Hardening against incognito mode detection: fix max storage buckets with session only cookies (#1754)

connection.rtt at zero is a sign of a bot driver for some fingerprinting scripts

[AUTO][FILECONTROL] - version 132.0.6834.122

[AUTO] Patches auto-rebase for 132.0.6834.122

[AUTO][DOC] Generate patches doc for master branch

[AUTO] Patches auto-rebase for master branch

Enable ProcessBoundStringEncryption by default in Windows: Data placed into a crypto::ProcessBoundString no longer appears in crash dumps
or memory dumps so should be used for any sensitive data that should be process-bound.
https://issuetracker.google.com/issues/372873695

disabling the use of system certificates by default (which can be activated from the ui).

Disable Web Bluetooth by default in desktop platforms: on desktop platforms, disable Bluetooth by default and activate the user-manageable content setting ui. (#1758)

PublicKeyCredential fingerprinting mitigations: Removes the possibility of obtaining the presence of Windows Hello and Bluetooth by querying the PublicKeyCredential of the webauth api in the Windows platform (#1758)

see https://issues.chromium.org/issues/40124716
and https://github.com/w3c/device-posture/blob/gh-pages/security-privacy-self-assessment.md

Partitioning all cookies by top frame domain: keep disabled kNativeUnpartitionedStoragePermittedWhen3PCOff and enable kDisallowSpaceCharacterInURLHostParsing by default

Turn on enforcements based on tracking the list of committed origins in ChildProcessSecurityPolicy::CanAccessMaybeOpaqueOrigin()
see https://issues.chromium.org/issues/40148776

Enable kUseBrowserCalculatedOrigin by default (will be activated by default with 133)
see https://issues.chromium.org/issues/40092527