diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2022-11-28 16:14:41 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2022-12-13 15:19:41 +0000 |
commit | 61d9742824d54be5693191fe502325a909feca59 (patch) | |
tree | cbf28e779b11338fe52eb75b915684cd8955542c /chromium/net/base/features.h | |
parent | 45f9ded08bb7526984b24ccb5a5327aaf6821676 (diff) | |
download | qtwebengine-chromium-61d9742824d54be5693191fe502325a909feca59.tar.gz |
BASELINE: Update Chromium to 108.0.5359.70
Change-Id: I77334ff232b819600f275bd3cfe41fbaa3619230
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/445904
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'chromium/net/base/features.h')
-rw-r--r-- | chromium/net/base/features.h | 250 |
1 files changed, 95 insertions, 155 deletions
diff --git a/chromium/net/base/features.h b/chromium/net/base/features.h index 6729475a475..745c3488f09 100644 --- a/chromium/net/base/features.h +++ b/chromium/net/base/features.h @@ -1,4 +1,4 @@ -// Copyright (c) 2018 The Chromium Authors. All rights reserved. +// Copyright 2018 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -20,18 +20,18 @@ namespace net::features { // Enables ALPS extension of TLS 1.3 for HTTP/2, see // https://vasilvv.github.io/tls-alps/draft-vvv-tls-alps.html and // https://vasilvv.github.io/httpbis-alps/draft-vvv-httpbis-alps.html. -NET_EXPORT extern const base::Feature kAlpsForHttp2; +NET_EXPORT BASE_DECLARE_FEATURE(kAlpsForHttp2); // Disable H2 reprioritization, in order to measure its impact. -NET_EXPORT extern const base::Feature kAvoidH2Reprioritization; +NET_EXPORT BASE_DECLARE_FEATURE(kAvoidH2Reprioritization); // When kCapReferrerToOriginOnCrossOrigin is enabled, HTTP referrers on cross- // origin requests are restricted to contain at most the source origin. -NET_EXPORT extern const base::Feature kCapReferrerToOriginOnCrossOrigin; +NET_EXPORT BASE_DECLARE_FEATURE(kCapReferrerToOriginOnCrossOrigin); // Support for altering the parameters used for DNS transaction timeout. See // ResolveContext::SecureTransactionTimeout(). -NET_EXPORT extern const base::Feature kDnsTransactionDynamicTimeouts; +NET_EXPORT BASE_DECLARE_FEATURE(kDnsTransactionDynamicTimeouts); // Multiplier applied to current fallback periods in determining a transaction // timeout. NET_EXPORT extern const base::FeatureParam<double> @@ -39,75 +39,10 @@ NET_EXPORT extern const base::FeatureParam<double> NET_EXPORT extern const base::FeatureParam<base::TimeDelta> kDnsMinTransactionTimeout; -// Enables DNS query-only experiments for HTTPSSVC or INTEGRITY records, -// depending on feature parameters. Received responses never affect Chrome -// behavior other than metrics. -// -// Not to be confused with `kUseDnsHttpsSvcb` which is querying HTTPS in order -// to affect Chrome connection behavior. -NET_EXPORT extern const base::Feature kDnsHttpssvc; - -// Determine which kind of record should be queried: HTTPSSVC or INTEGRITY. No -// more than one of these feature parameters should be enabled at once. In the -// event that both are enabled, |kDnsHttpssvcUseIntegrity| takes priority, and -// |kDnsHttpssvcUseHttpssvc| will be ignored. -NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseHttpssvc; -NET_EXPORT extern const base::FeatureParam<bool> kDnsHttpssvcUseIntegrity; - -// Enable HTTPSSVC or INTEGRITY to be queried over insecure DNS. -NET_EXPORT extern const base::FeatureParam<bool> - kDnsHttpssvcEnableQueryOverInsecure; - -// If we are still waiting for an HTTPSSVC or INTEGRITY query after all the -// other queries in a DnsTask have completed, we will compute a timeout for the -// remaining query. The timeout will be the min of: -// (a) |kDnsHttpssvcExtraTimeMs.Get()| -// (b) |kDnsHttpssvcExtraTimePercent.Get() / 