Have PublicKeyCredential.signalUnknownCredential hide passkeys in GPM
instead of deleting them. This is done by setting the `hidden` property
to `true`. Follow-up CLs will use this property to skip these passkeys
on sign in UI.
Since it will be possible for sites to unhide passkeys as well, guard
the execution of this method behind a quota tracker to prevent rogue
sites from overloading sync.
Hiding passkeys is not yet enabled by default.
See go/webauthn-signal-api-prd
Bug: 399683089
Change-Id: I047c7a342e7216247ff5b6dd4f09fae9a5d4e2c9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6319004
Commit-Queue: Nina Satragno <nsatragno@chromium.org>
Reviewed-by: Mohamed Amir Yosef <mamir@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428576}
Use mojom better aligned with JS API IDL and opt-guide proto.
(role + content structs, not an interleaved sequence like odms mojom)
This aims to support an optimization guide impl: crrev.com/c/6311589
Bug: 385173789, 385173368
Change-Id: I8fe21473289c494e2fe8d42e17412d2498263172
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6313078
Auto-Submit: Mike Wasserman <msw@chromium.org>
Reviewed-by: Daseul Lee <dslee@chromium.org>
Commit-Queue: Daseul Lee <dslee@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Brad Triebwasser <btriebw@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428573}
Make sure that logs capturing the console error also get the
ancestor in the logs. When logging the elements, provide the
class name and id as well. Elements will look something like:
<div.myclass#some_id>, which will help authors find them.
Bug: none
Change-Id: I1e4acd6eaba417600bcf6a82343f90e8b2d13e04
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6330418
Reviewed-by: Mark Schillaci <mschillaci@google.com>
Auto-Submit: Aaron Leventhal <aleventhal@chromium.org>
Commit-Queue: Aaron Leventhal <aleventhal@chromium.org>
Commit-Queue: Mark Schillaci <mschillaci@google.com>
Cr-Commit-Position: refs/heads/main@{#1428563}
This CL adds a flag to the ManifestIconDownloader to suppress warnings
for chrome:// urls that can be user installed, like the Password Manager
PWA. This is a preemptive move to ensure that chrome:// urls do not
write error logs to the console that potentially have the tendency to
overload the crash/ server (See linked bug for more information). The
flag is default initialized to false to prevent behavior from other
callsites from changing.
Also includes an automated test verifying this behavior.
Bug: 381069204
Change-Id: I83d405aa6a48dbf13331102962dd525ddc784dbe
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6324609
Reviewed-by: Daniel Murphy <dmurph@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Commit-Queue: Dibyajyoti Pal <dibyapal@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428544}
Fetch the last interaction timestamp from the BTM database as soon as
the user navigates to a page, so it's not affected by user activity on
that page before the next navigation.
Unfortunately, this is complicated. We start fetching the timestamp when
one navigation finishes, and then want to populate the UKM builder
object when the next navigation finishes, but we might not have the
timestamp yet. And if the "visit" wasn't short or is otherwise
ineligible, we don't want to emit the metric at all.
To solve this, we define a `AsyncMetricsState` class that can store the
two pieces of state we need. To keep ownership simple, instances are
always owned by `BtmShortVisitObserver`, though this means that pending
visits just get dropped if the BtmShortVisitObserver is deleted (i.e.
the tab is closed) before we get the timestamps for them.
Bug: 400503247
Change-Id: I938b0773b8626f2388b4a10098ed2c2a430f874c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6328379
Commit-Queue: Ryan Tarpine <rtarpine@chromium.org>
Reviewed-by: Svend Larsen <svend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428533}
Currently we have Chrome events that never match with Android events.
This CL adds support to the following Chrome events:
IMAGE_ANNOTATION_CHANGED fires CONTENT_CHANGE_TYPE_CONTENT_DESCRIPTION
AX-Relnotes: N/A
Bug: 385139347
Change-Id: I57f42c61e309acf97e85caad00c32497ac989cdc
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6318179
Reviewed-by: Mark Schillaci <mschillaci@google.com>
Reviewed-by: Aaron Leventhal <aleventhal@chromium.org>
Commit-Queue: Ricky Yang <rickyyang@google.com>
Cr-Commit-Position: refs/heads/main@{#1428528}
This CL introduces an AuctionDownloader::NetworkEventsDelegate that
wires up almost all devtools hooks needed for PA network requires to
both appear in devtools, and to support devtools configurations that can
affect them.
The helper is only used by TrustedSignalsFetcher, for now. It also
provides a static helper method that's used by AuctionURLLoaderProxy,
to avoid having multiple copies of the logic.
Bug: 330322161
Change-Id: I56e7278fb8844968e16e2c67ddf45628f704b062
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6310822
Commit-Queue: mmenke <mmenke@chromium.org>
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428506}
This CL adds a regression test where PrefetchService::prefetch_queue_ is
not empty and PrefetchService::active_prefetch_ is std::nullopt, but no
additional prefetch is started.
