Remove WinSboxAllowSystemFonts escape valve

This has been in Stable for a whole milestone so we can remove the
emergency off switch.

Bug: 1023583
Change-Id: I39f921c5816ed5eae64c40b40cf15b202e24191e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4752719
Commit-Queue: Alex Gough <ajgo@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1179852}

chrome/browser/ui/webui/sandbox/sandbox_handler.cc

@@ -85,8 +85,6 @@ base::Value::List FetchSandboxFeatures() {
       FeatureToValue(sandbox::policy::features::kNetworkServiceSandbox));
   features.Append(
       FeatureToValue(sandbox::policy::features::kRendererAppContainer));
-  features.Append(
-      FeatureToValue(sandbox::policy::features::kWinSboxAllowSystemFonts));
   features.Append(
       FeatureToValue(sandbox::policy::features::kWinSboxRendererCloseKsecDD));
   features.Append(FeatureToValue(

content/browser/renderer_host/renderer_sandboxed_process_launcher_delegate.cc

@@ -88,11 +88,7 @@ RendererSandboxedProcessLauncherDelegateWin::
 }
 
 bool RendererSandboxedProcessLauncherDelegateWin::AllowWindowsFontsDir() {
-  if (is_pdf_renderer_) {
-    return true;
-  }
-  return base::FeatureList::IsEnabled(
-      sandbox::policy::features::kWinSboxAllowSystemFonts);
+  return is_pdf_renderer_;
 }
 
 std::string RendererSandboxedProcessLauncherDelegateWin::GetSandboxTag() {

sandbox/policy/features.cc

@@ -59,12 +59,6 @@ BASE_FEATURE(kRendererAppContainer,
              "RendererAppContainer",
              base::FEATURE_DISABLED_BY_DEFAULT);
 
-// Emergency "off switch" for removal of direct system font access from
-// web renderer processes.
-BASE_FEATURE(kWinSboxAllowSystemFonts,
-             "WinSboxAllowSystemFonts",
-             base::FEATURE_DISABLED_BY_DEFAULT);
-
 // Enables very high job memory limits for sandboxed renderer processes. This
 // sets a limit of 1Tb, effectively removing the Job memory limits, except in
 // egregious cases.

sandbox/policy/features.h

@@ -30,7 +30,6 @@ SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kWinSboxDisableExtensionPoints);
 SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kGpuAppContainer);
 SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kGpuLPAC);
 SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kRendererAppContainer);
-SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kWinSboxAllowSystemFonts);
 SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kWinSboxHighRendererJobMemoryLimits);
 SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kWinSboxRendererCloseKsecDD);
 SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kWinSboxWarmupProcessPrng);

testing/variations/fieldtrial_testing_config.json

@@ -17068,21 +17068,6 @@
             ]
         }
     ],
-    "WinSboxAllowSystemFonts": [
-        {
-            "platforms": [
-                "windows"
-            ],
-            "experiments": [
-                {
-                    "name": "Disabled",
-                    "disable_features": [
-                        "WinSboxAllowSystemFonts"
-                    ]
-                }
-            ]
-        }
-    ],
     "WinSboxHighRendererJobMemoryLimits": [
         {
             "platforms": [