From 8fa0776f1f79e91fc9c0b9c1ba11a0a29c05196b Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 4 Feb 2022 17:20:24 +0100 Subject: BASELINE: Update Chromium to 98.0.4758.90 Change-Id: Ib7c41539bf8a8e0376bd639f27d68294de90f3c8 Reviewed-by: Allan Sandfeld Jensen --- chromium/docs/website/.eleventy.js | 183 + chromium/docs/website/.firebaserc | 7 + chromium/docs/website/.gclient | 27 + chromium/docs/website/.vpython3 | 44 + chromium/docs/website/AUTHORS | 2 + chromium/docs/website/CONTENT_OWNERS | 10 + chromium/docs/website/DEPS | 116 + chromium/docs/website/OWNERS | 5 + chromium/docs/website/PRESUBMIT.py | 105 + chromium/docs/website/README.md | 15 + chromium/docs/website/docs/AUTHORING.md | 158 + chromium/docs/website/docs/CONTRIBUTING.md | 98 + chromium/docs/website/docs/OWNERS | 1 + chromium/docs/website/infra/config/PRESUBMIT.py | 22 + .../infra/config/generated/commit-queue.cfg | 43 + .../infra/config/generated/cr-buildbucket.cfg | 80 + .../website/infra/config/generated/luci-logdog.cfg | 9 + .../website/infra/config/generated/luci-milo.cfg | 19 + .../infra/config/generated/luci-scheduler.cfg | 36 + .../website/infra/config/generated/project.cfg | 14 + .../docs/website/infra/config/generated/realms.cfg | 61 + .../infra/config/generated/tricium-prod.cfg | 30 + chromium/docs/website/infra/config/main.star | 217 + chromium/docs/website/node_modules.tar.gz.sha1 | 1 + chromium/docs/website/npmw | 46 + chromium/docs/website/originals.tar.gz.sha1 | 1 + chromium/docs/website/package-lock.json | 19081 +++++++++++++++++++ chromium/docs/website/package.json | 26 + chromium/docs/website/scripts/404s.txt | 44 + chromium/docs/website/scripts/common.py | 238 + chromium/docs/website/scripts/crawl.py | 264 + chromium/docs/website/scripts/export.py | 457 + .../docs/website/scripts/fetch_node_modules.py | 80 + .../scripts/gen_paths_that_were_edited_by_hand | 42 + chromium/docs/website/scripts/gen_paths_to_skip | 21 + chromium/docs/website/scripts/html2markdown.py | 1343 ++ .../scripts/paths_that_were_edited_by_hand.txt | 96 + chromium/docs/website/scripts/paths_to_crawl.txt | 299 + chromium/docs/website/scripts/paths_to_skip.txt | 140 + chromium/docs/website/scripts/subpages.js | 132 + chromium/docs/website/scripts/upload_lobs.py | 172 + .../website/site/Home/chromecompatfaq/index.md | 271 + .../site/Home/chromium-clobber-landmines/index.md | 162 + .../website/site/Home/chromium-privacy/index.md | 52 + .../privacy-sandbox/covert-tracking/index.md | 88 + .../floc/Sensitivity of Cohorts.pdf.sha1 | 1 + .../chromium-privacy/privacy-sandbox/floc/index.md | 181 + .../Home/chromium-privacy/privacy-sandbox/index.md | 153 + .../chromium-security/adding-permissions/index.md | 10 + .../decode-mitigation-flags.html | 232 + .../index.md | 244 + .../articles/gwp-asan/diag4.png.sha1 | 1 + .../articles/gwp-asan/gwp-asan-diagram1.png.sha1 | 1 + .../articles/gwp-asan/gwp-asan-diagram2.png.sha1 | 1 + .../articles/gwp-asan/gwp-asan-diagram3.png.sha1 | 1 + .../chromium-security/articles/gwp-asan/index.md | 431 + .../site/Home/chromium-security/articles/index.md | 18 + .../chromium-security/binding-integrity/index.md | 90 + .../boringssl/contributing/index.md | 84 + .../site/Home/chromium-security/boringssl/index.md | 38 + .../Home/chromium-security/brag-sheet/index.md | 157 + .../bugs/automated-triage/index.md | 12 + .../bugs/automatic-filing/index.md | 20 + .../developing-fuzzers-for-clusterfuzz/index.md | 13 + .../site/Home/chromium-security/bugs/index.md | 93 + .../bugs/reproducing-clusterfuzz-bugs/index.md | 94 + .../bugs/using-clusterfuzz/index.md | 13 + .../certificate-transparency/index.md | 12 + .../certificate-transparency/log-policy/index.md | 15 + .../log-policy/mmd_monitor_root.crt | 34 + .../chromium-security/chromium-and-emet/index.md | 143 + .../clean-software-alliance/index.md | 38 + .../client-identification-mechanisms/index.md | 764 + .../chromium-security/corb-for-developers/index.md | 121 + .../chromium-security/core-principles/index.md | 103 + .../crlsets/CRLSetComponents.png.sha1 | 1 + .../site/Home/chromium-security/crlsets/index.md | 40 + .../index.md | 131 + .../index.md | 115 + .../site/Home/chromium-security/education/index.md | 54 + .../security-tips-for-crx-and-apps/index.md | 121 + .../education/security-tips-for-ipc/index.md | 219 + .../Home/chromium-security/education/tls/index.md | 349 + .../chromium-security/education/tls/sha-1/index.md | 73 + .../goals-for-the-origin-info-bubble/index.md | 208 + .../site/Home/chromium-security/enamel/index.md | 181 + .../Home/chromium-security/enamel/origins.png.sha1 | 1 + .../chromium-security/enamel/permissions/index.md | 21 + .../enamel/restricting-iframe-permissions/index.md | 12 + .../extension-content-script-fetches/index.md | 352 + .../guts/Chrome Security Architecture.png.sha1 | 1 + .../site/Home/chromium-security/guts/index.md | 66 + .../Home/chromium-security/hall-of-fame/index.md | 1157 ++ .../website/site/Home/chromium-security/index.md | 141 + .../ipc-security-reviews/index.md | 30 + .../malicious-extensions-protection/index.md | 11 + ...reatment of HTTP Pages with User Input.gif.sha1 | 1 + .../Treatment of HTTP Pages@1x.png.sha1 | 1 + .../blog image 1.png.sha1 | 1 + .../blog image 2.png.sha1 | 1 + .../form-and-incognito-http-bad-verbose.png.sha1 | 1 + .../http-bad-sep-2018.png.sha1 | 1 + .../marking-http-as-non-secure/index.md | 329 + .../phase-3-narrow.png.sha1 | 1 + .../phase-3-wide.png.sha1 | 1 + .../site/Home/chromium-security/mds/index.md | 87 + .../Home/chromium-security/memory-safety/index.md | 129 + .../memory-safety/piechart.png.sha1 | 1 + .../rust-and-c-interoperability/index.md | 178 + .../memory-safety/sat3CHOc8lXZbGicChW6w5Q.png.sha1 | 1 + .../site/Home/chromium-security/owp/index.md | 116 + .../owp/web-platform-security-backlog/index.md | 12 + .../chromium-security/pdfium-security/index.md | 56 + .../site/Home/chromium-security/pgp-key/index.md | 146 + .../index.md | 111 + .../site/Home/chromium-security/pwnium-2/index.md | 56 + .../site/Home/chromium-security/pwnium-3/index.md | 55 + .../site/Home/chromium-security/pwnium-4/index.md | 364 + .../chromium-security/quarterly-updates/index.md | 4027 ++++ .../reporting-security-bugs/index.md | 129 + .../reviews-and-consulting/index.md | 33 + .../Home/chromium-security/root-ca-policy/index.md | 210 + .../security-bug-lifecycle/index.md | 258 + .../Home/chromium-security/security-faq/index.md | 12 + .../service-worker-security-faq/index.md | 340 + .../chromium-security/security-labels/index.md | 12 + .../security-release-management/index.md | 156 + .../chromium-security/security-reviews/index.md | 84 + .../Life of a Security Issue (1).png.sha1 | 1 + .../Life of a Security Issue (2).png.sha1 | 1 + .../Life of a Security Issue (3).png.sha1 | 1 + .../Life of a Security Issue.png.sha1 | 1 + .../Screen Shot 2016-05-20 at 15.41.22.png.sha1 | 1 + .../chromium-security/security-sheriff/index.md | 12 + .../Home/chromium-security/site-isolation/index.md | 377 + .../site-isolation/site-isolation-flag-1.png.sha1 | 1 + .../site-isolation/site-isolation-flag-2.png.sha1 | 1 + .../site-isolation/site-per-process-flag.png.sha1 | 1 + .../site/Home/chromium-security/ssca/index.md | 109 + .../strict-origin-isolation-trial/index.md | 95 + .../chromium-security/symantec-legacy-pki/index.md | 87 + .../vulnerability-rewards-program/index.md | 14 + .../site/Home/debugging-on-webview/index.md | 8 + .../docs/website/site/Home/domui-testing/index.md | 127 + .../domui-testing/webui-browser_tests/index.md | 230 + .../webui-accessibility-audit/index.md | 12 + .../docs/website/site/Home/flying_browser.png.sha1 | 1 + chromium/docs/website/site/Home/google-ssl.xml | 9 + .../index.md | 78 + chromium/docs/website/site/Home/index.md | 76 + .../docs/website/site/Home/loading/clovis/index.md | 18 + chromium/docs/website/site/Home/loading/index.md | 75 + .../website/site/Home/loading/oor-cors/index.md | 242 + .../site/Home/loading/oor-cors/netlogchk.html | 231 + chromium/docs/website/site/Home/memory/index.md | 11 + .../site/Home/third-party-developers/index.md | 191 + chromium/docs/website/site/Home/tls13/index.md | 46 + chromium/docs/website/site/OWNERS | 1 + .../docs/website/site/_assets/customLogo.png.sha1 | 1 + chromium/docs/website/site/_includes/page.njk | 118 + chromium/docs/website/site/_scripts/selector.js | 138 + .../docs/website/site/_stylesheets/_reset.scss | 100 + .../docs/website/site/_stylesheets/default.scss | 418 + .../index.md | 264 + .../index.md | 281 + .../common-problems-and-solutions/index.md | 241 + .../bookmarks4.png.sha1 | 1 + .../bookmarks5.png.sha1 | 1 + .../bookmarks6.png.sha1 | 1 + .../complex-policies-on-windows/index.md | 228 + .../complex-policies-on-windows/reg1.png.sha1 | 1 + .../complex-policies-on-windows/reg2.png.sha1 | 1 + .../complex-policies-on-windows/reg3.png.sha1 | 1 + .../complex-policies-on-windows/reg4.png.sha1 | 1 + .../configuring-other-preferences/index.md | 263 + .../configuring-policy-for-extensions/index.md | 227 + .../diagnostic-mode/diagmode_wiki.png.sha1 | 1 + .../site/administrators/diagnostic-mode/index.md | 56 + .../1.png.sha1 | 1 + .../2.png.sha1 | 1 + .../3.png.sha1 | 1 + .../err_eset_anti_virus_ssl_interception/index.md | 28 + .../err_ssl_weak_server_ephemeral_dh_key/index.md | 13 + .../redirect-dh.xml | 12 + .../frequently-asked-questions/index.md | 230 + .../index.md | 95 + chromium/docs/website/site/administrators/index.md | 59 + .../site/administrators/installation/index.md | 16 + .../administrators/ios-mdm-policy-format/index.md | 175 + .../ios-mdm-policy-format/ios_chrome_policy.plist | 98 + .../ios_encoded_chrome_policy.plist | 28 + .../site/administrators/linux-quick-start/index.md | 105 + .../site/administrators/log-messages/index.md | 52 + .../site/administrators/mac-quick-start/index.md | 68 + .../policy-list-3/atomic_groups/index.md | 875 + .../cookie-legacy-samesite-policies/index.md | 142 + .../policy-list-3/deprecated-policies/index.md | 1046 + .../policy-list-3/extension-settings-full/index.md | 121 + .../site/administrators/policy-list-3/index.md | 10 + .../user-data-directory-variables/index.md | 93 + .../site/administrators/policy-templates/index.md | 86 + .../pre-installed-extensions/index.md | 178 + .../turning-off-auto-updates/index.md | 109 + .../url-blacklist-filter-format/index.md | 11 + .../url-blocklist-filter-format/index.md | 140 + .../GoogleChromeStandaloneEnterprise.msi.sha1 | 1 + .../administrators/windows-quick-start/index.md | 74 + .../contributing-to-drm_hwcomposer/index.md | 9 + .../site/android/drm_hwcomposer-overview/index.md | 10 + chromium/docs/website/site/android/index.md | 6 + .../docs/website/site/apple-touch-icon.png.sha1 | 1 + .../audio-video/ChromiumMediaBuffering.png.sha1 | 1 + .../audio-video/ChromiumMediaBuffering.svg.sha1 | 1 + .../ChromiumMediaPlayerFSStack (1).png.sha1 | 1 + .../ChromiumMediaPlayerFSStack.png.sha1 | 1 + .../autoplay-policy-design-rationale/index.md | 174 + .../autoplay-pre-seeding-in-chrome/index.md | 31 + .../website/site/audio-video/autoplay/index.md | 251 + chromium/docs/website/site/audio-video/index.md | 159 + .../site/audio-video/media-internals/index.md | 77 + .../website/site/blink/activedomobject/index.md | 48 + .../blink/blink-api-owners-requirements/index.md | 9 + .../website/site/blink/blink-gardening/index.md | 10 + chromium/docs/website/site/blink/blink-gc/index.md | 10 + .../docs/website/site/blink/blink-in-js/index.md | 278 + .../site/blink/blink-network-stack/index.md | 14 + .../site/blink/blink-post-merge-faq/index.md | 165 + .../site/blink/blink-testing-and-the-w3c/index.md | 203 + .../website/site/blink/blink-triaging/index.md | 105 + .../docs/website/site/blink/coding-style/index.md | 69 + .../layout-test-style-guidelines/index.md | 11 + .../site/blink/deprecating-features/index.md | 28 + .../docs/website/site/blink/developer-faq/index.md | 318 + .../lewishead.jpg.1365009990294.png.sha1 | 1 + .../paulhead.jpg.1365009992996.png.sha1 | 1 + .../directory-dependency-in-blink/before.png.sha1 | 1 + .../before_merge_resized.png.sha1 | 1 + .../blink/directory-dependency-in-blink/index.md | 76 + .../website/site/blink/dom-exceptions/index.md | 52 + .../getting-started-with-blink-debugging/index.md | 185 + .../site/blink/guidelines/api-owners/index.md | 76 + .../guidelines/api-owners/procedures/index.md | 77 + .../guidelines/api-owners/requirements/index.md | 59 + .../blink-api-owners-requirements/index.md | 77 + .../docs/website/site/blink/guidelines/index.md | 9 + .../website/site/blink/guidelines/values/index.md | 36 + .../site/blink/guidelines/web-exposed/index.md | 28 + .../web-platform-changes-guidelines/index.md | 321 + .../web-platform-changes-process/index.md | 11 + .../website/site/blink/how-repaint-works/index.md | 12 + .../site/blink/importing-the-w3c-tests/index.md | 136 + chromium/docs/website/site/blink/index.md | 117 + .../site/blink/intent-security-triage/index.md | 65 + .../how-chrome-status-communicates/index.md | 55 + .../website/site/blink/launching-features/index.md | 607 + .../let-developers-know/index.md | 115 + .../blink/launching-features/old-process/index.md | 113 + chromium/docs/website/site/blink/layoutng/index.md | 237 + .../website/site/blink/layoutng/kern-ng.png.sha1 | 1 + .../site/blink/layoutng/kern_legacy.png.sha1 | 1 + .../site/blink/layoutng/legacy_ar_wrap.png.sha1 | 1 + .../site/blink/layoutng/legacy_dlig_jp.png.sha1 | 1 + .../blink/layoutng/legacy_float_margin.png.sha1 | 1 + .../blink/layoutng/legacy_float_overlap.png.sha1 | 1 + .../site/blink/layoutng/legacy_shape.png.sha1 | 1 + .../site/blink/layoutng/ng_ar_wrap.png.sha1 | 1 + .../site/blink/layoutng/ng_dlig_jp.png.sha1 | 1 + .../site/blink/layoutng/ng_float_margin.png.sha1 | 1 + .../site/blink/layoutng/ng_float_overlap.png.sha1 | 1 + .../website/site/blink/layoutng/ng_shape.png.sha1 | 1 + .../docs/website/site/blink/memory-team/index.md | 46 + .../docs/website/site/blink/origin-trials/index.md | 46 + .../DevTools_Breakpoint_Workaround.png.sha1 | 1 + .../origin-trials/portals/consolewarning.png.sha1 | 1 + .../site/blink/origin-trials/portals/index.md | 153 + .../origin-trials/running-an-origin-trial/index.md | 344 + .../platform-predictability/compat-tools/index.md | 163 + .../site/blink/platform-predictability/index.md | 133 + .../platform-predictability/objectives/index.md | 177 + .../docs/website/site/blink/public-c-api/index.md | 121 + .../website/site/blink/removing-features/index.md | 12 + .../site/blink/runtime-enabled-features/index.md | 11 + .../blink/serviceworker/getting-started/index.md | 77 + .../docs/website/site/blink/serviceworker/index.md | 94 + .../serviceworker/service-worker-faq/index.md | 126 + .../service-worker-faq/resources-sw.png.sha1 | 1 + .../site/blink/serviceworker/testing/index.md | 67 + .../docs/website/site/blink/sheriffing/index.md | 106 + .../sheriffing/triaging-gasper-alerts/index.md | 13 + .../slimming-paint/historical-documents/index.md | 29 + .../website/site/blink/slimming-paint/index.md | 112 + .../docs/website/site/blink/spec-mentors/index.md | 122 + .../docs/website/site/blink/unittesting/index.md | 473 + .../site/blink/unittesting/printto-confusing.cpp | 39 + .../site/blink/unittesting/printto-workaround.cpp | 80 + .../docs/website/site/blink/v8-bindings/index.md | 10 + .../docs/website/site/blink/web-workers/index.md | 70 + .../docs/website/site/blink/webcrypto/index.md | 445 + .../webidl/blink-idl-extended-attributes/index.md | 13 + chromium/docs/website/site/blink/webidl/index.md | 682 + .../Screen Shot 2015-04-04 at 3.19.28 PM.png.sha1 | 1 + .../Screen Shot 2015-04-04 at 4.18.39 PM.png.sha1 | 1 + .../Screen Shot 2015-04-04 at 5.36.49 PM.png.sha1 | 1 + .../Screen Shot 2015-04-04 at 5.38.39 PM.png.sha1 | 1 + .../Untitled-5.fw.png.sha1 | 1 + .../chromestatus42.png.sha1 | 1 + .../chromeversion.png.sha1 | 1 + .../cr-commit-pos.png.sha1 | 1 + .../f3a.png.sha1 | 1 + .../index.md | 93 + .../omahaprox.png.sha1 | 1 + chromium/docs/website/site/blinkon-16/index.md | 99 + chromium/docs/website/site/careers/index.md | 23 + .../site/careers/logo_chrome_color_144dp.png.sha1 | 1 + chromium/docs/website/site/cecpq2/index.md | 57 + chromium/docs/website/site/chrome-apps/index.md | 716 + .../chrome-os-devices-and-kernel-versions/index.md | 8 + .../website/site/chrome-release-channels/index.md | 198 + ...4 Chrome OS Firmware Summit- Chrome EC.pdf.sha1 | 1 + ...14 Chrome OS Firmware Summit- Overview.pdf.sha1 | 1 + .../ARM coreboot porting.pdf.sha1 | 1 + .../Chrome OS Firmware - 2017.pdf.sha1 | 1 + .../Chrome OS Firmware Summit- Sundries.pdf.sha1 | 1 + ...ChromeOS firmware summit - Depthcharge.pdf.sha1 | 1 + .../Coreboot Mainboard Porting.pdf.sha1 | 1 + .../site/chromium-os/2014-firmware-summit/index.md | 121 + .../x86 coreboot porting.pdf.sha1 | 1 + .../website/site/chromium-os/android-apps/index.md | 11 + .../site/chromium-os/bias-on-chromium-os/index.md | 40 + .../index.md | 45 + .../SourcePowerRule.png.sha1 | 1 + .../cable-and-adapter-tips-and-tricks/index.md | 177 + .../951-00273-01_20180607_suzyqable_SCH_1.pdf.sha1 | 1 + .../docs/website/site/chromium-os/ccd/index.md | 9 + .../site/chromium-os/ccd/suzy-qs-1.png.sha1 | 1 + .../index.md | 79 + .../index.md | 619 + .../index.md | 180 + .../chrome-os-systems-supporting-linux/index.md | 156 + .../chromeos-graphics-reading-list/index.md | 72 + .../site/chromium-os/chromium-os-faq/index.md | 81 + .../autoupdate-details/cycle_break.png.sha1 | 1 + .../autoupdate-details/example.png.sha1 | 1 + .../autoupdate-details/index.md | 229 + .../boot-design/boot_design_diagram.png.sha1 | 1 + .../chromiumos-design-docs/boot-design/index.md | 1014 + .../cbi-cros-board-info/index.md | 11 + .../chrome-os-battery-life-overview/index.md | 66 + .../chrome-os-performance-overview/index.md | 29 + .../chrome-os-volume-keys/index.md | 61 + .../chromium-os-cgroups/index.md | 40 + .../chromium-os-kernel/dco/index.md | 31 + .../chromium-os-kernel/index.md | 191 + .../chromium-os-kernel/submitting-patches/index.md | 462 + .../chromium-os-libcros/index.md | 322 + .../chromium-os-printing-design/index.md | 93 + .../cras-chromeos-audio-server/index.md | 123 + .../cros-network/cellular-activation/index.md | 159 + .../cros-network/chrome-network-debugging/index.md | 23 + .../cros-network/fake-cromo/index.md | 53 + .../cros-network/fake-gsm-modem/index.md | 53 + .../cros-network/fakemodem/index.md | 22 + .../chromiumos-design-docs/cros-network/index.md | 11 + .../chromiumos-design-docs/developer-mode/index.md | 570 + .../developer-shell-access/index.md | 167 + .../disk-format/flow.png.sha1 | 1 + .../chromiumos-design-docs/disk-format/index.md | 639 + .../disk-format/kernel2.png.sha1 | 1 + .../disk-format/layout.png.sha1 | 1 + ...EC-3PO- The EC console interpreter (1).png.sha1 | 1 + .../EC-3PO- The EC console interpreter.png.sha1 | 1 + .../chromiumos-design-docs/ec-3po/index.md | 13 + .../bootloader_flowpng.sha1 | 1 + .../firmware_updaterpng.sha1 | 1 + .../filesystem-autoupdate-supplements/index.md | 96 + .../partition_extra_bitspng.sha1 | 1 + .../recovery_imagepng.sha1 | 1 + .../ChromeOSFilesystemAutoupdate.png.sha1 | 1 + .../filesystem-autoupdate/index.md | 133 + ...romeOSFirmwareBootandRecoveryPUBLISHED.png.sha1 | 1 + .../firmware-boot-and-recovery/eeprom-mappng.sha1 | 1 + .../firmware-boot-and-recovery/flowchart1png.sha1 | 1 + .../firmware-boot-and-recovery/index.md | 697 + .../s0hDprW1DevZ8KuyE5lsKIg_903.png.sha1 | 1 + .../firmware-updates/index.md | 27 + .../index.md | 256 + .../chromium-os/chromiumos-design-docs/index.md | 119 + .../KbdReset.png.sha1 | 1 + .../keyboard-controlled-reset-circuit/index.md | 83 + .../library-optimization/index.md | 70 + .../chromiumos-design-docs/login/index.md | 145 + .../chromiumos-design-docs/lucid-sleep/index.md | 257 + .../FlimflamServiceStateMachine (1).png.sha1 | 1 + .../FlimflamServiceStateMachine.png.sha1 | 1 + .../FlimflamServiceStateMachine.svg.sha1 | 1 + .../network-portal-detection/index.md | 130 + .../chromiumos-design-docs/onc/index.md | 12 + .../open-network-configuration/index.md | 17 + .../out-of-memory-handling/index.md | 282 + .../pprof.renderer.espn.svg.sha1 | 1 + .../pprof.renderer.gmail.svg.sha1 | 1 + .../partition-resizing/index.md | 86 + .../partition-resizing/resize_partitionpng.sha1 | 1 + .../chromiumos-design-docs/powerwash/index.md | 135 + .../ChromeOSCryptohomeTPMusage.png.sha1 | 1 + .../ChromiumOS_TPM_Cryptohome.png.sha1 | 1 + ...ption-benchmarks--ecryptfs2bext3-1008hapdf.sha1 | 1 + ...sk-encryption-benchmarks--no-encryptionpdf.sha1 | 1 + ...ion-on-chrome-os--dmcrypt2bext42b1008hapdf.sha1 | 1 + .../protecting-cached-user-data/index.md | 496 + .../chromiumos-design-docs/recovery-mode/index.md | 383 + .../recovery-mode/sk78RvI_UcGGddwNUBzsAcA.png.sha1 | 1 + .../recovery-mode/srjy2ox0dbMkVTv25qW2QdA.png.sha1 | 1 + .../security-overview/index.md | 492 + .../software-architecture/chromepng.sha1 | 1 + .../software-architecture/firmwarepng.sha1 | 1 + .../software-architecture/index.md | 98 + .../software-architecture/overviewpng.sha1 | 1 + .../software-architecture/systempng.sha1 | 1 + .../source-code-management/index.md | 221 + .../source-code-management/repo-archpng.sha1 | 1 + .../system-hardening/index.md | 692 + .../system-notifications/index.md | 344 + .../tab-discarding-and-reloading/index.md | 101 + .../text-input/basic-architecture.png.sha1 | 1 + .../text-input/basic-architecture2.png.sha1 | 1 + .../text-input/candidate_window.png.sha1 | 1 + .../text-input/candidate_window_demo.swf.sha1 | 1 + .../chromiumos-design-docs/text-input/index.md | 275 + .../text-input/input.png.sha1 | 1 + .../text-input/syncing-input-methods/index.md | 102 + .../touch-firmware-updater/index.md | 157 + .../chromiumos-design-docs/upstream-first/index.md | 54 + .../user-accounts-and-management/index.md | 219 + .../chromiumos-design-docs/userland-boot/index.md | 10 + .../verified-boot-crypto/cryptospecs.webp.sha1 | 1 + .../verified-boot-crypto/index.md | 440 + .../VerifiedBootDataStructures (1).png.sha1 | 1 + .../VerifiedBootDataStructures.png.sha1 | 1 + .../firmware.png.sha1 | 1 + .../verified-boot-data-structures/index.md | 174 + .../verified-boot-data-structures/kernel.png.sha1 | 1 + .../keyblock.png.sha1 | 1 + .../verified-boot-data-structures/normal.png.sha1 | 1 + .../readonly.png.sha1 | 1 + .../recovery.png.sha1 | 1 + .../vbpublickey.png.sha1 | 1 + .../vbsignature.png.sha1 | 1 + .../verified-boot/diag2png.sha1 | 1 + .../chromiumos-design-docs/verified-boot/index.md | 371 + .../index.md | 85 + .../site/chromium-os/comp2_200x146.jpg.sha1 | 1 + .../docs/website/site/chromium-os/comp2jpg.sha1 | 1 + .../site/chromium-os/containers-update/index.md | 54 + .../developer-guide/BugTrackerName.png.sha1 | 1 + .../developer-guide/TrackerName.png.sha1 | 1 + .../developer-guide/beaglebone/index.md | 67 + .../chromium-os-sandboxing/index.md | 367 + .../mount_event_propagation.png.sha1 | 1 + .../developer-guide/developer-workflow/index.md | 13 + .../developer-guide/directory-structure/index.md | 12 + .../developer-guide/disk-layout-format/index.md | 79 + .../developer-guide/gerrit-guide/index.md | 74 + .../developer-guide/go-in-chromium-os/index.md | 344 + .../site/chromium-os/developer-guide/index.md | 12 + .../upstreaming-drm-patches/index.md | 74 + .../developer-guide/using-serial-tty/index.md | 57 + .../acer-zgb-bottm-guts.jpg.sha1 | 1 + .../acer-ac700-chromebook/acer-zgb-bottom.jpg.sha1 | 1 + .../acer-zgb-top-guts.jpg.sha1 | 1 + .../acer-ac700-chromebook/back.jpg.sha1 | 1 + .../acer-ac700-chromebook/index.md | 297 + .../acer-ac700-chromebook/newback.jpg.sha1 | 1 + .../gallery-AcerChromebook11-1-card-front.jpg.sha1 | 1 + .../gallery-AcerChromebook11-1-front.jpg.sha1 | 1 + ...ry-AcerChromebook11-10-side-right-grey.jpg.sha1 | 1 + .../gallery-AcerChromebook11-2-front-grey.jpg.sha1 | 1 + .../gallery-AcerChromebook11-4-left-grey.jpg.sha1 | 1 + .../gallery-AcerChromebook11-5-right.jpg.sha1 | 1 + .../gallery-AcerChromebook11-6-right-grey.jpg.sha1 | 1 + .../gallery-AcerChromebook11-7-side-left.jpg.sha1 | 1 + ...lery-AcerChromebook11-8-side-left-grey.jpg.sha1 | 1 + .../gallery-AcerChromebook11-9-side-right.jpg.sha1 | 1 + .../acer-c670-chromebook/index.md | 85 + .../acer-c7-bottom-guts.jpg.sha1 | 1 + .../acer-c7-bottom-screws.jpg.sha1 | 1 + .../acer-c7-case-bottom.jpg.sha1 | 1 + .../acer-c7-chromebook/acer-c7-top-guts.jpg.sha1 | 1 + .../acer-c7-chromebook/index.md | 225 + .../c720-chromebook-annotated-innards.png.sha1 | 1 + .../c720-chromebook-innards-small.png.sha1 | 1 + .../c720-chromebook-innards.png.sha1 | 1 + .../acer-c720-chromebook/index.md | 228 + ...0001s_0000_Acer-Chromebook-15-01-front.jpg.sha1 | 1 + ..._0001s_0001_Acer-Chromebook-15-02-left.jpg.sha1 | 1 + ...0001s_0002_Acer-Chromebook-15-03-right.jpg.sha1 | 1 + ...s_0003_Acer-Chromebook-15-04-side-left.jpg.sha1 | 1 + ..._0004_Acer-Chromebook-15-05-side-right.jpg.sha1 | 1 + ...0005_Acer-Chromebook-15-06-group-black.jpg.sha1 | 1 + ...0006_Acer-Chromebook-15-07-group-white.jpg.sha1 | 1 + .../acer-c910-chromebook/index.md | 77 + ...gallery-Acer-Chromebook13-1-card-front.jpg.sha1 | 1 + .../gallery-Acer-Chromebook13-1-front.jpg.sha1 | 1 + .../gallery-Acer-Chromebook13-2-left.jpg.sha1 | 1 + .../gallery-Acer-Chromebook13-3-right.jpg.sha1 | 1 + .../gallery-Acer-Chromebook13-4-side-left.jpg.sha1 | 1 + ...gallery-Acer-Chromebook13-5-side-right.jpg.sha1 | 1 + .../acer-cb5-311-chromebook-13/index.md | 133 + .../asus-chromebox/index.md | 166 + .../center-negative-polarity.svg.sha1 | 1 + .../center-positive-polarity.svg.sha1 | 1 + .../chromebook-pixel-2015/index.md | 133 + .../chromebook-pixel/index.md | 270 + .../link-bottom-guts-labeled.jpg.sha1 | 1 + .../chromebook-pixel/link-bottom-guts.jpg.sha1 | 1 + .../Mario_DevSwitchOff.jpg.sha1 | 1 + .../Mario_DevSwitchOn.jpg.sha1 | 1 + .../Mario_DevSwitchOn.png.sha1 | 1 + .../Mario_DevSwitchTape.jpg.sha1 | 1 + .../Mario_DevSwitchTape.png.sha1 | 1 + .../cr48_recovery_button.jpg.sha1 | 1 + .../how-to-boot-ubuntu-on-a-cr-48/index.md | 615 + .../index.md | 459 + .../mario-bottom-guts.jpg.sha1 | 1 + .../mario-top-guts.jpg.sha1 | 1 + .../custom-firmware/index.md | 220 + .../dell-chromebook-11/Selection_459.png.sha1 | 1 + .../dell-chromebook-11/index.md | 109 + .../dell-chromebook-11/wolf_wp.png.sha1 | 1 + .../direct-current.svg.sha1 | 1 + .../generic/index.md | 67 + .../h2c-firmware/index.md | 48 + .../hp-chromebook-11/index.md | 88 + .../hp-chromebook-14/hero.png.sha1 | 1 + .../hp-chromebook-14/index.md | 86 + .../hp-chromebook-14/large-1.jpg.sha1 | 1 + .../hp-chromebook-14/large-2.jpg.sha1 | 1 + .../hp-chromebook-14/large-3.jpg.sha1 | 1 + .../hp-chromebook-14/large-4.jpg.sha1 | 1 + .../hp-chromebook-14/large-5.jpg.sha1 | 1 + .../hp-chromebook-14/large-6.jpg.sha1 | 1 + .../hp-chromebook-14/large-7.jpg.sha1 | 1 + .../hp-chromebook-14/large-8.jpg.sha1 | 1 + .../hp-chromebox/index.md | 169 + .../butterfly-bottom-guts.jpg.sha1 | 1 + .../butterfly-cpanel.jpg.sha1 | 1 + .../butterfly-dpanel.jpg.sha1 | 1 + .../butterfly-keyboard.jpg.sha1 | 1 + .../butterfly-top-guts.jpg.sha1 | 1 + .../butterfly-top-wp.jpg.sha1 | 1 + .../hp-pavilion-14-chromebook/index.md | 113 + .../index.md | 3824 ++++ .../lenovo-chromebook-11/index.md | 21 + ...lery-LenovoChromebookN20p-1-card-hinge.jpg.sha1 | 1 + .../gallery-LenovoChromebookN20p-1-hinge.jpg.sha1 | 1 + .../gallery-LenovoChromebookN20p-2-front.jpg.sha1 | 1 + .../gallery-LenovoChromebookN20p-3-left.jpg.sha1 | 1 + .../gallery-LenovoChromebookN20p-4-right.jpg.sha1 | 1 + .../gallery-LenovoChromebookN20p-5-hinge.jpg.sha1 | 1 + ...llery-LenovoChromebookN20p-6-side-left.jpg.sha1 | 1 + ...lery-LenovoChromebookN20p-7-side-right.jpg.sha1 | 1 + .../lenovo-chromebook-n20/index.md | 112 + .../lenovo-thinkpad-x131e-chromebook/index.md | 144 + .../stout-bare-bottom.jpg.sha1 | 1 + .../stout-bare-top.jpg.sha1 | 1 + .../stout-inside-bottom.jpg.sha1 | 1 + .../stout-inside-top.jpg.sha1 | 1 + ...-LG-1-F-101_White_Monitor_from-Sandbox.jpg.sha1 | 1 + ...-card-F-101_White_Monitor_from-Sandbox.jpg.sha1 | 1 + ...LG-10-S-102_Black_Monitor_from-Sandbox.jpg.sha1 | 1 + ...LG-11-S-101_White_Monitor_from-Sandbox.jpg.sha1 | 1 + ...LG-12-S-101_Black_Monitor_from-Sandbox.jpg.sha1 | 1 + ...-LG-2-F-101_Black_Monitor_from-Sandbox.jpg.sha1 | 1 + ...-LG-3-B-113_White_Monitor_from-Sandbox.jpg.sha1 | 1 + ...-LG-4-B-113_Black_Monitor_from-Sandbox.jpg.sha1 | 1 + ...LG-5-B-102F_White_Monitor_from-Sandbox.jpg.sha1 | 1 + ...LG-6-B-102F_Black_Monitor_from-Sandbox.jpg.sha1 | 1 + ...-LG-7-S-103_White_Monitor_from-Sandbox.jpg.sha1 | 1 + ...-LG-8-S-103_Black_Monitor_from-Sandbox.jpg.sha1 | 1 + ...-LG-9-S-102_White_Monitor_from-Sandbox.jpg.sha1 | 1 + .../lg-chromebase-22cv241-w/index.md | 120 + .../index.md | 191 + .../arm-chromebook-bottom-screw.jpg.sha1 | 1 + .../arm-chromebook-inside-annotated.jpg.sha1 | 1 + .../arm-chromebook-inside.jpg.sha1 | 1 + .../samsung-arm-chromebook/index.md | 316 + .../snow-bottom-guts.jpg.sha1 | 1 + .../samsung-arm-chromebook/snow-top-guts.jpg.sha1 | 1 + .../samsung-arm-chromebook/snow-top-guts.xcf.sha1 | 1 + .../samsung-chromebook-2/index.md | 169 + .../coreboot-vmx-hack/index.md | 301 + .../samsung-sandy-bridge/index.md | 319 + .../samsung-sandy-bridge/lumpy-case.jpg.sha1 | 1 + .../samsung-sandy-bridge/lumpy-dev-switch.jpg.sha1 | 1 + .../lumpy-internals-bare.jpg.sha1 | 1 + .../lumpy-internals-top.jpg.sha1 | 1 + .../samsung-sandy-bridge/lumpy-internals.jpg.sha1 | 1 + .../samsung-sandy-bridge/lumpy.jpg.sha1 | 1 + .../stumpy-bottom-bare.jpg.sha1 | 1 + .../stumpy-bottom-cards.jpg.sha1 | 1 + .../stumpy-dev-switch.jpg.sha1 | 1 + .../samsung-sandy-bridge/stumpy-top-bare.jpg.sha1 | 1 + .../samsung-sandy-bridge/stumpy-top-full.jpg.sha1 | 1 + .../samsung-sandy-bridge/stumpy-top-mid.jpg.sha1 | 1 + .../samsung-sandy-bridge/stumpy.jpg.sha1 | 1 + .../samsung-series-5-chromebook/a.jpg.sha1 | 1 + .../alex-bottom-guts-no-battery.jpg.sha1 | 1 + .../alex-bottom-guts.jpg.sha1 | 1 + .../alex-top-guts.jpg.sha1 | 1 + .../alex_reset.jpg.sha1 | 1 + .../samsung-series-5-chromebook/b.jpg.sha1 | 1 + .../samsung-series-5-chromebook/cc.jpg.sha1 | 1 + .../samsung-series-5-chromebook/index.md | 299 + .../c720-chromebook-innards.png.sha1 | 1 + .../chromebook_leon_write_protect.jpg.sha1 | 1 + .../toshiba-cb30-chromebook/index.md | 111 + .../tp-link-onhub-tgr1900/index.md | 58 + .../tp-link-onhub-tgr1900/tplink_black.png.sha1 | 1 + .../tp-link-onhub-tgr1900/tplink_blue.png.sha1 | 1 + .../tp-link-onhub-tgr1900/tplink_top.jpg.sha1 | 1 + .../whirlwind-dev-screw.jpg.sha1 | 1 + .../index.md | 127 + .../index.md | 249 + .../index.md | 44 + .../810-10117-03_20151211_dingdong_SCH_0.pdf.sha1 | 1 + .../dingdong/DingDong Block Diagram.png.sha1 | 1 + .../dingdong/chromium-os-dingdong.tar.bz2.sha1 | 1 + .../website/site/chromium-os/dingdong/index.md | 111 + .../website/site/chromium-os/donnettes/index.md | 15 + .../donnettes/smart receptacle-05042017.pdf.sha1 | 1 + .../ec-development/ap-ec-communication/index.md | 11 + .../ec-development/charge-manager/index.md | 169 + .../chromium-os/ec-development/ec-3po/index.md | 13 + .../ec-image-geometry-spec/cr50.png.sha1 | 1 + .../ec-development/ec-image-geometry-spec/index.md | 395 + .../ec-image-geometry-spec/storage2.png.sha1 | 1 + .../index.md | 65 + .../site/chromium-os/ec-development/index.md | 10 + .../ec-development/stack-size-analyzer/index.md | 682 + .../PD Low Battery Boot.png.sha1 | 1 + .../ec-development/usb-low-power-boot/index.md | 132 + .../usb-low-power-boot/new_low_bat.png.sha1 | 1 + .../usb-low-power-boot/samus_low_bat.png.sha1 | 1 + .../site/chromium-os/external-bsp-hosting/index.md | 365 + .../index.md | 85 + .../firmware-porting-guide/1-overview/index.md | 337 + .../1-overview/the-crosfw-script/index.md | 88 + .../2-concepts/Verified Boot Flow.png.sha1 | 1 + .../firmware-porting-guide/2-concepts/index.md | 349 + .../firmware-ec-write-protection/index.md | 95 + .../firmware-porting-guide/fmap/index.md | 360 + .../chromium-os/firmware-porting-guide/index.md | 122 + .../firmware-porting-guide/u-boot-drivers/index.md | 1447 ++ .../site/chromium-os/firmware-summit/index.md | 18 + .../site/chromium-os/firmware-update/index.md | 328 + .../site/chromium-os/forced-re-enrollment/index.md | 51 + .../docs/website/site/chromium-os/fwmp/index.md | 107 + .../gentoo-package-upgrade-process/index.md | 436 + .../ChromeOSCompatibilitylist-20091121-A.xlsx.sha1 | 1 + .../dev-hardware-list/icon-checkmark.gif.sha1 | 1 + .../dev-hardware-list/index.md | 470 + .../site/chromium-os/getting-dev-hardware/index.md | 21 + .../glmark2-9999.ebuild | 54 + .../getting-started-with-glmark2/index.md | 96 + .../getting-started-with-platform2/index.md | 14 + .../site/chromium-os/gfx-test-notes/index.md | 217 + .../glitch-vulnerability-status/index.md | 39 + .../hoho/810-10116-02_20150109_hdmi_SCH_0.pdf.sha1 | 1 + .../hoho/HoHo Block Diagram (1).png.sha1 | 1 + .../chromium-os/hoho/HoHo Block Diagram.png.sha1 | 1 + .../chromium-os/hoho/chromium-os-hoho.tar.bz2.sha1 | 1 + .../docs/website/site/chromium-os/hoho/index.md | 106 + .../a-brief-perf-how-to/index.md | 121 + .../a-brief-perf-how-to/perf.patch.txt | 24 + .../add-a-new-package/index.md | 59 + .../.config.sha1 | 1 + .../boot-mainline-kernel-on-veyron-jaq/cmdline | 18 + .../boot-mainline-kernel-on-veyron-jaq/index.md | 144 + .../rk3228-veyron-jaq.its | 36 + .../chrome-api-keys-in-the-chroot/index.md | 54 + .../building-chromium-browser/index.md | 14 + .../building-factory-test-images/index.md | 16 + .../chrome-with-libcras-on-gprecise/index.md | 42 + .../chromiumos-architecture-porting-guide/index.md | 61 + .../chromiumos-board-porting-guide/index.md | 638 + .../private-boards/index.md | 139 + .../create-a-cl/index.md | 31 + .../creating-local-mirrors/index.md | 105 + .../debugging-3g/index.md | 113 + .../debugging-3g/manual-e362-setup/index.md | 58 + .../modem-debugging-with-mmcli/index.md | 57 + .../debugging-features/index.md | 138 + .../debugging-hangs/index.md | 51 + .../debugging-tips/host-file-access/index.md | 67 + .../debugging-tips/index.md | 193 + .../debugging-tips/setting-up-tcpdump/index.md | 17 + .../debugging-tips/target-serial-access/index.md | 178 + .../developer-faq/index.md | 137 + .../extension-support-for-app-webviews/index.md | 13 + .../force-out-of-box-experience-oobe/index.md | 19 + .../GSM PIN code types.png.sha1 | 1 + .../get-a-3g-modem-running/index.md | 242 + .../git-helpers/index.md | 33 + .../git-server-side-information/index.md | 28 + .../git-troubleshooting/index.md | 102 + .../helper-scripts/index.md | 90 + .../how-tos-and-troubleshooting/index.md | 13 + .../install-software-on-base-images/index.md | 134 + .../kernel-configuration/index.md | 273 + .../kernel_config_diag.png.sha1 | 1 + .../kernel_config_diag.svg.sha1 | 1 + .../kernel-faq/index.md | 13 + .../kernel-rebase-notes/index.md | 768 + .../llvm-clang-build/index.md | 39 + ...m-panel-add-Kingdisplay-kd097d04-panel-dr.patch | 560 + ...m-Add-drm_master_relax-debugfs-file-non-r.patch | 173 + ...m-Allow-DRM_IOCTL_MODE_MAP_DUMB-for-rende.patch | 58 + ...m-Allow-render-node-access-to-KMS-getters.patch | 87 + ...m-Allow-DRM_IOCTL_MODE_DESTROY_DUMB-for-r.patch | 48 + ...6-CHROMIUM-drm-rockchip-Enable-rendernode.patch | 32 + ...0007-CHROMIUM-drm-rockchip-Add-GEM-ioctls.patch | 227 + ...vert-drm-vgem-create-a-render-node-for-vg.patch | 35 + .../index.md | 124 + .../index.md | 193 + .../measuring-boot-time-performance/index.md | 311 + .../modemmanager/index.md | 58 + .../network-based-development/index.md | 723 + .../nfs-quickstart/index.md | 152 + .../openvpn-manual-setup/index.md | 31 + .../portage-build-faq/index.md | 13 + .../remote-debugging/index.md | 136 + .../Screenshot-QEMU-KVM.png.sha1 | 1 + .../index.md | 13 + .../serial-debugging-howto/index.md | 185 + .../tsc-resynchronization/index.md | 148 + .../upgrade-ebuild-eapis/index.md | 227 + .../using-an-upstream-kernel-on-snow/index.md | 267 + .../using-the-dev-server/index.md | 13 + .../xbuddy-for-devserver/index.md | 20 + .../Screenshot from 2013-04-08 13_46_48.png.sha1 | 1 + .../visualizing-the-rootfs/index.md | 44 + .../working-on-a-branch/index.md | 14 + .../working-with-your-overlay-faq/index.md | 71 + chromium/docs/website/site/chromium-os/index.md | 128 + .../lazy-fp-restore-vulnerability-status/index.md | 185 + .../licensing/building-a-distro/index.md | 113 + .../website/site/chromium-os/licensing/index.md | 36 + .../licensing-for-chromiumos-developers/index.md | 220 + .../index.md | 184 + .../site/chromium-os/mds-on-chromeos/index.md | 253 + .../meltdown-spectre-vulnerability-status/index.md | 1454 ++ ...5W Type-C Adapter Control Board 150710.gif.sha1 | 1 + ...5W Type-C Adapter Control Board 150710.pdf.sha1 | 1 + .../website/site/chromium-os/minimuffin/index.md | 64 + .../obsolete/energy-aware-scheduling/index.md | 61 + .../website/site/chromium-os/obsolete/index.md | 10 + .../chromium-os/obsolete/monitoring-tools/index.md | 156 + .../obsolete/monitoring-tools/timeline.jpg.sha1 | 1 + .../obsolete/portage-package-status/index.md | 176 + .../chromium-os/obsolete/quiche-notes/index.md | 284 + .../site/chromium-os/obsolete/recall/index.md | 175 + .../Properties for src.png.sha1 | 1 + .../Resource Filters.png.sha1 | 1 + .../c++ build env.png.sha1 | 1 + .../c++ build.png.sha1 | 1 + .../chrome remote main.png.sha1 | 1 + .../debug connection.png.sha1 | 1 + .../debugger main.png.sha1 | 1 + .../debugger shared libraries.png.sha1 | 1 + .../index.md | 28 + .../resource-filters.png.sha1 | 1 + .../obsolete/using-sdk-standalone/index.md | 96 + .../packages/biod/biod_diagram.png.sha1 | 1 + .../site/chromium-os/packages/biod/index.md | 12 + .../crash-reporting/debugging-a-minidump/index.md | 200 + .../packages/crash-reporting/faq/index.md | 520 + .../chromium-os/packages/crash-reporting/index.md | 19 + .../index.md | 96 + .../chromium-os/packages/cros-flashrom/index.md | 336 + .../chromium-os/packages/implicit-system/index.md | 126 + .../website/site/chromium-os/packages/index.md | 129 + .../site/chromium-os/packages/libchrome/index.md | 16 + .../site/chromium-os/packages/libchromeos/index.md | 185 + .../site/chromium-os/packages/portage/index.md | 135 + .../power_manager/battery-notifications/index.md | 14 + .../power_manager/inactivity-delays/index.md | 14 + .../chromium-os/packages/power_manager/index.md | 11 + .../packages/power_manager/input/index.md | 14 + .../power_manager/keyboard-backlight/index.md | 14 + .../power_manager/screen-brightness/index.md | 14 + .../power_manager/suspend-and-resume/index.md | 14 + .../suspend-and-resume/suspend_flowchart.png.sha1 | 1 + .../site/chromium-os/packages/pydevi2c/index.md | 13 + .../site/chromium-os/plankton/IMG_5169.jpg.sha1 | 1 + .../Plankton Raiden MCU command table.pdf.sha1 | 1 + .../Plankton Raiden Software Care & Feed.jpg.sha1 | 1 + .../Plankton_raiden block diagram.png.sha1 | 1 + .../site/chromium-os/plankton/buttons.jpeg.sha1 | 1 + .../website/site/chromium-os/plankton/index.md | 312 + .../site/chromium-os/plankton/leds.jpeg.sha1 | 1 + .../plankton/plankton-master.tar.gz.sha1 | 1 + .../website/site/chromium-os/platform/index.md | 205 + .../dev.bmp.sha1 | 1 + .../poking-around-your-chrome-os-device/index.md | 9 + .../meh2.jpg.sha1 | 1 + .../tdev.bmp.sha1 | 1 + .../chromium-os/profiling-in-chromeos/index.md | 122 + .../website/site/chromium-os/python-mock/index.md | 90 + .../chromium-os/python-style-guidelines/index.md | 9 + .../site/chromium-os/quick-start-guide/index.md | 123 + .../site/chromium-os/security-advisories/index.md | 38 + .../810-10010-03_20120227_servo_SCH_0.pdf.sha1 | 1 + .../servo/IMG_20151019_085815 (1) (1).jpg.sha1 | 1 + .../docs/website/site/chromium-os/servo/LICENSE | 69 + .../servo/chromium_os_servo_v2.tar.gz.sha1 | 1 + .../servo/chromium_os_yoshi_flex.tar.gz.sha1 | 1 + .../site/chromium-os/servo/image00.jpg.sha1 | 1 + .../docs/website/site/chromium-os/servo/index.md | 11 + .../site/chromium-os/servo/servo-v2/index.md | 19 + .../site/chromium-os/servo/servo_v2_bot.jpg.sha1 | 1 + .../site/chromium-os/servo/servo_v2_top.jpg.sha1 | 1 + ...52-00166-05_20190308_servo_micro_SCH_0.pdf.sha1 | 1 + ...d Debug in Chromebooks and Servo Micro.pdf.sha1 | 1 + .../site/chromium-os/servo/servomicro/index.md | 19 + ...-00588-01_20170601_servo_v4_pvt1_SCH_0.pdf.sha1 | 1 + .../site/chromium-os/servo/servov4/index.md | 19 + .../chromium-os/shell-style-guidelines/index.md | 15 + .../sideload-android-apps-on-chromebook/index.md | 10 + .../chromium-os/stadia-on-chromebooks/index.md | 300 + .../adding-unit-tests-to-the-build/index.md | 13 + .../testing/afe-rpc-infrastructure/index.md | 86 + .../testing/anatomy-of-test-test/index.md | 56 + .../chromium-os/testing/arcplusplus-testing/arcp | 1 + .../testing/arcplusplus-testing/index.md | 10 + .../testing/autoserv-packaging/index.md | 232 + .../testing/autotest-and-ebuilds/index.md | 131 + .../testing/autotest-design-patterns/index.md | 403 + .../autotest-server-usage/index.md | 35 + .../testing/autotest-developer-faq/index.md | 720 + .../setup-autotest-server/index.md | 235 + .../ssh-test-keys-setup/index.md | 83 + .../autotest-graphics-documentation/index.md | 701 + .../chromium-os/testing/autotest-keyvals/index.md | 49 + .../testing/autotest-keyvals/perf-keyvals/index.md | 134 + .../autotest-user-doc/atest-diagram.png.sha1 | 1 + .../autotest-user-doc/atest-diagram.svg.sha1 | 1 + .../chromium-os/testing/autotest-user-doc/index.md | 13 + .../testing/building-and-running-tests/index.md | 330 + .../chromium-os/testing/cellular-testing/index.md | 22 + .../Chameleon Audio - New Page (4).png.sha1 | 1 + .../Chameleon Audio Board Block Diagram.png.sha1 | 1 + ...Chameleon Audio Board R1.1 Release PCB.zip.sha1 | 1 + .../Chameleon Audio Board R1.1 Release.pdf.sha1 | 1 + .../testing/chamelium-audio-board/index.md | 179 + .../chamelium-audio-streaming/IMG_0001.jpg.sha1 | 1 + .../chamelium-audio-streaming/IMG_0002.jpg.sha1 | 1 + .../chamelium-audio-streaming/IMG_0003.jpg.sha1 | 1 + .../Screenshot from 2017-03-07 17_51_43.png.sha1 | 1 + .../Screenshot from 2017-03-07 17_53_38.png.sha1 | 1 + .../testing/chamelium-audio-streaming/index.md | 261 + .../testing/chamelium-usb-audio/index.md | 37 + .../chamelium/CAT9883CRegisterRev01.pdf.sha1 | 1 + .../Chameleon Video - New Page (4).png.sha1 | 1 + ...B1_R1.2_Release %5Bfor external use%5D.pdf.sha1 | 1 + .../chamelium/Chameleon_B1_R1.1_BOM.xlsx.sha1 | 1 + .../Chameleon_B1_R1.2- Gerber file.zip.sha1 | 1 + .../chamelium/Chameleon_B1_R1.2_Release.brd.sha1 | 1 + .../testing/chamelium/FPGA pins.png.sha1 | 1 + .../chamelium/IT6506 Programming Guide.pdf.sha1 | 1 + .../IT6506_Datasheet_for_Google_v1.3.pdf.sha1 | 1 + .../IT6803 Programming Guide.1.05.pdf.sha1 | 1 + .../IT6803TE Datasheet_for_Google v0.83.pdf.sha1 | 1 + .../cat9883c_datasheet_for_Google_Rev1 3.pdf.sha1 | 1 + .../site/chromium-os/testing/chamelium/index.md | 441 + .../chamelium/png;base644fb8f58c45521404.png.sha1 | 1 + .../chamelium/s2mbf9hZBTGKMFHBgqQqDiA.png.sha1 | 1 + .../chamelium/s3x3vmsvmeWSlhdK4GEG60A.png.sha1 | 1 + .../chamelium/sjR3S5TzIrNaCyuUbwvWwbA.png.sha1 | 1 + .../chamelium/spstW8nBPTZeJhUk-NjRnQg.png.sha1 | 1 + .../chamelium/swKcCTHdtRXI6IJ-pzsZR9Q.png.sha1 | 1 + ...dce37849ec8330f7cbfa01135983984ec24.tar.gz.sha1 | 1 + .../testing/collecting-stats-for-graphite/index.md | 182 + .../testing/common-testing-workflows/index.md | 205 + .../site/chromium-os/testing/cros-autotest/cap | 1 + .../chromium-os/testing/cros-autotest/index.md | 10 + .../dynamic-suites/dynamic-test-suites/index.md | 441 + .../chromium-os/testing/dynamic-suites/index.md | 11 + .../test-dependencies-in-dynamic-suites/index.md | 126 + .../testing/dynamic-test-suites/index.md | 257 + .../testing/existing-autotest-utilities/index.md | 11 + .../site/chromium-os/testing/gs-offloader/index.md | 84 + .../testing/hardware_qualification/HWQual.pdf.sha1 | 1 + .../testing/hardware_qualification/index.md | 10 + .../docs/website/site/chromium-os/testing/index.md | 131 + .../testing/infrastructure-components/index.md | 70 + .../infrastructure-components/keyvals/index.md | 51 + .../site/chromium-os/testing/moblab-faq/index.md | 13 + .../testing/moblab/cpcon-release-notes/index.md | 19 + ... Automated Firmware Tests) with MobLab.png.sha1 | 1 + .../create_job_faft.png.sha1 | 1 + .../moblab/faft-testing-with-moblab/index.md | 13 + .../servo v2 diagram.png.sha1 | 1 + .../site/chromium-os/testing/moblab/index.md | 30 + .../testing/moblab/mob-monitor/index.md | 13 + .../testing/moblab/mob-monitor/mobmonitor.png.sha1 | 1 + .../moblab/mob-monitor/mobmonitor_colours.png.sha1 | 1 + .../mob-monitor/mobmonitor_main_page.png.sha1 | 1 + .../mob-monitor/mobmonitor_repair_dialog.png.sha1 | 1 + .../moblab/overview-of-moblab/image00.png.sha1 | 1 + .../moblab/overview-of-moblab/image01.png.sha1 | 1 + .../testing/moblab/overview-of-moblab/index.md | 230 + .../pre-requirements-of-issue-creation/index.md | 40 + .../moblab/releasenotes/5AjtD5fj5XrBV3X.png.sha1 | 1 + .../moblab/releasenotes/65cXCzDADkz.png.sha1 | 1 + .../moblab/releasenotes/7tG9QTai4PUH2ue.png.sha1 | 1 + .../moblab/releasenotes/944NKgXvoL9ubsp.png.sha1 | 1 + .../Screenshot from 2014-09-02 17_21_38.png.sha1 | 1 + .../Screenshot from 2014-09-02 17_21_50.png.sha1 | 1 + .../testing/moblab/releasenotes/index.md | 606 + .../testing/moblab/releasenotes/mob1.png.sha1 | 1 + .../testing/moblab/releasenotes/mob2.png.sha1 | 1 + .../Screenshot from 2014-09-02 17_21_38.png.sha1 | 1 + .../Screenshot from 2014-09-02 17_21_50.png.sha1 | 1 + .../testing/moblab/setup/Selection_968.png.sha1 | 1 + .../testing/moblab/setup/Selection_970.png.sha1 | 1 + .../testing/moblab/setup/Selection_971.png.sha1 | 1 + .../testing/moblab/setup/Selection_972.png.sha1 | 1 + .../testing/moblab/setup/Selection_973.png.sha1 | 1 + .../testing/moblab/setup/image00.png.sha1 | 1 + .../testing/moblab/setup/image01.png.sha1 | 1 + .../testing/moblab/setup/image02.png.sha1 | 1 + .../testing/moblab/setup/image03.png.sha1 | 1 + .../site/chromium-os/testing/moblab/setup/index.md | 17 + .../testing/moblab/user-manual/index.md | 15 + .../moblab/usingmoblab/Selection_945.png.sha1 | 1 + .../moblab/usingmoblab/Selection_946.png.sha1 | 1 + .../testing/moblab/usingmoblab/image00.png.sha1 | 1 + .../testing/moblab/usingmoblab/image01.png.sha1 | 1 + .../testing/moblab/usingmoblab/image02.png.sha1 | 1 + .../testing/moblab/usingmoblab/image03.png.sha1 | 1 + .../testing/moblab/usingmoblab/index.md | 15 + .../Selection_977.png.sha1 | 1 + .../Selection_978.png.sha1 | 1 + .../Selection_980.png.sha1 | 1 + .../Selection_982.png.sha1 | 1 + .../moblab/view-test-result-vis-wmatrix/index.md | 53 + .../site/chromium-os/testing/perf-data/index.md | 371 + .../testing/perf-regression-detection/index.md | 114 + .../chromium-os/testing/power-testing/index.md | 12 + .../testing/power-testing/pltp/index.md | 12 + .../chromium-os/testing/power-testing/pltp/meetp | 1 + .../chromium-os/testing/power-testing/pltp/meetu | 1 + .../chromium-os/testing/power-testing/pltp/pltg | 1 + .../chromium-os/testing/power-testing/pltp/pltp | 1 + .../testing/power-testing/pltp/pltp_rand | 1 + .../chromium-os/testing/power-testing/pltp/pltu | 1 + .../testing/power-testing/pltp/pltu_rand | 20 + .../chromium-os/testing/qemu-unittests/index.md | 11 + .../running-smoke-suite-on-a-vm-image/index.md | 263 + .../running-unit-tests-on-the-target/index.md | 60 + .../testing/specific-test-documentation/index.md | 11 + .../chromium-os/testing/suite_scheduler-1/index.md | 105 + .../chromium-os/testing/suite_scheduler/index.md | 10 + .../autotest-client-helper-libraries/index.md | 86 + .../autotest-results-logs/index.md | 205 + .../basic-ebuild-troubleshooting/index.md | 178 + .../test-code-labs/autotest-client-tests/index.md | 458 + .../test-code-labs/dynamic-suite-codelab/index.md | 372 + .../chromium-os/testing/test-code-labs/index.md | 16 + .../test-code-labs/server-side-test/control | 24 + .../test-code-labs/server-side-test/index.md | 855 + .../server-side-test/power_MyBacklightTest.py | 190 + .../test-dependencies-in-dynamic-suites/index.md | 95 + .../chromium-os/testing/test-lab-setup/index.md | 110 + .../site/chromium-os/testing/test-suites/index.md | 513 + .../testing/writing-and-developing-tests/index.md | 160 + .../test-deps-faq/index.md | 232 + .../testing-your-changes-faq/index.md | 92 + .../writing-tests-faq/index.md | 388 + .../index.md | 806 + .../site/chromium-os/tpm_firmware_update/index.md | 467 + .../twinkie/PulseviewRequestAccept.png.sha1 | 1 + .../twinkie/PulseviewSourceCap_request.png.sha1 | 1 + .../chromium-os/twinkie/Twinkie-diagram.png.sha1 | 1 + .../index.md | 49 + .../twinkie/chromium-os-twinkie-v2.tar.bz2.sha1 | 1 + .../docs/website/site/chromium-os/twinkie/index.md | 334 + .../twinkie/older-sigrok-packages/index.md | 102 + .../twinkie_v1.1.2705-bc6d966.combined.bin.sha1 | 1 + .../twinkie/pulseview_3packets.png.sha1 | 1 + .../chromium-os/twinkie/pulseview_VBUS_V.png.sha1 | 1 + .../twinkie/pulseview_VBUS_V_A.png.sha1 | 1 + .../twinkie/pulseview_zoom_packet.png.sha1 | 1 + .../twinkie/pulseview_zoom_packetx3.png.sha1 | 1 + .../twinkie/twinkie_programming.jpg.sha1 | 1 + .../twinkie/twinkie_v1.11.19-9e81762f2.bin.sha1 | 1 + .../twinkie/twinkie_v1.11.20-005227d8f.bin.sha1 | 1 + .../twinkie_v1.11.21-3e33e08af.webusb.bin.sha1 | 1 + .../site/chromium-os/twinkie/twinkies-1.png.sha1 | 1 + .../site/chromium-os/twinkie/twinkies-2.png.sha1 | 1 + .../site/chromium-os/twinkie/twinkies-3.png.sha1 | 1 + .../Type C on a Chromebook.jpg.sha1 | 1 + .../Type C on a Chromebook.png.sha1 | 1 + .../type-c-on-rk3399-chromebooks/index.md | 10 + .../chromium-os/u2f-ecdsa-vulnerability/index.md | 366 + .../site/chromium-os/unchecked_tpm_reset/index.md | 97 + .../chromium-os/user-experience/Concept.jpg.sha1 | 1 + .../chromium-os/user-experience/Concept2.jpg.sha1 | 1 + .../user-experience/access-points/apppng.sha1 | 1 + .../user-experience/access-points/index.md | 31 + .../site/chromium-os/user-experience/ajpg.sha1 | 1 + .../site/chromium-os/user-experience/bjpg.sha1 | 1 + .../site/chromium-os/user-experience/cjpg.sha1 | 1 + .../content-browser/ContentBrowserPanel1.png.sha1 | 1 + .../content-browser/ContentBrowserPanel2.png.sha1 | 1 + .../user-experience/content-browser/Full.png.sha1 | 1 + .../user-experience/content-browser/index.md | 52 + .../site/chromium-os/user-experience/djpg.sha1 | 1 + .../user-experience/form-factors/Desktop.png.sha1 | 1 + .../user-experience/form-factors/Display.png.sha1 | 1 + .../form-factors/Form Factors.png.sha1 | 1 + .../user-experience/form-factors/Tablet.png.sha1 | 1 + .../user-experience/form-factors/index.md | 99 + .../user-experience/form-factors/laptop.png.sha1 | 1 + .../user-experience/form-factors/netbook.png.sha1 | 1 + .../form-factors/tablet/Tablet.png.sha1 | 1 + .../user-experience/form-factors/tablet/index.md | 59 + .../form-factors/tablet/tablet2.100.png.sha1 | 1 + .../form-factors/tablet/tablet2.105.png.sha1 | 1 + .../form-factors/tablet/tablet2.106.png.sha1 | 1 + .../form-factors/tablet/tablet2.107.png.sha1 | 1 + .../form-factors/tablet/tablet2.108.png.sha1 | 1 + .../form-factors/tablet/tablet2.109.png.sha1 | 1 + .../form-factors/tablet/tablet2.141.png.sha1 | 1 + .../form-factors/tablet/tablet2.150.png.sha1 | 1 + .../form-factors/tablet/tablet_concept.mp4.sha1 | 1 + .../form-factors/tablet/video_still.png.sha1 | 1 + .../site/chromium-os/user-experience/index.md | 9 + .../user-experience/opensave-dialogs/Open.png.sha1 | 1 + .../user-experience/opensave-dialogs/Save.png.sha1 | 1 + .../user-experience/opensave-dialogs/index.md | 38 + .../panels/Chrome-OS-Panels.png.sha1 | 1 + .../chromium-os/user-experience/panels/index.md | 96 + .../user-experience/panels/panel-spec.png.sha1 | 1 + .../user-experience/panels/panelspng.sha1 | 1 + .../user-experience/panels/windowstylespng.sha1 | 1 + .../user-experience/sdres_0000_Basic.png.sha1 | 1 + .../user-experience/sdres_0001_App-Menu.png.sha1 | 1 + .../user-experience/sdres_0002_Panels.png.sha1 | 1 + .../user-experience/settings/1-General.png.sha1 | 1 + .../user-experience/settings/2-Internet.png.sha1 | 1 + .../user-experience/settings/3-Browser.png.sha1 | 1 + .../settings/4-PersonalStuff.png.sha1 | 1 + .../settings/5-UnderTheHood.png.sha1 | 1 + .../chromium-os/user-experience/settings/index.md | 54 + .../user-experience/shelf/Shelf.png.sha1 | 1 + .../chromium-os/user-experience/shelf/index.md | 37 + .../system-status-icons/NetworkMenu.png.sha1 | 1 + ...een shot 2009-12-01 at 12.23.56 PM.PNG.png.sha1 | 1 + .../user-experience/system-status-icons/index.md | 43 + .../chromium-os/user-experience/tab-ui/index.md | 35 + .../user-experience/tab-ui/tab_stripspng.sha1 | 1 + .../user-experience/video_placeholderpng.sha1 | 1 + .../window-management/Chrome-OS-Overlay.png.sha1 | 1 + .../window-management/Overview.app.1.0.0.zip.sha1 | 1 + .../window-management/Overview.png.sha1 | 1 + .../window-management/OverviewSketch.png.sha1 | 1 + .../user-experience/window-management/index.md | 53 + .../user-experience/window-ui/TouchNav.png.sha1 | 1 + .../user-experience/window-ui/TouchUI.png.sha1 | 1 + .../user-experience/window-ui/compact_navpng.sha1 | 1 + .../chromium-os/user-experience/window-ui/index.md | 111 + .../user-experience/window-ui/navpng.sha1 | 1 + .../user-experience/window-ui/side_navpng.sha1 | 1 + .../site/chromium-os/usi-enabled-devices/index.md | 138 + .../works-with-chromebook-certified/index.md | 12 + .../site/chromium-projects/chrome-24.png.sha1 | 1 + .../site/chromium-projects/chrome-32.png.sha1 | 1 + .../site/chromium-projects/chrome-64.png.sha1 | 1 + .../docs/website/site/chromium-projects/index.md | 49 + .../logo_chrome_color_1x_web_32dp.png.sha1 | 1 + chromium/docs/website/site/conduct/index.md | 11 + .../app/images/customLogo/customLogo.gif.sha1 | 1 + .../docs/website/site/config/customLogo.gif.sha1 | 1 + chromium/docs/website/site/contact/index.md | 20 + .../website/site/dev-sentence-diagram.jpg.sha1 | 1 + .../Web-page-views/WebContents.graffle.sha1 | 1 + .../developers/Web-page-views/WebContents.png.sha1 | 1 + .../Web-page-views/WebContents2.png.sha1 | 1 + .../Web-page-views/WebContents3.png.sha1 | 1 + .../site/developers/Web-page-views/index.md | 28 + .../developers/about-signin-internals/index.md | 77 + .../chromevox-on-desktop-linux/index.md | 12 + .../developers/accessibility/chromevox/index.md | 12 + .../accessibility/html-accessibility/index.md | 159 + .../website/site/developers/accessibility/index.md | 68 + .../accessibility/linux-accessibility/index.md | 24 + .../accessibility/mac-accessibility/index.md | 95 + .../testing/automated-testing/ax-inspect/index.md | 168 + .../testing/automated-testing/index.md | 121 + .../accessibility/testing/axe-core/index.md | 277 + .../site/developers/accessibility/testing/index.md | 16 + .../accessibility/views-accessibility/index.md | 91 + .../accessibility/webkit-accessibility/index.md | 38 + .../webui-accessibility-audit/index.md | 132 + .../accessibility/windows-accessibility/index.md | 121 + .../developers/adding-3rd-party-libraries/index.md | 11 + .../site/developers/android-eclipse-dev/index.md | 10 + .../androidwebview/android-webview-beta/index.md | 20 + .../android-webview-beta/screen.png.sha1 | 1 + .../site/developers/androidwebview/index.md | 26 + .../androidwebview/webview-ct-bug/index.md | 172 + .../website/site/developers/applescript/index.md | 23 + .../site/developers/bisect-builds-py/index.md | 153 + .../developers/blink-gc-plugin-errors/index.md | 509 + .../site/developers/calendar/Chrome RC.png.sha1 | 1 + .../site/developers/calendar/Chrome RCX.png.sha1 | 1 + .../calendar/Chrome Release Cycle 6.png.sha1 | 1 + .../docs/website/site/developers/calendar/index.md | 542 + .../website/site/developers/change-logs/index.md | 36 + .../website/site/developers/checkstyle/index.md | 160 + .../site/developers/chromium-string-usage/index.md | 96 + .../website/site/developers/clang-mac/index.md | 46 + .../index.md | 17 + .../cluster-telemetry/6bAxkmCFOA8.png.sha1 | 1 + .../cluster-telemetry/LW5ZqMVpXdw.png.sha1 | 1 + .../site/developers/cluster-telemetry/index.md | 110 + .../developers/code-browsing-in-chromium/index.md | 27 + .../website/site/developers/code-coverage/index.md | 9 + .../chromium-style-checker-errors/index.md | 492 + .../coding-style/cocoa-dos-and-donts/index.md | 94 + .../coding-style/cpp-dos-and-donts/index.md | 14 + .../index.md | 214 + .../website/site/developers/coding-style/index.md | 14 + .../site/developers/coding-style/java/index.md | 13 + .../developers/committers-responsibility/index.md | 94 + .../corruption.png.sha1 | 1 + .../common-terms--techno-babble/index.md | 9 + .../developers/content-module/Content.png.sha1 | 1 + .../developers/content-module/content-api/index.md | 11 + .../site/developers/content-module/index.md | 20 + .../contributing-code/-bug-syntax/index.md | 101 + .../contributing-code/direct-commit/index.md | 26 + .../external-contributor-checklist/index.md | 36 + .../contributing-code/flag-ownership/index.md | 12 + .../site/developers/contributing-code/index.md | 10 + .../index.md | 37 + .../contributing-code/watchlists/index.md | 12 + .../site/developers/core-principles/index.md | 159 + .../core-principles/no-hidden-preferences/index.md | 52 + .../cpp-in-chromium-101-codelab/index.md | 12 + .../crash-with-invalid-handle/index.md | 188 + .../handle-file-upload-scheme/index.md | 116 + .../website/site/developers/crash-reports/index.md | 257 + .../creating-and-using-profiles/index.md | 70 + .../0-prof-only.png.sha1 | 1 + .../1-plot-internal.png.sha1 | 1 + .../2-distorted.png.sha1 | 1 + .../3-undistorted.png.sha1 | 1 + .../4-autoscale.png.sha1 | 1 + .../Screen Shot 2013-10-06 at 7.33.59 PM.png.sha1 | 1 + .../Screen Shot 2014-09-14 at 1.20.48 PM.png.sha1 | 1 + .../Screen Shot 2014-09-14 at 1.27.21 PM.png.sha1 | 1 + .../creating-v8-profiling-timeline-plots/index.md | 153 + .../developers/debugging-with-crash-keys/index.md | 9 + .../site/developers/decoding-crash-dumps/index.md | 107 + .../cpp-object-type-identifier/index.md | 127 + .../site/developers/deep-memory-profiler/index.md | 582 + .../design-documents/64-bit-support/index.md | 28 + .../about-conflicts/incompatibility_thumb.png.sha1 | 1 + .../design-documents/about-conflicts/index.md | 135 + .../accessibility/Event_Watcher_Toolbar.jpg.sha1 | 1 + .../accessibility/Inspect_Toolbar.jpg.sha1 | 1 + .../accessibility/chrome-a11y-2010-09-02.zip.sha1 | 1 + .../chrome_font_and_languages.png.sha1 | 1 + .../accessibility/chrome_toolbar.jpg.sha1 | 1 + .../accessibility/create_shortcut.png.sha1 | 1 + .../accessibility/custom_colors.png.sha1 | 1 + .../accessibility/flag_added.png.sha1 | 1 + .../design-documents/accessibility/index.md | 173 + .../accessibility/properties.png.sha1 | 1 + .../CSUN_Accessibility_in_the_Cloud.pdf.sha1 | 1 + .../tracker/CSUN_Accessibility_in_the_Cloud.txt | 159 + ..._Web_Platforms_Content_andApplications.pdf.sha1 | 1 + ...s_To_Web_Platforms_Content_and_Applications.txt | 330 + .../ChromeWindowsAccessIssueTracker(public).csv | 89 + .../accessibility/tracker/index.md | 23 + .../accessibility/xoom_menu.png.sha1 | 1 + .../design-documents/advancedspellchecker/index.md | 133 + .../design-documents/android-jni/index.md | 11 + .../design-documents/applescript/index.md | 116 + .../design-documents/appmode-mac/index.md | 343 + .../Chrome Graphics Infrastructure.png.sha1 | 1 + .../aura-desktop-window-manager/index.md | 252 + .../Screenshot 2012-05-23 5-48-07 PM.png.sha1 | 1 + .../Screenshot 2012-06-20 6_31_36 PM.png.sha1 | 1 + .../Screenshot 2012-06-26 3_50_42 PM.png.sha1 | 1 + .../aura/ash-color-chooser/col.png.sha1 | 1 + .../aura/ash-color-chooser/index.md | 71 + .../ChromeAshViewsAuradependencies.png.sha1 | 1 + .../aura/aura-and-shell-dependencies/index.md | 19 + .../aura/aura-overview/Aura.graffle.sha1 | 1 + .../aura/aura-overview/Aura.png.sha1 | 1 + .../aura/aura-overview/EventFlow.graffle.sha1 | 1 + .../aura/aura-overview/EventFlow.png.sha1 | 1 + .../design-documents/aura/aura-overview/index.md | 55 + .../aura/client-api/ClientAPI.graffle.sha1 | 1 + .../aura/client-api/ClientAPI.png.sha1 | 1 + .../design-documents/aura/client-api/index.md | 76 + .../aura/event-handling/arch4.png.sha1 | 1 + .../design-documents/aura/event-handling/index.md | 69 + .../aura/focus-and-activation/index.md | 72 + .../gesture-recognizer-tests/index.md | 135 + .../aura/gesture-recognizer/index.md | 191 + .../output.png.1379091770284.png.sha1 | 1 + .../ChromeGraphicsArchitecture.graffle.sha1 | 1 + .../ChromeGraphicsArchitecture.png.sha1 | 1 + .../aura/graphics-architecture/index.md | 74 + .../site/developers/design-documents/aura/index.md | 49 + .../layout-managers/LayoutManager.graffle.sha1 | 1 + .../aura/layout-managers/LayoutManager.png.sha1 | 1 + .../design-documents/aura/layout-managers/index.md | 34 + .../design-documents/aura/multi-desktop/index.md | 52 + .../design-documents/aura/system-tray/index.md | 278 + .../design-documents/aura/views/Views.graffle.sha1 | 1 + .../design-documents/aura/views/Views.png.sha1 | 1 + .../design-documents/aura/views/index.md | 29 + .../index.md | 428 + .../automaticspellingcorrection/index.md | 90 + .../BlinkCoordinates.png.sha1 | 1 + .../blink-coordinate-spaces/index.md | 107 + .../blink-coordinate-spaces/menu.png.sha1 | 1 + .../blink-scrollbarthemes/index.md | 43 + .../blocking-cross-site-documents/index.md | 164 + .../bluetooth-design-docs/index.md | 35 + .../WebBluetoothThroughBluetoothAndroid.dia.sha1 | 1 + .../WebBluetoothThroughBluetoothAndroid.svg.sha1 | 1 + .../index.md | 21 + .../browser-components/cookbook/index.md | 14 + .../design-documents/browser-components/index.md | 26 + .../browser-window/BrowserWindow.graffle.sha1 | 1 + .../browser-window/BrowserWindow.png.sha1 | 1 + .../browser-window/BrowserWindow2.png.sha1 | 1 + .../browser-window/LunaBrowserWindow.png.sha1 | 1 + .../design-documents/browser-window/index.md | 50 + .../ChapsArchitecture.png.sha1 | 1 + .../chaps-technical-design/ChapsStack.png.sha1 | 1 + .../chaps-technical-design/ClassHierarchy.png.sha1 | 1 + .../chaps-technical-design/KeyHierarchy.png.sha1 | 1 + .../chaps-technical-design/index.md | 537 + .../design-documents/chromeviews/index.md | 106 + .../debugging-with-nsight/index.md | 72 + .../chromium-graphics/graphics.png.sha1 | 1 + .../gpuraster.png.sha1 | 1 + .../how-to-get-gpu-rasterization/index.md | 95 + .../design-documents/chromium-graphics/index.md | 277 + .../mac-delegated-rendering/aura ubercomp.png.sha1 | 1 + .../mac-delegated-rendering/index.md | 348 + .../mac-delegated-rendering/mac ubercomp.png.sha1 | 1 + .../chromium-graphics/mac-impl-events/index.md | 15 + .../chromium-graphics/surfaces/index.md | 259 + .../design-documents/command-dispatch-mac/index.md | 140 + .../compositor-hit-testing/index.md | 105 + .../compositor-thread-architecture/index.md | 182 + .../confirm-to-quit-experiment/Content.png.sha1 | 1 + .../confirm-to-quit-experiment/index.md | 88 + .../constrained-popup-windows/index.md | 38 + .../index.md | 214 + .../cookbook/Life of a Browser Component.pdf.sha1 | 1 + .../developers/design-documents/cookbook/index.md | 290 + .../design-documents/cookbook/layercake.png.sha1 | 1 + .../cookie-prompt-replacement/index.md | 104 + .../design-documents/cookie-split-loading/index.md | 189 + .../cookie-split-loading/objects.pdf.sha1 | 1 + .../cookie-split-loading/objects.svg.sha1 | 1 + .../cookies-and-prerender/index.md | 68 + .../create-amazing-password-forms/index.md | 56 + .../developers/design-documents/crypto/index.md | 80 + .../dependency-management/index.md | 10 + .../api-specification/index.md | 167 + .../desktop-notifications/index.md | 124 + .../directwrite-font-cache/index.md | 565 + .../Removing DWrite font cache (1).png.sha1 | 1 + .../directwrite-font-proxy/index.md | 102 + .../Renderingintherenderer v2.ai.sha1 | 1 + .../Renderingintherenderer-v2.png.sha1 | 1 + .../Renderingintherenderer.ai.sha1 | 1 + .../displaying-a-web-page-in-chrome/index.md | 283 + .../layers.png.sha1 | 1 + .../rendering browser.png.sha1 | 1 + .../rendering renderer.png.sha1 | 1 + .../rendering renderer2.png.sha1 | 1 + .../design-documents/dns-prefetching/index.md | 207 + .../developers/design-documents/download/index.md | 151 + .../Download_complete.png.sha1 | 1 + .../Download_interrupted.png.sha1 | 1 + .../Download_restart.png.sha1 | 1 + .../Download_start.png.sha1 | 1 + .../Download_unpaused.png.sha1 | 1 + .../downloadmanagersequences/index.md | 58 + ...creen in Browser (1).png.1379119292169.png.sha1 | 1 + ...creen in Browser (2).png.1379119349348.png.sha1 | 1 + ...ullscreen in Browser.png.1379119228467.png.sha1 | 1 + .../index.md | 205 + .../encrypted-partition-recovery/index.md | 97 + .../design-documents/experiments/index.md | 46 + .../accessibility/index.md | 75 + .../api-pattern-design-doc/index.md | 346 + .../benchmark-lg.png.sha1 | 1 + .../benchmark-sm.png.sha1 | 1 + .../benchmark-sm2.png.sha1 | 1 + .../benchmark.crx.sha1 | 1 + .../chrome-benchmarking-extension/index.md | 79 + .../default-apps/index.md | 45 + .../how-docs-are-served/ExtSourceServer.png.sha1 | 1 + .../extension-doc-server.png.sha1 | 1 + .../docs/how-docs-are-served/index.md | 47 + .../docs/how-to-update-the-release-notes/index.md | 77 + .../how-the-extension-system-works/docs/index.md | 43 + .../extension-manifesto/index.md | 228 + .../how-the-extension-system-works/i18n/index.md | 326 + .../how-the-extension-system-works/index.md | 13 + .../developers/design-documents/extensions/img.txt | 1 + .../design-documents/extensions/index.md | 23 + .../design-documents/extensions/payload.txt | 1 + .../index.md | 123 + .../bluetooth-extension-api/index.md | 359 + .../apis-under-development/browser-keys/index.md | 154 + .../apis-under-development/clear/index.md | 273 + .../context-menu-api/context_menu_api.png.sha1 | 1 + .../context-menu-api/context_menu_api_2.png.sha1 | 1 + .../context-menu-api/context_menu_api_3.png.sha1 | 1 + .../context-menu-api/context_menu_api_4.png.sha1 | 1 + .../context-menu-api/index.md | 262 + .../desktop-notification-api/index.md | 160 + .../apis-under-development/downloads-api/index.md | 17 + .../executecontentscript-proposal/index.md | 112 + .../apis-under-development/font-settings/index.md | 121 + .../get-extension-views-by-type-proposal/index.md | 74 + .../apis-under-development/gleam-api/index.md | 169 + .../apis-under-development/history-api/index.md | 65 + .../apis-under-development/i18n-api/index.md | 73 + .../apis-under-development/index.md | 16 + .../input-method-editor/index.md | 452 + .../instructions-for-api-shepherds/index.md | 19 + .../language-detection/index.md | 103 + .../managed-storage-api/index.md | 146 + .../apis-under-development/media-gallery/index.md | 98 + .../index.md | 860 + .../offscreen-tabs/book_screenshot.png.sha1 | 1 + .../offscreen-tabs/coverflow_screenshot.png.sha1 | 1 + .../apis-under-development/offscreen-tabs/index.md | 256 + .../offscreen-tabs/screenshot.png.sha1 | 1 + .../apis-under-development/omnibox-api/index.md | 88 + .../Screen shot 2011-10-06 at 3.47.53 PM.png.sha1 | 1 + .../apis-under-development/panels/index.md | 88 + .../power-management-api/index.md | 142 + .../apis-under-development/preference-api/index.md | 77 + .../apis-under-development/privacy/index.md | 163 + .../apis-under-development/processes-api/index.md | 297 + .../process-extension-screenshot.png.sha1 | 1 + .../profile-extension-api/index.md | 77 + .../index.md | 807 + .../apis-under-development/push-messaging/index.md | 190 + .../apis-under-development/rlz-api/index.md | 237 + .../apis-under-development/settings/index.md | 207 + .../apis-under-development/settings_pages/index.md | 65 + .../system-indicator-api/index.md | 122 + .../apis-under-development/systeminfo/index.md | 315 + .../text-translate-api/index.md | 104 + .../apis-under-development/usb-api/index.md | 416 + .../webnavigation-v2/index.md | 121 + .../TabCaptureStates.png.sha1 | 1 + .../webrtc-tab-content-capture/index.md | 140 + .../window-management/index.md | 218 + .../proposed-changes/apiwishlist/index.md | 157 + .../proposed-changes/creating-new-apis/index.md | 407 + .../breaking-changes/index.md | 91 + .../extension-system-changes/index.md | 15 + .../install-dialog-2/index.md | 142 + .../extensions/proposed-changes/index.md | 13 + .../proposed-changes/spellcheck-api/index.md | 81 + .../design-documents/find-bar/FindBar.graffle.sha1 | 1 + .../find-bar/FindBarGeneral.png.sha1 | 1 + .../find-bar/FindBarTabSwitching.png.sha1 | 1 + .../developers/design-documents/find-bar/index.md | 132 + .../first-run-customizations/index.md | 90 + .../index.md | 70 + .../design-documents/form-autofill/index.md | 131 + .../autofill_i18l_address_jp_ui.jpg.sha1 | 1 + .../autofill_i18l_address_ui.jpg.sha1 | 1 + .../autofill_i18n_design.jpg.sha1 | 1 + .../internationalization-of-autofill/index.md | 111 + .../form-styles-that-chromium-understands/index.md | 84 + .../design-documents/fullscreen-mac/index.md | 101 + .../design-documents/generic-sensor/index.md | 862 + .../generic-theme-for-test-shell/index.md | 61 + .../test_shell_generic_theme.png.sha1 | 1 + .../google-cloud-print-proxy-design/index.md | 143 + .../CompositingwiththeGPUProcess.png.sha1 | 1 + .../HandlingMultipleContexts.png.sha1 | 1 + .../SoftwareRenderingArchitecture.png.sha1 | 1 + .../TheGPUProcess.png.sha1 | 1 + .../compositing_with_the_gpu_process.png.sha1 | 1 + .../gpu-architecture-roadmap/index.md | 102 + .../gpu-accelerated-compositing-in-chrome/index.md | 427 + .../software_rendering_architecture.png.sha1 | 1 + .../the_compositing_forest.png.sha1 | 1 + .../the_gpu_process.png.sha1 | 1 + .../design-documents/gpu-command-buffer/index.md | 434 + .../design-documents/gpu-memory-buffer/index.md | 12 + .../design-documents/graphics-and-skia/index.md | 292 + .../design-documents/greasemonkey/index.md | 11 + .../design-documents/high-dpi-resources/index.md | 159 + .../design-documents/http-authentication/index.md | 234 + .../index.md | 174 + .../idealized-mediastream-design/index.md | 473 + .../developers/design-documents/idl-build/index.md | 357 + .../design-documents/idl-compiler/index.md | 12 + .../design-documents/idn-in-google-chrome/index.md | 11 + .../design-documents/image-filters/index.md | 128 + .../design-documents/immersive-fullscreen/index.md | 234 + .../design-documents/impl-side-painting/index.md | 174 + .../site/developers/design-documents/index.md | 384 + .../developers/design-documents/indexeddb/index.md | 428 + .../indexeddb/indexeddbbackup/index.md | 430 + .../design-documents/info-bars/2infobars.png.sha1 | 1 + .../info-bars/InfoBars.graffle.sha1 | 1 + .../design-documents/info-bars/InfoBars.png.sha1 | 1 + .../developers/design-documents/info-bars/index.md | 138 + .../developers/design-documents/instant/index.md | 11 + .../instant/instant-support/index.md | 344 + .../inter-process-communication/index.md | 313 + .../iosurface-meeting-notes/index.md | 210 + .../design-documents/isolated-sites/index.md | 78 + .../java-resources-on-android/index.md | 83 + .../layered-components-design/index.md | 154 + .../layered-components-technical-approach/index.md | 187 + .../index.md | 158 + .../layout-tests-results-dashboard/index.md | 391 + .../linuxresourcesandlocalizedstrings/index.md | 100 + .../design-documents/mac-occlusion/index.md | 118 + .../design-documents/mac-plugins/index.md | 140 + .../design-documents/mac-xib-files/index.md | 16 + .../index.md | 49 + ...Media Router - Chrome architecture (1).png.sha1 | 1 + ...ome Media Router - Chrome architecture.png.sha1 | 1 + .../Chrome Media Router Architecture (1).png.sha1 | 1 + .../Chrome Media Router Architecture.png.sha1 | 1 + .../design-documents/media-router/index.md | 375 + .../media-router/media_router_overflow.jpg.sha1 | 1 + .../media_router_screen_selector.jpg.sha1 | 1 + .../media-router/media_router_ui_diagram.jpg.sha1 | 1 + .../media_router_universal_remote.jpg.sha1 | 1 + .../design-documents/mouse-lock/index.md | 148 + .../design-documents/multi-column-layout/index.md | 592 + .../Multiprocessarchitecture.ai.sha1 | 1 + .../multi-process-architecture/arch.png.sha1 | 1 + .../architecture.png.sha1 | 1 + .../chrome_archoverview.png.sha1 | 1 + .../how-to-add-new-features/index.md | 69 + .../multi-process-architecture/index.md | 170 + .../Resource-loading.png.sha1 | 1 + .../Resourceloading2.ai.sha1 | 1 + .../multi-process-resource-loading/index.md | 86 + .../resource_loader.png.sha1 | 1 + .../native-controls/NativeControl.graffle.sha1 | 1 + .../native-controls/NativeControl.png.sha1 | 1 + .../NativeControlHistoric.graffle.sha1 | 1 + .../native-controls/NativeControlHistoric.png.sha1 | 1 + .../NativeControlHistoric2.png.sha1 | 1 + .../design-documents/native-controls/index.md | 146 + .../design-documents/network-settings/index.md | 110 + .../Chromium HTTP Network Request Diagram.svg.sha1 | 1 + .../network-stack/Chromium Network Stack.svg.sha1 | 1 + .../cookiemonster/CM-inheritance-new.tiff.sha1 | 1 + .../cookiemonster/CM-inheritance.jpeg.sha1 | 1 + .../cookiemonster/CM-inheritance.pdf.sha1 | 1 + .../cookiemonster/CM-inheritance.png.sha1 | 1 + .../cookiemonster/CM-inheritance.svg.sha1 | 1 + .../cookiemonster/CM-method-calls-new.jpg.sha1 | 1 + .../cookiemonster/CM-method-calls-new.svg.sha1 | 1 + .../network-stack/cookiemonster/index.md | 180 + .../network-stack/debugging-net-proxy/index.md | 14 + .../network-stack/disk-cache/alloc.PNG.sha1 | 1 + .../network-stack/disk-cache/alloc2.PNG.sha1 | 1 + .../disk-cache/disk-cache-benchmarking/index.md | 93 + .../disk-cache/disk-cache-v3/index.md | 475 + .../network-stack/disk-cache/files.PNG.sha1 | 1 + .../network-stack/disk-cache/files2.PNG.sha1 | 1 + .../network-stack/disk-cache/files3.PNG.sha1 | 1 + .../network-stack/disk-cache/files4.PNG.sha1 | 1 + .../network-stack/disk-cache/index.md | 434 + .../disk-cache/very-simple-backend/index.md | 151 + .../http-authentication-throttling/index.md | 183 + .../network-stack/http-cache/index.md | 174 + .../network-stack/http-cache/t.png.sha1 | 1 + .../network-stack/http-pipelining/index.md | 51 + .../design-documents/network-stack/index.md | 298 + .../network-stack/netlog/NetLog1.png.sha1 | 1 + .../design-documents/network-stack/netlog/index.md | 223 + .../downloads-bug-triage/index.md | 97 + .../downloads-bug-triage/salient-bug-list/index.md | 69 + .../network-stack/network-bug-triage/index.md | 16 + .../network-stack-objectives/index.md | 592 + .../network-stack-use-in-chromium/index.md | 106 + .../network-stack/preconnect/index.md | 93 + .../fox-proxy-settings.png.sha1 | 1 + .../proxy-settings-fallback/ie-auto-fallback.dot | 9 + .../ie-auto-fallback.png.sha1 | 1 + .../proxy-settings-fallback/ie-fallback.dot | 27 + .../proxy-settings-fallback/ie-fallback.png.sha1 | 1 + .../proxy-settings-fallback/ie-manual-fallback.dot | 7 + .../ie-manual-fallback.png.sha1 | 1 + .../ie-proxy-server-settings.png.sha1 | 1 + .../ie-proxy-settings.png.sha1 | 1 + .../network-stack/proxy-settings-fallback/index.md | 76 + .../network-stack/socks-proxy/index.md | 74 + .../omnibox-ime-coordination/imeomni.png.sha1 | 1 + .../omnibox-ime-coordination/index.md | 180 + .../index.md | 127 + .../Cross Process Tabs (for posting).png.sha1 | 1 + .../Frame DOMWindow Document (1).png.sha1 | 1 + ... DOMWindow Document 2015 (for posting).png.sha1 | 1 + .../oop-iframes/Frame Trees (for posting).png.sha1 | 1 + .../Frame Trees 2015 (for posting).png.sha1 | 1 + .../Local vs Remote Frame diagram.png.sha1 | 1 + .../oop-iframes/framehandle/index.md | 27 + .../design-documents/oop-iframes/index.md | 270 + ...and compositing out-of-process iframes.png.sha1 | 1 + .../oop-iframes/oop-iframes-rendering/index.md | 323 + ...ring design - compositor frame routing.png.sha1 | 1 + ...ndering design - ogres are like onions.png.sha1 | 1 + .../rendering design - rendering trees.png.sha1 | 1 + .../rendering design - texture routing.png.sha1 | 1 + .../os-x-interprocess-communication/index.md | 311 + .../index.md | 223 + .../password-generation/01_form.png.sha1 | 1 + .../password-generation/02_hover.png.sha1 | 1 + .../password-generation/03_suggestion.png.sha1 | 1 + .../password-generation/04_filled.png.sha1 | 1 + .../password-generation/EditingUI.png.sha1 | 1 + .../password-generation/GenerationUI.png.sha1 | 1 + .../design-documents/password-generation/index.md | 115 + .../Pepper design.ai.sha1 | 1 + .../pepper-plugin-implementation/index.md | 477 + .../pepper_design.png.sha1 | 1 + .../design-documents/per-page-suborigins/index.md | 299 + .../plugin-architecture/Pluginarchitecture.ai.sha1 | 1 + .../Pluginarchitectureoutofprocess.ai.sha1 | 1 + .../in_process_plugins.png.sha1 | 1 + .../design-documents/plugin-architecture/index.md | 140 + .../out_of_process_plugins.png.sha1 | 1 + .../plugin-architecture/pluginsinprocess.png.sha1 | 1 + .../pluginsoutofprocess.png.sha1 | 1 + .../design-documents/preferences/index.md | 474 + .../prerender/CroppedPrerenderingDiagram.png.sha1 | 1 + .../prerender/Prerenderingdiagram.png.sha1 | 1 + .../prerender/Wickedflowchart.gif.sha1 | 1 + .../developers/design-documents/prerender/index.md | 237 + .../design-documents/print-preview/index.md | 220 + .../developers/design-documents/printing/index.md | 30 + .../design-documents/process-models/index.md | 289 + .../profile-architecture/dot.png.sha1 | 1 + .../profile-architecture/graph5.png.sha1 | 1 + .../design-documents/profile-architecture/index.md | 287 + .../Avatar Menu Classes.png.sha1 | 1 + .../design-documents/profile-chooser-menu/index.md | 52 + .../developers/design-documents/rappor/index.md | 282 + .../chromium-composited-hw-rendering.png.sha1 | 1 + .../chromium-composited-sw-rendering.png.sha1 | 1 + .../chromium-non-composited-sw-rendering.png.sha1 | 1 + .../chromium-request-anim-frame.png.sha1 | 1 + .../rendering-architecture-diagrams/index.md | 55 + .../design-documents/rendering-benchmarks/index.md | 217 + .../design-documents/rendertext/index.md | 19 + .../safebrowsing/browse.details.svg.sha1 | 1 + .../safebrowsing/browse.details1.svg.sha1 | 1 + .../safebrowsing/browse.details2.svg.sha1 | 1 + .../safebrowsing/browse.details3.svg.sha1 | 1 + .../safebrowsing/browse.details4.svg.sha1 | 1 + .../design-documents/safebrowsing/browse.svg.sha1 | 1 + ...me_safe_browsing_wo_legend_wo_download.png.sha1 | 1 + .../safebrowsing/csdservice.svg.sha1 | 1 + .../safebrowsing/download_protection.png.sha1 | 1 + .../download_protection_without_legend.png.sha1 | 1 + .../design-documents/safebrowsing/index.md | 147 + .../design-documents/safebrowsing/legend.png.sha1 | 1 + .../design-documents/safesearch/index.md | 62 + .../design-documents/sandbox/Sandbox-FAQ/index.md | 13 + .../developers/design-documents/sandbox/index.md | 12 + .../sandbox/osx-sandboxing-design/index.md | 108 + .../sandbox/sbox_top_diagram.PNG.sha1 | 1 + .../developers/design-documents/sane-time/index.md | 171 + .../design-documents/secure-web-proxy/index.md | 74 + .../design-documents/service-processes/index.md | 90 + .../design-documents/site-engagement/index.md | 90 + .../ChromeSiteIsolationProject-arch.png.sha1 | 1 + ...romeSiteIsolationProject-siteinstances.png.sha1 | 1 + .../design-documents/site-isolation/index.md | 350 + .../software-updates-courgette/index.md | 211 + .../developers/design-documents/startup/index.md | 12 + .../index.md | 140 + .../design-documents/sync/embassy/index.md | 112 + .../site/developers/design-documents/sync/index.md | 114 + .../sync/sync-data-best-practices/index.md | 45 + .../sync/syncable-service-api/SyncAPI.pdf.sha1 | 1 + .../sync/syncable-service-api/index.md | 219 + .../unified-sync-and-storage-overview/index.md | 421 + .../s7ipoJ9OaaLWolpF0aIYfoA.png.sha1 | 1 + .../sGBklpDhSmt-dGNQJUSkhNA.png.sha1 | 1 + .../sK5QS5Ee9i0OE2L4RIHredA.png.sha1 | 1 + .../sSbkKodQc5-RbyCqTGkUCzw.png.sha1 | 1 + .../syHRLLSqHvALzjSchvniqSw.png.sha1 | 1 + .../system-dictionary-pop-up-architecture/index.md | 227 + .../tab-strip-mac/dragWithin.png.sha1 | 1 + .../tab-strip-mac/dragWithin2.png.sha1 | 1 + .../design-documents/tab-strip-mac/index.md | 321 + .../tab-strip-mac/translucent.png.sha1 | 1 + .../tabtastic-2-requirements/index.md | 43 + .../developers/design-documents/themes/index.md | 44 + .../developers/design-documents/threading/index.md | 12 + .../index.md | 14 + .../time-safety-and-readability/index.md | 92 + .../design-documents/time-sources/index.md | 79 + .../developers/design-documents/tpm-usage/index.md | 295 + .../developers/design-documents/translate/index.md | 97 + .../ui-development-practices/index.md | 72 + .../design-documents/ui-localization/index.md | 330 + .../ui-localization/mac-notes/index.md | 264 + .../chrome_toolbar.jpg.sha1 | 1 + .../explorer_window_en_us.jpg.sha1 | 1 + .../explorer_window_he.jpg.sha1 | 1 + .../ui-mirroring-infrastructure/index.md | 451 + .../mirroring_api.jpg.sha1 | 1 + .../tabs_fixed.jpg.sha1 | 1 + .../tabs_flipping_bug.jpg.sha1 | 1 + .../tabs_layout_bug.jpg.sha1 | 1 + .../ws_layout_rtl.jpg.sha1 | 1 + .../design-documents/user-scripts/index.md | 75 + .../VideoCaptureBrowserClasses.jpg.sha1 | 1 + .../design-documents/video-capture/index.md | 140 + .../video-playback-and-compositor/index.md | 188 + .../developers/design-documents/video/index.md | 169 + .../video/video_stack_arch.graffle.sha1 | 1 + .../video/video_stack_arch.png.sha1 | 1 + .../video/video_stack_chrome.graffle.sha1 | 1 + .../video/video_stack_chrome.png.sha1 | 1 + .../views-rect-based-targeting/index.md | 127 + .../views-windowing/NonClientView.graffle.sha1 | 1 + .../views-windowing/NonClientView.png.sha1 | 1 + .../design-documents/views-windowing/index.md | 198 + .../web-midi/Web MIDI design overview (1).png.sha1 | 1 + .../web-midi/Web MIDI design overview.png.sha1 | 1 + .../developers/design-documents/web-midi/index.md | 52 + .../developers/design-documents/web-nfc/index.md | 162 + .../design-documents/web-nfc/ndef_reader.png.sha1 | 1 + .../design-documents/web-nfc/ndef_writer.png.sha1 | 1 + .../web-nfc/nfc_android_platform.png.sha1 | 1 + .../webnavigation-api-internals/index.md | 139 + .../design-documents/widget-refactor/index.md | 28 + .../WrenchMenuTaskDispatch.graffle.zip.sha1 | 1 + .../WrenchMenuTaskDispatch.png.sha1 | 1 + .../design-documents/wrench-menu-mac/index.md | 34 + .../xss-auditor/XSSAuditorViewSource.png.sha1 | 1 + .../design-documents/xss-auditor/index.md | 157 + .../gcf_troubleshooting/DumpCFReg.zip.sha1 | 1 + .../gcf_troubleshooting/image0.png.sha1 | 1 + .../gcf_troubleshooting/image1.png.sha1 | 1 + .../gcf_troubleshooting/image2.png.sha1 | 1 + .../gcf_troubleshooting/image3.png.sha1 | 1 + .../gcf_troubleshooting/image4.png.sha1 | 1 + .../diagnostics/gcf_troubleshooting/index.md | 270 + .../website/site/developers/diagnostics/index.md | 10 + .../diagnostics/installer-error-strings/index.md | 125 + .../site/developers/discussion-groups/index.md | 71 + .../site/developers/dns-over-https/index.md | 54 + .../site/developers/enterprise-changes/index.md | 118 + .../site/developers/experimental-branches/index.md | 24 + .../developers/extensions-deployment-faq/index.md | 129 + .../Screen shot 2011-04-01 at 11.52.02 AM.png.sha1 | 1 + .../Screen shot 2011-04-01 at 11.57.03 AM.png.sha1 | 1 + .../Screen shot 2011-04-01 at 11.59.12 AM.png.sha1 | 1 + .../Screen shot 2011-04-01 at 11.59.21 AM.png.sha1 | 1 + .../Screen shot 2011-04-01 at 4.27.30 PM.png.sha1 | 1 + .../site/developers/f-script-anywhere/index.md | 90 + .../fast-intro-to-git-internals/index.md | 9 + .../index.md | 42 + .../site/developers/generated-files/index.md | 94 + .../website/site/developers/gerrit-guide/index.md | 171 + .../website/site/developers/git-cache/index.md | 8 + .../site/developers/github-collaboration/index.md | 44 + .../developers/gn-build-configuration/index.md | 270 + .../developers/gyp-environment-variables/index.md | 251 + .../gyp-environment-variables/menu_check.png.sha1 | 1 + .../-quickly-building-for-cros-arm-x64/bashrc-tail | 85 + .../-quickly-building-for-cros-arm-x64/goma-ninja | 10 + .../-quickly-building-for-cros-arm-x64/index.md | 72 + .../-quickly-building-for-cros-arm-x64/ninja | 7 + .../how-tos/android-build-instructions/index.md | 12 + .../site/developers/how-tos/angle-infra/index.md | 12 + .../developers/how-tos/angle-wrangling/index.md | 11 + .../site/developers/how-tos/api-keys/index.md | 179 + .../build-instructions-android-webview/index.md | 11 + .../how-tos/build-instructions-cast/index.md | 14 + .../how-tos/build-instructions-chromeos/index.md | 17 + .../how-tos/build-instructions-windows/index.md | 12 + .../how-tos/chrome-frame-cfinstall/index.md | 107 + .../how-tos/chrome-frame-getting-started/index.md | 34 + .../screenshot-chromeframe.jpeg.sha1 | 1 + .../how-tos/chromium-modularization/index.md | 201 + .../how-tos/closure-compilation/index.md | 12 + .../developers/how-tos/component-build/index.md | 12 + .../cscope-emacs-example-linux-setup/cscope-update | 11 + .../cscope-emacs-example-linux-setup/cscope.el | 41 + .../cscope-emacs-example-linux-setup/index.md | 24 + .../how-tos/debugging-gpu-related-code/index.md | 12 + .../how-tos/debugging-on-android/index.md | 12 + .../index.md | 13 + .../developers/how-tos/debugging-on-os-x/index.md | 11 + .../debugging-on-windows/StepIntoSpecific.png.sha1 | 1 + .../example-of-working-with-a-dump/index.md | 304 + .../how-tos/debugging-on-windows/gflags.png.sha1 | 1 + .../graphicsdebugger.png.sha1 | 1 + .../index.md | 69 + .../how-tos/debugging-on-windows/index.md | 469 + .../debugging-on-windows/windbg-help/index.md | 249 + .../developers/how-tos/depottools/gclient/index.md | 13 + .../site/developers/how-tos/depottools/index.md | 196 + .../how-tos/depottools/presubmit-scripts/index.md | 275 + .../site/developers/how-tos/drover/1.png.sha1 | 1 + .../site/developers/how-tos/drover/2.png.sha1 | 1 + .../site/developers/how-tos/drover/index.md | 11 + .../index.md | 163 + .../enterprise/adding-new-policies/index.md | 15 + .../site/developers/how-tos/enterprise/index.md | 20 + .../decode_policy_blob.sh | 33 + .../encode_policy_blob.sh | 80 + .../protobuf-encoded-policy-blobs/index.md | 81 + .../running-the-cloud-policy-test-server/index.md | 288 + .../how-tos/file-web-bluetooth-bugs/index.md | 223 + .../developers/how-tos/get-the-code-v2/index.md | 313 + .../get-the-code/gclient-managed-mode/index.md | 54 + .../site/developers/how-tos/get-the-code/index.md | 38 + .../multiple-working-directories/index.md | 61 + .../get-the-code/working-with-branches/index.md | 220 + .../working-with-nested-repos/index.md | 69 + .../working-with-release-branches/index.md | 85 + .../Content.png.sha1 | 1 + .../getting-around-the-chrome-source-code/index.md | 357 + .../site/developers/how-tos/gpu-gardening/index.md | 11 + .../how-tos/gpu-overdraw-debugging-tool/index.md | 103 + .../how-tos/gpu-wrangling/Step1.png.sha1 | 1 + .../how-tos/gpu-wrangling/Step2.png.sha1 | 1 + .../check_gpu_bots-script/check_gpu_bots.py | 498 + .../gpu-wrangling/check_gpu_bots-script/index.md | 91 + .../site/developers/how-tos/gpu-wrangling/index.md | 12 + .../how-tos/gpu-wrangling/wrangler.png.sha1 | 1 + .../index.md | 39 + .../docs/website/site/developers/how-tos/index.md | 34 + .../Screenshot from 2017-08-28 14_28_36.png.sha1 | 1 + .../how-tos/inspecting-ash/XoWGyYBg5EA.png.sha1 | 1 + .../inspecting-ash/chrome_inspect_other.png.sha1 | 1 + .../how-tos/inspecting-ash/distances.png.sha1 | 1 + .../how-tos/inspecting-ash/dom_tree.png.sha1 | 1 + .../developers/how-tos/inspecting-ash/index.md | 108 + .../how-tos/inspecting-ash/screenshot2.gif.sha1 | 1 + .../how-tos/install-depot-tools/index.md | 23 + .../how-tos/leak-gdi-object-in-windows/index.md | 114 + .../developers/how-tos/mac-development/index.md | 46 + .../how-tos/make-a-web-standards-proposal/index.md | 11 + .../developers/how-tos/old-get-the-code/index.md | 205 + .../how-tos/optimizing-energy-consumption/index.md | 190 + .../how-tos/order-file-development-guide/index.md | 86 + .../retrieving-crash-reports-on-ios/index.md | 88 + .../how-tos/run-chromium-with-flags/index.md | 162 + .../developers/how-tos/run-mojo-shell/index.md | 11 + .../site/developers/how-tos/scopedlogger/index.md | 11 + .../Screenshot from 2015-03-10 14_52_09.png.sha1 | 1 + .../Screenshot from 2015-03-10 14_52_29.png.sha1 | 1 + .../Screenshot from 2015-03-10 14_54_06.png.sha1 | 1 + .../Screenshot from 2015-03-10 14_55_28.png.sha1 | 1 + .../Screenshot from 2015-03-24 11_16_39.png.sha1 | 1 + .../Screenshot from 2019-11-27 23-09-36.png.sha1 | 1 + .../how-tos/submitting-a-performance-bug/index.md | 67 + .../trace-event-profiling-tool/3dtracing2.png.sha1 | 1 + .../Screenshot-about_gpu.png.sha1 | 1 + .../abouttracing2.png.sha1 | 1 + .../abouttracingfinal.png.sha1 | 1 + .../anatomy-of-jank/index.md | 273 + .../anatomy-of-jank/mov1.mp4.sha1 | 1 + .../anatomy-of-jank/mov2.mp4.sha1 | 1 + .../anatomy-of-jank/mov3.mp4.sha1 | 1 + .../anatomy-of-jank/mov4.mp4.sha1 | 1 + .../Screen Shot 2013-05-14 at 9.10.55 PM.png.sha1 | 1 + .../frame-viewer/frameviewer.png.sha1 | 1 + .../frame-viewer/index.md | 79 + .../how-tos/trace-event-profiling-tool/index.md | 96 + ...MemoryInfra- From trace JSON to Tracks.png.sha1 | 1 + .../Screen Shot 2015-06-12 at 5.30.33 PM.png.sha1 | 1 + .../Screen Shot 2015-06-12 at 7.42.47 PM.png.sha1 | 1 + .../memory/dump.png.sha1 | 1 + .../Screen Shot 2015-09-24 at 8.34.32 PM.png.sha1 | 1 + .../Screen Shot 2015-09-24 at 8.38.32 PM.png.sha1 | 1 + .../memory/gpu-memory/index.md | 16 + .../sXTqTORl7xn0ijvmBV3etcA (1).png.sha1 | 1 + .../gpu-memory/sXTqTORl7xn0ijvmBV3etcA.png.sha1 | 1 + .../detailed_dump.png.sha1 | 1 + .../heap-profiling-with-memory-infra/heap.png.sha1 | 1 + .../heap-profiling-with-memory-infra/index.md | 16 + .../heap-profiling-with-memory-infra/new.png.sha1 | 1 + .../index.md | 226 + .../trace-event-profiling-tool/memory/index.md | 14 + .../memory/memory_infra_logo.png.sha1 | 1 + .../startup-tracing-with-memory-profiling/index.md | 74 + .../Screen Shot 2015-06-04 at 1.37.00 PM.png.sha1 | 1 + .../Screen Shot 2015-06-04 at 12.46.58 PM.png.sha1 | 1 + .../Screen Shot 2015-06-04 at 12.47.34 PM.png.sha1 | 1 + .../Screenshot from 2014-10-14 10-18-30.png.sha1 | 1 + .../Screenshot from 2014-10-14 10-18-44.png.sha1 | 1 + .../Screenshot from 2014-10-14 10-19-11.png.sha1 | 1 + .../recording-tracing-runs/index.md | 299 + .../recording-tracing-runs/s.png.sha1 | 1 + .../recording-tracing-runs/s2.png.sha1 | 1 + .../recording-tracing-runs/s3.png.sha1 | 1 + .../recording-tracing-runs/s4.png.sha1 | 1 + .../recording-tracing-runs/sunburst.png.sha1 | 1 + .../recording-tracing-runs/tracing-flow.png.sha1 | 1 + .../tracing-frame-viewer.png.sha1 | 1 + .../tracing-scheduler.png.sha1 | 1 + .../tracing-systrace.png.sha1 | 1 + .../saving-skp-s-from-chromium/checkboxes.png.sha1 | 1 + .../saving-skp-s-from-chromium/index.md | 99 + .../saving-skp-s-from-chromium/picture.png.sha1 | 1 + .../skdebugger2.png.sha1 | 1 + .../saving-skp-s-from-chromium/skpsite.png.sha1 | 1 + .../smallabouttracing.png.sha1 | 1 + .../Screen Shot 2015-09-02 at 8.39.51 PM.png.sha1 | 1 + .../Screen Shot 2015-09-02 at 8.46.48 PM.png.sha1 | 1 + .../trace-event-reading/Selection.png.sha1 | 1 + .../trace-event-reading/fifth.png.sha1 | 1 + .../trace-event-reading/first.png.sha1 | 1 + .../trace-event-reading/fourth.png.sha1 | 1 + .../trace-event-reading/index.md | 623 + .../trace-event-reading/second.png.sha1 | 1 + .../sixth-before-import.png.sha1 | 1 + .../trace-event-reading/synchanell.png.sha1 | 1 + .../trace-event-reading/third.png.sha1 | 1 + .../trace-event-profiling-tool/trace.png.sha1 | 1 + .../trace-event-profiling-tool/trace3.png.sha1 | 1 + .../tracing-event-instrumentation/index.md | 149 + .../using-frameviewer/01-followalong.png.sha1 | 1 + .../using-frameviewer/02-lefttoright.png.sha1 | 1 + .../using-frameviewer/03-individual trace.png.sha1 | 1 + .../using-frameviewer/04-information is.png.sha1 | 1 + .../using-frameviewer/1.png.sha1 | 1 + .../using-frameviewer/10.png.sha1 | 1 + .../using-frameviewer/11.png.sha1 | 1 + .../using-frameviewer/12.png.sha1 | 1 + .../using-frameviewer/13.png.sha1 | 1 + .../using-frameviewer/14.png.sha1 | 1 + .../using-frameviewer/15.png.sha1 | 1 + .../using-frameviewer/16.png.sha1 | 1 + .../using-frameviewer/17.png.sha1 | 1 + .../using-frameviewer/18.png.sha1 | 1 + .../using-frameviewer/19.png.sha1 | 1 + .../using-frameviewer/2.png.sha1 | 1 + .../using-frameviewer/20.png.sha1 | 1 + .../using-frameviewer/21.png.sha1 | 1 + .../using-frameviewer/22.png.sha1 | 1 + .../using-frameviewer/3.png.sha1 | 1 + .../using-frameviewer/4.png.sha1 | 1 + .../using-frameviewer/5.png.sha1 | 1 + .../using-frameviewer/6.png.sha1 | 1 + .../using-frameviewer/7.png.sha1 | 1 + .../using-frameviewer/8.png.sha1 | 1 + .../using-frameviewer/9.png.sha1 | 1 + .../using-frameviewer/inbox_frameviewer_trace.sha1 | 1 + .../using-frameviewer/inbox_normal_trace.sha1 | 1 + .../using-frameviewer/index.md | 566 + .../using-frameviewer/nytimes_scroll_trace.sha1 | 1 + .../output_optimized_frame.gif.sha1 | 1 + .../using-frameviewer/process.png.sha1 | 1 + .../repaint_example_reduced_trace.sha1 | 1 + .../using-frameviewer/repaint_example_trace.sha1 | 1 + .../using-frameviewer/summarize.png.sha1 | 1 + .../developers/how-tos/using-drmemory/index.md | 232 + .../index.md | 202 + .../vectorized-icons-in-native-chrome-ui/index.md | 12 + .../how-tos/visualstudio-tricks/index.md | 83 + .../developers/how-tos/webkit-gardening/index.md | 11 + chromium/docs/website/site/developers/index.md | 314 + .../website/site/developers/installer/index.md | 215 + chromium/docs/website/site/developers/irc/index.md | 101 + .../javascript-unittests/Coverage.png.sha1 | 1 + .../javascript-unittests/EnableCoverage.png.sha1 | 1 + .../developers/javascript-unittests/QUnit.png.sha1 | 1 + .../site/developers/javascript-unittests/index.md | 219 + .../site/developers/leak-detection/index.md | 80 + .../learning-your-way-around-the-code/index.md | 72 + .../site/developers/libraries-guide/index.md | 21 + .../site/developers/linux-technical-faq/index.md | 91 + .../lock-and-condition-variable/index.md | 995 + .../site/developers/mandoline/Mandoline.png.sha1 | 1 + .../website/site/developers/mandoline/index.md | 30 + .../developers/markdown-documentation/index.md | 29 + .../developers/md5-certificate-statistics/index.md | 94 + .../meet-the-web-platform-companion/index.md | 228 + .../website/site/developers/memory-bloat/index.md | 235 + .../memory-usage-backgrounder/aboutmemory.jpg.sha1 | 1 + .../chrometaskmanager.jpg.sha1 | 1 + .../developers/memory-usage-backgrounder/index.md | 261 + .../memory-usage-backgrounder/taskmanager.jpg.sha1 | 1 + .../docs/website/site/developers/memory/index.md | 10 + .../site/developers/memory_watcher/index.md | 153 + .../docs/website/site/developers/mus-ash/index.md | 162 + .../website/site/developers/new-features/index.md | 12 + .../Plugin-blocked bubble.png.sha1 | 1 + ...Plugin-blocked yellow slide and bubble.png.sha1 | 1 + .../Plugin-blocked-yellow-slide.png.sha1 | 1 + .../Screen Shot 2013-12-03 at 10.09.10 AM.png.sha1 | 1 + .../Screen Shot 2013-12-03 at 10.10.16 AM.png.sha1 | 1 + .../site/developers/npapi-deprecation/index.md | 259 + .../npapi-deprecation/npapimock.png.sha1 | 1 + .../developers/os-x-keyboard-handling/index.md | 143 + .../website/site/developers/owners-files/index.md | 10 + .../developers/page-sets-and-benchmarks/index.md | 130 + .../developers/pepper-api-best-practices/index.md | 101 + .../website/site/developers/polymer-0-8/index.md | 9 + .../website/site/developers/postmortems/index.md | 98 + .../profiling-chromium-and-webkit/index.md | 129 + .../profiling-flame-graphs/flamegraph.png.sha1 | 1 + .../developers/profiling-flame-graphs/index.md | 56 + .../index.md | 20 + .../site/developers/quarantined-pages/index.md | 9 + .../quarantined-pages/meeting-notes/index.md | 71 + .../site/developers/quick-reference/index.md | 147 + .../index.md | 213 + .../01-movement.png.sha1 | 1 + .../02-frameviewr.png.sha1 | 1 + .../03-zoom.png.sha1 | 1 + .../04-rects.png.sha1 | 1 + .../05-tapdelay.png.sha1 | 1 + .../06-invalidation.png.sha1 | 1 + .../07-hypothetsis.png.sha1 | 1 + .../08-after.png.sha1 | 1 + .../09-layertree.png.sha1 | 1 + .../10-dramatically.png.sha1 | 1 + .../11-investigation.png.sha1 | 1 + .../12-asusual.png.sha1 | 1 + .../13-recalc.png.sha1 | 1 + .../14-otherlayers.png.sha1 | 1 + .../15-difflayertree.png.sha1 | 1 + .../16-after.png.sha1 | 1 + .../17-loadrelatedjank.png.sha1 | 1 + .../18-verylong.png.sha1 | 1 + .../19-populated.png.sha1 | 1 + .../rendering-performance-case-study-1/index.md | 303 + .../WebKit_For_Web_Developers_1.pdf.sha1 | 1 + .../WebKit_For_Web_Developers_2.pdf.sha1 | 1 + .../website/site/developers/rtl-in-webkit/index.md | 241 + .../site/developers/severity-guidelines/index.md | 172 + .../docs/website/site/developers/shutdown/index.md | 67 + .../site/developers/slack/blob_cheer.png.sha1 | 1 + .../site/developers/slack/blob_peek.png.sha1 | 1 + .../site/developers/slack/blob_praise.png.sha1 | 1 + .../site/developers/slack/blob_stop.png.sha1 | 1 + .../site/developers/slack/blob_think.png.sha1 | 1 + .../docs/website/site/developers/slack/index.md | 124 + .../developers/slickedit-editor-notes/index.md | 77 + .../developers/smart-pointer-guidelines/index.md | 192 + .../site/developers/speed-hall-of-fame/index.md | 349 + .../speed-infra/chrome_speed_color.png.sha1 | 1 + .../website/site/developers/speed-infra/index.md | 10 + .../developers/speed-infra/perf-bug-faq/index.md | 12 + .../developers/speed-infra/speed_logo.png.sha1 | 1 + .../status-update-email-best-practices/index.md | 42 + .../sublime-text/SublimeExample.png.sha1 | 1 + .../sublime-text/compile_current_file.py | 217 + .../website/site/developers/sublime-text/index.md | 475 + .../site/developers/sync-diagnostics/index.md | 134 + .../site/developers/tech-talk-videos/index.md | 8 + .../release-process/buildbot_screenshot.PNG.sha1 | 1 + .../release-process/chromium-24.png.sha1 | 1 + .../release-process/death_metal_rooster3.png.sha1 | 1 + .../tech-talk-videos/release-process/index.md | 465 + .../release process version 2.png.sha1 | 1 + .../release-process/starwars-disturbance2.jpg.sha1 | 1 + .../release-process/update_software_popup.png.sha1 | 1 + .../technical-discussion-groups/index.md | 312 + .../telemetry/add_a_measurement/index.md | 61 + .../benchmark-organization-diagram.png.sha1 | 1 + .../Screen Shot 2014-12-10 at 9.42.17 AM.png.sha1 | 1 + .../telemetry/diagnosing-test-failures/index.md | 111 + .../website/site/developers/telemetry/index.md | 10 + .../Screen Shot 2014-08-26 at 10.49.28 AM.png.sha1 | 1 + .../Screen Shot 2014-08-26 at 10.49.51 AM.png.sha1 | 1 + .../telemetry/performance-try-bots/index.md | 11 + .../site/developers/telemetry/profiling/index.md | 249 + .../WebPageReplayDiagram.png.sha1 | 1 + .../telemetry/record_a_page_set/index.md | 119 + .../site/developers/telemetry/run_locally/index.md | 12 + .../running-telemetry-on-chrome-os/index.md | 13 + .../telemetry-feature-guidelines/index.md | 73 + .../telemetry-mac-keychain-setup/index.md | 31 + .../telemetry-profile-generation/index.md | 59 + .../telemetry/telemetry-unittests/index.md | 12 + .../telemetry/upload_to_cloud_storage/index.md | 100 + .../Screen Shot 2013-12-20 at 9.03.31 AM.png.sha1 | 1 + .../testing/adding-performance-tests/index.md | 31 + .../adding-tests-to-the-main-waterfall/index.md | 49 + .../developers/testing/addresssanitizer/index.md | 12 + .../android-tests/android-webview-tests/index.md | 14 + .../site/developers/testing/android-tests/index.md | 163 + .../index.md | 76 + .../site/developers/testing/browser-tests/index.md | 219 + .../developers/testing/changedashboard/index.md | 53 + .../developers/testing/chrome-test-apis/index.md | 21 + .../testing/chromium-build-infrastructure/index.md | 11 + .../performance-test-plots/index.md | 269 + .../page_cycler_plot.png.sha1 | 1 + .../repro-a-build/index.md | 38 + .../tour-of-the-chromium-buildbot/index.md | 343 + .../waterfall.png.sha1 | 1 + .../commit-queue/chromium_trybot-json/index.md | 32 + .../testing/commit-queue/design/index.md | 171 + .../site/developers/testing/commit-queue/index.md | 16 + .../integration-with-rietveld/index.md | 193 + .../testing/contacting-a-trooper/index.md | 12 + .../testing/control-flow-integrity/index.md | 209 + .../control-flow-integrity/overhead/index.md | 139 + .../site/developers/testing/dr-fuzz/index.md | 12 + .../site/developers/testing/fake-bidi/index.md | 41 + .../testing/flakiness-dashboard/flaky.jpg.sha1 | 1 + .../testing/flakiness-dashboard/flaky2.jpg.sha1 | 1 + .../testing/flakiness-dashboard/flaky3.jpg.sha1 | 1 + .../testing/flakiness-dashboard/index.md | 167 + .../flakiness-dashboard/missingorextra.jpg.sha1 | 1 + .../flakiness-dashboard/newFailingTest.jpg.sha1 | 1 + .../flakiness-dashboard/seeResults.jpg.sha1 | 1 + .../flakiness-dashboard/seeResults2.jpg.sha1 | 1 + .../developers/testing/frame-rate-test/index.md | 172 + .../testing/gpu-testing/gpu-bot-details/index.md | 14 + .../site/developers/testing/gpu-testing/index.md | 12 + .../docs/website/site/developers/testing/index.md | 69 + .../index.md | 109 + .../isolated-testing/deterministic-builds/index.md | 188 + .../testing/isolated-testing/for-swes/index.md | 224 + .../developers/testing/isolated-testing/index.md | 35 + .../isolated-testing/infrastructure/index.md | 204 + .../site/developers/testing/leaksanitizer/index.md | 160 + .../site/developers/testing/libfuzzer/index.md | 11 + .../developers/testing/memorysanitizer/index.md | 267 + .../index.md | 141 + .../developers/testing/no-compile-tests/index.md | 69 + .../testing/page-heap-for-chrome/index.md | 112 + .../site/developers/testing/running-tests/index.md | 141 + .../testing/threadsanitizer-tsan-v2/index.md | 233 + .../testing/time-complexity-tests/index.md | 384 + .../developers/testing/try-server-usage/index.md | 12 + .../testing/undefinedbehaviorsanitizer/index.md | 51 + .../testing/webgl-conformance-tests/index.md | 21 + .../webkit-layout-tests/content-shell/index.md | 14 + .../index.md | 14 + .../testing/webkit-layout-tests/index.md | 12 + .../webkit-layout-tests/testexpectations/index.md | 14 + .../using-breakpad-with-content-shell/index.md | 14 + .../testing/windows-installer-tests/index.md | 51 + .../the-json-test-results-format/index.md | 10 + .../the-rendering-critical-path/index.md | 273 + .../developers/threaded-task-tracking/index.md | 654 + .../developers/ticket-milestone-punting/index.md | 51 + .../grit/grit-design-overview/index.md | 91 + .../grit/grit-regression-test-plan/index.md | 40 + .../grit/grit-users-guide/index.md | 651 + .../grit/how-to-contribute-to-grit/index.md | 54 + .../tools-we-use-in-chromium/grit/index.md | 31 + .../developers/tools-we-use-in-chromium/index.md | 35 + .../chrome-in-chromeos-gardening/index.md | 21 + .../tree-sheriffs/handling-a-failing-test/index.md | 98 + .../website/site/developers/tree-sheriffs/index.md | 52 + .../Screen Shot 2013-04-23 at 8.04.15 AM.png.sha1 | 1 + .../Screen Shot 2013-10-27 at 10.23.35 AM.png.sha1 | 1 + .../Screen Shot 2013-10-27 at 10.29.17 AM.png.sha1 | 1 + .../Screen Shot 2013-10-27 at 10.33.54 AM.png.sha1 | 1 + .../Screen Shot 2013-10-27 at 10.39.38 AM.png.sha1 | 1 + .../Screen Shot 2013-10-27 at 10.50.40 AM.png.sha1 | 1 + .../perf-sheriffs/SheriffBadge2.jpg.sha1 | 1 + .../Screen Shot 2013-05-28 at 6.18.39 PM.png.sha1 | 1 + .../Screenshot from 2013-08-20 09_14_59.png.sha1 | 1 + .../bisecting-performance-regressions/index.md | 14 + .../tree-sheriffs/perf-sheriffs/index.md | 19 + .../sheriff-details-chromium-os/Builders.png.sha1 | 1 + ...omeOS Parallel CQ - Linear view of CLs.png.sha1 | 1 + .../Screenshot.png.sha1 | 1 + .../Test Orchestrator.png.sha1 | 1 + .../cloud-storage.png.sha1 | 1 + .../crash-example.png.sha1 | 1 + .../sheriff-details-chromium-os/index.md | 25 + .../sheriff-details-chromium/Waterfall.png.sha1 | 1 + .../sheriff-details-chromium/index.md | 20 + .../sheriff-details-chromium/tree_status.png.sha1 | 1 + .../tree-sheriffs/sheriff-o-matic/index.md | 17 + .../tree-sheriffs/sheriff-philosophy/index.md | 23 + .../tree-sheriffs/sheriffing-bug-queues/index.md | 14 + .../site/developers/triggered-reset-api/index.md | 54 + .../docs/website/site/developers/u-boot/index.md | 487 + .../docs/website/site/developers/u-boot/ttyusb | 57 + .../updating-webui-for-material-design/index.md | 124 + .../settings-material-design/index.md | 113 + .../testing-asynchronous-ui/index.md | 72 + .../testing-webui-with-mocha/index.md | 219 + .../using-polymer-icons/index.md | 91 + .../site/developers/useful-extensions/index.md | 155 + .../developers/using-atom-as-your-ide/index.md | 10 + .../using-eclipse-with-chromium/index.md | 12 + .../1LjbbxAJEBfpWRufhVtrUxNAB_WgavjqvfgpL.png.sha1 | 1 + .../1Zh85u4gzhhDkC6myiRAyO2SH1iRgCCbUoJ4O.png.sha1 | 1 + .../1bViPA1pF_5p0g5UaRwdhWedLTrTjXkcszqV3.png.sha1 | 1 + .../1m438-F2ObI9EqH66C94s_A6pzh5nN7Komyde.png.sha1 | 1 + .../developers/using-requestautocomplete/index.md | 40 + .../order-summary.png.sha1 | 1 + .../site/developers/version-numbers/index.md | 94 + .../web-development-style-guide/index.md | 10 + .../site/developers/web-idl-interfaces/index.md | 479 + .../Screen shot 2012-05-09 at 7.43.31 PM.png.sha1 | 1 + .../Screen shot 2012-05-10 at 11.59.08 PM.png.sha1 | 1 + .../Screen shot 2012-05-10 at 12.40.51 AM.png.sha1 | 1 + .../Screen shot 2012-05-11 at 12.00.09 AM.png.sha1 | 1 + .../Screen shot 2012-05-11 at 12.02.41 AM.png.sha1 | 1 + .../Screen shot 2012-05-14 at 4.48.28 PM.png.sha1 | 1 + .../Screen shot 2012-05-14 at 4.56.03 PM.png.sha1 | 1 + .../site/developers/web-intents-in-chrome/index.md | 633 + .../web-intents-in-chrome/noinstalls.PNG.sha1 | 1 + .../developers/web-intents-in-chrome/with.PNG.sha1 | 1 + .../developers/web-platform-status/forms/index.md | 266 + .../site/developers/web-platform-status/index.md | 1431 ++ .../site/developers/webkit-core-projects/index.md | 108 + .../docs/website/site/developers/webui/index.md | 453 + .../site/developers/webview-changes/index.md | 40 + .../website/site/developers/whistling.jpg.sha1 | 1 + .../site/developers/windows-binary-sizes/index.md | 286 + .../website/site/devtools/announcements/index.md | 8 + .../site/devtools/breakpoints-tutorial/index.md | 15 + .../devtools/capturing-a-timeline-trace/index.md | 29 + .../save timeline.png.sha1 | 1 + .../website/site/devtools/feed-icon16x16.png.sha1 | 1 + .../arrow.png.sha1 | 1 + .../console.png.sha1 | 1 + .../console_1.png.sha1 | 1 + .../console_dir.png.sha1 | 1 + .../console_dirxml.png.sha1 | 1 + .../console_dollar_one.png.sha1 | 1 + .../console_dollar_zero.png.sha1 | 1 + .../console_id.png.sha1 | 1 + .../console_inspect.png.sha1 | 1 + .../dev_tools_window_bottom.png.sha1 | 1 + .../dev_tools_window_top.png.sha1 | 1 + .../elements_css_syntax_highlighting.png.sha1 | 1 + .../elements_event_listeners_gear.png.sha1 | 1 + .../elements_hover.png.sha1 | 1 + .../elements_metrics.png.sha1 | 1 + .../elements_p.png.sha1 | 1 + .../elements_panel.png.sha1 | 1 + .../elements_properties_paner.png.sha1 | 1 + .../elements_search.png.sha1 | 1 + .../elements_style_checkboxes.png.sha1 | 1 + .../elements_style_edit.png.sha1 | 1 + .../exclude_selected_function.png.sha1 | 1 + .../focus_selected_function.png.sha1 | 1 + .../heap_snapshot.png.sha1 | 1 + .../heap_snapshot_compare.png.sha1 | 1 + .../heap_snapshot_drill_down.png.sha1 | 1 + .../index.md | 9 + .../page_menu.png.sha1 | 1 + .../profiles_panel_1.png.sha1 | 1 + .../profiling_cpu_1.png.sha1 | 1 + .../profiling_search.png.sha1 | 1 + .../resources_click_sidebar.png.sha1 | 1 + .../resources_drag_drop.png.sha1 | 1 + .../resources_enable_window.png.sha1 | 1 + .../resources_panel.png.sha1 | 1 + .../resources_size.png.sha1 | 1 + .../resources_sort_by.png.sha1 | 1 + .../scripts_breakpoints.png.sha1 | 1 + .../scripts_breakpoints_2.png.sha1 | 1 + .../scripts_panel.png.sha1 | 1 + .../scripts_panel_2.png.sha1 | 1 + .../scripts_paused.png.sha1 | 1 + .../storage_cookie.png.sha1 | 1 + .../storage_panel.png.sha1 | 1 + .../storage_panel_database.png.sha1 | 1 + .../storage_panel_sql_query.png.sha1 | 1 + .../storage_sticky_note.png.sha1 | 1 + .../timeline_panel.png.sha1 | 1 + .../timeline_records.png.sha1 | 1 + .../timeline_slider_right.png.sha1 | 1 + .../top_tool_bar_w_console.png.sha1 | 1 + .../two_profiles.png.sha1 | 1 + .../wrench-icon.jpg.sha1 | 1 + .../wrench.png.sha1 | 1 + chromium/docs/website/site/devtools/index.md | 12 + .../docs/website/site/devtools/page_menu.png.sha1 | 1 + .../website/site/devtools/wrench-icon.jpg.sha1 | 1 + chromium/docs/website/site/embeddedsearch/index.md | 208 + .../docs/website/site/events/blinkon-14/index.md | 213 + .../docs/website/site/events/blinkon-15/index.md | 112 + .../docs/website/site/events/blinkon-16/index.md | 74 + .../website/site/events/blinkon-resources/index.md | 15 + chromium/docs/website/site/events/index.md | 14 + chromium/docs/website/site/favicon.ico.sha1 | 1 + chromium/docs/website/site/flag-ownership/index.md | 8 + .../flash-roadmap/deprecating-wildcards/index.md | 289 + .../Daily Actives - Update Apr 15.png.sha1 | 1 + .../Daily Actives - Update Apr 27.png.sha1 | 1 + .../Daily Actives - Update Aug 10.png.sha1 | 1 + .../Daily Actives - Update July 6.png.sha1 | 1 + .../Daily Actives - Update July 9.png.sha1 | 1 + .../Daily Actives - Update May 24.png.sha1 | 1 + .../Flash Daily Actives - Oct 13, 2017.png.sha1 | 1 + .../Flash Impact - Usage.png.sha1 | 1 + .../flash-usage-trends/Flash Impact.png.sha1 | 1 + .../Flash Impressions - Oct 13, 2017.png.sha1 | 1 + .../Flash Usage Trend - Jan 25th, 2017.png.sha1 | 1 + .../Flash Volume - Update Apr 15.png.sha1 | 1 + .../Flash Volume - Update Apr 27.png.sha1 | 1 + .../Flash Volume - Update Aug 10.png.sha1 | 1 + .../Flash Volume - Update July 6.png.sha1 | 1 + .../Flash Volume - Update July 9.png.sha1 | 1 + .../Flash Volume - Update May 24.png.sha1 | 1 + .../PPS Tiny - 0x0 after (Updated).png.sha1 | 1 + .../PPS Tiny - 0x0 after.jpg.sha1 | 1 + .../PPS Tiny - 0x0 before.png.sha1 | 1 + .../site/flash-roadmap/flash-usage-trends/index.md | 33 + chromium/docs/website/site/flash-roadmap/index.md | 607 + .../chromium-bug-labels/index.md | 119 + .../hanging-tabs/crash-with-gdb | 9 + .../bug-reporting-guidelines/hanging-tabs/index.md | 72 + .../for-testers/bug-reporting-guidelines/index.md | 180 + .../reporting-crash-bug/index.md | 107 + .../triage-best-practices/index.md | 120 + .../blockthirdpartycookies.png.sha1 | 1 + .../index.md | 23 + .../index.md | 122 + .../site/for-testers/command-line-flags/index.md | 11 + .../enable-logging/configure providers.png.sha1 | 1 + .../site/for-testers/enable-logging/index.md | 122 + .../site/for-testers/faft/FAFT (1).jpg.sha1 | 1 + .../faft/FAFT Hardware Setup Layout.png.sha1 | 1 + .../for-testers/faft/Servo2_with_labels.jpg.sha1 | 1 + .../for-testers/faft/ServoV4-typeC-micro.png.sha1 | 1 + .../website/site/for-testers/faft/ServoV4.png.sha1 | 1 + .../docs/website/site/for-testers/faft/index.md | 10 + .../site/for-testers/faft/pd_typeC.png.sha1 | 1 + .../site/for-testers/faft/rc_typeA.png.sha1 | 1 + .../site/for-testers/faft/rc_typec.png.sha1 | 1 + .../for-testers/faft/rc_typec_official.png.sha1 | 1 + .../site/for-testers/faft/servo_v4.png.sha1 | 1 + .../constrained-windows--basic-testing/index.md | 56 + .../frontend-testing/constrained-windows/index.md | 45 + .../site/for-testers/frontend-testing/index.md | 17 + .../frontend-testing/spell-check/index.md | 42 + .../spell-check--basic-testing/index.md | 54 + .../index.md | 16 + .../list_chrome.zip.sha1 | 1 + chromium/docs/website/site/for-testers/index.md | 31 + .../website/site/for-testers/installer/index.md | 41 + .../installer/installer--basic-testing/index.md | 135 + .../for-testers/providing-memory-details/index.md | 29 + .../Screen Shot 2017-04-26 at 11.18.49 AM.png.sha1 | 1 + .../capture-bytes.png.sha1 | 1 + .../inclue-bytes-mobile.png.sha1 | 1 + .../for-testers/providing-network-details/index.md | 84 + .../net-export-61.png.sha1 | 1 + .../net-export-raw-bytes-61.png.sha1 | 1 + .../net-internals.PNG.sha1 | 1 + .../providing-network-details/netexport.png.sha1 | 1 + .../netinternals_export.png.sha1 | 1 + .../save-to-file.png.sha1 | 1 + .../start-logging-to-disk.png.sha1 | 1 + .../docs/website/site/for-testers/saft/index.md | 222 + .../website/site/for-testers/test-cases/index.md | 180 + .../touch-firmware-tests/TouchFWTests.png.sha1 | 1 + .../site/for-testers/touch-firmware-tests/index.md | 108 + .../for-testers/unhealthy-tests-report/index.md | 8 + .../site/geforce-now-on-chromebooks/index.md | 297 + .../getting-involved/become-a-committer/index.md | 199 + .../site/getting-involved/bug-triage/index.md | 183 + .../site/getting-involved/dev-channel/index.md | 208 + .../getting-involved/dev-channel/wrench.png.sha1 | 1 + .../getting-involved/download-chromium/index.md | 74 + .../get-bug-editing-privileges/index.md | 60 + .../docs/website/site/getting-involved/index.md | 38 + .../getting-involved/summerofcode2013/index.md | 79 + chromium/docs/website/site/glossary/index.md | 8 + chromium/docs/website/site/hsts/email.png.sha1 | 1 + chromium/docs/website/site/hsts/index.md | 60 + chromium/docs/website/site/index.md | 3 + chromium/docs/website/site/infra/index.md | 27 + .../docs/website/site/irc-support-faq/index.md | 27 + chromium/docs/website/site/irc/index.md | 12 + .../site/issue-tracking/autotriage/index.md | 176 + .../creating-a-bug-template-url/index.md | 78 + .../Component Edit View.png.sha1 | 1 + .../editing-components/Component List.png.sha1 | 1 + .../editing-components/Components.png.sha1 | 1 + .../Development Process.png.sha1 | 1 + .../issue-tracking/editing-components/index.md | 40 + .../how-to-bulk-edit/Bulk Edit - Confirm.png.sha1 | 1 + .../how-to-bulk-edit/Bulk Edit - Worked.png.sha1 | 1 + .../how-to-bulk-edit/Bulk Edit.png.sha1 | 1 + .../site/issue-tracking/how-to-bulk-edit/index.md | 46 + chromium/docs/website/site/issue-tracking/index.md | 29 + .../Conceptual Model.png.sha1 | 1 + .../State Diagram.jpg.sha1 | 1 + .../issue-tracking-lifecycle/index.md | 17 + .../Bulk Edit - Confirm.png.sha1 | 1 + .../migrating-issue-components/Bulk Edit.png.sha1 | 1 + .../Component List.png.sha1 | 1 + .../migrating-issue-components/Components.png.sha1 | 1 + .../Depercate Component.png.sha1 | 1 + .../Development Process.png.sha1 | 1 + .../migrating-issue-components/index.md | 66 + .../release-block-guidelines/index.md | 63 + .../requesting-a-component-or-label/index.md | 66 + .../site/issue-tracking/tips-and-tricks/index.md | 44 + .../index.md | 268 + .../docs/website/site/layout-test-contest/index.md | 293 + .../layout-test-contest-leaderboard/index.md | 8 + .../nativeclient/day-to-day/codereview/index.md | 76 + .../website/site/nativeclient/day-to-day/index.md | 9 + .../day-to-day/infrastructure-faq/index.md | 219 + .../getting-started-background-and-basics/index.md | 245 + .../nacl_diagram.png.sha1 | 1 + .../site/nativeclient/getting-started/index.md | 9 + .../how-tos/3d-tips-and-best-practices/index.md | 146 + .../site/nativeclient/how-tos/build-tcb/index.md | 287 + .../index.md | 155 + .../debugging-a-trusted-plugin-on-linux/index.md | 52 + .../debugging-trusted-plugin-on-windows/index.md | 81 + .../debugging-a-trusted-plugin/index.md | 33 + .../trusted-debugging-on-mac/index.md | 63 + .../debugging-nacl-apps-in-chrome-os/index.md | 51 + .../eclipse add directory path 1.png.sha1 | 1 + .../eclipse add directory path 2.png.sha1 | 1 + .../eclipse build behaviour tab.png.sha1 | 1 + .../eclipse build variables.png.sha1 | 1 + .../eclipse build.png.sha1 | 1 + .../eclipse consoles.png.sha1 | 1 + ...figuration Debugger Gdbserver Settings.png.sha1 | 1 + ...ipse debug configuration Debugger Main.png.sha1 | 1 + ...ebug configuration glibc Debugger Main.png.sha1 | 1 + ...eclipse debug configuration glibc main.png.sha1 | 1 + .../eclipse debug configuration main.png.sha1 | 1 + .../eclipse debug icon.png.sha1 | 1 + .../eclipse gdb_init file.png.sha1 | 1 + .../eclipse glibc hit breakpoint.png.sha1 | 1 + .../eclipse hammer icon.png.sha1 | 1 + .../eclipse hit breakpoint.png.sha1 | 1 + .../eclipse last debug configurations.png.sha1 | 1 + .../eclipse new build variable.png.sha1 | 1 + .../eclipse new debug configuration icon.png.sha1 | 1 + .../eclipse new project.png.sha1 | 1 + .../eclipse output location.png.sha1 | 1 + .../eclipse project view.png.sha1 | 1 + .../eclipse select preferred launcher.png.sha1 | 1 + .../eclipse source location.png.sha1 | 1 + .../eclipse with indexer enabled.png.sha1 | 1 + .../debugging-nacl-apps-in-eclipse-cdt/index.md | 222 + .../getting-started-with-debug-stub/index.md | 121 + .../debugging-with-debug-stub-recommended/index.md | 19 + .../how-tos/debugging-documentation/index.md | 72 + .../how-tos/exception-handling-interface/index.md | 93 + .../how-to-use-git-svn-with-native-client/index.md | 194 + .../index.md | 339 + .../website/site/nativeclient/how-tos/index.md | 9 + .../working-on-the-git-toolchain-repos/index.md | 105 + chromium/docs/website/site/nativeclient/index.md | 24 + .../site/nativeclient/life-of-sel_ldr/index.md | 256 + .../website/site/nativeclient/nameservice/index.md | 170 + .../naming-issues----rationale/index.md | 93 + .../Fragment padding.png.1355408184699.png.sha1 | 1 + .../aligned-bundling-support-in-llvm/index.md | 303 + .../site/nativeclient/pnacl/bitcode-abi/index.md | 12 + .../index.md | 145 + .../nativeclient/pnacl/developing-pnacl/index.md | 503 + .../experimenting-with-generated-bitcode/index.md | 77 + .../docs/website/site/nativeclient/pnacl/index.md | 9 + .../index.md | 151 + .../StabilityofthePNaClbitcodeABI.pdf.sha1 | 1 + .../stability-of-the-pnacl-bitcode-abi/index.md | 1118 ++ .../site/nativeclient/pnacl/subzero/index.md | 11 + .../pnacl/subzero/simple-loop-example/index.md | 373 + .../anatomy-of-a-sys/NaClSyscallFlowchart.png.sha1 | 1 + .../NaClSyscallFlowchart2.png.sha1 | 1 + .../reference/anatomy-of-a-sys/index.md | 161 + .../nativeclient/reference/arm-overview/index.md | 12 + .../reference/external-resource-directory/index.md | 75 + .../website/site/nativeclient/reference/index.md | 9 + .../reference/research-papers/index.md | 30 + .../reference/research-papers/pnacl.pdf.sha1 | 1 + .../website/site/nativeclient/styleguide/index.md | 322 + .../site/network-speed-experiments/index.md | 28 + .../omnibox-history-provider/HQP Search.jpg.sha1 | 1 + .../site/omnibox-history-provider/HQP.jpg.sha1 | 1 + .../site/omnibox-history-provider/HQP.tiff.sha1 | 1 + .../Screen shot 2011-02-16 at 2.59.44 PM.png.sha1 | 1 + .../Screen shot 2011-02-16 at 3.16.49 PM.png.sha1 | 1 + .../caching/Initialization.png.sha1 | 1 + .../caching/Shutdown.png.sha1 | 1 + .../caching/ShutdownDetail.png.sha1 | 1 + .../caching/Startup.png.sha1 | 1 + .../caching/StartupDetail.png.sha1 | 1 + .../site/omnibox-history-provider/caching/index.md | 122 + .../website/site/omnibox-history-provider/index.md | 222 + chromium/docs/website/site/pages.json | 1445 ++ .../docs/website/site/platform-privacy/index.md | 22 + chromium/docs/website/site/quic/index.md | 111 + .../website/site/quic/parse-client-hello/index.md | 11 + .../website/site/quic/playing-with-quic/index.md | 118 + chromium/docs/website/site/quic/quic-faq/index.md | 70 + .../docs/website/site/rvalue-references/index.md | 625 + chromium/docs/website/site/searchbox/index.md | 218 + chromium/docs/website/site/security-keys/index.md | 217 + .../docs/website/site/servicification/index.md | 81 + chromium/docs/website/site/site.json | 3 + ...n_Argument_For_Changing_TCP_Slow_Start.pdf.sha1 | 1 + .../More_Bandwidth_Doesn_t_Matter_2_(2).pdf.sha1 | 1 + .../spdy/effect_of_initial_cwnd_on_plt(1).png.sha1 | 1 + chromium/docs/website/site/spdy/http2/index.md | 20 + chromium/docs/website/site/spdy/index.md | 73 + .../spdy/link-headers-and-server-hint/index.md | 74 + .../link-rel-subresource/index.md | 11 + .../website/site/spdy/spdy-authentication/index.md | 173 + .../website/site/spdy/spdy-best-practices/index.md | 61 + chromium/docs/website/site/spdy/spdy-data/index.md | 37 + .../site/spdy/spdy-data/spdy-bytes.png.sha1 | 1 + .../site/spdy/spdy-data/spdy-pktloss.png.sha1 | 1 + .../website/site/spdy/spdy-data/spdy-rtt.png.sha1 | 1 + .../website/site/spdy/spdy-data/spdy-rtt2.png.sha1 | 1 + .../docs/website/site/spdy/spdy-protocol/index.md | 24 + .../controlframetypes/index.md | 48 + .../spdy-protocol/spdy-protocol-draft1/index.md | 921 + .../spdy-protocol/spdy-protocol-draft2/index.md | 1250 ++ .../spdy-protocol/spdy-protocol-draft3-1/index.md | 1653 ++ .../spdy-protocol/spdy-protocol-draft3-2/index.md | 1711 ++ .../spdy-protocol/spdy-protocol-draft3/index.md | 1754 ++ .../spdy/spdy-protocol/spdyprotocol-xml/index.md | 10 + .../site/spdy/spdy-tools-and-debugging/index.md | 55 + .../website/site/spdy/spdy-whitepaper/index.md | 541 + .../soarjOjSeS5hoFYvjtAnxCg.png.sha1 | 1 + .../spdy_design_and_features_layers.png.sha1 | 1 + chromium/docs/website/site/sts/index.md | 11 + chromium/docs/website/site/sts/redirect.xml | 12 + chromium/docs/website/site/tab-to-search/index.md | 49 + .../teams/animations/animation-objectives/index.md | 261 + .../teams/animations/animation-worklet/index.md | 73 + .../index.md | 148 + .../april-2019-volume-ii/index.md | 85 + .../highlights-archive/april-2019/index.md | 86 + .../index.md | 106 + .../index.md | 298 + .../index.md | 257 + .../highlights-archive/august-2019/index.md | 84 + .../index.md | 175 + .../index.md | 361 + .../index.md | 146 + .../index.md | 255 + .../teams/animations/highlights-archive/index.md | 122 + .../index.md | 124 + .../index.md | 304 + .../highlights-archive/july-2019/index.md | 92 + .../june-2019-volume-ii/index.md | 93 + .../highlights-archive/june-2019/index.md | 89 + .../index.md | 193 + .../index.md | 255 + .../index.md | 240 + .../highlights-archive/march-2019/index.md | 107 + .../index.md | 222 + .../index.md | 440 + .../highlights-archive/may-2019/index.md | 83 + .../index.md | 220 + .../index.md | 116 + .../november-2021-highlights/index.md | 150 + .../highlights-archive/october-2019/index.md | 128 + .../index.md | 135 + .../index.md | 162 + .../index.md | 121 + .../index.md | 99 + .../index.md | 228 + .../highlights-archive/september-update/index.md | 119 + .../index.md | 123 + .../docs/website/site/teams/animations/index.md | 93 + .../site/teams/animations/paint-worklet/index.md | 40 + .../docs/website/site/teams/binding-team/index.md | 40 + .../docs/website/site/teams/device-team/index.md | 33 + chromium/docs/website/site/teams/devtools/index.md | 65 + chromium/docs/website/site/teams/dom-team/index.md | 18 + .../website/site/teams/ecosystem-infra/index.md | 20 + chromium/docs/website/site/teams/index.md | 7 + .../docs/website/site/teams/input-dev/index.md | 153 + .../input-dev/input-objectives/2015-okrs/index.md | 428 + .../input-dev/input-objectives/2016-okrs/index.md | 603 + .../input-dev/input-objectives/2017-okrs/index.md | 965 + .../input-dev/input-objectives/2018-okrs/index.md | 343 + .../site/teams/input-dev/input-objectives/index.md | 103 + .../site/teams/layout-team/bug-triage/index.md | 53 + .../layout-team/eliminating-simple-text/index.md | 125 + .../docs/website/site/teams/layout-team/index.md | 103 + .../layout-team/meeting-notes/20141209/index.md | 72 + .../layout-team/meeting-notes/20150107/index.md | 221 + .../meeting-notes/friday-october-2-2015/index.md | 822 + .../site/teams/layout-team/meeting-notes/index.md | 135 + .../meeting-notes/march-2-2015/index.md | 76 + .../layout-team/meeting-notes/may-28-2015/index.md | 201 + .../meeting-notes/monday-april-11-2016/index.md | 66 + .../meeting-notes/monday-april-13-2015/index.md | 94 + .../meeting-notes/monday-april-20-2015/index.md | 60 + .../meeting-notes/monday-april-25-2016/index.md | 74 + .../meeting-notes/monday-april-27-2015/index.md | 107 + .../meeting-notes/monday-april-4-2016/index.md | 60 + .../meeting-notes/monday-april-6-2015/index.md | 60 + .../meeting-notes/monday-august-10-2015/index.md | 49 + .../meeting-notes/monday-august-17-2015/index.md | 69 + .../meeting-notes/monday-august-24-2015/index.md | 93 + .../meeting-notes/monday-august-29-2016/index.md | 76 + .../meeting-notes/monday-august-3-2015/index.md | 101 + .../meeting-notes/monday-august-31-2015/index.md | 55 + .../meeting-notes/monday-february-1-2016/index.md | 80 + .../meeting-notes/monday-february-2/index.md | 54 + .../meeting-notes/monday-february-21-2016/index.md | 75 + .../meeting-notes/monday-february-22-2016/index.md | 77 + .../meeting-notes/monday-february-23-2015/index.md | 106 + .../meeting-notes/monday-february-28-2016/index.md | 69 + .../meeting-notes/monday-february-29-2016/index.md | 88 + .../meeting-notes/monday-february-8-2016/index.md | 74 + .../meeting-notes/monday-february-9/index.md | 61 + .../meeting-notes/monday-january-11-2016/index.md | 60 + .../meeting-notes/monday-january-4-2016/index.md | 88 + .../meeting-notes/monday-july-13-2015/index.md | 121 + .../meeting-notes/monday-july-18-2016/index.md | 99 + .../meeting-notes/monday-july-20-2015/index.md | 93 + .../meeting-notes/monday-june-1-2015/index.md | 142 + .../meeting-notes/monday-june-22-2015/index.md | 113 + .../meeting-notes/monday-june-27-2016/index.md | 89 + .../meeting-notes/monday-june-6-2016/index.md | 79 + .../meeting-notes/monday-june-8-2015/index.md | 53 + .../meeting-notes/monday-march-16-2015/index.md | 76 + .../meeting-notes/monday-march-23-2015/index.md | 126 + .../meeting-notes/monday-march-30-2015/index.md | 216 + .../meeting-notes/monday-march-7-2016/index.md | 96 + .../meeting-notes/monday-march-9-2015/index.md | 123 + .../meeting-notes/monday-may-16-2016/index.md | 102 + .../meeting-notes/monday-may-4-2015/index.md | 83 + .../meeting-notes/monday-november-23-2015/index.md | 156 + .../meeting-notes/monday-november-30-2015/index.md | 85 + .../meeting-notes/monday-october-12-2015/index.md | 60 + .../meeting-notes/monday-october-19-2015/index.md | 91 + .../meeting-notes/monday-october-5-2015/index.md | 72 + .../monday-september-14-2015/index.md | 151 + .../monday-september-28-2015/index.md | 76 + .../meeting-notes/thursday-april-2-2015/index.md | 327 + .../meeting-notes/thursday-june-4-2015/index.md | 265 + .../tuesday-february-16-2016/index.md | 109 + .../meeting-notes/tuesday-june-16-2015/index.md | 119 + .../meeting-notes/tuesday-march-15-2016/index.md | 109 + .../meeting-notes/tuesday-may-26-2015/index.md | 102 + .../meeting-notes/wednesday-february-18/index.md | 246 + .../site/teams/layout-team/okrs/2015q1/index.md | 182 + .../site/teams/layout-team/okrs/2015q2/index.md | 163 + .../site/teams/layout-team/okrs/2015q3/index.md | 143 + .../site/teams/layout-team/okrs/2015q4/index.md | 250 + .../site/teams/layout-team/okrs/2016q1/index.md | 215 + .../website/site/teams/layout-team/okrs/index.md | 19 + .../teams/layout-team/potential-projects/index.md | 45 + .../site/teams/paint-team/canvas-okrs/index.md | 273 + .../docs/website/site/teams/paint-team/index.md | 11 + .../website/site/teams/paint-team/okrs/index.md | 1217 ++ .../teams/paint-team/paint-team-members/index.md | 39 + .../docs/website/site/teams/rendering/index.md | 442 + .../site/teams/rendering/okrs/2020-q1/index.md | 156 + .../site/teams/rendering/okrs/2020-q2/index.md | 99 + .../website/site/teams/rendering/okrs/index.md | 11 + .../website/site/teams/speed-metrics-team/index.md | 9 + .../docs/website/site/teams/style-team/index.md | 61 + .../site/teams/web-capabilities-fugu/index.md | 74 + .../docs/website/site/teams/worker-team/index.md | 30 + .../site/testing-chrome-ad-filtering/index.md | 35 + .../index.md | 14 + chromium/docs/website/site/throttling/index.md | 62 + .../website/site/updates/first-party-sets/index.md | 90 + chromium/docs/website/site/updates/index.md | 6 + .../website/site/updates/same-site/faq/index.md | 138 + .../same-site/incompatible-clients/index.md | 87 + .../docs/website/site/updates/same-site/index.md | 405 + .../site/updates/same-site/test-debug/index.md | 379 + .../same-site/test-debug/tsyEts8ZOXE.png.sha1 | 1 + .../site/updates/schemeful-same-site/index.md | 8 + .../schemeful-same-site-devtools-issues/index.md | 114 + .../SS of Issue.png.sha1 | 1 + .../SS of flags.png.sha1 | 1 + .../index.md | 216 + .../tsyEts8ZOXE.png.sha1 | 1 + .../docs/website/site/updates/trust-token/index.md | 103 + chromium/docs/website/site/updates/ua-ch/index.md | 95 + .../website/site/updates/ua-reduction/index.md | 362 + .../website/site/user-experience/Chrome.png.sha1 | 1 + .../website/site/user-experience/ChromeOS.png.sha1 | 1 + .../assistive-technology-support/index.md | 66 + .../user-experience/bookmarklets/default.png.sha1 | 1 + .../site/user-experience/bookmarklets/index.md | 51 + .../bookmarklets/install_dialog.png.sha1 | 1 + .../user-experience/bookmarklets/menu.png.sha1 | 1 + .../bookmarklets/menu_context.png.sha1 | 1 + .../bookmarks/bookmark_add.png.sha1 | 1 + .../bookmarks/bookmarks_bar.png.sha1 | 1 + .../site/user-experience/bookmarks/index.md | 81 + .../site/user-experience/downloads-1/index.md | 9 + .../downloads/Moodstats_1.22.zip.sha1 | 1 + .../downloads/download_shelf.png.sha1 | 1 + .../site/user-experience/downloads/index.md | 32 + .../feed-subscriptions/default.png.sha1 | 1 + .../user-experience/feed-subscriptions/index.md | 123 + .../feed-subscriptions/rss_preview.png.sha1 | 1 + .../user-experience/find-in-page/find_bar.png.sha1 | 1 + .../site/user-experience/find-in-page/index.md | 19 + .../history/history_browse.png.sha1 | 1 + .../history/history_results.png.sha1 | 1 + .../website/site/user-experience/history/index.md | 41 + .../user-experience/incognito/incognito2.png.sha1 | 1 + .../site/user-experience/incognito/index.md | 19 + .../docs/website/site/user-experience/index.md | 182 + .../infobars/blue-gradient.png.sha1 | 1 + .../user-experience/infobars/controls.png.sha1 | 1 + .../site/user-experience/infobars/dialog.png.sha1 | 1 + .../infobars/example-ext-crash.png.sha1 | 1 + .../infobars/example-theme.png.sha1 | 1 + .../infobars/example-translate-confirm.png.sha1 | 1 + .../infobars/example-translate.png.sha1 | 1 + .../geolocation/02_embedded_infobar.png.sha1 | 1 + .../geolocation/03_contentsettings.png.sha1 | 1 + .../infobars/geolocation/04_exceptions.png.sha1 | 1 + .../geolocation/05_exceptionsproperties.png.sha1 | 1 + .../infobars/geolocation/06_tracking.png.sha1 | 1 + .../geolocation/07_trackingbubble.png.sha1 | 1 + .../infobars/geolocation/1.png.sha1 | 1 + .../geolocation/example-geolocation.png.sha1 | 1 + .../user-experience/infobars/geolocation/index.md | 30 + .../infobars/grey-gradient.png.sha1 | 1 + .../website/site/user-experience/infobars/index.md | 193 + .../infobars/yellow-gradient.png.sha1 | 1 + .../site/user-experience/keyboard-access/index.md | 126 + .../user-experience/low-vision-support/index.md | 123 + .../multi-profiles/05_signed_in.png.sha1 | 1 + .../09_options_not_signed_in.png.sha1 | 1 + .../Screen shot 2010-11-18 at 2.59.56 PM.png.sha1 | 1 + .../Screen shot 2011-11-01 at 11.21.45 AM.png.sha1 | 1 + .../multi-profiles/cupcake_2.png.sha1 | 1 + .../site/user-experience/multi-profiles/index.md | 174 + .../multi-profiles/profile_menu3.png.sha1 | 1 + .../multi-profiles/signin_1.png.sha1 | 1 + .../multitouch/GesturesImages.png.sha1 | 1 + .../multitouch/gestures_concept.mp4.sha1 | 1 + .../site/user-experience/multitouch/index.md | 90 + .../site/user-experience/new-tab-page/index.md | 60 + .../new-tab-page/new_tab_resources.png.sha1 | 1 + .../notifications/Notifications.png.sha1 | 1 + .../site/user-experience/notifications/index.md | 34 + .../omnibox/cheese_results.png.sha1 | 1 + .../website/site/user-experience/omnibox/index.md | 180 + .../site/user-experience/omnibox/keyword.png.sha1 | 1 + .../omnibox/omnibox-bug-triage-process/index.md | 13 + .../omnibox/omnibox_results.png.sha1 | 1 + .../website/site/user-experience/options/index.md | 31 + .../options/options_basics.png.sha1 | 1 + .../Screen shot 2009-10-14 at 8.47.17 AM.png.sha1 | 1 + .../Screen shot 2010-02-02 at 10.51.45 AM.PNG.sha1 | 1 + .../resolution-independence/index.md | 54 + .../user-experience/screen-reader-support/index.md | 10 + .../site/user-experience/status-bubble/index.md | 65 + .../status-bubble/status_bubble.png.sha1 | 1 + .../status-bubble/status_bubble_hover.png.sha1 | 1 + .../status-bubble/status_bubble_whiter.png.sha1 | 1 + .../website/site/user-experience/tabs/index.md | 38 + .../website/site/user-experience/tabs/tab.png.sha1 | 1 + .../tabs/throbber/chrome_throbber_64.gif.sha1 | 1 + .../site/user-experience/tabs/throbber/index.md | 20 + .../tabs/throbber/throbber.png.sha1 | 1 + .../website/site/user-experience/toolbar/index.md | 78 + ...chromeos_touch_accessibility_user_flow.png.sha1 | 1 + .../site/user-experience/touch-access/index.md | 322 + .../touch-access/playing_around (2).png.sha1 | 1 + .../site/user-experience/ui-strings/index.md | 117 + .../user-experience/user-data-directory/index.md | 10 + .../visual-design/chrome_0.2_psd.zip.sha1 | 1 + .../visual-design/chrome_colorscheme.png.sha1 | 1 + .../site/user-experience/visual-design/index.md | 84 + .../visual-design/mathemagics (1).png.sha1 | 1 + .../window-frame/frame_corners.png.sha1 | 1 + .../site/user-experience/window-frame/index.md | 37 + chromium/docs/website/site/x-subresources/index.md | 119 + .../site/x-subresources/x-subresources-1/index.md | 252 + .../node/linux/node-linux-x64.tar.gz.sha1 | 1 + .../node/mac/node-darwin-x64.tar.gz.sha1 | 1 + .../website/third_party/node/win/node.exe.sha1 | 1 + 2705 files changed, 249961 insertions(+) create mode 100644 chromium/docs/website/.eleventy.js create mode 100644 chromium/docs/website/.firebaserc create mode 100644 chromium/docs/website/.gclient create mode 100644 chromium/docs/website/.vpython3 create mode 100644 chromium/docs/website/AUTHORS create mode 100644 chromium/docs/website/CONTENT_OWNERS create mode 100644 chromium/docs/website/DEPS create mode 100644 chromium/docs/website/OWNERS create mode 100644 chromium/docs/website/PRESUBMIT.py create mode 100644 chromium/docs/website/README.md create mode 100644 chromium/docs/website/docs/AUTHORING.md create mode 100644 chromium/docs/website/docs/CONTRIBUTING.md create mode 100644 chromium/docs/website/docs/OWNERS create mode 100644 chromium/docs/website/infra/config/PRESUBMIT.py create mode 100644 chromium/docs/website/infra/config/generated/commit-queue.cfg create mode 100644 chromium/docs/website/infra/config/generated/cr-buildbucket.cfg create mode 100644 chromium/docs/website/infra/config/generated/luci-logdog.cfg create mode 100644 chromium/docs/website/infra/config/generated/luci-milo.cfg create mode 100644 chromium/docs/website/infra/config/generated/luci-scheduler.cfg create mode 100644 chromium/docs/website/infra/config/generated/project.cfg create mode 100644 chromium/docs/website/infra/config/generated/realms.cfg create mode 100644 chromium/docs/website/infra/config/generated/tricium-prod.cfg create mode 100755 chromium/docs/website/infra/config/main.star create mode 100644 chromium/docs/website/node_modules.tar.gz.sha1 create mode 100755 chromium/docs/website/npmw create mode 100644 chromium/docs/website/originals.tar.gz.sha1 create mode 100644 chromium/docs/website/package-lock.json create mode 100644 chromium/docs/website/package.json create mode 100644 chromium/docs/website/scripts/404s.txt create mode 100644 chromium/docs/website/scripts/common.py create mode 100755 chromium/docs/website/scripts/crawl.py create mode 100755 chromium/docs/website/scripts/export.py create mode 100755 chromium/docs/website/scripts/fetch_node_modules.py create mode 100755 chromium/docs/website/scripts/gen_paths_that_were_edited_by_hand create mode 100755 chromium/docs/website/scripts/gen_paths_to_skip create mode 100644 chromium/docs/website/scripts/html2markdown.py create mode 100644 chromium/docs/website/scripts/paths_that_were_edited_by_hand.txt create mode 100644 chromium/docs/website/scripts/paths_to_crawl.txt create mode 100644 chromium/docs/website/scripts/paths_to_skip.txt create mode 100644 chromium/docs/website/scripts/subpages.js create mode 100755 chromium/docs/website/scripts/upload_lobs.py create mode 100644 chromium/docs/website/site/Home/chromecompatfaq/index.md create mode 100644 chromium/docs/website/site/Home/chromium-clobber-landmines/index.md create mode 100644 chromium/docs/website/site/Home/chromium-privacy/index.md create mode 100644 chromium/docs/website/site/Home/chromium-privacy/privacy-sandbox/covert-tracking/index.md create mode 100644 chromium/docs/website/site/Home/chromium-privacy/privacy-sandbox/floc/Sensitivity of Cohorts.pdf.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-privacy/privacy-sandbox/floc/index.md create mode 100644 chromium/docs/website/site/Home/chromium-privacy/privacy-sandbox/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/adding-permissions/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/chrome-sandbox-diagnostics-for-windows/decode-mitigation-flags.html create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/chrome-sandbox-diagnostics-for-windows/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/diag4.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram1.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram2.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram3.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/articles/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/binding-integrity/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/boringssl/contributing/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/boringssl/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/brag-sheet/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/bugs/automated-triage/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/bugs/automatic-filing/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/bugs/developing-fuzzers-for-clusterfuzz/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/bugs/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/bugs/using-clusterfuzz/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/certificate-transparency/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/mmd_monitor_root.crt create mode 100644 chromium/docs/website/site/Home/chromium-security/chromium-and-emet/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/clean-software-alliance/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/client-identification-mechanisms/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/corb-for-developers/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/core-principles/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/crlsets/CRLSetComponents.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/crlsets/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/deprecating-permissions-in-cross-origin-iframes/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/deprecating-powerful-features-on-insecure-origins/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/education/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/education/security-tips-for-crx-and-apps/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/education/security-tips-for-ipc/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/education/tls/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/education/tls/sha-1/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/enamel/goals-for-the-origin-info-bubble/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/enamel/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/enamel/origins.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/enamel/permissions/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/enamel/restricting-iframe-permissions/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/extension-content-script-fetches/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/guts/Chrome Security Architecture.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/guts/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/hall-of-fame/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/ipc-security-reviews/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/malicious-extensions-protection/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages with User Input.gif.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages@1x.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 1.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 2.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/form-and-incognito-http-bad-verbose.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/http-bad-sep-2018.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-narrow.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-wide.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/mds/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/memory-safety/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/memory-safety/piechart.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/memory-safety/rust-and-c-interoperability/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/memory-safety/sat3CHOc8lXZbGicChW6w5Q.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/owp/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/owp/web-platform-security-backlog/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/pdfium-security/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/pgp-key/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/prefer-secure-origins-for-powerful-new-features/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/pwnium-2/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/pwnium-3/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/pwnium-4/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/quarterly-updates/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/reporting-security-bugs/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/reviews-and-consulting/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/root-ca-policy/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/security-bug-lifecycle/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/security-faq/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/security-faq/service-worker-security-faq/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/security-labels/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/security-release-management/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/security-reviews/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (1).png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (2).png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (3).png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/security-sheriff/Screen Shot 2016-05-20 at 15.41.22.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/security-sheriff/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/site-isolation/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-1.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-2.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/site-isolation/site-per-process-flag.png.sha1 create mode 100644 chromium/docs/website/site/Home/chromium-security/ssca/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/strict-origin-isolation-trial/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/symantec-legacy-pki/index.md create mode 100644 chromium/docs/website/site/Home/chromium-security/vulnerability-rewards-program/index.md create mode 100644 chromium/docs/website/site/Home/debugging-on-webview/index.md create mode 100644 chromium/docs/website/site/Home/domui-testing/index.md create mode 100644 chromium/docs/website/site/Home/domui-testing/webui-browser_tests/index.md create mode 100644 chromium/docs/website/site/Home/domui-testing/webui-browser_tests/webui-accessibility-audit/index.md create mode 100644 chromium/docs/website/site/Home/flying_browser.png.sha1 create mode 100644 chromium/docs/website/site/Home/google-ssl.xml create mode 100644 chromium/docs/website/site/Home/ice-cream-sandwich-support-deprecation-faq/index.md create mode 100644 chromium/docs/website/site/Home/index.md create mode 100644 chromium/docs/website/site/Home/loading/clovis/index.md create mode 100644 chromium/docs/website/site/Home/loading/index.md create mode 100644 chromium/docs/website/site/Home/loading/oor-cors/index.md create mode 100644 chromium/docs/website/site/Home/loading/oor-cors/netlogchk.html create mode 100644 chromium/docs/website/site/Home/memory/index.md create mode 100644 chromium/docs/website/site/Home/third-party-developers/index.md create mode 100644 chromium/docs/website/site/Home/tls13/index.md create mode 100644 chromium/docs/website/site/OWNERS create mode 100644 chromium/docs/website/site/_assets/customLogo.png.sha1 create mode 100644 chromium/docs/website/site/_includes/page.njk create mode 100644 chromium/docs/website/site/_scripts/selector.js create mode 100644 chromium/docs/website/site/_stylesheets/_reset.scss create mode 100644 chromium/docs/website/site/_stylesheets/default.scss create mode 100644 chromium/docs/website/site/administrators/advanced-integration-for-saml-sso-on-chrome-devices/index.md create mode 100644 chromium/docs/website/site/administrators/certificate-management-extension-api-on-chrome-os/index.md create mode 100644 chromium/docs/website/site/administrators/common-problems-and-solutions/index.md create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks4.png.sha1 create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks5.png.sha1 create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks6.png.sha1 create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/index.md create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/reg1.png.sha1 create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/reg2.png.sha1 create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/reg3.png.sha1 create mode 100644 chromium/docs/website/site/administrators/complex-policies-on-windows/reg4.png.sha1 create mode 100644 chromium/docs/website/site/administrators/configuring-other-preferences/index.md create mode 100644 chromium/docs/website/site/administrators/configuring-policy-for-extensions/index.md create mode 100644 chromium/docs/website/site/administrators/diagnostic-mode/diagmode_wiki.png.sha1 create mode 100644 chromium/docs/website/site/administrators/diagnostic-mode/index.md create mode 100644 chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/1.png.sha1 create mode 100644 chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/2.png.sha1 create mode 100644 chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/3.png.sha1 create mode 100644 chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/index.md create mode 100644 chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/index.md create mode 100644 chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/redirect-dh.xml create mode 100644 chromium/docs/website/site/administrators/frequently-asked-questions/index.md create mode 100644 chromium/docs/website/site/administrators/guide-for-chrome-os-saml-sso-smart-card-integration/index.md create mode 100644 chromium/docs/website/site/administrators/index.md create mode 100644 chromium/docs/website/site/administrators/installation/index.md create mode 100644 chromium/docs/website/site/administrators/ios-mdm-policy-format/index.md create mode 100644 chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_chrome_policy.plist create mode 100644 chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_encoded_chrome_policy.plist create mode 100644 chromium/docs/website/site/administrators/linux-quick-start/index.md create mode 100644 chromium/docs/website/site/administrators/log-messages/index.md create mode 100644 chromium/docs/website/site/administrators/mac-quick-start/index.md create mode 100644 chromium/docs/website/site/administrators/policy-list-3/atomic_groups/index.md create mode 100644 chromium/docs/website/site/administrators/policy-list-3/cookie-legacy-samesite-policies/index.md create mode 100644 chromium/docs/website/site/administrators/policy-list-3/deprecated-policies/index.md create mode 100644 chromium/docs/website/site/administrators/policy-list-3/extension-settings-full/index.md create mode 100644 chromium/docs/website/site/administrators/policy-list-3/index.md create mode 100644 chromium/docs/website/site/administrators/policy-list-3/user-data-directory-variables/index.md create mode 100644 chromium/docs/website/site/administrators/policy-templates/index.md create mode 100644 chromium/docs/website/site/administrators/pre-installed-extensions/index.md create mode 100644 chromium/docs/website/site/administrators/turning-off-auto-updates/index.md create mode 100644 chromium/docs/website/site/administrators/url-blacklist-filter-format/index.md create mode 100644 chromium/docs/website/site/administrators/url-blocklist-filter-format/index.md create mode 100644 chromium/docs/website/site/administrators/windows-quick-start/GoogleChromeStandaloneEnterprise.msi.sha1 create mode 100644 chromium/docs/website/site/administrators/windows-quick-start/index.md create mode 100644 chromium/docs/website/site/android/contributing-to-drm_hwcomposer/index.md create mode 100644 chromium/docs/website/site/android/drm_hwcomposer-overview/index.md create mode 100644 chromium/docs/website/site/android/index.md create mode 100644 chromium/docs/website/site/apple-touch-icon.png.sha1 create mode 100644 chromium/docs/website/site/audio-video/ChromiumMediaBuffering.png.sha1 create mode 100644 chromium/docs/website/site/audio-video/ChromiumMediaBuffering.svg.sha1 create mode 100644 chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack (1).png.sha1 create mode 100644 chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack.png.sha1 create mode 100644 chromium/docs/website/site/audio-video/autoplay/autoplay-policy-design-rationale/index.md create mode 100644 chromium/docs/website/site/audio-video/autoplay/autoplay-pre-seeding-in-chrome/index.md create mode 100644 chromium/docs/website/site/audio-video/autoplay/index.md create mode 100644 chromium/docs/website/site/audio-video/index.md create mode 100644 chromium/docs/website/site/audio-video/media-internals/index.md create mode 100644 chromium/docs/website/site/blink/activedomobject/index.md create mode 100644 chromium/docs/website/site/blink/blink-api-owners-requirements/index.md create mode 100644 chromium/docs/website/site/blink/blink-gardening/index.md create mode 100644 chromium/docs/website/site/blink/blink-gc/index.md create mode 100644 chromium/docs/website/site/blink/blink-in-js/index.md create mode 100644 chromium/docs/website/site/blink/blink-network-stack/index.md create mode 100644 chromium/docs/website/site/blink/blink-post-merge-faq/index.md create mode 100644 chromium/docs/website/site/blink/blink-testing-and-the-w3c/index.md create mode 100644 chromium/docs/website/site/blink/blink-triaging/index.md create mode 100644 chromium/docs/website/site/blink/coding-style/index.md create mode 100644 chromium/docs/website/site/blink/coding-style/layout-test-style-guidelines/index.md create mode 100644 chromium/docs/website/site/blink/deprecating-features/index.md create mode 100644 chromium/docs/website/site/blink/developer-faq/index.md create mode 100644 chromium/docs/website/site/blink/developer-faq/lewishead.jpg.1365009990294.png.sha1 create mode 100644 chromium/docs/website/site/blink/developer-faq/paulhead.jpg.1365009992996.png.sha1 create mode 100644 chromium/docs/website/site/blink/directory-dependency-in-blink/before.png.sha1 create mode 100644 chromium/docs/website/site/blink/directory-dependency-in-blink/before_merge_resized.png.sha1 create mode 100644 chromium/docs/website/site/blink/directory-dependency-in-blink/index.md create mode 100644 chromium/docs/website/site/blink/dom-exceptions/index.md create mode 100644 chromium/docs/website/site/blink/getting-started-with-blink-debugging/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/api-owners/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/api-owners/procedures/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/api-owners/requirements/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/blink-api-owners-requirements/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/values/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/web-exposed/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/web-platform-changes-guidelines/index.md create mode 100644 chromium/docs/website/site/blink/guidelines/web-platform-changes-process/index.md create mode 100644 chromium/docs/website/site/blink/how-repaint-works/index.md create mode 100644 chromium/docs/website/site/blink/importing-the-w3c-tests/index.md create mode 100644 chromium/docs/website/site/blink/index.md create mode 100644 chromium/docs/website/site/blink/intent-security-triage/index.md create mode 100644 chromium/docs/website/site/blink/launching-features/how-chrome-status-communicates/index.md create mode 100644 chromium/docs/website/site/blink/launching-features/index.md create mode 100644 chromium/docs/website/site/blink/launching-features/let-developers-know/index.md create mode 100644 chromium/docs/website/site/blink/launching-features/old-process/index.md create mode 100644 chromium/docs/website/site/blink/layoutng/index.md create mode 100644 chromium/docs/website/site/blink/layoutng/kern-ng.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/kern_legacy.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/legacy_ar_wrap.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/legacy_dlig_jp.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/legacy_float_margin.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/legacy_float_overlap.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/legacy_shape.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/ng_ar_wrap.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/ng_dlig_jp.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/ng_float_margin.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/ng_float_overlap.png.sha1 create mode 100644 chromium/docs/website/site/blink/layoutng/ng_shape.png.sha1 create mode 100644 chromium/docs/website/site/blink/memory-team/index.md create mode 100644 chromium/docs/website/site/blink/origin-trials/index.md create mode 100644 chromium/docs/website/site/blink/origin-trials/portals/DevTools_Breakpoint_Workaround.png.sha1 create mode 100644 chromium/docs/website/site/blink/origin-trials/portals/consolewarning.png.sha1 create mode 100644 chromium/docs/website/site/blink/origin-trials/portals/index.md create mode 100644 chromium/docs/website/site/blink/origin-trials/running-an-origin-trial/index.md create mode 100644 chromium/docs/website/site/blink/platform-predictability/compat-tools/index.md create mode 100644 chromium/docs/website/site/blink/platform-predictability/index.md create mode 100644 chromium/docs/website/site/blink/platform-predictability/objectives/index.md create mode 100644 chromium/docs/website/site/blink/public-c-api/index.md create mode 100644 chromium/docs/website/site/blink/removing-features/index.md create mode 100644 chromium/docs/website/site/blink/runtime-enabled-features/index.md create mode 100644 chromium/docs/website/site/blink/serviceworker/getting-started/index.md create mode 100644 chromium/docs/website/site/blink/serviceworker/index.md create mode 100644 chromium/docs/website/site/blink/serviceworker/service-worker-faq/index.md create mode 100644 chromium/docs/website/site/blink/serviceworker/service-worker-faq/resources-sw.png.sha1 create mode 100644 chromium/docs/website/site/blink/serviceworker/testing/index.md create mode 100644 chromium/docs/website/site/blink/sheriffing/index.md create mode 100644 chromium/docs/website/site/blink/sheriffing/triaging-gasper-alerts/index.md create mode 100644 chromium/docs/website/site/blink/slimming-paint/historical-documents/index.md create mode 100644 chromium/docs/website/site/blink/slimming-paint/index.md create mode 100644 chromium/docs/website/site/blink/spec-mentors/index.md create mode 100644 chromium/docs/website/site/blink/unittesting/index.md create mode 100644 chromium/docs/website/site/blink/unittesting/printto-confusing.cpp create mode 100644 chromium/docs/website/site/blink/unittesting/printto-workaround.cpp create mode 100644 chromium/docs/website/site/blink/v8-bindings/index.md create mode 100644 chromium/docs/website/site/blink/web-workers/index.md create mode 100644 chromium/docs/website/site/blink/webcrypto/index.md create mode 100644 chromium/docs/website/site/blink/webidl/blink-idl-extended-attributes/index.md create mode 100644 chromium/docs/website/site/blink/webidl/index.md create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/Screen Shot 2015-04-04 at 3.19.28 PM.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/Screen Shot 2015-04-04 at 4.18.39 PM.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/Screen Shot 2015-04-04 at 5.36.49 PM.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/Screen Shot 2015-04-04 at 5.38.39 PM.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/Untitled-5.fw.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/chromestatus42.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/chromeversion.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/cr-commit-pos.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/f3a.png.sha1 create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/index.md create mode 100644 chromium/docs/website/site/blink/when-will-a-fix-ship-in-chrome-stable-or-canary/omahaprox.png.sha1 create mode 100644 chromium/docs/website/site/blinkon-16/index.md create mode 100644 chromium/docs/website/site/careers/index.md create mode 100644 chromium/docs/website/site/careers/logo_chrome_color_144dp.png.sha1 create mode 100644 chromium/docs/website/site/cecpq2/index.md create mode 100644 chromium/docs/website/site/chrome-apps/index.md create mode 100644 chromium/docs/website/site/chrome-os-devices-and-kernel-versions/index.md create mode 100644 chromium/docs/website/site/chrome-release-channels/index.md create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/2014 Chrome OS Firmware Summit- Chrome EC.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/2014 Chrome OS Firmware Summit- Overview.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/ARM coreboot porting.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/Chrome OS Firmware - 2017.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/Chrome OS Firmware Summit- Sundries.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/ChromeOS firmware summit - Depthcharge.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/Coreboot Mainboard Porting.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/index.md create mode 100644 chromium/docs/website/site/chromium-os/2014-firmware-summit/x86 coreboot porting.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/android-apps/index.md create mode 100644 chromium/docs/website/site/chromium-os/bias-on-chromium-os/index.md create mode 100644 chromium/docs/website/site/chromium-os/bluetooth-pairing-method-confusion-on-chrome-os/index.md create mode 100644 chromium/docs/website/site/chromium-os/cable-and-adapter-tips-and-tricks/SourcePowerRule.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/cable-and-adapter-tips-and-tricks/index.md create mode 100644 chromium/docs/website/site/chromium-os/ccd/951-00273-01_20180607_suzyqable_SCH_1.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/ccd/index.md create mode 100644 chromium/docs/website/site/chromium-os/ccd/suzy-qs-1.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chrome-os-systems-supporting-adb-debugging-over-usb/index.md create mode 100644 chromium/docs/website/site/chromium-os/chrome-os-systems-supporting-android-apps/index.md create mode 100644 chromium/docs/website/site/chromium-os/chrome-os-systems-supporting-instant-tethering/index.md create mode 100644 chromium/docs/website/site/chromium-os/chrome-os-systems-supporting-linux/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromeos-graphics-reading-list/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromium-os-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/autoupdate-details/cycle_break.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/autoupdate-details/example.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/autoupdate-details/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/boot-design/boot_design_diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/boot-design/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cbi-cros-board-info/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chrome-os-battery-life-overview/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chrome-os-performance-overview/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chrome-os-volume-keys/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chromium-os-cgroups/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chromium-os-kernel/dco/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chromium-os-kernel/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chromium-os-kernel/submitting-patches/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chromium-os-libcros/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/chromium-os-printing-design/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cras-chromeos-audio-server/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cros-network/cellular-activation/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cros-network/chrome-network-debugging/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cros-network/fake-cromo/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cros-network/fake-gsm-modem/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cros-network/fakemodem/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/cros-network/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/developer-mode/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/developer-shell-access/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/disk-format/flow.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/disk-format/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/disk-format/kernel2.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/disk-format/layout.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/ec-3po/EC-3PO- The EC console interpreter (1).png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/ec-3po/EC-3PO- The EC console interpreter.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/ec-3po/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/filesystem-autoupdate-supplements/bootloader_flowpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/filesystem-autoupdate-supplements/firmware_updaterpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/filesystem-autoupdate-supplements/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/filesystem-autoupdate-supplements/partition_extra_bitspng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/filesystem-autoupdate-supplements/recovery_imagepng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/filesystem-autoupdate/ChromeOSFilesystemAutoupdate.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/filesystem-autoupdate/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/firmware-boot-and-recovery/ChromeOSFirmwareBootandRecoveryPUBLISHED.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/firmware-boot-and-recovery/eeprom-mappng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/firmware-boot-and-recovery/flowchart1png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/firmware-boot-and-recovery/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/firmware-boot-and-recovery/s0hDprW1DevZ8KuyE5lsKIg_903.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/firmware-updates/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/hardening-against-malicious-stateful-data/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/keyboard-controlled-reset-circuit/KbdReset.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/keyboard-controlled-reset-circuit/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/library-optimization/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/login/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/lucid-sleep/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/network-portal-detection/FlimflamServiceStateMachine (1).png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/network-portal-detection/FlimflamServiceStateMachine.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/network-portal-detection/FlimflamServiceStateMachine.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/network-portal-detection/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/onc/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/open-network-configuration/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/out-of-memory-handling/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/out-of-memory-handling/pprof.renderer.espn.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/out-of-memory-handling/pprof.renderer.gmail.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/partition-resizing/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/partition-resizing/resize_partitionpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/powerwash/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/protecting-cached-user-data/ChromeOSCryptohomeTPMusage.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/protecting-cached-user-data/ChromiumOS_TPM_Cryptohome.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/protecting-cached-user-data/disk-encryption-benchmarks--ecryptfs2bext3-1008hapdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/protecting-cached-user-data/disk-encryption-benchmarks--no-encryptionpdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/protecting-cached-user-data/disk-encryption-on-chrome-os--dmcrypt2bext42b1008hapdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/protecting-cached-user-data/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/recovery-mode/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/recovery-mode/sk78RvI_UcGGddwNUBzsAcA.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/recovery-mode/srjy2ox0dbMkVTv25qW2QdA.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/security-overview/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/software-architecture/chromepng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/software-architecture/firmwarepng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/software-architecture/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/software-architecture/overviewpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/software-architecture/systempng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/source-code-management/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/source-code-management/repo-archpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/system-hardening/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/system-notifications/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/tab-discarding-and-reloading/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/text-input/basic-architecture.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/text-input/basic-architecture2.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/text-input/candidate_window.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/text-input/candidate_window_demo.swf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/text-input/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/text-input/input.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/text-input/syncing-input-methods/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/touch-firmware-updater/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/upstream-first/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/user-accounts-and-management/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/userland-boot/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-crypto/cryptospecs.webp.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-crypto/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/VerifiedBootDataStructures (1).png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/VerifiedBootDataStructures.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/firmware.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/kernel.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/keyblock.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/normal.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/readonly.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/recovery.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/vbpublickey.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot-data-structures/vbsignature.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot/diag2png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verified-boot/index.md create mode 100644 chromium/docs/website/site/chromium-os/chromiumos-design-docs/verify-prebuilts-using-content-hashing/index.md create mode 100644 chromium/docs/website/site/chromium-os/comp2_200x146.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/comp2jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/containers-update/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/BugTrackerName.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/TrackerName.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/beaglebone/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/chromium-os-sandboxing/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/chromium-os-sandboxing/mount_event_propagation.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/developer-workflow/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/directory-structure/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/disk-layout-format/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/gerrit-guide/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/go-in-chromium-os/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/upstreaming-drm-patches/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-guide/using-serial-tty/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-ac700-chromebook/acer-zgb-bottm-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-ac700-chromebook/acer-zgb-bottom.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-ac700-chromebook/acer-zgb-top-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-ac700-chromebook/back.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-ac700-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-ac700-chromebook/newback.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-1-card-front.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-1-front.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-10-side-right-grey.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-2-front-grey.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-4-left-grey.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-5-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-6-right-grey.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-7-side-left.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-8-side-left-grey.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/gallery-AcerChromebook11-9-side-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c670-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c7-chromebook/acer-c7-bottom-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c7-chromebook/acer-c7-bottom-screws.