Browser: Remove reverts from bromite_patches

From: csagan5 <32685696+csagan5@users.noreply.github.com>

Date: Tue, 28 Jul 2020 12:28:58 +0200

Subject: Block gateway attacks via websockets

This approach is not comprehensive, see also:

* https://bugs.chromium.org/p/chromium/issues/detail?id=590714

License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html

---

 .../execution_context/execution_context.cc    | 16 ++++++++++

 .../execution_context/execution_context.h     |  1 +

 .../renderer/core/loader/base_fetch_context.h |  1 +

 .../core/loader/frame_fetch_context.cc        | 20 ++++++++++++

 .../core/loader/frame_fetch_context.h         |  1 +

 .../core/loader/worker_fetch_context.cc       | 21 +++++++++++++

 .../core/loader/worker_fetch_context.h        |  1 +

 .../core/workers/installed_scripts_manager.cc |  4 +--

 .../background_fetch_manager.cc               | 31 +++++++++++++++++++

 .../websockets/websocket_channel_impl.cc      |  5 +++

 .../modules/websockets/websocket_common.cc    | 30 ++++++++++++++++++

 .../modules/websockets/websocket_common.h     |  4 +++

 12 files changed, 133 insertions(+), 2 deletions(-)

diff --git a/third_party/blink/renderer/core/execution_context/execution_context.cc b/third_party/blink/renderer/core/execution_context/execution_context.cc

--- a/third_party/blink/renderer/core/execution_context/execution_context.cc

+++ b/third_party/blink/renderer/core/execution_context/execution_context.cc

@@ -713,4 +713,20 @@ void ExecutionContext::WriteIntoTrace(

   proto->set_world_type(GetWorldType(*this));

 }

+String ExecutionContext::addressSpaceForBindings() const {

+  switch (AddressSpace()) {

+    case network::mojom::IPAddressSpace::kPublic:

+    case network::mojom::IPAddressSpace::kUnknown:

+      return "public";

+

+    case network::mojom::IPAddressSpace::kPrivate:

+      return "private";

+

+    case network::mojom::IPAddressSpace::kLocal:

+      return "local";

+  }

+  NOTREACHED();

+  return "public";

+}

+

 }  // namespace blink

diff --git a/third_party/blink/renderer/core/execution_context/execution_context.h b/third_party/blink/renderer/core/execution_context/execution_context.h

--- a/third_party/blink/renderer/core/execution_context/execution_context.h

+++ b/third_party/blink/renderer/core/execution_context/execution_context.h

@@ -391,6 +391,7 @@ class CORE_EXPORT ExecutionContext : public Supplementable<ExecutionContext>,

   void SetAddressSpace(network::mojom::blink::IPAddressSpace ip_address_space);

   HeapObserverSet<ContextLifecycleObserver>& ContextLifecycleObserverSet();

+  String addressSpaceForBindings() const;

   unsigned ContextLifecycleStateObserverCountForTesting() const;

   // Implementation of WindowOrWorkerGlobalScope.crossOriginIsolated.

diff --git a/third_party/blink/renderer/core/loader/base_fetch_context.h b/third_party/blink/renderer/core/loader/base_fetch_context.h

--- a/third_party/blink/renderer/core/loader/base_fetch_context.h

+++ b/third_party/blink/renderer/core/loader/base_fetch_context.h

@@ -89,6 +89,7 @@ class CORE_EXPORT BaseFetchContext : public FetchContext {

   virtual SubresourceFilter* GetSubresourceFilter() const = 0;

   virtual bool ShouldBlockWebSocketByMixedContentCheck(const KURL&) const = 0;

+  virtual bool ShouldBlockGateWayAttacks(network::mojom::IPAddressSpace requestor_space, const KURL&) const = 0;

   virtual std::unique_ptr<WebSocketHandshakeThrottle>

   CreateWebSocketHandshakeThrottle() = 0;

diff --git a/third_party/blink/renderer/core/loader/frame_fetch_context.cc b/third_party/blink/renderer/core/loader/frame_fetch_context.cc

--- a/third_party/blink/renderer/core/loader/frame_fetch_context.cc

+++ b/third_party/blink/renderer/core/loader/frame_fetch_context.cc

@@ -588,6 +588,26 @@ bool FrameFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {

   return should_block_request;

 }

+bool FrameFetchContext::ShouldBlockGateWayAttacks(network::mojom::IPAddressSpace requestor_space, const KURL& request_url) const {

+  // TODO(mkwst): This only checks explicit IP addresses. We'll have to move

+  // all this up to //net and //content in order to have any real impact on

+  // gateway attacks. That turns out to be a TON of work (crbug.com/378566).

