Loading CHANGELOG.md +13 −1 Original line number Diff line number Diff line # 78.0.3904.93 * introduce flags to disable browser fingerprinting capabilities (fixes https://github.com/bromite/bromite/issues/402) * major enhancements to AMP sanitization for news/images * remove duplicate network predictions privacy setting * disable some signed exchanges features * ungoogled-chromium-android: patches to block all GCM/GMS/PlayServices integrations * ungoogled-chromium: block all connection requests to substituted domains * disable GVR services build flag * disable HEAD requests for single words typed and clicked in Omnibar * increase number of autocomplete matches from 5 to 10 * replace DoH probe domain with RIPE domain # 78.0.3904.72 * updated fixed User-agent phone model * updated User-agent phone model and version * fix network predictions bug (fixes https://github.com/bromite/bromite/issues/387) * fix crash in settings (fixes https://github.com/bromite/bromite/issues/388) Loading README.md +1 −0 Original line number Diff line number Diff line Loading @@ -152,6 +152,7 @@ Bromite uses an unindexed filter file, which is periodically published at https: * [Chromium project](https://www.chromium.org/Home) and developers * [Iridium project](https://github.com/iridium-browser) for some patches * [ungoogled-chromium](https://github.com/Eloston/ungoogled-chromium) for some patches * [ungoogled-chromium-android](https://github.com/ungoogled-software/ungoogled-chromium-android) for some patches * [GrapheneOS](https://github.com/GrapheneOS) for some security patches * [Inox patchset](https://github.com/gcarq/inox-patchset) for some patches (via ungoogled-chromium) * [Brave Browser](https://github.com/brave/browser-android-tabs) for some patches Loading build/GN_ARGS +3 −0 Original line number Diff line number Diff line Loading @@ -2,8 +2,10 @@ android_channel="stable" blink_symbol_level=1 dcheck_always_on=false debuggable_apks=false disable_android_lint=true enable_ac3_eac3_audio_demuxing=true enable_hevc_demuxing=true enable_iterator_debugging=false enable_av1_decoder=true enable_gvr_services=false enable_hangout_services_extension=false enable_mdns=false enable_mse_mpeg2ts_stream_parser=true ffmpeg_branding="Chrome" proprietary_codecs=true Loading @@ -19,6 +21,7 @@ is_component_build=false is_debug=false is_official_build=true jumbo_file_merge_limit=60 rtc_build_examples=false safe_browsing_mode=0 strip_absolute_paths_from_debug_symbols=true strip_debug_info=false Loading build/bromite_patches_list.txt +20 −8 Original line number Diff line number Diff line Loading @@ -19,7 +19,6 @@ Do-not-store-passwords-by-default.patch Disable-NTP-remote-suggestions-by-default.patch Disable-references-to-fonts.googleapis.com.patch Disable-WebRTC-by-default.patch Disable-unused-permissions.patch Never-send-any-crash-upload-data.patch Hide-send-reports-checkbox.patch Never-fetch-popular-sites.patch Loading @@ -38,11 +37,9 @@ safe_browsing-disable-incident-reporting.patch safe_browsing-disable-reporting-of-safebrowsing-override.patch safe_browsing-disable-cookie-transmission.patch Disable-safe-browsing.patch Disable-data-saver.patch Skip-the-first-run-and-metrics.patch Disable-signin-and-data-saver-preferences.patch Disable-signin-data-reduction-promos.patch Remove-recent-tabs-signin.patch Disable-all-promo-dialogs.patch Remove-signin-and-data-saver-integrations.patch Remove-background-sync-and-translate-menu-options.patch