Bug: 400233773, 390329781
Change-Id: Iaf4865c9aad60305d2c3c07da1c921a559c0e825
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6310958
Commit-Queue: Taiyo Mizuhashi <taiyo@chromium.org>
Reviewed-by: Ken Okada <kenoss@chromium.org>
Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428475}
There were three copies of the code to get the User-Agent header
override given a FrameTreeNode. This CL adds a utility function to
handle that, in preparation to add yet another consumer.
Bug: None
Change-Id: Iccd406074ac5d75f1d57879d7d8585bbaf28290f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6329697
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Commit-Queue: mmenke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428443}
Its functionality is duplicated by GetUserAgent() these days, but we
could not use the latter while this component depended on //content.
Now that this is no longer an issue, remove the last call to
GetReducedUserAgent(), which also allows removing
GetMajorVersionNumber() from PrefetchServiceDelegate. All overrides had
the same implementation, and GetUserAgent() achieves the same thing
without requiring a version number to be passed.
Bug: 389970327
Change-Id: If7b7946d92eb78b9ff0983ded22699b968d1682e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6244462
Reviewed-by: Bo Liu <boliu@chromium.org>
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Commit-Queue: Raphael Kubo da Costa <kubo@igalia.com>
Reviewed-by: Mike Taylor <miketaylr@chromium.org>
Reviewed-by: Max Curran <curranmax@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428427}
This builds upon https://crrev.com/c/6312237 by completely doing away
with btm's own BUILD.gn. It existed only to define its unit tests, which
is not what other directories do in //content.
Doing so also allows us to get rid of the golden_dbs_bundle_data target,
which is likely a remnant of when this code was in //chrome. The content
layer uses a .filelist file to track files that need to be added to a
bundle, so we were originally setting those files in the
golden_dbs_bundle_data target as well as the content_test_bundle_data
one, which led to `gn gen` failures.
Instead of playing with the .filelist and the .globlist based on what is
specified in golden_dbs_bundle_data, switch to solely using the
.filelist all other code also does.
Bug: 399868999
Change-Id: I1af22d523cc42749d071ed8156e89a726ae07508
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6318359
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Commit-Queue: Raphael Kubo da Costa <kubo@igalia.com>
Reviewed-by: Ryan Tarpine <rtarpine@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428411}
Since we cannot depend on the gRPC corpus anymore, it's a good idea to
start using FuzzTest so that we ensure the generated strings are valid
JSON.
Here, we're using a particular domain that'll both create valid and
invalid JSON. This actually mimics the old corpus, because at every
fuzzer start, we are feeding the string mutator with a valid JSON.
This helps go deeper with a simple string mutator, while still testing
for invalid cases.
Bug: 399449169
Change-Id: I2e81d87323728b933a28fd84de95cb86a63281e6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6308902
Commit-Queue: Paul Semel <paulsemel@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428401}
This fixes https://kunskapsguiden.se and a number of other sites using
components that have an "interesting" mix of dynamic aria-hidden,
aria-owns and role changes. Simply loading the site in a debug
build shows the issue. It started crashing worse recently --
BlinkAXTreeSource::ChildAt() has a check that became fatal
starting in milestone 127.
Was not able to create a simplified test case.
Fixed: 377975067
Change-Id: I72cf3f731ab75284a76db142a6f470cb5ccc7f2e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6320067
Commit-Queue: Aaron Leventhal <aleventhal@chromium.org>
Reviewed-by: Alison Maher <almaher@microsoft.com>
Auto-Submit: Aaron Leventhal <aleventhal@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428349}
This change replaces the old vector‐based API
GetTextEditCommandsForEvent with a function that returns a single
ui::TextEditCommand. INVALID_COMMAND is returned when no valid command
applies. The command mapping no longer relies on heap-allocated data
(vector and string), so can now be a compile time constant.
The old code used a complex signal handling approach that simulated a
keypress in a fake window and widget to observe the resulting text edit
command. However, the only "key theme" GTK ever supported was emacs
bindings before key themes were removed in GTK4. This CL simplifies the
approach by directly mapping key events to edit commands. It also
enables emacs bindings on GTK4 and (eventually, when this code is moved
out of //ui/gtk since it no longer has any GTK dependencies) QT.
Change-Id: If4856d33aa8ec45f2e397aa517032ddc22b63def
Bug: None
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6314265
Reviewed-by: Hidehiko Abe <hidehiko@chromium.org>
Reviewed-by: Jonathan Ross <jonross@chromium.org>
Reviewed-by: Peter Kasting <pkasting@chromium.org>
Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428340}
Chrome doesn't yet support multiple requests of multiple protocols in
the DC presentation API. Therefore, Chrome is forwarding only the first
request to the and caching the protocol of that request to attach back
to the response.