+  if (requestor_space == network::mojom::IPAddressSpace::kUnknown)

+    requestor_space = network::mojom::IPAddressSpace::kPublic;

+  network::mojom::IPAddressSpace target_space =

+      network::mojom::IPAddressSpace::kPublic;

+  if (network_utils::IsReservedIPAddress(request_url.Host()))

+    target_space = network::mojom::IPAddressSpace::kPrivate;

+  if (SecurityOrigin::Create(request_url)->IsLocalhost())

+    target_space = network::mojom::IPAddressSpace::kLocal;

+

+  bool is_external_request = requestor_space > target_space;

+  if (is_external_request)

+    return true;

+

+  return false;

+}

+

 void FrameFetchContext::DispatchDidBlockRequest(

     const ResourceRequest& resource_request,

     const ResourceLoaderOptions& options,

diff --git a/third_party/blink/renderer/core/loader/frame_fetch_context.h b/third_party/blink/renderer/core/loader/frame_fetch_context.h

--- a/third_party/blink/renderer/core/loader/frame_fetch_context.h

+++ b/third_party/blink/renderer/core/loader/frame_fetch_context.h

@@ -175,6 +175,7 @@ class CORE_EXPORT FrameFetchContext final : public BaseFetchContext,

   bool ShouldBlockWebSocketByMixedContentCheck(const KURL&) const override;

   std::unique_ptr<WebSocketHandshakeThrottle> CreateWebSocketHandshakeThrottle()

       override;

+  bool ShouldBlockGateWayAttacks(network::mojom::IPAddressSpace requestor_space, const KURL&) const override;

   bool ShouldBlockFetchByMixedContentCheck(

       mojom::blink::RequestContextType request_context,

       network::mojom::blink::IPAddressSpace target_address_space,

diff --git a/third_party/blink/renderer/core/loader/worker_fetch_context.cc b/third_party/blink/renderer/core/loader/worker_fetch_context.cc

--- a/third_party/blink/renderer/core/loader/worker_fetch_context.cc

+++ b/third_party/blink/renderer/core/loader/worker_fetch_context.cc

@@ -25,6 +25,7 @@

 #include "third_party/blink/renderer/platform/loader/fetch/url_loader/url_loader_factory.h"

 #include "third_party/blink/renderer/platform/loader/fetch/worker_resource_timing_notifier.h"

 #include "third_party/blink/renderer/platform/network/network_state_notifier.h"

+#include "third_party/blink/renderer/platform/network/network_utils.h"

 #include "third_party/blink/renderer/platform/runtime_enabled_features.h"

 #include "third_party/blink/renderer/platform/scheduler/public/virtual_time_controller.h"

 #include "third_party/blink/renderer/platform/supplementable.h"

@@ -94,6 +95,26 @@ bool WorkerFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {

   return should_block_request;

 }

+bool WorkerFetchContext::ShouldBlockGateWayAttacks(network::mojom::IPAddressSpace requestor_space, const KURL& request_url) const {

+  // TODO(mkwst): This only checks explicit IP addresses. We'll have to move

+  // all this up to //net and //content in order to have any real impact on

+  // gateway attacks. That turns out to be a TON of work (crbug.com/378566).

+  if (requestor_space == network::mojom::IPAddressSpace::kUnknown)

+    requestor_space = network::mojom::IPAddressSpace::kPublic;

+  network::mojom::IPAddressSpace target_space =

+      network::mojom::IPAddressSpace::kPublic;

+  if (network_utils::IsReservedIPAddress(request_url.Host()))

+    target_space = network::mojom::IPAddressSpace::kPrivate;

+  if (SecurityOrigin::Create(request_url)->IsLocalhost())

+    target_space = network::mojom::IPAddressSpace::kLocal;

+

+  bool is_external_request = requestor_space > target_space;

+  if (is_external_request)

+    return true;

+

+  return false;