Hide-passwords-manager-link.patch Disable-Omaha-update-checks.patch Loading @@ -64,11 +61,10 @@ Open-YouTube-links-in-Bromite.patch Add-exit-menu-item.patch Remove-help-menu-item.patch Add-menu-option-to-toggle-global-Javascript-preference.patch Add-global-menu-entry-to-toggle-AdBlocker.patch Add-menu-option-to-toggle-ad-blocker.patch User-Agent-anonymize.patch AudioBuffer-AnalyserNode-fingerprinting-mitigations-via-IDL.patch getClientRects-getBoundingClientRect-measureText-add-fingerprinting-mitigation.patch Canvas-fingerprinting-mitigations-for-image-data-and-webGL.patch Multiple-fingerprinting-mitigations-for-canvas-text-and-client-rectangles.patch Add-flags-to-disable-device-motion-and-orientation-APIs.patch Punt-the-Widevine-version-string.patch Disable-metrics-on-all-I-O-threads.patch Loading Loading @@ -96,7 +92,18 @@ kill-Translate.patch kill-Vision.patch kill-Location-fall-back-to-system.patch kill-Auth.patch Remove-dependency-on-com.google.android.gms.auth.patch kill-GCM.patch Remove-dependency-on-com.google.android.gcm.patch Remove-dependency-on-com.google.android.gms.gcm.patch Remove-dependency-on-com.google.android.play.patch Remove-dependency-on-com.google.android.gms.vision-com.google.android.gms.clearcut-com.google.android.gms.phenotype.patch Remove-dependency-on-com.google.android.gms.flags-com.google.android.gms.location.places-com.google.android.gms.stats.patch Remove-dependency-on-com.google.android.gms.fido-com.google.android.gms.iid-com.google.android.gms.instantapps-com.google.android.gms.location.patch Remove-dependency-on-com.google.android.gms.cast.patch Remove-dependency-on-com.google.android.gms.common-auth-signin-dynamic-com.google.android.gms.tasks.patch Remove-play-dependency-for-module-installer.patch Remove-SMS-integration.patch Allow-website-sign-in-without-account-sign-in.patch Offer-builtin-autocomplete-for-chrome-flags.patch Do-not-grant-notifications-to-default-search-engine.patch Loading Loading @@ -127,3 +134,8 @@ Disable-search-ready-omnibox-by-default.patch disable-AdsBlockedInfoBar.patch Bromite-AdBlockUpdaterService.patch Revert-Merge-to-M78-Enable-AImageReader-by-default.patch Replace-DoH-probe-domain-with-RIPE-domain.patch Increase-number-of-autocomplete-matches-from-5-to-10.patch Disable-HEAD-requests-for-single-word-Omnibar-searches.patch Block-all-connection-requests-with-qjz9zk-in-the-domain-name-or-with-a-trk-scheme.patch Disable-some-signed-exchange-features.patch build/patches/Add-a-flag-for-DNS-over-HTTPS.patch +43 −11 Original line number Diff line number Diff line Loading @@ -10,20 +10,22 @@ Do not fallback to UDP when using DoH See also: https://tools.ietf.org/id/draft-ietf-doh-dns-over-https-14.txt --- chrome/browser/about_flags.cc | 11 +++++++++++ chrome/browser/about_flags.cc | 10 +++++++++- chrome/browser/net/system_network_context_manager.cc | 18 +++++++++++------- chrome/common/chrome_features.cc | 9 --------- chrome/common/chrome_features.h | 2 -- .../common/network_features.cc | 6 ++++++ .../common/network_features.h | 6 ++++++ .../common/network_switch_list.h | 4 ++++ net/base/load_flags_list.h | 6 ++++++ net/dns/dns_transaction.cc | 4 ++-- net/url_request/url_request_http_job.cc | 16 +++++++++++----- 8 files changed, 57 insertions(+), 14 deletions(-) 10 files changed, 55 insertions(+), 26 deletions(-) diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc --- a/chrome/browser/about_flags.cc +++ b/chrome/browser/about_flags.cc @@ -417,6 +417,14 @@ const