100 * t|, where |t| is the -// number of milliseconds since the first query began. -NET_EXPORT extern const base::FeatureParam<int> kDnsHttpssvcExtraTimeMs; -NET_EXPORT extern const base::FeatureParam<int> kDnsHttpssvcExtraTimePercent; - -// These parameters, respectively, are the list of experimental and control -// domains for which we will query HTTPSSVC or INTEGRITY records. We expect -// valid INTEGRITY results for experiment domains. We expect no INTEGRITY -// results for control domains. -// -// The format of both parameters is a comma-separated list of domains. -// Whitespace around domain names is permitted. Trailing comma is optional. -// -// See helper functions: -// |dns_httpssvc_experiment::GetDnsHttpssvcExperimentDomains| and -// |dns_httpssvc_experiment::GetDnsHttpssvcControlDomains|. -NET_EXPORT extern const base::FeatureParam<std::string> - kDnsHttpssvcExperimentDomains; -NET_EXPORT extern const base::FeatureParam<std::string> - kDnsHttpssvcControlDomains; - -// This param controls how we determine whether a domain is an experimental or -// control domain. When false, domains must be in |kDnsHttpssvcControlDomains| -// to be considered a control. When true, we ignore |kDnsHttpssvcControlDomains| -// and any non-experiment domain (not in |kDnsHttpssvcExperimentDomains|) is -// considered a control domain. -NET_EXPORT extern const base::FeatureParam<bool> - kDnsHttpssvcControlDomainWildcard; - -namespace dns_httpssvc_experiment { -// Get the value of |kDnsHttpssvcExtraTimeMs|. -NET_EXPORT base::TimeDelta GetExtraTimeAbsolute(); -} // namespace dns_httpssvc_experiment - // Enables querying HTTPS DNS records that will affect results from HostResolver // and may be used to affect connection behavior. Whether or not those results // are used (e.g. to connect via ECH) may be controlled by separate features. -// -// Not to be confused with `kDnsHttpssvc` which is for experiment-only queries -// where received HTTPS results do not affect Chrome behavior and are only used -// for metrics. -NET_EXPORT extern const base::Feature kUseDnsHttpsSvcb; - -// Param to control whether or not presence of an HTTPS record for an HTTP -// request will force an HTTP->HTTPS upgrade redirect. -NET_EXPORT extern const base::FeatureParam<bool> kUseDnsHttpsSvcbHttpUpgrade; +NET_EXPORT BASE_DECLARE_FEATURE(kUseDnsHttpsSvcb); // Param to control whether or not HostResolver, when using Secure DNS, will // fail the entire connection attempt when receiving an inconclusive response to @@ -116,10 +51,6 @@ NET_EXPORT extern const base::FeatureParam<bool> kUseDnsHttpsSvcbHttpUpgrade; NET_EXPORT extern const base::FeatureParam<bool> kUseDnsHttpsSvcbEnforceSecureResponse; -// Param to control whether HTTPS queries will be allowed via Insecure DNS -// (instead of just via Secure DNS). -NET_EXPORT extern const base::FeatureParam<bool> kUseDnsHttpsSvcbEnableInsecure; - // If we are still waiting for an HTTPS transaction after all the // other transactions in an insecure DnsTask have completed, we will compute a // timeout for the remaining transaction. The timeout will be @@ -152,65 +83,52 @@ NET_EXPORT extern const base::FeatureParam<int> NET_EXPORT extern const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbSecureExtraTimeMin; -// Deprecated in favor of `kUseDnsHttpsSvcbInsecureExtraTime...` and -// `kUseDnsHttpsSvcbSecureExtraTime...` params. Ignored for insecure DnsTasks if -// any `kUseDnsHttpsSvcbInsecureExtraTime...` params are non-zero, and ignored -// for secure DnsTasks if any `kUseDnsHttpsSvcbSecureExtraTime...