In order to support multiple-requests, Chrome should instead read the
protocol from the digital wallet response.
Unfortunately, digital wallets weren't adding the protocol in the
response to Chrome, and hence Chrome cannot always read the protocol
from that response.
This CL adds the infrastructure to return the response from the lowest
layers interacting with the Android platform API to upper layer. In the
upper layer, if a protocol is returned, it is preferred, otherwise, it
fallbacks to the request computed in Chrome.
This CL should be no-op since the lowest layers are hardcoded to return
an empty protocol and hence Chrome always fallbacks to the cached
protocol maintaining the same behaviour as today.
The long term plan is remove such backward compatibly logic when the
Android API are official and out of the alpha phase.
Low-Coverage-Reason: pure refactoring CL
Bug: 336329411
Change-Id: I20b57d78b19603e87a0582db93f523ca649772bb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6285928
Reviewed-by: Christian Biesinger <cbiesinger@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Commit-Queue: Mohamed Amir Yosef <mamir@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428305}
This feature is behind a flag kInputScenarioPriorityBoost for
experiments. If enabled, the default thread type of RendererMain will
be reduced to kDefault and boost to kDisplayCritical during typing.
Bug: 365586676
Change-Id: Icf235ea6a035b793f1b6aebb3b804d7ca56f0d08
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6308410
Reviewed-by: Joe Mason <joenotcharles@google.com>
Reviewed-by: Etienne Pierre-Doray <etiennep@chromium.org>
Commit-Queue: Jiahe Zhang <jiahe.zhang@intel.com>
Cr-Commit-Position: refs/heads/main@{#1428165}
Today all `PrefetchContainer`s will be added to
PrefetchService::owned_prefetches_ once
PrefetchService::AddPrefetchContainer =>
PrefetchService::AddPrefetchContainerWithoutStartingPrefetch is called.
Bug: n/a
Change-Id: I4558bb431c32c2a71d9dfffadbfe28d0ba59fd7d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6312156
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428033}
This CL makes `PrefetchNetworkContext::GetURLLoaderFactory()` return
`scoped_refptr<network::SharedURLLoaderFactory>` instead of a raw
pointer, to allow the factory plumbed across tasks asynchronously without passing raw pointers. After https://chromium-review.googlesource.com/c/chromium/src/+/6228199, the URLLoaderFactory can be used after asynchronous ServiceWorker check.
Alternatively, we could call `PrefetchNetworkContext::GetURLLoaderFactory()` when the factory is needed (after ServiceWorker check), but instead we first call `GetURLLoaderFactory()` and then plumb the `scoped_refptr<network::SharedURLLoaderFactory>` asynchronously, to decouple the user of the factory (in `PrefetchStreamingURLLoader`) from its original owner (`PrefetchNetworkContext`).
https://docs.google.com/document/d/1kbs8YJuh93F_K6JqW84YSsjVWcAeU41Mj9nwPr6IXRs/edit?tab=t.0#bookmark=id.kohs7htfumek
This (and the subsequent CL) might extend the lifetime of the returned
URLLoaderFactory a little, but probably it's OK because the
URLLoaderFactory still doesn't outlive `PrefetchStreamingURLLoader`.
Bug: 40947546
Change-Id: I51fc017c9723760fe43881710574dfea3a0dc129
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6177744
Reviewed-by: Ken Okada <kenoss@chromium.org>
Reviewed-by: Taiyo Mizuhashi <taiyo@chromium.org>
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1428015}
Although this method has no side-effects, it was not marked as const,
likely due to a few dependencies lacking a const variant. This CL fixes
this issue. Other methods in WebContents might more easily be marked
const as a follow-up.
Bug: 400292280
Change-Id: Iaa656c27a24cc326cd5c8275e178ebc81bbe3de8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6321945
Reviewed-by: Avi Drissman <avi@chromium.org>
Reviewed-by: Matthew Jones <mdjones@chromium.org>
Commit-Queue: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427986}
This cl forces the web contents to ignore any incoming text
correction that appies to an older version of the web contents's
text, avoiding a crash.
Bug: 372217922
Change-Id: Iaf502a04af58fba395cadc12652ddd6ccaed520c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6299632
Commit-Queue: Jayson Adams <shrike@chromium.org>
Reviewed-by: Leonard Grey <lgrey@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427904}
This CL introduces `ChromeWebAuthenticationDelegateBase` to provide a
shared implementation for WebAuthn logic common to both Android and
Desktop platforms.
The implementation of `OriginMayUseRemoteDesktopClientOverride` has been
moved to the `ChromeWebAuthenticationDelegateBase` from
`ChromeWebAuthenticationDelegate`.