FeatureEntry::FeatureVariation kCCTModuleCacheVariations[] = { @@ -418,6 +418,14 @@ const FeatureEntry::FeatureVariation kCCTModuleCacheVariations[] = { base::size(kCCTModuleCache_ThirtyMinutes), nullptr}, }; Loading @@ -38,16 +40,15 @@ diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc #endif // OS_ANDROID const FeatureEntry::FeatureParam kForceDark_SimpleHsl[] = { @@ -3578,6 +3586,9 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kEnableSyncUSSBookmarksName, flag_descriptions::kEnableSyncUSSBookmarksDescription, kOsAll, FEATURE_VALUE_TYPE(switches::kSyncUSSBookmarks)}, + {"enable-dns-over-https", flag_descriptions::kDnsOverHttpsName, + flag_descriptions::kDnsOverHttpsDescription, kOsAndroid, @@ -4491,7 +4499,7 @@ const FeatureEntry kFeatureEntries[] = { {"dns-over-https", flag_descriptions::kDnsOverHttpsName, flag_descriptions::kDnsOverHttpsDescription, kOsMac | kOsWin | kOsCrOS | kOsAndroid, - FEATURE_VALUE_TYPE(features::kDnsOverHttps)}, + MULTI_VALUE_TYPE(kDnsOverHttpsChoices)}, {"enable-lookalike-url-navigation-suggestions", flag_descriptions::kLookalikeUrlNavigationSuggestionsName, #if defined(OS_ANDROID) {"tab-switcher-longpress-menu", diff --git a/chrome/browser/net/system_network_context_manager.cc b/chrome/browser/net/system_network_context_manager.cc --- a/chrome/browser/net/system_network_context_manager.cc +++ b/chrome/browser/net/system_network_context_manager.cc Loading Loading @@ -91,6 +92,37 @@ diff --git a/chrome/browser/net/system_network_context_manager.cc b/chrome/brows local_state_->SetDefaultPrefValue(prefs::kDnsOverHttpsMode, base::Value(default_doh_mode)); local_state_->SetDefaultPrefValue(prefs::kDnsOverHttpsTemplates, diff --git a/chrome/common/chrome_features.cc b/chrome/common/chrome_features.cc --- a/chrome/common/chrome_features.cc +++ b/chrome/common/chrome_features.cc @@ -269,15 +269,6 @@ const base::Feature kDisallowUnsafeHttpDownloads{ "DisallowUnsafeHttpDownloads", base::FEATURE_DISABLED_BY_DEFAULT}; const char kDisallowUnsafeHttpDownloadsParamName[] = "MimeTypeList"; -// Enable DNS over HTTPS (DoH). -const base::Feature kDnsOverHttps{"DnsOverHttps", - base::FEATURE_DISABLED_BY_DEFAULT}; - -// Set whether fallback to insecure DNS is allowed by default. This setting may -// be overridden for individual transactions. -const base::FeatureParam<bool> kDnsOverHttpsFallbackParam{&kDnsOverHttps, - "Fallback", true}; - // Supply one or more space-separated DoH server URI templates to use when this // feature is enabled. If no templates are specified, then a hardcoded mapping // will be used to construct a list of DoH templates associated with the IP diff --git a/chrome/common/chrome_features.h b/chrome/common/chrome_features.h --- a/chrome/common/chrome_features.h +++ b/chrome/common/chrome_features.h @@ -166,8 +166,6 @@ extern const char kDisallowUnsafeHttpDownloadsParamName[]; COMPONENT_EXPORT(CHROME_FEATURES) extern const base::Feature kDnsOverHttps; COMPONENT_EXPORT(CHROME_FEATURES) -extern const base::FeatureParam<bool> kDnsOverHttpsFallbackParam; -COMPONENT_EXPORT(CHROME_FEATURES) extern const base::FeatureParam<std::string> kDnsOverHttpsTemplatesParam; #if defined(OS_ANDROID) diff --git a/components/network_session_configurator/common/network_features.cc b/components/network_session_configurator/common/network_features.cc --- a/components/network_session_configurator/common/network_features.cc +++ b/components/network_session_configurator/common/network_features.cc Loading Loading
