|**Disable AppRating**<br><sub><nobr> Mon, 18 May 2026 15:44:56 +0000</nobr><br>File: [Disable-AppRating.patch](/build/patches/Disable-AppRating.patch)<br><nobr>Author: uazo</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-2.0-or-later</nobr> |Chromium Android includes an AppRating promo path that can trigger user-facing<br>review prompts through the Android app-rating integration. The implementation<br>depends on Google Play Review APIs provided by Google Play Services. Those<br>dependencies are already excluded by default in this fork through a separate<br>patch, making the AppRating feature non-functional and unnecessary.<br>Change:<br>Remove AppRatingPromoController from the optional promo selection flow and<br>exclude the app_rating Java and junit targets from the Android build graph.<br>Privacy/Security Impact:<br>Removes an unused user-engagement surface and avoids invoking review-related<br>logic tied to Google Play Services. No browser engine, network, Blink, V8,<br>storage, or process-isolation behavior is changed.<br>Notes:<br>AppRating depends on Google Play Review APIs from Google Play Services.<br>Since Google Play Services support is already excluded by default through a<br>separate patch, this change removes the now-unused integration and prevents<br>accidental reintroduction of the feature.|
|**Disable AsyncDNS by default**<br><sub><nobr> Sat, 26 Mar 2022 16:41:55 +0100</nobr><br>File: [Disable-AsyncDNS-by-default.patch](/build/patches/Disable-AsyncDNS-by-default.patch)<br><nobr>Author: csagan5</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-3.0-only</nobr> |This feature is detrimental to privacy, see also:<br>* https://bugs.chromium.org/p/chromium/issues/detail?id=805020|
|**Disable CSS blink-feature support**<br><sub><nobr> Mon, 29 Jul 2024 06:48:25 +0000</nobr><br>File: [Disable-CSS-blink-feature-support.patch](/build/patches/Disable-CSS-blink-feature-support.patch)<br><nobr>Author: uazo</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-2.0-or-later</nobr> |the function is not currently exposed to websites but is only allowed for testing.<br>disabled as it is an potentially advanced fingerprinting mechanism.<br>also fixed the possibility of using internal selectors for speculation rules.<br>see https://chromium-review.googlesource.com/c/chromium/src/+/5540782|
@@ -148,6 +149,7 @@
|**Do not use Windows ClearType Text Tuner setting**<br><sub><nobr> Tue, 16 Apr 2024 12:29:29 +0000</nobr><br>File: [Do-not-use-Windows-ClearType-Text-Tuner-setting.patch](/build/patches/Do-not-use-Windows-ClearType-Text-Tuner-setting.patch)<br><nobr>Author: uazo</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-2.0-or-later</nobr> ||
|**DoH improvements**<br><sub><nobr> Sat, 26 Sep 2020 14:23:19 +0100</nobr><br>File: [DoH-improvements.patch](/build/patches/DoH-improvements.patch)<br><nobr>Author: csagan5</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-3.0-only</nobr> |Enable secure mode by default<br>Always enforce DoH even with inconsistent system DNS configuration|
|**Enable -fwrapv in Clang for non-UBSan builds**<br><sub><nobr> Thu, 22 Dec 2016 07:15:34 -0500</nobr><br>File: [Enable-fwrapv-in-Clang-for-non-UBSan-builds.patch](/build/patches/Enable-fwrapv-in-Clang-for-non-UBSan-builds.patch)<br><nobr>Author: Daniel</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-3.0-only</nobr> |Using -fwrapv (notably only when not using signed integer overflow checking -<br>since it will override it and result in not performing checks) is just common<br>sense since it eliminates the chance of security vulnerabilities being<br>introduced by optimizations based on signed overflow being undefined.<br>That has happened before, and those optimizations don't even add up to a 0.1%<br>performance increase for this kind of software. It's not worth having.<br>The Linux kernel passes -fwrapv and also -fno-strict-aliasing to disable those<br>dangerous optimizations (since there is so much incorrect code they can break).<br>In fact, it is easy to point to dozens of known examples of invalid code that<br>could potentially be broken by those optimizations.<br>It is not acceptable for projects to be using optimizations that are known to<br>be broken with a bunch of code in their tree.<br>They put barely any effort into even fixing the known cases.<br>Chromium has blacklists for UBSan for 'false positives' (none of which are<br>actually false positives, but rather "undefined, but not a bug beyond<br>potentially being broken by optimizations or even code generation without<br>them") and also for components too full of these bugs for them to currently<br>want to bother with it. That includes a bunch of signed overflow issues<br>(there is sadly no detection for aliasing violations, which are fairly common,<br>but not that common).<br>Ideally, -fwrapv could be always passed, but unfortunately the way it is<br>implemented has silly interactions with other switches.<br>The reason it would still make sense to pass it is because due to their UBSan<br>blacklists, they get far from full coverage with it, so -fwrapv would still<br>be better than nothing where it's not being used.<br>Since -fwrapv makes signed integer overflow well-defined, Clang will disable<br>the UBSan checks for signed integer overflow, including in the<br>production-oriented trapping mode used for hardening.<br>Excerpt from https://github.com/bromite/bromite/issues/226|
|**Enable Android DevTools Frontend**<br><sub><nobr> Mon, 18 May 2026 14:39:41 +0000</nobr><br>File: [Enable-Android-DevTools-Frontend.patch](/build/patches/Enable-Android-DevTools-Frontend.patch)<br><nobr>Author: uazo</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-2.0-or-later</nobr> |Enable the Android DevTools frontend and remove Android-specific UI<br>restrictions that prevented access to developer features on phones.|
|**Enable Cert Management UI**<br><sub><nobr> Thu, 16 Jan 2025 09:43:07 +0000</nobr><br>File: [Enable-Cert-Management-UI.patch](/build/patches/Enable-Cert-Management-UI.patch)<br><nobr>Author: uazo</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-2.0-or-later</nobr> |Activates the ui of certificate management in desktop platforms,<br>disabling the use of system certificates by default (which can be activated from the ui).|
|**Enable Certificate Transparency**<br><sub><nobr> Fri, 10 Jun 2022 14:20:02 +0200</nobr><br>File: [Enable-Certificate-Transparency.patch](/build/patches/Enable-Certificate-Transparency.patch)<br><nobr>Author: csagan5</nobr><br><nobr>Context: </nobr><br><nobr>License: GPL-3.0-only</nobr> |Reporting/auditing functionalities are disabled; a flag is exposed.<br>Add guard to make sure that certificate transparency stays enabled<br>by default.|
