanadium_patches/0161-Enable-content-settings-partitioning-by-default.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Tue, 11 Jun 2024 02:56:51 +0000 Subject: [PATCH] Enable content settings partitioning by default @@ -8,10 +8,10 @@ Subject: [PATCH] Enable content settings partitioning by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/content_settings/core/common/features.cc b/components/content_settings/core/common/features.cc -index 91bd8ba44f273..2bdb9e5f9b59a 100644 +index 1f9115a6473c4..4483e24126a88 100644 --- a/components/content_settings/core/common/features.cc +++ b/components/content_settings/core/common/features.cc -@@ -175,7 +175,7 @@ const base::FeatureParam +@@ -170,7 +170,7 @@ const base::FeatureParam BASE_FEATURE(kContentSettingsPartitioning, "ContentSettingsPartitioning", diff --git a/vanadium_patches/0171-Isolate-sandboxed-iframes-per-site-by-default.patch b/vanadium_patches/0171-Isolate-sandboxed-iframes-per-site-by-default.patch index 1089f61f..4dacd2e8 100644 --- a/vanadium_patches/0171-Isolate-sandboxed-iframes-per-site-by-default.patch +++ b/vanadium_patches/0171-Isolate-sandboxed-iframes-per-site-by-default.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Tue, 23 Jul 2024 19:40:14 +0000 Subject: [PATCH] Isolate sandboxed iframes per site by default @@ -8,10 +8,10 @@ Subject: [PATCH] Isolate sandboxed iframes per site by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/third_party/blink/common/features.cc b/third_party/blink/common/features.cc -index 7f4650c89f751..feb52d4b8a1ca 100644 +index 11fbec08248dc..1ae21e5f1b7c7 100644 --- a/third_party/blink/common/features.cc +++ b/third_party/blink/common/features.cc -@@ -1259,7 +1259,7 @@ BASE_FEATURE_ENUM_PARAM(IsolateSandboxedIframesGrouping, +@@ -1080,7 +1080,7 @@ BASE_FEATURE_ENUM_PARAM(IsolateSandboxedIframesGrouping, kIsolateSandboxedIframesGroupingParam, &kIsolateSandboxedIframes, "grouping", @@ -19,4 +19,4 @@ index 7f4650c89f751..feb52d4b8a1ca 100644 + IsolateSandboxedIframesGrouping::kPerSite, &isolated_sandboxed_iframes_grouping_types); - BASE_FEATURE(kKalmanDirectionCutOff, + BASE_FEATURE(KalmanDirectionCutOff, base::FEATURE_DISABLED_BY_DEFAULT); diff --git a/vanadium_patches/0177-Support-restriction-of-dynamic-code.patch b/vanadium_patches/0177-Support-restriction-of-dynamic-code.patch index b65bb352..553c6095 100644 --- a/vanadium_patches/0177-Support-restriction-of-dynamic-code.patch +++ b/vanadium_patches/0177-Support-restriction-of-dynamic-code.patch @@ -21,7 +21,7 @@ It's inspired by PaX MPROTECT restrictions. 2 files changed, 73 insertions(+) diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc -index de2f86931e435..365f3996ea274 100644 +index 303c8e1d26f32..70e67a48e22a2 100644 --- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc +++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc @@ -15,6 +15,7 @@ @@ -32,7 +32,7 @@ index de2f86931e435..365f3996ea274 100644 #include #include #include -@@ -254,6 +255,31 @@ SANDBOX_EXPORT ResultExpr RestrictMremapFlagsForODML() { +@@ -262,6 +263,31 @@ SANDBOX_EXPORT ResultExpr RestrictMremapFlagsForODML() { return If((flags & ~kAllowedMask) == 0, Allow()).Else(CrashSIGSYS()); } @@ -64,7 +64,7 @@ index de2f86931e435..365f3996ea274 100644 ResultExpr RestrictMprotectFlags() { // The flags you see are actually the allowed ones, and the variable is a // "denied" mask because of the negation operator. -@@ -272,6 +298,24 @@ ResultExpr