CHANGELOG.md +13 −1 Original line number Diff line number Diff line # 78.0.3904.93 * introduce flags to disable browser fingerprinting capabilities (fixes https://github.com/bromite/bromite/issues/402) * major enhancements to AMP sanitization for news/images * remove duplicate network predictions privacy setting * disable some signed exchanges features * ungoogled-chromium-android: patches to block all GCM/GMS/PlayServices integrations * ungoogled-chromium: block all connection requests to substituted domains * disable GVR services build flag * disable HEAD requests for single words typed and clicked in Omnibar * increase number of autocomplete matches from 5 to 10 * replace DoH probe domain with RIPE domain # 78.0.3904.72 * updated fixed User-agent phone model * updated User-agent phone model and version * fix network predictions bug (fixes https://github.com/bromite/bromite/issues/387) * fix crash in settings (fixes https://github.com/bromite/bromite/issues/388) Loading
README.md +1 −0 Original line number Diff line number Diff line Loading @@ -152,6 +152,7 @@ Bromite uses an unindexed filter file, which is periodically published at https: * [Chromium project](https://www.chromium.org/Home) and developers * [Iridium project](https://github.com/iridium-browser) for some patches * [ungoogled-chromium](https://github.com/Eloston/ungoogled-chromium) for some patches * [ungoogled-chromium-android](https://github.com/ungoogled-software/ungoogled-chromium-android) for some patches * [GrapheneOS](https://github.com/GrapheneOS) for some security patches * [Inox patchset](https://github.com/gcarq/inox-patchset) for some patches (via ungoogled-chromium) * [Brave Browser](https://github.com/brave/browser-android-tabs) for some patches Loading
build/GN_ARGS +3 −0 Original line number Diff line number Diff line Loading @@ -2,8 +2,10 @@ android_channel="stable" blink_symbol_level=1 dcheck_always_on=false debuggable_apks=false disable_android_lint=true enable_ac3_eac3_audio_demuxing=true enable_hevc_demuxing=true enable_iterator_debugging=false enable_av1_decoder=true enable_gvr_services=false enable_hangout_services_extension=false enable_mdns=false enable_mse_mpeg2ts_stream_parser=true ffmpeg_branding="Chrome" proprietary_codecs=true Loading @@ -19,6 +21,7 @@ is_component_build=false is_debug=false is_official_build=true jumbo_file_merge_limit=60 rtc_build_examples=false safe_browsing_mode=0 strip_absolute_paths_from_debug_symbols=true strip_debug_info=false Loading
build/bromite_patches_list.txt +20 −8 Original line number Diff line number Diff line Loading @@ -19,7 +19,6 @@ Do-not-store-passwords-by-default.patch Disable-NTP-remote-suggestions-by-default.patch Disable-references-to-fonts.googleapis.com.patch Disable-WebRTC-by-default.patch Disable-unused-permissions.patch Never-send-any-crash-upload-data.patch Hide-send-reports-checkbox.patch Never-fetch-popular-sites.patch Loading @@ -38,11 +37,9 @@ safe_browsing-disable-incident-reporting.patch safe_browsing-disable-reporting-of-safebrowsing-override.patch safe_browsing-disable-cookie-transmission.patch Disable-safe-browsing.patch Disable-data-saver.patch Skip-the-first-run-and-metrics.patch Disable-signin-and-data-saver-preferences.patch Disable-signin-data-reduction-promos.patch Remove-recent-tabs-signin.patch Disable-all-promo-dialogs.patch Remove-signin-and-data-saver-integrations.patch Remove-background-sync-and-translate-menu-options.patch