Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 4d8f944d authored by Carmelo Messina's avatar Carmelo Messina
Browse files

Internal firewall: enable download_manager_resume annotation (#1994)

parent 95f97f76

build/patches/Internal-firewall.patch

+11 −10
Original line number Diff line number Diff line
@@ -31,7 +31,7 @@ License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html 
 services/firewall/tools/codegen.py            |  82 +++

 services/firewall/tools/decode_template.py    |  85 +++

 services/firewall/tools/gen_builders.py       |  65 +++

 services/firewall/tools/rules.xml             |  96 ++++

 services/firewall/tools/rules.xml             |  97 ++++

 services/firewall/tools/rules_model.py        |  35 ++

 services/network/network_context.cc           |  73 +++

 .../network/public/cpp/simple_url_loader.cc   |  18 +
@@ -40,7 +40,7 @@ License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html 
 .../loader/fetch/url_loader/url_loader.cc     |   4 +-

 .../scripts/auditor/auditor.py                |   1 +

 .../scripts/auditor/util.py                   |   1 +

 31 files changed, 1655 insertions(+), 22 deletions(-)

 31 files changed, 1656 insertions(+), 22 deletions(-)

 create mode 100644 cromite_flags/chrome/browser/about_flags_cc/Internal-firewall.inc

 create mode 100644 services/firewall/public/BUILD.gn

 create mode 100644 services/firewall/public/firewall_features.cc
@@ -70,7 +70,7 @@ diff --git a/chrome/browser/BUILD.gn b/chrome/browser/BUILD.gn 
diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc

--- a/chrome/browser/about_flags.cc

+++ b/chrome/browser/about_flags.cc

@@ -228,6 +228,7 @@

@@ -229,6 +229,7 @@

 #include "sandbox/policy/features.h"

 #include "sandbox/policy/switches.h"

 #include "services/device/public/cpp/device_features.h"
@@ -1514,7 +1514,7 @@ diff --git a/services/firewall/tools/rules.xml b/services/firewall/tools/rules.x 
new file mode 100644

--- /dev/null

+++ b/services/firewall/tools/rules.xml

@@ -0,0 +1,96 @@

@@ -0,0 +1,97 @@

+<?xml version="1.0"?>

+<!--

+    This file is part of Bromite.
@@ -1545,6 +1545,7 @@ new file mode 100644 
+ <item id="download_web_contents_frame" allowed="1"/>

+ <item id="save_file_manager" allowed="1"/>

+ <item id="download_via_toolbar_menu" allowed="1"/>

+ <item id="download_manager_resume" allowed="1"/>

+

+ <!-- Disallow temporarily controlling the revoked list,

+      suffers from possible privacy problems -->
@@ -1662,7 +1663,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont 
 #include "services/network/brokered_client_socket_factory.h"

 #include "services/network/cookie_manager.h"

 #include "services/network/data_remover_util.h"

@@ -1817,6 +1818,9 @@ void NetworkContext::OnNewSCTAuditingReportSent() {

@@ -1821,6 +1822,9 @@ void NetworkContext::OnNewSCTAuditingReportSent() {

 void NetworkContext::CreateUDPSocket(

     mojo::PendingReceiver<mojom::UDPSocket> receiver,

     mojo::PendingRemote<mojom::UDPSocketListener> listener) {
@@ -1672,7 +1673,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont 
   socket_factory_->CreateUDPSocket(std::move(receiver), std::move(listener));

 }

 

@@ -1829,6 +1833,17 @@ void NetworkContext::CreateRestrictedUDPSocket(

@@ -1833,6 +1837,17 @@ void NetworkContext::CreateRestrictedUDPSocket(

     mojo::PendingRemote<mojom::UDPSocketListener> listener,

     CreateRestrictedUDPSocketCallback callback) {

   // SimpleHostResolver is transitively owned by |this|.
@@ -1690,7 +1691,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont 
   socket_factory_->CreateRestrictedUDPSocket(

       addr, mode, traffic_annotation, std::move(params), std::move(receiver),

       std::move(listener), SimpleHostResolver::Create(this),

@@ -1841,6 +1856,17 @@ void NetworkContext::CreateTCPServerSocket(

@@ -1845,6 +1860,17 @@ void NetworkContext::CreateTCPServerSocket(

     const net::MutableNetworkTrafficAnnotationTag& traffic_annotation,

     mojo::PendingReceiver<mojom::TCPServerSocket> receiver,

     CreateTCPServerSocketCallback callback) {
@@ -1708,7 +1709,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont 
   socket_factory_->CreateTCPServerSocket(

       local_addr, std::move(options),

       static_cast<net::NetworkTrafficAnnotationTag>(traffic_annotation),

@@ -1855,6 +1881,21 @@ void NetworkContext::CreateTCPConnectedSocket(

@@ -1859,6 +1885,21 @@ void NetworkContext::CreateTCPConnectedSocket(

     mojo::PendingReceiver<mojom::TCPConnectedSocket> receiver,

     mojo::PendingRemote<mojom::SocketObserver> observer,

     CreateTCPConnectedSocketCallback callback) {
@@ -1730,7 +1731,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont 
   socket_factory_->CreateTCPConnectedSocket(

       local_addr, remote_addr_list, std::move(tcp_connected_socket_options),

       static_cast<net::NetworkTrafficAnnotationTag>(traffic_annotation),

@@ -1866,6 +1907,20 @@ void NetworkContext::CreateTCPBoundSocket(

@@ -1870,6 +1911,20 @@ void NetworkContext::CreateTCPBoundSocket(

     const net::MutableNetworkTrafficAnnotationTag& traffic_annotation,

     mojo::PendingReceiver<mojom::TCPBoundSocket> receiver,

     CreateTCPBoundSocketCallback callback) {
@@ -1751,7 +1752,7 @@ diff --git a/services/network/network_context.cc b/services/network/network_cont 
   socket_factory_->CreateTCPBoundSocket(

       local_addr,

       static_cast<net::NetworkTrafficAnnotationTag>(traffic_annotation),

@@ -1932,6 +1987,24 @@ void NetworkContext::CreateWebSocket(

@@ -1936,6 +1991,24 @@ void NetworkContext::CreateWebSocket(

     mojo::PendingRemote<mojom::WebSocketAuthenticationHandler> auth_handler,

     mojo::PendingRemote<mojom::TrustedHeaderClient> header_client,

     const std::optional<base::UnguessableToken>& throttling_profile_id) {