` params are -// non-zero. -NET_EXPORT extern const base::FeatureParam<base::TimeDelta> - kUseDnsHttpsSvcbExtraTimeAbsolute; -NET_EXPORT extern const base::FeatureParam<int> - kUseDnsHttpsSvcbExtraTimePercent; - // Update protocol using ALPN information in HTTPS DNS records. -NET_EXPORT extern const base::Feature kUseDnsHttpsSvcbAlpn; +NET_EXPORT BASE_DECLARE_FEATURE(kUseDnsHttpsSvcbAlpn); // Enables TLS 1.3 early data. -NET_EXPORT extern const base::Feature kEnableTLS13EarlyData; +NET_EXPORT BASE_DECLARE_FEATURE(kEnableTLS13EarlyData); // Enables the TLS Encrypted ClientHello feature. // https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-13 -NET_EXPORT extern const base::Feature kEncryptedClientHello; +NET_EXPORT BASE_DECLARE_FEATURE(kEncryptedClientHello); // Enables optimizing the network quality estimation algorithms in network // quality estimator (NQE). -NET_EXPORT extern const base::Feature kNetworkQualityEstimator; +NET_EXPORT BASE_DECLARE_FEATURE(kNetworkQualityEstimator); // Splits cache entries by the request's includeCredentials. -NET_EXPORT extern const base::Feature kSplitCacheByIncludeCredentials; +NET_EXPORT BASE_DECLARE_FEATURE(kSplitCacheByIncludeCredentials); // Splits cache entries by the request's NetworkIsolationKey if one is // available. -NET_EXPORT extern const base::Feature kSplitCacheByNetworkIsolationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kSplitCacheByNetworkIsolationKey); // Splits host cache entries by the DNS request's NetworkIsolationKey if one is // available. Also prevents merging live DNS lookups when there is a NIK // mismatch. -NET_EXPORT extern const base::Feature kSplitHostCacheByNetworkIsolationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kSplitHostCacheByNetworkIsolationKey); // Partitions connections based on the NetworkIsolationKey associated with a // request. -NET_EXPORT extern const base::Feature - kPartitionConnectionsByNetworkIsolationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kPartitionConnectionsByNetworkIsolationKey); // Forces the `frame_origin` value in IsolationInfo to the `top_level_origin` // value when an IsolationInfo instance is created. This is to enable // expirimenting with double keyed network partitions. -NET_EXPORT extern const base::Feature - kForceIsolationInfoFrameOriginToTopLevelFrame; +NET_EXPORT BASE_DECLARE_FEATURE(kForceIsolationInfoFrameOriginToTopLevelFrame); // Partitions HttpServerProperties based on the NetworkIsolationKey associated // with a request. -NET_EXPORT extern const base::Feature - kPartitionHttpServerPropertiesByNetworkIsolationKey; +NET_EXPORT BASE_DECLARE_FEATURE( + kPartitionHttpServerPropertiesByNetworkIsolationKey); // Partitions TLS sessions and QUIC server configs based on the // NetworkIsolationKey associated with a request. // // This feature requires kPartitionConnectionsByNetworkIsolationKey to be // enabled to work. -NET_EXPORT extern const base::Feature - kPartitionSSLSessionsByNetworkIsolationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kPartitionSSLSessionsByNetworkIsolationKey); // Partitions Expect-CT data by NetworkIsolationKey. This only affects the // Expect-CT data itself. Regardless of this value, reports will be uploaded @@ -219,8 +137,7 @@ NET_EXPORT extern const base::Feature // This feature requires kPartitionConnectionsByNetworkIsolationKey, // kPartitionHttpServerPropertiesByNetworkIsolationKey, and // kPartitionConnectionsByNetworkIsolationKey to all be enabled to work. -NET_EXPORT extern const base::Feature - kPartitionExpectCTStateByNetworkIsolationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kPartitionExpectCTStateByNetworkIsolationKey); // Partitions Network Error Logging and Reporting API data by // NetworkIsolationKey. Also partitions all reports generated by other consumers @@ -231,8 +148,7 @@ NET_EXPORT extern const base::Feature // NetworkIsolationKey parameters, and they're cleared while loading from the // cache, but internal objects can be created with them (e.g., endpoints), for // testing. -NET_EXPORT extern const base::Feature - kPartitionNelAndReportingByNetworkIsolationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kPartitionNelAndReportingByNetworkIsolationKey); // Creates a <double key + is_cross_site> NetworkAnonymizationKey which is used // to partition the network state. This double key will have the following @@ -242,18 +158,17 @@ NET_EXPORT extern const base::Feature // to the frame site. The frame site will not be stored in this key so the value // of is_cross_site will be computed at key construction. This feature overrides // `kEnableDoubleKeyNetworkAnonymizationKey` if both are enabled. -NET_EXPORT extern const base::Feature - kEnableCrossSiteFlagNetworkAnonymizationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kEnableCrossSiteFlagNetworkAnonymizationKey); // Creates a double keyed NetworkAnonymizationKey which is used to partition the // network state. This double key will have the following properties: // `top_frame_site` -> the schemeful site of the top level page. // `frame_site ` -> nullopt // `is_cross_site` -> nullopt -NET_EXPORT extern const base::Feature kEnableDoubleKeyNetworkAnonymizationKey; +NET_EXPORT BASE_DECLARE_FEATURE(kEnableDoubleKeyNetworkAnonymizationKey); // Enables limiting the size of Expect-CT table. -NET_EXPORT extern const base::Feature kExpectCTPruning; +NET_EXPORT BASE_DECLARE_FEATURE(kExpectCTPruning); // FeatureParams associated with kExpectCTPruning. @@ -276,25 +191,25 @@ NET_EXPORT extern const base::FeatureParam<int> kExpectCTPruneDelaySecs; // to ensure that this corner of the spec is exercised. This is currently // disabled by default because we discovered incompatibilities with some // servers. -NET_EXPORT extern const base::Feature kTLS13KeyUpdate; +NET_EXPORT BASE_DECLARE_FEATURE(kTLS13KeyUpdate); // Enables permuting TLS extensions in the ClientHello, to reduce the risk of // non-compliant servers ossifying parts of the ClientHello and interfering with // deployment of future security improvements. -NET_EXPORT extern const base::Feature kPermuteTLSExtensions; +NET_EXPORT BASE_DECLARE_FEATURE(kPermuteTLSExtensions); // Enables CECPQ2, a post-quantum key-agreement, in TLS 1.3 connections. -NET_EXPORT extern const base::Feature kPostQuantumCECPQ2; +NET_EXPORT BASE_DECLARE_FEATURE(kPostQuantumCECPQ2); // Enables CECPQ2, a post-quantum key-agreement, in TLS 1.3 connections for a // subset of domains. (This is intended as Finch kill-switch. For testing // compatibility with large ClientHello messages, use |kPostQuantumCECPQ2|.) -NET_EXPORT extern const base::Feature kPostQuantumCECPQ2SomeDomains; +NET_EXPORT BASE_DECLARE_FEATURE(kPostQuantumCECPQ2SomeDomains); NET_EXPORT extern const base::FeatureParam<std::string> kPostQuantumCECPQ2Prefix; // Changes the timeout after which unused sockets idle sockets are cleaned up. -NET_EXPORT extern const base::Feature kNetUnusedIdleSocketTimeout; +NET_EXPORT BASE_DECLARE_FEATURE(kNetUnusedIdleSocketTimeout); // When enabled, the time threshold for Lax-allow-unsafe cookies will be lowered // from 2 minutes to 10 seconds. This time threshold refers to the age cutoff @@ -303,59 +218,46 @@ NET_EXPORT extern const base::Feature kNetUnusedIdleSocketTimeout; // of HTTP method (i.e. allowing unsafe methods). This is a convenience for // integration tests which may want to test behavior of cookies older than the // threshold, but which would not be practical to run for 2 minutes. -NET_EXPORT extern const base::Feature kShortLaxAllowUnsafeThreshold; +NET_EXPORT BASE_DECLARE_FEATURE(kShortLaxAllowUnsafeThreshold); // When