Hide-passwords-manager-link.patch Disable-Omaha-update-checks.patch Loading @@ -64,11 +61,10 @@ Open-YouTube-links-in-Bromite.patch Add-exit-menu-item.patch Remove-help-menu-item.patch Add-menu-option-to-toggle-global-Javascript-preference.patch Add-global-menu-entry-to-toggle-AdBlocker.patch Add-menu-option-to-toggle-ad-blocker.patch User-Agent-anonymize.patch AudioBuffer-AnalyserNode-fingerprinting-mitigations-via-IDL.patch getClientRects-getBoundingClientRect-measureText-add-fingerprinting-mitigation.patch Canvas-fingerprinting-mitigations-for-image-data-and-webGL.patch Multiple-fingerprinting-mitigations-for-canvas-text-and-client-rectangles.patch Add-flags-to-disable-device-motion-and-orientation-APIs.patch Punt-the-Widevine-version-string.patch Disable-metrics-on-all-I-O-threads.patch Loading Loading @@ -96,7 +92,18 @@ kill-Translate.patch kill-Vision.patch kill-Location-fall-back-to-system.patch kill-Auth.patch Remove-dependency-on-com.google.android.gms.auth.patch kill-GCM.patch Remove-dependency-on-com.google.android.gcm.patch Remove-dependency-on-com.google.android.gms.gcm.patch Remove-dependency-on-com.google.android.play.patch Remove-dependency-on-com.google.android.gms.vision-com.google.android.gms.clearcut-com.google.android.gms.phenotype.patch Remove-dependency-on-com.google.android.gms.flags-com.google.android.gms.location.places-com.google.android.gms.stats.patch Remove-dependency-on-com.google.android.gms.fido-com.google.android.gms.iid-com.google.android.gms.instantapps-com.google.android.gms.location.patch Remove-dependency-on-com.google.android.gms.cast.patch Remove-dependency-on-com.google.android.gms.common-auth-signin-dynamic-com.google.android.gms.tasks.patch Remove-play-dependency-for-module-installer.patch Remove-SMS-integration.patch Allow-website-sign-in-without-account-sign-in.patch Offer-builtin-autocomplete-for-chrome-flags.patch Do-not-grant-notifications-to-default-search-engine.patch Loading Loading @@ -127,3 +134,8 @@ Disable-search-ready-omnibox-by-default.patch disable-AdsBlockedInfoBar.patch Bromite-AdBlockUpdaterService.patch Revert-Merge-to-M78-Enable-AImageReader-by-default.patch Replace-DoH-probe-domain-with-RIPE-domain.patch Increase-number-of-autocomplete-matches-from-5-to-10.patch Disable-HEAD-requests-for-single-word-Omnibar-searches.patch Block-all-connection-requests-with-qjz9zk-in-the-domain-name-or-with-a-trk-scheme.patch Disable-some-signed-exchange-features.patch
build/patches/Add-a-flag-for-DNS-over-HTTPS.patch +43 −11 Original line number Diff line number Diff line Loading @@ -10,20 +10,22 @@ Do not fallback to UDP when using DoH See also: https://tools.ietf.org/id/draft-ietf-doh-dns-over-https-14.txt --- chrome/browser/about_flags.cc | 11 +++++++++++ chrome/browser/about_flags.cc | 10 +++++++++- chrome/browser/net/system_network_context_manager.cc | 18 +++++++++++------- chrome/common/chrome_features.cc | 9 --------- chrome/common/chrome_features.h | 2 -- .../common/network_features.cc | 6 ++++++ .../common/network_features.h | 6 ++++++ .../common/network_switch_list.h | 4 ++++ net/base/load_flags_list.h | 6 ++++++ net/dns/dns_transaction.cc | 4 ++-- net/url_request/url_request_http_job.cc | 16 +++++++++++----- 8 files changed, 57 insertions(+), 14 deletions(-) 10 files changed, 55 insertions(+), 26 deletions(-) diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc --- a/chrome/browser/about_flags.cc +++ b/chrome/browser/about_flags.cc @@ -417,6 +417,14 @@ const