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c7-chromebook/acer-c7-case-bottom.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c7-chromebook/acer-c7-top-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c7-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c720-chromebook/c720-chromebook-annotated-innards.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c720-chromebook/c720-chromebook-innards-small.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c720-chromebook/c720-chromebook-innards.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c720-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/chromebook_0001s_0000_Acer-Chromebook-15-01-front.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/chromebook_0001s_0001_Acer-Chromebook-15-02-left.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/chromebook_0001s_0002_Acer-Chromebook-15-03-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/chromebook_0001s_0003_Acer-Chromebook-15-04-side-left.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/chromebook_0001s_0004_Acer-Chromebook-15-05-side-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/chromebook_0001s_0005_Acer-Chromebook-15-06-group-black.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/chromebook_0001s_0006_Acer-Chromebook-15-07-group-white.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-c910-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-cb5-311-chromebook-13/gallery-Acer-Chromebook13-1-card-front.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-cb5-311-chromebook-13/gallery-Acer-Chromebook13-1-front.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-cb5-311-chromebook-13/gallery-Acer-Chromebook13-2-left.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-cb5-311-chromebook-13/gallery-Acer-Chromebook13-3-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-cb5-311-chromebook-13/gallery-Acer-Chromebook13-4-side-left.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-cb5-311-chromebook-13/gallery-Acer-Chromebook13-5-side-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/acer-cb5-311-chromebook-13/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/asus-chromebox/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/center-negative-polarity.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/center-positive-polarity.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/chromebook-pixel-2015/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/chromebook-pixel/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/chromebook-pixel/link-bottom-guts-labeled.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/chromebook-pixel/link-bottom-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/Mario_DevSwitchOff.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/Mario_DevSwitchOn.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/Mario_DevSwitchOn.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/Mario_DevSwitchTape.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/Mario_DevSwitchTape.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/cr48_recovery_button.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/how-to-boot-ubuntu-on-a-cr-48/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/mario-bottom-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/cr-48-chrome-notebook-developer-information/mario-top-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/custom-firmware/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/dell-chromebook-11/Selection_459.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/dell-chromebook-11/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/dell-chromebook-11/wolf_wp.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/direct-current.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/generic/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/h2c-firmware/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-11/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/hero.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-1.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-2.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-3.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-4.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-5.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-6.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-7.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebook-14/large-8.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-chromebox/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-pavilion-14-chromebook/butterfly-bottom-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-pavilion-14-chromebook/butterfly-cpanel.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-pavilion-14-chromebook/butterfly-dpanel.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-pavilion-14-chromebook/butterfly-keyboard.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-pavilion-14-chromebook/butterfly-top-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-pavilion-14-chromebook/butterfly-top-wp.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/hp-pavilion-14-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-11/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-1-card-hinge.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-1-hinge.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-2-front.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-3-left.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-4-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-5-hinge.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-6-side-left.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/gallery-LenovoChromebookN20p-7-side-right.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-chromebook-n20/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-thinkpad-x131e-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-thinkpad-x131e-chromebook/stout-bare-bottom.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-thinkpad-x131e-chromebook/stout-bare-top.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-thinkpad-x131e-chromebook/stout-inside-bottom.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lenovo-thinkpad-x131e-chromebook/stout-inside-top.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-1-F-101_White_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-1-card-F-101_White_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-10-S-102_Black_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-11-S-101_White_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-12-S-101_Black_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-2-F-101_Black_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-3-B-113_White_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-4-B-113_Black_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-5-B-102F_White_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-6-B-102F_Black_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-7-S-103_White_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-8-S-103_Black_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/gallery-LG-9-S-102_White_Monitor_from-Sandbox.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/lg-chromebase-22cv241-w/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/running-virtual-machines-on-your-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook/arm-chromebook-bottom-screw.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook/arm-chromebook-inside-annotated.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook/arm-chromebook-inside.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook/snow-bottom-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook/snow-top-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-arm-chromebook/snow-top-guts.xcf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-chromebook-2/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/coreboot-vmx-hack/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/lumpy-case.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/lumpy-dev-switch.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/lumpy-internals-bare.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/lumpy-internals-top.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/lumpy-internals.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/lumpy.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/stumpy-bottom-bare.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/stumpy-bottom-cards.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/stumpy-dev-switch.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/stumpy-top-bare.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/stumpy-top-full.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/stumpy-top-mid.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-sandy-bridge/stumpy.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/a.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/alex-bottom-guts-no-battery.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/alex-bottom-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/alex-top-guts.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/alex_reset.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/b.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/cc.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/samsung-series-5-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/toshiba-cb30-chromebook/c720-chromebook-innards.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/toshiba-cb30-chromebook/chromebook_leon_write_protect.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/toshiba-cb30-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/tp-link-onhub-tgr1900/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/tp-link-onhub-tgr1900/tplink_black.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/tp-link-onhub-tgr1900/tplink_blue.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/tp-link-onhub-tgr1900/tplink_top.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/tp-link-onhub-tgr1900/whirlwind-dev-screw.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/upstream-coreboot-on-intel-haswell-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/developer-information-for-chrome-os-devices/workaround-for-battery-discharge-in-dev-mode/index.md create mode 100644 chromium/docs/website/site/chromium-os/developing-apps-on-your-chromium-os-device/index.md create mode 100644 chromium/docs/website/site/chromium-os/dingdong/810-10117-03_20151211_dingdong_SCH_0.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/dingdong/DingDong Block Diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/dingdong/chromium-os-dingdong.tar.bz2.sha1 create mode 100644 chromium/docs/website/site/chromium-os/dingdong/index.md create mode 100644 chromium/docs/website/site/chromium-os/donnettes/index.md create mode 100644 chromium/docs/website/site/chromium-os/donnettes/smart receptacle-05042017.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/ec-development/ap-ec-communication/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/charge-manager/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/ec-3po/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/ec-image-geometry-spec/cr50.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/ec-development/ec-image-geometry-spec/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/ec-image-geometry-spec/storage2.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/ec-development/getting-started-building-ec-images-quickly/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/stack-size-analyzer/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/usb-low-power-boot/PD Low Battery Boot.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/ec-development/usb-low-power-boot/index.md create mode 100644 chromium/docs/website/site/chromium-os/ec-development/usb-low-power-boot/new_low_bat.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/ec-development/usb-low-power-boot/samus_low_bat.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/external-bsp-hosting/index.md create mode 100644 chromium/docs/website/site/chromium-os/extracting-a-recovery-kernel-from-a-recovery-image/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/1-overview/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/1-overview/the-crosfw-script/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/2-concepts/Verified Boot Flow.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/2-concepts/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/firmware-ec-write-protection/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/fmap/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-porting-guide/u-boot-drivers/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-summit/index.md create mode 100644 chromium/docs/website/site/chromium-os/firmware-update/index.md create mode 100644 chromium/docs/website/site/chromium-os/forced-re-enrollment/index.md create mode 100644 chromium/docs/website/site/chromium-os/fwmp/index.md create mode 100644 chromium/docs/website/site/chromium-os/gentoo-package-upgrade-process/index.md create mode 100644 chromium/docs/website/site/chromium-os/getting-dev-hardware/dev-hardware-list/ChromeOSCompatibilitylist-20091121-A.xlsx.sha1 create mode 100644 chromium/docs/website/site/chromium-os/getting-dev-hardware/dev-hardware-list/icon-checkmark.gif.sha1 create mode 100644 chromium/docs/website/site/chromium-os/getting-dev-hardware/dev-hardware-list/index.md create mode 100644 chromium/docs/website/site/chromium-os/getting-dev-hardware/index.md create mode 100644 chromium/docs/website/site/chromium-os/getting-started-with-glmark2/glmark2-9999.ebuild create mode 100644 chromium/docs/website/site/chromium-os/getting-started-with-glmark2/index.md create mode 100644 chromium/docs/website/site/chromium-os/getting-started-with-platform2/index.md create mode 100644 chromium/docs/website/site/chromium-os/gfx-test-notes/index.md create mode 100644 chromium/docs/website/site/chromium-os/glitch-vulnerability-status/index.md create mode 100644 chromium/docs/website/site/chromium-os/hoho/810-10116-02_20150109_hdmi_SCH_0.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/hoho/HoHo Block Diagram (1).png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/hoho/HoHo Block Diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/hoho/chromium-os-hoho.tar.bz2.sha1 create mode 100644 chromium/docs/website/site/chromium-os/hoho/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/a-brief-perf-how-to/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/a-brief-perf-how-to/perf.patch.txt create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/add-a-new-package/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/boot-mainline-kernel-on-veyron-jaq/.config.sha1 create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/boot-mainline-kernel-on-veyron-jaq/cmdline create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/boot-mainline-kernel-on-veyron-jaq/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/boot-mainline-kernel-on-veyron-jaq/rk3228-veyron-jaq.its create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/building-chromium-browser/chrome-api-keys-in-the-chroot/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/building-chromium-browser/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/building-factory-test-images/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/chrome-with-libcras-on-gprecise/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/chromiumos-architecture-porting-guide/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/chromiumos-board-porting-guide/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/chromiumos-board-porting-guide/private-boards/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/create-a-cl/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/creating-local-mirrors/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-3g/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-3g/manual-e362-setup/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-3g/modem-debugging-with-mmcli/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-features/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-hangs/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-tips/host-file-access/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-tips/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-tips/setting-up-tcpdump/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/debugging-tips/target-serial-access/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/developer-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/extension-support-for-app-webviews/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/force-out-of-box-experience-oobe/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/get-a-3g-modem-running/GSM PIN code types.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/get-a-3g-modem-running/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/git-helpers/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/git-server-side-information/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/git-troubleshooting/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/helper-scripts/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/install-software-on-base-images/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/kernel-configuration/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/kernel-configuration/kernel_config_diag.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/kernel-configuration/kernel_config_diag.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/kernel-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/kernel-rebase-notes/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/llvm-clang-build/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0001-FROMLIST-drm-panel-add-Kingdisplay-kd097d04-panel-dr.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0002-CHROMIUM-drm-Add-drm_master_relax-debugfs-file-non-r.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0003-CHROMIUM-drm-Allow-DRM_IOCTL_MODE_MAP_DUMB-for-rende.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0004-CHROMIUM-drm-Allow-render-node-access-to-KMS-getters.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0005-CHROMIUM-drm-Allow-DRM_IOCTL_MODE_DESTROY_DUMB-for-r.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0006-CHROMIUM-drm-rockchip-Enable-rendernode.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0007-CHROMIUM-drm-rockchip-Add-GEM-ioctls.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/0008-CHROMIUM-Revert-drm-vgem-create-a-render-node-for-vg.patch create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/chrome-os-mainline-kernel-on-kevin-chromebook-plus/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/mainline-kernel-on-kevin-chromebook-plus/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/measuring-boot-time-performance/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/modemmanager/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/network-based-development/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/nfs-quickstart/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/openvpn-manual-setup/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/portage-build-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/remote-debugging/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/running-chromeos-image-under-virtual-machines/Screenshot-QEMU-KVM.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/running-chromeos-image-under-virtual-machines/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/serial-debugging-howto/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/tsc-resynchronization/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/upgrade-ebuild-eapis/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/using-an-upstream-kernel-on-snow/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/using-the-dev-server/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/using-the-dev-server/xbuddy-for-devserver/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/visualizing-the-rootfs/Screenshot from 2013-04-08 13_46_48.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/visualizing-the-rootfs/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/working-on-a-branch/index.md create mode 100644 chromium/docs/website/site/chromium-os/how-tos-and-troubleshooting/working-with-your-overlay-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/index.md create mode 100644 chromium/docs/website/site/chromium-os/lazy-fp-restore-vulnerability-status/index.md create mode 100644 chromium/docs/website/site/chromium-os/licensing/building-a-distro/index.md create mode 100644 chromium/docs/website/site/chromium-os/licensing/index.md create mode 100644 chromium/docs/website/site/chromium-os/licensing/licensing-for-chromiumos-developers/index.md create mode 100644 chromium/docs/website/site/chromium-os/licensing/licensing-for-chromiumos-package-owners/index.md create mode 100644 chromium/docs/website/site/chromium-os/mds-on-chromeos/index.md create mode 100644 chromium/docs/website/site/chromium-os/meltdown-spectre-vulnerability-status/index.md create mode 100644 chromium/docs/website/site/chromium-os/minimuffin/45W Type-C Adapter Control Board 150710.gif.sha1 create mode 100644 chromium/docs/website/site/chromium-os/minimuffin/45W Type-C Adapter Control Board 150710.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/minimuffin/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/energy-aware-scheduling/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/monitoring-tools/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/monitoring-tools/timeline.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/portage-package-status/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/quiche-notes/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/recall/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/Properties for src.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/Resource Filters.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/c++ build env.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/c++ build.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/chrome remote main.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/debug connection.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/debugger main.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/debugger shared libraries.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/index.md create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-eclipse-to-debug-chrome-on-chrome-os/resource-filters.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/obsolete/using-sdk-standalone/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/biod/biod_diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/packages/biod/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/crash-reporting/debugging-a-minidump/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/crash-reporting/faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/crash-reporting/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/crash-reporting/stack-traces-from-chrome-os-crash-dumps/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/cros-flashrom/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/implicit-system/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/libchrome/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/libchromeos/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/portage/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/battery-notifications/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/inactivity-delays/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/input/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/keyboard-backlight/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/screen-brightness/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/suspend-and-resume/index.md create mode 100644 chromium/docs/website/site/chromium-os/packages/power_manager/suspend-and-resume/suspend_flowchart.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/packages/pydevi2c/index.md create mode 100644 chromium/docs/website/site/chromium-os/plankton/IMG_5169.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/plankton/Plankton Raiden MCU command table.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/plankton/Plankton Raiden Software Care & Feed.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/plankton/Plankton_raiden block diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/plankton/buttons.jpeg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/plankton/index.md create mode 100644 chromium/docs/website/site/chromium-os/plankton/leds.jpeg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/plankton/plankton-master.tar.gz.sha1 create mode 100644 chromium/docs/website/site/chromium-os/platform/index.md create mode 100644 chromium/docs/website/site/chromium-os/poking-around-your-chrome-os-device/dev.bmp.sha1 create mode 100644 chromium/docs/website/site/chromium-os/poking-around-your-chrome-os-device/index.md create mode 100644 chromium/docs/website/site/chromium-os/poking-around-your-chrome-os-device/meh2.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/poking-around-your-chrome-os-device/tdev.bmp.sha1 create mode 100644 chromium/docs/website/site/chromium-os/profiling-in-chromeos/index.md create mode 100644 chromium/docs/website/site/chromium-os/python-mock/index.md create mode 100644 chromium/docs/website/site/chromium-os/python-style-guidelines/index.md create mode 100644 chromium/docs/website/site/chromium-os/quick-start-guide/index.md create mode 100644 chromium/docs/website/site/chromium-os/security-advisories/index.md create mode 100644 chromium/docs/website/site/chromium-os/servo/810-10010-03_20120227_servo_SCH_0.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/IMG_20151019_085815 (1) (1).jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/LICENSE create mode 100644 chromium/docs/website/site/chromium-os/servo/chromium_os_servo_v2.tar.gz.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/chromium_os_yoshi_flex.tar.gz.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/image00.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/index.md create mode 100644 chromium/docs/website/site/chromium-os/servo/servo-v2/index.md create mode 100644 chromium/docs/website/site/chromium-os/servo/servo_v2_bot.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/servo_v2_top.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/servomicro/652-00166-05_20190308_servo_micro_SCH_0.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/servomicro/Case-Closed Debug in Chromebooks and Servo Micro.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/servomicro/index.md create mode 100644 chromium/docs/website/site/chromium-os/servo/servov4/650-00588-01_20170601_servo_v4_pvt1_SCH_0.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/servo/servov4/index.md create mode 100644 chromium/docs/website/site/chromium-os/shell-style-guidelines/index.md create mode 100644 chromium/docs/website/site/chromium-os/sideload-android-apps-on-chromebook/index.md create mode 100644 chromium/docs/website/site/chromium-os/stadia-on-chromebooks/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/adding-unit-tests-to-the-build/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/afe-rpc-infrastructure/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/anatomy-of-test-test/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/arcplusplus-testing/arcp create mode 100644 chromium/docs/website/site/chromium-os/testing/arcplusplus-testing/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autoserv-packaging/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-and-ebuilds/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-design-patterns/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-developer-faq/autotest-server-usage/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-developer-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-developer-faq/setup-autotest-server/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-developer-faq/ssh-test-keys-setup/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-graphics-documentation/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-keyvals/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-keyvals/perf-keyvals/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-user-doc/atest-diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-user-doc/atest-diagram.svg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/autotest-user-doc/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/building-and-running-tests/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/cellular-testing/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-board/Chameleon Audio - New Page (4).png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-board/Chameleon Audio Board Block Diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-board/Chameleon Audio Board R1.1 Release PCB.zip.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-board/Chameleon Audio Board R1.1 Release.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-board/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-streaming/IMG_0001.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-streaming/IMG_0002.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-streaming/IMG_0003.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-streaming/Screenshot from 2017-03-07 17_51_43.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-streaming/Screenshot from 2017-03-07 17_53_38.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-audio-streaming/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium-usb-audio/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/CAT9883CRegisterRev01.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/Chameleon Video - New Page (4).png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/Chameleon-B1_R1.2_Release %5Bfor external use%5D.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/Chameleon_B1_R1.1_BOM.xlsx.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/Chameleon_B1_R1.2- Gerber file.zip.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/Chameleon_B1_R1.2_Release.brd.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/FPGA pins.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/IT6506 Programming Guide.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/IT6506_Datasheet_for_Google_v1.3.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/IT6803 Programming Guide.1.05.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/IT6803TE Datasheet_for_Google v0.83.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/cat9883c_datasheet_for_Google_Rev1 3.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/png;base644fb8f58c45521404.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/s2mbf9hZBTGKMFHBgqQqDiA.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/s3x3vmsvmeWSlhdK4GEG60A.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/sjR3S5TzIrNaCyuUbwvWwbA.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/spstW8nBPTZeJhUk-NjRnQg.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/swKcCTHdtRXI6IJ-pzsZR9Q.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/chamelium/video-chameleon-658cadce37849ec8330f7cbfa01135983984ec24.tar.gz.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/collecting-stats-for-graphite/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/common-testing-workflows/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/cros-autotest/cap create mode 100644 chromium/docs/website/site/chromium-os/testing/cros-autotest/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/dynamic-suites/dynamic-test-suites/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/dynamic-suites/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/dynamic-suites/test-dependencies-in-dynamic-suites/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/dynamic-test-suites/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/existing-autotest-utilities/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/gs-offloader/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/hardware_qualification/HWQual.pdf.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/hardware_qualification/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/infrastructure-components/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/infrastructure-components/keyvals/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/cpcon-release-notes/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/faft-testing-with-moblab/Running FAFT (Fully Automated Firmware Tests) with MobLab.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/faft-testing-with-moblab/create_job_faft.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/faft-testing-with-moblab/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/faft-testing-with-moblab/servo v2 diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/mob-monitor/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/mob-monitor/mobmonitor.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/mob-monitor/mobmonitor_colours.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/mob-monitor/mobmonitor_main_page.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/mob-monitor/mobmonitor_repair_dialog.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/overview-of-moblab/image00.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/overview-of-moblab/image01.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/overview-of-moblab/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/pre-requirements-of-issue-creation/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/5AjtD5fj5XrBV3X.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/65cXCzDADkz.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/7tG9QTai4PUH2ue.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/944NKgXvoL9ubsp.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/Screenshot from 2014-09-02 17_21_38.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/Screenshot from 2014-09-02 17_21_50.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/mob1.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/releasenotes/mob2.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/Screenshot from 2014-09-02 17_21_38.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/Screenshot from 2014-09-02 17_21_50.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/Selection_968.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/Selection_970.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/Selection_971.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/Selection_972.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/Selection_973.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/image00.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/image01.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/image02.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/image03.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/setup/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/user-manual/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/usingmoblab/Selection_945.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/usingmoblab/Selection_946.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/usingmoblab/image00.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/usingmoblab/image01.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/usingmoblab/image02.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/usingmoblab/image03.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/usingmoblab/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/view-test-result-vis-wmatrix/Selection_977.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/view-test-result-vis-wmatrix/Selection_978.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/view-test-result-vis-wmatrix/Selection_980.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/view-test-result-vis-wmatrix/Selection_982.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/testing/moblab/view-test-result-vis-wmatrix/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/perf-data/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/perf-regression-detection/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/meetp create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/meetu create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/pltg create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/pltp create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/pltp_rand create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/pltu create mode 100644 chromium/docs/website/site/chromium-os/testing/power-testing/pltp/pltu_rand create mode 100644 chromium/docs/website/site/chromium-os/testing/qemu-unittests/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/running-smoke-suite-on-a-vm-image/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/running-unit-tests-on-the-target/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/specific-test-documentation/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/suite_scheduler-1/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/suite_scheduler/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/autotest-client-tests/autotest-client-helper-libraries/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/autotest-client-tests/autotest-results-logs/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/autotest-client-tests/basic-ebuild-troubleshooting/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/autotest-client-tests/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/dynamic-suite-codelab/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/server-side-test/control create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/server-side-test/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-code-labs/server-side-test/power_MyBacklightTest.py create mode 100644 chromium/docs/website/site/chromium-os/testing/test-dependencies-in-dynamic-suites/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-lab-setup/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/test-suites/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/writing-and-developing-tests/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/writing-and-developing-tests/test-deps-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/writing-and-developing-tests/testing-your-changes-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/testing/writing-and-developing-tests/writing-tests-faq/index.md create mode 100644 chromium/docs/website/site/chromium-os/tips-and-tricks-for-chromium-os-developers/index.md create mode 100644 chromium/docs/website/site/chromium-os/tpm_firmware_update/index.md create mode 100644 chromium/docs/website/site/chromium-os/twinkie/PulseviewRequestAccept.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/PulseviewSourceCap_request.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/Twinkie-diagram.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/build-sigrok-and-pulseview-from-sources/index.md create mode 100644 chromium/docs/website/site/chromium-os/twinkie/chromium-os-twinkie-v2.tar.bz2.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/index.md create mode 100644 chromium/docs/website/site/chromium-os/twinkie/older-sigrok-packages/index.md create mode 100644 chromium/docs/website/site/chromium-os/twinkie/older-sigrok-packages/twinkie_v1.1.2705-bc6d966.combined.bin.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/pulseview_3packets.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/pulseview_VBUS_V.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/pulseview_VBUS_V_A.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/pulseview_zoom_packet.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/pulseview_zoom_packetx3.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/twinkie_programming.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/twinkie_v1.11.19-9e81762f2.bin.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/twinkie_v1.11.20-005227d8f.bin.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/twinkie_v1.11.21-3e33e08af.webusb.bin.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/twinkies-1.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/twinkies-2.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/twinkie/twinkies-3.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/type-c-on-rk3399-chromebooks/Type C on a Chromebook.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/type-c-on-rk3399-chromebooks/Type C on a Chromebook.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/type-c-on-rk3399-chromebooks/index.md create mode 100644 chromium/docs/website/site/chromium-os/u2f-ecdsa-vulnerability/index.md create mode 100644 chromium/docs/website/site/chromium-os/unchecked_tpm_reset/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/Concept.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/Concept2.jpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/access-points/apppng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/access-points/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/ajpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/bjpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/cjpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/content-browser/ContentBrowserPanel1.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/content-browser/ContentBrowserPanel2.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/content-browser/Full.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/content-browser/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/djpg.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/Desktop.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/Display.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/Form Factors.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/Tablet.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/laptop.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/netbook.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/Tablet.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.100.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.105.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.106.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.107.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.108.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.109.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.141.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet2.150.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/tablet_concept.mp4.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/form-factors/tablet/video_still.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/opensave-dialogs/Open.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/opensave-dialogs/Save.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/opensave-dialogs/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/panels/Chrome-OS-Panels.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/panels/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/panels/panel-spec.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/panels/panelspng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/panels/windowstylespng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/sdres_0000_Basic.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/sdres_0001_App-Menu.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/sdres_0002_Panels.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/settings/1-General.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/settings/2-Internet.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/settings/3-Browser.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/settings/4-PersonalStuff.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/settings/5-UnderTheHood.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/settings/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/shelf/Shelf.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/shelf/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/system-status-icons/NetworkMenu.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/system-status-icons/Screen shot 2009-12-01 at 12.23.56 PM.PNG.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/system-status-icons/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/tab-ui/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/tab-ui/tab_stripspng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/video_placeholderpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-management/Chrome-OS-Overlay.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-management/Overview.app.1.0.0.zip.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-management/Overview.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-management/OverviewSketch.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-management/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-ui/TouchNav.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-ui/TouchUI.png.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-ui/compact_navpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-ui/index.md create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-ui/navpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/user-experience/window-ui/side_navpng.sha1 create mode 100644 chromium/docs/website/site/chromium-os/usi-enabled-devices/index.md create mode 100644 chromium/docs/website/site/chromium-os/works-with-chromebook-certified/index.md create mode 100644 chromium/docs/website/site/chromium-projects/chrome-24.png.sha1 create mode 100644 chromium/docs/website/site/chromium-projects/chrome-32.png.sha1 create mode 100644 chromium/docs/website/site/chromium-projects/chrome-64.png.sha1 create mode 100644 chromium/docs/website/site/chromium-projects/index.md create mode 100644 chromium/docs/website/site/chromium-projects/logo_chrome_color_1x_web_32dp.png.sha1 create mode 100644 chromium/docs/website/site/conduct/index.md create mode 100644 chromium/docs/website/site/config/app/images/customLogo/customLogo.gif.sha1 create mode 100644 chromium/docs/website/site/config/customLogo.gif.sha1 create mode 100644 chromium/docs/website/site/contact/index.md create mode 100644 chromium/docs/website/site/dev-sentence-diagram.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/Web-page-views/WebContents.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/Web-page-views/WebContents.png.sha1 create mode 100644 chromium/docs/website/site/developers/Web-page-views/WebContents2.png.sha1 create mode 100644 chromium/docs/website/site/developers/Web-page-views/WebContents3.png.sha1 create mode 100644 chromium/docs/website/site/developers/Web-page-views/index.md create mode 100644 chromium/docs/website/site/developers/about-signin-internals/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/chromevox-on-desktop-linux/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/chromevox/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/html-accessibility/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/linux-accessibility/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/mac-accessibility/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/testing/automated-testing/ax-inspect/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/testing/automated-testing/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/testing/axe-core/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/testing/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/views-accessibility/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/webkit-accessibility/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/webui-accessibility-audit/index.md create mode 100644 chromium/docs/website/site/developers/accessibility/windows-accessibility/index.md create mode 100644 chromium/docs/website/site/developers/adding-3rd-party-libraries/index.md create mode 100644 chromium/docs/website/site/developers/android-eclipse-dev/index.md create mode 100644 chromium/docs/website/site/developers/androidwebview/android-webview-beta/index.md create mode 100644 chromium/docs/website/site/developers/androidwebview/android-webview-beta/screen.png.sha1 create mode 100644 chromium/docs/website/site/developers/androidwebview/index.md create mode 100644 chromium/docs/website/site/developers/androidwebview/webview-ct-bug/index.md create mode 100644 chromium/docs/website/site/developers/applescript/index.md create mode 100644 chromium/docs/website/site/developers/bisect-builds-py/index.md create mode 100644 chromium/docs/website/site/developers/blink-gc-plugin-errors/index.md create mode 100644 chromium/docs/website/site/developers/calendar/Chrome RC.png.sha1 create mode 100644 chromium/docs/website/site/developers/calendar/Chrome RCX.png.sha1 create mode 100644 chromium/docs/website/site/developers/calendar/Chrome Release Cycle 6.png.sha1 create mode 100644 chromium/docs/website/site/developers/calendar/index.md create mode 100644 chromium/docs/website/site/developers/change-logs/index.md create mode 100644 chromium/docs/website/site/developers/checkstyle/index.md create mode 100644 chromium/docs/website/site/developers/chromium-string-usage/index.md create mode 100644 chromium/docs/website/site/developers/clang-mac/index.md create mode 100644 chromium/docs/website/site/developers/class-diagram-webkit-webcore-to-chrome-browser/index.md create mode 100644 chromium/docs/website/site/developers/cluster-telemetry/6bAxkmCFOA8.png.sha1 create mode 100644 chromium/docs/website/site/developers/cluster-telemetry/LW5ZqMVpXdw.png.sha1 create mode 100644 chromium/docs/website/site/developers/cluster-telemetry/index.md create mode 100644 chromium/docs/website/site/developers/code-browsing-in-chromium/index.md create mode 100644 chromium/docs/website/site/developers/code-coverage/index.md create mode 100644 chromium/docs/website/site/developers/coding-style/chromium-style-checker-errors/index.md create mode 100644 chromium/docs/website/site/developers/coding-style/cocoa-dos-and-donts/index.md create mode 100644 chromium/docs/website/site/developers/coding-style/cpp-dos-and-donts/index.md create mode 100644 chromium/docs/website/site/developers/coding-style/important-abstractions-and-data-structures/index.md create mode 100644 chromium/docs/website/site/developers/coding-style/index.md create mode 100644 chromium/docs/website/site/developers/coding-style/java/index.md create mode 100644 chromium/docs/website/site/developers/committers-responsibility/index.md create mode 100644 chromium/docs/website/site/developers/common-terms--techno-babble/corruption.png.sha1 create mode 100644 chromium/docs/website/site/developers/common-terms--techno-babble/index.md create mode 100644 chromium/docs/website/site/developers/content-module/Content.png.sha1 create mode 100644 chromium/docs/website/site/developers/content-module/content-api/index.md create mode 100644 chromium/docs/website/site/developers/content-module/index.md create mode 100644 chromium/docs/website/site/developers/contributing-code/-bug-syntax/index.md create mode 100644 chromium/docs/website/site/developers/contributing-code/direct-commit/index.md create mode 100644 chromium/docs/website/site/developers/contributing-code/external-contributor-checklist/index.md create mode 100644 chromium/docs/website/site/developers/contributing-code/flag-ownership/index.md create mode 100644 chromium/docs/website/site/developers/contributing-code/index.md create mode 100644 chromium/docs/website/site/developers/contributing-code/minimizing-review-lag-across-time-zones/index.md create mode 100644 chromium/docs/website/site/developers/contributing-code/watchlists/index.md create mode 100644 chromium/docs/website/site/developers/core-principles/index.md create mode 100644 chromium/docs/website/site/developers/core-principles/no-hidden-preferences/index.md create mode 100644 chromium/docs/website/site/developers/cpp-in-chromium-101-codelab/index.md create mode 100644 chromium/docs/website/site/developers/crash-reports/crash-with-invalid-handle/index.md create mode 100644 chromium/docs/website/site/developers/crash-reports/handle-file-upload-scheme/index.md create mode 100644 chromium/docs/website/site/developers/crash-reports/index.md create mode 100644 chromium/docs/website/site/developers/creating-and-using-profiles/index.md create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/0-prof-only.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/1-plot-internal.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/2-distorted.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/3-undistorted.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/4-autoscale.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/Screen Shot 2013-10-06 at 7.33.59 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/Screen Shot 2014-09-14 at 1.20.48 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/Screen Shot 2014-09-14 at 1.27.21 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/creating-v8-profiling-timeline-plots/index.md create mode 100644 chromium/docs/website/site/developers/debugging-with-crash-keys/index.md create mode 100644 chromium/docs/website/site/developers/decoding-crash-dumps/index.md create mode 100644 chromium/docs/website/site/developers/deep-memory-profiler/cpp-object-type-identifier/index.md create mode 100644 chromium/docs/website/site/developers/deep-memory-profiler/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/64-bit-support/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/about-conflicts/incompatibility_thumb.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/about-conflicts/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/Event_Watcher_Toolbar.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/Inspect_Toolbar.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/chrome-a11y-2010-09-02.zip.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/chrome_font_and_languages.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/chrome_toolbar.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/create_shortcut.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/custom_colors.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/flag_added.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/properties.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/tracker/CSUN_Accessibility_in_the_Cloud.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/tracker/CSUN_Accessibility_in_the_Cloud.txt create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/tracker/CSUN_Improving_Access_To_Web_Platforms_Content_andApplications.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/tracker/CSUN_Improving_Access_To_Web_Platforms_Content_and_Applications.txt create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/tracker/ChromeWindowsAccessIssueTracker(public).csv create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/tracker/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/accessibility/xoom_menu.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/advancedspellchecker/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/android-jni/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/applescript/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/appmode-mac/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura-desktop-window-manager/Chrome Graphics Infrastructure.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura-desktop-window-manager/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/ash-color-chooser/Screenshot 2012-05-23 5-48-07 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/ash-color-chooser/Screenshot 2012-06-20 6_31_36 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/ash-color-chooser/Screenshot 2012-06-26 3_50_42 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/ash-color-chooser/col.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/ash-color-chooser/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/aura-and-shell-dependencies/ChromeAshViewsAuradependencies.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/aura-and-shell-dependencies/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/aura-overview/Aura.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/aura-overview/Aura.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/aura-overview/EventFlow.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/aura-overview/EventFlow.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/aura-overview/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/client-api/ClientAPI.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/client-api/ClientAPI.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/client-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/event-handling/arch4.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/event-handling/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/focus-and-activation/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/gesture-recognizer/gesture-recognizer-tests/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/gesture-recognizer/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/gesture-recognizer/output.png.1379091770284.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/graphics-architecture/ChromeGraphicsArchitecture.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/graphics-architecture/ChromeGraphicsArchitecture.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/graphics-architecture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/layout-managers/LayoutManager.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/layout-managers/LayoutManager.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/layout-managers/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/multi-desktop/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/system-tray/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/aura/views/Views.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/views/Views.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/aura/views/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/auto-throttled-screen-capture-and-mirroring/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/automaticspellingcorrection/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/blink-coordinate-spaces/BlinkCoordinates.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/blink-coordinate-spaces/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/blink-coordinate-spaces/menu.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/blink-scrollbarthemes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/blocking-cross-site-documents/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/bluetooth-design-docs/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/bluetooth-design-docs/web-bluetooth-through-bluetooth-android-class-diagram/WebBluetoothThroughBluetoothAndroid.dia.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/bluetooth-design-docs/web-bluetooth-through-bluetooth-android-class-diagram/WebBluetoothThroughBluetoothAndroid.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/bluetooth-design-docs/web-bluetooth-through-bluetooth-android-class-diagram/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/browser-components/cookbook/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/browser-components/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/browser-window/BrowserWindow.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/browser-window/BrowserWindow.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/browser-window/BrowserWindow2.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/browser-window/LunaBrowserWindow.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/browser-window/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chaps-technical-design/ChapsArchitecture.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chaps-technical-design/ChapsStack.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chaps-technical-design/ClassHierarchy.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chaps-technical-design/KeyHierarchy.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chaps-technical-design/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chromeviews/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/debugging-with-nsight/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/graphics.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/how-to-get-gpu-rasterization/gpuraster.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/how-to-get-gpu-rasterization/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/mac-delegated-rendering/aura ubercomp.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/mac-delegated-rendering/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/mac-delegated-rendering/mac ubercomp.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/mac-impl-events/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/chromium-graphics/surfaces/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/command-dispatch-mac/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/compositor-hit-testing/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/compositor-thread-architecture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/confirm-to-quit-experiment/Content.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/confirm-to-quit-experiment/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/constrained-popup-windows/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/conventions-and-patterns-for-multi-platform-development/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/cookbook/Life of a Browser Component.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/cookbook/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/cookbook/layercake.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/cookie-prompt-replacement/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/cookie-split-loading/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/cookie-split-loading/objects.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/cookie-split-loading/objects.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/cookies-and-prerender/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/create-amazing-password-forms/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/crypto/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/dependency-management/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/desktop-notifications/api-specification/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/desktop-notifications/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/directwrite-font-cache/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/directwrite-font-proxy/Removing DWrite font cache (1).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/directwrite-font-proxy/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/Renderingintherenderer v2.ai.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/Renderingintherenderer-v2.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/Renderingintherenderer.ai.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/layers.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/rendering browser.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/rendering renderer.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/displaying-a-web-page-in-chrome/rendering renderer2.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/dns-prefetching/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/download/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/downloadmanagersequences/Download_complete.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/downloadmanagersequences/Download_interrupted.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/downloadmanagersequences/Download_restart.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/downloadmanagersequences/Download_start.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/downloadmanagersequences/Download_unpaused.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/downloadmanagersequences/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/embedding-flash-fullscreen-in-the-browser-window/Design Doc- Flash Fullscreen in Browser (1).png.1379119292169.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/embedding-flash-fullscreen-in-the-browser-window/Design Doc- Flash Fullscreen in Browser (2).png.1379119349348.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/embedding-flash-fullscreen-in-the-browser-window/Design Doc- Flash Fullscreen in Browser.png.1379119228467.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/embedding-flash-fullscreen-in-the-browser-window/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/encrypted-partition-recovery/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/experiments/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/accessibility/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/api-pattern-design-doc/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/chrome-benchmarking-extension/benchmark-lg.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/chrome-benchmarking-extension/benchmark-sm.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/chrome-benchmarking-extension/benchmark-sm2.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/chrome-benchmarking-extension/benchmark.crx.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/chrome-benchmarking-extension/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/default-apps/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/docs/how-docs-are-served/ExtSourceServer.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/docs/how-docs-are-served/extension-doc-server.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/docs/how-docs-are-served/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/docs/how-to-update-the-release-notes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/docs/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/extension-manifesto/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/i18n/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/how-the-extension-system-works/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/img.txt create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/payload.txt create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/auto-install-of-android-companion-extensions/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/bluetooth-extension-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/browser-keys/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/clear/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/context-menu-api/context_menu_api.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/context-menu-api/context_menu_api_2.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/context-menu-api/context_menu_api_3.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/context-menu-api/context_menu_api_4.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/context-menu-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/desktop-notification-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/downloads-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/executecontentscript-proposal/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/font-settings/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/get-extension-views-by-type-proposal/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/gleam-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/history-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/i18n-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/input-method-editor/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/instructions-for-api-shepherds/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/language-detection/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/managed-storage-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/media-gallery/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/notifications-of-web-request-and-navigation/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/offscreen-tabs/book_screenshot.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/offscreen-tabs/coverflow_screenshot.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/offscreen-tabs/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/offscreen-tabs/screenshot.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/omnibox-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/panels/Screen shot 2011-10-06 at 3.47.53 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/panels/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/power-management-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/preference-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/privacy/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/processes-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/processes-api/process-extension-screenshot.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/profile-extension-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/proposal-chrome-extensions-cookies-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/push-messaging/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/rlz-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/settings/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/settings_pages/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/system-indicator-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/systeminfo/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/text-translate-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/usb-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/webnavigation-v2/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/webrtc-tab-content-capture/TabCaptureStates.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/webrtc-tab-content-capture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apis-under-development/window-management/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/apiwishlist/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/creating-new-apis/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/extension-system-changes/breaking-changes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/extension-system-changes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/extension-system-changes/install-dialog-2/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/extensions/proposed-changes/spellcheck-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/find-bar/FindBar.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/find-bar/FindBarGeneral.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/find-bar/FindBarTabSwitching.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/find-bar/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/first-run-customizations/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/focus-and-activation-in-views-and-aura/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/form-autofill/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/form-autofill/internationalization-of-autofill/autofill_i18l_address_jp_ui.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/form-autofill/internationalization-of-autofill/autofill_i18l_address_ui.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/form-autofill/internationalization-of-autofill/autofill_i18n_design.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/form-autofill/internationalization-of-autofill/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/form-styles-that-chromium-understands/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/fullscreen-mac/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/generic-sensor/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/generic-theme-for-test-shell/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/generic-theme-for-test-shell/test_shell_generic_theme.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/google-cloud-print-proxy-design/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/CompositingwiththeGPUProcess.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/HandlingMultipleContexts.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/SoftwareRenderingArchitecture.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/TheGPUProcess.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/compositing_with_the_gpu_process.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/gpu-architecture-roadmap/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/software_rendering_architecture.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/the_compositing_forest.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-accelerated-compositing-in-chrome/the_gpu_process.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-command-buffer/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/gpu-memory-buffer/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/graphics-and-skia/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/greasemonkey/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/high-dpi-resources/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/http-authentication/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/http-authentication/writing-a-spnego-authenticator-for-chrome-on-android/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/idealized-mediastream-design/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/idl-build/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/idl-compiler/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/idn-in-google-chrome/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/image-filters/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/immersive-fullscreen/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/impl-side-painting/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/indexeddb/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/indexeddb/indexeddbbackup/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/info-bars/2infobars.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/info-bars/InfoBars.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/info-bars/InfoBars.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/info-bars/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/instant/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/instant/instant-support/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/inter-process-communication/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/iosurface-meeting-notes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/isolated-sites/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/java-resources-on-android/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/layered-components-design/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/layered-components-technical-approach/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/layered-components-technical-approach/making-autofill-into-a-layered-component/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/layout-tests-results-dashboard/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/linuxresourcesandlocalizedstrings/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/mac-occlusion/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/mac-plugins/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/mac-xib-files/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/making-chrome-independent-of-extensions/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/Chrome Media Router - Chrome architecture (1).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/Chrome Media Router - Chrome architecture.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/Chrome Media Router Architecture (1).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/Chrome Media Router Architecture.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/media_router_overflow.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/media_router_screen_selector.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/media_router_ui_diagram.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/media-router/media_router_universal_remote.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/mouse-lock/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/multi-column-layout/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-architecture/Multiprocessarchitecture.ai.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-architecture/arch.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-architecture/architecture.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-architecture/chrome_archoverview.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-architecture/how-to-add-new-features/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-architecture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-resource-loading/Resource-loading.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-resource-loading/Resourceloading2.ai.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-resource-loading/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/multi-process-resource-loading/resource_loader.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/native-controls/NativeControl.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/native-controls/NativeControl.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/native-controls/NativeControlHistoric.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/native-controls/NativeControlHistoric.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/native-controls/NativeControlHistoric2.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/native-controls/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-settings/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/Chromium HTTP Network Request Diagram.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/Chromium Network Stack.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/CM-inheritance-new.tiff.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/CM-inheritance.jpeg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/CM-inheritance.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/CM-inheritance.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/CM-inheritance.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/CM-method-calls-new.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/CM-method-calls-new.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/cookiemonster/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/debugging-net-proxy/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/alloc.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/alloc2.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/disk-cache-benchmarking/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/disk-cache-v3/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/files.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/files2.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/files3.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/files4.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/disk-cache/very-simple-backend/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/http-authentication-throttling/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/http-cache/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/http-cache/t.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/http-pipelining/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/netlog/NetLog1.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/netlog/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/network-bug-triage/downloads-bug-triage/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/network-bug-triage/downloads-bug-triage/salient-bug-list/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/network-bug-triage/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/network-stack-objectives/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/network-stack-use-in-chromium/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/preconnect/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/fox-proxy-settings.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-auto-fallback.dot create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-auto-fallback.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-fallback.dot create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-fallback.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-manual-fallback.dot create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-manual-fallback.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-proxy-server-settings.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/ie-proxy-settings.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/proxy-settings-fallback/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/network-stack/socks-proxy/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/omnibox-ime-coordination/imeomni.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/omnibox-ime-coordination/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/omnibox-prefetch-for-default-search-engines/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/Cross Process Tabs (for posting).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/Frame DOMWindow Document (1).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/Frame DOMWindow Document 2015 (for posting).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/Frame Trees (for posting).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/Frame Trees 2015 (for posting).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/Local vs Remote Frame diagram.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/framehandle/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/oop-iframes-rendering/Design Doc- Rendering and compositing out-of-process iframes.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/oop-iframes-rendering/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/oop-iframes-rendering/rendering design - compositor frame routing.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/oop-iframes-rendering/rendering design - ogres are like onions.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/oop-iframes-rendering/rendering design - rendering trees.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/oop-iframes/oop-iframes-rendering/rendering design - texture routing.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/os-x-interprocess-communication/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/os-x-password-manager-keychain-integration/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/password-generation/01_form.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/password-generation/02_hover.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/password-generation/03_suggestion.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/password-generation/04_filled.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/password-generation/EditingUI.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/password-generation/GenerationUI.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/password-generation/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/pepper-plugin-implementation/Pepper design.ai.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/pepper-plugin-implementation/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/pepper-plugin-implementation/pepper_design.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/per-page-suborigins/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/plugin-architecture/Pluginarchitecture.ai.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/plugin-architecture/Pluginarchitectureoutofprocess.ai.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/plugin-architecture/in_process_plugins.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/plugin-architecture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/plugin-architecture/out_of_process_plugins.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/plugin-architecture/pluginsinprocess.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/plugin-architecture/pluginsoutofprocess.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/preferences/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/prerender/CroppedPrerenderingDiagram.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/prerender/Prerenderingdiagram.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/prerender/Wickedflowchart.gif.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/prerender/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/print-preview/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/printing/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/process-models/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/profile-architecture/dot.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/profile-architecture/graph5.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/profile-architecture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/profile-chooser-menu/Avatar Menu Classes.