enabled, the SameSite by default feature does not add the // "Lax-allow-unsafe" behavior. Any cookies that do not specify a SameSite // attribute will be treated as Lax only, i.e. POST and other unsafe HTTP // methods will not be allowed at all for top-level cross-site navigations. // This only has an effect if the cookie defaults to SameSite=Lax. -NET_EXPORT extern const base::Feature kSameSiteDefaultChecksMethodRigorously; - -#if BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED) -// When enabled, use the builtin cert verifier instead of the platform verifier. -NET_EXPORT extern const base::Feature kCertVerifierBuiltinFeature; -#if BUILDFLAG(IS_MAC) -NET_EXPORT extern const base::FeatureParam<int> kCertVerifierBuiltinImpl; -NET_EXPORT extern const base::FeatureParam<int> kCertVerifierBuiltinCacheSize; -#endif /* BUILDFLAG(IS_MAC) */ -#endif /* BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED) */ +NET_EXPORT BASE_DECLARE_FEATURE(kSameSiteDefaultChecksMethodRigorously); #if BUILDFLAG(TRIAL_COMPARISON_CERT_VERIFIER_SUPPORTED) -NET_EXPORT extern const base::Feature kCertDualVerificationTrialFeature; +NET_EXPORT BASE_DECLARE_FEATURE(kCertDualVerificationTrialFeature); #if BUILDFLAG(IS_MAC) NET_EXPORT extern const base::FeatureParam<int> kCertDualVerificationTrialImpl; NET_EXPORT extern const base::FeatureParam<int> kCertDualVerificationTrialCacheSize; #endif /* BUILDFLAG(IS_MAC) */ -#if BUILDFLAG(BUILTIN_CERT_VERIFIER_FEATURE_SUPPORTED) && \ - BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) -// If both builtin verifier+system roots and builtin verifier+CRS flags are -// supported in the same build, this param can be used to choose which to test -// in the trial. -NET_EXPORT extern const base::FeatureParam<bool> - kCertDualVerificationTrialUseCrs; -#endif #endif /* BUILDFLAG(TRIAL_COMPARISON_CERT_VERIFIER_SUPPORTED) */ #if BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) // When enabled, use the Chrome Root Store instead of the system root store -NET_EXPORT extern const base::Feature kChromeRootStoreUsed; +NET_EXPORT BASE_DECLARE_FEATURE(kChromeRootStoreUsed); +#if BUILDFLAG(IS_MAC) +NET_EXPORT extern const base::FeatureParam<int> kChromeRootStoreSysImpl; +NET_EXPORT extern const base::FeatureParam<int> kChromeRootStoreSysCacheSize; +#endif /* BUILDFLAG(IS_MAC) */ #endif /* BUILDFLAG(CHROME_ROOT_STORE_SUPPORTED) */ // Turns off streaming media caching to disk when on battery power. -NET_EXPORT extern const base::Feature kTurnOffStreamingMediaCachingOnBattery; +NET_EXPORT BASE_DECLARE_FEATURE(kTurnOffStreamingMediaCachingOnBattery); // Turns off streaming media caching to disk always. -NET_EXPORT extern const base::Feature kTurnOffStreamingMediaCachingAlways; +NET_EXPORT BASE_DECLARE_FEATURE(kTurnOffStreamingMediaCachingAlways); // When enabled this feature will cause same-site calculations to take into // account the scheme of the site-for-cookies and the request/response url. -NET_EXPORT extern const base::Feature kSchemefulSameSite; +NET_EXPORT BASE_DECLARE_FEATURE(kSchemefulSameSite); // Enables a process-wide limit on "open" UDP sockets. See // udp_socket_global_limits.h for details on what constitutes an "open" socket. -NET_EXPORT extern const base::Feature kLimitOpenUDPSockets; +NET_EXPORT BASE_DECLARE_FEATURE(kLimitOpenUDPSockets); // FeatureParams associated with kLimitOpenUDPSockets. @@ -365,7 +267,7 @@ NET_EXPORT extern const base::FeatureParam<int> kLimitOpenUDPSocketsMax; // Enables a timeout on individual TCP connect attempts, based on // the parameter values. -NET_EXPORT extern const base::Feature kTimeoutTcpConnectAttempt; +NET_EXPORT BASE_DECLARE_FEATURE(kTimeoutTcpConnectAttempt); // FeatureParams