The `OriginMayUseRemoteDesktopClientOverride` method controls access to
the `RemoteDesktopClientOverride` feature, which is currently used only
on Desktop. While a new flag-guarded policy is being introduced
(https://crbug.com/391132173), this change itself does not alter
WebAuthn behavior on Android. The existing corp-only policy remains
excluded from Android builds.
Bug: 391132173
Change-Id: Ibf44e3528f5ae620d360ee125dfd4266be10da1f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6304723
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Commit-Queue: Andrii Natiahlyi <natiahlyi@google.com>
Reviewed-by: Martin Kreichgauer <martinkr@google.com>
Cr-Commit-Position: refs/heads/main@{#1427863}
This change removes a unused switch to disable WebSQL.
WebSQL is also already deprecated as of Oct 2023 so this
should no longer enable WebSQL anyway.
Bug: 395838064
Change-Id: I6e31872dcd1fccfcf632db9c342e7b900759ae8f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6265825
Commit-Queue: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427832}
Following the successful deployment of the feature
kAncestorChainBitEnabledInPartitionedCookies being enabled by default
and metrics showing that there is no longer usage of users disabling it.
Usages of the flag are being removed and all code that utilized the
feature is being refactored to reflect a state in which the feature is
enabled.
OBSOLETE_HISTOGRAM[Cookie.FirstPartyPartitioned.HasCrossSiteAncestor]=
Feature that metric was tracking has been removed.
Bug: 328043119
Change-Id: Ifc0ccfba6cbac610c3c26370c0393b4a005fbbbb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6316346
Reviewed-by: Steven Bingler <bingler@chromium.org>
Reviewed-by: Dylan Cutler <dylancutler@google.com>
Auto-Submit: Aaron Selya <selya@google.com>
Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
Commit-Queue: Aaron Selya <selya@google.com>
Reviewed-by: Bo Liu <boliu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427719}
1. This flag has been default-on for long enough that it may now be
safely removed from the codebase.
2. Existing tests are reanchored on a different fixture.
3. A minor expansion of test coverage is added, ensuring the
side-effect is not experienced by newly opened (and navigated) tabs
after the original one is closed.
Bug: 328589994
Change-Id: Ie295a473515ac3a20ee47e5596144615c7aa0ca0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6316730
Reviewed-by: Avi Drissman <avi@chromium.org>
Commit-Queue: Elad Alon <eladalon@chromium.org>
Auto-Submit: Elad Alon <eladalon@chromium.org>
Reviewed-by: Tove Petersson <tovep@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427678}
The code in //content was present since the WebKit days, and the split
between //content and //components was unclear.
Move everything into //components/embedder_support:user_agent to make it
easier for callers to determine which functions to use as well as for
ease of maintenance.
The functions from //content have been moved wholesale; some will be
removed or made internal in other CLs in the chain.
NO_IFTT=The functions in embedder_support are called only on Android,
there is no need to update the code in //ios
Bug: 389970327
Change-Id: Ic87e0691f54e392374dcd060faba744ab0ebfedb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6244461
Commit-Queue: Colin Blundell <blundell@chromium.org>
Reviewed-by: Colin Blundell <blundell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427625}
According to the ramp up plan, we will launch this feature on Mar 11.
This CL also updates the back_forward_cache_no_store_browsertest.cc:
- for the previous main frame/sub frame test
(BackForwardCacheBrowserTestNoTestingConfig after
http://crrev.com/c/4943313) will explicitly disable BFCache for CCNS
since it's testing that behaviour.
- for
BackForwardCacheWithJsNetworkRequestReceivingCCNSResourceBrowserTest,
update the logic and comment to make sure that the CCNS page will be
evicted only when the same-origin JS network happens, and they will be
reported together.
This CL also rename the feature name for
`kJsNetworkRequestReceivedCacheControlNoStoreResource` to
`js-network-request-received-cache-control-no-store` so it's different
from the name with CCNS itself. This makes the reason field in the not
restore reason API more meaningful.
Bug: 40189625
Change-Id: I85692053a46a56b998b65164d7e4df3dfc118ec0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6309859
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Fergal Daly <fergal@chromium.org>
Commit-Queue: Mingyu Lei <leimy@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427608}
This CL creates a blink RuntimeEnabledFeature for
DeviceBoundSessionCredentials and propagates its value to the network
stack so the `URLRequestHttpJob` can decide whether to respond to the
registration headers. This is done by adding a new boolean to
ResourceRequest, analogous to `shared_dictionary_writer_enabled`.
Fixed: 382327823
Change-Id: I47ab849a3cee1e5003bae2ce0ec454bcffe8e06a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6313742
Commit-Queue: Daniel Rubery <drubery@chromium.org>
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Fergal Daly <fergal@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1427547}