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/profile-chooser-menu/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/rappor/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/rendering-architecture-diagrams/chromium-composited-hw-rendering.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/rendering-architecture-diagrams/chromium-composited-sw-rendering.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/rendering-architecture-diagrams/chromium-non-composited-sw-rendering.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/rendering-architecture-diagrams/chromium-request-anim-frame.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/rendering-architecture-diagrams/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/rendering-benchmarks/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/rendertext/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/browse.details.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/browse.details1.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/browse.details2.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/browse.details3.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/browse.details4.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/browse.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/chrome_safe_browsing_wo_legend_wo_download.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/csdservice.svg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/download_protection.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/download_protection_without_legend.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/safebrowsing/legend.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/safesearch/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sandbox/Sandbox-FAQ/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sandbox/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sandbox/osx-sandboxing-design/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sandbox/sbox_top_diagram.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/sane-time/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/secure-web-proxy/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/service-processes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/site-engagement/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/site-isolation/ChromeSiteIsolationProject-arch.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/site-isolation/ChromeSiteIsolationProject-siteinstances.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/site-isolation/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/software-updates-courgette/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/startup/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/structure-of-layered-components-within-the-chromium-codebase/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sync/embassy/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sync/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sync/sync-data-best-practices/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sync/syncable-service-api/SyncAPI.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/sync/syncable-service-api/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sync/unified-sync-and-storage-overview/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/sync/unified-sync-and-storage-overview/s7ipoJ9OaaLWolpF0aIYfoA.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/sync/unified-sync-and-storage-overview/sGBklpDhSmt-dGNQJUSkhNA.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/sync/unified-sync-and-storage-overview/sK5QS5Ee9i0OE2L4RIHredA.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/sync/unified-sync-and-storage-overview/sSbkKodQc5-RbyCqTGkUCzw.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/sync/unified-sync-and-storage-overview/syHRLLSqHvALzjSchvniqSw.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/system-dictionary-pop-up-architecture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/tab-strip-mac/dragWithin.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/tab-strip-mac/dragWithin2.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/tab-strip-mac/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/tab-strip-mac/translucent.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/tabtastic-2-requirements/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/themes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/threading/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/threading/suble-threading-bugs-and-patterns-to-avoid-them/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/time-safety-and-readability/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/time-sources/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/tpm-usage/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/translate/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/ui-development-practices/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/ui-localization/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/ui-localization/mac-notes/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/chrome_toolbar.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/explorer_window_en_us.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/explorer_window_he.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/mirroring_api.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/tabs_fixed.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/tabs_flipping_bug.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/tabs_layout_bug.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/ui-mirroring-infrastructure/ws_layout_rtl.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/user-scripts/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/video-capture/VideoCaptureBrowserClasses.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/video-capture/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/video-playback-and-compositor/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/video/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/video/video_stack_arch.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/video/video_stack_arch.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/video/video_stack_chrome.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/video/video_stack_chrome.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/views-rect-based-targeting/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/views-windowing/NonClientView.graffle.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/views-windowing/NonClientView.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/views-windowing/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/web-midi/Web MIDI design overview (1).png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/web-midi/Web MIDI design overview.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/web-midi/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/web-nfc/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/web-nfc/ndef_reader.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/web-nfc/ndef_writer.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/web-nfc/nfc_android_platform.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/webnavigation-api-internals/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/widget-refactor/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/wrench-menu-mac/WrenchMenuTaskDispatch.graffle.zip.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/wrench-menu-mac/WrenchMenuTaskDispatch.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/wrench-menu-mac/index.md create mode 100644 chromium/docs/website/site/developers/design-documents/xss-auditor/XSSAuditorViewSource.png.sha1 create mode 100644 chromium/docs/website/site/developers/design-documents/xss-auditor/index.md create mode 100644 chromium/docs/website/site/developers/diagnostics/gcf_troubleshooting/DumpCFReg.zip.sha1 create mode 100644 chromium/docs/website/site/developers/diagnostics/gcf_troubleshooting/image0.png.sha1 create mode 100644 chromium/docs/website/site/developers/diagnostics/gcf_troubleshooting/image1.png.sha1 create mode 100644 chromium/docs/website/site/developers/diagnostics/gcf_troubleshooting/image2.png.sha1 create mode 100644 chromium/docs/website/site/developers/diagnostics/gcf_troubleshooting/image3.png.sha1 create mode 100644 chromium/docs/website/site/developers/diagnostics/gcf_troubleshooting/image4.png.sha1 create mode 100644 chromium/docs/website/site/developers/diagnostics/gcf_troubleshooting/index.md create mode 100644 chromium/docs/website/site/developers/diagnostics/index.md create mode 100644 chromium/docs/website/site/developers/diagnostics/installer-error-strings/index.md create mode 100644 chromium/docs/website/site/developers/discussion-groups/index.md create mode 100644 chromium/docs/website/site/developers/dns-over-https/index.md create mode 100644 chromium/docs/website/site/developers/enterprise-changes/index.md create mode 100644 chromium/docs/website/site/developers/experimental-branches/index.md create mode 100644 chromium/docs/website/site/developers/extensions-deployment-faq/index.md create mode 100644 chromium/docs/website/site/developers/f-script-anywhere/Screen shot 2011-04-01 at 11.52.02 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/f-script-anywhere/Screen shot 2011-04-01 at 11.57.03 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/f-script-anywhere/Screen shot 2011-04-01 at 11.59.12 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/f-script-anywhere/Screen shot 2011-04-01 at 11.59.21 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/f-script-anywhere/Screen shot 2011-04-01 at 4.27.30 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/f-script-anywhere/index.md create mode 100644 chromium/docs/website/site/developers/fast-intro-to-git-internals/index.md create mode 100644 chromium/docs/website/site/developers/finding-somebody-who-knows-how-a-piece-of-code-works/index.md create mode 100644 chromium/docs/website/site/developers/generated-files/index.md create mode 100644 chromium/docs/website/site/developers/gerrit-guide/index.md create mode 100644 chromium/docs/website/site/developers/git-cache/index.md create mode 100644 chromium/docs/website/site/developers/github-collaboration/index.md create mode 100644 chromium/docs/website/site/developers/gn-build-configuration/index.md create mode 100644 chromium/docs/website/site/developers/gyp-environment-variables/index.md create mode 100644 chromium/docs/website/site/developers/gyp-environment-variables/menu_check.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/-quickly-building-for-cros-arm-x64/bashrc-tail create mode 100644 chromium/docs/website/site/developers/how-tos/-quickly-building-for-cros-arm-x64/goma-ninja create mode 100644 chromium/docs/website/site/developers/how-tos/-quickly-building-for-cros-arm-x64/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/-quickly-building-for-cros-arm-x64/ninja create mode 100644 chromium/docs/website/site/developers/how-tos/android-build-instructions/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/angle-infra/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/angle-wrangling/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/api-keys/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/build-instructions-android-webview/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/build-instructions-cast/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/build-instructions-chromeos/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/build-instructions-windows/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/chrome-frame-cfinstall/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/chrome-frame-getting-started/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/chrome-frame-getting-started/screenshot-chromeframe.jpeg.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/chromium-modularization/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/closure-compilation/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/component-build/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/cscope-emacs-example-linux-setup/cscope-update create mode 100644 chromium/docs/website/site/developers/how-tos/cscope-emacs-example-linux-setup/cscope.el create mode 100644 chromium/docs/website/site/developers/how-tos/cscope-emacs-example-linux-setup/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-gpu-related-code/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-android/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-os-x/building-with-ninja-debugging-with-xcode/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-os-x/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-windows/StepIntoSpecific.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-windows/example-of-working-with-a-dump/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-windows/gflags.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-windows/graphics-debugging-in-visual-studio-2013/graphicsdebugger.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-windows/graphics-debugging-in-visual-studio-2013/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-windows/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/debugging-on-windows/windbg-help/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/depottools/gclient/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/depottools/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/depottools/presubmit-scripts/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/drover/1.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/drover/2.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/drover/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/editing-the-spell-checking-dictionaries/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/enterprise/adding-new-policies/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/enterprise/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/enterprise/protobuf-encoded-policy-blobs/decode_policy_blob.sh create mode 100644 chromium/docs/website/site/developers/how-tos/enterprise/protobuf-encoded-policy-blobs/encode_policy_blob.sh create mode 100644 chromium/docs/website/site/developers/how-tos/enterprise/protobuf-encoded-policy-blobs/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/enterprise/running-the-cloud-policy-test-server/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/file-web-bluetooth-bugs/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/get-the-code-v2/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/get-the-code/gclient-managed-mode/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/get-the-code/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/get-the-code/multiple-working-directories/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/get-the-code/working-with-branches/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/get-the-code/working-with-nested-repos/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/get-the-code/working-with-release-branches/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/getting-around-the-chrome-source-code/Content.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/getting-around-the-chrome-source-code/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-gardening/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-overdraw-debugging-tool/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-wrangling/Step1.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-wrangling/Step2.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-wrangling/check_gpu_bots-script/check_gpu_bots.py create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-wrangling/check_gpu_bots-script/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-wrangling/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/gpu-wrangling/wrangler.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/how-to-set-up-visual-studio-debugger-visualizers/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/inspecting-ash/Screenshot from 2017-08-28 14_28_36.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/inspecting-ash/XoWGyYBg5EA.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/inspecting-ash/chrome_inspect_other.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/inspecting-ash/distances.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/inspecting-ash/dom_tree.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/inspecting-ash/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/inspecting-ash/screenshot2.gif.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/install-depot-tools/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/leak-gdi-object-in-windows/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/mac-development/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/make-a-web-standards-proposal/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/old-get-the-code/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/optimizing-energy-consumption/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/order-file-development-guide/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/retrieving-crash-reports-on-ios/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/run-chromium-with-flags/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/run-mojo-shell/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/scopedlogger/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/submitting-a-performance-bug/Screenshot from 2015-03-10 14_52_09.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/submitting-a-performance-bug/Screenshot from 2015-03-10 14_52_29.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/submitting-a-performance-bug/Screenshot from 2015-03-10 14_54_06.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/submitting-a-performance-bug/Screenshot from 2015-03-10 14_55_28.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/submitting-a-performance-bug/Screenshot from 2015-03-24 11_16_39.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/submitting-a-performance-bug/Screenshot from 2019-11-27 23-09-36.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/submitting-a-performance-bug/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/3dtracing2.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/Screenshot-about_gpu.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/abouttracing2.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/abouttracingfinal.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/anatomy-of-jank/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/anatomy-of-jank/mov1.mp4.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/anatomy-of-jank/mov2.mp4.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/anatomy-of-jank/mov3.mp4.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/anatomy-of-jank/mov4.mp4.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/frame-viewer/Screen Shot 2013-05-14 at 9.10.55 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/frame-viewer/frameviewer.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/frame-viewer/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/2. MemoryInfra- From trace JSON to Tracks.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/Screen Shot 2015-06-12 at 5.30.33 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/Screen Shot 2015-06-12 at 7.42.47 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/dump.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/gpu-memory/Screen Shot 2015-09-24 at 8.34.32 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/gpu-memory/Screen Shot 2015-09-24 at 8.38.32 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/gpu-memory/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/gpu-memory/sXTqTORl7xn0ijvmBV3etcA (1).png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/gpu-memory/sXTqTORl7xn0ijvmBV3etcA.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/heap-profiling-with-memory-infra/detailed_dump.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/heap-profiling-with-memory-infra/heap.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/heap-profiling-with-memory-infra/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/heap-profiling-with-memory-infra/new.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/howto-adding-memory-infra-tracing-to-a-component/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/memory_infra_logo.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/memory/startup-tracing-with-memory-profiling/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/Screen Shot 2015-06-04 at 1.37.00 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/Screen Shot 2015-06-04 at 12.46.58 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/Screen Shot 2015-06-04 at 12.47.34 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/Screenshot from 2014-10-14 10-18-30.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/Screenshot from 2014-10-14 10-18-44.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/Screenshot from 2014-10-14 10-19-11.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/s.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/s2.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/s3.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/s4.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/sunburst.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/tracing-flow.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/tracing-frame-viewer.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/tracing-scheduler.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs/tracing-systrace.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/saving-skp-s-from-chromium/checkboxes.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/saving-skp-s-from-chromium/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/saving-skp-s-from-chromium/picture.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/saving-skp-s-from-chromium/skdebugger2.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/saving-skp-s-from-chromium/skpsite.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/saving-skp-s-from-chromium/smallabouttracing.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/Screen Shot 2015-09-02 at 8.39.51 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/Screen Shot 2015-09-02 at 8.46.48 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/Selection.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/fifth.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/first.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/fourth.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/second.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/sixth-before-import.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/synchanell.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace-event-reading/third.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/trace3.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/tracing-event-instrumentation/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/01-followalong.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/02-lefttoright.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/03-individual trace.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/04-information is.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/1.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/10.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/11.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/12.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/13.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/14.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/15.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/16.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/17.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/18.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/19.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/2.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/20.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/21.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/22.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/3.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/4.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/5.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/6.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/7.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/8.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/9.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/inbox_frameviewer_trace.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/inbox_normal_trace.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/nytimes_scroll_trace.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/output_optimized_frame.gif.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/process.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/repaint_example_reduced_trace.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/repaint_example_trace.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/trace-event-profiling-tool/using-frameviewer/summarize.png.sha1 create mode 100644 chromium/docs/website/site/developers/how-tos/using-drmemory/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/using-r-to-reduce-page-cycler-regressions/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/vectorized-icons-in-native-chrome-ui/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/visualstudio-tricks/index.md create mode 100644 chromium/docs/website/site/developers/how-tos/webkit-gardening/index.md create mode 100644 chromium/docs/website/site/developers/index.md create mode 100644 chromium/docs/website/site/developers/installer/index.md create mode 100644 chromium/docs/website/site/developers/irc/index.md create mode 100644 chromium/docs/website/site/developers/javascript-unittests/Coverage.png.sha1 create mode 100644 chromium/docs/website/site/developers/javascript-unittests/EnableCoverage.png.sha1 create mode 100644 chromium/docs/website/site/developers/javascript-unittests/QUnit.png.sha1 create mode 100644 chromium/docs/website/site/developers/javascript-unittests/index.md create mode 100644 chromium/docs/website/site/developers/leak-detection/index.md create mode 100644 chromium/docs/website/site/developers/learning-your-way-around-the-code/index.md create mode 100644 chromium/docs/website/site/developers/libraries-guide/index.md create mode 100644 chromium/docs/website/site/developers/linux-technical-faq/index.md create mode 100644 chromium/docs/website/site/developers/lock-and-condition-variable/index.md create mode 100644 chromium/docs/website/site/developers/mandoline/Mandoline.png.sha1 create mode 100644 chromium/docs/website/site/developers/mandoline/index.md create mode 100644 chromium/docs/website/site/developers/markdown-documentation/index.md create mode 100644 chromium/docs/website/site/developers/md5-certificate-statistics/index.md create mode 100644 chromium/docs/website/site/developers/meet-the-web-platform-companion/index.md create mode 100644 chromium/docs/website/site/developers/memory-bloat/index.md create mode 100644 chromium/docs/website/site/developers/memory-usage-backgrounder/aboutmemory.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/memory-usage-backgrounder/chrometaskmanager.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/memory-usage-backgrounder/index.md create mode 100644 chromium/docs/website/site/developers/memory-usage-backgrounder/taskmanager.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/memory/index.md create mode 100644 chromium/docs/website/site/developers/memory_watcher/index.md create mode 100644 chromium/docs/website/site/developers/mus-ash/index.md create mode 100644 chromium/docs/website/site/developers/new-features/index.md create mode 100644 chromium/docs/website/site/developers/npapi-deprecation/Plugin-blocked bubble.png.sha1 create mode 100644 chromium/docs/website/site/developers/npapi-deprecation/Plugin-blocked yellow slide and bubble.png.sha1 create mode 100644 chromium/docs/website/site/developers/npapi-deprecation/Plugin-blocked-yellow-slide.png.sha1 create mode 100644 chromium/docs/website/site/developers/npapi-deprecation/Screen Shot 2013-12-03 at 10.09.10 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/npapi-deprecation/Screen Shot 2013-12-03 at 10.10.16 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/npapi-deprecation/index.md create mode 100644 chromium/docs/website/site/developers/npapi-deprecation/npapimock.png.sha1 create mode 100644 chromium/docs/website/site/developers/os-x-keyboard-handling/index.md create mode 100644 chromium/docs/website/site/developers/owners-files/index.md create mode 100644 chromium/docs/website/site/developers/page-sets-and-benchmarks/index.md create mode 100644 chromium/docs/website/site/developers/pepper-api-best-practices/index.md create mode 100644 chromium/docs/website/site/developers/polymer-0-8/index.md create mode 100644 chromium/docs/website/site/developers/postmortems/index.md create mode 100644 chromium/docs/website/site/developers/profiling-chromium-and-webkit/index.md create mode 100644 chromium/docs/website/site/developers/profiling-flame-graphs/flamegraph.png.sha1 create mode 100644 chromium/docs/website/site/developers/profiling-flame-graphs/index.md create mode 100644 chromium/docs/website/site/developers/public-calendar-for-meetings-discussing-new-ideas/index.md create mode 100644 chromium/docs/website/site/developers/quarantined-pages/index.md create mode 100644 chromium/docs/website/site/developers/quarantined-pages/meeting-notes/index.md create mode 100644 chromium/docs/website/site/developers/quick-reference/index.md create mode 100644 chromium/docs/website/site/developers/recent-changes-credential-management-api/index.md create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/01-movement.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/02-frameviewr.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/03-zoom.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/04-rects.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/05-tapdelay.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/06-invalidation.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/07-hypothetsis.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/08-after.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/09-layertree.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/10-dramatically.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/11-investigation.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/12-asusual.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/13-recalc.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/14-otherlayers.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/15-difflayertree.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/16-after.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/17-loadrelatedjank.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/18-verylong.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/19-populated.png.sha1 create mode 100644 chromium/docs/website/site/developers/rendering-performance-case-study-1/index.md create mode 100644 chromium/docs/website/site/developers/rtl-in-webkit/WebKit_For_Web_Developers_1.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/rtl-in-webkit/WebKit_For_Web_Developers_2.pdf.sha1 create mode 100644 chromium/docs/website/site/developers/rtl-in-webkit/index.md create mode 100644 chromium/docs/website/site/developers/severity-guidelines/index.md create mode 100644 chromium/docs/website/site/developers/shutdown/index.md create mode 100644 chromium/docs/website/site/developers/slack/blob_cheer.png.sha1 create mode 100644 chromium/docs/website/site/developers/slack/blob_peek.png.sha1 create mode 100644 chromium/docs/website/site/developers/slack/blob_praise.png.sha1 create mode 100644 chromium/docs/website/site/developers/slack/blob_stop.png.sha1 create mode 100644 chromium/docs/website/site/developers/slack/blob_think.png.sha1 create mode 100644 chromium/docs/website/site/developers/slack/index.md create mode 100644 chromium/docs/website/site/developers/slickedit-editor-notes/index.md create mode 100644 chromium/docs/website/site/developers/smart-pointer-guidelines/index.md create mode 100644 chromium/docs/website/site/developers/speed-hall-of-fame/index.md create mode 100644 chromium/docs/website/site/developers/speed-infra/chrome_speed_color.png.sha1 create mode 100644 chromium/docs/website/site/developers/speed-infra/index.md create mode 100644 chromium/docs/website/site/developers/speed-infra/perf-bug-faq/index.md create mode 100644 chromium/docs/website/site/developers/speed-infra/speed_logo.png.sha1 create mode 100644 chromium/docs/website/site/developers/status-update-email-best-practices/index.md create mode 100644 chromium/docs/website/site/developers/sublime-text/SublimeExample.png.sha1 create mode 100644 chromium/docs/website/site/developers/sublime-text/compile_current_file.py create mode 100644 chromium/docs/website/site/developers/sublime-text/index.md create mode 100644 chromium/docs/website/site/developers/sync-diagnostics/index.md create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/index.md create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/release-process/buildbot_screenshot.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/release-process/chromium-24.png.sha1 create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/release-process/death_metal_rooster3.png.sha1 create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/release-process/index.md create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/release-process/release process version 2.png.sha1 create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/release-process/starwars-disturbance2.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/tech-talk-videos/release-process/update_software_popup.png.sha1 create mode 100644 chromium/docs/website/site/developers/technical-discussion-groups/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/add_a_measurement/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/benchmark-organization-diagram.png.sha1 create mode 100644 chromium/docs/website/site/developers/telemetry/diagnosing-test-failures/Screen Shot 2014-12-10 at 9.42.17 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/telemetry/diagnosing-test-failures/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/performance-try-bots/Screen Shot 2014-08-26 at 10.49.28 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/telemetry/performance-try-bots/Screen Shot 2014-08-26 at 10.49.51 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/telemetry/performance-try-bots/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/profiling/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/record_a_page_set/WebPageReplayDiagram.png.sha1 create mode 100644 chromium/docs/website/site/developers/telemetry/record_a_page_set/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/run_locally/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/running-telemetry-on-chrome-os/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/telemetry-feature-guidelines/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/telemetry-mac-keychain-setup/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/telemetry-profile-generation/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/telemetry-unittests/index.md create mode 100644 chromium/docs/website/site/developers/telemetry/upload_to_cloud_storage/index.md create mode 100644 chromium/docs/website/site/developers/testing/adding-performance-tests/Screen Shot 2013-12-20 at 9.03.31 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/testing/adding-performance-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/adding-tests-to-the-main-waterfall/index.md create mode 100644 chromium/docs/website/site/developers/testing/addresssanitizer/index.md create mode 100644 chromium/docs/website/site/developers/testing/android-tests/android-webview-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/android-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/android-tests/testing-android-code-that-crosses-the-c-java-boundary/index.md create mode 100644 chromium/docs/website/site/developers/testing/browser-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/changedashboard/index.md create mode 100644 chromium/docs/website/site/developers/testing/chrome-test-apis/index.md create mode 100644 chromium/docs/website/site/developers/testing/chromium-build-infrastructure/index.md create mode 100644 chromium/docs/website/site/developers/testing/chromium-build-infrastructure/performance-test-plots/index.md create mode 100644 chromium/docs/website/site/developers/testing/chromium-build-infrastructure/performance-test-plots/page_cycler_plot.png.sha1 create mode 100644 chromium/docs/website/site/developers/testing/chromium-build-infrastructure/repro-a-build/index.md create mode 100644 chromium/docs/website/site/developers/testing/chromium-build-infrastructure/tour-of-the-chromium-buildbot/index.md create mode 100644 chromium/docs/website/site/developers/testing/chromium-build-infrastructure/tour-of-the-chromium-buildbot/waterfall.png.sha1 create mode 100644 chromium/docs/website/site/developers/testing/commit-queue/chromium_trybot-json/index.md create mode 100644 chromium/docs/website/site/developers/testing/commit-queue/design/index.md create mode 100644 chromium/docs/website/site/developers/testing/commit-queue/index.md create mode 100644 chromium/docs/website/site/developers/testing/commit-queue/integration-with-rietveld/index.md create mode 100644 chromium/docs/website/site/developers/testing/contacting-a-trooper/index.md create mode 100644 chromium/docs/website/site/developers/testing/control-flow-integrity/index.md create mode 100644 chromium/docs/website/site/developers/testing/control-flow-integrity/overhead/index.md create mode 100644 chromium/docs/website/site/developers/testing/dr-fuzz/index.md create mode 100644 chromium/docs/website/site/developers/testing/fake-bidi/index.md create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/flaky.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/flaky2.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/flaky3.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/index.md create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/missingorextra.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/newFailingTest.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/seeResults.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/testing/flakiness-dashboard/seeResults2.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/testing/frame-rate-test/index.md create mode 100644 chromium/docs/website/site/developers/testing/gpu-testing/gpu-bot-details/index.md create mode 100644 chromium/docs/website/site/developers/testing/gpu-testing/index.md create mode 100644 chromium/docs/website/site/developers/testing/index.md create mode 100644 chromium/docs/website/site/developers/testing/instrumented-libraries-for-dynamic-tools/index.md create mode 100644 chromium/docs/website/site/developers/testing/isolated-testing/deterministic-builds/index.md create mode 100644 chromium/docs/website/site/developers/testing/isolated-testing/for-swes/index.md create mode 100644 chromium/docs/website/site/developers/testing/isolated-testing/index.md create mode 100644 chromium/docs/website/site/developers/testing/isolated-testing/infrastructure/index.md create mode 100644 chromium/docs/website/site/developers/testing/leaksanitizer/index.md create mode 100644 chromium/docs/website/site/developers/testing/libfuzzer/index.md create mode 100644 chromium/docs/website/site/developers/testing/memorysanitizer/index.md create mode 100644 chromium/docs/website/site/developers/testing/multi-process-ram-usage-analysis-on-android/index.md create mode 100644 chromium/docs/website/site/developers/testing/no-compile-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/page-heap-for-chrome/index.md create mode 100644 chromium/docs/website/site/developers/testing/running-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/threadsanitizer-tsan-v2/index.md create mode 100644 chromium/docs/website/site/developers/testing/time-complexity-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/try-server-usage/index.md create mode 100644 chromium/docs/website/site/developers/testing/undefinedbehaviorsanitizer/index.md create mode 100644 chromium/docs/website/site/developers/testing/webgl-conformance-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/webkit-layout-tests/content-shell/index.md create mode 100644 chromium/docs/website/site/developers/testing/webkit-layout-tests/identifying-tests-that-depend-on-order/index.md create mode 100644 chromium/docs/website/site/developers/testing/webkit-layout-tests/index.md create mode 100644 chromium/docs/website/site/developers/testing/webkit-layout-tests/testexpectations/index.md create mode 100644 chromium/docs/website/site/developers/testing/webkit-layout-tests/using-breakpad-with-content-shell/index.md create mode 100644 chromium/docs/website/site/developers/testing/windows-installer-tests/index.md create mode 100644 chromium/docs/website/site/developers/the-json-test-results-format/index.md create mode 100644 chromium/docs/website/site/developers/the-rendering-critical-path/index.md create mode 100644 chromium/docs/website/site/developers/threaded-task-tracking/index.md create mode 100644 chromium/docs/website/site/developers/ticket-milestone-punting/index.md create mode 100644 chromium/docs/website/site/developers/tools-we-use-in-chromium/grit/grit-design-overview/index.md create mode 100644 chromium/docs/website/site/developers/tools-we-use-in-chromium/grit/grit-regression-test-plan/index.md create mode 100644 chromium/docs/website/site/developers/tools-we-use-in-chromium/grit/grit-users-guide/index.md create mode 100644 chromium/docs/website/site/developers/tools-we-use-in-chromium/grit/how-to-contribute-to-grit/index.md create mode 100644 chromium/docs/website/site/developers/tools-we-use-in-chromium/grit/index.md create mode 100644 chromium/docs/website/site/developers/tools-we-use-in-chromium/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/chrome-in-chromeos-gardening/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/handling-a-failing-test/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/Screen Shot 2013-04-23 at 8.04.15 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/Screen Shot 2013-10-27 at 10.23.35 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/Screen Shot 2013-10-27 at 10.29.17 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/Screen Shot 2013-10-27 at 10.33.54 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/Screen Shot 2013-10-27 at 10.39.38 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/Screen Shot 2013-10-27 at 10.50.40 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/SheriffBadge2.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/bisecting-performance-regressions/Screen Shot 2013-05-28 at 6.18.39 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/bisecting-performance-regressions/Screenshot from 2013-08-20 09_14_59.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/bisecting-performance-regressions/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/perf-sheriffs/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium-os/Builders.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium-os/ChromeOS Parallel CQ - Linear view of CLs.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium-os/Screenshot.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium-os/Test Orchestrator.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium-os/cloud-storage.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium-os/crash-example.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium-os/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium/Waterfall.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-details-chromium/tree_status.png.sha1 create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-o-matic/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriff-philosophy/index.md create mode 100644 chromium/docs/website/site/developers/tree-sheriffs/sheriffing-bug-queues/index.md create mode 100644 chromium/docs/website/site/developers/triggered-reset-api/index.md create mode 100644 chromium/docs/website/site/developers/u-boot/index.md create mode 100644 chromium/docs/website/site/developers/u-boot/ttyusb create mode 100644 chromium/docs/website/site/developers/updating-webui-for-material-design/index.md create mode 100644 chromium/docs/website/site/developers/updating-webui-for-material-design/settings-material-design/index.md create mode 100644 chromium/docs/website/site/developers/updating-webui-for-material-design/testing-asynchronous-ui/index.md create mode 100644 chromium/docs/website/site/developers/updating-webui-for-material-design/testing-webui-with-mocha/index.md create mode 100644 chromium/docs/website/site/developers/updating-webui-for-material-design/using-polymer-icons/index.md create mode 100644 chromium/docs/website/site/developers/useful-extensions/index.md create mode 100644 chromium/docs/website/site/developers/using-atom-as-your-ide/index.md create mode 100644 chromium/docs/website/site/developers/using-eclipse-with-chromium/index.md create mode 100644 chromium/docs/website/site/developers/using-requestautocomplete/1LjbbxAJEBfpWRufhVtrUxNAB_WgavjqvfgpL.png.sha1 create mode 100644 chromium/docs/website/site/developers/using-requestautocomplete/1Zh85u4gzhhDkC6myiRAyO2SH1iRgCCbUoJ4O.png.sha1 create mode 100644 chromium/docs/website/site/developers/using-requestautocomplete/1bViPA1pF_5p0g5UaRwdhWedLTrTjXkcszqV3.png.sha1 create mode 100644 chromium/docs/website/site/developers/using-requestautocomplete/1m438-F2ObI9EqH66C94s_A6pzh5nN7Komyde.png.sha1 create mode 100644 chromium/docs/website/site/developers/using-requestautocomplete/index.md create mode 100644 chromium/docs/website/site/developers/using-requestautocomplete/order-summary.png.sha1 create mode 100644 chromium/docs/website/site/developers/version-numbers/index.md create mode 100644 chromium/docs/website/site/developers/web-development-style-guide/index.md create mode 100644 chromium/docs/website/site/developers/web-idl-interfaces/index.md create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/Screen shot 2012-05-09 at 7.43.31 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/Screen shot 2012-05-10 at 11.59.08 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/Screen shot 2012-05-10 at 12.40.51 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/Screen shot 2012-05-11 at 12.00.09 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/Screen shot 2012-05-11 at 12.02.41 AM.png.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/Screen shot 2012-05-14 at 4.48.28 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/Screen shot 2012-05-14 at 4.56.03 PM.png.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/index.md create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/noinstalls.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/web-intents-in-chrome/with.PNG.sha1 create mode 100644 chromium/docs/website/site/developers/web-platform-status/forms/index.md create mode 100644 chromium/docs/website/site/developers/web-platform-status/index.md create mode 100644 chromium/docs/website/site/developers/webkit-core-projects/index.md create mode 100644 chromium/docs/website/site/developers/webui/index.md create mode 100644 chromium/docs/website/site/developers/webview-changes/index.md create mode 100644 chromium/docs/website/site/developers/whistling.jpg.sha1 create mode 100644 chromium/docs/website/site/developers/windows-binary-sizes/index.md create mode 100644 chromium/docs/website/site/devtools/announcements/index.md create mode 100644 chromium/docs/website/site/devtools/breakpoints-tutorial/index.md create mode 100644 chromium/docs/website/site/devtools/capturing-a-timeline-trace/index.md create mode 100644 chromium/docs/website/site/devtools/capturing-a-timeline-trace/save timeline.png.sha1 create mode 100644 chromium/docs/website/site/devtools/feed-icon16x16.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/arrow.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_1.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dir.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dirxml.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_one.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_zero.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_id.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_inspect.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_bottom.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_top.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_css_syntax_highlighting.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_event_listeners_gear.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_hover.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_metrics.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_p.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_panel.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_properties_paner.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_search.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_checkboxes.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_edit.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/exclude_selected_function.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/focus_selected_function.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_compare.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_drill_down.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/index.md create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/page_menu.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiles_panel_1.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_cpu_1.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_search.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_click_sidebar.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_drag_drop.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_enable_window.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_panel.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_size.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_sort_by.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints_2.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel_2.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_paused.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_cookie.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_database.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_sql_query.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_sticky_note.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_panel.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_records.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_slider_right.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/top_tool_bar_w_console.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/two_profiles.png.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench-icon.jpg.sha1 create mode 100644 chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench.png.sha1 create mode 100644 chromium/docs/website/site/devtools/index.md create mode 100644 chromium/docs/website/site/devtools/page_menu.png.sha1 create mode 100644 chromium/docs/website/site/devtools/wrench-icon.jpg.sha1 create mode 100644 chromium/docs/website/site/embeddedsearch/index.md create mode 100644 chromium/docs/website/site/events/blinkon-14/index.md create mode 100644 chromium/docs/website/site/events/blinkon-15/index.md create mode 100644 chromium/docs/website/site/events/blinkon-16/index.md create mode 100644 chromium/docs/website/site/events/blinkon-resources/index.md create mode 100644 chromium/docs/website/site/events/index.md create mode 100644 chromium/docs/website/site/favicon.ico.sha1 create mode 100644 chromium/docs/website/site/flag-ownership/index.md create mode 100644 chromium/docs/website/site/flash-roadmap/deprecating-wildcards/index.md create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 15.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 27.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Aug 10.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 6.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 9.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update May 24.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Daily Actives - Oct 13, 2017.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact - Usage.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impressions - Oct 13, 2017.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Usage Trend - Jan 25th, 2017.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 15.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 27.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Aug 10.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 6.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 9.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update May 24.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after (Updated).png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after.jpg.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 before.png.sha1 create mode 100644 chromium/docs/website/site/flash-roadmap/flash-usage-trends/index.md create mode 100644 chromium/docs/website/site/flash-roadmap/index.md create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/chromium-bug-labels/index.md create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/crash-with-gdb create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/index.md create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/index.md create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/reporting-crash-bug/index.md create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/triage-best-practices/index.md create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/blockthirdpartycookies.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/index.md create mode 100644 chromium/docs/website/site/for-testers/bug-reporting-guidlines-for-the-mac-linux-builds/index.md create mode 100644 chromium/docs/website/site/for-testers/command-line-flags/index.md create mode 100644 chromium/docs/website/site/for-testers/enable-logging/configure providers.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/enable-logging/index.md create mode 100644 chromium/docs/website/site/for-testers/faft/FAFT (1).jpg.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/FAFT Hardware Setup Layout.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/Servo2_with_labels.jpg.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/ServoV4-typeC-micro.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/ServoV4.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/index.md create mode 100644 chromium/docs/website/site/for-testers/faft/pd_typeC.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/rc_typeA.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/rc_typec.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/rc_typec_official.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/faft/servo_v4.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/constrained-windows--basic-testing/index.md create mode 100644 chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/index.md create mode 100644 chromium/docs/website/site/for-testers/frontend-testing/index.md create mode 100644 chromium/docs/website/site/for-testers/frontend-testing/spell-check/index.md create mode 100644 chromium/docs/website/site/for-testers/frontend-testing/spell-check/spell-check--basic-testing/index.md create mode 100644 chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/index.md create mode 100644 chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/list_chrome.zip.sha1 create mode 100644 chromium/docs/website/site/for-testers/index.md create mode 100644 chromium/docs/website/site/for-testers/installer/index.md create mode 100644 chromium/docs/website/site/for-testers/installer/installer--basic-testing/index.md create mode 100644 chromium/docs/website/site/for-testers/providing-memory-details/index.md create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/Screen Shot 2017-04-26 at 11.18.49 AM.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/capture-bytes.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/inclue-bytes-mobile.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/index.md create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/net-export-61.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/net-export-raw-bytes-61.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/net-internals.PNG.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/netexport.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/netinternals_export.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/save-to-file.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/providing-network-details/start-logging-to-disk.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/saft/index.md create mode 100644 chromium/docs/website/site/for-testers/test-cases/index.md create mode 100644 chromium/docs/website/site/for-testers/touch-firmware-tests/TouchFWTests.png.sha1 create mode 100644 chromium/docs/website/site/for-testers/touch-firmware-tests/index.md create mode 100644 chromium/docs/website/site/for-testers/unhealthy-tests-report/index.md create mode 100644 chromium/docs/website/site/geforce-now-on-chromebooks/index.md create mode 100644 chromium/docs/website/site/getting-involved/become-a-committer/index.md create mode 100644 chromium/docs/website/site/getting-involved/bug-triage/index.md create mode 100644 chromium/docs/website/site/getting-involved/dev-channel/index.md create mode 100644 chromium/docs/website/site/getting-involved/dev-channel/wrench.png.sha1 create mode 100644 chromium/docs/website/site/getting-involved/download-chromium/index.md create mode 100644 chromium/docs/website/site/getting-involved/get-bug-editing-privileges/index.md create mode 100644 chromium/docs/website/site/getting-involved/index.md create mode 100644 chromium/docs/website/site/getting-involved/summerofcode2013/index.md create mode 100644 chromium/docs/website/site/glossary/index.md create mode 100644 chromium/docs/website/site/hsts/email.png.sha1 create mode 100644 chromium/docs/website/site/hsts/index.md create mode 100644 chromium/docs/website/site/index.md create mode 100644 chromium/docs/website/site/infra/index.md create mode 100644 chromium/docs/website/site/irc-support-faq/index.md create mode 100644 chromium/docs/website/site/irc/index.md create mode 100644 chromium/docs/website/site/issue-tracking/autotriage/index.md create mode 100644 chromium/docs/website/site/issue-tracking/creating-a-bug-template-url/index.md create mode 100644 chromium/docs/website/site/issue-tracking/editing-components/Component Edit View.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/editing-components/Component List.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/editing-components/Components.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/editing-components/Development Process.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/editing-components/index.md create mode 100644 chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Confirm.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Worked.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/how-to-bulk-edit/index.md create mode 100644 chromium/docs/website/site/issue-tracking/index.md create mode 100644 chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/Conceptual Model.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/State Diagram.jpg.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/index.md create mode 100644 chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit - Confirm.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/migrating-issue-components/Component List.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/migrating-issue-components/Components.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/migrating-issue-components/Depercate Component.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/migrating-issue-components/Development Process.png.sha1 create mode 100644 chromium/docs/website/site/issue-tracking/migrating-issue-components/index.md create mode 100644 chromium/docs/website/site/issue-tracking/release-block-guidelines/index.md create mode 100644 chromium/docs/website/site/issue-tracking/requesting-a-component-or-label/index.md create mode 100644 chromium/docs/website/site/issue-tracking/tips-and-tricks/index.md create mode 100644 chromium/docs/website/site/july-2021---new-features-fixit-stability-security-fixes-interop-fixes-and-more/index.md create mode 100644 chromium/docs/website/site/layout-test-contest/index.md create mode 100644 chromium/docs/website/site/layout-test-contest/layout-test-contest-leaderboard/index.md create mode 100644 chromium/docs/website/site/nativeclient/day-to-day/codereview/index.md create mode 100644 chromium/docs/website/site/nativeclient/day-to-day/index.md create mode 100644 chromium/docs/website/site/nativeclient/day-to-day/infrastructure-faq/index.md create mode 100644 chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/index.md create mode 100644 chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/nacl_diagram.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/getting-started/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/3d-tips-and-best-practices/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/build-tcb/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/building-and-testing-gcc-and-gnu-binutils/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-a-trusted-plugin-on-linux/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-trusted-plugin-on-windows/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/trusted-debugging-on-mac/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-chrome-os/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 1.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 2.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build behaviour tab.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build variables.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse consoles.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Gdbserver Settings.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Main.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc Debugger Main.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc main.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration main.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug icon.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse gdb_init file.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse glibc hit breakpoint.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hammer icon.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hit breakpoint.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse last debug configurations.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new build variable.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new debug configuration icon.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new project.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse output location.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse project view.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse select preferred launcher.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse source location.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse with indexer enabled.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/getting-started-with-debug-stub/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/exception-handling-interface/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/how-to-use-git-svn-with-native-client/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/how-to-write-assembler-for-x86-nacl-platform/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/index.md create mode 100644 chromium/docs/website/site/nativeclient/how-tos/working-on-the-git-toolchain-repos/index.md create mode 100644 chromium/docs/website/site/nativeclient/index.md create mode 100644 chromium/docs/website/site/nativeclient/life-of-sel_ldr/index.md create mode 100644 chromium/docs/website/site/nativeclient/nameservice/index.md create mode 100644 chromium/docs/website/site/nativeclient/nameservice/naming-issues----rationale/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/Fragment padding.png.1355408184699.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/bitcode-abi/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/building-pnacl-components-for-distribution-packagers/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/developing-pnacl/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/experimenting-with-generated-bitcode/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/introduction-to-portable-native-client/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/stability-of-the-pnacl-bitcode-abi/StabilityofthePNaClbitcodeABI.pdf.sha1 create mode 100644 chromium/docs/website/site/nativeclient/pnacl/stability-of-the-pnacl-bitcode-abi/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/subzero/index.md create mode 100644 chromium/docs/website/site/nativeclient/pnacl/subzero/simple-loop-example/index.md create mode 100644 chromium/docs/website/site/nativeclient/reference/anatomy-of-a-sys/NaClSyscallFlowchart.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/reference/anatomy-of-a-sys/NaClSyscallFlowchart2.png.sha1 create mode 100644 chromium/docs/website/site/nativeclient/reference/anatomy-of-a-sys/index.md create mode 100644 chromium/docs/website/site/nativeclient/reference/arm-overview/index.md create mode 100644 chromium/docs/website/site/nativeclient/reference/external-resource-directory/index.md create mode 100644 chromium/docs/website/site/nativeclient/reference/index.md create mode 100644 chromium/docs/website/site/nativeclient/reference/research-papers/index.md create mode 100644 chromium/docs/website/site/nativeclient/reference/research-papers/pnacl.pdf.sha1 create mode 100644 chromium/docs/website/site/nativeclient/styleguide/index.md create mode 100644 chromium/docs/website/site/network-speed-experiments/index.md create mode 100644 chromium/docs/website/site/omnibox-history-provider/HQP Search.jpg.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/HQP.jpg.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/HQP.tiff.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/Screen shot 2011-02-16 at 2.59.44 PM.png.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/Screen shot 2011-02-16 at 3.16.49 PM.png.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/caching/Initialization.png.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/caching/Shutdown.png.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/caching/ShutdownDetail.png.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/caching/Startup.png.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/caching/StartupDetail.png.sha1 create mode 100644 chromium/docs/website/site/omnibox-history-provider/caching/index.md create mode 100644 chromium/docs/website/site/omnibox-history-provider/index.md create mode 100644 chromium/docs/website/site/pages.json create mode 100644 chromium/docs/website/site/platform-privacy/index.md create mode 100644 chromium/docs/website/site/quic/index.md create mode 100644 chromium/docs/website/site/quic/parse-client-hello/index.md create mode 100644 chromium/docs/website/site/quic/playing-with-quic/index.md create mode 100644 chromium/docs/website/site/quic/quic-faq/index.md create mode 100644 chromium/docs/website/site/rvalue-references/index.md create mode 100644 chromium/docs/website/site/searchbox/index.md create mode 100644 chromium/docs/website/site/security-keys/index.md create mode 100644 chromium/docs/website/site/servicification/index.md create mode 100644 chromium/docs/website/site/site.json create mode 100644 chromium/docs/website/site/spdy/An_Argument_For_Changing_TCP_Slow_Start.pdf.sha1 create mode 100644 chromium/docs/website/site/spdy/More_Bandwidth_Doesn_t_Matter_2_(2).pdf.sha1 create mode 100644 chromium/docs/website/site/spdy/effect_of_initial_cwnd_on_plt(1).png.sha1 create mode 100644 chromium/docs/website/site/spdy/http2/index.md create mode 100644 chromium/docs/website/site/spdy/index.md create mode 100644 chromium/docs/website/site/spdy/link-headers-and-server-hint/index.md create mode 100644 chromium/docs/website/site/spdy/link-headers-and-server-hint/link-rel-subresource/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-authentication/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-best-practices/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-data/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-data/spdy-bytes.png.sha1 create mode 100644 chromium/docs/website/site/spdy/spdy-data/spdy-pktloss.png.sha1 create mode 100644 chromium/docs/website/site/spdy/spdy-data/spdy-rtt.png.sha1 create mode 100644 chromium/docs/website/site/spdy/spdy-data/spdy-rtt2.png.sha1 create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/spdy-protocol-draft1/controlframetypes/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/spdy-protocol-draft1/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/spdy-protocol-draft2/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/spdy-protocol-draft3-1/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/spdy-protocol-draft3-2/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/spdy-protocol-draft3/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-protocol/spdyprotocol-xml/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-tools-and-debugging/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-whitepaper/index.md create mode 100644 chromium/docs/website/site/spdy/spdy-whitepaper/soarjOjSeS5hoFYvjtAnxCg.png.sha1 create mode 100644 chromium/docs/website/site/spdy/spdy-whitepaper/spdy_design_and_features_layers.png.sha1 create mode 100644 chromium/docs/website/site/sts/index.md create mode 100644 chromium/docs/website/site/sts/redirect.xml create mode 100644 chromium/docs/website/site/tab-to-search/index.md create mode 100644 chromium/docs/website/site/teams/animations/animation-objectives/index.md create mode 100644 chromium/docs/website/site/teams/animations/animation-worklet/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/animations-documentation-throughput-metrics-code-health-capability-delegation-user-input-security-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/april-2019-volume-ii/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/april-2019/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/april-2020---web-animations-scroll-linked-animations-throughput-metrics-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/april-2021---new-features-testing-stability-fixes-interop-fixes-metrics-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/april-2021-vol-2---new-features-testing-stability-fixes-interop-fixes-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/august-2019/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/august-2020---code-health-animations-context-menu-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/august-2021---new-features-fixit-testing-code-health-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/august-2021-vol-2---new-features-code-health-stability-security-fixes/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/february-2021-new-features-testing-stability-fixes-code-health-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/january-2020---off-thread-paintworklet-web-animation-scrolltimeline-virtual-scroller-scrollsnap-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/january-2021---code-health-new-features-testing-and-stability-fixes/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/july-2019/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/june-2019-volume-ii/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/june-2019/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/june-2020---web-animations-scroll-linked-animations-throughput-metrics-scroll-unification-webdriver-pointer-events-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/june-2021---new-features-stability-fixes-interop-fixes-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/june-2021-vol-2---new-features-stability-fixes-interop-fixes-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/march-2019/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/march-2020---web-animations-scroll-linked-animations-throughput-metrics-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/march-2021---fixit-week-new-features-testing-interop-metrics-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/may-2019/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/may-2021---new-features-testing-stability-fixes-interop-fixes-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/nov-dec-2019---blinkon-scrollsnap-lottie-hittesting-virtualscroller-websharedlibrary-wpt-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/november-2021-highlights/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/october-2019/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/october-2020---code-health-scroll-timelines-synthetic-user-activation-scroll-unification-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/october-2021---2-sprints-worth-of-highlights/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/september-2020---code-heath-animation-timelines-smoothness-metrics-animation-event-handlers-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/september-2020-vol-2---code-health-logical-property-animation-off-thread-paintworklet-capability-delegation-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/september-2021---new-features-testing-code-health-interop-fixes-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/september-update/index.md create mode 100644 chromium/docs/website/site/teams/animations/highlights-archive/web-animation-scroll-linked-animation-snap-after-layout-throughput-metrics-and-more/index.md create mode 100644 chromium/docs/website/site/teams/animations/index.md create mode 100644 chromium/docs/website/site/teams/animations/paint-worklet/index.md create mode 100644 chromium/docs/website/site/teams/binding-team/index.md create mode 100644 chromium/docs/website/site/teams/device-team/index.md create mode 100644 chromium/docs/website/site/teams/devtools/index.md create mode 100644 chromium/docs/website/site/teams/dom-team/index.md create mode 100644 chromium/docs/website/site/teams/ecosystem-infra/index.md create mode 100644 chromium/docs/website/site/teams/index.md create mode 100644 chromium/docs/website/site/teams/input-dev/index.md create mode 100644 chromium/docs/website/site/teams/input-dev/input-objectives/2015-okrs/index.md create mode 100644 chromium/docs/website/site/teams/input-dev/input-objectives/2016-okrs/index.md create mode 100644 chromium/docs/website/site/teams/input-dev/input-objectives/2017-okrs/index.md create mode 100644 chromium/docs/website/site/teams/input-dev/input-objectives/2018-okrs/index.md create mode 100644 chromium/docs/website/site/teams/input-dev/input-objectives/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/bug-triage/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/eliminating-simple-text/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/20141209/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/20150107/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/friday-october-2-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/march-2-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/may-28-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-april-11-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-april-13-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-april-20-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-april-25-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-april-27-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-april-4-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-april-6-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-august-10-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-august-17-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-august-24-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-august-29-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-august-3-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-august-31-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-1-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-2/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-21-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-22-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-23-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-28-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-29-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-8-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-february-9/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-january-11-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-january-4-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-july-13-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-july-18-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-july-20-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-june-1-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-june-22-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-june-27-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-june-6-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-june-8-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-march-16-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-march-23-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-march-30-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-march-7-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-march-9-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-may-16-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-may-4-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-november-23-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-november-30-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-october-12-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-october-19-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-october-5-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-september-14-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/monday-september-28-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/thursday-april-2-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/thursday-june-4-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/tuesday-february-16-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/tuesday-june-16-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/tuesday-march-15-2016/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/tuesday-may-26-2015/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/meeting-notes/wednesday-february-18/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/okrs/2015q1/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/okrs/2015q2/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/okrs/2015q3/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/okrs/2015q4/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/okrs/2016q1/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/okrs/index.md create mode 100644 chromium/docs/website/site/teams/layout-team/potential-projects/index.md create mode 100644 chromium/docs/website/site/teams/paint-team/canvas-okrs/index.md create mode 100644 chromium/docs/website/site/teams/paint-team/index.md create mode 100644 chromium/docs/website/site/teams/paint-team/okrs/index.md create mode 100644 chromium/docs/website/site/teams/paint-team/paint-team-members/index.md create mode 100644 chromium/docs/website/site/teams/rendering/index.md create mode 100644 chromium/docs/website/site/teams/rendering/okrs/2020-q1/index.md create mode 100644 chromium/docs/website/site/teams/rendering/okrs/2020-q2/index.md create mode 100644 chromium/docs/website/site/teams/rendering/okrs/index.md create mode 100644 chromium/docs/website/site/teams/speed-metrics-team/index.md create mode 100644 chromium/docs/website/site/teams/style-team/index.md create mode 100644 chromium/docs/website/site/teams/web-capabilities-fugu/index.md create mode 100644 chromium/docs/website/site/teams/worker-team/index.md create mode 100644 chromium/docs/website/site/testing-chrome-ad-filtering/index.md create mode 100644 chromium/docs/website/site/throttling/anti-ddos-http-throttling-in-older-versions-of-chrome/index.md create mode 100644 chromium/docs/website/site/throttling/index.md create mode 100644 chromium/docs/website/site/updates/first-party-sets/index.md create mode 100644 chromium/docs/website/site/updates/index.md create mode 100644 chromium/docs/website/site/updates/same-site/faq/index.md create mode 100644 chromium/docs/website/site/updates/same-site/incompatible-clients/index.md create mode 100644 chromium/docs/website/site/updates/same-site/index.md create mode 100644 chromium/docs/website/site/updates/same-site/test-debug/index.md create mode 100644 chromium/docs/website/site/updates/same-site/test-debug/tsyEts8ZOXE.png.sha1 create mode 100644 chromium/docs/website/site/updates/schemeful-same-site/index.md create mode 100644 chromium/docs/website/site/updates/schemeful-same-site/schemeful-same-site-devtools-issues/index.md create mode 100644 chromium/docs/website/site/updates/schemeful-same-site/testing-and-debugging-tips-for-schemeful-same-site/SS of Issue.png.sha1 create mode 100644 chromium/docs/website/site/updates/schemeful-same-site/testing-and-debugging-tips-for-schemeful-same-site/SS of flags.png.sha1 create mode 100644 chromium/docs/website/site/updates/schemeful-same-site/testing-and-debugging-tips-for-schemeful-same-site/index.md create mode 100644 chromium/docs/website/site/updates/schemeful-same-site/testing-and-debugging-tips-for-schemeful-same-site/tsyEts8ZOXE.png.sha1 create mode 100644 chromium/docs/website/site/updates/trust-token/index.md create mode 100644 chromium/docs/website/site/updates/ua-ch/index.md create mode 100644 chromium/docs/website/site/updates/ua-reduction/index.md create mode 100644 chromium/docs/website/site/user-experience/Chrome.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/ChromeOS.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/assistive-technology-support/index.md create mode 100644 chromium/docs/website/site/user-experience/bookmarklets/default.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/bookmarklets/index.md create mode 100644 chromium/docs/website/site/user-experience/bookmarklets/install_dialog.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/bookmarklets/menu.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/bookmarklets/menu_context.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/bookmarks/bookmark_add.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/bookmarks/bookmarks_bar.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/bookmarks/index.md create mode 100644 chromium/docs/website/site/user-experience/downloads-1/index.md create mode 100644 chromium/docs/website/site/user-experience/downloads/Moodstats_1.22.zip.sha1 create mode 100644 chromium/docs/website/site/user-experience/downloads/download_shelf.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/downloads/index.md create mode 100644 chromium/docs/website/site/user-experience/feed-subscriptions/default.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/feed-subscriptions/index.md create mode 100644 chromium/docs/website/site/user-experience/feed-subscriptions/rss_preview.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/find-in-page/find_bar.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/find-in-page/index.md create mode 100644 chromium/docs/website/site/user-experience/history/history_browse.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/history/history_results.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/history/index.md create mode 100644 chromium/docs/website/site/user-experience/incognito/incognito2.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/incognito/index.md create mode 100644 chromium/docs/website/site/user-experience/index.md create mode 100644 chromium/docs/website/site/user-experience/infobars/blue-gradient.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/controls.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/dialog.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/example-ext-crash.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/example-theme.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/example-translate-confirm.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/example-translate.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/02_embedded_infobar.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/03_contentsettings.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/04_exceptions.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/05_exceptionsproperties.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/06_tracking.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/07_trackingbubble.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/1.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/example-geolocation.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/geolocation/index.md create mode 100644 chromium/docs/website/site/user-experience/infobars/grey-gradient.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/infobars/index.md create mode 100644 chromium/docs/website/site/user-experience/infobars/yellow-gradient.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/keyboard-access/index.md create mode 100644 chromium/docs/website/site/user-experience/low-vision-support/index.md create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/05_signed_in.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/09_options_not_signed_in.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/Screen shot 2010-11-18 at 2.59.56 PM.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/Screen shot 2011-11-01 at 11.21.45 AM.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/cupcake_2.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/index.md create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/profile_menu3.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multi-profiles/signin_1.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multitouch/GesturesImages.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/multitouch/gestures_concept.mp4.sha1 create mode 100644 chromium/docs/website/site/user-experience/multitouch/index.md create mode 100644 chromium/docs/website/site/user-experience/new-tab-page/index.md create mode 100644 chromium/docs/website/site/user-experience/new-tab-page/new_tab_resources.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/notifications/Notifications.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/notifications/index.md create mode 100644 chromium/docs/website/site/user-experience/omnibox/cheese_results.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/omnibox/index.md create mode 100644 chromium/docs/website/site/user-experience/omnibox/keyword.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/omnibox/omnibox-bug-triage-process/index.md create mode 100644 chromium/docs/website/site/user-experience/omnibox/omnibox_results.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/options/index.md create mode 100644 chromium/docs/website/site/user-experience/options/options_basics.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/resolution-independence/Screen shot 2009-10-14 at 8.47.17 AM.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/resolution-independence/Screen shot 2010-02-02 at 10.51.45 AM.PNG.sha1 create mode 100644 chromium/docs/website/site/user-experience/resolution-independence/index.md create mode 100644 chromium/docs/website/site/user-experience/screen-reader-support/index.md create mode 100644 chromium/docs/website/site/user-experience/status-bubble/index.md create mode 100644 chromium/docs/website/site/user-experience/status-bubble/status_bubble.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/status-bubble/status_bubble_hover.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/status-bubble/status_bubble_whiter.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/tabs/index.md create mode 100644 chromium/docs/website/site/user-experience/tabs/tab.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/tabs/throbber/chrome_throbber_64.gif.sha1 create mode 100644 chromium/docs/website/site/user-experience/tabs/throbber/index.md create mode 100644 chromium/docs/website/site/user-experience/tabs/throbber/throbber.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/toolbar/index.md create mode 100644 chromium/docs/website/site/user-experience/touch-access/chromeos_touch_accessibility_user_flow.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/touch-access/index.md create mode 100644 chromium/docs/website/site/user-experience/touch-access/playing_around (2).png.sha1 create mode 100644 chromium/docs/website/site/user-experience/ui-strings/index.md create mode 100644 chromium/docs/website/site/user-experience/user-data-directory/index.md create mode 100644 chromium/docs/website/site/user-experience/visual-design/chrome_0.2_psd.zip.sha1 create mode 100644 chromium/docs/website/site/user-experience/visual-design/chrome_colorscheme.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/visual-design/index.md create mode 100644 chromium/docs/website/site/user-experience/visual-design/mathemagics (1).png.sha1 create mode 100644 chromium/docs/website/site/user-experience/window-frame/frame_corners.png.sha1 create mode 100644 chromium/docs/website/site/user-experience/window-frame/index.md create mode 100644 chromium/docs/website/site/x-subresources/index.md create mode 100644 chromium/docs/website/site/x-subresources/x-subresources-1/index.md create mode 100644 chromium/docs/website/third_party/node/linux/node-linux-x64.tar.gz.sha1 create mode 100644 chromium/docs/website/third_party/node/mac/node-darwin-x64.tar.gz.sha1 create mode 100644 chromium/docs/website/third_party/node/win/node.exe.sha1 (limited to 'chromium/docs/website') diff --git a/chromium/docs/website/.eleventy.js b/chromium/docs/website/.eleventy.js new file mode 100644 index 00000000000..c5fcf379992 --- /dev/null +++ b/chromium/docs/website/.eleventy.js @@ -0,0 +1,183 @@ +module.exports = config => { + config.addWatchTarget('./site/_stylesheets/'); + + // `markdown-it` is Eleventy's default Markdown rendering engine. + // We need a reference to it to customize its behavior, below. + const md = require('markdown-it'); + + // `markdown-it-anchor` is an Eleventy plugin that will add tags to header elements. + // (this improves the accessibility of linking to headers.) + const anchor = require('markdown-it-anchor'); + + // `uslug` is a Node package that convert text strings into "slugs" in a + // Unicode-friendly way. (Slugs are the kebab-cased equivalents of text that + // we use for page names, id's, etc. "Hello world" turns into 'hello-world". + const uslug = require('uslug'); + + // `markdown-it-attrs` is a markdown-it plugin that lets us customize the + // `id` and `class` attributes of an element in the generated output; + // we use this mostly for customizing the links in header tags. + // + // `markdown-it-toc-done-right` is a markdown-it plugin that adds support + // for the `[TOC]` mechanism for generating the table of contents in a page. + let mdlib = md({ + html: true, + }).use(require('markdown-it-attrs'), { + leftDelimiter: '{:', + rightDelimiter: '}', + allowedAttributes: ['id', 'class'], + }).use(anchor, { + slugify: s => uslug(s), + level: 2, + permalink: anchor.permalink.headerLink(), + }).use(require('markdown-it-toc-done-right'), { + slugify: uslug, + tocClassName: 'toc', + tocFirstLevel: 2, + tocPattern: /\[TOC\]/, + }); + + config.setLibrary('md', mdlib); + + // TODO(crbug.com/1271672): Figure out how to make this syntax and API + // less clunky. + const subpages = require('./scripts/subpages.js') + function handleSubPages(collectionAll) { + let pageUrl = this.page.url; + return subpages.render(pageUrl, collectionAll); + }; + config.addNunjucksShortcode("subpages", handleSubPages); + + // Copy binary assets over to the dist/ directory. + + // This list must be kept in sync with the lists in //.eleventy.js and + // //scripts/upload_lobs.py. + // TODO(dpranke): Figure out how to share these lists to eliminate the + // duplication and need to keep them in sync. + let lob_extensions = [ + '.ai', + '.bin', + '.bmp', + '.brd', + '.bz2', + '.crx', + '.config', + '.dia', + '.gif', + '.graffle', + '.ico', + '.jpg', + 'jpg', // Some files are missing the '.' :(., + '.jpeg', + '.mp4', + '.msi', + '.pdf', + 'pdf', // Some files are missing the '.' :(. + '.png', + 'png', // Some files are missing the '.' :(. + '.PNG', + '.swf', + '.svg', + '.tar.gz', + '.tiff', + '_trace', + '.webp', + '.xcf', + '.xlsx', + '.zip', + ]; + + // This should basically pick up everything that isn't a .md file + // or a .sha1. + // TODO(dpranke): Figure out how to actually enforce this and get + // rid of the "basically". There has to be a better approach. :). + let extensions = lob_extensions.concat([ + '.cpp', + '.css', + '.csv', + '.dot', + '.ebuild', + '.el', + '.html', + '.js', + '.json', + 'patch', + '.py', + '.txt', + '.xml' + ]); + + for (let ext of extensions) { + config.addPassthroughCopy('site/**/*' + ext); + } + + // Set up the Content-Security-Policy (CSP) hash filter. Every + + diff --git a/chromium/docs/website/site/Home/chromium-security/articles/chrome-sandbox-diagnostics-for-windows/index.md b/chromium/docs/website/site/Home/chromium-security/articles/chrome-sandbox-diagnostics-for-windows/index.md new file mode 100644 index 00000000000..4400b9f33b0 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/articles/chrome-sandbox-diagnostics-for-windows/index.md @@ -0,0 +1,244 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/articles + - Articles +page_name: chrome-sandbox-diagnostics-for-windows +title: chrome://sandbox Diagnostics for Windows +--- + +## You are adequately sandboxed + +February 2020 + +The latest Chrome stable release for Windows, [Chrome +80](https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html) +(early February 2020) provides detailed debugging information on how Chromium’s +processes are sandboxed. You can access this by typing chrome://sandbox into the +url-bar (Omnibox). The output is mainly of interest to Chromium developers but, +along with chrome://conflicts, could be helpful when troubleshooting +incompatibility between misbehaving software and the sandbox. This post will +outline how the sandbox works on Windows and the information that is displayed. + +Chrome, and all web browsers, have a difficult job. Users visit sites that store +sensitive information, serve complex data formats and run JavaScript code. Users +visit more than one site in each browsing session, and each site might include +components from a range of third parties. Chromium has to protect itself from +malicious sites, and protect each site’s data from being accessed by other +sites. Chromium developers mainly achieve this by writing secure code, testing, +and fuzzing. However, Chrome has a JavaScript engine and parsers for complex +data formats written in C/C++ for performance, which may have bugs that a +malicious attacker can exploit to run arbitrary code. This, in turn, could allow +an attacker to do anything Chrome can, such as accessing a user’s files, or +calling Windows APIs, which may themselves have exploitable bugs. To provide a +secondary layer of defense Chrome restricts what it can do by containing sites +and services in sandboxed processes. + +Chrome uses a [multi-process +architecture](https://www.google.com/googlebooks/chrome/small_04.html) for +security and stability. This way, a bug or a crash in the process running one +site will not bring down other sites, and data in one process can be made +inaccessible to other processes. Chrome calls the processes running sites +renderers and its main coordinating process the browser. The browser is +supported by network, audio and gpu processes, and uses short-lived data-decoder +and utility processes to parse and verify complex data formats. The goal of the +[sandbox](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox.md) +is to allow these processes the level of access to the operating system they +need to do their jobs, and nothing more. Below, we’ll use the output of +chrome://sandbox to show some of these restrictions. + +## chrome://sandbox + +First you’ll see a table of active processes (excluding the browser process, as +that is not sandboxed) and some summary information:- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Process Type Name Sandbox Integrity Mitigations