FeatureEntry::FeatureVariation kCCTModuleCacheVariations[] = { @@ -418,6 +418,14 @@ const FeatureEntry::FeatureVariation kCCTModuleCacheVariations[] = { base::size(kCCTModuleCache_ThirtyMinutes), nullptr}, }; Loading @@ -38,16 +40,15 @@ diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc #endif // OS_ANDROID const FeatureEntry::FeatureParam kForceDark_SimpleHsl[] = { @@ -3578,6 +3586,9 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kEnableSyncUSSBookmarksName, flag_descriptions::kEnableSyncUSSBookmarksDescription, kOsAll, FEATURE_VALUE_TYPE(switches::kSyncUSSBookmarks)}, + {"enable-dns-over-https", flag_descriptions::kDnsOverHttpsName, + flag_descriptions::kDnsOverHttpsDescription, kOsAndroid, @@ -4491,7 +4499,7 @@ const FeatureEntry kFeatureEntries[] = { {"dns-over-https", flag_descriptions::kDnsOverHttpsName, flag_descriptions::kDnsOverHttpsDescription, kOsMac | kOsWin | kOsCrOS | kOsAndroid, - FEATURE_VALUE_TYPE(features::kDnsOverHttps)}, + MULTI_VALUE_TYPE(kDnsOverHttpsChoices)}, {"enable-lookalike-url-navigation-suggestions", flag_descriptions::kLookalikeUrlNavigationSuggestionsName, #if defined(OS_ANDROID) {"tab-switcher-longpress-menu", diff --git a/chrome/browser/net/system_network_context_manager.cc b/chrome/browser/net/system_network_context_manager.cc --- a/chrome/browser/net/system_network_context_manager.cc +++ b/chrome/browser/net/system_network_context_manager.cc Loading Loading @@ -91,6 +92,37 @@ diff --git a/chrome/browser/net/system_network_context_manager.cc b/chrome/brows local_state_->SetDefaultPrefValue(prefs::kDnsOverHttpsMode, base::Value(default_doh_mode)); local_state_->SetDefaultPrefValue(prefs::kDnsOverHttpsTemplates, diff --git a/chrome/common/chrome_features.cc b/chrome/common/chrome_features.cc --- a/chrome/common/chrome_features.cc +++ b/chrome/common/chrome_features.cc @@ -269,15 +269,6 @@ const base::Feature kDisallowUnsafeHttpDownloads{ "DisallowUnsafeHttpDownloads", base::FEATURE_DISABLED_BY_DEFAULT}; const char kDisallowUnsafeHttpDownloadsParamName[] = "MimeTypeList"; -// Enable DNS over HTTPS (DoH). -const base::Feature kDnsOverHttps{"DnsOverHttps", - base::FEATURE_DISABLED_BY_DEFAULT}; - -// Set whether fallback to insecure DNS is allowed by default. This setting may -// be overridden for individual transactions. -const base::FeatureParam<bool> kDnsOverHttpsFallbackParam{&kDnsOverHttps, - "Fallback", true}; - // Supply one or more space-separated DoH server URI templates to use when this // feature is enabled. If no templates are specified, then a hardcoded mapping // will be used to construct a list of DoH templates associated with the IP diff --git a/chrome/common/chrome_features.h b/chrome/common/chrome_features.h --- a/chrome/common/chrome_features.h +++ b/chrome/common/chrome_features.h @@ -166,8 +166,6 @@ extern const char kDisallowUnsafeHttpDownloadsParamName[]; COMPONENT_EXPORT(CHROME_FEATURES) extern const base::Feature kDnsOverHttps; COMPONENT_EXPORT(CHROME_FEATURES) -extern const base::FeatureParam<bool> kDnsOverHttpsFallbackParam; -COMPONENT_EXPORT(CHROME_FEATURES) extern const base::FeatureParam<std::string> kDnsOverHttpsTemplatesParam; #if defined(OS_ANDROID) diff --git a/components/network_session_configurator/common/network_features.cc b/components/network_session_configurator/common/network_features.cc --- a/components/network_session_configurator/common/network_features.cc +++ b/components/network_session_configurator/common/network_features.cc Loading