RestrictMprotectFlags() { +@@ -280,6 +306,24 @@ ResultExpr RestrictMprotectFlags() { return If((prot & ~kAllowedMask) == 0, Allow()).Else(CrashSIGSYS()); } @@ -89,7 +89,7 @@ index de2f86931e435..365f3996ea274 100644 ResultExpr RestrictFcntlCommands() { // We also restrict the flags in F_SETFL. We don't want to permit flags with // a history of trouble such as O_DIRECT. The flags you see are actually the -@@ -314,6 +358,17 @@ ResultExpr RestrictFcntlCommands() { +@@ -322,6 +366,17 @@ ResultExpr RestrictFcntlCommands() { // clang-format on } diff --git a/vanadium_patches/0178-Restriction-of-dynamic-code-execution-via-seccomp-bp.patch b/vanadium_patches/0178-Restriction-of-dynamic-code-execution-via-seccomp-bp.patch index 3a83be1c..a4970baf 100644 --- a/vanadium_patches/0178-Restriction-of-dynamic-code-execution-via-seccomp-bp.patch +++ b/vanadium_patches/0178-Restriction-of-dynamic-code-execution-via-seccomp-bp.patch @@ -25,7 +25,7 @@ code generation in the same processes on Linux via seccomp-bpf. 8 files changed, 129 insertions(+), 18 deletions(-) diff --git a/content/renderer/renderer_main_platform_delegate_android.cc b/content/renderer/renderer_main_platform_delegate_android.cc -index c7def9142f594..952ad402036cd 100644 +index 6486ffd030869..c4979e5c68c29 100644 --- a/content/renderer/renderer_main_platform_delegate_android.cc +++ b/content/renderer/renderer_main_platform_delegate_android.cc @@ -17,6 +17,10 @@ @@ -98,10 +98,10 @@ index 56ba083eb81f8..2057bba81de3e 100644 if (sysno == __NR_prctl) diff --git a/sandbox/policy/linux/bpf_audio_policy_linux.cc b/sandbox/policy/linux/bpf_audio_policy_linux.cc -index e1716b97e8f21..dc25d460460d5 100644 +index 3c24c69d02134..bcda92e412ca9 100644 --- a/sandbox/policy/linux/bpf_audio_policy_linux.cc +++ b/sandbox/policy/linux/bpf_audio_policy_linux.cc -@@ -121,6 +121,9 @@ ResultExpr AudioProcessPolicy::EvaluateSyscall(int system_call_number) const { +@@ -125,6 +125,9 @@ ResultExpr AudioProcessPolicy::EvaluateSyscall(int system_call_number) const { #endif default: #if defined(__x86_64__) diff --git a/vanadium_patches/0183-Enable-HSTS-upgrades-for-top-level-navigation-only-b.patch b/vanadium_patches/0183-Enable-HSTS-upgrades-for-top-level-navigation-only-b.patch index eabb575d..9ebdaaf1 100644 --- a/vanadium_patches/0183-Enable-HSTS-upgrades-for-top-level-navigation-only-b.patch +++ b/vanadium_patches/0183-Enable-HSTS-upgrades-for-top-level-navigation-only-b.patch @@ -8,15 +8,15 @@ Subject: [PATCH] Enable HSTS upgrades for top-level navigation only by default 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/base/features.cc b/net/base/features.cc -index 4bf905e59296b..2230055f00ec6 100644 +index 5ada078b68889..c1c2f9059b2e4 100644 --- a/net/base/features.cc +++ b/net/base/features.cc -@@ -775,7 +775,7 @@ BASE_FEATURE(kNewClientCertPathBuilding, +@@ -643,7 +643,7 @@ const base::FeatureParam + BASE_FEATURE(NewClientCertPathBuilding, base::FEATURE_ENABLED_BY_DEFAULT); + #endif // BUILDFLAG(USE_NSS_CERTS) - BASE_FEATURE(kHstsTopLevelNavigationsOnly, - "HstsTopLevelNavigationsOnly", -- base::FEATURE_DISABLED_BY_DEFAULT); -+ base::FEATURE_ENABLED_BY_DEFAULT); +-BASE_FEATURE(HstsTopLevelNavigationsOnly, base::FEATURE_DISABLED_BY_DEFAULT); ++BASE_FEATURE(HstsTopLevelNavigationsOnly, base::FEATURE_ENABLED_BY_DEFAULT); #if BUILDFLAG(IS_WIN) - BASE_FEATURE(kHttpCacheMappedFileFlushWin, + BASE_FEATURE(HttpCacheMappedFileFlushWin, base::FEATURE_DISABLED_BY_DEFAULT); diff --git a/vanadium_patches/0204-enable-certificate-transparency-feature-by-default-f.patch b/vanadium_patches/0204-enable-certificate-transparency-feature-by-default-f.patch index 5403034e..8b5ea21c 100644 --- a/vanadium_patches/0204-enable-certificate-transparency-feature-by-default-f.patch +++ b/vanadium_patches/0204-enable-certificate-transparency-feature-by-default-f.patch @@ -1,5 +1,5 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: fgei +From: quh4gko8 <88831734+quh4gko8@users.noreply.github.com> Date: Wed, 14 May 2025 05:22:22 +0000 Subject: [PATCH] enable certificate transparency feature by default for browser @@ -9,10 +9,10 @@ Subject: [PATCH] enable certificate transparency feature by default for 1 file changed, 4 deletions(-) diff --git a/chrome/browser/browser_features.cc b/chrome/browser/browser_features.cc -index e181af9ee59b1..360105d596afe 100644 +index ac73d3e3b4df9..b11dbe795a5c8 100644 --- a/chrome/browser/browser_features.cc +++ b/chrome/browser/browser_features.cc -@@ -54,11 +54,7 @@ BASE_FEATURE(kBookmarkTriggerForPreconnect, +@@ -60,11 +60,7 @@ BASE_FEATURE(kBookmarkTriggerForPrefetch, // switch. BASE_FEATURE(kCertificateTransparencyAskBeforeEnabling, "CertificateTransparencyAskBeforeEnabling", diff --git a/vanadium_patches/0205-enable-Local-Network-Access-checks-by-default.patch b/vanadium_patches/0205-enable-Local-Network-Access-checks-by-default.patch index 581b8a58..ad4dc0d8 100644 --- a/vanadium_patches/0205-enable-Local-Network-Access-checks-by-default.patch +++ b/vanadium_patches/0205-enable-Local-Network-Access-checks-by-default.patch @@ -4,31 +4,14 @@ Date: Wed, 4 Jun 2025 06:35:07 +0000 Subject: [PATCH] enable Local Network Access checks by default --- - services/network/public/cpp/features.cc | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) + services/network/public/cpp/features.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/network/public/cpp/features.cc b/services/network/public/cpp/features.cc -index dc3449db4966d..fe74761554043 100644 +index 4d3f013c3d198..8ce94cd202222 100644 --- a/services/network/public/cpp/features.cc +++ b/services/network/public/cpp/features.cc -@@ -229,14 +229,14 @@ BASE_FEATURE(kPrivateNetworkAccessPreflightShortTimeout, - // Spec: https://wicg.github.io/local-network-access/ - BASE_FEATURE(kLocalNetworkAccessChecks, - "LocalNetworkAccessChecks", -- base::FEATURE_DISABLED_BY_DEFAULT); -+ base::FEATURE_ENABLED_BY_DEFAULT); - - // If true, local network access checks will only be warnings. - BASE_FEATURE_PARAM(bool, - kLocalNetworkAccessChecksWarn, - &kLocalNetworkAccessChecks, - /*name=*/"LocalNetworkAccessChecksWarn", -- /*default_value=*/true); -+ /*default_value=*/false); - - // Enables Local Network Access checks for WebRTC. - // Blocks local network requests without user permission to prevent exploitation -@@ -245,7 +245,7 @@ BASE_FEATURE_PARAM(bool, +@@ -260,7 +260,7 @@ BASE_FEATURE_PARAM(bool, // Spec: https://wicg.github.io/local-network-access/ BASE_FEATURE(kLocalNetworkAccessChecksWebRTC, "LocalNetworkAccessChecksWebRTC", diff --git a/vanadium_patches/0207-bugfix-avoid-crashes-on-Web-Reporting-API-calls.patch b/vanadium_patches/0206-bugfix-avoid-crashes-on-Web-Reporting-API-calls.patch similarity index 100% rename from vanadium_patches/0207-bugfix-avoid-crashes-on-Web-Reporting-API-calls.patch rename to vanadium_patches/0206-bugfix-avoid-crashes-on-Web-Reporting-API-calls.patch