42152 GPU GPU Limited S-1-16-4096 Low 01111001010110000000000000010000
28388 Utility Network Service Not Sandboxed
43376 Utility V8 Proxy Resolver Lockdown S-1-16-0 Untrusted 01111001010110000000000000010000
4880 Utility Audio Service Restricted Non Admin S-1-16-4096 Low 01111011010110000000000000010000
13892 Native Client module https://earth.google.com/static/9.3.100.2/earthnacl_pexe.nmf Lockdown S-1-16-0 Untrusted 01111001010110000000000000010000
25980 Renderer Lockdown S-1-16-0 Untrusted 01111001110110000000000000010000
35952 Renderer Lockdown S-1-16-0 Untrusted 01111001110110000000000000010000
+ +Followed by a raw dump of every process’s detailed sandbox configuration in +JSON, which we’ll look at later. + +Depending on how many tabs you have open, and which plugins or extensions you’re +running, you’ll see something similar. First you’ll see the various utility and +plugin host processes, followed by a long list of renderer processes which host +sites. Utility processes have different sandbox configurations, while every +renderer process has the same sandbox configuration. For information on which +renderer process hosts which site, see the Task Manager (Shift+Esc). + +[Sandbox +Type](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox.md) +ranges from ‘No Sandbox’ (the most permissive), via ‘Limited’ and ‘Restricted’ +to ‘Lockdown’ (the least permissive). The main browser process runs without a +sandbox, and some supporting processes might do so, especially if the services +they contain have only recently been moved out of the browser process. Our goal +is to gradually tighten these sandboxes. Renderers are locked down so that they +have only very limited access to the operating system, file system and other +objects. + +Sandboxing is mainly achieved by dropping privileges and applying operating +system mitigations. Privileges are controlled by [restricting the +token](https://docs.microsoft.com/en-us/windows/win32/secauthz/restricted-tokens) +and [Integrity +Level](https://docs.microsoft.com/en-us/windows/win32/secauthz/mandatory-integrity-control) +of a sandboxed process. Most things a process can interact with on Windows, like +desktops, files, and pipes are [securable +objects](https://docs.microsoft.com/en-us/windows/win32/secauthz/securable-objects). +Windows checks a process’s token against access control lists before allowing a +process to access or modify an object. Chrome’s browser process starts running +with the same token as the user that launched it, which, for instance, can +access all the user’s files. Renderers shed every privilege possible and limit +their token to only the S-1-16-0 Untrusted integrity level significantly +reducing the number of objects they can interact with. Services such as the GPU +process, which interacts with the Windows graphics system, may need more access +so run at higher integrity levels. + +The final column of the table shows the operating system mitigations which are +applied to the process. This will vary based on the version and architecture of +Windows that you are using. On the latest iteration of Windows 10 renderer +processes will have:- + +01111001110110000000000000010000 + +This is a hex representation of the [Windows process mitigation +options](https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-getprocessmitigationpolicy). +You can decode this [using the attached +decoder](https://docs.google.com/a/chromium.org/viewer?a=v&pid=sites&srcid=Y2hyb21pdW0ub3JnfGRldnxneDo3MDg0MDMzODNjODgzMDMy), +which will show that the following process mitigations are enabled: +HEAP_TERMINATE, BOTTOM_UP_ASLR, STRICT_HANDLE_CHECKS, +WIN32K_SYSTEM_CALL_DISABLE, EXTENSION_POINT_DISABLE, +BLOCK_NON_MICROSOFT_BINARIES, FONT_DISABLE, IMAGE_LOAD_NO_REMOTE, +IMAGE_LOAD_NO_LOW_LABEL and RESTRICT_INDIRECT_BRANCH_PREDICTION. + +Other processes are similar (or not sandboxed). The audio process also has +PROHIBIT_DYNAMIC_CODE enabled but, along with the data decoder and other utility +processes, is missing WIN32K_SYSTEM_CALL_DISABLE. Dynamic code is required in +the renderer as this is used by v8 to compile JavaScript to native code. If you +have a PDF open you will see that its process does not require dynamic code. +While PDFs can include JavaScript it is run in interpreted mode. + +On Windows 7 in 32-bit mode the story is quite different. The mitigations are +0000000000000005 which corresponds to only DEP_ENABLE and SEHOP_ENABLE. These +are not even indicated on 64-bit Windows 10 as they are always enabled there. +This reduced set of mitigations means that a renderer compromise on Windows 7 is +much more serious than on Windows 10. More of the operating system can be +reached from a compromised process, allowing a malicious site more avenues to +access data outside of their own site’s process. This is why we encourage our +users to run the latest version of Windows so that they can benefit from the +latest security technologies. + +Below the summary table you’ll see JSON showing more detailed output for the +same processes: + +"NtCreateFile": \[ + +"!(p\[1\] & 1) && !(prefix(p\[0\], '\\\\??\\\\')) -> askBroker", + +"!(p\[1\] & 1) && scan(p\[0\], '~') -> askBroker", + +"!(p\[2\] & 5fedff56) && p\[3\] == 1 && exact_i(p\[0\], +'\\\\??\\\\C:\\\\Windows\\\\Fonts') -> askBroker", + +"!(p\[2\] & 5fedff56) && p\[3\] == 1 && prefix_i(p\[0\], +'\\\\??\\\\C:\\\\Windows\\\\Fonts\\\\') -> askBroker", + +"prefix_i(p\[0\], '\\\\??\\\\pipe\\\\chrome.') -> askBroker" + +\], + +The desiredMitigations field is defined by Chromium and shows which mitigations +and options we would set if they were supported by the operating system. These +map closely to the platform mitigations and can be decoded using the same tool. +There are also a set of policy rules which are used when system calls are +intercepted in a child process. The WIN32K_SYSTEM_CALL_DISABLE mitigation, and +the reduced token of the child process, prevents renderers from calling various +functions or from opening files or pipes they may need to do their job. The +sandbox intercepts these functions as the child process starts and uses an IPC +mechanism to forward calls that match a policy rule to the browser. These rules +are evaluated again in the browser and, if allowed, the call is made and the +results passed back into the renderer for it to use. The rule above allows +renderer processes to read system fonts and connect to pipes matching +\\??\\pipe\\chrome.\*. Any other attempts to open files are blocked. The first +two rules are special and apply only in the renderer but are skipped in the +browser process. This is because short names must be normalised before being +tested, and this must occur in the browser process. + +New sandbox rules and policies are introduced to the Canary, Beta and Dev +channels of Chrome before being enabled on the Stable channel so the output of +chrome://sandbox might be different depending on which channel you are running. +Rarely, other software may be incompatible with the sandbox, and you may see +advice to run with the ‘--no-sandbox’ flag or to use Windows 7 compatibility +mode. We do not encourage this as it will significantly reduce your security, +and may prevent Chromium from working properly. Instead we encourage you to +search the [Chrome community support +forum](https://support.google.com/chrome/community?hl=en) and to report problems +to your suppliers. We encourage software vendors and enterprises to test their +applications and sites with Chrome’s Beta and Dev channels to uncover +incompatibilities before they might affect their products or business. The +output of chrome://sandbox, in combination with chrome://conflicts, might help +when diagnosing incompatibilities or failures and might be useful when added to +any bug reports. The output of these special pages contains system information +which may include sensitive data such as usernames so we advise you to be +careful if sharing it. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/diag4.png.sha1 b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/diag4.png.sha1 new file mode 100644 index 00000000000..bc8d7af551a --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/diag4.png.sha1 @@ -0,0 +1 @@ +4f91b27b6833783d436f298c467d8fd2c6c91aca \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram1.png.sha1 b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram1.png.sha1 new file mode 100644 index 00000000000..fb1487219f2 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram1.png.sha1 @@ -0,0 +1 @@ +adcc2b846e021cfdae91edd65676b531d12b61bf \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram2.png.sha1 b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram2.png.sha1 new file mode 100644 index 00000000000..6c9a818f149 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram2.png.sha1 @@ -0,0 +1 @@ +5c7a1d30190ca217feb9984709d518192fa1e9c5 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram3.png.sha1 b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram3.png.sha1 new file mode 100644 index 00000000000..58829b3ac71 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram3.png.sha1 @@ -0,0 +1 @@ +fb47aa118192c4e85332b6da4047e4630157f438 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/index.md b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/index.md new file mode 100644 index 00000000000..d82347bf30b --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/articles/gwp-asan/index.md @@ -0,0 +1,431 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/articles + - Articles +page_name: gwp-asan +title: 'GWP-ASan: Sampling heap memory error detection in-the-wild' +--- + +By Vlad Tsyrklevich, Dynamic Tools Teams — November 2019 + +Memory safety errors, like use-after-frees and out-of-bounds reads/writes, are a +leading source of vulnerabilities in C/C++ applications. Despite investments in +preventing and detecting these errors in Chrome, over 60% of high severity +vulnerabilities in Chrome are memory safety errors. Some memory safety errors +don’t lead to security vulnerabilities but simply cause crashes and instability. + +Chrome uses state-of-the-art techniques to prevent these errors, including: + + [Coverage-guided](https://llvm.org/docs/LibFuzzer.html) + [fuzzing](https://en.wikipedia.org/wiki/American_fuzzy_lop_(fuzzer)) with + [AddressSanitizer](https://clang.llvm.org/docs/AddressSanitizer.html) (ASan) + + Unit and integration testing with ASan + + Defensive programming, like custom libraries to perform safe math or provide + bounds checked containers + + Mandatory code review + +Chrome also makes use of sandboxing and exploit mitigations to complicate +exploitation of memory errors that go undetected by the methods above. + +AddressSanitizer is a compiler instrumentation that finds memory errors +occurring on the heap, stack, or in globals. ASan is highly effective and one of +the lowest overhead instrumentations available that detects the errors that it +does; however, it still incurs an average 2-3x performance and memory overhead. +This makes it suitable for use with unit tests or fuzzing, but not deployment to +end users. Chrome used to deploy [SyzyASAN instrumented +binaries](https://blog.chromium.org/2013/05/testing-chromium-syzyasan-lightweight.html) +to detect memory errors. SyzyASAN had a similar overhead so it was only deployed +to a small subset of users on the canary channel. It was discontinued after the +Windows toolchain switched to LLVM. + +GWP-ASan, also known by its recursive backronym, GWP-ASan Will Provide +Allocation Sanity, is a sampling allocation tool designed to detect heap memory +errors occurring in production with negligible overhead. Because of its +negligible overhead we can deploy GWP-ASan to the entire Chrome user base to +find memory errors happening in the real world that are not caught by fuzzing or +testing with ASan. Unlike ASan, GWP-ASan can not find memory errors on the stack +or in globals. + +GWP-ASan is currently enabled for all Windows and macOS users for allocations +made using malloc() and PartitionAlloc. It is only enabled for a small fraction +of allocations and processes to reduce performance and memory overhead to a +negligible amount. At the time of writing it has found [over sixty +bugs](https://bugs.chromium.org/p/chromium/issues/list?q=Hotlist%3DGWP-ASan&can=1) +(many are still restricted view). About 90% of the issues GWP-ASan has found are +use-after-frees. The remaining are out-of-bounds reads and writes. + +Design + +Overview + +GWP-ASan is conceptually similar to +[ElectricFence](https://en.wikipedia.org/wiki/Electric_Fence) or +[PageHeap](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/gflags-and-pageheap). +GWP-ASan installs an allocator instrumentation that samples allocations to a +debug allocator that places allocations on their own page, buttressed on both +sides by guard pages. New allocations are randomly either left- or right-aligned +within the page so that accessing the allocation below or above its bounds +causes a crash. When the allocation is freed, the page is unmapped so that a +use-after-free also immediately crashes. The allocator limits itself to a fixed +amount of memory to control memory overhead and samples allocation to the debug +allocator to reduce its high performance overhead. + +Use-after-frees and out-of-bounds accesses are often hard to debug because they +corrupt unrelated memory which can lead to crashes in unrelated code. GWP-ASan +simplifies debugging by causing a crash immediately at the site of the invalid +memory access. Furthermore, when a crash occurs a special crash handler hook +reports additional information, like allocation and deallocation stack traces, +to aid debugging. This metadata is similar to what AddressSanitizer provides and +has been shown to be very useful in identifying and fixing memory errors. + +GWP-ASan is a heap-only instrumentation so it does not find memory errors on the +stack or in globals that AddressSanitizer would; however, it can find some +memory errors that ASan would not. ASan works by instrumenting memory accesses +during compilation and makes use of ‘interceptors’ to detect misuse of common +library functions. Because GWP-ASan uses native memory management to detect +memory errors it doesn’t require interceptors to detect invalid memory use in +system libraries. This means it can identify API misuse for uncommon APIs that +don’t have interceptors, or even detect memory errors that occur due to bugs in +system libraries—something ASan can’t do without recompiling those potentially +proprietary libraries. + +GWP-ASan is only as effective as the number of allocation call sites it +instruments. For an internal Chrome allocator like PartitionAlloc it is possible +to intercept all uses; however, for malloc/free we may only be able to +instrument a subset of allocations. For example, on Windows we instrument malloc +and free by overriding the symbols for modules we build linked against //base, +so some DLLs shipped with Chrome—let alone Windows system code—may not be +instrumented. On macOS however the system allocator allows adding global hooks +meaning we can +([and](https://bugs.chromium.org/p/chromium/issues/list?q=Hotlist%3DGWP-ASan%20Component%3DInternals%3EPlatformIntegration&can=1) +[do](https://support.apple.com/en-us/HT210634)) detect memory errors from +allocations originating in code we don’t control, like Apple system libraries. + +Allocator + +The GWP-ASan allocator reserves a fixed range of memory at initialization that +it uses to service allocations to limit memory overhead. The memory range +consists of pages intended to be used to return allocations, called slots, +buttressed by guard pages as shown below. + +[image](/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram1.png) + +Allocations are randomly left- or right-aligned to help detect both underflows +and overflows. Like a traditional allocator, the GWP-ASan allocator always +suitably aligns allocations for any object of that size. This means that +right-aligned allocations are not always directly adjacent to the following +guard page, so small out-of-bounds accesses may go undetected. + +[image](/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram2.png) + +An array of allocation metadata is also maintained on the side to store stack +traces and other metadata for individual slots. + +The allocator has three primary tunable parameters: MaxSimultaneousAllocations, +MaxMetadata, and ReservedSlots. MaxSimultaneousAllocations controls the maximum +number of allocations that can be simultaneously allocated. + +Once every usable slot has been allocated and deallocated, they are reused to +service new allocations. When a use-after-free occurs the use may not occur +immediately after deallocation. If the slot has been reallocated then the +use-after-free will not behave as expected. If the slot is still allocated then +the use won’t crash, but if it is deallocated then it will cause a crash but the +metadata for the slot will have the wrong allocation/deallocation stack traces. + +Like ASan, GWP-ASan also makes use of a quarantine to help improve +use-after-free detection. ReservedSlots is always greater than or equal to +MaxSimultaneousAllocations and controls the number of slots we allocated virtual +memory for. If ReservedSlots > MaxSimultaneousAllocations, then not all slots +can be simultaneously allocated. If slots are allocated in a round-robin fashion +then a slot will not be re-used until at least (ReservedSlots - +MaxSimultaneousAllocations) allocations have taken place, forming a rudimentary +quarantine. This delays the amount of time until a slot is re-used, improving +use-after-free detection at the expense of using more memory. The allocator +consumes more virtual memory for the additional quarantine slots and more +physical memory storing allocation metadata about those quarantine slots. Each +slot’s metadata consumes about 400 bytes, primarily to store compressed +allocation/deallocation stack traces, compared to 4 kilobytes for every +allocation. As a result, setting ReservedSlots to be slightly greater than +MaxSimultaneousAllocations doesn’t significantly increase the amount of memory +used. + +The rudimentary quarantine described above is sufficient to delay slot re-use to +accurately detect use-after-frees occurring shortly after deallocation; however, +use-after-frees that occur long after deallocation are likely to access slots +that have already been reallocated. This can lead to long-lived use-after-frees +causing reports with numerous different stack traces for unrelated allocations +and deallocations, making it difficult to identify the real +allocation/deallocation call sites. This could be improved by making +ReservedSlots orders of magnitude larger than MaxSimultaneousAllocations; +however, the amount of additional allocation metadata that this would require +allocating would significantly increase GWP-ASan’s memory profile. + +To address this, GWP-ASan makes use of a third MaxMetadata parameter to limit +the number of slots for which we store metadata. We tune the allocator such that +ReservedSlots >= MaxMetadata >= MaxSimultaneousAllocations. GWP-ASan keeps +metadata for all currently allocated slots as well as some previously +deallocated slots. Because we discard metadata for some deallocated slots, we +can not always report allocation metadata if those slots are accessed because of +a use-after-free. By setting ReservedSlots to be an order of magnitude or more +greater than MaxMetadata and MaxSimultaneousAllocations, we make the quarantine +so large that many allocations have to occur before a slot is reused. This +ensures that even long-lived use-after-frees are not likely to be reallocated +before they’re accessed. If no metadata for the slot is available, then a useful +report can’t be sent; however, we eliminate many false reports. Short-lived +use-after-frees are still likely to be accessed before the metadata for the slot +is eliminated. Using random eviction to purge old metadata entries allows +metadata for old allocations to sometimes survive long enough to be reported for +long-lived use-after-frees. + +[image](/Home/chromium-security/articles/gwp-asan/diag4.png) + +The debug allocator currently only services allocations less than or equal to a +single page in size. This is not a fundamental limitation in the design--it’s +possible to service larger allocations by increasing the size of a slot to be +multiple pages. It simply hasn’t been addressed yet because allocations larger +than a page are relatively rare. + +Unactionable crash reports can occur when a pointer is corrupted and the +overwritten value happens to accidentally point to a guard page or deallocated +slot in the GWP-ASan region. When such a wild pointer is accessed, it causes a +GWP-ASan report to be sent but it’s not actionable because the crash is caused +by an unrelated bug that corrupted the pointer value to point to an unrelated +allocation. In practice, such unactionable reports tend to occur on 32-bit +devices because the address space is smaller and the probability of a wild +pointer access touching the GWP-ASan region is much higher. GWP-ASan was +disabled for 32-bit desktop builds in order to eliminate these unactionable +reports. The allocator also explicitly maps the GWP-ASan memory region in high +memory locations to avoid the operating system choosing to place GWP-ASan region +in the bottom 32-bits of memory on 64-bit devices. + +Allocator Hooks + +GWP-ASan instruments an allocator’s allocation and deallocation routines. The +allocation instrumentation performs sampling to only route a fraction of +allocation requests to the debug allocator. The deallocation instrumentation +determines if the given allocation was allocated by the debug allocator and +routes the request to the debug allocator if so. Determining if an allocation +was returned by GWP-ASan is as simple as checking that the address is in +GWP-ASan’s fixed memory region and matching the address to the slot’s allocation +metadata. + +Production allocators are normally highly optimized so adding additional +instrumentation to the allocation/deallocation hot paths can easily introduce +significant performance regressions. While the debug allocator’s overhead can be +reduced to an arbitrary amount by adjusting the sampling probability, the +overhead of the instrumentation itself introduces a constant overhead. Some +allocation-heavy microbenchmarks regressed up to 5% when introducing allocator +instrumentation no matter how low the sampling probability was made. + +The instrumentation regression stems from the allocator hot-paths being very +performance sensitive and that instrumenting those hot-paths in Chrome requires +introducing a costly indirect call. GWP-ASan uses process sampling, only +enabling instrumentation for a fraction of processes, to reduce the +instrumentation overhead. This allows reducing the instrumentation overhead +arbitrarily and using more memory per-enabled process. + +Crash Handler + +Chrome is migrating to using crashpad for crash handling. Unlike its predecessor +breakpad, crashpad works almost entirely out-of-process. GWP-ASan registers a +hook in the crashpad process to inspect crashing processes in order to determine +if the crashes are related to GWP-ASan. On initialization, GWP-ASan saves the +address of the internal allocator object in a crashpad annotation so that the +crash handler can access it in the event of a crash. If the crashpad hook finds +this annotation, it reads the GWP-ASan allocator information to determine if the +crash occurred due to an access to a GWP-ASan allocation. If so, it attaches +[metadata](https://chromium.googlesource.com/chromium/src/+/refs/tags/79.0.3924.1/components/gwp_asan/crash_handler/crash.proto) +for the associated allocation to the crash report. + +# Tuning + +Chrome uses a multi-process model with different types of processes with varying +lifetimes and allocator demands. For example, there is a single browser process +for the entire lifetime of a given browser window while many renderer processes +can be launched and destroyed in a single tab. A browser process could be active +for weeks and make tens of billions of allocations while other processes may +live for milliseconds and make thousands of allocations. Accommodating both +types of processes is tricky because there is a tension between GWP-ASan +regularly sampling allocations and exhausting its fixed supply of memory. + +GWP-ASan exhausts its memory when all MaxSimultaneousAllocations slots are taken +and new allocations can’t be serviced. This can occur when all of the +allocations are long-lived, e.g. freed long after allocation or never freed at +all. If GWP-ASan runs out of allocations early in a process’ lifetime then the +majority of the process’ allocations go unsampled. + +In order to better understand allocation behavior we analyze heap traces for +different runs of Chromium. The following trace comes from opening a browser, +playing a YouTube video for ten seconds, and then closing the browser. The +following visualization shows allocation lifetimes for malloc() allocations in +the GPU process. + +image + +Every vertical bar represents two thousand allocations subdivided into different +allocation lifetimes. The horizontal axis is the process lifetime. This process +makes approximately 250,000 allocations. Most allocations are freed within 25 +milliseconds, and only 4% of allocations are never freed during the process’ +lifetime. + +The following graph is for allocations made using PartitionAlloc in the YouTube +renderer process: + +image + +This process makes about 1.1 million allocations and about 7% go unfreed. In +both examples, unfreed allocations cluster at the beginning of the process’ +lifetime. Because of the difference in number of total and long-lived +allocations, the renderer process may exhaust GWP-ASan allocations early with +the same parameters that would sample the GPU process without exhaustion. + +Long lifetime allocations can also lead to temporary allocator exhaustion, for +example if the allocations are not freed until right before process destruction. +Modeling simulated runs with different GWP-ASan configurations over different +heap traces best illustrates what allocator behavior can occur in practice. The +following is a simulated run for the renderer trace above with sampling +probability 1/1000 and 16 simultaneous allocations: + +image + +The bars represent allocation lifetimes, with the vertical axis being time. In +the simulation above GWP-ASan runs out of allocations for most of the process +lifetime with occasional bursts of sampling as long-lived allocations are freed +and re-used until they are replaced by new long-lived allocations. + +To avoid allocator exhaustion, the allocator must use more memory per process or +reduce the sampling probability. The following is a simulation run with sampling +probability 1/8000 and 64 simultaneous allocations: + +image + +In this simulation GWP-ASan is able to evenly sample the entire process’ +lifetime despite the presence of long-lived and unfreed allocations. Some runs +may still be unlucky and run out of allocations early, but it’s far less common. + +In practice, because of process sampling we can allocate more memory per enabled +process. GWP-ASan’s production settings only sample a small fraction of +processes, so it’s safe to allocate more memory for every enabled process. + +Instead of uniformly reducing the sampling probability for all processes, +GWP-ASan picks a sampling probability from a range of probabilities at +initialization. The sampling probability may sometimes be more frequent (and +lead to early allocator exhaustion), or less frequent (and lead to fewer +detected errors), than optimal. However, it allows accommodating different +allocation behavior in different processes. + +# Results + +The Chrome project makes extensive use of ASan in unit tests and during fuzzing +with [ClusterFuzz](https://google.github.io/clusterfuzz/) to detect memory +errors early. As a result, the bugs GWP-ASan finds tend to be where our current +fuzzing and test infrastructure don't sufficiently test the underlying error +conditions. Unit and integration tests typically tend to only test expected +success and failure conditions. Fuzzers test a wider variety of inputs, but +coverage isn’t universal. Furthermore, fuzzing is well suited for testing +specific narrowly-scoped components like parsers and other input processors, but +not all memory safety errors in Chrome fit that description. + +Some of the types of bugs that GWP-ASan has been successful in finding include: + + Race conditions. These may manifest as races between two threads freeing an + allocation and using it, or an event firing at an inopportune time such that + an allocation used by the parent event loop is freed by the event. + ClusterFuzz may not be able to exercise the correct conditions to trigger + the race or may not reproduce the racy crash reliably enough to satisfy a + heuristic to avoid reporting false positives. + + Chrome- or OS-specific configuration bugs. Some bugs may only manifest in + configurations that are not exercised by Chrome’s testing and fuzzing + infrastructure. + + Bugs in UI code. Unit tests and fuzzers tend not to exercise UI code. UI + code is also susceptible to lifetime and bounds-related errors though they + are more likely to be stability issues instead of security issues. + +One example issue is [this](https://crbug.com/977341) bug in Skia. The +underlying memory error is a racy use-after-free where two threads +near-simultaneously free and access an allocation. This bug had been causing +crashes on macOS for a while, but it was difficult to spot the issue because the +crashes occurred in different places depending on which underlying allocation +was corrupted. With GWP-ASan it was immediately clear where the error occurred, +but both threads freeing and accessing the allocation were doing so after +locking the same mutex so it should have been impossible. With the use and +deallocation stack traces proving that this was occurring despite the mutex, it +was easy to track the bug down to the Skia mutex class. The macOS implementation +did not account for spurious wake-ups and could violate mutual exclusion. +Without the information provided by GWP-ASan, it would be difficult to debug +such an issue. + +As GWP-ASan was progressively rolled out to wider audiences, it detected rarer +and rarer bugs. Frequently occurring bugs may be detected within hours of a new +canary release while some rarely-occurring bugs have only been detected in the +stable population once so far. It’s possible to find these rare errors because +GWP-ASan is deployed widely and designed to minimize unactionable reports, but +there are likely to be rare errors that we don’t catch because increasing +sampling to detect them would require unacceptable memory and performance +overhead. The [ARM Memory Tagging +Extension](https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/enhancing-memory-safety) +and similar hardware-assisted memory tagging schemes would allow implementing a +[similar error +detector](https://github.com/google/sanitizers/blob/master/hwaddress-sanitizer/login_summer19_03_serebryany.pdf) +with much lower memory and performance overhead and a much higher probability of +detecting errors. Such memory tagging schemes also allow detecting stack bounds +and use-after-return errors and may even be useful as exploit mitigations. + +# Future Improvements + +GWP-ASan has a high memory overhead per allocation. Every allocation is stored +on its own page but Chrome’s median allocation size is only 32 bytes. It’s +possible to place multiple allocations on a single physical page and maintain +the ability to detect use-after-frees using a special virtual memory +configuration. The approach reduces GWP-ASan’s memory overhead at the cost of +reducing out-of-bounds error detection. + +Placing multiple allocations on the same virtual memory page would reduce +use-after-free detection because the page could not be unmapped until all of the +allocations on the page were deallocated. If a single allocation on that page +were to never be freed then use-after-free detection would be completely lost. + +It is possible to use the operating system’s shared memory facilities to work +around this constraint. It is possible to map shared memory multiple times in +the same process. This allows multiple virtual memory pages to point to the same +backing physical page. Multiple allocations can be placed on the same backing +physical page but every allocation can be given it’s own unique slot/virtual +page. This way, once an allocation is freed, the slot can be unmapped to detect +use-after-frees without interfering with the other allocations. Only a fraction +of allocations will be able to be left- or right-aligned within the page so +out-of-bounds errors detection would suffer with this scheme; however, in +practice use-after-free exceptions are much more common. + +[image](/Home/chromium-security/articles/gwp-asan/gwp-asan-diagram3.png) + +This approach allows significantly increasing memory density and therefore the +number of simultaneous allocations. It’s conceivable that the memory overhead of +allocation metadata like stack traces would come to dominate GWP-ASan’s memory +usage instead of the wasted page overhead. + +Increasing the number of simultaneous allocations helps prevent allocator +exhaustion. Mobile platforms especially tend to be much more memory constrained +so deploying GWP-ASan in those environments may necessitate use of this +approach. + +Thanks to Matthew Denton, Adrian Taylor, Chris Palmer, Kostya Serebryany, Matt +Morehouse, and Mitch Phillips for their feedback. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/articles/index.md b/chromium/docs/website/site/Home/chromium-security/articles/index.md new file mode 100644 index 00000000000..b3ac7140303 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/articles/index.md @@ -0,0 +1,18 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: articles +title: Articles +--- + +Technical articles about Chrome Security. + +* [GWP-ASan: Sampling heap memory error detection + in-the-wild](/Home/chromium-security/articles/gwp-asan) — November + 2019 +* [chrome://sandbox - Sandbox Diagnostics for + Windows](/Home/chromium-security/articles/chrome-sandbox-diagnostics-for-windows) + — February 2020 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/binding-integrity/index.md b/chromium/docs/website/site/Home/chromium-security/binding-integrity/index.md new file mode 100644 index 00000000000..2982982a2eb --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/binding-integrity/index.md @@ -0,0 +1,90 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: binding-integrity +title: Binding Integrity +--- + +Binding Integrity Project + +Motivation + +One of the reasons that browsers are easier to compromise than other kinds of +client software is that they provide scripting capabilities to a potential +attacker. As such, many of the exploits we’ve seen begin with a JavaScript +program obtaining and manipulating a freed block of C++ memory. Although the +Chrome sandboxing architecture provides excellent protection in this situation, +we’d like to prevent JavaScript from getting freed blocks of memory in the first +place, so as to make the full exploitation of Chrome even harder than it already +is. + +Approach + +At the time a C++ object is created, we know the corresponding V8 type with +which it will be later wrapped for use by V8. We devise an unguessable (by the +attacker) representation for each type and put it into the C++ object when it is +constructed. We similarly zero out this information at destruction time. + +At the time of a method callback into the C++ object, V8 happens to know the +type that is expected to be associated with it. It can then determine what type +representation should have been set into the block of memory at creation time, +and check that it is still valid. Free blocks will have zeros (or will have been +clobbered by heap freelists), and will fail the check. Mis-typed blocks will +have different values, and will fail the check. Blocks crafted by the attacker +won’t have valid values because the type information representation is +unguessable, and will fail the check. At this point the renderer can shoot +itself, rather than proceeding into C++ with corrupted memory. + +But these method invocation calls are very hot code paths, and we don’t want to +introduce the overhead of another test and branch here. + +As it turns out, the V8 wrapper objects contain reference pointers back to the +blocks of C++ memory, and these do a good job of keeping the memory alive. Once +wrapped, a block is unlikely to be freed. Hence, most of the cases involve +wrapping a block that is already free, and we get nearly the full benefit by +doing the check at wrapper creation time only, where performance is not +important. + +Implementation + +It is important that we do not bloat the size of the objects in order to hold +this type representation. + +Many (but not all) objects wrapped by V8 inherit somewhere from a class called +ScriptWrappable, which is a single pointer wide. It holds a pointer to the C++ +object’s wrapper when it is wrapped, or NULL otherwise. We can re-use the slot +that holds the the wrapper pointer (which would otherwise be NULL for an +unwrapped object) to hold the type information, because we only need the type +information for unwrapped objects. Masking in a 1 in the bottom bit (otherwise +unused due to aligned pointers) allows us to distinguish between the two cases. + +Hence, for objects that are to be checked in this manner, they must inherit +somewhere from the ScriptWrappable class (which need not be a common base +class). + +This implies that all objects that inherit from ScriptWrappable and have their +own .idl files will have to call + +ScriptWrappable::init(this); + +as part of their constructors. Passing “this” is necessary to select between N +overloaded versions of ScriptWrappable::init() based upon the type of the +object. + +The implementations of the N overloaded versions of ScriptWrappable::init() are +automatically generated by the .idl compiler (CodeGeneratorV8.pm at present) +from the .idl files. The .idl files need not specify which objects are +scriptwrappable, as the compiler can deduce this from type inheritance via +partially specialized template tricks. + +The unguessable nature of the type representation is achieved by relying on ASLR +to randomize the address of a per-type instance of an existing V8 data structure +called WrapperTypeInfo. The address of the WrapperTypeInfo structure for a given +type thus already provides what is required here. + +Note that ScriptWrappable was originally invented to provide a performance +improvement. One additional benefit of this change is that making more objects +ScriptWrappable makes chrome faster. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/boringssl/contributing/index.md b/chromium/docs/website/site/Home/chromium-security/boringssl/contributing/index.md new file mode 100644 index 00000000000..2749000269f --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/boringssl/contributing/index.md @@ -0,0 +1,84 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/boringssl + - BoringSSL +page_name: contributing +title: Contributing to BoringSSL +--- + +## Location of the code + +The [BoringSSL](/Home/chromium-security/boringssl) code lives at +. + +It is mapped into the Chromium tree via +[src/DEPS](https://chromium.googlesource.com/chromium/src/+/HEAD/DEPS) to +[src/third_party/boringssl](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/boringssl/&sq=package:chromium) + +## Filing bugs + +Bugs are filed under the [BoringSSL issue +tracker](https://bugs.chromium.org/p/boringssl/issues/list). + +## Building + +Refer to +[BUILDING.md](https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md) +for the canonical build instructions. Assuming those haven't changed, set things +up to build through ninja by executing: + +```none +cd src/third_party/boringssl/src +cmake -GNinja -B build +ninja -C build +``` + +Once the ninja files are generated you can re-build from other directories +using: + +```none +ninja -C +``` + +## Running the tests + +See +[instructions](https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md#Running-tests) +in BUILDING.md to run the tests. From a Chromium checkout, this incantation may +be used: + +```none +cd src/third_party/boringssl/src +ninja -C build run_tests +``` + +## Uploading changes for review + +See +[CONTRIBUTING.md](https://boringssl.googlesource.com/boringssl/+/HEAD/CONTRIBUTING.md) +in the BoringSSL repository. + +## Rolling DEPS into Chromium + +Because BoringSSL lives in a separate repository, it must be "rolled" into +Chromium to get the updates. + +To roll BoringSSL create a changelist in the Chromium repository that modifies +[src/DEPS](https://chromium.googlesource.com/chromium/src/+/HEAD/DEPS) and +re-generates the gn and asm files: + +* Simple example: (Just + modifies DEPS): +* More complicated example: + (ASM changed and test + added) + +There is a script to automate all these steps: + +```none +python3 third_party/boringssl/roll_boringssl.py +``` diff --git a/chromium/docs/website/site/Home/chromium-security/boringssl/index.md b/chromium/docs/website/site/Home/chromium-security/boringssl/index.md new file mode 100644 index 00000000000..69dec66f60c --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/boringssl/index.md @@ -0,0 +1,38 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: boringssl +title: BoringSSL +--- + +We have used a number of patches on top of OpenSSL for many years. Some of them +have been accepted into the main OpenSSL repository, but many of them don’t mesh +with OpenSSL’s guarantee of API and ABI stability and many of them are a little +too experimental. + +But as Android, Chrome and other products have started to need some subset of +these patches, things have grown very complex. The effort involved in keeping +all these patches (and there are more than 70 at the moment) straight across +multiple code bases is getting to be too much. + +So we’re switching models to one where we import changes from OpenSSL rather +than rebasing on top of them. The +[result](https://boringssl.googlesource.com/boringssl/) (at the time of writing) +is used in Chrome on Android, OS X, and Windows. Over time we hope to use it in +Android and internally too. + +There are no guarantees of API or ABI stability with this code: we are not +aiming to replace OpenSSL as an open-source project. We will still be sending +them bug fixes when we find them and we will be importing changes from upstream. +Also, we will still be funding the Core Infrastructure Initiative and the +OpenBSD Foundation. + +But we’ll also be more able to import changes from LibreSSL and they are welcome +to take changes from us. We have already relicensed some of our prior +contributions to OpenSSL under an ISC license at their request and completely +new code that we write will also be so licensed. + +(Note: the name is aspirational and not yet a promise.) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/brag-sheet/index.md b/chromium/docs/website/site/Home/chromium-security/brag-sheet/index.md new file mode 100644 index 00000000000..3a9fbcfd98c --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/brag-sheet/index.md @@ -0,0 +1,157 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: brag-sheet +title: Security Brag Sheet +--- + +### Our Team and Resources + +* Our team includes some of the best security professionals in the + business. +* We work closely with top researchers like Michal Zalewski (lcamtuf) + and Tavis Ormandy (taviso). +* We contract with experts like iSec Partners and Chris Rohlf for + targeted assessments. +* We dedicate thousands of CPU cores to fuzz projects such as + [WebKit](http://blog.chromium.org/2012/04/fuzzing-for-security.html), + [Adobe + Flash](http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html) + or [Chrome's PDF viewer](http://j00ru.vexillium.org/?p=1175). + +**White Papers** + +* Chrome leads in [white papers from 2 different security + firms](https://www.blog.google/products/chrome-enterprise/2-new-white-papers-examine-enterprise-web-browser-security/). +* Chrome leads in [white paper from respected security firm + Accuvant](http://www.accuvant.com/sites/default/files/AccuvantBrowserSecCompar_FINAL.pdf). +* Chrome leads in response time and reward program effectiveness in + [this independent study from + Berkeley](https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_finifter.pdf). +* Chrome leads in [recommendations from respected German government + organization, the + BSI](https://www.bsi-fuer-buerger.de/SharedDocs/Downloads/DE/BSIFB/Publikationen/BSI-E-CS_001.pdf). + +### Containing Attacks + +* We have an [integrated sandbox](/Home/chromium-security/guts) that + reduces the impact of most common vulnerabilities, and is much + stronger than approaches used by other browsers. +* We have [Site Isolation](/Home/chromium-security/site-isolation) to + protect website data from compromised renderer processes and side + channel attacks like Spectre. +* We have [critical](/developers/severity-guidelines) security + vulnerabilities relatively infrequently compared to other browsers. +* We have [leading sandbox protection for the Adobe Flash + plug-in](http://blog.chromium.org/2012/08/the-road-to-safer-more-stable-and.html). +* We have [unique + techniques](http://blog.chromium.org/2010/06/improving-plug-in-security.html) + for significantly mitigating the security risks posed by plug-ins. +* We have a robust built-in [sandboxed PDF + viewer](http://chrome.blogspot.com/2010/11/pdf-goodness-in-chrome.html) + which has leading security. +* We implement [Strict Transport + Security](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) + and [preloaded public key + pinning](http://www.imperialviolet.org/2011/05/04/pinning.html), + which protected our users against the [fraudulent Diginotar + certificate](https://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/) + for \*.google.com. +* We implement [root CA verification by the underlying operating + system](/Home/chromium-security/root-ca-policy). +* We have leading HTTPS security through features such as [mixed + script + blocking](http://blog.chromium.org/2012/08/ending-mixed-scripting-vulnerabilities.html). + +### Vulnerability Response + +* We are committed to releasing a fix for any + [critical](/developers/severity-guidelines) security vulnerabilities + in [under 60 + days](http://googleonlinesecurity.blogspot.com/2010/07/rebooting-responsible-disclosure-focus.html). +* On average, we release fixes for [high and + critical](/developers/severity-guidelines) severity vulnerabilities + in about 30 days. +* We have a demonstrated ability to get fixes to users [in + under](http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html) + [24 hours](http://twitter.com/VUPEN/status/46391969903161345). +* We ensure updates are deployed in a [timely + manner](http://www.techzoom.net/publications/silent-updates/), and + invest in [new + technologies](/developers/design-documents/software-updates-courgette) + to do so. +* We have a [Vulnerability Rewards + Program](http://www.chromium.org/Home/chromium-security/vulnerability-rewards-program) + to encourage third-party researchers to report vulnerabilities they + discover. +* We work with the security community and have a [Security Hall of + Fame](http://www.chromium.org/Home/chromium-security/hall-of-fame) + to acknowledge third-parties that materially contribute to improving + our security. +* We have the [successful Pwnium + competition](http://chrome.blogspot.com/2012/03/pwnium-great-exploits-fast-patches.html), + with large prizes, to keep us up to date with the latest, most + advanced attacks. + +### Advanced Anti- Phishing and Malware defenses + +* We [warn + you](http://www.google.com/support/chrome/bin/answer.py?answer=99020&hl=en) + when you're about to visit a website we've previously identify as a + malware or phishing site. +* We keep the user better informed against phishing and similar + attacks by [presenting the most relevant + information](http://chrome.blogspot.com/2010/10/understanding-omnibox-for-better.html). +* We implement new, [browser-based security + enhancements](http://blog.chromium.org/2010/01/security-in-depth-new-security-features.html) + to protect you against malicious sites. + +### High profile researchers and publications say nice things about us + +* A [Fortune + article's](http://tech.fortune.cnn.com/2011/03/21/google-fixes-flashs-security-issues-ahead-of-adobe/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortunebrainstormtech+%28Fortune+Brainstorm+Tech%29) + headline subtext: "Google's record on Chrome browser security is + impressive, and that is important." +* An [interview with Dino Dai Zovi and Charlie + Miller](http://www.h-online.com/security/features/Hackers-versus-Apple-1202598.html): + "I recommend that users surf the web with Google Chrome, disable + unnecessary plug-ins, and use site-based plug-in security settings + for the plug-ins that they do need." +* An article noting [Chrome's unique 3-years-in-a-row + survival](http://www.computerworld.com/s/article/9214022/Google_s_Chrome_untouched_at_Pwn2Own_hack_match) + at the Pwn2Own competition: "the browser will have survived three + consecutive Pwn2Owns, a record." +* An article [noting our agility and fast security + updates](http://www.h-online.com/security/news/item/Google-closes-Flash-hole-faster-than-Adobe-1209932.html): + "Google has once again reacted faster than Adobe itself" +* A more mainstream publication [interviews HD + Moore](http://content.usatoday.com/communities/technologylive/post/2011/03/20-grand-not-enough-to-entice-hackers-to-crack-google-chrome/1), + who calls Chrome the toughest browser: "Chrome was likely the most + difficult target due to the extensive sandboxing." +* An [article in the very mainstream Washington + Post](http://www.washingtonpost.com/business/apples-taking-30-percent-of-app-store-subscriptions-is-an-unkind-cut/2011/02/14/ABbMfvH_story.html) + notes that whilst other browsers are starting to chase Chrome's + speed, Chrome is still the choice of the security conscious: "Both + IE 9 and Firefox 4 look like major, welcome advances. But each falls + short of Chrome in one key aspect: security." +* A [TIME + article's](http://techland.time.com/2011/03/14/pwn2own-roundup-apple-fails-google-stays-strong/) + headline includes: "Google Stays Strong" +* An [interesting interview with John Wilandar and Chaouki + Bekrar](http://www.securityvibes.com/community/en/blog/2011/03/25/firefox-4-and-the-state-of-browser-security--the-expert-view) + (VUPEN CEO). The interview is nominally about Firefox 4 but includes + quotes such as "I'd say Chrome's sandboxing model still beats all + the other browsers from an end user perspective.", "At VUPEN, we + measure the security of web browsers not by counting the number of + their vulnerabilities, but by counting the number of days, weeks, or + months that the vendor is taking to fix vulnerabilities affecting + their browsers... Today, Google is fixing Chrome vulnerabilities + much faster than any other vendor – usually one or two security + updates each month. Microsoft, Mozilla, and Apple are are usually + releasing security updates for their browsers every 3 months, which + is too long.", "Relying on third-party auditor through reward and + bounty programs is the most effective way to improve the security of + browsers". \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/bugs/automated-triage/index.md b/chromium/docs/website/site/Home/chromium-security/bugs/automated-triage/index.md new file mode 100644 index 00000000000..620d1e340dc --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/bugs/automated-triage/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/bugs + - Security Bugs-- +page_name: automated-triage +title: automated triage +--- + diff --git a/chromium/docs/website/site/Home/chromium-security/bugs/automatic-filing/index.md b/chromium/docs/website/site/Home/chromium-security/bugs/automatic-filing/index.md new file mode 100644 index 00000000000..23fb7aacc36 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/bugs/automatic-filing/index.md @@ -0,0 +1,20 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/bugs + - Security Bugs-- +page_name: automatic-filing +title: Clusterfuzz automatic bug filing +--- + +**This page is still under construction.** + +ClusterFuzz will file certain issues automatically. Currently, this is only done +for reproducible security bugs for which it does not seem like a similar issue +has been filed already. + +If you have a concern, please file a bug using [this +template](https://bugs.chromium.org/p/chromium/issues/entry?components=Tools%3EStability%3EClusterFuzz). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/bugs/developing-fuzzers-for-clusterfuzz/index.md b/chromium/docs/website/site/Home/chromium-security/bugs/developing-fuzzers-for-clusterfuzz/index.md new file mode 100644 index 00000000000..9fedf893bb3 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/bugs/developing-fuzzers-for-clusterfuzz/index.md @@ -0,0 +1,13 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/bugs + - Security Bugs-- +page_name: developing-fuzzers-for-clusterfuzz +title: Developing Fuzzers for ClusterFuzz +--- + +**[ClusterFuzz documentation has moved](https://google.github.io/clusterfuzz/)** \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/bugs/index.md b/chromium/docs/website/site/Home/chromium-security/bugs/index.md new file mode 100644 index 00000000000..4b2b350ea7e --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/bugs/index.md @@ -0,0 +1,93 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: bugs +title: Security Bugs-- +--- + +Bugs happen. We know this to be as true as other fundamental laws of physics so +long as we have humans writing code to bring new features and improvements to +Chromium. We also know some of these bugs will have security consequences, so we +do a number of things to prevent, identify, and fix Chromium security bugs. + +[TOC] + +## Security fuzzing + +We've build fuzzing infrastructure that automatically and continuously security +["fuzz" test](http://en.wikipedia.org/wiki/Fuzz_testing) Chrome to find new bugs +and help engineers patch and test fixes. +[ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz), as the system is +affectionately named, consists of 12000+ cores and fuzzes hundreds of millions +of test cases each day to produce de-duplicated security bugs with small +reproducible test cases. Since it was built (in 2009), ClusterFuzz has helped us +find and fix [roughly two thousand security bugs in +Chromium](https://code.google.com/p/chromium/issues/list?can=1&q=label%3AClusterFuzz+-status%3AWontFix%2CDuplicate+Type%3DBug-Security+&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +and other third party software. + +## Vulnerability Response and Remediation + +The [security sheriff](/Home/chromium-security/security-sheriff) is a rotating +role that handles all incoming and open security bugs. to all reported security +bugs. We are committed to releasing a fix for any +[critical](/developers/severity-guidelines) security vulnerabilities in [under +60 +days](http://googleonlinesecurity.blogspot.com/2010/07/rebooting-responsible-disclosure-focus.html). + +## Rewarding Vulnerability Research + +We try to reward awesome security research from external folks in a few ways: +[Chromium Vulnerability +Rewards](http://www.chromium.org/Home/chromium-security/vulnerability-rewards-program)is +our ongoing program to reward security bug reports in Chrome and Chrome OS. +**Pwnium** is a contest we run semi-regularly for proof-of-concept Chrome +exploits. Our motivation is simple: we have a big learning opportunity when we +receive full end-to-end exploits. Not only can we fix the bugs, but by studying +the vulnerability and exploit techniques we can enhance our mitigations, +automated testing, and sandboxing. This enables us to better protect our users. + +* [Pwnium + 4](http://blog.chromium.org/2014/01/show-off-your-security-skills.html) + at CanSecWest in March, 2014. + [results](https://docs.google.com/presentation/d/1c90yZXNHs7w8oi7uXveEOCx5-8O_NZIxolEKalscuAQ/view). +* [Pwnium + 3](http://blog.chromium.org/2013/01/show-off-your-security-skills-pwn2own.html) + at CanSecWest in 2013: + [results](http://blog.chromium.org/2013/03/pwnium-3-and-pwn2own-results.html) +* [Pwnium + 2](http://blog.chromium.org/2012/08/announcing-pwnium-2.html) at + Hack in the Box in 2012: + [results](http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html) +* [Pwnium + 1](http://blog.chromium.org/2012/02/pwnium-rewards-for-exploits.html) + at CanSecWest in 2012: results ([Part + 1](http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html), + [Part + 2](http://blog.chromium.org/2012/06/tale-of-two-pwnies-part-2.html)) + +**Pwn2Own** is an independent contest that similarly awards proof-of-concept +exploits. We support these contests with sponsorships. + +* Pwn2Own at CanSecWest 2014: + [results](https://docs.google.com/presentation/d/1c90yZXNHs7w8oi7uXveEOCx5-8O_NZIxolEKalscuAQ/view). +* Pwn2Own at PacSec 2013: [Chrome on Android exploit + writeup](https://docs.google.com/document/d/1tHElG04AJR5OR2Ex-m_Jsmc8S5fAbRB3s4RmTG_PFnw/edit?usp=sharing) +* Pwn2Own at CanSecWest 2013: + [results](http://blog.chromium.org/2013/03/pwnium-3-and-pwn2own-results.html), + MWR labs' write up of their Chrome exploit ([Part + 1](https://labs.mwrinfosecurity.com/blog/2013/04/19/mwr-labs-pwn2own-2013-write-up---webkit-exploit/)) + ([Part + 2](https://labs.mwrinfosecurity.com/blog/2013/09/06/mwr-labs-pwn2own-2013-write-up---kernel-exploit/)) + +## Presentations + +* [Detect bad-casting at runtime with UndefinedBehavior + Sanitizer](https://drive.google.com/file/d/0Bxvv8gduedamTEJCUlN6eERtWUE/view?usp=sharing) + +## Links + +* [Bug Fix Times + Statistics](https://docs.google.com/spreadsheets/d/1XyFE36AZFpbPkhu-fQO_Yu8R_eU_7IvsRWSHWXnX7hI/edit#gid=2094956046) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs/index.md b/chromium/docs/website/site/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs/index.md new file mode 100644 index 00000000000..b9e2ee82a41 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs/index.md @@ -0,0 +1,94 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/bugs + - Security Bugs-- +page_name: reproducing-clusterfuzz-bugs +title: Reproducing ClusterFuzz bugs +--- + +If you've been assigned a ClusterFuzz bug but aren't sure what to do next, +you're in the right place. If you want to help catch more bugs, you should also +read up on [developing new +fuzzers](/Home/chromium-security/bugs/developing-fuzzers-for-clusterfuzz) and +[using ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz). + +Noticed a problem? File a bug using [this +template](https://bugs.chromium.org/p/chromium/issues/entry?components=Tools%3EStability%3EClusterFuzz). + +[TOC] + +## Getting started + +In the best case scenario, downloading the minimized test case and running it in +chrome (or whatever binary you are testing) will be enough to reproduce the +issue. Usually, you will also need to include the command line flags specified +in the report as well. + +When this doesn't work, you can also try downloading the exact build that the +crash was found in via the "build" link in the ClusterFuzz report. If you are +able to reproduce the issue using that, but not in your build, it may be a sign +that you need to enable some kind of memory debugging tool, such as +[AddressSanitizer](/developers/testing/addresssanitizer). The tool that you +should will depend on the type of bug. See the common problems section for more +information. + +More complicated cases, such as test cases with gestures, may require you to use +the ClusterFuzz local reproduction script. There are several quirks about that +bot environment that this script is able to emulate which may also help you +reproduce the crash consistently. Download the "local reproduction config" file +from the report, and pass it as the --config argument to the script. If you +haven't installed the script yet, see the instructions below. Unfortunately, it +is Googler-only at the moment :( + +If you still aren't able to reproduce the issue, you have a few options. For +certain job types such as +[SyzyASan](https://code.google.com/p/syzygy/wiki/SyzyASanBug) ones, a minidump +may also be available. The report itself also includes some information about +what may have gone wrong. If this is enough to work with, you could attempt a +speculative fix. If there is nothing actionable in the report, simply mark it as +WontFix. + +## Common problems + +* Test cases with gestures tend to be very difficult to reproduce. If + you notice that a test case has gestures (look for the "interaction + gestures" section at the top of the report), you should try using + the local reproduction script. +* Some test cases do not reproduce correctly unless served over HTTP. + Look for a "requires" section in the report, or a notification that + the test case requires HTTP on the bug. +* You may not be able to reproduce all issues in a normal chromium + build since ClusterFuzz makes heavy use of various memory debugging + tools. Try using + [AddressSanitizer](/developers/testing/addresssanitizer), + [SyzyASan](https://code.google.com/p/syzygy/wiki/SyzyASanBug), + [MemorySanitizer](/developers/testing/memorysanitizer), + [LeakSanitizer](/developers/testing/leaksanitizer), + [ThreadSanitizer](/developers/testing/threadsanitizer-tsan-v2), + [UndefinedBehaviorSanitizer](/developers/testing/undefinedbehaviorsanitizer), + or whichever tool is being used in the report that has been assigned + to you. +* Sometimes, a crash just isn't reproducible. If a crash is marked as + unreproducible in ClusterFuzz and you're seeing similar results, + don't spend too long re-running it. If the information in the report + isn't enough to work with, don't be afraid to mark the bug as + WontFix. +* Some tools, like the IPC fuzzer, have a more complicated setup + process. In these cases, we try to provide additional help links in + the report itself to documentation which may be useful. + +## Setting up the local reproduction script (Googler only) + +If you weren't able to reproduce the issue using only the minimized test case +and command line arguments from the report, you may want to try using the local +reproduction script. It attempts to mimic the environment on the ClusterFuzz +bots as closely as possible, and will attempt to run the test multiple times in +case it's flaky. + +See +[goto.google.com/clusterfuzz-repro](http://goto.google.com/clusterfuzz-repro) +for setup details. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/bugs/using-clusterfuzz/index.md b/chromium/docs/website/site/Home/chromium-security/bugs/using-clusterfuzz/index.md new file mode 100644 index 00000000000..0174a805c69 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/bugs/using-clusterfuzz/index.md @@ -0,0 +1,13 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/bugs + - Security Bugs-- +page_name: using-clusterfuzz +title: Using ClusterFuzz +--- + +**[ClusterFuzz documentation has moved](https://google.github.io/clusterfuzz/)** \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/certificate-transparency/index.md b/chromium/docs/website/site/Home/chromium-security/certificate-transparency/index.md new file mode 100644 index 00000000000..a8abe8bfdd7 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/certificate-transparency/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: certificate-transparency +title: Certificate Transparency +--- + +This paged has moved to + \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/index.md b/chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/index.md new file mode 100644 index 00000000000..d8e7860906a --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/index.md @@ -0,0 +1,15 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/certificate-transparency + - Certificate Transparency +page_name: log-policy +title: Certificate Transparency Log Policy +--- + +Please see + for +details on the Certificate Transparency Log Policy. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/mmd_monitor_root.crt b/chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/mmd_monitor_root.crt new file mode 100644 index 00000000000..66299dd2bdf --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/certificate-transparency/log-policy/mmd_monitor_root.crt @@ -0,0 +1,34 @@ +-----BEGIN CERTIFICATE----- +MIIFzTCCA7WgAwIBAgIJAJ7TzLHRLKJyMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNV +BAYTAkdCMQ8wDQYDVQQIDAZMb25kb24xFzAVBgNVBAoMDkdvb2dsZSBVSyBMdGQu +MSEwHwYDVQQLDBhDZXJ0aWZpY2F0ZSBUcmFuc3BhcmVuY3kxITAfBgNVBAMMGE1l +cmdlIERlbGF5IE1vbml0b3IgUm9vdDAeFw0xNDA3MTcxMjA1NDNaFw00MTEyMDIx +MjA1NDNaMH0xCzAJBgNVBAYTAkdCMQ8wDQYDVQQIDAZMb25kb24xFzAVBgNVBAoM +Dkdvb2dsZSBVSyBMdGQuMSEwHwYDVQQLDBhDZXJ0aWZpY2F0ZSBUcmFuc3BhcmVu +Y3kxITAfBgNVBAMMGE1lcmdlIERlbGF5IE1vbml0b3IgUm9vdDCCAiIwDQYJKoZI +hvcNAQEBBQADggIPADCCAgoCggIBAKoWHPIgXtgaxWVIPNpCaj2y5Yj9t1ixe5Pq +jWhJXVNKAbpPbNHA/AoSivecBm3FTD9DfgW6J17mHb+cvbKSgYNzgTk5e2GJrnOP +7yubYJpt2OCw0OILJD25NsApzcIiCvLA4aXkqkGgBq9FiVfisReNJxVu8MtxfhbV +QCXZf0PpkW+yQPuF99V5Ri+grHbHYlaEN1C/HM3+t2yMR4hkd2RNXsMjViit9qCc +hIi/pQNt5xeQgVGmtYXyc92ftTMrmvduj7+pHq9DEYFt3ifFxE8v0GzCIE1xR/d7 +prFqKl/KRwAjYUcpU4vuazywcmRxODKuwWFVDrUBkGgCIVIjrMJWStH5i7WTSSTr +VtOD/HWYvkXInZlSgcDvsNIG0pptJaEKSP4jUzI3nFymnoNZn6pnfdIII/XISpYS +Veyl1IcdVMod8HdKoRew9CzW6f2n6KSKU5I8X5QEM1NUTmRLWmVi5c75/CvS/PzO +MyMzXPf+fE2Dwbf4OcR5AZLTupqp8yCTqo7ny+cIBZ1TjcZjzKG4JTMaqDZ1Sg0T +3mO/ZbbiBE3N8EHxoMWpw8OP50z1dtRRwj6qUZ2zLvngOb2EihlMO15BpVZC3Cg9 +29c9Hdl65pUd4YrYnQBQB/rn6IvHo8zot8zElgOg22fHbViijUt3qnRggB40N30M +XkYGwuJbAgMBAAGjUDBOMB0GA1UdDgQWBBTzX3t1SeN4QTlqILZ8a0xcyT1YQTAf +BgNVHSMEGDAWgBTzX3t1SeN4QTlqILZ8a0xcyT1YQTAMBgNVHRMEBTADAQH/MA0G +CSqGSIb3DQEBBQUAA4ICAQB3HP6jRXmpdSDYwkI9aOzQeJH4x/HDi/PNMOqdNje/ +xdNzUy7HZWVYvvSVBkZ1DG/ghcUtn/wJ5m6/orBn3ncnyzgdKyXbWLnCGX/V61Pg +IPQpuGo7HzegenYaZqWz7NeXxGaVo3/y1HxUEmvmvSiioQM1cifGtz9/aJsJtIkn +5umlImenKKEV1Ly7R3Uz3Cjz/Ffac1o+xU+8NpkLF/67fkazJCCMH6dCWgy6SL3A +OB6oKFIVJhw8SD8vptHaDbpJSRBxifMtcop/85XUNDCvO4zkvlB1vPZ9ZmYZQdyL +43NA+PkoKy0qrdaQZZMq1Jdp+Lx/yeX255/zkkILp43jFyd44rZ+TfGEQN1WHlp4 +RMjvoGwOX1uGlfoGkRSgBRj7TBn514VYMbXu687RS4WY2v+kny3PUFv/ZBfYSyjo +NZnU4Dce9kstgv+gaKMQRPcyL+4vZU7DV8nBIfNFilCXKMN/VnNBKtDV52qmtOsV +ghgai+QE09w15x7dg+44gIfWFHxNhvHKys+s4BBN8fSxAMLOsb5NGFHE8x58RAkm +IYWHjyPM6zB5AUPw1b2A0sDtQmCqoxJZfZUKrzyLz8gS2aVujRYN13KklHQ3EKfk +eKBG2KXVBe5rjMN/7Anf1MtXxsTY6O8qIuHZ5QlXhSYzE41yIlPlG6d7AGnTiBIg +eg== +-----END CERTIFICATE----- diff --git a/chromium/docs/website/site/Home/chromium-security/chromium-and-emet/index.md b/chromium/docs/website/site/Home/chromium-security/chromium-and-emet/index.md new file mode 100644 index 00000000000..bae2f403c0a --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/chromium-and-emet/index.md @@ -0,0 +1,143 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: chromium-and-emet +title: Chromium and EMET +--- + +[EMET](http://technet.microsoft.com/en-us/security/jj653751) is a security tool +provided by Microsoft to improve exploit-resistance of software running on +Windows. Enterprises and users can deploy EMET on systems and configure which +applications are protected by it. [EMET then injects code into the selected +processes that adds protection against common exploit +techniques](http://support.microsoft.com/kb/2909257), typically causing the +process to terminate if behavior is detected that appears to indicate an attack. + +**Google Chrome 35+** is built for Windows using VS 2013 and is not compatible +with EMET's **ROP chain detection**, and **Google Chrome 53+** built with PGO +optimizations is not compatible with EMET's **EAF+** mitigation. + +# Specific Compatibility issues + +Some applications cannot run with EMET protections because they have internal +behavior that, to EMET, resembles an exploit in progress. This does not mean the +applications are dangerous or are doing anything harmful to the user. In this +case EMET causes the application to unexpectedly terminate even though no actual +attack conditions are present. + +Two specific incompatibilities have been found with EMET: + +## ROP chain detection and prevention (Chrome 35+) + +After [Chromium revision +254340](http://src.chromium.org/viewvc/chrome?view=revision&revision=254340), +Visual Studio 2013 is the only supported build chain for Chromium on Windows. +Unfortunately, we have observed compatibility problems with Microsoft’s Enhanced +Mitigation Experience Toolkit (EMET) and Chromium compiled on Windows using +Visual Studio 2013. + +One specific issue we have encountered with Chromium compiled using VS 2013 +relates to [tail-call optimizations](http://en.wikipedia.org/wiki/Tail_call) in +wrapper functions for Windows APIs. By using jmp to enter the Windows API call +from the wrapper, the Visual Studio compiler avoids an additional call/ret pair, +and the API would return directly into the wrapper function’s caller rather than +the wrapper function itself. However, EMET protects various ‘critical’ Windows +APIs against an exploit technique known as Return-Oriented Programming (ROP), +and one of these protections is incompatible with tail-call optimization. EMET’s +code checks that the return address from the API call is immediately preceded by +a call to that API, since in ROP exploits this will typically not be the case +but in normal function calls it will. The tail-call optimization violates EMET’s +assumption and causes a false positive result for exploit detection. + +## EAF (Export Address Table Filtering) and EAF+ (Chrome 53+ 64-bit) + +The [Chromium +sandbox](/developers/design-documents/sandbox#TOC-The-broker-process) uses an +interception layer to allow the sandboxed process to still access a limited set +of Windows APIs. These interceptions are achieved by the interception manager +whose job it is to patch the windows API calls that should be forwarded via IPC +to the browser process. Chrome 53 added Profile Guided Optimization +([PGO](https://blogs.msdn.microsoft.com/vcblog/2013/04/04/build-faster-and-high-performing-native-applications-using-pgo/)) +to our build process and this seems to have an incompatibility with EMET's EAF+. + +EMET subsequently incorrectly falsely detects our optimizations as an exploit +attempting to patch system DLLs and as a result will not allow any sandboxed +processes to start. The bug tracking this is [643775](https://crbug.com/643775). +A current workaround is to remove chrome_child.dll from the EAF+ DLL allowlist. + +# Fix and Workarounds + +We are in contact with Microsoft to investigate and address these problems. +Microsoft currently is already recommending that the EMET caller mitigation not +be enabled for Chrome. Google recommend that EAF+ protection be disabled for +Chrome, and we are working with Microsoft to update their guidance. + +## Users + +In the meantime, users experiencing this problem with Chrome or Chromium-based +browsers can resolve the issue by either: + + Removing the browser from the list of applications monitored by EMET, and/or + + Disabling the caller mitigation setting and EAF+ specifically for + chrome_child.dll. + +The Chrome security team does not generally recommend the use of EMET with +Chromium because it has negative performance impact and adds no security benefit +in most situations. The most effective anti-exploit techniques that EMET +provides are already built into Chromium or superseded by stronger mitigations. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
EMET ProtectionBenefit to Chromium
Forcing Data Execution PreventionNone, Chromium builds with this already enabled.
Forcing Address Space Layout RandomizationNone, Chromium builds with this already enabled.
Structured Exception Handling Overwrite ProtectionNone, Chromium enables OS SEHOP on all versions of Windows where supported. EMET can add SEHOP on Windows Vista, however as of Chrome 50 Windows Vista is no longer supported.
Heap Spray Page ReservationThis can protect Chromium from some exploits, but can also be trivially bypassed by exploit writers who are aware of EMET protections.
Export Address Table (EAF and EAF+) access filteringThis can protect Chromium from some exploits, but can also be bypassed by exploit writers who are aware of EMET protections.
ROP chain detection and preventionThis can protect Chromium from some exploits, but can also be bypassed by exploit writers who are aware of EMET protections.
\ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/clean-software-alliance/index.md b/chromium/docs/website/site/Home/chromium-security/clean-software-alliance/index.md new file mode 100644 index 00000000000..2501a1c48ce --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/clean-software-alliance/index.md @@ -0,0 +1,38 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: clean-software-alliance +title: Clean Software Alliance (CSA) +--- + +Chrome is participating in a pilot test of the [Clean Software +Alliance](http://www.cs-alliance.org/) (CSA), and provides a feature by which +CSA Installer Members can record information about what has been installed on +the system. These records consist of the following information: + + <vendor_id> - unique identifier of the installation vendor. + + <install_id> - unique installation ID (per vendor). + + <publisher_id> - unique identifier of the publisher (or main product) + being installed. + + <install_time_client> - installation start time as per the user’s + machine. + + <install_time_server> - installation start time as per the server + time. + + <advertisers_id> - a comma-delimited list of unique advertiser IDs + accepted by the user and installed in addition to the main product. + + <hmac_sha256_validation> - hmacSHA256 hash of a string containing all + the entry fields using a private salt provided by every vendor. This field + is used to validate the entry data and to prevent abuse. + +If Chrome detects a [security +incident](https://www.google.ca/chrome/browser/privacy/whitepaper.html#malware), +some of this data may be reported as part of its environmental data collection. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/client-identification-mechanisms/index.md b/chromium/docs/website/site/Home/chromium-security/client-identification-mechanisms/index.md new file mode 100644 index 00000000000..4db961813bc --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/client-identification-mechanisms/index.md @@ -0,0 +1,764 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: client-identification-mechanisms +title: Technical analysis of client identification mechanisms +--- + +*Written by Artur Janc <[aaj@google.com](mailto:aaj@google.com)> and +Michal Zalewski <[lcamtuf@google.com](mailto:lcamtuf@google.com)>* + +In common use, the term “web tracking” refers to the process of calculating or +assigning unique and reasonably stable identifiers to each browser that visits a +website. In most cases, this is done for the purpose of correlating future +visits from the same person or machine with historical data. + +Some uses of such tracking techniques are well established and commonplace. For +example, they are frequently employed to tell real users from malicious bots, to +make it harder for attackers to gain access to compromised accounts, or to store +user preferences on a website. In the same vein, the online advertising industry +has used cookies as the primary client identification technology since the +mid-1990s. Other practices may be less known, may not necessarily map to +existing browser controls, and may be impossible or difficult to detect. Many of +them - in particular, various methods of client fingerprinting - have garnered +concerns from software vendors, standards bodies, and the media. + +To guide us in improving the range of existing browser controls and to highlight +the potential pitfalls when designing new web APIs, we decided to prepare a +technical overview of known tracking and fingerprinting vectors available in the +browser. Note that we describe these vectors, but do not wish this document to +be interpreted as a broad invitation to their use. Website owners should keep in +mind that any single tracking technique may be conceivably seen as +inappropriate, depending on user expectations and other complex factors beyond +the scope of this doc. + +We divided the methods discussed on this page into several categories: +explicitly assigned client-side identifiers, such as HTTP cookies; inherent +client device characteristics that identify a particular machine; and measurable +user behaviors and preferences that may reveal the identity of the person behind +the keyboard (or touchscreen). After reviewing the known tracking and +fingerprinting techniques, we also discuss potential directions for future work +and summarize some of the challenges that browser and other software vendors +would face trying to detect or prevent such behaviors on the Web. + +[TOC] + +## Explicitly assigned client-side identifiers + +The canonical approach to identifying clients across HTTP requests is to store a +unique, long-lived token on the client and to programmatically retrieve it on +subsequent visits. Modern browsers offer a multitude of ways to achieve this +goal, including but not limited to: + + Plain old [HTTP cookies](http://tools.ietf.org/html/rfc6265), + + Cookie-equivalent plugin features - most notably, Flash [Local Shared + Objects](http://en.wikipedia.org/wiki/Local_shared_object). + + HTML5 client storage mechanisms, including + [*localStorage*](https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Storage), + [*File*](https://developer.mozilla.org/en-US/docs/Web/API/File), and + [*IndexedDB*](https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API) + APIs, + + Unique markers stored within locally cached resources or in cache metadata - + e.g., [Last-Modified and + ETag](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html), + + Bits encoded in [HTTP Strict Transport + Security](http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) pin + lists across several attacker-controlled host names, + + ...and more. + +We believe that the availability of any one of these mechanisms is sufficient to +reliably tag clients and identify them later on; in addition to this, many such +identifiers can be deployed in a manner that conceals the uniqueness of the ID +assigned to a particular client. On the flip side, browsers provide users with +some degree of control over the behavior of at least some of these APIs, and +with several exceptions discussed later on, the identifiers assigned in this +fashion do not propagate to other browser profiles or to private browsing +sessions. + +The remainder of this section provides a more in-depth overview of several +notable examples of client tagging schemes that are within the reach of web +apps. + +### *HTTP cookies* + +[HTTP cookies](http://tools.ietf.org/html/rfc6265) are the most familiar and +best-understood method for persisting data on the client. In essence, any web +server may issue unique identifiers to first-time visitors as a part of a HTTP +response, and have the browser play back the stored values on all future +requests to a particular site. + +All major browsers have for years been equipped with UIs for managing cookies; a +large number of third-party cookie management and blocking software is +available, too. In practice, however, external research has implied that only a +minority of users regularly review or purge browser cookies. The reasons for +this are probably complex, but one of them may be that the removal of cookies +tends to be disruptive: contemporary browsers do not provide any heuristics to +distinguish between the session cookies that are needed to access the sites the +user is logged in, and the rest. + +Some browsers offer user-configurable restrictions on the ability for websites +to set “third-party” cookies (that is, cookies coming from a domain other than +the one currently displayed in the address bar - a behavior most commonly +employed to serve online ads or other embedded content). It should be noted that +the existing implementations of this setting will assign the “first-party” label +to any cookies set by documents intentionally navigated to by the user, as well +as to ones issued by content loaded by the browser as a part of full-page +interstitials, HTTP redirects, or click-triggered pop-ups. + +Compared to most other mechanisms discussed below, overt use of HTTP cookies is +fairly transparent to the user. That said, the mechanism may be used to tag +clients without the use of cookie values that obviously resemble unique IDs. For +example, client identifiers could be encoded as a combination of several +seemingly innocuous and reasonable cookie names, or could be stored in metadata +such as paths, domains, or cookie expiration times. Because of this, we are not +aware of any means for a browser to reliably flag HTTP cookies employed to +identify a specific client in this manner. + +Just as interestingly, the abundance of cookies means that an actor could even +conceivably rely on the values set by others, rather than on any newly-issued +identifiers that could be tracked directly to the party in question. We have +seen this employed for some rich content ads, which are usually hosted in a +single origin shared by all advertisers - or, less safely, are executed directly +in the context of the page that embeds the ad. + +### *Flash LSOs* + +[Local Shared Objects](http://www.adobe.com/security/flashplayer/articles/lso/) +are the canonical way to store client-side data within Adobe Flash. The +mechanism is designed to be a direct counterpart to HTTP cookies, offering a +convenient way to maintain session identifiers and other application state on a +per-origin basis. In contrast to cookies, LSOs can be also used for structured +storage of data other than short snippets of text, making such objects more +difficult to inspect and analyze in a streamlined way. + +In the past, the behavior of LSOs within the Flash plugin had to be configured +separately from any browser privacy settings, by visiting a lesser-known [Flash +Settings +Manager](http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html) +UI hosted on macromedia.com (standalone installs of Flash 10.3 and above +supplanted this with a Control Panel / System Preferences dialog available +locally on the machine). Today, most browsers offer a degree of integration: for +example, clearing cookies and other site data will generally also remove LSOs. +On the flip side, more nuanced controls may not be synchronized: say, the +specific setting for third-party cookies in the browser is not always reflected +by the behavior of LSOs. + +From a purely technical standpoint, the use of Local Shared Objects in a manner +similar to HTTP cookies is within the apparent design parameters for this API - +but the reliance on LSOs to recreate deleted cookies or bypass browser cookie +preferences has been subject to public scrutiny. + +### *Silverlight Isolated Storage - Update: Silverlight and other plugins were removed years ago.* + +Microsoft Silverlight is a widely-deployed applet framework bearing many +similarities to Adobe Flash. The Silverlight equivalent of Flash LSOs is known +as [Isolated +Storage](http://msdn.microsoft.com/en-us/library/bdts8hk0(v=vs.95).aspx). + +The privacy settings in Silverlight are typically not coupled to the underlying +browser. In our testing, values stored in Isolated Storage survive clearing +cache and site data in Chrome, Internet Explorer and Firefox. Perhaps more +surprisingly, Isolated Storage also appears to be shared between all +non-incognito browser windows and browser profiles installed on the same +machine; this may have consequences for users who rely on separate browser +instances to maintain distinct online identities. + +As with LSOs, reliance on Isolated Storage to store session identifiers and +similar state information does not present issues from a purely technical +standpoint. That said, given that the mechanism is not currently managed via +browser controls, its use of for client identification is not commonplace and +thus may be viewed as less transparent than standard cookies. + +### *HTML5 client-side storage mechanisms* + +HTML5 introduces a range of structured data storage mechanisms on the client; +this includes +[localStorage](https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Storage), +the [*File* API](https://developer.mozilla.org/en-US/docs/Web/API/File), and +[*IndexedDB*](https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API). +Although semantically different from each other, all of them are designed to +allow persistent storage of arbitrary blobs of binary data tied to a particular +web origin. In contrast to cookies and LSOs, there are no significant size +restrictions on the data stored with these APIs. + +In modern browsers, HTML5 storage is usually purged alongside other site data, +but the mapping to browser settings isn’t necessarily obvious. For example, +Firefox will retain localStorage data unless the user selects “offline website +data” or “site preferences” in the deletion dialog and specifies the time range +as “everything” (this is not the default). Another idiosyncrasy is the behavior +of Internet Explorer, where the data is retained for the lifetime of a tab for +any sites that are open at the time the operation takes place. + +Beyond that, the mechanisms do not always appear to follow the restrictions on +persistence that apply to HTTP cookies. For example, in our testing, in Firefox, +localStorage can be written and read in cross-domain frames even if third-party +cookies are disabled. + +Due to the similarity of the design goals of these APIs, the authors expect that +the perception and the caveats of using HTML5 storage for storing session +identifiers would be similar to the situation with Flash and Silverlight. + +### *Cached objects* + +For performance reasons, all mainstream web browsers maintain a global cache of +previously retrieved HTTP resources. Although this mechanism is not explicitly +designed as a random-access storage mechanism, it can be easily leveraged as +such. To accomplish this, a cooperating server may return, say, a JavaScript +document with a unique identifier embedded in its body, and set Expires / +max-age= headers to a date set in the distant future. + +Once this unique identifier is stored within a script subresource in the browser +cache, the ID can be read back on any page on the Internet simply by loading the +script from a known URL and monitoring the agreed-upon local variable or setting +up a predefined callback function in JavaScript. The browser will periodically +check for newer copies of the script by issuing a conditional request to the +originating server with a suitable If-Modified-Since header; but if the server +consistently responds to such check with HTTP code 304 (“Not modified”), the old +copy will continue to be reused indefinitely. + +There is no concept of blocking “third-party” cache objects in any browser known +to the authors of this document, and no simple way to prevent cache objects from +being stored without dramatically degrading performance of everyday browsing. +Automated detection of such behaviors is extremely difficult owing to the sheer +volume and complexity of cached JavaScript documents encountered on the modern +Web. + +All browsers expose the option to manually clear the document cache. That said, +because clearing the cache requires specific action on the part of the user, it +is unlikely to be done regularly, if at all. + +Leveraging the browser cache to store session identifiers is very distinct from +using HTTP cookies; the authors are unsure if and how the cookie settings - the +convenient abstraction layer used for most of the other mechanisms discussed to +date - could map to the semantics of browser caches. + +### *Cache metadata: ETag and Last-Modified* + +To make implicit browser-level document caching work properly, servers must have +a way to notify browsers that a newer version of a particular document is +available for retrieval. The HTTP/1.1 standard specifies two methods of document +versioning: one based on the date of the most recent modification, and another +based on an abstract, opaque identifier known as ETag. + +In the ETag scheme, the server initially returns an opaque “version tag” string +in a response header alongside with the actual document. On subsequent +conditional requests to the same URL, the client echoes back the value +associated with the copy it already has, through an If-None-Match header; if the +version specified in this header is still current, the server will respond with +HTTP code 304 (“Not Modified”) and the client is free to reuse the cached +document. Otherwise, a new document with a new ETag will follow. + +Interestingly, the behavior of the ETag header closely mimics that of HTTP +cookies: the server can store an arbitrary, persistent value on the client, only +to read it back later on. This observation, and its potential applications for +browser tracking [date back at least to +2000](http://seclists.org/bugtraq/2000/Mar/331). + +The other versioning scheme, Last-Modified, suffers from the same issue: servers +can store at least 32 bits of data within a well-formed date string, which will +then be echoed back by the client through a request header known as +If-Modified-Since. (In practice, most browsers don't even require the string to +be a well-formed date to begin with.) + +Similarly to tagging users through cache objects, both of these “metadata” +mechanisms are unaffected by the deletion of cookies and related site data; the +tags can be destroyed only by purging the browser cache. + +As with Flash LSOs, use of ETag to allegedly skirt browser cookie settings has +been subject to scrutiny. + +### *HTML5 AppCache* + +[Application +Caches](http://www.whatwg.org/specs/web-apps/current-work/multipage/offline.html#appcache) +allow website authors to specify that portions of their websites should be +stored on the disk and made available even if the user is offline. The mechanism +is controlled by [cache +manifests](http://www.whatwg.org/specs/web-apps/current-work/multipage/offline.html#manifests) +that outline the rules for storing and retrieving cache items within the app. + +Similarly to implicit browser caching, AppCaches make it possible to store +unique, user-dependent data - be it inside the cache manifest itself, or inside +the resources it requests. The resources are retained indefinitely and not +subject to the browser’s usual cache eviction policies. + +AppCache appears to occupy a netherworld between HTML5 storage mechanisms and +the implicit browser cache. In some browsers, it is purged along with cookies +and stored website data; in others, it is discarded only if the user opts to +delete the browsing history and all cached documents. + +Note: AppCache is likely to be succeeded with [Service +Workers](https://slightlyoff.github.io/ServiceWorker/spec/service_worker/index.html); +the privacy properties of both mechanisms are likely to be comparable. + +### *Flash resource cache* + +Flash maintains its own internal store of resource files, which can be probed +using a variety of techniques. In particular, the internal repository includes +an asset cache, relied upon to store [Runtime Shared +Libraries](http://help.adobe.com/en_US/Flex/4.0/UsingSDK/WS2db454920e96a9e51e63e3d11c0bf69084-7add.html) +signed by Adobe to improve applet load times. There is also [Adobe Flash +Access](http://www.adobe.com/support/documentation/en/flashaccess/), a mechanism +to store automatically acquired licenses for DRM-protected content. + +As of this writing, these document caches do not appear to be coupled to any +browser privacy settings and can only be deleted by making several independent +configuration changes in the [Flash Settings +Manager](http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html) +UI on macromedia.com. We believe there is no global option to delete all cached +resources or prevent them from being stored in the future. + +Browsers other than Chrome appear to share Flash asset data across all +installations and in private browsing modes, which may have consequences for +users who rely on separate browser instances to maintain distinct online +identities. + +### *SDCH dictionaries - Removed from Chrome 59+* + +[SDCH](http://lists.w3.org/Archives/Public/ietf-http-wg/2008JulSep/att-0441/Shared_Dictionary_Compression_over_HTTP.pdf) +is a Google-developed compression algorithm that relies on the use of +server-supplied, cacheable dictionaries to achieve compression rates +considerably higher than what’s possible with methods such as gzip or deflate +for several common classes of documents. + +The site-specific dictionary caching behavior at the core of SDCH inevitably +offers an opportunity for storing unique identifiers on the client: both the +dictionary IDs (echoed back by the client using the Avail-Dictionary header), +and the contents of the dictionaries themselves, can be used for this purpose, +in a manner very similar to the regular browser cache. + +In Chrome, the data does not persist across browser restarts; it was, however, +shared between profiles and incognito modes and was not deleted with other site +data when such an operation is requested by the user. Google addressed this in +bug [327783](https://code.google.com/p/chromium/issues/detail?id=327783). + +### *Other script-accessible storage mechanisms* + +Several other more limited techniques make it possible for JavaScript or other +active content running in the browser to maintain and query client state, +sometimes in a fashion that can survive attempts to delete all browsing and site +data. + +For example, it is possible to use window.name or sessionStorage to store +persistent identifiers for a given window: if a user deletes all client state +but does not close a tab that at some point in the past displayed a site +determined to track the browser, re-navigation to any participating domain will +allow the window-bound token to be retrieved and the new session to be +associated with the previously collected data. + +More obviously, the same is true for active JavaScript: any currently open +JavaScript context is allowed to retain state even if the user attempts to +delete local site data; this can be done not only by the top-level sites open in +the currently-viewed tabs, but also by “hidden” contexts such as HTML frames, +web workers, and pop-unders. This can happen by accident: for example, a running +ad loaded in an <iframe> may remain completely oblivious to the fact that +the user attempted to clear all browsing history, and keep using a session ID +stored in a local variable in JavaScript. (In fact, in addition to JavaScript, +Internet Explorer will also retain session cookies for the currently-displayed +origins.) + +Another interesting and often-overlooked persistence mechanism is the caching of +[RFC 2617](http://tools.ietf.org/html/rfc2617) HTTP authentication credentials: +once explicitly passed in an URL, the cached values may be sent on subsequent +requests even after all the site data is deleted in the browser UI. + +In addition to the cross-browser approaches discussed earlier in this document, +there are also several proprietary APIs that can be leveraged to store unique +identifiers on the client system. An interesting example of this are the +proprietary [persistence +behaviors](http://msdn.microsoft.com/en-us/library/ms533007(v=vs.85).aspx) in +some versions of Internet Explorer, including the [*userData* +API](http://msdn.microsoft.com/en-us/library/ms531424(VS.85).aspx). + +Last but not least, a variety of other, less common plugins and plugin-mediated +interfaces likely expose analogous methods for storing data on the client, but +have not been studied in detail as a part of this write-up; an example of this +may be the +*[PersistenceService](http://docs.oracle.com/javase/7/docs/jre/api/javaws/jnlp/javax/jnlp/PersistenceService.html) +API* in Java, or the DRM license management mechanisms within Silverlight. + +### *Lower-level protocol identifiers* + +On top of the fingerprinting mechanisms associated with HTTP caching and with +the purpose-built APIs available to JavaScript programs and plugin-executed +code, modern browsers provide several network-level features that offer an +opportunity to store or retrieve unique identifiers: + + [Origin Bound + Certificates](http://www.browserauth.net/origin-bound-certificates) (aka + *ChannelID*) **were** persistent self-signed certificates identifying the + client to an HTTPS server, envisioned as the future of session management on + the web. A separate certificate is generated for every newly encountered + domain and reused for all connections initiated later on. + By design, OBCs function as unique and stable client fingerprints, + essentially replicating the operation of authentication cookies; they are + treated as “site and plug-in data” in Chrome, and can be removed along with + cookies. + Uncharacteristically, sites can leverage OBC for user tracking without + performing any actions that would be visible to the client: the ID can be + derived simply by taking note of the cryptographic hash of the certificate + automatically supplied by the client as a part of a legitimate SSL + handshake. + ChannelID is currently suppressed in Chrome in “third-party” scenarios + (e.g., for different-domain frames). **NOTE**: **this feature and its + successor, TLS Token Binding, were removed years ago.** + + The set of supported ciphersuites can be used to fingerprint [a TLS/SSL + handshake](http://whatever-will-be-que-sera-sera.tumblr.com). Note that + clients have been actively deprecating various ciphersuites in recent years, + making this attack even more powerful. + + In a similar fashion, two separate mechanisms within TLS - [session + identifiers](http://tools.ietf.org/html/rfc5246) and [session + tickets](http://tools.ietf.org/html/rfc5077) - allow clients to resume + previously terminated HTTPS connections without completing a full handshake; + this is accomplished by reusing previously cached data. These session + resumption protocols provide a way for servers to identify subsequent + requests originating from the same client for a short period of time. + + [HTTP Strict Transport Security](http://tools.ietf.org/html/rfc6797) is a + security mechanism that allows servers to demand that all future connections + to a particular host name need to happen exclusively over HTTPS, even if the + original URL nominally begins with “http://”. + It follows that a fingerprinting server could set long-lived HSTS headers + for a distinctive set of attacker-controlled host names for each newly + encountered browser; this information could be then retrieved by loading + faux (but possibly legitimately-looking) subresources from all the + designated host names and seeing which of the connections are automatically + switched to HTTPS. + In an attempt to balance security and privacy, any HSTS pins set during + normal browsing \[were\*\] carried over to the incognito mode in Chrome; + there is no propagation in the opposite direction, however. \***Update:** + Behavior was [changed in Chrome 64](https://crbug.com/774643), such that + Chrome won't use on-disk HSTS information for incognito requests. It is + worth noting that leveraging HSTS for tracking purposes requires + establishing log(n) connections to uniquely identify n users, which makes it + relatively unattractive, except for targeted uses; that said, creating a + smaller number of buckets may be a valuable tool for refining other + imprecise fingerprinting signals across a very large user base. + + Last but not least, virtually all modern browsers maintain internal DNS + caches to speed up name resolution (and, in some implementations, to + mitigate the risk of [DNS rebinding + attacks](http://crypto.stanford.edu/dns/dns-rebinding.pdf)). + Such caches can be easily leveraged to store small amounts of information + for a configurable amount of time; for example, with 16 available IP + addresses to choose from, around 8-9 cached host names would be sufficient + to uniquely identify every computer on the Internet. On the flip side, the + value of this approach is limited by the modest size of browser DNS caches + and the potential conflicts with resolver caching on ISP level. + +## Machine-specific characteristics + +With the notable exception of Origin-Bound Certificates, the techniques +described in section 1 of the document rely on a third-party website explicitly +placing a new unique identifier on the client system. + +Another, less obvious approach to web tracking relies on querying or indirectly +measuring the inherent characteristics of the client system. Individually, each +such signal will reveal just several bits of information - but when combined +together, it seems probable that they may uniquely identify almost any computer +on the Internet. In addition to being harder to detect or stop, such techniques +could be used to **cross-correlate user activity across various browser profiles +or private browsing sessions.** Furthermore, because the techniques are +conceptually very distant from HTTP cookies, the authors find it difficult to +decide how, if at all, the existing cookie-centric privacy controls in the +browser should be used to govern such practices. + +EFF [Panopticlick](https://panopticlick.eff.org/browser-uniqueness.pdf) is one +of the most prominent experiments demonstrating the principle of combining +low-value signals into a high-accuracy fingerprint; there is also some evidence +of [sophisticated passive +fingerpri](http://www.ieee-security.org/TC/SP2013/papers/4977a541.pdf)[nts being +used](http://www.ieee-security.org/TC/SP2013/papers/4977a541.pdf) by commercial +tracking services. + +### *Browser-level fingerprints* + +The most straightforward approach to fingerprinting is to construct identifiers +by actively and explicitly combining a range of individually non-identifying +signals available within the browser environment: + + User-Agent string, identifying the browser version, OS version, and some of + the installed browser add-ons. + (In cases where User-Agent information is not available or imprecise, + browser versions can be usually inferred very accurately by examining the + structure of other headers and by testing for the availability and semantics + of the features introduced or modified between releases of a particular + browser.) + + Clock skew and drift: unless synchronized with an external time source, most + systems exhibit clock drift that, over time, produces a fairly unique time + offset for every machine. Such offsets can be measured with microsecond + precision using JavaScript. In fact, even in the case of NTP-synchronized + clocks, ppm-level skews may be possible to [measure + remotely](http://www.caida.org/publications/papers/2005/fingerprinting/KohnoBroidoClaffy05-devicefingerprinting.pdf). + + Fairly fine-grained information about the underlying CPU and GPU, either as + exposed directly (GL_RENDERER) or as measured by executing [Javascript + benchmarks](http://w2spconf.com/2011/papers/jspriv.pdf) and testing for + driver- or GPU-specific [differences in WebGL + rendering](http://cseweb.ucsd.edu/~hovav/dist/canvas.pdf) or the application + of ICC color profiles to *<canvas>* data. + + Screen and browser window resolutions, including parameters of secondary + displays for multi-monitor users. + + The window-manager- and addon-specific “thickness” of the browser UI in + various settings (e.g., window.outerHeight - window.innerHeight). + + The list and ordering of installed system fonts - enumerated directly or + inferred with the help of an API such as getComputedStyle. + + The list of all installed plugins, ActiveX controls, and Browser Helper + Objects, including their versions - queried or brute-forced through + navigator.plugins\[\]. (Some add-ons also announce their existence in HTTP + headers.) + + Information about installed browser extensions and other software. While the + set cannot be directly enumerated, many extensions include [web-accessible + resources](https://developer.chrome.com/extensions/manifest/web_accessible_resources) + that aid in fingerprinting. In addition to this, add-ons such as popular ad + blockers make detectable modifications to viewed pages, revealing + information about the extension or its configuration. Using browser “sync” + features may result in these characteristics being identical for a given + user across multiple devices. A similar but less portable approach specific + to Internet Explorer allows websites to [enumerate locally + installed](http://www.alienvault.com/open-threat-exchange/blog/attackers-abusing-internet-explorer-to-enumerate-software-and-detect-securi) + software by attempting to load DLL resources via the *res://* + pseudo-protocol. + + Random seeds reconstructed from the output of non-cryptosafe PRNGs (e.g. + Math.random(), multipart form boundaries, etc). In some browsers, the PRNG + is initialized only at startup, or reinitialized using values that are + system-specific (e.g., based on system time or PID). + +According to the EFF, their Panopticlick experiment - which combines only a +relatively small subset of the actively-probed signals discussed above - is able +to uniquely identify [95% of desktop +users](http://hostmaster.freehaven.net/anonbib/cache/pets2010:eckersley2010unique.pdf) +based on system-level metrics alone. Current commercial fingerprinters are +reported to be [considerably more +sophisticated](http://www.ieee-security.org/TC/SP2013/papers/4977a541.pdf) and +their developers might be able to claim significantly higher success rates. + +Of course, the value of some of the signals discussed here will be diminished on +mobile devices, where both the hardware and the software configuration tends to +be more homogenous; for example, measuring window dimensions or the list of +installed plugins offers very little data on most Android devices. Nevertheless, +we feel that the remaining signals - such as clock skew and drift and the +network-level and user-specific signals described later on - are together likely +more than sufficient to uniquely identify virtually all users. + +When discussing potential mitigations, it is worth noting that restrictions such +as disallowing the enumeration of navigator.plugins\[\] generally do not prevent +fingerprinting; the set of all notable plugins and fonts ever created and +distributed to users is relatively small and a malicious script can conceivably +test for every possible value in very little time. + +### *Network configuration fingerprints* + +An interesting set of additional device characteristics is associated with the +architecture of the local network and the configuration of lower-level network +protocols; such signals are disclosed independently of the design of the web +browser itself. These traits covered here are generally shared between all +browsers on a given client and cannot be easily altered by common +privacy-enhancing tools or practices; they include: + + The external client IP address. For IPv6 addresses, this vector is even more + interesting: in some settings, the last octets may be derived from the + device's MAC address and preserved across networks. + + A broad range of TCP/IP and TLS stack fingerprints, obtained with passive + tools such as [*p0f*](http://lcamtuf.coredump.cx/p0f3/). The information + disclosed on this level is often surprisingly specific: for example, TCP/IP + traffic will often reveal high-resolution system uptime data through TCP + timestamps. + + Ephemeral source port numbers for outgoing TCP/IP connections, generally + selected sequentially by most operating systems. + + The local network IP address for users behind network address translation or + HTTP proxies ([via + WebRTC](http://www.thousandparsec.net/~tim/webrtc-myip.html)). Combined with + the external client IP, internal NAT IP uniquely identifies most users, and + is generally stable for desktop browsers (due to the tendency for DHCP + clients and servers to cache leases). + + Information about proxies used by the client, as detected from the presence + of extra HTTP headers (Via, X-Forwarded-For). This can be combined with the + client’s actual IP address revealed when making proxy-bypassing connections + using one of several available methods. + + With active probing, the [list of open ports on the local + host](http://www.slideshare.net/amiable_indian/javascript-malware-spi-dynamics) + indicating other installed software and firewall settings on the system. + Unruly actors may also be tempted to [probe the systems and services in the + visitor’s local network](http://www.andlabs.org/tools/jsrecon/jsrecon.html); + doing so directly within the browser will circumvent any firewalls that + normally filter out unwanted incoming traffic. + +## User-dependent behaviors and preferences + +In addition to trying to uniquely identify the device used to browse the web, +some parties may opt to examine characteristics that aren’t necessarily tied to +the machine, but that are closely associated with specific users, their local +preferences, and the online behaviors they exhibit. Similarly to the methods +described in section 2, such patterns would persist across different browser +sessions, profiles, and across the boundaries of private browsing modes. + +The following data is typically open to examination: + + Preferred language, default character encoding, and local time zone (sent in + HTTP headers and visible to JavaScript). + + Data in the client cache and history. It is possible to detect items in the + client’s cache by performing simple timing attacks; for any long-lived cache + items associated with popular destinations on the Internet, a fingerprinter + could detect their presence simply by measuring how quickly they load (and + by aborting the navigation if the latency is greater than expected for local + cache). + (It is also possible to directly extract URLs stored in the browsing + history, although such an attack requires [some user + interaction](http://lcamtuf.coredump.cx/yahh/) in modern browsers.) + + Mouse gesture, keystroke timing and velocity patterns, and [accelerometer + readings](http://www.theregister.co.uk/2013/01/31/smartphone_accelerometer_data_leak/) + (ondeviceorientation) that are unique to a particular user or to particular + surroundings. There is a + [considerable](http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.310.4320&rep=rep1&type=pdf) + [body](http://www.csis.pace.edu/~ctappert/it691-13spring/projects/mouse-pusara.pdf) + [of](http://www.cs.wm.edu/~hnw/paper/ccs11.pdf) + [scientific](http://www.computer.org/csdl/mags/it/2013/04/mit2013040012-abs.html) + [research](http://www.octaviogutierrez.net/docs/Gutierrez-ConferencePaper-SAM.pdf) + suggesting that even relatively trivial interactions are deeply + user-specific and highly identifying. + + Any changes to default website fonts and font sizes, website zoom level, and + the use of any accessibility features such as text color, size, or CSS + overrides (all indirectly measurable with JavaScript). + + The state of client features that can be customized or disabled by the user, + with special emphasis on mechanisms such as DNT, third-party cookie + blocking, changes to DNS prefetching, pop-up blocking, Flash security and + content storage, and so on. (In fact, users who extensively tweak their + settings from the defaults may be actually making their browsers + considerably easier to uniquely fingerprint.) + +On top of this, user fingerprinting can be accomplished by interacting with +third-party services through the user’s browser, using the ambient credentials +(HTTP cookies) maintained by the browser: + + Users logged into websites that offer collaboration features can be + de-anonymized by covertly instructing their browser to navigate to a set of + distinctively ACLed resources and then examining which of these navigation + attempts result in a new collaborator showing up in the UI. + + Request timing, onerror and onload handlers, and similar measurement + techniques can be used to detect which third-party resources return HTTP 403 + error codes in the user’s browser, thus constructing an accurate picture of + which sites the user is logged in; in some cases, finer-grained insights + into user settings or preferences on the site can be obtained, too. + (A similar but possibly more versatile login-state attack can be also + mounted with the help of Content Security Policy, a new security mechanism + introduced in modern browsers.) + + Any of the explicit web application APIs that allow identity attestation may + be leveraged to confirm the identity of the current user (typically based on + a starting set of probable guesses). + +## Fingerprinting prevention and detection challenges + +In a world with no possibility of fingerprinting, web browsers would be +indistinguishable from each other, with the exception of a small number of +robustly compartmentalized and easily managed identifiers used to maintain login +state and implement other essential features in response to user’s intent. + +In practice, the Web is very different: browser tracking and fingerprinting are +attainable in a large number of ways. A number of the unintentional tracking +vectors are a product of implementation mistakes or oversights that could be +conceivably corrected today; many others are virtually impossible to fully +rectify without completely changing the way that browsers, web applications, and +computer networks are designed and operated. In fact, some of these design +decisions might have played an unlikely role in the success of the Web. + +In lieu of eliminating the possibility of web tracking, some have raised hope of +detecting use of fingerprinting in the online ecosystem and bringing it to +public attention via technical means through browser- or server-side +instrumentation. Nevertheless, even this simple concept runs into a number of +obstacles: + + Some fingerprinting techniques simply leave no remotely measurable + footprint, thus precluding any attempts to detect them in an automated + fashion. + + Most other fingerprinting and tagging vectors are used in fairly evident + ways, but could be easily redesigned so that they are practically + indistinguishable from unrelated types of behavior. This would frustrate any + programmatic detection strategies in the long haul, particularly if they are + attempted on the client (where the party seeking to avoid detection can + reverse-engineer the checks and iterate until the behavior is no longer + flagged as suspicious). + +* The distinction between behaviors that may be acceptable to the user + and ones that might not is hidden from view: for example, a cookie + set for abuse detection looks the same as a cookie set to track + online browsing habits. Without a way to distinguish between the two + and properly classify the observed behaviors, tracking detection + mechanisms may provide little real value to the user. + +## Potential directions for future work + +There may be no simple, universal, technical solutions to the problem of +tracking on the Web by parties who are intent on doing so with no regard for +user controls. That said, the authors of this page see some theoretical room for +improvement when it comes to building simpler and more intuitive privacy +controls to provide a better framework for the bulk of interactions with +responsible sites and parties on the Internet: + + The current browser privacy controls evolved almost exclusively around the + notion of HTTP cookies and several other very specific concepts that do not + necessarily map cleanly to many of the tracking and fingerprinting methods + discussed in this document. In light of this, to better meet user + expectations, it may be beneficial for in-browser privacy settings to focus + on clearly explaining practical privacy outcomes, rather than continuing to + build on top of narrowly-defined concepts such as "third-party cookies". + + We worry that in some cases, interacting with browser privacy controls can + degrade one’s browsing experience, discouraging the user from ever touching + them. A canonical example of this is trying to delete cookies: reviewing + them manually is generally impractical, while deleting all cookies will kick + the user out of any sites he or she is logged into and frequents every day. + Although fraught with some implementation challenges, it may be desirable to + build better heuristics that distinguish and preserve site data specifically + for the destinations that users frequently log into or meaningfully interact + with. + + Even for extremely privacy-conscious users who are willing to put up with + the inconvenience of deleting one’s cookies and purging other session data, + resetting online fingerprints can be difficult and fail in unexpected ways. + An example of this is discussed in section 1: if there are ads loaded on any + of the currently open tabs, clearing all local data may not actually result + in a clean slate. Investing in developing technologies that provide more + robust and intuitive ways to maintain, manage, or compartmentalize one's + online footprints may be a noble goal. + + Today, some privacy-conscious users may resort to tweaking multiple settings + and installing a broad range of extensions that together have the + paradoxical effect of facilitating fingerprinting - simply by making their + browsers considerably more distinctive, no matter where they go. There is a + compelling case for improving the clarity and effect of a handful of + well-defined privacy settings as to limit the probability of such outcomes. + +We present these ideas for discussion within the community; at the same time, we +recognize that although they may sound simple when expressed in a single +paragraph, their technical underpinnings are elusive and may prove difficult or +impossible to fully flesh out and implement in any browser. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/corb-for-developers/index.md b/chromium/docs/website/site/Home/chromium-security/corb-for-developers/index.md new file mode 100644 index 00000000000..233766fb522 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/corb-for-developers/index.md @@ -0,0 +1,121 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: corb-for-developers +title: Cross-Origin Read Blocking for Web Developers +--- + +**Cross-Origin Read Blocking (CORB)** is a new web platform security feature +that helps mitigate the threat of side-channel attacks (including Spectre). It +is designed to prevent the browser from delivering certain cross-origin network +responses to a web page, when they might contain sensitive information and are +not needed for existing web features. For example, it will block a cross-origin +text/html response requested from a <script> or <img> tag, replacing +it with an empty response instead. This is an important part of the protections +included with [Site Isolation](/Home/chromium-security/site-isolation). + +This document aims to help web developers know what actions they should take in +response to CORB. For more information about CORB in general, please see the +[CORB +explainer](https://chromium.googlesource.com/chromium/src/+/HEAD/services/network/cross_origin_read_blocking_explainer.md), +the [specification](https://fetch.spec.whatwg.org/#corb), the ["Site Isolation +for web developers" +article](https://developers.google.com/web/updates/2018/07/site-isolation), or +the following [talk](https://youtu.be/dBuykrdhK-A) from Google I/O 2018. (The +CORB discussion starts at [around 23:20 +mark](https://youtu.be/dBuykrdhK-A?t=1401).) + +#### Lessons from Spectre and Meltdown, and how the whole web is getting safer + +## How can I ensure CORB protects resources on my website? + +To make sure that sensitive resources on your website (e.g. pages or JSON files +with user-specific information, or pages with CSRF tokens) will not leak to +other web origins, please take the following steps to distinguish them from +resources that are allowed to be embedded by any site (e.g., images, JavaScript +libraries). + +### For HTML, JSON, and XML resources: + +Make sure these resources are served with a correct "Content-Type" response +header from the list below, as well as a "X-Content-Type-Options: nosniff" +response header. These headers ensure Chrome can identify the resources as +needing protection, without depending on the contents of the resources. + +* [HTML MIME type](https://mimesniff.spec.whatwg.org/#html-mime-type) + - "text/html" +* [XML MIME type](https://mimesniff.spec.whatwg.org/#xml-mime-type) - + "text/xml", "application/xml", or any MIME type whose subtype ends + in "+xml" +* [JSON MIME type](https://mimesniff.spec.whatwg.org/#json-mime-type) + - "text/json", "application/json", or any MIME type whose subtype + ends in "+json" + +Note that we recommend not supporting **multipart** [range +requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Range_requests) for +sensitive resources, because this changes the MIME type to multipart/byteranges +and makes it harder for Chrome to protect. Typical range requests are not a +problem and are treated similarly to the nosniff case. + +In addition to the recommended cases above, Chrome will also do its best to +protect responses labeled with any of the MIME types above and without a +"nosniff" header, but this has limitations. Many JavaScript files on the web are +unfortunately labeled using some of these MIME types, and if Chrome blocked +access to them, existing websites would break. Thus, when the "nosniff" header +is not present, Chrome first looks at the start of the file to try to confirm +whether it is HTML, XML, or JSON, before deciding whether to protect it. If it +cannot confirm this, it allows the response to be received by the cross-site +page's process. This is a best-effort approach which adds some limited +protection while preserving compatibility with existing sites. We recommend that +web developers include the "nosniff" header to protect their resources, to avoid +relying on this "confirmation sniffing" approach. + +### For other resource types (e.g., PDF, ZIP, PNG): + +Make sure these resources are served only in response to requests that include +an unguessable CSRF token (which should be distributed via resources protected +via the HTML, JSON, or XML steps above). + +## What should I do about CORB warnings reported by Chrome? + +When CORB blocks a HTTP response, it emits the following warning message to the +DevTools console in Chrome: + +> Cross-Origin Read Blocking (CORB) blocked cross-origin response +> https://www.example.com/example.html with MIME type text/html. See +> for more details. + +> (In Chrome 66 and earlier, this message was slightly different: Blocked +> current origin from receiving cross-site document at +> https://www.example.com/example.html with MIME type text/html.) + +In most cases, the blocked response should not affect the web page's behavior +and the CORB error message can be safely ignored. For example, the warning may +occur in cases when the body of the blocked response was empty already, or when +the response was going to be delivered to a context that can't handle it (e.g., +a HTML document such as a 404 error page being delivered to an <img> tag). +***Note:** Chrome will stop showing warning messages for empty or error +responses in Chrome 69, since these are false positives that do not affect site +behavior. If you see CORB warnings in Chrome 67 or 68, please test the site in +Chrome 69 to see if any warnings remain.* + +In rare cases, the CORB warning message may indicate a problem on a website, +which may disrupt its behavior when certain responses are blocked. For example, +a response served with a "X-Content-Type-Options: nosniff" response header and +an incorrect "Content-Type" response header may be blocked. This could, for +example, block an actual image which is mislabeled as "Content-Type: text/html" +and "nosniff." If this occurs and interferes with a page's behavior, we +recommend informing the website and requesting that they correct the +"Content-Type" header for the response. + +If you suspect Chrome is incorrectly blocking a response and that this is +disrupting the behavior of a website, [please file a Chromium +bug](https://goo.gl/XBoKtY) describing the incorrectly blocked response (both +the headers and body) and/or the URL serving it. You can confirm if a problem is +due to CORB by temporarily disabling it, by starting Chrome with the following +command line flag: + +--disable-features=CrossSiteDocumentBlockingAlways,CrossSiteDocumentBlockingIfIsolating \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/core-principles/index.md b/chromium/docs/website/site/Home/chromium-security/core-principles/index.md new file mode 100644 index 00000000000..2bc18f25ad2 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/core-principles/index.md @@ -0,0 +1,103 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: core-principles +title: Core Principles +--- + +### Help users safely navigate the web. + +Ensuring user safety means carefully balancing usability, capability and +security. If we’re doing it right, these aspects should all work hand-in-hand. +In most cases, we want security to be nearly invisible to the user. We update +transparently and try to provide safe defaults without asking users to make +security decisions. When [security +indicators](http://support.google.com/chrome/bin/answer.py?hl=en&answer=95617) +are surfaced, we aim to clearly explain the situation and highlight the most +important information, such as the hostname and SSL state in the address bar. + +### Design for defense in depth (and more depth). + +Our goal in designing Chrome’s security architecture was to layer defenses, and +avoid single points of failure. Chrome’s sandbox architecture represents one of +the most effective parts of this strategy, but it’s far from the only piece. We +also employ the best available anti-exploit technologies—including +[ASLR](http://en.wikipedia.org/wiki/Address_space_layout_randomization), +[DEP](http://en.wikipedia.org/wiki/Data_Execution_Prevention), [JIT +hardening](http://www.matasano.com/research/Attacking_Clientside_JIT_Compilers_Paper.pdf#page=24), +and [SafeSEH](http://msdn.microsoft.com/en-us/library/9a89h429.aspx)—along with +custom technologies like [Safe +Browsing](http://code.google.com/apis/safebrowsing/), [out-of-date plugin +blocking](http://support.google.com/chrome/bin/answer.py?hl=en&answer=1181003), +silent auto-update, and [verified +boot](/chromium-os/chromiumos-design-docs/verified-boot) on Chrome OS. And we +continue to work towards advancing the state of the art with research into areas +like per-origin sandboxing and control flow integrity. + +### Security is a team responsibility. + +There’s a common misconception that security can be handled as a feature or +add-on component. The fact is that security of any complex piece of software is +a cross-cutting concern, determined by millions of seemingly innocuous decisions +being made by developers every day. That’s why it’s essential for every team +member to be aware of secure development practices, and work with their security +team throughout the lifecycle of the project. This general awareness helps +supplement our normal security review process of auditing, regression testing, +and fuzzing. + +### Speed matters. + +User safety depends on quickly turning around security issues, regardless of +whether a vulnerability is discovered internally or reported by a third party. +We are committed to promptly addressing all security issues, and delivering +fixes to our users via our fast automatic update process. This approach has +allowed us to maintain an [industry-leading response +time](http://www.accuvant.com/sites/default/files/images/webbrowserresearch_v1_0.pdf#page=24) +to security vulnerabilities—even when dealing with such a complex and +politically charged issue as an irresponsible root Certificate Authority. + +### Be transparent. + +We do not downplay security impact or bury vulnerabilities with silent fixes, +because doing so serves users poorly. Instead, we provide users and +administrators with the information they need to accurately assess risk. We +publicly document our [security handling +proces](/Home/chromium-security/security-bug-lifecycle)[s](/Home/chromium-security/security-bug-lifecycle), +and we disclose all vulnerabilities fixed in Chrome and its dependencies—whether +discovered internally or externally. Whenever possible, we list all fixed +security issues in our [release +notes](http://googlechromereleases.blogspot.com/), and make the underlying +details public as soon as other affected projects have an adequate amount of +time to respond. When we do not control the disclosure timeline for a security +issue and cannot list it at the time of release, we make the details of the +issue public as soon as disclosure occurs. + +### Engage the community. + +No software is perfect, and security bugs slip through even the best development +and review processes. That’s why we’re grateful for the work of the independent +security research community in helping us find and fix vulnerabilities. In +response, we do our best to [acknowledge](/Home/chromium-security/hall-of-fame) +and [reward](/Home/chromium-security/vulnerability-rewards-program) their +contributions by ensuring proper attribution, paying out bounties, and +sponsoring security conferences. We leverage the community to even greater +extent where we can, by hiring members directly onto our team and contracting +with industry leading, independent security consultancies. + +### Make the web safer for everyone. + +Security is not a zero-sum game. One browser does not succeed in security at the +cost of others, and we’re all better off when the best security technologies and +techniques are employed by everyone. To that end, we work closely with standards +bodies and other browser makers to raise the bar by collaborating on various +standards, including [public key +pinning](http://tools.ietf.org/html/draft-ietf-websec-key-pinning-01), [Content +Security Policies](http://www.w3.org/TR/CSP/), and [SPDY](/spdy). We also open +source or otherwise make our security technologies widely available (e.g. +[Native Client](/nativeclient) / Pepper, [Open Type +Sanitizer](https://code.google.com/p/ots/), [application +sandboxing](/developers/design-documents/sandbox), and [Safe +Browsing](https://code.google.com/apis/safebrowsing/)). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/crlsets/CRLSetComponents.png.sha1 b/chromium/docs/website/site/Home/chromium-security/crlsets/CRLSetComponents.png.sha1 new file mode 100644 index 00000000000..4fad02b7a84 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/crlsets/CRLSetComponents.png.sha1 @@ -0,0 +1 @@ +499428fe4e368c0e859e10c37be5c60d102b4715 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/crlsets/index.md b/chromium/docs/website/site/Home/chromium-security/crlsets/index.md new file mode 100644 index 00000000000..156a9fbdb64 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/crlsets/index.md @@ -0,0 +1,40 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: crlsets +title: CRLSets +--- + +(This page is intended for Certificate Authorities who wish to know about +Chromium's certificate revocation behaviour.) + +CRLSets ([background](https://www.imperialviolet.org/2012/02/05/crlsets.html)) +are primarily a means by which Chrome can quickly block certificates in +emergency situations. As a secondary function they can also contain some number +of non-emergency revocations. These latter revocations are obtained by crawling +CRLs published by CAs. + +Online (i.e. OCSP and CRL) checks are not, generally, performed by Chrome. They +can be enabled by policy and, in some cases, the underlying system certificate +library always performs these checks no matter what Chromium does. + +The Chromium source code that implements CRLSets is, of course, +[public](https://chromium.googlesource.com/chromium/src/+/HEAD/net/cert/crl_set.cc). +But the process by which they are generated is not. + +We maintain an internal list of crawled CRLs which are intended to cover +intermediate revocations. The CRLs from that set go to make up the published +CRLSet. CRLs on the list are fetched infrequently (at most once every few hours) +and verified against the correct signing certificate for that CRL. + +The current CRLSet can be fetched and dumped out using the code at +. + +The version of CRLSet being used by Chrome can be inspected by navigating to +chrome://components: + +[image](/Home/chromium-security/crlsets/CRLSetComponents.png) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/deprecating-permissions-in-cross-origin-iframes/index.md b/chromium/docs/website/site/Home/chromium-security/deprecating-permissions-in-cross-origin-iframes/index.md new file mode 100644 index 00000000000..52a85f1686b --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/deprecating-permissions-in-cross-origin-iframes/index.md @@ -0,0 +1,131 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: deprecating-permissions-in-cross-origin-iframes +title: Deprecating Permissions in Cross-Origin Iframes +--- + +**Contents** + +[TOC] + +## Proposal + +It’s proposed that by default the following permissions cannot be requested or +used by content contained in cross-origin iframes: + +* Geolocation (getCurrentPosition and watchPosition) +* Midi (requestMIDIAccess) +* Encrypted media extensions (requestMediaKeySystemAccess) +* Microphone, Camera (getUserMedia) + +In order for a cross-origin frame to use these features, the embedding page must +specify a Permission Policy enables the feature for the frame. For example, to +enable geolocation in an iframe, the embedder could specify the iframe tag as: + +```html + +``` + +You can find the original blink [intent to deprecate thread +here](https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/mG6vL09JMOQ). + +**This is a living document** — as we learn more, we'll probably need to change +this page. + +## Motivation + +Untrusted third-party content, such as ads, are frequently embedded in iframes +on websites. Currently, permissions like geolocation, midi, etc. can be directly +requested and used by this content. + +UI for displaying permission prompts that are triggered by iframes can be very +confusing. Often permission prompts appear to be coming from the top-level +origin. As a result, users can be misled into granting permission to third-party +content that they did not intend to. At the very least, third-party content has +the ability to annoy users by displaying prompts even if they are undesired by +the embedding page. + +Furthermore, even if a user has previously granted persistent permission to an +origin, they are unlikely to be aware when that origin is loaded in an iframe on +a website on the drive-by-web. This may result in unexpected and unwanted access +a user’s camera, location, etc. + +The goal of this proposal is to protect users by disabling permissions by +default in iframes. Embedding websites would have the ability to re-enable +features for trusted content. This means that in order for a site to request +permission, the embedding website must express trust in the origin, in addition +to the user’s trust expressed through a permission grant. + +It should also be noted that several new features being implemented (e.g. +Payment request, WebVR) are adopting the model of disabling sensitive features +in cross-origin iframes from the beginning. This change will bring older +features into line with the direction the web is heading. + +## To continue to use permissions from iframes on your website... + +This deprecation is expected to ship in Chrome M64 (around January 2018). At +that time, if a cross-origin iframe attempts to use permission without the +feature being explicitly allowed, a console warning will be logged and the +feature will fail in a similar way as it would if a user had denied a permission +prompt. + +If you are a developer of a website which uses cross-origin iframes and you want +those iframes to continue to be able to request/use one of the above features, +the page that embeds the iframe will need to be changed. The simplest way to do +that is to modify the <iframe> tag to include an allow attribute which +specifies the name of the permission. For example, to enable geolocation and +mic/camera for an iframe, the following would be specified: + +```html + +``` + +Note that the above will grant geolocation, microphone and camera access to the +origin specified in the "src" attribute, i.e. in this case it would be +https://example.com. In some cases, other origins will be loaded in the iframe +that you may also wish to grant access to. In those cases you can explicitly +specify the origins to grant access to: + +```html + +``` + +The above example would grant geolocation to https://example.com as well as +https://foo.com when they are loaded in the iframe. To grant access to all +origins that might be loaded in the iframe, the \* syntax can be used. This +should be used carefully as it means that any page that gets loaded in the +iframe can request geolocation, which is often not the intent. The code would +look as follows: + +```html + +``` + +Valid values for allow include: + +* geolocation +* microphone +* camera +* midi +* encrypted-media + +Note that if the iframe which is using the permission has the same origin as the +top level page, then no changes have to be made. + +## More Information + +To find more information about Permissions Policy, take a look at the following +resources: + +* [The permissions policy + specification](https://w3c.github.io/webappsec-permissions-policy/) +* [The permissions policy + explainer](https://github.com/w3c/webappsec-permissions-policy/blob/main/permissions-policy-explainer.md) +* [chromestatus.com entry for this + change](https://www.chromestatus.com/feature/5023919287304192) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/deprecating-powerful-features-on-insecure-origins/index.md b/chromium/docs/website/site/Home/chromium-security/deprecating-powerful-features-on-insecure-origins/index.md new file mode 100644 index 00000000000..c6b474d79bc --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/deprecating-powerful-features-on-insecure-origins/index.md @@ -0,0 +1,115 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: deprecating-powerful-features-on-insecure-origins +title: Deprecating Powerful Features on Insecure Origins +--- + +[TOC] + +## Proposal + +As browser users manage more and more of their day-to-day lives online, we +(Chrome Security) believe they should reasonably expect that browsing and +interacting with the web is secure and protects their sensitive information +across their entire browsing experience. Protecting users’ privacy and security +requires connecting to secure origins wherever possible. Practically speaking, +this means restricting features to HTTPS in lieu of HTTP, especially for +powerful web platform features. + +While [strong progress](https://transparencyreport.google.com/https/overview) +has been made in increasing HTTPS adoption on the web over the past several +years, there are still millions of sites that do not support secure connections +over HTTPS, which means that support for HTTP isn’t going away in the +foreseeable future. As long as a significant portion of browsing the web can +only happen over HTTP, it’s important that we take steps to protect and inform +users whenever we cannot guarantee that their connections are secure. + +Continuing from our past efforts to [restrict new features to secure +origins](/Home/chromium-security/prefer-secure-origins-for-powerful-new-features), +we are taking further steps on our path of deprecating powerful features on +insecure origins in order to mitigate the most privacy- and security-sensitive +risks of using HTTP in Chrome. To guide our efforts going forward, we have +created the following principles, which we will use to prioritize future work in +this area: + +- **Better inform users when making trust decisions about sites over + insecure connections** Over time, Chrome users are making an + increasingly large amount of trust decisions when interacting with + websites, whether by granting permissions for powerful web features, + submitting personal information to a website, or downloading + executable code. However, when the connection to a website is + unauthenticated and unencrypted, these trust decisions aren’t bound + to the intended site in a meaningful way. When Chrome presents users + with such a trust decision, we plan on ramping up warnings to users + when these features are being used over connections to insecure + origins. + +- **Limit the ability for sites to circumvent security policies over + insecure connections** The [same-origin-policy + (SOP)](https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy) + is an important security policy that limits a website’s ability to + interact with resources from other origins. Several powerful web + platform features (such as + [postMessage](https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage) + and [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)) + allow for websites to exempt domains from this policy to provide a + more feature-rich experience. Our goal for future versions of Chrome + to gradually limit the ability for insecure origins to be expressed + in policy exceptions like these. + +- **Change how, and for how long, Chrome stores site content provided + over insecure connections** When browsing to a site over HTTP today, + Chrome will both [cache site + content](/developers/design-documents/network-stack/http-cache) for + future use as well as providing access to persistent [local + storage](https://developer.mozilla.org/en-US/docs/Web/API/Window/localStorage). + When this content is provided over insecure and unauthenticated + connections, the value of this persistent storage is significantly + reduced and we are exploring ways to limit the duration this content + will persist on user devices between visits to insecure origins. + +## Powerful Features restricted to Secure Origins + +A (non-exhaustive) list of powerful features we have already restricted to +secure origins includes: + +- Geolocation +- Device motion / orientation +- EME +- getUserMedia +- AppCache +- Notifications + +## Testing Powerful Features + +If you are a developer that needs to keep testing a site using a powerful +feature that has been restricted to secure origins, [this +article](https://web.dev/how-to-use-local-https/) provides helpful instructions +for a variety of options for local development, including testing on + where possible, creating and using self-signed certificates, +as well as creating, installing, and managing self-signed CAs to issue testing +and development certificates. + +In addition to this guidance, there are some Chrome and Android-specific tips +that can help when developing and testing features restricted to secure origins: + +1. You can use `chrome://flags/#unsafely-treat-insecure-origin-as-secure` to run + Chrome, or use the + `--unsafely-treat-insecure-origin-as-secure="http://example.com"` flag + (replacing "example.com" with the origin you actually want to test), which + will treat that origin as secure for this session. Note that on Android and + ChromeOS the command-line flag requires having a device with root access/dev + mode. + +2. On a local network, you can test on your Android device using [port + forwarding](https://developers.google.com/web/tools/chrome-devtools/remote-debugging/local-server) + to access a remote host as localhost. + +We continue to invest in improved methods for testing powerful features on +insecure origins, and we'll update this page once we've developed them. Feel +free to contribute ideas to +[security-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/education/index.md b/chromium/docs/website/site/Home/chromium-security/education/index.md new file mode 100644 index 00000000000..62b474ff5e0 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/education/index.md @@ -0,0 +1,54 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: education +title: Education +--- + +Security is a core principle and shared responsibility for everyone contributing +to Chromium. Here are some docs that can help an engineer get ramped up to +Chrome-specific security best practices, pitfalls, or relevant background. Send +your comments, questions, or additional security education needs to +security-dev@chromium.org + +* [IPC Security + Tips](/Home/chromium-security/education/security-tips-for-ipc), a + thrilling read about how to avoid introducing an IPC vulnerability + and feature in the next + [Pwnium](http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html) + contest. +* Security tips for avoiding common vulnerabilities and abuse vectors + when [developing extensions and + apps](/Home/chromium-security/education/security-tips-for-crx-and-apps). +* [Everything you wanted to know about TLS/SSL in + Chrome](/Home/chromium-security/education/tls) +* If you are implementing a Chrome Extension/App API, read the + [security guidelines for Chrome Extension & App API + developers](https://docs.google.com/document/d/1RamP4-HJ7GAJY3yv2ju2cK50K9GhOsydJN6KIO81das/pub). +* Do not implement your own allocator. Custom allocators are a major + source of [security + vulnerabilities](https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=437). + Chrome's existing allocators (e.g. + [Tcmalloc](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/tcmalloc/chromium/src/&q=tcmalloc&sq=package:chromium), + [PartitionAlloc](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/wtf/PartitionAlloc.h&q=PartitionAlloc&sq=package:chromium&type=cs&l=1)) + and resillient to security issues. If you absolutely need to + implement some form of custom allocator, make sure to get a thorough + review from the security team. +* When manipulating buffers in trusted memory, do not implement your + own code for handling [integer + overflows](http://en.wikipedia.org/wiki/Integer_overflow#Security_ramifications), + truncations, or other integral boundary conditions. Instead use + [base/numerics](https://code.google.com/p/chromium/codesearch#chromium/src/base/numerics/&ct=rc&cd=1&q=base/numerics&sq=package:chromium) + templates which are already used in several parts of Chrome. The + following refernces are also good resources on integer security + issues: + * CERT C++ [Secure Coding + Standard](https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637). + * Mark Dowd, John McDonald, Justin Schuh, [The Art of Software + Security Assessment: Identifying and Preventing Software + Vulnerabilities](http://www.amazon.com/Art-Software-Security-Assessment-Vulnerabilities/dp/0321444426/ref=sr_1_1?s=books&ie=UTF8&qid=1402949525&sr=1-1&keywords=The+Art+of+Software+Security+Assessment). + * Robert C. Seacord, [Secure Coding in C and + C++](http://www.amazon.com/Secure-Coding-Robert-C-Seacord/dp/0321335724). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/education/security-tips-for-crx-and-apps/index.md b/chromium/docs/website/site/Home/chromium-security/education/security-tips-for-crx-and-apps/index.md new file mode 100644 index 00000000000..b2398b7be6b --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/education/security-tips-for-crx-and-apps/index.md @@ -0,0 +1,121 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/education + - Education +page_name: security-tips-for-crx-and-apps +title: Security Tips for Developing CRX +--- + +*(Note: Content adapted from an [earlier blog post on this +topic](http://blog.chromium.org/2011/07/writing-extensions-more-securely.html).)* + +Chrome extensions (CRX) are powerful pieces of software in modern browsers, and +as such, you should help ensure that your extensions are not susceptible to +security exploits. If an attacker manages to exploit a vulnerability in a CRX, +they may gain access to the same privileges that the extension has. The Chrome +extensions system has a number of [built-in +protections](http://blog.chromium.org/2009/12/security-in-depth-extension-system.html) +to make it more difficult to introduce exploitable code, but certain coding +patterns can still introduce common web vulnerabilities like cross-site +scripting (XSS). + +## **Minimize your permissions** + +The most important thing to consider is whether you’re declaring the minimal set +of permissions that you need to function. That way, if you do have a security +bug in your code, the amount of permissions you’re exposing to the attacker is +minimal as well. Avoid requesting (\*/\*) permissions for hosts if you only need +to access a couple, and don’t copy and paste your manifest from example code +blindly. Review your manifest to make sure you’re only declaring what you need. +This applies to permissions like tabs, history, cookies, etc. in addition to +host permissions. For example, if all you’re using is +[chrome.tabs.create](http://code.google.com/chrome/extensions/tabs.html#method-create), +you don’t actually need the tabs permission. + +Another way of minimizing install time permissions is to use [optional +permissions](https://developer.chrome.com/extensions/permissions). Using +chrome.permissions API, you can request permissions only when you need them +during runtime. + +## **Use content_security_policy in your manifest** + +[Content Security +Policy](http://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html) +is supported in extensions via the +[content_security_policy](http://code.google.com/chrome/extensions/trunk/manifest.html#content_security_policy) +manifest field. This allows you to control where scripts can be executed, and it +can be used to help reduce your exposure to XSS. For example, to specify that +your extension loads resources only from its own package, use the following +policy: +"content_security_policy": "default-src 'self'" +If you need to include scripts from specific hosts, you can add those hosts to +this property. + +## **Don’t use <script src> with an HTTP URL** + +When you include javascript into your pages using an HTTP URL, you’re opening +your extension up to man-in-the-middle (MITM) attacks. When you do so in a +content script, you have a similar effect on the pages you’re injected into. An +attacker on the same network as one of your users could replace the contents of +the script with content that they control. If that happens, they could do +anything that your page can do. +If you need to fetch a remote script, always use HTTPS from a trusted source. + +## **Don’t use eval()** + +The eval() function is very (too!) powerful, and you should avoid using it +unless absolutely necessary. Where did the code come from that you passed into +eval()? If it came from an HTTP URL, you’re vulnerable to a MITM attack. If any +of the content that you passed into eval() is based on content from a random web +page the user visits, you’re vulnerable to content escaping bugs. For example, +let’s say that you have some code that looks like this: +function displayAddress(address) { // address was detected and grabbed from the +current page +eval("alert('" + address + "')"); +} +If it turned out that you had a bug in your parsing code, the address might wind +up looking something like this: +'); dosomethingevil(); +There’s almost always a better alternative to using eval(). For example, you can +use JSON.parse if you want to parse JSON (with the added benefit that it runs +faster). + +## **Don’t use innerHTML or document.write()** + +It’s really tempting to use innerHTML because it’s much simpler to generate +markup dynamically than to create DOM nodes one at a time. However, this sets +you up for XSS bugs. For example: +function displayAddress(address) { // address was detected and grabbed from the +current page +myDiv.innerHTML = "<b>" + address + "</b>"); +} +This would allow an attacker to make an address like the following and once +again run some script in your page: +<script>dosomethingevil();</script> +Instead of innerHTML, you can manually create DOM nodes and use innerText to +insert dynamic content. + +## **Beware of external content** + +In general, if you’re generating dynamic content based on data from outside of +your extension (such as something you fetched from the network, something you +parsed from a page, or a message you received from another extension, etc.), you +should be extremely careful about how you use and display it. If you use this +data to generate content within your extension, you might be opening your users +up to increased risk. + +## **Additional Resources** + +* Additional security tips and examples for Content Scripts in our + [Extension Developer + Docs](https://developer.chrome.com/extensions/content_scripts.html#security-considerations) +* [Advanced Chrome Extension Exploitation Leveraging API powers for + Better + Evil](http://kyleosborn.com/bh2012/advanced-chrome-extension-exploitation-WHITEPAPER.pdf) + (by krzysztof@kotowicz.net and kos@kos.io) +* [Security guidelines for Chrome Extension & App API + developers](https://docs.google.com/document/d/1RamP4-HJ7GAJY3yv2ju2cK50K9GhOsydJN6KIO81das/pub) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/education/security-tips-for-ipc/index.md b/chromium/docs/website/site/Home/chromium-security/education/security-tips-for-ipc/index.md new file mode 100644 index 00000000000..c42772419b7 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/education/security-tips-for-ipc/index.md @@ -0,0 +1,219 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/education + - Education +page_name: security-tips-for-ipc +title: Security Tips for IPC +--- + +**Note: This document is for legacy IPC. For Mojo IPC, please refer to +** + +**The [Integer Semantics section has moved to Markdown +too](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/integer-semantics.md).** + +Chrome's[inter-process communication +(IPC)](http://www.chromium.org/developers/design-documents/inter-process-communication) +layer is the communication channel supporting our [multi-process +architecture](http://www.chromium.org/developers/design-documents/multi-process-architecture). +Security bugs in IPC can have [nasty +consequences](http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html), +but sticking to these tips should help you avoid most pitfalls. Questions, +feedback, or suggestions to security@chromium.org. + +**[TOC]** + +## Trust only the browser process. + +**Generally, privileged processes must set all policy. In Chromium, this means +the browser process. "Policy" means: sizes, addresses, object names, filesystem +pathnames, permissions/ACLs, specific implementations of interfaces, etc. In +practice, this is how it should work:** + + ******Unprivileged process asks for capability.****** + + ******Privileged process applies policy to find an implementation for the + capability.****** + + ******Unprivileged process receives it and performs constrained operations + on it.****** + + ******Privileged process owns the capability lifecycle.****** + +## **Do not trust renderer, PPAPI, or GPU processes.** + +IPC messages from the renderers must be viewed with the same skepticism as one +would apply to user input. These messages are untrustworthy input. + +## Sanitize and validate untrustworthy input. + +If you're handling filenames or paths derived from untrustworthy input, make +sure to avoid [directory traversal +attacks](http://en.wikipedia.org/wiki/Directory_traversal_attack) by sanitizing +(e.g. by using a FilePath rather than a string, because FilePath implicitly +checks for ".." traversal sequences and other unanticipated platform behavior) +and ensuring the resulting path is within your base directory. + +To construct a valid pathname, apply a function like FilePath::BaseName() to the +untrustworthy pathnames; now it's a basename for sure, and not a full pathname +or a sneaky trick. Then prefix the basename with a static directory name. Also +apply simple, "obviously-correct" lexical checks such as an RE match for +/^\\w{8,16}$/. + +## Allowing is better than blocking. + +If you know the full set of valid data, then compare against that rather than +checking for occurrences of known-bad data. + +## **Safely handle known-bad input.** + +When validating untrustworthy input, don't simply use CHECK. We do not want the +input validation mechanism to become an easy way for a malicious renderer to +kill the browser process. It's usually better to ignore the bad input, or for +the privileged process to immediately kill the sender of invalid inputs. + +To terminate a malfunctioning IPC sender, see +BrowserChildProcessHostImpl::TerminateOnBadMessageReceived. + +## **Use and validate specific, constrained types; let the compiler work for you.** + +Use the most specific data type you can to enable the type system to do part of +your data validation. In other words, do you really need to use a string? Using +more constrained types (e.g. primitives, enum, GURL instead of std::string that +is "supposed to be a URL", etc.) lets the compiler do the type checking for you +and leads to faster, often smaller, and safer code that is easier for +maintainers and reviewers to understand. The most common pattern we see +violating this is unnecessary use of strings, which are essentially "blob types" +that are often slow (copying, lexing/parsing, used as keys in maps), and "vague" +in API contracts. The caller has to know how the callee is going to parse the +string, and the callee has to parse and validate it correctly (see the next +section). + +Some other specific tips: + +* Use integer types for ids (e.g. audio device IDs: + ). +* Use pre-defined styles instead of allowing arbitrary CSS injection + with strings, which could lead to XSS (e.g. + ). +* If you must pass filesystem pathnames and path components over IPC, + use FilePath and check for path traversal using + FilePath::ReferencesParent. +* IPC_ENUM_TRAITS() is deprecated (it generates unchecked enums). + IPC_ENUM_TRAITS_MAX_VALUE and friends in ipc/param_traits_macros.h + can help you make a constrained enum. Keep in mind that it takes the + range min..max *inclusive*. + +More generally, don't implement your own serialization mechanism +(std::vector<char>, protobufs) on top of the Chrome IPC system. Break up +your structs and use the primitives provided by Chrome IPC. + +## **Keep it simple.** + +**Send limited capabilities (e.g. file descriptors -but not directory +descriptors-), not open-ended, complex objects (e.g. pathnames). For example, to +write a temporary file, the renderer should ask the browser for a file +descriptor/HANDLE; the browser should create one entirely according to its own +policy; and then the browser should pass the descriptor to the renderer.** + +## Be aware of the subtleties of integer types. + +First read about the scary security implications of[ integer arithmetic. +](http://en.wikipedia.org/wiki/Integer_overflow)Adhere to these best practices: + +* **Use unsigned types for values that shouldn't be negative or where + defined overflow behavior is required.** +* Use explicitly sized integer types, such as int32, int64, or uint32, + since sender and receiver could potentially use different + interpretations of implicit types. +* Use the integer templates and cast templates in + [base/numerics](https://code.google.com/p/chromium/codesearch#chromium/src/base/numerics/) + to avoid overflows, *especially when calculating the size or offset + of memory allocations.* + +## **Be aware of the subtleties of integer types across C++ and Java, too.** + +When writing code for Chromium on Android, you will often need to marshall +arrays, and their sizes and indices, across the language barrier (and possibly +also across the IPC barrier). The trouble here is that the Java integer types +are well-defined, but the C++ integer types are whimsical. A Java int is a +signed 32-bit integer with well-defined overflow semantics, and a Java long is a +signed 64-bit integer with well-defined overflow semantics. in C++, only the +explicitly-sized types (e.g. int32_t) have guaranteed exact sizes, and only +unsigned integers (of any size) have defined overflow semantics. + +Essentially, Java integers *actually are* what people often (incorrectly) +*assume* C++ integers are. Furthermore, Java Arrays are indexed with Java ints, +whereas C++ arrays are indexed with size_t (often implicitly cast, of course). +Note that this also implies a 2 Gig limit on the number of elements in an array +that is coming from or going to Java. That Should Be Enough For Anybody, but +it's good to keep in mind. + +You need to make sure that every integer value survives its journey across +languages intact. That generally means explicit casts with range checks; the +easiest way to do this is with the base::checked_cast cast or +base::saturated_cast templates in +[safe_conversions.h](https://code.google.com/p/chromium/codesearch#chromium/src/base/numerics/safe_conversions.h). +Depending on how the integer object is going to be used, and in which direction +the value is flowing, it may make sense to cast the value to jint (an ID or +regular integer), jlong (a regular long integer), size_t (a size or index), or +one of the other more exotic C++ integer types like off_t. + +## **Don't leak information, don't pass information that would be risky to use.