From ce7fe9f21173d9bf5f75d08f8718d5a58a4d1763 Mon Sep 17 00:00:00 2001 From: brave-builds <45370463+brave-builds@users.noreply.github.com> Date: Tue, 19 Sep 2023 10:34:36 +0900 Subject: [PATCH] Implement GPC opt-out flag (uplift to 1.59.x) (#20147) Uplift of #19953 (squashed) to beta --- browser/about_flags.cc | 8 ++++ browser/net/brave_request_handler.cc | 10 +++-- ...rol_network_delegate_helper_browsertest.cc | 38 +++++++++++++++++++ .../third_party/blink/common/features.cc | 5 +++ .../blink/public/common/features.h | 1 + .../global_privacy_control.cc | 5 ++- 6 files changed, 63 insertions(+), 4 deletions(-) diff --git a/browser/about_flags.cc b/browser/about_flags.cc index 3318ecb55719..558125b982eb 100644 --- a/browser/about_flags.cc +++ b/browser/about_flags.cc @@ -867,6 +867,14 @@ kOsWin | kOsLinux | kOsMac, \ FEATURE_VALUE_TYPE(features::kBraveCopyCleanLinkByDefault), \ }, \ + { \ + "brave-global-privacy-control-enabled", \ + "Enable Global Privacy Control", \ + "Enable the Sec-GPC request header and the " \ + "navigator.globalPrivacyControl JS API", \ + kOsAll, \ + FEATURE_VALUE_TYPE(blink::features::kBraveGlobalPrivacyControl), \ + }, \ { \ "https-by-default", \ "Use HTTPS by Default", \ diff --git a/browser/net/brave_request_handler.cc b/browser/net/brave_request_handler.cc index 94c1cb74efce..42a603011cef 100644 --- a/browser/net/brave_request_handler.cc +++ b/browser/net/brave_request_handler.cc @@ -35,6 +35,7 @@ #include "extensions/common/constants.h" #include "net/base/features.h" #include "net/base/net_errors.h" +#include "third_party/blink/public/common/features.h" #if BUILDFLAG(ENABLE_BRAVE_WEBTORRENT) #include "brave/browser/net/brave_torrent_redirect_network_delegate_helper.h" @@ -100,9 +101,12 @@ void BraveRequestHandler::SetupCallbacks() { base::BindRepeating(brave::OnBeforeStartTransaction_SiteHacksWork); before_start_transaction_callbacks_.push_back(start_transaction_callback); - start_transaction_callback = base::BindRepeating( - brave::OnBeforeStartTransaction_GlobalPrivacyControlWork); - before_start_transaction_callbacks_.push_back(start_transaction_callback); + if (base::FeatureList::IsEnabled( + blink::features::kBraveGlobalPrivacyControl)) { + start_transaction_callback = base::BindRepeating( + brave::OnBeforeStartTransaction_GlobalPrivacyControlWork); + before_start_transaction_callbacks_.push_back(start_transaction_callback); + } start_transaction_callback = base::BindRepeating(brave::OnBeforeStartTransaction_BraveServiceKey); diff --git a/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc b/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc index c3d563c1d811..cffb6ff43ec1 100644 --- a/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc +++ b/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc @@ -3,6 +3,7 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this file, * You can obtain one at https://mozilla.org/MPL/2.0/. */ +#include "base/feature_list.h" #include "base/path_service.h" #include "base/thread_annotations.h" #include "brave/components/constants/brave_paths.h" @@ -15,6 +16,9 @@ #include "net/dns/mock_host_resolver.h" #include "net/test/embedded_test_server/http_request.h" #include "third_party/abseil-cpp/absl/types/optional.h" +#include "third_party/blink/public/common/features.h" + +using blink::features::kBraveGlobalPrivacyControl; enum class GPCHeaderResult { kOk, @@ -149,3 +153,37 @@ IN_PROC_BROWSER_TEST_F(GlobalPrivacyControlNetworkDelegateBrowserTest, EXPECT_EQ(MessageServiceWorker(rfh, "hasGpc"), true); EXPECT_EQ(MessageServiceWorker(rfh, "checkGpc"), true); } + +class