+}

+

 void WorkerFetchContext::DispatchDidBlockRequest(

     const ResourceRequest& resource_request,

     const ResourceLoaderOptions& options,

diff --git a/third_party/blink/renderer/core/loader/worker_fetch_context.h b/third_party/blink/renderer/core/loader/worker_fetch_context.h

--- a/third_party/blink/renderer/core/loader/worker_fetch_context.h

+++ b/third_party/blink/renderer/core/loader/worker_fetch_context.h

@@ -64,6 +64,7 @@ class WorkerFetchContext final : public BaseFetchContext {

   bool ShouldBlockWebSocketByMixedContentCheck(const KURL&) const override;

   std::unique_ptr<WebSocketHandshakeThrottle> CreateWebSocketHandshakeThrottle()

       override;

+  bool ShouldBlockGateWayAttacks(network::mojom::IPAddressSpace requestor_space, const KURL&) const override;

   bool ShouldBlockFetchByMixedContentCheck(

       mojom::blink::RequestContextType request_context,

       network::mojom::blink::IPAddressSpace target_address_space,

diff --git a/third_party/blink/renderer/core/workers/installed_scripts_manager.cc b/third_party/blink/renderer/core/workers/installed_scripts_manager.cc

--- a/third_party/blink/renderer/core/workers/installed_scripts_manager.cc

+++ b/third_party/blink/renderer/core/workers/installed_scripts_manager.cc

@@ -33,9 +33,9 @@ InstalledScriptsManager::ScriptData::ScriptData(

   // place so that this is shareable out of worker code.

   response_address_space_ = network::mojom::IPAddressSpace::kPublic;

   if (network_utils::IsReservedIPAddress(script_url_.Host()))

-    response_address_space_ = network::mojom::IPAddressSpace::kLocal;

+    response_address_space_ = network::mojom::IPAddressSpace::kPrivate;

   if (SecurityOrigin::Create(script_url_)->IsLocalhost())

-    response_address_space_ = network::mojom::IPAddressSpace::kLoopback;

+    response_address_space_ = network::mojom::IPAddressSpace::kLocal;

 }

 ContentSecurityPolicyResponseHeaders

diff --git a/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc b/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc

--- a/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc

+++ b/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc

@@ -101,6 +101,30 @@ bool ShouldBlockDanglingMarkup(const KURL& request_url) {

          request_url.ProtocolIsInHTTPFamily();

 }

+bool ShouldBlockGateWayAttacks(ExecutionContext* execution_context,

+                               const KURL& request_url) {

+    network::mojom::IPAddressSpace requestor_space =

+        execution_context->AddressSpace();

+    if (requestor_space == network::mojom::IPAddressSpace::kUnknown)

+      requestor_space = network::mojom::IPAddressSpace::kPublic;

+

+    // TODO(mkwst): This only checks explicit IP addresses. We'll have to move

+    // all this up to //net and //content in order to have any real impact on

+    // gateway attacks. That turns out to be a TON of work (crbug.com/378566).

+    network::mojom::IPAddressSpace target_space =

+        network::mojom::IPAddressSpace::kPublic;

+    if (network_utils::IsReservedIPAddress(request_url.Host()))

+      target_space = network::mojom::IPAddressSpace::kPrivate;

+    if (SecurityOrigin::Create(request_url)->IsLocalhost())

+      target_space = network::mojom::IPAddressSpace::kLocal;

+

+    bool is_external_request = requestor_space > target_space;

+    if (is_external_request)

+      return true;

+

+  return false;

+}

+

 scoped_refptr<BlobDataHandle> ExtractBlobHandle(

     Request* request,

     ExceptionState& exception_state) {

@@ -187,6 +211,13 @@ ScriptPromise BackgroundFetchManager::fetch(

                                  exception_state);

     }

+    if (ShouldBlockGateWayAttacks(execution_context, request_url)) {

+      return RejectWithTypeError(script_state, request_url,

+                                 "Requestor IP address space doesn't match the "

+                                 "target address space.",

+                                 exception_state);

+    }

+

     if (ShouldBlockPort(request_url)) {

       return RejectWithTypeError(script_state, request_url,

                                  "that port is not allowed", exception_state);

diff --git a/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc b/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc

--- a/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc

+++ b/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc

@@ -276,6 +276,11 @@ bool WebSocketChannelImpl::Connect(const KURL& url, const String& protocol) {

     return false;