associated with kTimeoutTcpConnectAttempt. @@ -389,7 +291,7 @@ NET_EXPORT extern const base::FeatureParam<base::TimeDelta> // When enabled this feature will allow a new Reporting-Endpoints header to // configure reporting endpoints for report delivery. This is used to support // the new Document Reporting spec. -NET_EXPORT extern const base::Feature kDocumentReporting; +NET_EXPORT BASE_DECLARE_FEATURE(kDocumentReporting); #endif // BUILDFLAG(ENABLE_REPORTING) #if BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA) @@ -398,7 +300,7 @@ NET_EXPORT extern const base::Feature kDocumentReporting; // This should reduce the number of wake ups and improve battery consumption. // TODO(https://crbug.com/1189805): Cleanup the feature after verifying that it // doesn't negatively affect performance. -NET_EXPORT extern const base::Feature kUdpSocketPosixAlwaysUpdateBytesReceived; +NET_EXPORT BASE_DECLARE_FEATURE(kUdpSocketPosixAlwaysUpdateBytesReceived); #endif // BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA) // When this feature is enabled, redirected requests will be considered @@ -407,61 +309,75 @@ NET_EXPORT extern const base::Feature kUdpSocketPosixAlwaysUpdateBytesReceived; // redirected request was same-site with the target URL (and the // site-for-cookies). // See spec changes in https://github.com/httpwg/http-extensions/pull/1348 -NET_EXPORT extern const base::Feature kCookieSameSiteConsidersRedirectChain; +NET_EXPORT BASE_DECLARE_FEATURE(kCookieSameSiteConsidersRedirectChain); + +// When this feature is enabled, the SameParty attribute is enabled. (Note that +// when this feature is disabled, the SameParty attribute is still parsed and +// saved for cookie-sets, but it has no associated semantics (when setting or +// reading cookies).) +NET_EXPORT BASE_DECLARE_FEATURE(kSamePartyAttributeEnabled); // When enabled, cookies with the SameParty attribute are treated as // "first-party" when in same-party contexts, for the purposes of third-party // cookie blocking. (Note that as a consequence, some cookies may be blocked // while others are allowed on a cross-site, same-party request. Additionally, // privacy mode is disabled in same-party contexts.) -NET_EXPORT extern const base::Feature kSamePartyCookiesConsideredFirstParty; +NET_EXPORT BASE_DECLARE_FEATURE(kSamePartyCookiesConsideredFirstParty); // When enabled, sites can opt-in to having their cookies partitioned by // top-level site with the Partitioned attribute. Partitioned cookies will only // be sent when the browser is on the same top-level site that it was on when // the cookie was set. -NET_EXPORT extern const base::Feature kPartitionedCookies; +NET_EXPORT BASE_DECLARE_FEATURE(kPartitionedCookies); // Flag to bypass the origin trial opt-in to use Partitioned cookies. This // allows developers to test Partitioned cookies manually in development // environments. // TODO(crbug.com/1296161): Remove this feature when the CHIPS OT ends. -NET_EXPORT extern const base::Feature kPartitionedCookiesBypassOriginTrial; +NET_EXPORT BASE_DECLARE_FEATURE(kPartitionedCookiesBypassOriginTrial); // When enabled, then we allow partitioned cookies even if kPartitionedCookies // is disabled only if the cookie partition key contains a nonce. So far, this // is used to create temporary cookie jar partitions for fenced and anonymous // frames. -NET_EXPORT extern const base::Feature kNoncedPartitionedCookies; +NET_EXPORT BASE_DECLARE_FEATURE(kNoncedPartitionedCookies); // When enabled, additional cookie-related APIs will perform cookie field size // and character set validation to enforce stricter conformance with RFC6265bis. // TODO(crbug.com/1243852) Eventually enable this permanently and remove the // feature flag, assuming