GlobalPrivacyControlFlagDisabledTest + : public GlobalPrivacyControlNetworkDelegateBrowserTest { + public: + GlobalPrivacyControlFlagDisabledTest() { + feature_list_.InitAndDisableFeature(kBraveGlobalPrivacyControl); + } + + private: + base::test::ScopedFeatureList feature_list_; +}; + +// When kGlobalPrivacyControl is disabled, the Sec-GPC header shouldn't be sent. +IN_PROC_BROWSER_TEST_F(GlobalPrivacyControlFlagDisabledTest, SecGPCHeaderNot1) { + const GURL target = https_server().GetURL("a.test", "/simple.html"); + StartTracking(); + ASSERT_TRUE(ui_test_utils::NavigateToURL(browser(), target)); + EXPECT_EQ(header_result(), GPCHeaderResult::kNoHeader); +} + +// When kGlobalPrivacyControl is disabled, the `navigator.globalPrivacyControl` +// should not return true. +IN_PROC_BROWSER_TEST_F(GlobalPrivacyControlFlagDisabledTest, + NavigatorGlobalPrivacyAPI) { + const GURL target = https_server().GetURL("a.test", "/simple.html"); + ASSERT_TRUE(ui_test_utils::NavigateToURL(browser(), target)); + + auto* rfh = browser() + ->tab_strip_model() + ->GetActiveWebContents() + ->GetPrimaryMainFrame(); + + EXPECT_EQ(false, content::EvalJs(rfh, "navigator.globalPrivacyControl")); +} diff --git a/chromium_src/third_party/blink/common/features.cc b/chromium_src/third_party/blink/common/features.cc index a0c4b1b8ba19..db0022376e71 100644 --- a/chromium_src/third_party/blink/common/features.cc +++ b/chromium_src/third_party/blink/common/features.cc @@ -104,6 +104,11 @@ BASE_FEATURE(kBraveRoundTimeStamps, "BraveRoundTimeStamps", base::FEATURE_ENABLED_BY_DEFAULT); +// Enables the Global Privacy Control header and navigator APIs. +BASE_FEATURE(kBraveGlobalPrivacyControl, + "BraveGlobalPrivacyControl", + base::FEATURE_ENABLED_BY_DEFAULT); + // Enable EventSource connection pool limit per eTLD+1. BASE_FEATURE(kRestrictEventSourcePool, "RestrictEventSourcePool", diff --git a/chromium_src/third_party/blink/public/common/features.h b/chromium_src/third_party/blink/public/common/features.h index 7aa36ef1d3cb..e757ad88ac3c 100644 --- a/chromium_src/third_party/blink/public/common/features.h +++ b/chromium_src/third_party/blink/public/common/features.h @@ -22,6 +22,7 @@ BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kNavigatorConnectionAttribute); BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kPartitionBlinkMemoryCache); BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kRestrictWebSocketsPool); BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kBraveBlockScreenFingerprinting); +BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kBraveGlobalPrivacyControl); BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kBraveRoundTimeStamps); BLINK_COMMON_EXPORT BASE_DECLARE_FEATURE(kRestrictEventSourcePool); diff --git a/third_party/blink/renderer/modules/global_privacy_control/global_privacy_control.cc b/third_party/blink/renderer/modules/global_privacy_control/global_privacy_control.cc index 79753c35ff44..f7f2d0c5bbdc 100644 --- a/third_party/blink/renderer/modules/global_privacy_control/global_privacy_control.cc +++ b/third_party/blink/renderer/modules/global_privacy_control/global_privacy_control.cc @@ -5,10 +5,13 @@ #include "brave/third_party/blink/renderer/modules/global_privacy_control/global_privacy_control.h" +#include "base/feature_list.h" +#include "third_party/blink/public/common/features.h" + namespace blink { bool GlobalPrivacyControl::globalPrivacyControl(NavigatorBase& navigator) { - return true; + return base::FeatureList::IsEnabled(features::kBraveGlobalPrivacyControl); } } // namespace blink