   }

+  if (GetBaseFetchContext()->ShouldBlockGateWayAttacks(execution_context_->AddressSpace(), url)) {

+    has_initiated_opening_handshake_ = false;

+    return false;

+  }

+

   if (auto* scheduler = execution_context_->GetScheduler()) {

     // Two features are registered here:

     // - `kWebSocket`: a non-sticky feature that will disable BFCache for any

diff --git a/third_party/blink/renderer/modules/websockets/websocket_common.cc b/third_party/blink/renderer/modules/websockets/websocket_common.cc

--- a/third_party/blink/renderer/modules/websockets/websocket_common.cc

+++ b/third_party/blink/renderer/modules/websockets/websocket_common.cc

@@ -125,9 +125,39 @@ WebSocketCommon::ConnectResult WebSocketCommon::Connect(

     return ConnectResult::kException;

   }

+  network::mojom::IPAddressSpace requestor_space =

+      execution_context->AddressSpace();

+  if (ShouldBlockGateWayAttacks(requestor_space, url_)) {

+    state_ = kClosed;

+    exception_state.ThrowSecurityError(

+        "Access to address of '" + url_.Host() +

+        "' is not allowed from current address space.");

+    return ConnectResult::kException;

+  }

+

   return ConnectResult::kSuccess;

 }

+bool WebSocketCommon::ShouldBlockGateWayAttacks(network::mojom::IPAddressSpace requestor_space, const KURL& request_url) const {

+  // TODO(mkwst): This only checks explicit IP addresses. We'll have to move

+  // all this up to //net and //content in order to have any real impact on

+  // gateway attacks. That turns out to be a TON of work (crbug.com/378566).

+  if (requestor_space == network::mojom::IPAddressSpace::kUnknown)

+    requestor_space = network::mojom::IPAddressSpace::kPublic;

+  network::mojom::IPAddressSpace target_space =

+      network::mojom::IPAddressSpace::kPublic;

+  if (network_utils::IsReservedIPAddress(request_url.Host()))

+    target_space = network::mojom::IPAddressSpace::kPrivate;

+  if (SecurityOrigin::Create(request_url)->IsLocalhost())

+    target_space = network::mojom::IPAddressSpace::kLocal;

+

+  bool is_external_request = requestor_space > target_space;

+  if (is_external_request)

+    return true;

+

+  return false;

+}

+

 void WebSocketCommon::CloseInternal(int code,

                                     const String& reason,

                                     WebSocketChannel* channel,

diff --git a/third_party/blink/renderer/modules/websockets/websocket_common.h b/third_party/blink/renderer/modules/websockets/websocket_common.h

--- a/third_party/blink/renderer/modules/websockets/websocket_common.h

+++ b/third_party/blink/renderer/modules/websockets/websocket_common.h

@@ -7,6 +7,8 @@

 #ifndef THIRD_PARTY_BLINK_RENDERER_MODULES_WEBSOCKETS_WEBSOCKET_COMMON_H_

 #define THIRD_PARTY_BLINK_RENDERER_MODULES_WEBSOCKETS_WEBSOCKET_COMMON_H_

+#include "services/network/public/mojom/ip_address_space.mojom.h"

+#include "third_party/blink/renderer/platform/network/network_utils.h"

 #include "third_party/blink/renderer/modules/modules_export.h"

 #include "third_party/blink/renderer/platform/weborigin/kurl.h"

 #include "third_party/blink/renderer/platform/wtf/allocator/allocator.h"

@@ -54,6 +56,8 @@ class MODULES_EXPORT WebSocketCommon {

   void SetState(State state) { state_ = state; }

   const KURL& Url() const { return url_; }

+  bool ShouldBlockGateWayAttacks(network::mojom::IPAddressSpace requestor_space, const KURL& url) const;

+

   // The following methods are public for testing.

   // Returns true if |protocol| is a valid WebSocket subprotocol name.