no breakage occurs with it enabled. -NET_EXPORT extern const base::Feature kExtraCookieValidityChecks; +NET_EXPORT BASE_DECLARE_FEATURE(kExtraCookieValidityChecks); // Enable recording UMAs for network activities which can wake-up radio on // Android. -NET_EXPORT extern const base::Feature kRecordRadioWakeupTrigger; +NET_EXPORT BASE_DECLARE_FEATURE(kRecordRadioWakeupTrigger); // When enabled, cookies cannot have an expiry date further than 400 days in the // future. -NET_EXPORT extern const base::Feature kClampCookieExpiryTo400Days; +NET_EXPORT BASE_DECLARE_FEATURE(kClampCookieExpiryTo400Days); // Controls whether static key pinning is enforced. -NET_EXPORT extern const base::Feature kStaticKeyPinningEnforcement; +NET_EXPORT BASE_DECLARE_FEATURE(kStaticKeyPinningEnforcement); // When enabled, cookies with a non-ASCII domain attribute will be rejected. -NET_EXPORT extern const base::Feature kCookieDomainRejectNonASCII; +NET_EXPORT BASE_DECLARE_FEATURE(kCookieDomainRejectNonASCII); // Blocks the 'Set-Cookie' request header on outbound fetch requests. -NET_EXPORT extern const base::Feature kBlockSetCookieHeader; +NET_EXPORT BASE_DECLARE_FEATURE(kBlockSetCookieHeader); -NET_EXPORT extern const base::Feature kOptimizeNetworkBuffers; +NET_EXPORT BASE_DECLARE_FEATURE(kOptimisticBlockfileWrite); + +NET_EXPORT BASE_DECLARE_FEATURE(kOptimizeNetworkBuffers); NET_EXPORT extern const base::FeatureParam<int> kOptimizeNetworkBuffersBytesReadLimit; NET_EXPORT extern const base::FeatureParam<int> + kOptimizeNetworkBuffersMinInputStreamAvailableValueToIgnore; + +NET_EXPORT extern const base::FeatureParam<int> + kOptimizeNetworkBuffersMinInputStreamReadSize; + +NET_EXPORT extern const base::FeatureParam<int> kOptimizeNetworkBuffersMaxInputStreamBytesToReadWhenAvailableUnknown; NET_EXPORT extern const base::FeatureParam<int> @@ -471,7 +387,7 @@ NET_EXPORT extern const base::FeatureParam<bool> kOptimizeNetworkBuffersInputStreamCheckAvailable; // Enable the Storage Access API. https://crbug.com/989663. -NET_EXPORT extern const base::Feature kStorageAccessAPI; +NET_EXPORT BASE_DECLARE_FEATURE(kStorageAccessAPI); // Set the default number of "automatic" implicit storage access grants per // third party origin that can be granted. This can be overridden via @@ -484,8 +400,32 @@ NET_EXPORT extern const base::FeatureParam<int> // granted if the storage is partitioned. NET_EXPORT extern const base::FeatureParam<bool> kStorageAccessAPIGrantsUnpartitionedStorage; +// Whether to auto-grant storage access requests when the top level origin and +// the requesting origin are in the same First-Party Set. +NET_EXPORT extern const base::FeatureParam<bool> + kStorageAccessAPIAutoGrantInFPS; +// Whether to auto-deny storage access requests when the top level origin and +// the requesting origin are not in the same First-Party Set. +NET_EXPORT extern const base::FeatureParam<bool> + kStorageAccessAPIAutoDenyOutsideFPS; + +NET_EXPORT BASE_DECLARE_FEATURE(kThirdPartyStoragePartitioning); + +// Whether ALPS parsing is on for any type of frame. +NET_EXPORT BASE_DECLARE_FEATURE(kAlpsParsing); + +// Whether ALPS parsing is on for client hint parsing specifically. +NET_EXPORT BASE_DECLARE_FEATURE(kAlpsClientHintParsing); + +// Whether to kill the session on Error::kAcceptChMalformed. +NET_EXPORT BASE_DECLARE_FEATURE(kShouldKillSessionOnAcceptChMalformed); + +NET_EXPORT BASE_DECLARE_FEATURE(kCaseInsensitiveCookiePrefix); + +NET_EXPORT BASE_DECLARE_FEATURE(kEnableWebsocketsOverHttp3); -NET_EXPORT extern const base::Feature kThirdPartyStoragePartitioning; +// Whether to do IPv4 to IPv6 address translation for IPv4 literals. +NET_EXPORT BASE_DECLARE_FEATURE(kUseNAT64ForIPv4Literal); } // namespace net::features |