** + +**In particular, don't leak addresses/pointers over the IPC channel, either +explicitly or accidentally. (Don't defeat our +[ASLR](http://en.wikipedia.org/wiki/Address_space_layout_randomization)!) Worse: +sending pointers over the IPC is almost certainly a sign of something very wrong +and could easily lead to memory corruption.** + +Do not pass child_id, that is [the ID of child processes as viewed by the +browser](https://code.google.com/p/chromium/codesearch#chromium/src/content/common/child_process_host_impl.h&l=54) +(which are not the same as the OS PIDs), from the browser via IPC. This +construct is risky because it would be tempting to send back this ID to the +browser and mistakenly use it as an authentication token, which it is not. + +## **Avoid Unsafe (Common) Coding Patterns** + +* Avoid accessing underlying string or array data via + std::string::c_str or std::vector::data. If you do, make sure to + stay in bounds. Note that std::string::operator\[\] and + std::vector::operator\[\] are not required to do bounds checking. +* Databases: When storing together both user data and metadata, make + sure that the renderer can't directly read/write metadata via some + sort of corrupted access of user data. +* Databases: Assume that the database might be corrupted. Integers + might have become large or negative, filesystem paths might have + changed to "../../../../etc/passwd", etc. Do some validation. +* Don't validate inputs with DCHECKs (and WebKit ASSERTs) in the + high-privilege process that fail with invalid input from the + lower-privilege process. Instead, explicitly validate each input and + fail fast on any invalid input. Using the macros alone leads to a + false sense of security since they aren't compiled into release + builds. +* Be careful with shared memory mappings (specifically tracking their + sizes on either side of the IPC channel). Do not store and trust + sizes on one side of the channel. Avoid specifying the size when + calling Map. +* Keep serializers/deserializers within ParamTraits Read and Write + methods. +* If your design requires you to serialize a structure into a string + you are doing it wrong. Look at the IPC_STRUCT_ macros. +* Use ReadLength wherever possible in deserializers instead of + ReadInt, et c. +* Avoid using ReadData within deserializers. If your design requires + this it is almost certainly wrong. +* Remember that, when specifying an ID in a message, a compromised + process on the less privileged end can can specify another valid ID. + Code should not assume that objects looked up by ID match other + local state. + +## What About Mojo? + +The underlying principles are exactly the same whether reviewing a Mojo-based CL +vs. a Chromium IPC CL. A short presentation can be found at + \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/education/tls/index.md b/chromium/docs/website/site/Home/chromium-security/education/tls/index.md new file mode 100644 index 00000000000..28e09fc0fd8 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/education/tls/index.md @@ -0,0 +1,349 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/education + - Education +page_name: tls +title: TLS / SSL +--- + +Data delivered over an unencrypted channel (e.g. HTTP) is insecure, +untrustworthy, and trivially intercepted. **TLS can help!** + +[TOC] + +## What's TLS? + +TLS (also known as SSL) is the industry standard for providing communication +security over the Internet. + +### **What security properties does TLS give me?** + +TLS guarantees identification, confidentiality, and integrity between a client +(a computer) and a server. + +* Server identification means that the user is talking to the right + server — i.e., your bank's server, and not someone on the network + pretending to be your bank's server. +* Confidentiality (via encryption) ensures that no one with access to + the data going over the connection can understand the contents of + the communication. +* Integrity means that no one can tamper with the data in transit. + +In other words, TLS ensures that a [Man-in-the-Middle +(MitM)](/Home/chromium-security/education/tls) can't snoop or tamper with an +Internet connection between a user and website. A [man-in-the-middle +(MiTM)](http://en.wikipedia.org/wiki/Man-in-the-middle_attack) is a term used to +describe a third party that can passively monitor and/or actively tamper with a +connection between two unknowing parties. A MiTM attacker relays messages +between two parties, making them believe that they are talking directly to each +other, when in fact the entire conversation is controlled by the attacker. + +MiTM attacks happen in real life! Here are some recent examples: + +* Opportunistic attacks on wifi networks are easy to conduct via + freely available tools like + [sslstrip](http://www.thoughtcrime.org/software/sslstrip/) or + [firesheep](http://codebutler.com/firesheep/) +* [NSA MiTM monitoring](https://www.eff.org/nsa-spying) of email, + chat, and other Internet communication +* [ISPs collecting + data](http://www.dslreports.com/shownews/Bell-Dramatically-Ramps-Up-Consumer-Data-Collection-Efforts-126375) + via MiTM sniffing for marketing purposes +* [ISPs modifying web + pages](http://arstechnica.com/tech-policy/2013/04/how-a-banner-ad-for-hs-ok/) + (adding ads) via MiTM tampering +* Chinese hackers [targeting + github](https://en.greatfire.org/blog/2013/jan/china-github-and-man-middle) + +### **What security properties does TLS *not* give me?** + +TLS only protects the connection between your computer and the server. It does +not protect data on the client or data on the server. This means: + +* If malware is installed on your computer, it will be able to see and + modify your web traffic. +* If your system administrator has installed local trust anchors or a + local proxy (for example, on a company computer), then the system + administrator may be able to see and modify your web traffic. +* If malware is installed on the server, your data on the server may + be at risk. +* TLS does not stop compromised or rogue servers from trying to + install malware on your computer. Instead, [Google Safe + Browsing](https://www.google.com/transparencyreport/safebrowsing/) + scans websites and files for signs of malware. If Google Safe + Browsing flags a website or file as malicious, you will see a + separate malware warning for the website or file. This is unrelated + to TLS. + +## **TLS in Chrome** + +### **HTTP Strict Transport Security (HSTS)** + +HSTS is a mechanism enabling web sites to declare themselves accessible only via +secure connections and/or for users to be able to direct their user agent to +interact with given sites only over secure connections. Chrome supports HSTS and +comes preloaded with a set of domains that use HSTS by default. More details, +including how to add a site to Chrome's preloaded HSTS list, [here](/hsts). + +### **Certificates** + +TLS relies on websites serving authenticated (X.509) certificates to prove their +identities, which prevents an attacker from pretending to be the website. +Certificates bind a public key and an identity (commonly a DNS name) together +and are typically issued for a period of several years. Ensure that your CA +gives you a SHA-256 certificate, as SHA-1 certificates are deprecated (see +below). + +#### **Certificate Pinning** + +Chrome has HTTPS "pins" for most Google properties — i.e. certificate chains for +Google properties must have a explicitly listed public key, or it will result in +a fatal error. This feature helped Google [detect a widespread MITM attack to +Gmail users in +2011](http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html). +You can read more about pinning +[here](https://www.imperialviolet.org/2011/05/04/pinning.html). There's also an +[Internet-Draft for HTTP-based public key +pinning](http://tools.ietf.org/html/draft-ietf-websec-key-pinning). + +#### **Certificate Revocation** + +Sometimes events occur that invalidate the binding of public key and name, and +the certificate needs to be revoked. For example, a [major flaw in the +implementation of OpenSSL](http://heartbleed.com/) left site operators' private +key vulnerable to theft, so operators needed to invalidate their certificates. +Revocation is the process of invalidating a certificate before its expiry date. +Chrome uses [CRLSets](https://www.imperialviolet.org/2012/02/05/crlsets.html) to +implement certificate revocation. You can read about the how and why of Chrome's +certificate revocation in our [Security +FAQ](/Home/chromium-security/security-faq). + +#### **Certificate Errors** + +If there is an error in the certificate, Chrome can’t distinguish between a +configuration bug in the site and a real MiTM attack, so Chrome takes proactive +steps to protect users. + +If a site has elected to use HSTS, all certificate errors are fatal. Certificate +pinning errors are also fatal. Otherwise, users are shown a full-screen warning +interstitial they can elect to bypass. + +### Cipher Suites + +TLS connections negotiate a *cipher suite* which determines how data is +encrypted and authenticated. Server products typically leave configuring this to +the administrator. Many cipher suites available in TLS are obsolete and, while +currently supported by Chrome, are not recommended. If an obsolete cipher suite +is used, Chrome may display this message when clicking the lock icon: + +> *“Your connection to example.com is encrypted with obsolete cryptography.”* + +To avoid this message, use TLS 1.2 and prioritize an ECDHE cipher suite with +AES_128_GCM or CHACHA20_POLY1305. Most servers will wish to negotiate +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. + +### **Deprecated and Removed Features** + +#### SHA-1 Certificate Signatures + +You may see this message when you click on the lock icon in Chrome: + +> *"This site uses a weak security configuration (SHA-1 signatures), so your +> connection may not be private."* + +This means that the certificate chain for the current page is contains a +certificate using a SHA-1-based signature, which is +[outdated](https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html) +and [deprecated in +Chrome](https://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html). +There are two criteria that determine which lock icon is shown in Chrome: + +* the **expiration date of the leaf certificate** and +* whether there is a **SHA-1-based signature in the certificate + chain** (leaf certificate OR intermediate certificate). + +Note that the expiration dates of the intermediate certificate do not matter. +Also, SHA-1-based signatures for root certificates are not a problem because +Chrome trusts them by their identity, rather than by the signature of their +hash. +Starting in Chrome 42, the following logic applies: + +* If a leaf certificate **expires in 2016** and the chain **contains a + SHA-1 signature**, the page will be marked as "secure, but with + minor errors" (yellow icon). +* If a leaf certificate **expires in 2017 or later** and the chain + **contains a SHA-1 signature**, the page will be treated as + "affirmatively insecure" (red icon). + +Note that this use of SHA-1 is not related to TLS message authentication (*“The +connection is using \[cipher\], with HMAC-SHA1 for message authentication.”*). + +Please see [this page](/Home/chromium-security/education/tls/sha-1) for more +details on deprecation dates and private enterprise PKIs. + +#### Weak Ephemeral Diffie-Hellman Key Exchange (ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY) + +Chrome requires a minimum DHE group size of 1024-bits. See [this +announcement](https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/WyGIpevBV1s) +and [this +page](https://support.google.com/chrome/answer/6098869?p=dh_error&rd=1#DHkey) +for more details. Affected sites will fail to load with +ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY. + +#### SSLv3 + +SSLv3 is no longer supported in Chrome. See [this +announcement](https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/Vnhy9aKM_l4) +for more details. + +#### RC4 + +Chrome will remove support for the RC4 cipher in a future release around January +or February 2016. Server operations should tweak their configuration to support +other cipher suites. If available, TLS 1.2 with +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is recommended. See [this +announcement](https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/kVfCywocUO8) +for more details. + +#### Insecure Version Fallback (ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION) + +Historically, some buggy servers have required an insecure version fallback to +function. This has been partially removed in Chrome and will be fully removed at +a later date. See [this +announcement](https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/F6ZjP6FnyRE/bK7TKtvnHYsJ) +for more details. Affected sites will fail to load with +ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION. + +### **TLS Resources for Developers and Site Operators** + +#### TLS Myths + +#### **The only security guarantee TLS provides is confidentiality.** + +When properly deployed, TLS provides three guarantees: **authentication of the +server**, **data integrity** (tamper-evidence), and **data confidentiality**. +People often think TLS and HTTPS only apply in threat scenarios where data +confidentiality is needed, but in fact they apply when any (or, most often, all +3) guarantees are beneficial. + +* Authentication and integrity: The authors and readers of a news site + want the news to be the true news that the authors intended. (See + [the *New York Times*’ statement about + this](http://open.blogs.nytimes.com/2014/11/13/embracing-https/).) +* Authentication and integrity: The users of a financial information + site very much need the facts and figures to be true. +* Confidentiality: You could be just browsing the web, and a pervasive + passive monitor could use this to build a profile of you, to track + your related experiences on a variety of sites, to cross-reference + your interactions, and then declare you a “threat” for otherwise + benign interactions. +* Confidentiality: You might be reading an article on reproductive + health or religious beliefs that are contrary to local norms. + Revealing this information could get you in “trouble”, for some + definition of trouble. +* Integrity: You could be reading a website supported by advertising, + but that advertising might be rewritten to credit the attacker, + rather than the site you're reading. Over time, the site you're + reading may need to shut down, because all of their revenue has been + stolen by attackers. +* Integrity: You could be reading a blog, but which an attacker + changes the content to suggest the blogger is endorsing or holding + views contrary to what they really hold. + +**My site doesn't need TLS. I'm not a bank.** + +More people are connected to the web than ever before and from more places and +more devices (laptops, phones, tablets, and [other +things](http://en.wikipedia.org/wiki/Internet_of_Things)). Very often, this +access is over untrusted or hostile networks. Data delivered over a clear text +protocol, like HTTP, is insecure, untrustworthy, and trivially intercepted. +Neither the user / user-agent nor the web server / application can trust that +the data was not tampered with or snooped by some third party - that's a +terrible situation for both users and web site operators! + +With so much of people's lives moving online, it’s imperative developers take +steps to protect their sites' and users' data, which can even include the *mere +usage* of a web site. By analyzing and correlating the sites and pages a user +visits, observers like schools, ISPs, and governments can learn quite a bit +about a user that the user would wish to keep confidential, such as a users' +sexual orientation +() +or physical location +(). + +#### **TLS is too slow.** + +Historically, TLS used to have a significant performance on web applications. +So, [istlsfastyet.com](http://istlsfastyet.com/)? (Spoiler: Yes!) Check out + for more details and a performance checklist. + +#### TLS is too expensive. + +[The Let’s Encrypt project](https://letsencrypt.org/) offers free certificates. + +[SSLs.com offers certificates for a very low price](https://www.ssls.com/), as +low as $5. + +[SSLmate.com is cheap and easy to use](https://sslmate.com/) — you can buy +certificates from the command line. + +#### TLS is a privacy / security silver bullet. + +TLS does ==not== guarantee perfect privacy or solve all security problems. + +For example, when used to secure HTTP traffic (i.e. HTTPS), we’re piggybacking +HTTP entirely on top of TLS. This means the entirety of the HTTP protocol can be +encrypted (request URL, query parameters, headers, and cookies), however, +because host IP addresses and port numbers are necessarily part of the +underlying TCP/IP protocols, a third party can still infer these. Also, while +you can’t infer the contents of the communication, you can infer the amount and +duration of the communication. For specific applications, it’s been demonstrated +that this can leak useful information for an attacker, and services have added +padding to counter the timing or pattern analysis. + +The identity of the site you are visiting is still (unfortunately) pretty +visible to passive eavesdroppers. For example, the IP addresses of client and +server are shown in the clear on the network, and the hostname(s) of the sites +you are visiting are transmitted in the clear in DNS requests, in the [Server +Name Indication portion of a TLS +handshake](http://en.wikipedia.org/wiki/Server_Name_Indication), and in the +server's certificate(s). +Also, since TLS is a transport protocol, attacks at other layers of the network +stack remain. In particular, IP-level threats (e.g. spoofing, SYD floods, DDoS +by data flood) are not protected and TLS doesn’t address common web application +vulnerabilities, like cross-site scripting or cross-site request forgery. + +### Common Pitfalls + +#### Deploying TLS + +SSL Labs puts out a great [Deployment Best Practice +Guide](https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices) +that should help site operators avoid the most common deployment mistakes. You +can also test your setup via . + +#### Mixed Content (HTTP / HTTPS) Vulnerabilities + +A mixed content vulnerability refers to a page served over HTTPS that includes +content served over HTTP, making the page vulnerable to MitM attacks. This is +especially problematic when the HTTP resources are active content (e.g. +Javascript, plug-in content, CSS, or iframes). To protect users, Chrome will +block mixed-content iframes, Javascript, CSS and plug-in loads by default. So +beyond the security risk, mixed content bugs may degrade your page for users in +unintended ways. +To fix mixed content issues, make sure that all the resources loaded by an HTTPS +page are also sent over HTTPS. If the resources are available on the same +domain, you can use hostname-relative URLs (e.g. <img +src="something.png">). You can also use scheme-relative URLs (e.g. <img +src="//example.com/something.png">) — the browser will use the same scheme as +the enclosing page to load these subresources. If the server does not serve +these resources over HTTPS, you may have to serve them from elsewhere or enable +HTTPS on that server. + +You may also want to consider the +[upgrade-insecure-requests](http://www.w3.org/TR/upgrade-insecure-requests/) CSP +directive. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/education/tls/sha-1/index.md b/chromium/docs/website/site/Home/chromium-security/education/tls/sha-1/index.md new file mode 100644 index 00000000000..356c2570ec4 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/education/tls/sha-1/index.md @@ -0,0 +1,73 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/education + - Education +- - /Home/chromium-security/education/tls + - TLS / SSL +page_name: sha-1 +title: A further update on SHA-1 certificates in Chrome +--- + +We’ve previously made +[several](https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html)[ +announcements](https://security.googleblog.com/2015/12/an-update-on-sha-1-certificates-in.html) +about Google Chrome's deprecation plans for SHA-1 certificates. This post +provides an update on the final removal of support. + +The SHA-1 cryptographic hash algorithm first [showed signs of +weakness](https://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html) +over eleven years ago and [recent research](https://eprint.iacr.org/2015/967) +points to the imminent possibility of attacks that could directly impact the +integrity of the Web PKI. To protect users from such attacks, Chrome will stop +trusting certificates that use the SHA-1 algorithm, and visiting a site using +such a certificate will result in an interstitial warning. + +Release schedule + +We are planning to remove support for SHA-1 certificates in Chrome 56, which +will be released to the stable channel [around the end of January +2017](/developers/calendar). The removal will follow the [Chrome release +process](/getting-involved/dev-channel), moving from Dev to Beta to Stable; +there won't be a date-based change in behaviour. + +Website operators are urged [to check](https://www.ssllabs.com/ssltest/) for the +use of SHA-1 certificates and immediately contact their CA for a SHA-256 based +replacement if any are found. + +SHA-1 use in private PKIs + +Previous posts made a distinction between certificates which chain to a public +CA and those which chain to a locally installed trust anchor, such as those of a +private PKI within an enterprise. We recognise there might be rare cases where +an enterprise wishes to make their own risk management decision to continue +using SHA-1 certificates. + +Starting with [Chrome +54](https://googlechromereleases.blogspot.com/2016/10/stable-channel-update-for-desktop.html) +we provide the +[EnableSha1ForLocalAnchors](/administrators/policy-list-3#EnableSha1ForLocalAnchors)[ +policy](https://support.google.com/chrome/a/answer/187202) that allows +certificates which chain to a locally installed trust anchor to be used after +support has otherwise been removed from Chrome. Features which[ require a secure +origin](/Home/chromium-security/deprecating-powerful-features-on-insecure-origins), +such as geolocation, will continue to work, and SHA-1 client certificates will +still be presented to websites requesting client authentication, however pages +will be displayed as “neutral, lacking security”. Without this policy set, SHA-1 +certificates that chain to locally installed roots will not be trusted starting +with Chrome 57, which will be released to the stable channel in March 2017. + +Since this policy is intended only to allow additional time to complete the +migration away from SHA-1, it will eventually be removed in the first Chrome +release after January 1st 2019. + +As Chrome makes use of certificate validation libraries provided by the host OS +when possible, this option will have no effect if the underlying cryptographic +library disables support for SHA-1 certificates; at that point, they will be +unconditionally blocked. We may also remove support before 2019 if there is a +catastrophic cryptographic break of SHA-1. Enterprises are encouraged to make +every effort to stop using SHA-1 certificates as soon as possible and to consult +with their security team before enabling the policy. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/enamel/goals-for-the-origin-info-bubble/index.md b/chromium/docs/website/site/Home/chromium-security/enamel/goals-for-the-origin-info-bubble/index.md new file mode 100644 index 00000000000..c82f324b470 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/enamel/goals-for-the-origin-info-bubble/index.md @@ -0,0 +1,208 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/enamel + - Security UX +page_name: goals-for-the-origin-info-bubble +title: Goals For The Origin Info Bubble +--- + +## Introduction + +This is the Origin Info Bubble (OIB): + +pib.png + +As you can see, it has a lot of stuff in it, with 2 tabs to hold 2 (arguably 3: +site data, permissions, and connection state) broad categories of information +and controls about what the origin is and what it can do. + +We are pretty sure the OIB does not show all and only the information and +controls that users need to understand and control an origin. + +I believe the purpose of the OIB is to allow users to understand and control the +origin. It was previously called the Page Info Bubble (PIB), but in this +document I’ll use the more accurate name. + +Since the OIB is the primary UI surface for control of an origin’s power, it +enables the increased appification of the web platform. It is thus very +important that we make it readily understandable and usable. See also +. + +## Possible Goals + +One can imagine the OIB serving a variety of purposes, including at least +display or control of: + + Information about the permissions/capability grants/special powers an origin + has + + Information about the transport security state of the origin + + Authenticated + confidential; partially authenticated + confidential; + unauthenticated or broken authentication or not confidential + + If authenticated: the certificate chain + + Or a control to launch the certificate viewer or other + developer/operator debugging information + + If authenticated: extra authentication information + + Certificate Transparency status + + Key pinning information + + Controls to set user-defined authentication policy: + + Accept this certificate + + Pin to the key(s) in this certificate chain + + … + + The origin’s name + + Historical context for the user’s past interaction with the origin + + # times visited in some period + + downloads + + bookmarks + + when or how often the origin has invoked powerful grants/APIs + + … + + Data the browser is storing locally for the origin + + cookies + + LocalStorage + + … + + Summary (storage quota, et c.) + + Processes the browser is running locally for the origin + + Service Workers + + Geofences + + Total/average/peak battery cost of this origin + + … + + Which extensions (if any) can access the origin + + Others? Surely I’m forgetting something. + +Obviously there’s no way we can really show/afford control of all that +information. That is especially true on small screens, but even on a large +screen it would be a crowded and overwhelming interface. (It already is.) +Therefore, we have to pick the most important and contextually-relevant +information and controls. + +We could and should choose what to show in the OIB based on context. For +example, we could only show those grants that differ from the profile-wide +defaults; we might never show certain marginal grants or content settings in the +OIB; we might treat local storage quotas as a grant (iff the origin is about to +exceed some profile-wide default); and so on. + +## Non-Goals + +It is a non-goal to show all possible information and controls about an origin +in the OIB. We are assuming, probably correctly, that the OIB cannot be both +complete and usable. Since the OIB is so important, we should trade off in favor +of usability over completeness where there is a conflict. + +## Current Goals + +This section describes the current goals for Chrome on desktop platforms +(including ChromeOS, but possibly not Athena). For information about the OIB on +non-desktop platforms, see [Non-Desktop +Platforms](https://docs.google.com/document/d/12PoBVo0D331RqnzVJwI8zbFU1hMs-ZcXcjqqwkG-6nc/edit#heading=h.fumazaednf88), +below. + +### Show The Origin Name + +We should use the OIB to show the origin name in an unambiguous, +human-meaningful way. (As described in [Presenting Origins To +Users](http://www.chromium.org/Home/chromium-security/enamel).) + +For origins whose hostnames have many labels we should show at least the +effective TLD + 1 label. (We call this “eTLD + 1”.) For example if the full +hostname is “a.b.c.pants.shoes.socks.wrists.co.jp” the eTLD (as determined by +the [Public Suffix List](https://publicsuffix.org/)) is co.jp; that + 1 label +(“wrists”) yields “wrists.co.jp”. Although not technically exact — +a.b.c.pants.shoes.socks.wrists.co.jp is distinct from +a.b.c.skirts.shoes.socks.wrists.co.jp — eTLD + 1 strikes a reasonable balance +between correctness and understandability. + +For origins whose hostnames are very long, due to a proliferation of labels or +of extremely long labels, we should again the show eTLD + 1. If there is not +room enough to show eTLD + 1, we should label the origin as possibly phishy +and/or having broken authentication. (Rationale: Even if the authentication is +perfectly good from a certificate or cryptographic perspective, it’s not good +enough if we can’t show it to users on the screen.) + +### Show The Summarized Origin Security State + +We assume that only developers and operators are likely to be interested in the +page-load’s complete security state. + +The complete security state of a page-load is: + + X.509 certificate chain; + + Certificate Transparency status; + + TLS and X.509 cryptographic parameters; and + + key pinning status. + +Since the OIB should be a primary UX surface for normal users, it should show +only: + + a tri-state security indicator (“Good”: authenticated + confidential; + “Dubious”: partially authenticated + confidential; “Bad”: unauthenticated or + broken authentication or not confidential); and + + a control to launch a full view of the security state. + +The full view of the security state must show the complete security state as +defined above. It may also afford users control over key pinning and HSTS policy +(currently available only in chrome://net-internals/#hsts) and control over +trust in invalid certificate chains (as becomes necessary when a user opts to +proceed through a CERT_INVALID warning). + +### Afford Control Of The Origin’s Special Grants + +By special grants, I mean grants that the user has affirmatively changed from +the profile-wide defaults. + +Note that if the profile-wide defaults change — because the user changed them in +chrome://settings/content or some future equivalent interface — then previously +“non-special” grants become effectively special, and we should consider showing +them in the OIB. For example, in a fresh profile the default grant for +geolocation is Ask. If a user visits maps.google.com and opts to Always give +that origin full access to the geolocation API, maps.google.com now has a +special grant. Assuming the user has not changed it, +[www.bing.com](http://www.bing.com) has the default grant and we might not show +it in the OIB. If the user later changes the default to always allow origins +full access to the geolocation API, the special grant to maps.google.com becomes +effectively non-special, and we might choose not to show it in the OIB. The +default grant to [www.bing.com](http://www.bing.com) remains non-special (even +though the actual grant has changed), and we might choose to continue not to +show it in the OIB. + +Full control over all grants to the origin probably cannot fit in the OIB. +Therefore it should be relegated to a secondary interface such as +chrome://settings/content (or some future equivalent interface). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/enamel/index.md b/chromium/docs/website/site/Home/chromium-security/enamel/index.md new file mode 100644 index 00000000000..42eca1f574a --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/enamel/index.md @@ -0,0 +1,181 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: enamel +title: Security UX +--- + +Online security is more than just eliminating buffer overflows from software. +One of our biggest security challenges is helping people make safe decisions +while they surf the web. Here are some of the things we're doing to make +security on the web easier for everyone — both people who use browsers and web +apps, and web app developers. Some of these points are discussed in more detail +in [Improving Chrome’s Security +Warnings](https://docs.google.com/presentation/d/16ygiQS0_5b9A4NwHxpcd6sW3b_Up81_qXU-XY86JHc4/edit?usp=sharing) +by Adrienne Porter Felt. + +[TOC] + +## Anti-malware + +### Malicious Websites + +Malicious or compromised websites try to attack visitors. To protect people from +these threats, Chrome uses [Safe +Browsing](/developers/design-documents/safebrowsing) to identify attack +websites. If Safe Browsing tells Chrome that a website is malicious, Chrome +shows a full-screen warning. Despite the fact that our warnings are rarely +wrong, people ignore the warnings nearly a fifth of the time. We are actively +running experiments with the goal of decreasing how many people ignore the +warnings. + +### Malware Downloads + +Shady websites also try to trick people into installing malicious programs on +their computers. By default, Chrome blocks known malware downloads. Chrome also +warns people about potentially dangerous files that have not been scanned; we +are trying to improve this generic warning with new security measures. For +example, we want to make it easier for people to view PDFs more safely without +needing to show warnings about PDFs. + +## Passwords And Phishing + +Password management is hard. Sometimes people choose weak passwords, re-use +passwords inappropriately, or type passwords into phishing websites. The browser +currently offers people minimal assistance in choosing good passwords or knowing +when to enter them. We're currently using [Safe Browsing to help warn people +about phishing pages](https://support.google.com/chrome/answer/99020?hl=en), but +we're also working on other ways to make authentication on the web easier and +safer. + +## Website Authentication + +Website authentication is paramount to online security. We know that current +HTTPS indicators and warnings are confusing, and they are often false positives. +The browser’s lack of confidence about the authenticity of a given TLS +connection forces it to offer people a choice that they are not likely to +understand, so we're working on ways to improve website authentication and +protect users from inadvertently visiting or interacting with sites they don't +intend to. Here are some of the things we're currently working on: + +* [HTTP Strict Transport Security (HSTS)](/hsts) adoption and + pre-loading +* Developing a standard for [SSL certificate public key + pinning](https://www.imperialviolet.org/2011/05/04/pinning.html) +* SSL evangelism, support, and other odds n' ends (e.g. ["got TLS?" + tech + talk](https://docs.google.com/presentation/d/1G1286W5_VdsBBJo9PjQ6uN78djFupO-Bn4RUlFu3Tng/edit), + [blocking HTTP basic + auth](http://blog.chromium.org/2011/06/new-chromium-security-features-june.html)) +* Making the warning more understandable + +Read more about TLS support in Chromium on [our TLS education +page](/Home/chromium-security/education/tls). + +## **Presenting Origins** + +The fundamental security boundary on the web is the +*[origin](https://code.google.com/p/browsersec/wiki/Part2)*, defined as the +tuple (*scheme*, *hostname*, *port*). For example, (https, www.example.com, +443). We must surface this boundary to people during browsing, in +permissions/capabilities dialogs, and so on, so that they can know whom they are +talking to. In particular, it is important to note that unauthenticated origins +(e.g. (http, www.example.com, 80)) are entirely observable and malleable by +attackers who can control the network (often, even just a little bit of control +is enough). + +Because people (including developers!) tend not to understand the concept of the +origin, but do tend to understand the concept of the hostname, we'd like to +simplify origin names when we can. Ideally we could reduce the origin name to +just the much more understandable hostname. For example, we could elide the +scheme or replace it with a meaningful icon, if doing so did not prevent people +from understanding whether or not an origin is authenticated. And if the port is +the default port for the given scheme, we can elide it, too. + +If the feature or behavior we are trying to protect is available *only* on +authenticated origins — which we strongly suggest — you could leave off the +scheme or the icon. Otherwise, it might be better to highlight the +non-authenticated nature of the origin when presenting it. + +In addition, we strongly recommend that UIs clearly mark unauthenticated origins +as such. + +A good utility function to use for presenting URLs in security decision contexts +is url_formatter::FormatUrlForSecurityDisplay. + +### Eliding Origin Names And Hostnames + +[image](/Home/chromium-security/enamel/origins.png) + +The effective top-level domain (eTLD) of a hostname is the TLD as found in the +[Public Suffix List](https://publicsuffix.org/) (PSL), which is not necessarily +guaranteed to be a single label like "com". Some eTLDs found in the PSL have +more than one label, e.g. .co.jp, and others are the names of web sites that +give out subdomains for user content and code from many sources, like +.appspot.com and .github.io. For many purposes, these multi-label names are +effectively TLDs, hence the name. + +At a minimum, we would like to show users the eTLD + 1 label, e.g. +pumpkins.co.jp, google.com, noodles.appspot.com, or example.org. Where possible, +it is best to show the entire hostname, however. If the hostname is too long, +and/or if it has too many labels underneath the eTLD, that may be a sign that it +is a phishing host. + +Although domain name labels are limited to 63 octets and the entire name is +limited to 255 octets (see , section +2.3.4), on small screens or small windows on large screens, even eTLD + 1 might +be too long. In such a case, we should elide from the left. for example, +www.reallyannoying.goats.example.com should display as "...oats.example.com" +instead of "www.reallyanno...". + +## Permissions + +The browser grants privileges to apps, extensions, and websites after asking the +person for permission. In some cases, the browser also uses status indicators to +indicate when an origin is accessing a granted permission. We currently don’t +have quantitative data on how well these pieces of UI work, but we have +anecdotal evidence suggesting they fail to capture people's attention and/or +explain the situation. Thus, they aren't being totally effective at achieving +their original purpose. This is what we're doing to improve things: + +* Creating experiments and collecting data to quantify how effective + Chrome's permissions systems are +* Designing new types of analyses to measure the threat of extensions, + apps, and websites +* Designing new ways to communicate permission information to end + users + +[Goals For The Origin Info +Bubble](/Home/chromium-security/enamel/goals-for-the-origin-info-bubble) +discusses a way to make permissions easier for people to manage. + +## **Usability Measurement Tools** + +Calculate the effective contrast ratio of text on its background: + + +Another contrast checking tool: [Contraster](https://gh.ada.is/contrast-widget/) + +Flesch-Kincaid (and other) readability calculator: + + +Simulate the effects of colorblindness: + and + + +## **Documents** + +* [Chrome Security UX (Enamel) Public + Folder](https://drive.google.com/open?id=0B6FmQe6bc6yVZ012REktU09NOEE&authuser=0) + * [Chrome Security + UI](https://docs.google.com/a/chromium.org/document/d/11-SXwzCGBlk8q1cNtb7peZjb2UjRPrKSFhOfZhTOz24/edit) +* [Security guidelines for Chrome Extension & App API + developers](https://docs.google.com/document/d/1RamP4-HJ7GAJY3yv2ju2cK50K9GhOsydJN6KIO81das/pub) + +If you are a Googler, you can access the folder of Google-internal Enamel +documents at [go/enamel-folder](https://goto.google.com/enamel-folder) (using +your corp account). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/enamel/origins.png.sha1 b/chromium/docs/website/site/Home/chromium-security/enamel/origins.png.sha1 new file mode 100644 index 00000000000..d2c870d728e --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/enamel/origins.png.sha1 @@ -0,0 +1 @@ +7692aba020ce591208f1a2a49ea45055a0af601b \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/enamel/permissions/index.md b/chromium/docs/website/site/Home/chromium-security/enamel/permissions/index.md new file mode 100644 index 00000000000..5c3735f75d8 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/enamel/permissions/index.md @@ -0,0 +1,21 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/enamel + - Security UX +page_name: permissions +title: Permissions +--- + +## Testing New Permissions + +It's important to test new permissions adequately to ensure they behave as +expected and regressions are caught. Features that have permissions tend to be +privacy or security sensitive and if there are circumstances where a malicious +website can access the feature without adequate user approval it can have a +particularly negative impact. Please see [Testing New +Permissions](https://docs.google.com/a/chromium.org/document/d/1daQk9A05T0BcSMO9KQQN8x0TdT2a23KqAkS7maIUJT0/edit?usp=drive_web) +for important test cases to consider when adding new permissions. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/enamel/restricting-iframe-permissions/index.md b/chromium/docs/website/site/Home/chromium-security/enamel/restricting-iframe-permissions/index.md new file mode 100644 index 00000000000..a50a0e6cf92 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/enamel/restricting-iframe-permissions/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/enamel + - Security UX +page_name: restricting-iframe-permissions +title: Restricting IFrame Permissions +--- + diff --git a/chromium/docs/website/site/Home/chromium-security/extension-content-script-fetches/index.md b/chromium/docs/website/site/Home/chromium-security/extension-content-script-fetches/index.md new file mode 100644 index 00000000000..20d0bf4327e --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/extension-content-script-fetches/index.md @@ -0,0 +1,352 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: extension-content-script-fetches +title: Changes to Cross-Origin Requests in Chrome Extension Content Scripts +--- + +*tl;dr: To improve security, cross-origin fetches will soon be disallowed from +content scripts in Chrome Extensions. Such requests can be made from extension +background pages instead, and relayed to content scripts when needed. **\[The +document has been edited on 2020-09-17 to reflect that CORS-for-content-scripts +has successfully launched in Chrome 85****.\]*** + +## Overview + +When web pages request cross-origin data with +[fetch](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API) or +[XHR](https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest) APIs, the +response is denied unless +[CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) headers allow it. +In contrast, extension content scripts have traditionally been able to [fetch +cross-origin data](https://developer.chrome.com/apps/xhr) from any origins +listed in their extension's +[permissions](https://developer.chrome.com/extensions/declare_permissions), +regardless of the origin that the content script is running within. As part of a +broader [Extension Manifest +V3](https://docs.google.com/document/d/1nPu6Wy4LWR66EFLeYInl3NzzhHzc-qnk4w4PX-0XMw8/edit?usp=sharing) +effort to improve extension security, privacy, and performance, these +cross-origin requests in content scripts will soon be disallowed. Instead, +content scripts will be subject to the same request rules as the page they are +running within. Extension pages, such as background pages, popups, or options +pages, are unaffected by this change and will continue to be allowed to bypass +CORS for cross-origin requests as they do today. + +Our data shows that most extensions will not be affected by this change. +However, any content scripts that do need to make cross-origin requests can do +so via an extension background page, which can relay the data to the content +script. We have a migration plan below to help affected extension developers +make the transition to the new model. + +## Problems with Cross-Origin Requests + +To prevent leaks of sensitive information, web pages are generally not allowed +to fetch cross-origin data. Unless a valid CORS header is present on the +response, the page's request will fail with an error like: + +> Access to fetch at 'https://another-site.com/' from origin +> 'https://example.com' has been blocked by CORS policy: No +> 'Access-Control-Allow-Origin' header is present on the requested resource. If +> an opaque response serves your needs, set the request's mode to 'no-cors' to +> fetch the resource with CORS disabled. + +Chrome has recently launched a new security feature called [Site +Isolation](https://developers.google.com/web/updates/2018/07/site-isolation) +which enforces this type of restriction in a more secure way. Specifically, Site +Isolation not only blocks the response, but prevents the data from ever being +delivered to the Chrome renderer process containing the web page, using a +feature called [Cross-Origin Read +Blocking](https://developers.google.com/web/updates/2018/07/site-isolation#corb) +(CORB). This helps prevent the data from leaking even if a malicious web page +were to attack a security bug in Chrome's renderer process, or if it tried to +access the data in its process with a [Spectre +attack](https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html). + +Content scripts pose a challenge for Site Isolation, because they run in the +same Chrome renderer process as the web page they operate on. This means that +the renderer process must be allowed to fetch data from any origin for which the +extension has permissions, which in many cases is *all* origins. In such cases, +Site Isolation would have less effectiveness when content scripts are present, +because a compromised renderer process could hijack the content scripts and +request (and thus leak) any data from the origins listed in the extension. +(Thankfully, this is not a problem for Spectre attacks, which cannot take +control of content scripts. It is a problem if an attacker can exploit a +security bug in Chrome's renderer process, though, allowing the attacker to +issue arbitrary requests as if they came from the content script.) + +To mitigate these concerns, future versions of Chrome will limit content scripts +to the same fetches that the page itself can perform. Content scripts can +instead ask their background pages to fetch data from other origins on their +behalf, where the request can be made from an extension process rather than a +more easily exploitable renderer process. + +## Planned Restrictions + +As described above, content scripts will lose the ability to fetch cross-origin +data from origins in their extension's permissions, and they will only be able +to fetch data that the underlying page itself has access to. To fetch additional +data, content scripts can send messages to their extension's background pages, +which can relay data from sources that the extension author expects. + +This transition will occur in stages, to try to minimize disruption to extension +developers. + +Stage #1: Remove ability to bypass CORB from content scripts + +**In Q1 2019**, Chrome removed the ability to make cross-origin requests in +content scripts for new and previously unaffected extensions, while maintaining +an "allowlist" of affected extensions that may continue to make such requests +for the time being. This change started in Chrome 73. + +We continue to work with developers of extensions on the allowlist to migrate to +the new method of requesting cross-origin data, to help them prepare for +Extension Manifest V3. We remove such extensions from the allowlist as they +migrate, helping to improve the security of Chrome and the effectiveness of Site +Isolation against advanced attackers. + +Stage #2: Remove ability to bypass CORS from content scripts **\[edited on +2020-09-17\]** + +In **Q2 2020**, Chrome removed the ability to bypass CORS in cross-origin +requests from content scripts, subject to the same “allowlist” as above. This +change started in Chrome 85. + +The changes means that cross-origin fetches initiated from content scripts will +have an Origin request header with the page's origin, and the server has a +chance to approve the request with a matching Access-Control-Allow-Origin +response header. + +Extensions that were previously added to the “allowlist” will be unaffected by +the changes in Chrome 85. However, the new CORS behavior for content scripts may +actually make it easier for some extensions to move off of the allowlist, if +their fetches would now be approved by the server with an +Access-Control-Allow-Origin response header. We know this is the case for +several extensions that were included on the allowlist. + +Stage #3: Deprecating and removing the “allowlist” **\[edited on 2020-09-17\]** + +\[edited on 2020-05-28\] **In October 2020**, we will publish the allowlist of +extensions, to inform users of the security risks of using any extensions still +on the list. We hope to shrink the list as quickly as possible, because using +these extensions will weaken Chrome's defenses against cross-site attacks. +Before publishing or deprecating the allowlist, we'll send an advance notice to +the +[chromium-extensions@](https://groups.google.com/a/chromium.org/forum/#!forum/chromium-extensions) +discussion list. + +\[added on 2020-09-17\] In Chrome 87 we have deprecated and removed the +CORB/CORS allowlist. According to [the Chrome +dashboard](https://chromiumdash.appspot.com/schedule), this Chrome release is +tentatively planned to ship to the Beta channel around October 15th 2020 and to +the Stable channel around November 17th 2020. Extensions that haven’t migrated +to the new security model may be broken in Chrome 87 and above. + +## Recommended Developer Actions + +To prepare for Extension Manifest V3 and avoid being on the allowlist of +extensions that pose a cross-site security risk, we recommend that affected +extension developers take the following actions: + +### 1. Determine if Your Extension is Affected \[edited on 2020-03-09\] + +You can test whether your extension is affected by the planned CORB and CORS +changes by running Chrome 81 or later (starting with version 81.0.4035.0) with +the following [command line flags](/developers/how-tos/run-chromium-with-flags) +to enable the planned behavior: + +> --force-empty-corb-allowlist +> --enable-features=OutOfBlinkCors,CorbAllowlistAlsoAppliesToOorCors + +Alternatively (starting with version 85.0.4175.0) opt into the changes by +setting chrome://flags/#cors-for-content-scripts to “Enabled” and +chrome://flags/#force-empty-CORB-and-CORS-allowlist to “Enabled”: + +> [image src="https://drive.google.com/uc?id=1xPpHGMmjgMOYDEZH1U02XvAxDHDPMwoc&export=download">](https://drive.google.com/file/d/1xPpHGMmjgMOYDEZH1U02XvAxDHDPMwoc/view?usp=drive_web) + +If your extension makes cross-origin fetches from content scripts, then your +extension may be broken and you may observe one of the following errors in the +DevTools console: + +> Cross-Origin Read Blocking (CORB) blocked cross-origin response <URL> +> with MIME type <type>. See +> https://www.chromestatus.com/feature/5629709824032768 for more details. + +**\[added on 2020-03-09\]**: + +> Access to fetch at 'https://another-site.com/' from origin +> 'https://example.com' has been blocked by CORS policy: No +> 'Access-Control-Allow-Origin' header is present on the requested resource. If +> an opaque response serves your needs, set the request's mode to 'no-cors' to +> fetch the resource with CORS disabled. + +If you see the errors above, you can verify whether the changes described on +this page are the cause by temporarily disabling the planned behavior. (It is +possible that the errors might appear for other reasons.) To test with the +planned behavior disabled, run Chrome 81 or later (starting with version +81.0.4035.0) with the following [command line +flags](/developers/how-tos/run-chromium-with-flags): + +> --disable-features=CorbAllowlistAlsoAppliesToOorCors +> --enable-features=OutOfBlinkCors + +### 2. Avoid Cross-Origin Fetches in Content Scripts + +When cross-origin fetches are needed and the server does not provide an +Access-Control-Allow-Origin response header for the page's origin, perform them +from the [extension background +page](https://developer.chrome.com/extensions/background_pages) rather than in +the content script. Relay the response to the content scripts as needed (e.g., +using [extension messaging +APIs](https://developer.chrome.com/extensions/messaging)). For example: + +> **Old content script, making a cross-origin fetch:** + +> > var itemId = 12345; + +> > var url = "https://another-site.com/price-query?itemId=" + + +> > encodeURIComponent(request.itemId); + +> > fetch(url) + +> > .then(response => response.text()) + +> > .then(text => parsePrice(text)) + +> > .then(price => ...) + +> > .catch(error => ...) + +> **New content script, asking its background page to fetch the data instead:** + +> > chrome.runtime.sendMessage( + +> > {contentScriptQuery: "queryPrice", itemId: 12345}, + +> > price => ...); + +> **New extension background page, fetching from a known URL and relaying +> data:** + +> > chrome.runtime.onMessage.addListener( + +> > function(request, sender, sendResponse) { + +> > if (request.contentScriptQuery == "queryPrice") { + +> > var url = "https://another-site.com/price-query?itemId=" + + +> > encodeURIComponent(request.itemId); + +> > fetch(url) + +> > .then(response => response.text()) + +> > .then(text => parsePrice(text)) + +> > .then(price => sendResponse(price)) + +> > .catch(error => ...) + +> > return true; // Will respond asynchronously. + +> > } + +> > }); + +### 3. Limit Cross-Origin Requests in Background Pages + +If an extension's background page simply fetches and relays *any* URL of a +content script's choice (effectively acting as an open proxy), then similar +security problems occur. That is, a compromised renderer process can hijack the +content script and ask the background page to fetch and relay sensitive URLs of +the attacker's choosing. Instead, background pages should only fetch data from +URLs the extension author intends, which is ideally a small set of URLs which +does not put the user's sensitive data at risk. + +> **Good message example:** + +> { + +> contentScriptQuery: "queryPrice", + +> itemId: 12345 + +> } + +> This approach limits which URLs can fetched in response to the message. Here, +> only the itemId is provided by the content script that is sending the message, +> and not the full URL. + +> **Bad message example:** + +> { + +> contentScriptQuery: "fetchUrl", + +> url: "https://example.com/any/path/or/site/allowed/here" + +> } + +> In this approach the content script may cause the background page to fetch any +> URL. A malicious website may be able to forge such messages and trick the +> extension to get access to any cross-origin resources. + +### 4. Keep in Touch if Needed \[edited on 2020-05-28\] + +We have reached out to developers whose extensions are on the allowlist. + +If your extension is on the allowlist and no longer needs to be, please [**file +a bug +here**](https://bugs.chromium.org/p/chromium/issues/entry?template=Defect+report+from+user&components=Internals%3ESandbox%3ESiteIsolation&blocking=846346&cc=lukasza@chromium.org&summary=Remove+extension+%3Cextension+id%3E+from+the+CORB+allowlist) +to have it removed. You may verify that your extension no longer needs to be on +the allowlist by testing that it continues to work after launching Chrome +81.0.4035.0 or higher with the following [command line +flags](/developers/how-tos/run-chromium-with-flags): + +> --force-empty-corb-allowlist +> --enable-features=OutOfBlinkCors,CorbAllowlistAlsoAppliesToOorCors + +Alternatively (starting with version 85.0.4175.0) opt into the changes by +setting chrome://flags/#cors-for-content-scripts to “Enabled” and +chrome://flags/#force-empty-CORB-and-CORS-allowlist to “Enabled”: + +> [image src="https://drive.google.com/uc?id=1xPpHGMmjgMOYDEZH1U02XvAxDHDPMwoc&export=download">](https://drive.google.com/file/d/1xPpHGMmjgMOYDEZH1U02XvAxDHDPMwoc/view?usp=drive_web) + +If your extension is not yet on the allowlist and still depends on cross-origin +requests, these requests may stop working and you may observe the following +errors in the DevTools console: + +> Cross-Origin Read Blocking (CORB) blocked cross-origin response <URL> +> with MIME type <type>. See +> https://www.chromestatus.com/feature/5629709824032768 for more details. + +or **\[added on 2020-03-09\]**: + +> Access to fetch at 'https://another-site.com/' from origin +> 'https://example.com' has been blocked by CORS policy: No +> 'Access-Control-Allow-Origin' header is present on the requested resource. If +> an opaque response serves your needs, set the request's mode to 'no-cors' to +> fetch the resource with CORS disabled. + +If this happens, please update your extension as described above. + +\[edited on 2019-09-21\] Under exceptional circumstances, we may still consider +adding an extension to the allowlist, but we're now generally avoiding this when +possible, because users of allowlisted extensions are vulnerable to additional +security attacks. To report issues encountered during the Chrome 87 deprecation +of the allowlist, please [open a Chromium +bug](https://bugs.chromium.org/p/chromium/issues/entry?template=Defect+report+from+user&components=Internals%3ESandbox%3ESiteIsolation&blocking=846346&cc=lukasza@chromium.org&summary=CORB/CORS+allowlist+deprecation+in+Chrome+87). + +## Summary + +Removing cross-origin fetches from content scripts is an important step in +improving the security of Chrome, since it helps prevent leaks of sensitive data +even when Chrome's renderer process might be compromised. We apologize for the +inconvenience of the migration, but we appreciate your help in keeping Chrome's +users as secure as possible. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/guts/Chrome Security Architecture.png.sha1 b/chromium/docs/website/site/Home/chromium-security/guts/Chrome Security Architecture.png.sha1 new file mode 100644 index 00000000000..e6fdca50629 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/guts/Chrome Security Architecture.png.sha1 @@ -0,0 +1 @@ +91c1746bc3bfb37095dd5910b56e1235ad155051 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/guts/index.md b/chromium/docs/website/site/Home/chromium-security/guts/index.md new file mode 100644 index 00000000000..0a720c54aeb --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/guts/index.md @@ -0,0 +1,66 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: guts +title: Secure Architecture +--- + +One of our [core security principles](/Home/chromium-security/core-principles) +is, "Design for defense in depth." Some of the things we've done or are working +on to live up to this principle include: + +## Background + +* +* [A color-by-risk component diagram of + Chrome](https://docs.google.com/a/chromium.org/drawings/d/1TuECFL9K7J5q5UePJLC-YH3satvb1RrjLRH-tW_VKeE/edit) + +## Sandboxing + +### Platform-specific sandboxing + +* [Chrome on Windows (sandbox) design and + implementation](/developers/design-documents/sandbox) and the + [Sandboxing FAQ (mostly Windows + specific](/developers/design-documents/sandbox/Sandbox-FAQ)) +* [Chrome on Linux and Chrome OS (sandbox) + overview](https://code.google.com/p/chromium/wiki/LinuxSandboxing) + (including the most current [seccomp-bpf + layer](http://blog.chromium.org/2012/11/a-safer-playground-for-your-linux-and.html)) + * [bpf_dsl + presentation](https://drive.google.com/file/d/0B9LSc_-kpOQPVHhvcVBza3NWR0k/view?usp=sharing) + (Sep 2014) +* [Chrome on OSX (sandbox) + overview](/developers/design-documents/sandbox/osx-sandboxing-design) + and the [second-layer bootstrap + sandbox](https://docs.google.com/a/chromium.org/document/d/108sr6gBxqdrnzVPsb_4_JbDyW1V4-DRQUC4R8YvM40M/edit#) + +### Plugin sandboxing + +* [Flash sandboxing + (PPAPI)](http://blog.chromium.org/2012/08/the-road-to-safer-more-stable-and.html) + +### Site Isolation + +We're currently working on using Chrome's sandbox to isolate websites from each +other via the [Site Isolation project](/Home/chromium-security/site-isolation), +which will help to mitigate cross-site information leaks (among other threats) +in the presence of a vulnerability in the renderer process. + +## Anti-Exploitation Technologies and Tactics + +* We use industry best practices + [ASLR](http://en.wikipedia.org/wiki/Address_space_layout_randomization), + [DEP](http://en.wikipedia.org/wiki/Data_Execution_Prevention), [JIT + hardening](http://www.matasano.com/research/Attacking_Clientside_JIT_Compilers_Paper.pdf#page=24), + and + [SafeSEH](http://msdn.microsoft.com/en-us/library/9a89h429.aspx). +* We block [out-of-date or unpopular + plugins](http://support.google.com/chrome/bin/answer.py?hl=en&answer=1181003) + by default and support work toward [NPAPI + deprecation](http://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html). +* We implement memory hardening features, like [Binding + Integrity](/Home/chromium-security/binding-integrity). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/hall-of-fame/index.md b/chromium/docs/website/site/Home/chromium-security/hall-of-fame/index.md new file mode 100644 index 00000000000..238536e7d1c --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/hall-of-fame/index.md @@ -0,0 +1,1157 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: hall-of-fame +title: Security Hall of Fame +--- + +## The following bugs qualified for a Chromium Security Reward, or represent a win at our Pwnium competition. On behalf of our millions of users, we thank the named researchers for helping make Chromium safer. + +**This information is historical and isn't being updated**. + +* $60000 to Sergey Glazunov for [bug + 117226](http://code.google.com/p/chromium/issues/detail?id=117226) +* $60000 to PinkiePie for [bug + 117620](http://code.google.com/p/chromium/issues/detail?id=117620) +* $40000 to PinkiePie for [bug + 181083](http://code.google.com/p/chromium/issues/detail?id=181083) + and others +* $31336 to Ralf-Philipp Weinmann for [bug 227181](http://code.google.com/p/chromium/issues/detail?id=227181) and others +* $30000 to someone who wishes to remain anonymous +* $30000 to someone who wishes to remain anonymous +* $21500 to Andrey Labunets for [bug 252062](http://code.google.com/p/chromium/issues/detail?id=252062) and others +* $10000 to miaubiz for [bug + 116661](http://code.google.com/p/chromium/issues/detail?id=116661) +* $10000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 116662](http://code.google.com/p/chromium/issues/detail?id=116662) +* $10000 to Arthur Gerkis for [bug + 116663](http://code.google.com/p/chromium/issues/detail?id=116663) +* $10000 to Sergey Glazunov for [bug + 143439](http://code.google.com/p/chromium/issues/detail?id=143439) +* $10000 to miaubiz for [bug + 157047](http://code.google.com/p/chromium/issues/detail?id=157047) +* $10000 to Atte Kettunen for [bug + 157048](http://code.google.com/p/chromium/issues/detail?id=157048) +* $10000 to Christian Holler for [bug + 157049](http://code.google.com/p/chromium/issues/detail?id=157049) +* $7331 to PinkiePie for [bug + 162835](http://code.google.com/p/chromium/issues/detail?id=162835) +* $5000 to João Lucas Melo Brasio from [White Hat Hackers Consultoria + de Segurança da Informação LTDA](http://www.whitehathackers.com.br/) + for [bug + 321940](http://code.google.com/p/chromium/issues/detail?id=321940) + and others +* $4000 + $500 to Sergey Glazunov for [bug + 143437](http://code.google.com/p/chromium/issues/detail?id=143437) +* $3133.7 to Atte Kettunen for bug 179522 +* $3133.7 to Atte Kettunen for bug 147499 +* $3133.7 to Collin Payne for [bug + 242762](https://code.google.com/p/chromium/issues/detail?id=242762) +* $3133.7 to Collin Payne for [bug + 244746](https://code.google.com/p/chromium/issues/detail?id=244746) +* $3133.7 to Sergey Glazunov for [bug + 68666](http://code.google.com/p/chromium/issues/detail?id=68666) +* $3133.7 to Sergey Glazunov for [bug + 83275](http://code.google.com/p/chromium/issues/detail?id=83275) +* $3133.7 to miaubiz for [bug + 88944](http://code.google.com/p/chromium/issues/detail?id=88944) +* $3133.7 to Chamal de Silva for [bug + 107182](http://code.google.com/p/chromium/issues/detail?id=107182) +* $3133.7 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 108071](http://code.google.com/p/chromium/issues/detail?id=108071) +* $3133.7 to Arthur Gerkis for [bug + 128178](http://code.google.com/p/chromium/issues/detail?id=128178) +* $3133.7 to Arthur Gerkis for [bug + 135043](http://code.google.com/p/chromium/issues/detail?id=135043) +* $3133.7 to miaubiz for [bug + 141901](http://code.google.com/p/chromium/issues/detail?id=141901) +* $2000 + $500 to Sergey Glazunov for [bug + 98053](http://code.google.com/p/chromium/issues/detail?id=98053) +* $2000 + $500 to Sergey Glazunov for [bug + 99512](http://code.google.com/p/chromium/issues/detail?id=99512) +* $2000 + $500 to Sergey Glazunov for [bug + 99750](http://code.google.com/p/chromium/issues/detail?id=99750) +* $2337 to Sergey Glazunov for [bug + 93906](http://code.google.com/p/chromium/issues/detail?id=93906) +* $2337 to Sergey Glazunov for [bug + 96047](http://code.google.com/p/chromium/issues/detail?id=96047) +* $2337 to Sergey Glazunov for [bug + 96885](http://code.google.com/p/chromium/issues/detail?id=96885) +* $2000 to Atte Kettunen for bug 279277 +* $2000 to Atte Kettunen for bug 265838 +* $2000 to Sergey Glazunov for [bug + 93416](http://code.google.com/p/chromium/issues/detail?id=93416) +* $2000 to Sergey Glazunov for [bug + 95671](http://code.google.com/p/chromium/issues/detail?id=95671) +* $2000 to Daniel Divricean for [bug + 93416](http://code.google.com/p/chromium/issues/detail?id=93416) +* $2000 to Sergey Glazunov for [bug + 117550](http://code.google.com/p/chromium/issues/detail?id=117550) +* $2000 to Chamal de Silva for [bug + 139814](http://code.google.com/p/chromium/issues/detail?id=139814) +* $2000 to Christian Schneider for [bug + 380885](https://bugs.chromium.org/p/chromium/issues/detail?id=380885) + ([writeup](https://christian-schneider.net/ChromeSopBypassWithSvg.html#main)) +* $1500 to Atte Kettunen for bug 150729 +* $1337 to Sergey Glazunov for [bug + 35724](http://code.google.com/p/chromium/issues/detail?id=35724) +* $1337 to Sergey Glazunov for [bug + 45400](http://code.google.com/p/chromium/issues/detail?id=45400) +* $1337 to Sergey Glazunov for [bug + 50553](http://code.google.com/p/chromium/issues/detail?id=50553) +* $1337 to Keith Campbell for [bug + 51630](http://code.google.com/p/chromium/issues/detail?id=51630) +* $1337 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 59036](http://code.google.com/p/chromium/issues/detail?id=59036) +* $1337 to Sergey Glazunov for [bug + 65764](http://code.google.com/p/chromium/issues/detail?id=65764) +* $1337 to Sergey Glazunov for [bug + 70165](http://code.google.com/p/chromium/issues/detail?id=70165) +* $1337 to Daniel Divricean for [bug + 69187](http://code.google.com/p/chromium/issues/detail?id=69187) +* $1337 to Daniel Divricean for [bug + 70877](http://code.google.com/p/chromium/issues/detail?id=70877) +* $1337 to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers, + through ZDI, for [bug + 75712](http://code.google.com/p/chromium/issues/detail?id=75712) +* $1337 to kuzzcc for [bug + 77026](http://code.google.com/p/chromium/issues/detail?id=77026) +* $1337 to Michael Braithwaite of Turbulenz Limited for [bug + 89836](http://code.google.com/p/chromium/issues/detail?id=89836) +* $1337 to miaubiz for [bug + 100059](http://code.google.com/p/chromium/issues/detail?id=100059) +* $1000 + $1000 to Sergey Glazunov for [bug + 73196](http://code.google.com/p/chromium/issues/detail?id=73196) +* $1000 + $1000 to Sergey Glazunov for [bug + 73595](http://code.google.com/p/chromium/issues/detail?id=73595) +* $1000 + $1000 to Sergey Glazunov for [bug + 74991](http://code.google.com/p/chromium/issues/detail?id=74991) +* $1000 + $1000 to Sergey Glazunov for [bug + 77463](http://code.google.com/p/chromium/issues/detail?id=77463) +* $1000 + $500 to Sergey Glazunov for [bug + 73746](http://code.google.com/p/chromium/issues/detail?id=73746) +* $1000 + $500 to Sergey Glazunov for [bug + 74562](http://code.google.com/p/chromium/issues/detail?id=74562) +* $1000 + $500 to Sergey Glazunov for [bug + 75170](http://code.google.com/p/chromium/issues/detail?id=75170) +* $1000 + $500 to Sergey Glazunov for [bug + 79199](http://code.google.com/p/chromium/issues/detail?id=79199) +* $1000 + $500 to Sergey Glazunov for [bug + 89520](http://code.google.com/p/chromium/issues/detail?id=89520) +* $1000 + $500 to Sergey Glazunov for [bug + 90222](http://code.google.com/p/chromium/issues/detail?id=90222) +* $1000 + $500 to Sergey Glazunov for [bug + 91598](http://code.google.com/p/chromium/issues/detail?id=91598) +* $1000 + $500 to Sergey Glazunov for [bug + 97451](http://code.google.com/p/chromium/issues/detail?id=97451) +* $1000 + $500 to Sergey Glazunov for [bug + 97520](http://code.google.com/p/chromium/issues/detail?id=97520) +* $1000 + $500 to Sergey Glazunov for [bug + 97615](http://code.google.com/p/chromium/issues/detail?id=97615) +* $1000 + $500 to Sergey Glazunov for [bug + 97784](http://code.google.com/p/chromium/issues/detail?id=97784) +* $1000 + $500 to Sergey Glazunov for [bug + 98407](http://code.google.com/p/chromium/issues/detail?id=98407) +* $1000 + $500 to Chamal de Silva for [bug + 171951](https://code.google.com/p/chromium/issues/detail?id=171951) +* $1000 to Atte Kettunen for bug 235733 +* $1000 to Atte Kettunen for bug 292422 +* $1000 to Atte Kettunen for bug 271939 +* $1000 to Atte Kettunen for bug 223238 +* $1000 to Atte Kettunen for bug 172926 +* $1000 to Atte Kettunen for bug 172342 +* $1000 to Atte Kettunen for bug 172331 +* $1000 to Atte Kettunen for bug 172243 +* $1000 to Atte Kettunen for bug 168768 +* $1000 to Atte Kettunen for bug 162551 +* $1000 to Atte Kettunen for bug 162494 +* $1000 to Atte Kettunen for bug 161077 +* $1000 to Atte Kettunen for bug 159338 +* $1000 to Atte Kettunen for bug 156231 +* $1000 to Atte Kettunen for bug 154055 +* $1000 to Atte Kettunen for bug 152707 +* $1000 to Atte Kettunen for bug 151008 +* $1000 to Atte Kettunen for bug 138208 +* $1000 to Atte Kettunen for bug 133571 +* $1000 to Atte Kettunen for bug 133214 +* $1000 to Atte Kettunen for bug 130240 +* $1000 to Tokuji Akamine for [bug + 30660](http://code.google.com/p/chromium/issues/detail?id=30660) +* $1000 to kuzzcc for [bug + 37383](http://code.google.com/p/chromium/issues/detail?id=37383) +* $1000 to Jordi Chancel for [bug + 40445](http://code.google.com/p/chromium/issues/detail?id=40445) +* $1000 to Sergey Glazunov for [bug + 39985](http://code.google.com/p/chromium/issues/detail?id=39985) +* $1000 to Sergey Glazunov for [bug + 39047](http://code.google.com/p/chromium/issues/detail?id=39047) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 45983](http://code.google.com/p/chromium/issues/detail?id=45983) +* $1000 to Mike Taylor for [bug + 49964](http://code.google.com/p/chromium/issues/detail?id=49964) +* $1000 to Sergey Glazunov for [bug + 50515](http://code.google.com/p/chromium/issues/detail?id=50515) +* $1000 to Sergey Glazunov for [bug + 51835](http://code.google.com/p/chromium/issues/detail?id=51835) +* $1000 to kuzzcc for [bug + 51654](http://code.google.com/p/chromium/issues/detail?id=51654) +* $1000 to kuzzcc for [bug + 51670](http://code.google.com/p/chromium/issues/detail?id=51670) +* $1000 to Sergey Glazunov for [bug + 48437](http://code.google.com/p/chromium/issues/detail?id=48437) +* $1000 to kuzzcc for [bug + 52204](http://code.google.com/p/chromium/issues/detail?id=52204) +* $1000 to Sergey Glazunov for [bug + 50386](http://code.google.com/p/chromium/issues/detail?id=50386) +* $1000 to Ashutosh Mehra and Vineet Batra of the Adobe Reader Sandbox + Team for [bug + 52682](http://code.google.com/p/chromium/issues/detail?id=52682) +* $1000 to kuzzcc for [bug + 50712](http://code.google.com/p/chromium/issues/detail?id=50712) +* $1000 to Stefano Di Paola of MindedSecurity for [bug + 55350](http://code.google.com/p/chromium/issues/detail?id=55350) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 54691](http://code.google.com/p/chromium/issues/detail?id=54691) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 56760](http://code.google.com/p/chromium/issues/detail?id=56760) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 61338](http://code.google.com/p/chromium/issues/detail?id=61338) +* $1000 to wushi of team509 for [bug + 55257](http://code.google.com/p/chromium/issues/detail?id=55257) +* $1000 to kuzzcc for [bug + 58657](http://code.google.com/p/chromium/issues/detail?id=58657) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 59320](http://code.google.com/p/chromium/issues/detail?id=59320) +* $1000 to Christoph Diehl for [bug + 60055](http://code.google.com/p/chromium/issues/detail?id=60055) +* $1000 to wushi of team509 for [bug + 60688](http://code.google.com/p/chromium/issues/detail?id=60688) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 62623](http://code.google.com/p/chromium/issues/detail?id=62623) +* $1000 to miaubiz for [bug + 62127](http://code.google.com/p/chromium/issues/detail?id=62127) +* $1000 to Sławomir Błażek for [bug + 62401](http://code.google.com/p/chromium/issues/detail?id=62401) +* $1000 to Chris Rohlf for [bug + 63866](http://code.google.com/p/chromium/issues/detail?id=63866) +* $1000 to Sergey Glazunov for [bug + 64959](http://code.google.com/p/chromium/issues/detail?id=64959) +* $1000 to Sławomir Błażek for [bug + 64945](http://code.google.com/p/chromium/issues/detail?id=64945) +* $1000 to Sergey Glazunov for [bug + 66560](http://code.google.com/p/chromium/issues/detail?id=66560) +* $1000 to Jared Allar of [CERT](http://www.cert.org/) for [bug + 67208](http://code.google.com/p/chromium/issues/detail?id=67208) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 67303](http://code.google.com/p/chromium/issues/detail?id=67303) +* $1000 to kuzzcc for [bug + 67393](http://code.google.com/p/chromium/issues/detail?id=67393) +* $1000 to David Warren of [CERT](http://www.cert.org/) for [bug + 68115](http://code.google.com/p/chromium/issues/detail?id=68115) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 68170](http://code.google.com/p/chromium/issues/detail?id=68170) +* $1000 to Sergey Glazunov for [bug + 68178](http://code.google.com/p/chromium/issues/detail?id=68178) +* $1000 to Sergey Glazunov for [bug + 68181](http://code.google.com/p/chromium/issues/detail?id=68181) +* $1000 to Martin Barbella for [bug + 68439](http://code.google.com/p/chromium/issues/detail?id=68439) +* $1000 to Sergey Glazunov for [bug + 68558](http://code.google.com/p/chromium/issues/detail?id=68558) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 63248](http://code.google.com/p/chromium/issues/detail?id=63248) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 55831](http://code.google.com/p/chromium/issues/detail?id=55831) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 64051](http://code.google.com/p/chromium/issues/detail?id=64051) +* $1000 to Sergey Glazunov for [bug + 65577](http://code.google.com/p/chromium/issues/detail?id=65577) +* $1000 to Sergey Glazunov for [bug + 68641](http://code.google.com/p/chromium/issues/detail?id=68641) +* $1000 to miaubiz for [bug + 68120](http://code.google.com/p/chromium/issues/detail?id=68120) +* $1000 to Martin Barbella for [bug + 69556](http://code.google.com/p/chromium/issues/detail?id=69556) +* $1000 to David Warren of [CERT](http://www.cert.org/) for [bug + 70456](http://code.google.com/p/chromium/issues/detail?id=70456) +* $1000 to Jordi Chancel for [bug + 54262](http://code.google.com/p/chromium/issues/detail?id=54262) +* $1000 to Sergey Glazunov for [bug + 68263](http://code.google.com/p/chromium/issues/detail?id=68263) +* $1000 to Sergey Glazunov for [bug + 68741](http://code.google.com/p/chromium/issues/detail?id=68741) +* $1000 to Sławomir Błażek for [bug + 70244](http://code.google.com/p/chromium/issues/detail?id=70244) +* $1000 to Martin Barbella for [bug + 71114](http://code.google.com/p/chromium/issues/detail?id=71114) +* $1000 to Martin Barbella for [bug + 71115](http://code.google.com/p/chromium/issues/detail?id=71115) +* $1000 to miaubiz for [bug + 71296](http://code.google.com/p/chromium/issues/detail?id=71296) +* $1000 to wushi of team509 for [bug + 71386](http://code.google.com/p/chromium/issues/detail?id=71386) +* $1000 to wushi of team509 for [bug + 71388](http://code.google.com/p/chromium/issues/detail?id=71388) +* $1000 to Sergey Glazunov for [bug + 71595](http://code.google.com/p/chromium/issues/detail?id=71595) +* $1000 to miaubiz for [bug + 71855](http://code.google.com/p/chromium/issues/detail?id=71855) +* $1000 to Chamal de Silva for [bug + 72437](http://code.google.com/p/chromium/issues/detail?id=72437) +* $1000 to Martin Barbella for [bug + 73235](http://code.google.com/p/chromium/issues/detail?id=73235) +* $1000 to Martin Barbella for [bug + 70027](http://code.google.com/p/chromium/issues/detail?id=70027) +* $1000 to Sergey Glazunov for [bug + 70442](http://code.google.com/p/chromium/issues/detail?id=70442) +* $1000 to miaubiz for [bug + 71763](http://code.google.com/p/chromium/issues/detail?id=71763) +* $1000 to Martin Barbella for [bug + 72028](http://code.google.com/p/chromium/issues/detail?id=72028) +* $1000 to Sergey Glazunov for [bug + 73066](http://code.google.com/p/chromium/issues/detail?id=73066) +* $1000 to miaubiz for [bug + 73134](http://code.google.com/p/chromium/issues/detail?id=73134) +* $1000 to Sergey Glazunov for [bug + 74030](http://code.google.com/p/chromium/issues/detail?id=74030) +* $1000 to Christian Holler for [bug + 74662](http://code.google.com/p/chromium/issues/detail?id=74662) +* $1000 to Christian Holler for [bug + 74675](http://code.google.com/p/chromium/issues/detail?id=74675) +* $1000 to Sławomir Błażek for [bug + 73216](http://code.google.com/p/chromium/issues/detail?id=73216) +* $1000 to Christian Holler for [bug + 74660](http://code.google.com/p/chromium/issues/detail?id=74660) +* $1000 to Christian Holler for [bug + 74665](http://code.google.com/p/chromium/issues/detail?id=74665) +* $1000 to Christian Holler for [bug + 74666](http://code.google.com/p/chromium/issues/detail?id=74666) +* $1000 to Christian Holler for [bug + 74669](http://code.google.com/p/chromium/issues/detail?id=74669) +* $1000 to Christian Holler for [bug + 74671](http://code.google.com/p/chromium/issues/detail?id=74671) +* $1000 to Christian Holler for [bug + 74672](http://code.google.com/p/chromium/issues/detail?id=74672) +* $1000 to Christian Holler for [bug + 74673](http://code.google.com/p/chromium/issues/detail?id=74673) +* $1000 to Christian Holler for [bug + 74678](http://code.google.com/p/chromium/issues/detail?id=74678) +* $1000 to Christoph Diehl for [bug + 78524](http://code.google.com/p/chromium/issues/detail?id=78524) +* $1000 to miaubiz for [bug + 73526](http://code.google.com/p/chromium/issues/detail?id=73526) +* $1000 to kuzzcc for [bug + 74653](http://code.google.com/p/chromium/issues/detail?id=74653) +* $1000 to Jose A. Vazquez for [bug + 75186](http://code.google.com/p/chromium/issues/detail?id=75186) +* $1000 to Sergey Glazunov for [bug + 75801](http://code.google.com/p/chromium/issues/detail?id=75801) +* $1000 to Martin Barbella for [bug + 76001](http://code.google.com/p/chromium/issues/detail?id=76001) +* $1000 to kuzzcc for [bug + 76666](http://code.google.com/p/chromium/issues/detail?id=76666) +* $1000 to kuzzcc for [bug + 77507](http://code.google.com/p/chromium/issues/detail?id=77507) +* $1000 to kuzzcc for [bug + 78031](http://code.google.com/p/chromium/issues/detail?id=78031) +* $1000 to miaubiz for [bug + 76966](http://code.google.com/p/chromium/issues/detail?id=76966) +* $1000 to wushi of team509 for [bug + 77130](http://code.google.com/p/chromium/issues/detail?id=77130) +* $1000 to Marek Majkowski for [bug + 77346](http://code.google.com/p/chromium/issues/detail?id=77346) +* $1000 to miaubiz for [bug + 72340](http://code.google.com/p/chromium/issues/detail?id=72340) +* $1000 to miaubiz for [bug + 78071](http://code.google.com/p/chromium/issues/detail?id=78071) +* $1000 to Christian Holler for [bug + 78270](http://code.google.com/p/chromium/issues/detail?id=78270) +* $1000 to Sławomir Błażek for [bug + 76059](http://code.google.com/p/chromium/issues/detail?id=76059) +* $1000 to Martin Barbella for [bug + 72387](http://code.google.com/p/chromium/issues/detail?id=72387) +* $1000 to miaubiz for [bug + 73962](http://code.google.com/p/chromium/issues/detail?id=73962) +* $1000 to miaubiz for [bug + 79746](http://code.google.com/p/chromium/issues/detail?id=79746) +* $1000 to miaubiz for [bug + 81949](http://code.google.com/p/chromium/issues/detail?id=81949) +* $1000 to Vladislavas Jarmalis for [bug + 83010](http://code.google.com/p/chromium/issues/detail?id=83010) +* $1000 to Sergey Glazunov for [bug + 83743](http://code.google.com/p/chromium/issues/detail?id=83743) +* $1000 to Martin Barbella for [bug + 84452](http://code.google.com/p/chromium/issues/detail?id=84452) +* $1000 to Martin Barbella for [bug + 82546](http://code.google.com/p/chromium/issues/detail?id=82546) +* $1000 to Christian Holler for [bug + 84234](http://code.google.com/p/chromium/issues/detail?id=84234) +* $1000 to Philippe Arteau for [bug + 77493](http://code.google.com/p/chromium/issues/detail?id=77493) +* $1000 to miaubiz for [bug + 84355](http://code.google.com/p/chromium/issues/detail?id=84355) +* $1000 to miaubiz for [bug + 85003](http://code.google.com/p/chromium/issues/detail?id=85003) +* $1000 to miaubiz for [bug + 85211](http://code.google.com/p/chromium/issues/detail?id=85211) +* $1000 to miaubiz for [bug + 85418](http://code.google.com/p/chromium/issues/detail?id=85418) +* $1000 to Chamal de Silva for [bug + 88850](http://code.google.com/p/chromium/issues/detail?id=88850) +* $1000 to the Microsoft Java Team and Microsoft Vulnerability + Research (MSVR) for [bug + 88093](http://code.google.com/p/chromium/issues/detail?id=88093) +* $1000 to miaubiz for [bug + 78841](http://code.google.com/p/chromium/issues/detail?id=78841) +* $1000 to Martin Barbella for [bug + 78841](http://code.google.com/p/chromium/issues/detail?id=78841) +* $1000 to miaubiz for [bug + 86502](http://code.google.com/p/chromium/issues/detail?id=86502) +* $1000 to miaubiz for [bug + 87148](http://code.google.com/p/chromium/issues/detail?id=87148) +* $1000 to miaubiz for [bug + 87227](http://code.google.com/p/chromium/issues/detail?id=87227) +* $1000 to miaubiz for [bug + 87729](http://code.google.com/p/chromium/issues/detail?id=87729) +* $1000 to miaubiz for [bug + 87925](http://code.google.com/p/chromium/issues/detail?id=87925) +* $1000 to Christian Holler for [bug + 88591](http://code.google.com/p/chromium/issues/detail?id=88591) +* $1000 to miaubiz for [bug + 88846](http://code.google.com/p/chromium/issues/detail?id=88846) +* $1000 to Martin Barbella for [bug + 88889](http://code.google.com/p/chromium/issues/detail?id=88889) +* $1000 to Vladimir Vorontsov, [ONsec company](http://onsec.ru) for + [bug + 72492](http://code.google.com/p/chromium/issues/detail?id=72492) +* $1000 to miaubiz for [bug + 88216](http://code.google.com/p/chromium/issues/detail?id=88216) +* $1000 to Sergey Glazunov for [bug + 87453](http://code.google.com/p/chromium/issues/detail?id=87453) +* $1000 to miaubiz for [bug + 90668](http://code.google.com/p/chromium/issues/detail?id=90668) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 91665](http://code.google.com/p/chromium/issues/detail?id=91665) +* $1000 to Arthur Gerkis for [bug + 89219](http://code.google.com/p/chromium/issues/detail?id=89219) +* $1000 to miaubiz for [bug + 89330](http://code.google.com/p/chromium/issues/detail?id=89330) +* $1000 to Sławomir Błażek for [bug + 92651](http://code.google.com/p/chromium/issues/detail?id=92651) +* $1000 to Arthur Gerkis for [bug + 92959](http://code.google.com/p/chromium/issues/detail?id=92959) +* $1000 to miaubiz for [bug + 93420](http://code.google.com/p/chromium/issues/detail?id=93420) +* $1000 to miaubiz for [bug + 93587](http://code.google.com/p/chromium/issues/detail?id=93587) +* $1000 to Christian Holler for [bug + 95920](http://code.google.com/p/chromium/issues/detail?id=95920) +* $1000 to miaubiz for [bug + 93788](http://code.google.com/p/chromium/issues/detail?id=93788) +* $1000 to miaubiz for [bug + 95072](http://code.google.com/p/chromium/issues/detail?id=95072) +* $1000 to miaubiz for [bug + 95672](http://code.google.com/p/chromium/issues/detail?id=95672) +* $1000 to Christian Holler for [bug + 98773](http://code.google.com/p/chromium/issues/detail?id=98773) +* $1000 to Christian Holler for [bug + 99167](http://code.google.com/p/chromium/issues/detail?id=99167) +* $1000 to miaubiz for [bug + 97599](http://code.google.com/p/chromium/issues/detail?id=97599) +* $1000 to miaubiz for [bug + 98064](http://code.google.com/p/chromium/issues/detail?id=98064) +* $1000 to miaubiz for [bug + 98556](http://code.google.com/p/chromium/issues/detail?id=98556) +* $1000 to miaubiz for [bug + 99294](http://code.google.com/p/chromium/issues/detail?id=99294) +* $1000 to miaubiz for [bug + 99880](http://code.google.com/p/chromium/issues/detail?id=99880) +* $1000 to miaubiz for [bug + 96902](http://code.google.com/p/chromium/issues/detail?id=96902) +* $1000 to miaubiz for [bug + 99138](http://code.google.com/p/chromium/issues/detail?id=99138) +* $1000 x2 to miaubiz for [bug + 99211](http://code.google.com/p/chromium/issues/detail?id=99211) +* $1000 to miaubiz for [bug + 100464](http://code.google.com/p/chromium/issues/detail?id=100464) +* $1000 to Sławomir Błażek for [bug + 97092](http://code.google.com/p/chromium/issues/detail?id=97092) +* $1000 to kuzzcc for [bug + 62925](http://code.google.com/p/chromium/issues/detail?id=62925) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 101458](http://code.google.com/p/chromium/issues/detail?id=101458) +* $1000 to Christian Holler for [bug + 103259](http://code.google.com/p/chromium/issues/detail?id=103259) +* $1000 to miaubiz for [bug + 103058](http://code.google.com/p/chromium/issues/detail?id=103058) +* $1000 to miaubiz for [bug + 102810](http://code.google.com/p/chromium/issues/detail?id=102810) +* $1000 to miaubiz for [bug + 102628](http://code.google.com/p/chromium/issues/detail?id=102628) +* $1000 to Arthur Gerkis for [bug + 102359](http://code.google.com/p/chromium/issues/detail?id=102359) +* $1000 to Arthur Gerkis for [bug + 103921](http://code.google.com/p/chromium/issues/detail?id=103921) +* $1000 to Sławomir Błażek for [bug + 104011](http://code.google.com/p/chromium/issues/detail?id=104011) +* $1000 to Sławomir Błażek for [bug + 104859](http://code.google.com/p/chromium/issues/detail?id=104859) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 104056](http://code.google.com/p/chromium/issues/detail?id=104056) +* $1000 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 103239](http://code.google.com/p/chromium/issues/detail?id=103239) +* $1000 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 104529](http://code.google.com/p/chromium/issues/detail?id=104529) +* $1000 to Luka Treiber of ACROS Security for [bug + 99016](http://code.google.com/p/chromium/issues/detail?id=99016) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 106441](http://code.google.com/p/chromium/issues/detail?id=106441) +* $1000 to Shawn Goertzen for [bug + 108871](http://code.google.com/p/chromium/issues/detail?id=108871) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 109716](http://code.google.com/p/chromium/issues/detail?id=109716) +* $1000 to Arthur Gerkis for [bug + 109743](http://code.google.com/p/chromium/issues/detail?id=109743) +* $1000 to Arthur Gerkis for [bug + 110112](http://code.google.com/p/chromium/issues/detail?id=110112) +* $1000 to Arthur Gerkis for [bug + 110374](http://code.google.com/p/chromium/issues/detail?id=110374) +* $1000 x2 to miaubiz for [bug + 105459](http://code.google.com/p/chromium/issues/detail?id=105459) +* $1000 to Arthur Gerkis for [bug + 106484](http://code.google.com/p/chromium/issues/detail?id=106484) +* $1000 to miaubiz for [bug + 108605](http://code.google.com/p/chromium/issues/detail?id=108605) +* $1000 to Arthur Gerkis for [bug + 109556](http://code.google.com/p/chromium/issues/detail?id=109556) +* $1000 to Boris Zbarsky of Mozilla for [bug + 106672](http://code.google.com/p/chromium/issues/detail?id=106672) +* $1000 to miaubiz for [bug + 108695](http://code.google.com/p/chromium/issues/detail?id=108695) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 110172](http://code.google.com/p/chromium/issues/detail?id=110172) +* $1000 to Arthur Gerkis for [bug + 111779](http://code.google.com/p/chromium/issues/detail?id=111779) +* $1000 to miaubiz for [bug + 112847](http://code.google.com/p/chromium/issues/detail?id=112847) +* $1000 to Chamal de Silva for [bug + 105867](http://code.google.com/p/chromium/issues/detail?id=105867) +* $1000 