--

2.25.1

From: csagan5 <32685696+csagan5@users.noreply.github.com>

Date: Mon, 10 Feb 2020 23:13:13 +0100

Subject: Guard for user-agent reduction

License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html

---

 chrome/browser/chrome_content_browser_client.cc  |  2 +-

 content/common/user_agent.cc                     | 13 +++++--------

 third_party/blink/common/features.cc             |  4 ++--

 .../platform/runtime_enabled_features.json5      | 16 ++++++++--------

 4 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc

--- a/chrome/browser/chrome_content_browser_client.cc

+++ b/chrome/browser/chrome_content_browser_client.cc

@@ -1650,7 +1650,7 @@ void ChromeContentBrowserClient::RegisterProfilePrefs(

   registry->RegisterIntegerPref(

       prefs::kUserAgentReduction,

       static_cast<int>(

-          embedder_support::UserAgentReductionEnterprisePolicyState::kDefault));

+          embedder_support::UserAgentReductionEnterprisePolicyState::kForceEnabled));

   registry->RegisterBooleanPref(prefs::kOriginAgentClusterDefaultEnabled, true);

   registry->RegisterBooleanPref(

       policy::policy_prefs::kIsolatedAppsDeveloperModeAllowed, true);

diff --git a/content/common/user_agent.cc b/content/common/user_agent.cc

--- a/content/common/user_agent.cc

+++ b/content/common/user_agent.cc

@@ -347,14 +347,7 @@ std::string BuildUserAgentFromProduct(const std::string& product) {

 }

 std::string BuildModelInfo() {

-  std::string model;

-#if BUILDFLAG(IS_ANDROID)

-  // Only send the model information if on the release build of Android,

-  // matching user agent behaviour.

-  if (base::SysInfo::GetAndroidBuildCodename() == "REL")

-    model = base::SysInfo::HardwareModelName();

-#endif

-  return model;

+  return std::string();

 }

 #if BUILDFLAG(IS_ANDROID)

@@ -375,6 +368,10 @@ std::string GetAndroidOSInfo(

     IncludeAndroidModel include_android_model) {

   std::string android_info_str;

+  // Do not send information about the device.

+  include_android_model = IncludeAndroidModel::Exclude;

+  include_android_build_number = IncludeAndroidBuildNumber::Exclude;

+

   // Send information about the device.

   bool semicolon_inserted = false;

   if (include_android_model == IncludeAndroidModel::Include) {

diff --git a/third_party/blink/common/features.cc b/third_party/blink/common/features.cc

--- a/third_party/blink/common/features.cc

+++ b/third_party/blink/common/features.cc

@@ -1501,8 +1501,8 @@ BASE_FEATURE(kReducedReferrerGranularity,

 const base::FeatureParam<std::string> kUserAgentFrozenBuildVersion{

     &kReduceUserAgentMinorVersion, "build_version", "0"};

-const base::FeatureParam<bool> kAllExceptLegacyWindowsPlatform = {

-    &kReduceUserAgentPlatformOsCpu, "all_except_legacy_windows_platform", true};

+const base::FeatureParam<bool> kAllExceptLegacyWindowsPlatform = {                 // must be enabled

+    &kReduceUserAgentPlatformOsCpu, "all_except_legacy_windows_platform", true};   // in Bromite

 const base::FeatureParam<bool> kLegacyWindowsPlatform = {

     &kReduceUserAgentPlatformOsCpu, "legacy_windows_platform", true};

diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 b/third_party/blink/renderer/platform/runtime_enabled_features.json5

--- a/third_party/blink/renderer/platform/runtime_enabled_features.json5

+++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5

@@ -3099,23 +3099,23 @@

       // If enabled, the deviceModel will be reduced to "K" and the

       // androidVersion will be reduced to a static "10" string in android

       // User-Agent string.

-      name: "ReduceUserAgentAndroidVersionDeviceModel",

-      depends_on: ["ReduceUserAgentMinorVersion"],

-      status: {"Android": "stable"},

+      name: "ReduceUserAgentAndroidVersionDeviceModel",   // keep

+      depends_on: ["ReduceUserAgentMinorVersion"],        // enabled

+      status: {"Android": "stable"},                      // in bromite

     },

     // If enabled, the minor version of the User-Agent string will be reduced.

     // This User-Agent Reduction feature has been enabled starting from M101,

     // but we still keep this flag for future phase tests.

     {

-      name: "ReduceUserAgentMinorVersion",

-      status: "stable",

+      name: "ReduceUserAgentMinorVersion",                // keep enabled

+      status: "stable",                                   // in bromite

     },

     {

       // If enabled, the platform and oscpu of the User-Agent string will be

       // reduced.

-      name: "ReduceUserAgentPlatformOsCpu",

-      depends_on: ["ReduceUserAgentMinorVersion"],

-      status: {"Android": "", "default": "stable"},

+      name: "ReduceUserAgentPlatformOsCpu",               // keep

+      depends_on: ["ReduceUserAgentMinorVersion"],        // enabled

+      status: {"Android": "", "default": "stable"},       // in bromite

     },

     {

       name: "RegionCapture",

--

2.25.1

From: uazo <uazo@users.noreply.github.com>

Date: Thu, 14 Jul 2022 09:48:45 +0000

Subject: Remove navigator.connection info

Change the result of navigator.connection to default values

and disable observers

Original License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html

License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html

---

 .../renderer/modules/netinfo/network_information.cc   |  5 ++++-

 .../platform/network/network_state_notifier.cc        | 11 +++++++++++

 .../platform/network/network_state_notifier.h         |  2 +-

 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/third_party/blink/renderer/modules/netinfo/network_information.cc b/third_party/blink/renderer/modules/netinfo/network_information.cc

--- a/third_party/blink/renderer/modules/netinfo/network_information.cc

+++ b/third_party/blink/renderer/modules/netinfo/network_information.cc

@@ -61,7 +61,7 @@ NetworkInformation::~NetworkInformation() {

 }

 bool NetworkInformation::IsObserving() const {

-  return !!connection_observer_handle_;

+  return false;

 }

 String NetworkInformation::type() const {

@@ -155,6 +155,7 @@ void NetworkInformation::ConnectionChange(

     const absl::optional<base::TimeDelta>& transport_rtt,

     const absl::optional<double>& downlink_mbps,

     bool save_data) {

+  if ((true)) return;

   DCHECK(GetExecutionContext()->IsContextThread());

   const String host = Host();

@@ -248,6 +249,7 @@ void NetworkInformation::ContextDestroyed() {

 }

 void NetworkInformation::StartObserving() {

+  if ((true)) return;

   if (!IsObserving() && !context_stopped_) {

     type_ = GetNetworkStateNotifier().ConnectionType();

     DCHECK(!connection_observer_handle_);

@@ -258,6 +260,7 @@ void NetworkInformation::StartObserving() {

 }

 void NetworkInformation::StopObserving() {

+  if ((true)) return;

   if (IsObserving()) {

     DCHECK(connection_observer_handle_);

     connection_observer_handle_ = nullptr;

diff --git a/third_party/blink/renderer/platform/network/network_state_notifier.cc b/third_party/blink/renderer/platform/network/network_state_notifier.cc

--- a/third_party/blink/renderer/platform/network/network_state_notifier.cc

+++ b/third_party/blink/renderer/platform/network/network_state_notifier.cc

@@ -102,6 +102,17 @@ NetworkStateNotifier::ScopedNotifier::~ScopedNotifier() {

   }

 }

+NetworkStateNotifier::NetworkStateNotifier() : has_override_(false) {

+  // set default data

+  SetNetworkConnectionInfoOverride(

+    /*on_line*/ true,

+    /*type*/ WebConnectionType::kWebConnectionTypeWifi,

+    /*effective_type*/ absl::nullopt,

+    /*http_rtt_msec*/ 0,

+    /*max_bandwidth_mbps*/ std::numeric_limits<double>::max());

+  SetNetworkQuality(/*effective_type*/ WebEffectiveConnectionType::kType4G, base::TimeDelta(), base::TimeDelta(), 10000);

+}

+

 NetworkStateNotifier::NetworkStateObserverHandle::NetworkStateObserverHandle(

     NetworkStateNotifier* notifier,

     NetworkStateNotifier::ObserverType type,

diff --git a/third_party/blink/renderer/platform/network/network_state_notifier.h b/third_party/blink/renderer/platform/network/network_state_notifier.h

--- a/third_party/blink/renderer/platform/network/network_state_notifier.h

+++ b/third_party/blink/renderer/platform/network/network_state_notifier.h

@@ -124,7 +124,7 @@ class PLATFORM_EXPORT NetworkStateNotifier {

     scoped_refptr<base::SingleThreadTaskRunner> task_runner_;

   };

-  NetworkStateNotifier() : has_override_(false) {}

+  NetworkStateNotifier();

   NetworkStateNotifier(const NetworkStateNotifier&) = delete;

   NetworkStateNotifier& operator=(const NetworkStateNotifier&) = delete;

--

2.25.1