to Arthur Gerkis for [bug + 111748](http://code.google.com/p/chromium/issues/detail?id=111748) +* $1000 to Arthur Gerkis for [bug + 108037](http://code.google.com/p/chromium/issues/detail?id=108037) +* $2000 to Arthur Gerkis for [bug + 112212](http://code.google.com/p/chromium/issues/detail?id=112212) +* $1000 to Arthur Gerkis for [bug + 116093](http://code.google.com/p/chromium/issues/detail?id=116093) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 108406](http://code.google.com/p/chromium/issues/detail?id=108406) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 115471](http://code.google.com/p/chromium/issues/detail?id=115471) +* $1000 to miaubiz for [bug + 113258](http://code.google.com/p/chromium/issues/detail?id=113258) +* $1000 to miaubiz for [bug + 113439](http://code.google.com/p/chromium/issues/detail?id=113439) +* $1000 to miaubiz for [bug + 114924](http://code.google.com/p/chromium/issues/detail?id=114924) +* $1000 to miaubiz for [bug + 115028](http://code.google.com/p/chromium/issues/detail?id=115028) +* $1000 to miaubiz for [bug + 113497](http://code.google.com/p/chromium/issues/detail?id=113497) +* $1000 to miaubiz for [bug + 113707](http://code.google.com/p/chromium/issues/detail?id=113707) +* $1000 to miaubiz for [bug + 114068](http://code.google.com/p/chromium/issues/detail?id=114068) +* $1000 to miaubiz for [bug + 114219](http://code.google.com/p/chromium/issues/detail?id=114219) +* $1000 to miaubiz for [bug + 115681](http://code.google.com/p/chromium/issues/detail?id=115681) +* $1000 to miaubiz for [bug + 113902](http://code.google.com/p/chromium/issues/detail?id=113902) +* $1000 to miaubiz for [bug + 116746](http://code.google.com/p/chromium/issues/detail?id=116746) +* $1000 to Arthur Gerkis for [bug + 116461](http://code.google.com/p/chromium/issues/detail?id=116461) +* $1000 to miaubiz for [bug + 104863](http://code.google.com/p/chromium/issues/detail?id=104863) +* $1000 to miaubiz for [bug + 107758](http://code.google.com/p/chromium/issues/detail?id=107758) +* $1000 to miaubiz for [bug + 108207](http://code.google.com/p/chromium/issues/detail?id=108207) +* $1000 to Chamal de Silva for [bug + 108544](http://code.google.com/p/chromium/issues/detail?id=108544) +* $1000 to miaubiz for [bug + 107244](http://code.google.com/p/chromium/issues/detail?id=107244) +* $1000 to miaubiz for [bug + 110764](http://code.google.com/p/chromium/issues/detail?id=110764) +* $1000 to miaubiz for [bug + 112151](http://code.google.com/p/chromium/issues/detail?id=112151) +* $1000 to miaubiz for [bug + 112833](http://code.google.com/p/chromium/issues/detail?id=112833) +* $1000 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 111467](http://code.google.com/p/chromium/issues/detail?id=111467) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 112411](http://code.google.com/p/chromium/issues/detail?id=112411) +* $1000 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 114342](http://code.google.com/p/chromium/issues/detail?id=114342) +* $1000 to Arthur Gerkis for [bug + 113837](http://code.google.com/p/chromium/issues/detail?id=113837) +* $1000 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 117471](http://code.google.com/p/chromium/issues/detail?id=117471) +* $1000 to Omair for [bug + 117588](http://code.google.com/p/chromium/issues/detail?id=117588) +* $1000 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 135432](http://code.google.com/p/chromium/issues/detail?id=135432) +* $1000 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 140803](http://code.google.com/p/chromium/issues/detail?id=140803) +* $1000 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 143609](http://code.google.com/p/chromium/issues/detail?id=143609) +* $1000 to miaubiz for [bug + 143656](http://code.google.com/p/chromium/issues/detail?id=143656) +* $1000 to Sławomir Błażek for [bug + 144899](http://code.google.com/p/chromium/issues/detail?id=144899) +* $1000 to miaubiz for [bug + 145544](http://code.google.com/p/chromium/issues/detail?id=145544) +* $1000 to miaubiz for [bug + 134897](http://code.google.com/p/chromium/issues/detail?id=134897) +* $1000 to Arthur Gerkis for [bug + 136235](http://code.google.com/p/chromium/issues/detail?id=136235) +* $1000 to Jüri Aedla for [bug + 136894](http://code.google.com/p/chromium/issues/detail?id=136894) +* $1000 to miaubiz for [bug + 129898](http://code.google.com/p/chromium/issues/detail?id=129898) +* $1000 to miaubiz for [bug + 130595](http://code.google.com/p/chromium/issues/detail?id=130595) +* $1000 to miaubiz for [bug + 120222](http://code.google.com/p/chromium/issues/detail?id=120222) +* $1000 to miaubiz for [bug + 120944](http://code.google.com/p/chromium/issues/detail?id=120944) +* $1000 to miaubiz for [bug + 124356](http://code.google.com/p/chromium/issues/detail?id=124356) +* $1000 to miaubiz for [bug + 125374](http://code.google.com/p/chromium/issues/detail?id=125374) +* $1000 to miaubiz for [bug + 129947](http://code.google.com/p/chromium/issues/detail?id=129947) +* $1000 to miaubiz for [bug + 129951](http://code.google.com/p/chromium/issues/detail?id=129951) +* $1000 to miaubiz for [bug + 130356](http://code.google.com/p/chromium/issues/detail?id=130356) +* $1000 to Jüri Aedla for [bug + 132779](http://code.google.com/p/chromium/issues/detail?id=132779) +* $1000 to Collin Payne for [bug + 150737](https://code.google.com/p/chromium/issues/detail?id=150737) +* $509 to wushi of team509 for [bug + 34978](http://code.google.com/p/chromium/issues/detail?id=34978) +* $500 to Hironori Tokuta for bug 169401 +* $500 to Atte Kettunen for bug 284785 +* $500 to Atte Kettunen for bug 271161 +* $500 to Atte Kettunen for bug 270758 +* $500 to Atte Kettunen for bug 223962 +* $500 to Atte Kettunen for bug 152569 +* $500 to Atte Kettunen for bug 253550 +* $500 to Atte Kettunen for bug 167069 +* $500 to Atte Kettunen for bug 148638 +* $500 to Atte Kettunen for bug 142169 +* $500 to Isaac Dawson for [bug + 21338](http://code.google.com/p/chromium/issues/detail?id=21338) +* $500 to Billy Rios for [bug + 26129](http://code.google.com/p/chromium/issues/detail?id=26129) +* $500 to Timothy D. Morgan of [VSR](http://www.vsecurity.com/) for + [bug + 32718](http://code.google.com/p/chromium/issues/detail?id=32718) +* $500 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 35732](http://code.google.com/p/chromium/issues/detail?id=35732) +* $500 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 37061](http://code.google.com/p/chromium/issues/detail?id=37061) +* $500 to kuzzcc for [bug + 39443](http://code.google.com/p/chromium/issues/detail?id=39443) +* $500 to kuzzcc for [bug + 40635](http://code.google.com/p/chromium/issues/detail?id=40635) +* $500 to wushi of team509 for [bug + 42294](http://code.google.com/p/chromium/issues/detail?id=42294) +* $500 to wushi of team509 for [bug + 42723](http://code.google.com/p/chromium/issues/detail?id=42723) +* $500 to Rodrigo Marcos of SECFORCE for [bug + 46126](http://code.google.com/p/chromium/issues/detail?id=46126) +* $500 to wushi of team509 for [bug + 44424](http://code.google.com/p/chromium/issues/detail?id=44424) +* $500 to wushi of team509 for [bug + 46360](http://code.google.com/p/chromium/issues/detail?id=46360) +* $500 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 48115](http://code.google.com/p/chromium/issues/detail?id=48115) +* $500 to Michail Nikolaev for [bug + 42736](http://code.google.com/p/chromium/issues/detail?id=42736) +* $500 to sp3x of [SecurityReason.com](http://securityreason.com/) for + [bug + 43813](http://code.google.com/p/chromium/issues/detail?id=43813) +* $500 to [Jose A. Vazquez](http://spa-s3c.blogspot.com/) for [bug + 47866](http://code.google.com/p/chromium/issues/detail?id=47866) +* $500 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 48284](http://code.google.com/p/chromium/issues/detail?id=48284) +* $500 to wushi of team509 for [bug + 49596](http://code.google.com/p/chromium/issues/detail?id=49596) +* $500 to wushi of team509 for [bug + 49628](http://code.google.com/p/chromium/issues/detail?id=49628) +* $500 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 45331](http://code.google.com/p/chromium/issues/detail?id=45331) +* $500 to kuzzcc for [bug + 51653](http://code.google.com/p/chromium/issues/detail?id=51653) +* $500 to Isaac Dawson for [bug + 53001](http://code.google.com/p/chromium/issues/detail?id=53001) +* $500 to David Weston of Microsoft Vulnerability Research (MSVR) for + [bug + 50250](http://code.google.com/p/chromium/issues/detail?id=50250) +* $500 to kuzzcc for [bug + 51252](http://code.google.com/p/chromium/issues/detail?id=51252) +* $500 to kuzzcc for [bug + 51919](http://code.google.com/p/chromium/issues/detail?id=51252) +* $500 to Sergey Glazunov for [bug + 53361](http://code.google.com/p/chromium/issues/detail?id=53361) +* $500 to remy.saissy for [bug + 53361](http://code.google.com/p/chromium/issues/detail?id=53361) +* $500 to kuzzcc for [bug + 53394](http://code.google.com/p/chromium/issues/detail?id=53394) +* $500 to wushi of team509 for [bug + 55114](http://code.google.com/p/chromium/issues/detail?id=55114) +* $500 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 57501](http://code.google.com/p/chromium/issues/detail?id=57501) +* $500 to kuzzcc for [bug + 51680](http://code.google.com/p/chromium/issues/detail?id=51680) +* $500 to Simon Schaak for [bug + 54500](http://code.google.com/p/chromium/issues/detail?id=54500) +* $500 to "vkouchna" for [bug + 58741](http://code.google.com/p/chromium/issues/detail?id=58741) +* $500 to "gundlach" / various for [bug + 60238](http://code.google.com/p/chromium/issues/detail?id=60238) +* $500 to "fam.lam" for [bug + 60327](http://code.google.com/p/chromium/issues/detail?id=60327) +* $500 to Stefan Troger for [bug + 59554](http://code.google.com/p/chromium/issues/detail?id=59554) +* $500 to kuzzcc for [bug + 63051](http://code.google.com/p/chromium/issues/detail?id=63051) +* $500 to Sławomir Błażek for [bug + 62956](http://code.google.com/p/chromium/issues/detail?id=62956) +* $500 to Chamal de Silva for [bug + 65299](http://code.google.com/p/chromium/issues/detail?id=65299) +* $500 to Jan Tošovský for [bug + 66748](http://code.google.com/p/chromium/issues/detail?id=66748) +* $500 to *anonymous* for [bug + 67363](http://code.google.com/p/chromium/issues/detail?id=67363) +* $500 to Sergey Radchenko for [bug + 63732](http://code.google.com/p/chromium/issues/detail?id=63732) +* $500 to Stefan van Zanden for [bug + 70078](http://code.google.com/p/chromium/issues/detail?id=70078) +* $500 to Martin Barbella for [bug + 69628](http://code.google.com/p/chromium/issues/detail?id=69628) +* $500 to Daniel Divricean for [bug + 70336](http://code.google.com/p/chromium/issues/detail?id=70336) +* $500 to Alex Turpin for [bug + 72517](http://code.google.com/p/chromium/issues/detail?id=72517) +* $500 to Christian Holler for [bug + 74670](http://code.google.com/p/chromium/issues/detail?id=74670) +* $500 to Yuri Ko for [bug + 70070](http://code.google.com/p/chromium/issues/detail?id=70070) +* $500 to Aki Helin for [bug + 71586](http://code.google.com/p/chromium/issues/detail?id=71586) +* $500 to Michael Griffiths for [bug + 75347](http://code.google.com/p/chromium/issues/detail?id=75347) +* $500 to Dan Rosenberg for [bug + 76542](http://code.google.com/p/chromium/issues/detail?id=76542) +* $500 to Jordi Chancel for [bug + 77786](http://code.google.com/p/chromium/issues/detail?id=77786) +* $500 to Collin Payne for [bug + 81916](http://code.google.com/p/chromium/issues/detail?id=81916) +* $500 to Aki Helin from + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 85177](http://code.google.com/p/chromium/issues/detail?id=85177) +* $500 to miaubiz for [bug + 85102](http://code.google.com/p/chromium/issues/detail?id=85102) +* $500 to Mario Gomes for [bug + 85808](http://code.google.com/p/chromium/issues/detail?id=85808) +* $500 to kuzzcc for [bug + 85808](http://code.google.com/p/chromium/issues/detail?id=85808) +* $500 to miaubiz for [bug + 87298](http://code.google.com/p/chromium/issues/detail?id=87298) +* $500 to Shih Wei-Long for [bug + 87339](http://code.google.com/p/chromium/issues/detail?id=87339) +* $500 to Juho Nurminen for [bug + 88337](http://code.google.com/p/chromium/issues/detail?id=88337) +* $500 to Aki Helin of [OUSPG](https://www.ee.oulu.fi/research/ouspg/) + for [bug + 89142](http://code.google.com/p/chromium/issues/detail?id=89142) +* $500 to Mario Gomes for [bug + 78639](http://code.google.com/p/chromium/issues/detail?id=78639) +* $500 to Jordi Chancel for [bug + 89564](http://code.google.com/p/chromium/issues/detail?id=89564) +* $500 to miaubiz for [bug + 89991](http://code.google.com/p/chromium/issues/detail?id=89991) +* $500 to Christian Holler for [bug + 91120](http://code.google.com/p/chromium/issues/detail?id=91120) +* $500 to Jordi Chancel for [bug + 86758](http://code.google.com/p/chromium/issues/detail?id=86758) +* $500 to Simon Sarris for [bug + 91016](http://code.google.com/p/chromium/issues/detail?id=91016) +* $500 to Aki Helin of [OUSPG](https://www.ee.oulu.fi/research/ouspg/) + for [bug + 100465](http://code.google.com/p/chromium/issues/detail?id=100465) +* $500 to Aki Helin of [OUSPG](https://www.ee.oulu.fi/research/ouspg/) + for [bug + 98809](http://code.google.com/p/chromium/issues/detail?id=98809) +* $500 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 104959](http://code.google.com/p/chromium/issues/detail?id=104959) +* $500 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 105714](http://code.google.com/p/chromium/issues/detail?id=105714) +* $500 to Aki Helin of [OUSPG](https://www.ee.oulu.fi/research/ouspg/) + for [bug + 108416](http://code.google.com/p/chromium/issues/detail?id=108416) +* $500 to Aki Helin of [OUSPG](https://www.ee.oulu.fi/research/ouspg/) + for [bug + 108901](http://code.google.com/p/chromium/issues/detail?id=108901) +* $500 to Aki Helin of [OUSPG](https://www.ee.oulu.fi/research/ouspg/) + for [bug + 110277](http://code.google.com/p/chromium/issues/detail?id=110277) +* $500 to miaubiz for [bug + 106336](http://code.google.com/p/chromium/issues/detail?id=106336) +* $500 to pa_kt for [bug + 112259](http://code.google.com/p/chromium/issues/detail?id=112259) +* $500 to Sławomir Błażek for [bug + 112670](http://code.google.com/p/chromium/issues/detail?id=112670) +* $500 to Sławomir Błażek for [bug + 114054](http://code.google.com/p/chromium/issues/detail?id=114054) +* $500 to miaubiz for [bug + 108467](http://code.google.com/p/chromium/issues/detail?id=108467) +* $500 to Masato Kinugawa for [bug + 109574](http://code.google.com/p/chromium/issues/detail?id=109574) +* $500 to Arthur Gerkis for [bug + 112317](http://code.google.com/p/chromium/issues/detail?id=112317) +* $500 to miaubiz for [bug + 114056](http://code.google.com/p/chromium/issues/detail?id=114056) +* $500 to Christian Holler for [bug + 117794](http://code.google.com/p/chromium/issues/detail?id=117794) +* $500 to Nir Moshe for [bug + 137707](http://code.google.com/p/chromium/issues/detail?id=137707) +* $500 to pawlkt for [bug + 139168](http://code.google.com/p/chromium/issues/detail?id=139168) +* $500 to Atte Kettunen of + [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for [bug + 141651](http://code.google.com/p/chromium/issues/detail?id=141651) +* $500 to miaubiz for [bug + 121347](http://code.google.com/p/chromium/issues/detail?id=121347) +* $500 to miaubiz for [bug + 136881](http://code.google.com/p/chromium/issues/detail?id=136881) +* $500 to Emmanuel Bronshtein for [bug + 142956](http://code.google.com/p/chromium/issues/detail?id=142956) +* $500 to Takeshi Terada for [bug + 144813](http://code.google.com/p/chromium/issues/detail?id=144813) +* $500 to Takeshi Terada for [bug + 144820](http://code.google.com/p/chromium/issues/detail?id=144820) +* $500 to Takeshi Terada for [bug + 137532](http://code.google.com/p/chromium/issues/detail?id=137532) +* $500 to Takeshi Terada for [bug + 144866](http://code.google.com/p/chromium/issues/detail?id=144866) +* $500 to Takeshi Terada for [bug + 141889](http://code.google.com/p/chromium/issues/detail?id=141889) +* $500 to Artem Chaykin for [bug + 138210](http://code.google.com/p/chromium/issues/detail?id=138210) +* $500 to Artem Chaykin for [bug + 138035](http://code.google.com/p/chromium/issues/detail?id=138035) +* $500 to Ayush Jindal for [bug + 68342](https://code.google.com/p/chromium/issues/detail?id=68342) + +The following special-case rewards were issued for bugs in components external +to the Chromium project. We sometimes issue rewards for bugs in external +components where information of the bug enabled us to proactively protect our +users. + +* $5000 to Eetu Luodemaa and Joni Vähämäki, both from Documill, for + [bug + 146254](http://code.google.com/p/chromium/issues/detail?id=146254) +* $4000 to Jüri Aedla for [bug + 107128](http://code.google.com/p/chromium/issues/detail?id=107128) +* $3000 to Jüri Aedla for [bug + 129930](http://code.google.com/p/chromium/issues/detail?id=129930) +* $1337 to Marc Schoenefeld for [bug + 48283](http://code.google.com/p/chromium/issues/detail?id=48283) +* $1337 to Simon Berry-Byrne for [bug + 48733](http://code.google.com/p/chromium/issues/detail?id=48733) +* $1337 to Marc Schoenefeld for [bug + 51070](http://code.google.com/p/chromium/issues/detail?id=51070) +* $1337 to Jüri Aedla for [bug + 112822](http://code.google.com/p/chromium/issues/detail?id=112822) +* $1000 to Bui Quang Minh from Bkis + ([www.bkis.com](http://www.bkis.com)) for [bug + 58731](http://code.google.com/p/chromium/issues/detail?id=58731) +* $1000 to Yang Dingning from NCNIPC, Graduate University of Chinese + Academy of Sciences for [bug + 63444](http://code.google.com/p/chromium/issues/detail?id=63444) +* $1000 to Yang Dingning from NCNIPC, Graduate University of Chinese + Academy of Sciences for [bug + 86900](http://code.google.com/p/chromium/issues/detail?id=86900) +* $1000 to Yang Dingning from NCNIPC, Graduate University of Chinese + Academy of Sciences for [bug + 89402](http://code.google.com/p/chromium/issues/detail?id=89402) +* $1000 to Yang Dingning from NCNIPC, Graduate University of Chinese + Academy of Sciences for [bug + 93472](http://code.google.com/p/chromium/issues/detail?id=93472) +* $1000 to Nicolas Gregoire for [bug + 138673](http://code.google.com/p/chromium/issues/detail?id=138673) +* $500 to Nicolas Gregoire for [bug + 127417](http://code.google.com/p/chromium/issues/detail?id=127417) + +(Note that some of the above individuals elected to donate the rewards to +charity. In these cases, Google often increased the value of the donation beyond +the stated reward amount.) + +### **Honorable mention** + +The following lower severity or duplicate bugs were responsibly reported to the +Chromium project. Thanks to these named individuals for helping Chromium +security! + +* Mike Dougherty of dotSyntax, LLC for [bug + 33572](http://code.google.com/p/chromium/issues/detail?id=33572) +* kuzzcc for [bug + 37007](http://code.google.com/p/chromium/issues/detail?id=37007) +* RSnake of [ha.ckers.org](http://ha.ckers.org/) for [bug + 33445](http://code.google.com/p/chromium/issues/detail?id=33445) +* Tobias Klein ([www.trapkit.de](http://www.trapkit.de/)) for [bug + 38845](http://code.google.com/p/chromium/issues/detail?id=38845) +* Carlos Ghan for [bug + 33952](http://code.google.com/p/chromium/issues/detail?id=33952) +* WHK <elhacker.net> and The-0utl4w From Aria-Security for [bug + 34721](http://code.google.com/p/chromium/issues/detail?id=34721) +* Aki Helin from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for + [bug + 35979](http://code.google.com/p/chromium/issues/detail?id=35979) +* Aki Helin from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for + [bug + 36976](http://code.google.com/p/chromium/issues/detail?id=36976) +* Jordi Chancel for [bug + 37447](http://code.google.com/p/chromium/issues/detail?id=37447) +* kuzzcc for [bug + 39277](http://code.google.com/p/chromium/issues/detail?id=39277) +* Florent, Skyrecon systems for [bug + 40801](http://code.google.com/p/chromium/issues/detail?id=40801) +* kuzzcc for [bug + 41778](http://code.google.com/p/chromium/issues/detail?id=41778) +* Aki Helin from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for + [bug + 42538](http://code.google.com/p/chromium/issues/detail?id=42538) +* kuzzcc for [bug + 40628](http://code.google.com/p/chromium/issues/detail?id=40628) +* kuzzcc for [bug + 41447](http://code.google.com/p/chromium/issues/detail?id=41447) +* Florian Rienhardt, BSI for [bug + 36553](http://code.google.com/p/chromium/issues/detail?id=36553) +* Ben Davis and Emanuele Gentili for [bug + 38105](http://code.google.com/p/chromium/issues/detail?id=38105) +* Sergey Glazunov for [bug + 42396](http://code.google.com/p/chromium/issues/detail?id=42396) +* Jose A. Vazquez for [bug + 45164](http://code.google.com/p/chromium/issues/detail?id=45164) +* Mats Ahlgren for [bug + 46575](http://code.google.com/p/chromium/issues/detail?id=46575) +* Aki Helin from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for + [bug + 47056](http://code.google.com/p/chromium/issues/detail?id=47056) +* Lostmon for [bug + 28001](http://code.google.com/p/chromium/issues/detail?id=28001) +* "ironfist99" for [bug + 34414](http://code.google.com/p/chromium/issues/detail?id=34414) +* Chris Weber from Casaba Security for [bug + 37201](http://code.google.com/p/chromium/issues/detail?id=37201) +* Brook Novak for [bug + 41654](http://code.google.com/p/chromium/issues/detail?id=41654) +* Lostmon for [bug + 45876](http://code.google.com/p/chromium/issues/detail?id=45876) +* Keith Campbell for [bug + 51846](http://code.google.com/p/chromium/issues/detail?id=51846) +* [VUPEN Vulnerability Research Team](http://www.vupen.com/) + (VUPEN-SR-2010-249) for [bug + 52443](http://code.google.com/p/chromium/issues/detail?id=52443) +* "magnusmorton" for [bug + 51709](http://code.google.com/p/chromium/issues/detail?id=51709) +* kuzzcc for [bug + 53176](http://code.google.com/p/chromium/issues/detail?id=53176) +* "adriennefelt" for [bug + 54006](http://code.google.com/p/chromium/issues/detail?id=54006) +* Jordi Chancel for [bug + 51680](http://code.google.com/p/chromium/issues/detail?id=51680) +* kuzzcc for [bug + 53002](http://code.google.com/p/chromium/issues/detail?id=53002) +* Dan Rosenberg, Virtual Security Research for [bug + 54132](http://code.google.com/p/chromium/issues/detail?id=54132) +* Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR) for + [bug + 55745](http://code.google.com/p/chromium/issues/detail?id=55745) +* Cezary Tomczak for [bug + 58319](http://code.google.com/p/chromium/issues/detail?id=58319) +* Mohammed Bouhlel for [bug + 61701](http://code.google.com/p/chromium/issues/detail?id=61701) +* kuzzcc for [bug + 62168](http://code.google.com/p/chromium/issues/detail?id=62168) +* David Weston of Microsoft Vulnerability Research (MSVR) for [bug + 60055](http://code.google.com/p/chromium/issues/detail?id=60055) +* kuzzcc for [bug + 60761](http://code.google.com/p/chromium/issues/detail?id=60761) +* Marius Wachtler for [bug + 62276](http://code.google.com/p/chromium/issues/detail?id=62276) +* Chamal de Silva for [bug + 65299](http://code.google.com/p/chromium/issues/detail?id=65299) +* Chamal de Silva for [bug + 66591](http://code.google.com/p/chromium/issues/detail?id=66591) +* David Warren of [CERT](http://www.cert.org/) for [bug + 67303](http://code.google.com/p/chromium/issues/detail?id=67303) +* miaubiz for [bug + 67363](http://code.google.com/p/chromium/issues/detail?id=67363) +* Brian Kirchoff for [bug + 62791](http://code.google.com/p/chromium/issues/detail?id=62791) +* Dan Morrison for [bug + 66931](http://code.google.com/p/chromium/issues/detail?id=66931) +* Matthew Heidermann for [bug + 68244](http://code.google.com/p/chromium/issues/detail?id=68244) +* [Reddit](http://www.reddit.com) for [bug + 69195](http://code.google.com/p/chromium/issues/detail?id=69195) +* Rik Cabanier for [bug + 67234](http://code.google.com/p/chromium/issues/detail?id=67234) +* miaubiz for [bug + 71717](http://code.google.com/p/chromium/issues/detail?id=71717) +* Louis Lang for [bug + 49747](http://code.google.com/p/chromium/issues/detail?id=49747) +* Aki Helin from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for + [bug + 66962](http://code.google.com/p/chromium/issues/detail?id=66962) +* David Weston of Microsoft and Microsoft Vulnerability Research + (MSVR) for [bug + 71788](http://code.google.com/p/chromium/issues/detail?id=71788) +* Martin Barbella for [bug + 61502](http://code.google.com/p/chromium/issues/detail?id=61502) +* Chamal de Silva for [bug + 70538](http://code.google.com/p/chromium/issues/detail?id=70538) +* Cole Snodgrass for [bug + 72523](http://code.google.com/p/chromium/issues/detail?id=72523) +* miaubiz for [bug + 72910](http://code.google.com/p/chromium/issues/detail?id=72910) +* wushi of team509 for [bug + 75801](http://code.google.com/p/chromium/issues/detail?id=75801) +* wushi of team509 for [bug + 76646](http://code.google.com/p/chromium/issues/detail?id=76646) +* kuzzcc for [bug + 77349](http://code.google.com/p/chromium/issues/detail?id=77349) +* Sergey Glazunov for [bug + 75821](http://code.google.com/p/chromium/issues/detail?id=75821) +* kuzzcc for [bug + 79266](http://code.google.com/p/chromium/issues/detail?id=79266) +* kuzzcc for [bug + 79426](http://code.google.com/p/chromium/issues/detail?id=79426) +* Sergey Glazunov for [bug + 83273](http://code.google.com/p/chromium/issues/detail?id=83273) +* kuzzcc for [bug + 83841](http://code.google.com/p/chromium/issues/detail?id=83841) +* kuzzcc for [bug + 84402](http://code.google.com/p/chromium/issues/detail?id=84402) +* Olli Pettay of Mozilla for [bug + 84600](http://code.google.com/p/chromium/issues/detail?id=84600) +* kuzzcc for [bug + 84805](http://code.google.com/p/chromium/issues/detail?id=84805) +* Mikołaj Małecki for [bug + 85559](http://code.google.com/p/chromium/issues/detail?id=85559) +* Collin Payne for [bug + 84933](http://code.google.com/p/chromium/issues/detail?id=84933) +* miaubiz for [bug + 82552](http://code.google.com/p/chromium/issues/detail?id=82552) +* wushi of team509 (reported through ZDI) for [bug + 88670](http://code.google.com/p/chromium/issues/detail?id=88670) +* miaubiz for [bug + 88670](http://code.google.com/p/chromium/issues/detail?id=88670) +* electronixtar for [bug + 51464](http://code.google.com/p/chromium/issues/detail?id=51464) +* wbrana for [bug + 57908](http://code.google.com/p/chromium/issues/detail?id=57908) +* kuzzcc for [bug + 78427](http://code.google.com/p/chromium/issues/detail?id=78427) +* kuzzcc for [bug + 83031](http://code.google.com/p/chromium/issues/detail?id=83031) +* Aaron Sigel of [vtty.com](http://vtty.com) for [bug + 80680](http://code.google.com/p/chromium/issues/detail?id=80680) +* Mario Gomes for [bug + 85041](http://code.google.com/p/chromium/issues/detail?id=85041) +* Arthur Gerkis for [bug + 89795](http://code.google.com/p/chromium/issues/detail?id=89795) +* miaubiz for [bug + 90134](http://code.google.com/p/chromium/issues/detail?id=90134) +* miaubiz for [bug + 94800](http://code.google.com/p/chromium/issues/detail?id=94800) +* Bernhard 'Bruhns' Brehm of Recurity Labs for [bug + 93497](http://code.google.com/p/chromium/issues/detail?id=93497) +* Aki Helin from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for + [bug + 93596](http://code.google.com/p/chromium/issues/detail?id=93596) +* Nishant Yadant of VMware and Craig Chamberlain for [bug + 95917](http://code.google.com/p/chromium/issues/detail?id=95917) +* Chu for [bug + 101010](http://code.google.com/p/chromium/issues/detail?id=101010) +* Aki Helin from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) for + [bug + 100863](http://code.google.com/p/chromium/issues/detail?id=100863) +* Collin Payne for [bug + 92550](http://code.google.com/p/chromium/issues/detail?id=92550) +* Devdatta Akhawe, UC Berkeley for [bug + 103630](http://code.google.com/p/chromium/issues/detail?id=103630) +* Atte Kettunen from [OUSPG](https://www.ee.oulu.fi/research/ouspg/) + for [bug + 109094](http://code.google.com/p/chromium/issues/detail?id=109094) +* Code Audit Labs of VulnHunt.com for [bug + 109245](http://code.google.com/p/chromium/issues/detail?id=109245) +* Sławomir Błażek for [bug + 109664](http://code.google.com/p/chromium/issues/detail?id=109664) +* Ben Carrillo for [bug + 109717](http://code.google.com/p/chromium/issues/detail?id=109717) +* chrometot for [bug + 112451](http://code.google.com/p/chromium/issues/detail?id=112451) +* Michael Gundlach for [bug + 108648](http://code.google.com/p/chromium/issues/detail?id=108648) +* Glenn Randers-Pehrson for [bug + 116162](http://code.google.com/p/chromium/issues/detail?id=116162) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/index.md b/chromium/docs/website/site/Home/chromium-security/index.md new file mode 100644 index 00000000000..6ccbaf390bf --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/index.md @@ -0,0 +1,141 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: chromium-security +title: Chromium Security +--- + +The Chromium security team aims to provide Chrome and Chrome OS users with the +most secure platform to navigate the web, and just generally make the Internet a +safer place to hang out. We work on solutions for the [biggest user / ux +security problems](/Home/chromium-security/enamel), drive [secure architecture +design and implementation projects for the Chromium +platform](/Home/chromium-security/guts), [find and help fix security +bugs](/Home/chromium-security/bugs), [help developers to create more secure +apps](/Home/chromium-security/owp), and act as a [general security consulting / +review group](/Home/chromium-security/reviews-and-consulting) for the larger +Chromium project. + +To learn more: + +* Read our [core security + principles](/Home/chromium-security/core-principles), which we try + to follow in all security work we do. +* Check out our [security brag + sheet](/Home/chromium-security/brag-sheet), which lists some of the + technologies and recognition we're most proud of. +* Check out some of the work we're doing to [detect and prevent + security bugs](/Home/chromium-security/bugs), ensure that Chromium + is [secure by design and resilient to + exploitation](/Home/chromium-security/guts), and [make security + easier for users and developers](/Home/chromium-security/enamel). +* Peruse the [Security + FAQ](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/faq.md) + for answers to common questions. +* Learn about how [Security + Reviews](/Home/chromium-security/security-reviews) work in Chrome. +* Check out some of our [Chrome-specific security + education](/Home/chromium-security/education) documentation. +* Check out the [PDFium + Security](/Home/chromium-security/pdfium-security) page, too. +* Here is the canonical "[prefer secure origins for powerful new + features](/Home/chromium-security/prefer-secure-origins-for-powerful-new-features)" + proposal text. +* Here is the canonical "[Marking HTTP As + Non-Secure](/Home/chromium-security/marking-http-as-non-secure)" + proposal text. +* Have a look at our public [Chrome Security Google Drive + folder](https://drive.google.com/open?id=0B_KwtdC2J1Q6fjFNRElHUHhmLUlNbktKbFVkRXBlVGp0NkZvTDJvZVRZLXozOVFqTWtzM1E&authuser=0), + which contains a whole bunch of useful documents as well. +* We provide [quarterly + updates](/Home/chromium-security/quarterly-updates) to what we're + working on, if anything piques your interest get in touch! +* Find out about [our memory + safety](/Home/chromium-security/memory-safety) work. + +### How can I get involved? + +**Find bugs** + +One of the quickest ways to get involved is finding and [reporting security +bugs](/Home/chromium-security/reporting-security-bugs). It will get prompt +attention from a [security +sheriff](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/sheriff.md), +be kept private until we coordinate disclosure, and possibly qualify for a cash +reward through our [Vulnerability Rewards +Program](/Home/chromium-security/vulnerability-rewards-program). We occasionally +run security contests outside of our regular reward program (e.g. +[Pwnium2](/Home/chromium-security/pwnium-2), +[Pwnium3](/Home/chromium-security/pwnium-3)) too. + +For any issues other than a specific bug, email us at +[security@chromium.org](mailto:security@chromium.org). For non-confidential +discussions, please post to the [technical discussion +forums](/developers/technical-discussion-groups), including the public +[security-dev](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev) +list for technical discussions. + +**Become a committer** + +We encourage interested parties to work towards [becoming a +committer](/getting-involved/become-a-committer). There are many types of +security related patch that we're excited to collaborate on: + +* Fixes for any security bugs you discover. +* Implementing or improving security features, including + security-related web platform features (examples: iframe sandbox, + XSS auditor, CSP). +* Implementing or improving security hardening measures (examples: + defensive checks, allocator improvements, ASLR improvements). + +**Become an IPC reviewer** + +Bugs in IPC can have nasty consequences, so we take special care to make sure +additions or changes to IPC avoid [common security +pitfalls](/Home/chromium-security/education/security-tips-for-ipc). If you want +to get involved, check out how to become an IPC reviewer +[here](/Home/chromium-security/ipc-security-reviews). + +**Join the team** +Access to Chromium security bugs and our team mailing list is restricted, for +obvious reasons. Before applying to join the team, applicants must be committers +and are expected to have made and continue to make active and significant +contributions to Chromium security. You should demonstrate some of the following +before applying: + +* Relevant technical expertise and a history of patches that improve + Chromium security. +* A history of identifying and responsibly reporting Chromium security + vulnerabilities. +* Other expertise and/or roles that would allow the applicant to + significantly contribute to Chromium security on a regular basis. +* \[required\]: Be a committer, and have no personal or professional + association that is an ethical conflict of interest (e.g. keeping + vulnerabilities or exploits private, or sharing with parties other + than the vendor). + +To apply for membership, please email +[security@chromium.org](mailto:security@chromium.org). + +How can I get access to Chromium vulnerabilities? + +A history of fixed Chromium security bugs is best found via [security notes in +Stable Channel updates on the Google Chrome releases +blog](https://googlechromereleases.blogspot.com/search/label/Stable%20updates). +You can also find fixed, publicly visible Type=Bug-Security bugs in the [issue +tracker](https://crbug.com/) (note: security bugs automatically become publicly +visible 14 weeks after they are fixed). All security bugs are rated according to +our [severity +guidelines](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/severity-guidelines.md), +which we keep in line with industry standards. + +Advance notice of (fixed) Chromium security vulnerabilities is restricted to +those actively building significantly deployed products based upon Chromium, or +including Chromium as part of bundled software distributions. If you meet the +criteria, and require advanced notice of vulnerabilities, request access via +[security@chromium.org](mailto:security@chromium.org). Your email should explain +your need for access (embedder, Linux distribution, etc.) and your continued +access will require that you follow the terms of list membership. + +### There is one simple rule for any party with advance access to security vulnerabilities in Chromium: any details of a vulnerability should be considered confidential and only shared on a need to know basis until such time that the vulnerability is responsibly disclosed by the Chromium project. Additionally, any vulnerabilities in third-party dependencies (e.g. Blink, open source parser libraries, etc.) must be treated with the same consideration. Access will be terminated for any member who fails to comply with this rule in letter or spirit. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/ipc-security-reviews/index.md b/chromium/docs/website/site/Home/chromium-security/ipc-security-reviews/index.md new file mode 100644 index 00000000000..904bb9a61ae --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/ipc-security-reviews/index.md @@ -0,0 +1,30 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: ipc-security-reviews +title: IPC Security Reviews +--- + +**So, you want to help with IPC reviews?** Fantastic! Security bugs in IPC have +nasty consequences, so we have a little background check and ramp up process: + +**First, tell [us](mailto:security@chromium.org) a bit about your security +interest and experience and confirm you've done your homework.** Entrusting you +with this responsibility only makes sense if you care about Chromium security, +so tell us why you want to do this. Do you have a history of helping find / fix +security bugs? Have you helped with security-relevant software design or +projects? Tell us a bit about your security interests and experience. + +You should also confirm that you've read and understand all of our doc on +[security tips for +IPC](/Home/chromium-security/education/security-tips-for-ipc).Is anything +unclear? Can you suggest or make improvements? Docs have a tendency of going +stale. + +**Next, we'll partner you up on some reviews.** We'll typically have you do ~3 +IPC reviews yourself with an existing reviewer doing a second pass. + +If all that looks good, you're on board! \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/malicious-extensions-protection/index.md b/chromium/docs/website/site/Home/chromium-security/malicious-extensions-protection/index.md new file mode 100644 index 00000000000..4fba2d13c11 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/malicious-extensions-protection/index.md @@ -0,0 +1,11 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: malicious-extensions-protection +title: Malicious Extensions Protection +--- + +http://blog.chromium.org/2013/11/protecting-windows-users-from-malicious.html \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages with User Input.gif.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages with User Input.gif.sha1 new file mode 100644 index 00000000000..77963b3f231 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages with User Input.gif.sha1 @@ -0,0 +1 @@ +9856c4425ff1c40d33c0e6f85241d9e86f0f3ae0 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages@1x.png.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages@1x.png.sha1 new file mode 100644 index 00000000000..d7c9fd05439 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/Treatment of HTTP Pages@1x.png.sha1 @@ -0,0 +1 @@ +af0a46ad9f5fc6b5ddc92e401f01fd48fa1aff28 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 1.png.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 1.png.sha1 new file mode 100644 index 00000000000..cacb4fc1462 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 1.png.sha1 @@ -0,0 +1 @@ +965471ca717b325ee4b3298e9569e2b76eb400ee \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 2.png.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 2.png.sha1 new file mode 100644 index 00000000000..e8074b21cdd --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/blog image 2.png.sha1 @@ -0,0 +1 @@ +90d8f3a756084bc6cd204f80dd8385e62e25412d \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/form-and-incognito-http-bad-verbose.png.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/form-and-incognito-http-bad-verbose.png.sha1 new file mode 100644 index 00000000000..d6ebd3bb0b9 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/form-and-incognito-http-bad-verbose.png.sha1 @@ -0,0 +1 @@ +fc08b30a4f39f9859a34a1e66478cb79da793eab \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/http-bad-sep-2018.png.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/http-bad-sep-2018.png.sha1 new file mode 100644 index 00000000000..bba461f924c --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/http-bad-sep-2018.png.sha1 @@ -0,0 +1 @@ +7003b4743000d675e6ae442b4596b3e6263e0937 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/index.md b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/index.md new file mode 100644 index 00000000000..4bf40abd736 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/index.md @@ -0,0 +1,329 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: marking-http-as-non-secure +title: Marking HTTP As Non-Secure +--- + +This page contains the original proposal for marking HTTP as non-secure (see +Original Proposal below). + +Since then, the [Chrome usable security team](/Home/chromium-security/enamel) +has announced the following phases towards this goal. + +For more information see, the WebFundamentals article: [Avoiding the Not Secure +Warning in +Chrome](https://developers.google.com/web/updates/2016/10/avoid-not-secure-warn) + +--- + +Timeline + +**January 2017 (Phase 1)** + +Takes effect: January 2017 (Chrome 56) + +Announcement: [Moving towards a more secure +web](https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html) +(September 8, 2016) + +In this phase, HTTP pages will be marked with "Not Secure" in the URL bar under +the following conditions: + +* The page **contains a password field**. +* The user **interacts with a credit card field**. + +[image](/Home/chromium-security/marking-http-as-non-secure/blog%20image%201.png) + +**October 2017 (Phase 2)** + +Takes effect: October 2017 (Chrome 62) + +Announcement: [Next Steps Toward More Connection +Security](https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html) +(April 27, 2017) + +In this phase, HTTP pages will be marked with "Not Secure" in the URL bar under +the following conditions: + +* The user is browsing in Chrome [**incognito + mode**](https://support.google.com/chromebook/answer/95464). +* The page **contains a password field**. +* The user **interacts with any input field**. + +[image](/Home/chromium-security/marking-http-as-non-secure/form-and-incognito-http-bad-verbose.png) + +On mobile, there is no room for the string, so only the icon animates out for +user entered data: + +image + +**July 2018 (Phase 3)** + +Takes effect: July 2018 (Chrome 68) + +Announcement: [A secure web is here to +stay](https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html) +(February 8, 2018) + +In this phase, all HTTP pages will be marked with "Not Secure": + +[image](/Home/chromium-security/marking-http-as-non-secure/phase-3-wide.png) + +On mobile, there is no room for the string. The (i) icon will show on all HTTP +pages: + +image + +**September 2018** + +Takes effect: September 2018 (Chrome 69) + +Announcement: [Evolving Chrome's security +indicators](https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html) +(May 17, 2018) + +In this phase, secure pages will be marked more neutral instead of affirmatively +secure: + +[image](/Home/chromium-security/marking-http-as-non-secure/http-bad-sep-2018.png) + +**October 2018** + +Takes effect: October 2018 (Chrome 70) + +Announcement: [Evolving Chrome's security +indicators](https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html) +(May 17, 2018) + +In this phase, HTTP pages will be marked as affirmatively "Not Secure" using red +color and the non-secure icon in the URL bar if the user **interacts with any +input field**. + +[image](https://3.bp.blogspot.com/-MkJEkHnXcXc/Wv181DQednI/AAAAAAAAA6E/95MwjxqK7awaCgr_Z6xRNWVi0Ztf0-ncACLcBGAs/s1600/Treatment%2Bof%2BHTTP%2BPages%2Bwith%2BUser%2BInput.gif) + +**Eventual** + +There is no target date for the final state yet, but we intend to mark all HTTP +pages as affirmatively non-secure in the long term (the same as other non-secure +pages, like pages with broken HTTPS): + +**[image](/Home/chromium-security/marking-http-as-non-secure/blog%20image%202.png)** + +On mobile: + +image + +--- + +Original Proposal + +Proposal + +We, the Chrome Security Team, propose that user agents (UAs) gradually change +their UX to display non-secure origins as affirmatively non-secure. + +The goal of this proposal is to more clearly display to users that HTTP provides +no data security. + +Request + +We’d like to hear everyone’s thoughts on this proposal, and to discuss with the +web community about how different transition plans might serve users. + +Background + +We all need data communication on the web to be secure (private, authenticated, +untampered). When there is no data security, the UA should explicitly display +that, so users can make informed decisions about how to interact with an origin. + +Roughly speaking, there are three basic transport layer security states for web +origins: + + Secure (valid HTTPS, other origins like (\*, localhost, \*)); + + Dubious (valid HTTPS but with mixed passive resources, valid HTTPS with + minor TLS errors); and + + Non-secure (broken HTTPS, HTTP). + +For more precise definitions of secure and non-secure, see [Requirements for +Powerful Features](http://www.w3.org/TR/powerful-features/) and [Mixed +Content](http://www.w3.org/TR/mixed-content/). + +We know that active tampering and surveillance attacks, as well as passive +surveillance attacks, are not theoretical but are in fact commonplace on the +web. + +[RFC 7258: Pervasive Monitoring Is an +Attack](https://tools.ietf.org/html/rfc7258) + +[NSA uses Google cookies to pinpoint targets for +hacking](http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/10/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking/) + +[Verizon’s ‘Perma-Cookie’ Is a Privacy-Killing +Machine](http://www.wired.com/2014/10/verizons-perma-cookie/) + +[How bad is it to replace adSense code id to ISP's adSense ID on free +Internet?](http://stackoverflow.com/questions/25438910/how-bad-is-it-to-replace-adsense-code-id-to-isps-adsense-id-on-free-internet) + +[Comcast Wi-Fi serving self-promotional ads via JavaScript +injection](http://arstechnica.com/tech-policy/2014/09/why-comcasts-javascript-ad-injections-threaten-security-net-neutrality/) + +[Erosion of the moral authority of transparent +middleboxes](https://tools.ietf.org/html/draft-hildebrand-middlebox-erosion-01) + +[Transitioning The Web To HTTPS](https://w3ctag.github.io/web-https/) + +We know that people do not generally perceive the absence of a warning sign. +(See e.g. [The Emperor's New Security +Indicators](http://commerce.net/wp-content/uploads/2012/04/The%20Emperors_New_Security_Indicators.pdf).) +Yet the only situation in which web browsers are guaranteed not to warn users is +precisely when there is no chance of security: when the origin is transported +via HTTP. Here are screenshots of the status quo for non-secure domains in +Chrome, Safari, Firefox, and Internet Explorer: + +Screen Shot 2014-12-11 at 5.08.48 PM.png + +Screen Shot 2014-12-11 at 5.09.55 PM.png + +Screen Shot 2014-12-11 at 5.11.04 PM.png + +ie-non-secure.png + +Particulars + +UA vendors who agree with this proposal should decide how best to phase in the +UX changes given the needs of their users and their product design constraints. +Generally, we suggest a phased approach to marking non-secure origins as +non-secure. For example, a UA vendor might decide that in the medium term, they +will represent non-secure origins in the same way that they represent Dubious +origins. Then, in the long term, the vendor might decide to represent non-secure +origins in the same way that they represent Bad origins. + +Ultimately, we can even imagine a long term in which secure origins are so +widely deployed that we can leave them unmarked (as HTTP is today), and mark +only the rare non-secure origins. + +There are several ways vendors might decide to transition from one phase to the +next. For example, the transition plan could be time-based: + + T0 (now): Non-secure origins unmarked + + T1: Non-secure origins marked as Dubious + + T2: Non-secure origins marked as Non-secure + + T3: Secure origins unmarked + +Or, vendors might set thresholds based on telemetry that measures the ratios of +user interaction with secure origins vs. non-secure. Consider this strawman +proposal: + + Secure > 65%: Non-secure origins marked as Dubious + + Secure > 75%: Non-secure origins marked as Non-secure + + Secure > 85%: Secure origins unmarked + +The particular thresholds or transition dates are very much up for discussion. +Additionally, how to define “ratios of user interaction” is also up for +discussion; ideas include the ratio of secure to non-secure page loads, the +ratio of secure to non-secure resource loads, or the ratio of total time spent +interacting with secure vs. non-secure origins. + +We’d love to hear what UA vendors, web developers, and users think. Thanks for +reading! We are discussing the proposal on web standards mailing lists: + +* [public-webappsec@w3.org](http://lists.w3.org/Archives/Public/public-webappsec/) +* [blink-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/blink-dev) +* [security-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev) +* [dev-security@lists.mozilla.org](https://groups.google.com/forum/#!forum/mozilla.dev.security) + +**FAQ** + +We have fielded various reasonable concerns about this proposal, but most of +them have a good answer. Here is a brief selection. + +(Please consider any external links to be examples, not endorsements.) + +* **Will this break plain HTTP sites?** + * No. HTTP sites will continue to work; we currently have no plans + to block them in Chrome. All that will change is the *security + indicator(s)*. +* **Aren't certificates expensive/difficult to obtain?** + * A few providers currently provide free/cheap/bundled + certificates right now. The [Let's + Encrypt](https://letsencrypt.org/) project makes it easy to + obtain free certificates (even for many subdomains at once, or + with wildcards). +* **Aren't certificates difficult to set up?** + * Let's Encrypt has developed a [simple, open-source + protocol](https://letsencrypt.org/howitworks/) for setting up + server certificates. [SSLMate](https://sslmate.com/) currently + provides a similar service for a fee. Services like + [Cloudflare](http://blog.cloudflare.com/introducing-universal-ssl/) + currently provide free SSL/TLS for sites hosted through them, + and hosting providers may start automating this for all users + once free certificates become common. + * For people who are happy without a custom domain, there are + various hosting options that support HTTPS with a free tier, + e.g. [GitHub Pages](https://pages.github.com/), blogging + services, [Google Sites](https://sites.google.com/), and [Google + App Engine](https://cloud.google.com/appengine/). As of 2018, + many hosting providers even support turning on HTTPS using a + single checkbox. +* **Isn't SSL/TLS slow?** + * [Not really](https://istlsfastyet.com/) (for almost all sites, + if they are following good practices). +* **Doesn't this break caching? Filtering?** + * If you're a site operator concerned about site load, there are + various secure CDN options available, starting as cheap as + [Cloudflare's free + tier](http://blog.cloudflare.com/introducing-universal-ssl/). + * For environments that need tight control of internet access, + there are several client-side/network solutions. For other + environments, we consider this kind of tampering a violation of + SSL/TLS security guarantees. +* **What about test servers/self-signed certificates?** + * Hopefully, free/simple certificate setup will be able to help + people who had previously considered it inconvenient. Also note + that [localhost is considered + secure](http://www.chromium.org/Home/chromium-security/prefer-secure-origins-for-powerful-new-features), + even without HTTPS. + * As mentioned above, plain HTTP will continue to work. + +Also see [Mozilla's +FAQ](https://blog.mozilla.org/security/files/2015/05/HTTPS-FAQ.pdf) on this +topic for longer answers. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-narrow.png.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-narrow.png.sha1 new file mode 100644 index 00000000000..093b1412032 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-narrow.png.sha1 @@ -0,0 +1 @@ +01a0b44621eda085bc745e38b567a0346b8f4673 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-wide.png.sha1 b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-wide.png.sha1 new file mode 100644 index 00000000000..5e9a71fe401 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/marking-http-as-non-secure/phase-3-wide.png.sha1 @@ -0,0 +1 @@ +cfa8f918d6561b8582c41f10c4a0e34494881a0d \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/mds/index.md b/chromium/docs/website/site/Home/chromium-security/mds/index.md new file mode 100644 index 00000000000..5a7a3e68093 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/mds/index.md @@ -0,0 +1,87 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: mds +title: Microarchitectural Data Sampling +--- + +Microarchitectural Data Sampling + +# (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091) + +# Summary + +Microarchitectural Data Sampling (MDS) refers to a set of speculative execution +side-channel vulnerabilities which potentially allow results from previous +execution on a core to be observed across security boundaries via +microarchitectural state, on certain Intel CPUs. They are described in [Intel's +announcement](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html), +and referred to as +MSBDS/[CVE-2018-12126](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12126), +MLPDS/[CVE-2018-12127](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12127), +MFBDS/[CVE-2018-12130](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12130), +and +MDSUM/[CVE-2019-11091](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11091). + +An attacker successfully exploiting these vulnerabilities could read sensitive +data from other processes running on the system, breaking the isolation between +processes provided by modern operating systems. If Chrome processes are +attacked, these sensitive data could include website contents as well as +passwords, credit card numbers, or cookies. + +Chrome, like all programs, relies on the operating system to provide isolation +between processes. Operating system vendors may release updates to improve +isolation, so users should ensure they install any updates and follow any +additional guidance from their operating system vendor in relation to MDS +mitigation. + +Some operating system mitigations will also require changes in Chrome which we +shall include in subsequent Chrome releases. Users should ensure their version +of Chrome is [always up to +date](https://support.google.com/chrome/answer/95414?co=GENIE.Platform%3DDesktop). + +## Response + +The Chrome team investigated various mitigation options Chrome could take +independently of the OS, but none were sufficiently complete or performant. +Users should rely on operating system level mitigations. + +### Android + +On the Android platform, the vast majority of devices are not affected, as these +issues only apply to some Intel-based systems. + +As always, Android users should apply updates for their devices as soon as they +are available from their OEM. + +### Chrome OS + +Chrome OS has disabled Hyper-Threading on Chrome OS 74 and subsequent versions. +This provides protection against attacks using MDS. [More details on Chrome OS's +response](/chromium-os/mds-on-chromeos). + +### macOS + +macOS Mojave 10.14.5 [includes MDS +mitigations](https://support.apple.com/en-us/HT210107). These have been adopted +by Chrome and will be included in Chrome 75 which will be released to the Stable +channel on or around the 4th of June. + +### Windows + +Windows users should apply updates with MDS mitigations as soon as they are +available, and [follow any guidance to adjust system settings if +appropriate](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190013). + +### iOS + +Apple iOS devices use CPUs not known to be vulnerable to MDS. + +### Linux + +Linux users should apply kernel and CPU microcode updates as soon as they are +available from their distribution vendor, and follow any guidance to adjust +system settings. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/memory-safety/index.md b/chromium/docs/website/site/Home/chromium-security/memory-safety/index.md new file mode 100644 index 00000000000..b04a7787718 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/memory-safety/index.md @@ -0,0 +1,129 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: memory-safety +title: Memory safety +--- + +The Chromium project finds that around 70% of our serious security bugs are +[memory safety +problems](https://alexgaynor.net/2019/aug/12/introduction-to-memory-unsafety-for-vps-of-engineering/). +Our next major project is to prevent such bugs at source. + +## The problem + +Around 70% of our high severity security bugs are memory unsafety problems (that +is, mistakes with C/C++ pointers). Half of those are use-after-free bugs. + +[Pie chart of uses-after-free, other memory safety, other security +bug, security asserts](/Home/chromium-security/memory-safety/piechart.png) + +(Analysis based on 912 high or critical +[severity](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/severity-guidelines.md) +security bugs since 2015, affecting the Stable channel.) + +These bugs are spread evenly across our codebase, and a high proportion of our +non-security stability bugs share the same types of root cause. As well as +risking our users’ security, these bugs have real costs in how we fix and ship +Chrome. + +## The limits of sandboxing + +Chromium’s [security architecture](/Home/chromium-security/guts) has always been +designed to assume that these bugs exist, and code is sandboxed to stop them +taking over the host machine. Over the past years that architecture has been +enhanced to [ensure that websites are isolated from one +another](/Home/chromium-security/site-isolation). That huge effort has allowed +us — just — to stay ahead of the attackers. But we are reaching the limits of +sandboxing and site isolation. + +A key limitation is that the process is the smallest unit of isolation, but +processes are not cheap. Especially on Android, using more processes impacts +device health overall: background activities (other applications and browser +tabs) get killed with far greater frequency. + +We still have processes sharing information about multiple sites. For example, +the network service is a large component written in C++ whose job is parsing +very complex inputs from any maniac on the network. This is what we call “the +doom zone” in our [Rule Of +2](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/rule-of-2.md) +policy: the network service is a large, soft target and +[vulnerabilities](https://googleprojectzero.blogspot.com/2020/02/several-months-in-life-of-part1.html) +there are of +[Critical](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/severity-guidelines.md#TOC-Critical-severity) +severity. + +Just as Site Isolation improved safety by tying renderers to specific sites, we +can imagine doing the same with the network service: we could have many network +service processes, each tied to a site or (preferably) an origin. That would be +beautiful, and would hugely reduce the severity of network service compromise. +However, it would also explode the number of processes Chromium needs, with all +the efficiency concerns that raises. + +Meanwhile, our insistence on the [Rule Of +2](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/rule-of-2.md) +is preventing Chrome developers from shipping features, as it’s already +sometimes just too expensive to start a new process to handle untrustworthy +data. + +## Staying still is not an option + +We believe that: + + Attackers innovate, so defenders need to innovate just to keep pace. + + We can no longer derive sufficient innovation from more processes or + stronger sandboxes (though such things continue to be necessary). + + Therefore the cheapest way to maintain the advantage is to squash bugs at + source instead of trying to contain them later. + +## What we’re trying + +We’re tackling the memory unsafety problem — fixing classes of bugs at scale, +rather than merely containing them — by any and all means necessary, including: + +* Custom C++ libraries + * //base is already getting into shape for spatial memory safety. + * std and [Abseil](https://abseil.io/) assume correct callers ‘for + speed’, but can be modified to do basic checking with + implementation changes (Abseil) and compile-time flags (LLVM + libcxx). + * Generalizing [Blink’s C++ garbage + collector](https://docs.google.com/document/d/1Cv2IcsiokkGc2K_5FBTDKekNzTn3iTEUyi9fDOud9wU/edit#heading=h.i5ibcxqde9h2), + and using it more widely (starting with PDFium). +* Hardware mitigations, e.g. + [MTE](https://llvm.org/devmtg/2018-10/slides/Serebryany-Stepanov-Tsyrklevich-Memory-Tagging-Slides-LLVM-2018.pdf). + * Custom C++ dialect(s) + * Defined and enforced by LLVM plugins and presubmit checks. In + particular, we feel it [may be necessary to ban raw pointers + from + C++](https://docs.google.com/document/d/1pnnOAIz_DMWDI4oIOFoMAqLnf_MZ2GsrJNb_dbQ3ZBg/edit#heading=h.jx7cpliyfer). +* Using safer languages anywhere applicable + * Java and Kotlin + * JavaScript + * [Rust](https://chromium-review.googlesource.com/c/chromium/src/+/2084087) + [(see our notes on C++ interoperability + here)](/Home/chromium-security/memory-safety/rust-and-c-interoperability) + * [Swift](https://chromium-review.googlesource.com/c/chromium/src/+/1904747) + * Others…? + +These options lie on a spectrum: + +[Spectrum of options from lower cost & less improvement (e.g. C++ +library improvements) to higher cost and more improvement (e.g. Rust)](/Home/chromium-security/memory-safety/sat3CHOc8lXZbGicChW6w5Q.png) + +We expect this strategy will boil down to two major strands: + + Significant changes to the C++ developer experience, with some performance + impact. (For instance, no raw pointers, bounds checks, and garbage + collection.) + + An option of a programming language designed for compile-time safety checks + with less runtime performance impact — but obviously there is a cost to + bridge between C++ and that new language. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/memory-safety/piechart.png.sha1 b/chromium/docs/website/site/Home/chromium-security/memory-safety/piechart.png.sha1 new file mode 100644 index 00000000000..be8b06c8cd9 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/memory-safety/piechart.png.sha1 @@ -0,0 +1 @@ +ea1b0e3fc4dd638d946bee931998373b7f17f884 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/memory-safety/rust-and-c-interoperability/index.md b/chromium/docs/website/site/Home/chromium-security/memory-safety/rust-and-c-interoperability/index.md new file mode 100644 index 00000000000..5ef170f1394 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/memory-safety/rust-and-c-interoperability/index.md @@ -0,0 +1,178 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/memory-safety + - Memory safety +page_name: rust-and-c-interoperability +title: Rust and C++ interoperability +--- + +(written August 2020) + +Chrome engineers are experimenting with Rust. For the foreseeable future, C++ is +the reigning monarch in our codebase, and any use of Rust will need to fit in +with C++ — not the other way around. This seems to present some C++/Rust +interoperability challenges which nobody else has faced. + +We'd need to solve these before considering Rust as (nearly) a first-class +citizen in our codebase. If we can’t solve these, Rust would at best be isolated +to “leaf nodes” which don’t interact much with the rest of our codebase. And if +that’s all we can use Rust for, that calls into question whether the costs of an +extra language are justified in the first place. + +As C++ is the ruler, we are primarily concerned with the ability for new Rust +code to call into existing C++ code, rather than C++ to Rust calls. + +We think it’s important for Rust to be able to call C++ functions in a way that +meets the following criteria: + + No need for the “unsafe” keyword unless something is known to be less safe + than normal C++. + For a Rustacean, this is controversial - all C++ is unsafe! But “unsafe” + should be a really bad code smell. If “unsafe” is needed for all C++ calls, + there will be thousands of them, and the “unsafe” keyword will lose its + meaning. Where objects are simply passed backwards and forwards between Rust + and C++, we must avoid the word ‘unsafe’. It should be restricted to patches + of genuinely unsafe Rust code, and for C++ interoperability code where + there’s shared ownership or other complexities. + This particular property is satisfied by dtolnay’s marvellous + [cxx](https://github.com/dtolnay/cxx) library already. + + No overhead in the general case. + LTO and [cross-language + inlining](http://blog.llvm.org/2019/09/closing-gap-cross-language-lto-between.html) + already solve this in principle. There are cases where overhead is necessary + at the C++ boundary — especially, the UTF check required when strings are + passed from C++ to Rust. This can be dealt with by handling such strings as + &\[u8\] in Rust code, until string manipulation is really necessary, so we + do not need any further innovations here. This box is checked. + + No boilerplate or redeclarations. No C++ annotations. Ideally, no allowlist. + If a C++ API exists, Rust should be able to call it. It’s that simple. The + declaration in C++ should be sufficient. There should be no need for an + allowlist, a redeclaration in Rust, or any Rust shim. Rare exceptions will + exist (e.g. overloaded functions) and in some cases we’ll want to make an + idiomatic Rust wrapper, but in general, that shouldn’t be necessary. + This is not just aesthetic preference. Our codebase is complex and polluting + it with extra annotations would be a small, but noticeable, tax on how + everyone works. + + Broad type support - with safety. + [cxx](https://github.com/dtolnay/cxx) is the current state-of-the-art for + safely exchanging data between C++ and Rust. Our + “[base](https://source.chromium.org/chromium/chromium/src/+/HEAD:base/)” + library exposes 1768 APIs which are used by other parts of Chrome. 1052 of + those functions only take parameters which are types that can already be + supported by cxx. 12 more are planned in the near term for cxx (e.g. more + flexible slices). + That’s ~60% of our APIs, which is good but not great. + Another 12% can be supported if we are able to pass std::string and similar + string types into existing C++ APIs. These can’t be represented in a Rust + struct due to an internal pointer, but as cxx generates code on both the C++ + and Rust side, it should be possible to own a UniquePtr<CxxString> on + the Rust side, yet [pass it into an existing C++ + API](https://github.com/dtolnay/cxx/issues/250) which takes a std::string by + value. + (That sounds fairly straightforward, but it becomes much more complex when + you’re talking about structs containing std::strings, such as + [url::Origin](https://source.chromium.org/chromium/chromium/src/+/HEAD:url/origin.h;l=141?q=url::Origin&ss=chromium%2Fchromium%2Fsrc). + Such a struct could only be owned as a UniquePtr<opaque type> from the + Rust side, which would prevent field access. Solutions can be imagined but + need more thought.) + Another ~20% are functions which take pointer parameters - in our case, + these are very often [out + parameters](https://source.chromium.org/chromium/chromium/src/+/HEAD:base/rand_util.h;l=40?q=base::RandBytes&sq=). + We need to see how we can programmatically identify those which are ‘simple’ + out parameters and allow Rust to populate them safely. + The good news is that this leaves just 8% of our functions which can’t be + supported by the cxx model of interop. Most of these are passing C++ structs + (by value) which have [raw pointers within + them](https://source.chromium.org/chromium/chromium/src/+/HEAD:base/memory/shared_memory_mapping.h;l=169?q=base::WritableSharedMemoryMapping). + This seems largely insoluble in Rust but they’re so rare that we can create + case-by-case idiomatic wrappers. + There are some caveats here: this analysis is based on symbols exported by + the binary, rather than source code analysis. In some cases these APIs would + be wrapped by inline functions, templates or macros, which this analysis + ignores. It also ignores return values and direct field access. And of + course, “base” isn’t the only set of APIs which our code would need to call + - it’s probably that higher-level functions would have [more complex + arguments on + average](https://source.chromium.org/chromium/chromium/src/+/HEAD:content/public/browser/render_frame_host.h;bpv=1;bpt=1;l=88?q=RenderFrameHost&gsn=RenderFrameHost&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Frender_frame_host.h%23G1w6QPBQL82Xkcn4l7LDpzClmBPa_c18lFVVZbHK5h0&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fcontent_browser_client.h%23q1iJpNllgNKY5mVu_-89ZVL29Rk5wCUukrTj6kdjLOA&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fnavigation_controller.h%23xJPcd1uTfK8sLQidlLN1nkzka5MM8UOqJQ-vd1RMLUI&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fnavigation_handle.h%23Cla5SVTQ5b0yHjvdzazehvdZiPAwZPiL7hw9jGrMBMg&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Frender_frame_host.h%23RenderFrameHost%253Acontent%2523c%2523dhOuyZmgB2x&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fweb_contents.h%23XrbufdRG9Y--Dfi3iq7WkPh30Aby0bBIixBApZ1fXG4&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fweb_contents_delegate.h%23xPu14kaNu58lQUD_9A9MEXyxUFs8Jibf73XNjZze6zM&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fweb_contents_observer.h%23Gc6rUNIeosEK0hOGxwCGtN3e4cQRlW1pbI9SJnAffaY&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Ftest%2Fcontent_browser_test_utils.h%23KxzkBqHDzmvePnTKOrHQpGDfOD2Oy4yWL0xQ17sxS7g&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Ftest%2Ftest_utils.h%23EVUuAhYNNhFIy0tQc4euuLdHh_H2gYKx6Cde5mGUDdw&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fshell%2Fbrowser%2Fshell_platform_delegate.h%23JlDkk2QY2af2K98dJC7keSobXw9Lm7Vvr2DnHqWQpGM&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Frender_frame_host.h%23_RceGKzxaDRVeDDFRGV34cgVys-lQ22yR_wwBOBzXkI&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fchrome%2Fbrowser%2Fchromeos%2Flogin%2Ftest%2Fjs_checker.h%23r_Gj569ozVIUJq-1POIJ4-qqNaRvHC-N7_01P9qsSSc&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fchrome%2Fbrowser%2Ftask_manager%2Fproviders%2Fweb_contents%2Fweb_contents_task_provider.h%23m8QtJrZjgtNRJveh4olsmT3NIvAFrJmS62j1jaLIjVk&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fchrome%2Fbrowser%2Fui%2Fexclusive_access%2Ffullscreen_controller.h%232v5FtWIP5lic0jku3uPv0aA35WhmxS5zkZ32A3UXfsc&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fblocked_content%2Fpopup_blocker_tab_helper.h%23ZAwLD36-n3HV1_IIGmPbytosIMmfek4iFBO1CLfnwAI&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fpage_load_metrics%2Fbrowser%2Fobservers%2Flargest_contentful_paint_handler.h%23MGktmDqVePSQ5i5YsOaSyZQO_PsptqLzf_yMxl4Dyuk&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fpage_load_metrics%2Fbrowser%2Fpage_load_metrics_observer.h%23lb9A7wZugxQD54-kaHBU9xBztc_qtW0v7d_yxHFitMo&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fperformance_manager%2Fpublic%2Fperformance_manager.h%237RnPbKgruVz8UTqkRkQA5AJD6a87ucr-9eRsxXEQR_U&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fsubresource_filter%2Fcontent%2Fbrowser%2Fsubresource_filter_observer.h%23TXHYSiScLwmoB1m4zPDJABkqvxFdAWfy1Ex2IFX_daM&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fbrowser%2Fcontent_index%2Fcontent_index_service_impl.h%23MhjsqAeDxF0FYJo_wllpmTcv6tuLPn_nPnwDJtbrGzs&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Frender_document_host_user_data.h%23QFc-GZRe6mkj2fUPpd_OOzdlMfR9TPXA7kdFH2P0y0c&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Frender_frame_host.h%23RenderFrameHost%253Acontent%2523c%2523bJIWE93K2Uw&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Frender_view_host.h%23j-yNEITJJhL9H_N7SAWIFM00eSi9Do5KqVHnnw6-wYY&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Ftest%2Fnavigation_simulator.h%23LdLUS0zBCndDaYelBCIrAtQAP5CjgrKoBWc4UkaDpPE&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fextensions%2Fbrowser%2Fapp_window%2Fapp_window.h%23cLpWpVzgBXk0gZyi-2THfz57SRACA-LHUveF0YbUgCg&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fextensions%2Fbrowser%2Fextension_function.h%23_Ogl2-DYz2iqCw9dhPLcqQwcXfV194_P3uWT2Fnkj-4&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fextensions%2Fbrowser%2Fprocess_manager.h%23fdDKt3wBoBo8B9ujQiKlNlTWllc9d6Nucx_LH5PyFg4&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fchrome%2Fbrowser%2Fbanners%2Fapp_banner_manager.h%236njZ8hjl2ANDhn7cc2_h2Obhvi0hty24_cozfCfXvP4&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fchrome%2Fbrowser%2Fdevtools%2Fdevtools_window.h%23UvVTsinMZfkvO_28gCFM_S742snUFO4dF9lUEBCOOzA&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fchrome%2Fbrowser%2Fui%2Fsearch%2Flocal_ntp_test_utils.h%23MFOhcxTDmwcb9ct68b2WSzYF6YDjdalt24KDHCBega8&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fautofill%2Fcontent%2Fbrowser%2Fcontent_autofill_driver_factory.h%232_1CXjN2hUKgzzlJeHBUY-03W_tFo-iunU62bByBM6s&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fpage_load_metrics%2Fbrowser%2Fobservers%2Fpage_load_metrics_observer_tester.h%23ek2Ilzd8IEKzZMxB7pfXiVtl3hub7QKlESaQXb9wefE&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fpayments%2Fcontent%2Fpayment_app_factory.h%23UXMzp2clHfiq_I9jqU5EYPV35LFAS4Qeb30UgiYYmPM&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fbrowser%2Fweb_contents%2Fweb_contents_impl.h%23bGo7lh_Cz-AMlV0vnrg7N1hekIc2k69yWIXNjppwLvM&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fdevtools_agent_host.h%23MVlcGNudSwRbhwAb7qjmDJ5EIF5RuWjJo6dcUqHEdwE&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fdevtools_manager_delegate.h%23fUonhxAGMNCMCnWgzJszvsBnMePO8z2cucV5m0H1gig&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fmedia_player_id.h%237GEQk0IkYgezyBz93D_esGwqUhoYfor4M2JjgzOkHKY&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fweb_ui_controller.h%23iktvwQuWbLO8hlEAR-DJYt9o0xju62S_9nfg7R7j2Kc&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Ftest%2Fweb_contents_tester.h%23zPltnaBNY45XLxRyREmM8T-NumTILcwnWNRC8FiI-ug&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fchrome%2Ftest%2Fpayments%2Fpayment_request_platform_browsertest_base.h%23H2AtSVUS0Q9k7jDXyRtrFB1Po_9evqkWUVvvo7NB6oM&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fautofill%2Fcore%2Fbrowser%2Fautofill_client.h%2356w8agBOZjtRclF5Wfl-QJmO500HiS1mPke0i1kt91s&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcomponents%2Fpermissions%2Fpermission_request_id.h%23TutwfaiAmQOM6OkwwuX-_Hdp-H4pq5HSE0N5mqrhrxg&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fbrowser%2Fmedia%2Fforwarding_audio_stream_factory.h%23KgICheBanWRA3eZKFVxi-8bxZCOO4ujLJ-uUMvvordk&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fbrowser%2Frenderer_host%2Fmedia%2Frender_frame_audio_output_stream_factory.h%23kXXZI4k7E_bVhhmyaIbCYnCIOsddZlredLwzqVUEl14&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fbrowser%2Frenderer_host%2Frender_widget_host_owner_delegate.h%23KEHWC06-LjLVJcNPotW9smK0WoGIjQcjFcs3m6c3Jdw&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fcontent%2Fpublic%2Fbrowser%2Fback_forward_cache.h%23KU6Chs-FixtEn-uy4ELETeGq_e5amqVQ51_xw8jmwP4&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fextensions%2Fbrowser%2Fextension_function_dispatcher.h%23NlU0-Xo74M-G5-Eq_D2VfP9PAf4UX6pBv8o202lwdR8&gs=kythe%3A%2F%2Fchromium.googlesource.com%2Fchromium%2Fsrc%3Flang%3Dc%252B%252B%3Fpath%3Dsrc%2Fextensions%2Fbrowser%2Fprocess_manager_observer.h%23ypSAGYvQtRkkYdE3rjreepcXMaKO7JxH13lwLq6DGKQ) + so be less likely to fall in the ‘good’ bucket. + + Ergonomics - with safety. + From Rust code, we need to be able to instantiate C++ objects, safely pass + around ownership (there are no significant problems with cxx’s + [UniquePtr](https://docs.rs/cxx/0.3.4/cxx/struct.UniquePtr.html) here), call + methods on them (both plain and virtual). For “plain old data” types in C++, + containing simple, cxx-compatible fields, we need to be able to manipulate + those fields. Most of this can be achieved with cxx already (though we need + a way to call through to + [std::make_unique](https://github.com/dtolnay/cxx/issues/228) from Rust code + for a type that’s opaque to Rust). + We need this to be smooth enough that we do not need to wrap a typical C++ + type in a Rust wrapper. + So far, so good. But we also need: to act (at Rust build time) upon #defines + set up by our C++ headers and build-time rules, figure out a plan for + calling C++ overloaded functions and operators, call macros (e.g. LOG(ERROR) + << “eek”), make templated functions and types available (possibly very + hard, though bindgen does a remarkably good job here), and probably many + other things we haven’t yet thought of. + It may be that the best way to handle some of these cases is some inline C++ + code within Rust (like the [cpp crate](https://crates.io/crates/cpp) but + with the benefit of cxx’s safety). + One specific challenge is [reference-counted + objects](https://source.chromium.org/chromium/chromium/src/+/HEAD:base/memory/scoped_refptr.h;l=175?q=scoped_refptr). + We need the reference count to be shared between referees on the Rust and + Chrome side. The bigger challenge here is how to deal with the prevalence of + multiple mutable references on the C++ side, without the ability to do + something like a + [RefCell::borrow_mut](https://doc.rust-lang.org/std/cell/struct.RefCell.html#method.borrow_mut) + to ensure even runtime safety. It may be that we need to mark involvement + with all such reference-counted objects as truly ‘unsafe’ from the Rust + side. + In general we think we can live without Rust types inheriting from C++ + types, but there’s one exception: pure virtual observers. cxx provides the + ability to [pass function pointers from Rust to + C++](https://github.com/dtolnay/cxx#builtin-types), so it’s quite possible + for us to make wrapper types here. Ideally, though, this becomes ergonomic + and seamless as well. More investigation is needed here. + + What we don’t need + +We believe we can live without: self-referential C++ types being passed by value +into Rust (except for strings), Rust types inheriting from non-pure-virtual C++ +types; variadic arguments, “safe” reference counting. (There will be cases where +the absence of these features is annoying, but hopefully rare.) All this may be +wrong: we still have much learning to do. + +Our plan + +We think the hardest part of this is imagining a safe way to pass types between +Rust and C++. That requires auto-generated shim code on both the Rust and C++ +side. That’s already achieved by cxx with terrific emergent safety properties. +And so that’s our basic model. + +But, we don’t want to specify a cxx::bridge section for every API. We therefore +[need the cxx::bridge to be generated using a bindgen-like +tool](https://github.com/dtolnay/cxx/issues/235). + +We don’t believe Rust language changes are needed. Some C++ types can’t be owned +by value in Rust — for example std::string with its self-referential pointer — +but we believe that good C++ interoperability can be achieved even if Rust can +only own such objects by pointer. We may be wrong here as well! + +For now, Chrome investment in Rust will remain a background investigation +(mostly directed towards prototyping these tools and techniques). If we become +convinced this sort of interoperability is possible, we’ll revisit widespread +use of Rust in Chrome, and at that point we plan to work hard to achieve this +with robust production-quality solutions. + +(update September 2021) There's progress across the Rust community in solving +many of these problems - see for example +[moveit](https://crates.io/crates/moveit), +[autocxx](https://crates.io/crates/autocxx) and +[mosaic](https://github.com/google/mosaic/). diff --git a/chromium/docs/website/site/Home/chromium-security/memory-safety/sat3CHOc8lXZbGicChW6w5Q.png.sha1 b/chromium/docs/website/site/Home/chromium-security/memory-safety/sat3CHOc8lXZbGicChW6w5Q.png.sha1 new file mode 100644 index 00000000000..0323cf48a8c --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/memory-safety/sat3CHOc8lXZbGicChW6w5Q.png.sha1 @@ -0,0 +1 @@ +2d2f7ec41a96280f6f0a0d5b389ce34c1b2c82b3 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/owp/index.md b/chromium/docs/website/site/Home/chromium-security/owp/index.md new file mode 100644 index 00000000000..95457fa0a66 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/owp/index.md @@ -0,0 +1,116 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: owp +title: Web Platform Security +--- + +Developers should have the tools necessary to defend their creations against the +wide spectrum of maliciousness thrown at them on a daily basis. We design and +implement platform-level features that enable a robust defense, and work in +standards bodies to get them in front of as many developers as possible. + +[TOC] + +## Features we're working on + +### Content Security Policy + +We've shipped [Content Security Policy Level 2](http://www.w3.org/TR/CSP2/) as +of Chrome 42, and we're starting to put together the vision for the next +iteration of the standard. You can follow along at +. Firefox has support for most of CSP2 as +well. + +### Subresource Integrity + +We've shipped [Subresource Integrity](http://www.w3.org/TR/SRI/) as of Chrome +46. This feature should also be shipping in Firefox ~43, which is exciting to +see. + +### Upgrade Insecure Requests + +We've shipped [Upgrade Insecure +Requests](http://www.w3.org/TR/upgrade-insecure-requests/) as of Chrome 44. This +feature should also be shipping in Firefox 42, which will give us a fairly broad +base of support. + +### Mixed Content + +We've been steadily tightening our [Mixed +Content](http://www.w3.org/TR/mixed-content/) blocking over the last ~18 months. +The specification has broad approval from other vendors, who are generally +aligning with Chrome's behavior over time. + +### Cookies + +We have a number of cookie-related proposals floating around that we're building +support for in the IETF's HTTPbis group: + + [Deprecating modification/creation of "Secure" cookies on non-secure + origins](https://tools.ietf.org/html/draft-west-leave-secure-cookies-along) + strengthen the security properties of cookies with the Secure attribute. + + [SameSite](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00) + cookies provide a defense against various forms of CSRF + + [Cookie Prefixes](https://tools.ietf.org/html/draft-west-cookie-prefixes) + might provide a mitigation for the integrity and confidentiality limitations + of cookies' delivery model. + + [Origin cookies](https://tools.ietf.org/html/draft-west-origin-cookies) are + a slightly more robust model than the prefix proposal, but also seem less + likely to be adopted, so. Belts and suspenders. + +### Credential Management + +We're working with Chrome's password manager team to define an imperative API +for interaction with the browser's stored credentials. The spec is progressing +nicely at + +### Referrer Policy + +[Referrer Policy](https://w3c.github.io/webappsec-referrer-policy/) shipped in +Chrome a long time ago, and the new bits we've added to the spec are trickling +out over time. + +We need to do some refactoring in order to consistently apply referrer policy +for redirects (basically hoisting the parsing and processing up out of Blink and +into the network stack). Hopefully we'll get that done in Q4 (2015). + +### Secure Contexts + +[Secure Contexts](https://w3c.github.io/webappsec-secure-contexts/) underlies +our commitment to [prefer secure origins for powerful new +features](/Home/chromium-security/prefer-secure-origins-for-powerful-new-features). +We've shipped the concept of a "secure context" in Chrome, and are working over +time to [deprecate a set of APIs in insecure +contexts](/Home/chromium-security/deprecating-powerful-features-on-insecure-origins). +`getUserMedia()` is unavailable over HTTP as of Chrome 47, and we've got our eye +on geolocation next. + +### Clear Site Data + +We've specified and implemented a feature to allow developers to clear out the +data a browser has stored for their origin at +. + +### Entry Point Regulation + +We've specified EPR as a defense against CSRF, and hope to get to a prototype +implementation soonish.(this hasn't made progress in a few years) + +## Come work with us! + +If any of the above work resonates with you, come help us! We're hiring in +Munich, Germany, which is [a wonderful place to work +indeed](https://www.google.com/about/careers/locations/munich/). There's a +[generic software engineering job +description](https://www.google.com/about/careers/search#!t=jo&jid=43144&), but +the best way to get noticed is probably to ping +[@mikewest](https://twitter.com/mikewest) on Twitter, or drop him an email at +[mkwst@google.com](mailto:mkwst@google.com). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/owp/web-platform-security-backlog/index.md b/chromium/docs/website/site/Home/chromium-security/owp/web-platform-security-backlog/index.md new file mode 100644 index 00000000000..4d7368e1953 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/owp/web-platform-security-backlog/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/owp + - Web Platform Security +page_name: web-platform-security-backlog +title: Web Platform Security backlog +--- + diff --git a/chromium/docs/website/site/Home/chromium-security/pdfium-security/index.md b/chromium/docs/website/site/Home/chromium-security/pdfium-security/index.md new file mode 100644 index 00000000000..a2a0250a6c1 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/pdfium-security/index.md @@ -0,0 +1,56 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: pdfium-security +title: PDFium Security +--- + +Welcome to PDFium Security! + +## Basic Info + +* [PDFium project page](https://code.google.com/p/pdfium/) +* [PDFium Git repository](https://pdfium.googlesource.com/) +* [Known PDFium security + issues](https://code.google.com/p/chromium/issues/list?can=2&q=Cr%3DInternals-Plugins-PDF+Type%3DBug-Security+&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&cells=tiles) + (Please pick 1 and fix it!) + +## Integer Overflow + +We want to standardize on handling integer overflows by: + +1. Preferring new\[\] and new instead of calloc, wherever possible. +2. In places where the code is not ready to be turned into idiomatic + C++, preferring calloc to malloc; definitely prefer calloc to malloc + + memset. +3. Preferring CheckedNumeric<T> to ad hoc checks. + * For convenience, use the existing typedefs for clarity, e.g. + typedef base::CheckedNumeric<FX_DWORD> FX_SAFE_DWORD;. If + you need more typedefs like this, or if you need them more + widely visible, don't hesitate to make the change. + +Yes, that might look odd. Currently, the codebase mixes C++ and C memory +allocation, and ultimately, we'd like to get the code to idiomatic C++11, but +we're going to get there incrementally. + +## Uninitialized Memory References + +We want to standardize on handling uninitialized memory references with: + +1. Default constructors that do the right thing. +2. Explicit initial values for all POD members in header files. + +## Git Workflow + +* The top line/subject line of the commit message should always be as + explicit as possible. Not just "fix bug", but "Fix UAF in + ModulateFooContainer" or "Fix UMR in thing::DoStuff". + +## Future Desiderata + +* No more non-const references (especially when used as + out-parameters). +* Use std::unique_ptr and pdfium::RetainPtr. No more naked new. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/pgp-key/index.md b/chromium/docs/website/site/Home/chromium-security/pgp-key/index.md new file mode 100644 index 00000000000..ae662d1eee3 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/pgp-key/index.md @@ -0,0 +1,146 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: pgp-key +title: PGP Key +--- + +Sensitive security bug reports should be filed on the [Chromium bug +tracker](https://bugs.chromium.org/p/chromium/issues/entry?template=Security+Bug). +Please make sure to select the Security template, as this will ensure the +correct access controls are in place. However, if you must use email to reach us +and wish to protect the message in transit, you can use this PGP key and send to +security@chromium.org + +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBF+mFE8BEACiTDxAa0XtYKJrUc9WAnWKrDOHa8aC/aUNekS7fD64VqW6Y6Pf + +R60QRpcmlbeMBzPmSy9zosUjiTz/8qdd9cFscCA47OrU/9MV+tCXg3hWIeFH5d/o + +pDZ9pzzbuOGIVn0bgTjPuiA1IcK0o/bSbAv/fxAsnfhAyDnMLRXMtfviatczs4RA + +0WZwzkWR0VcNKKq17PW7EscMjQzuabbOnkzLmVgqphXRokwObT0++VwIaJV3lLNF + +B2rIyXXRM295Nm9JXgzi9/84jZNOzuKWqMNkMGxwLgLu4quACNHE5gvMn8d32UIn + +W34INIYp6OXECk3vfjXiQw6NrAqrmHw1+4AFEEqx29J3D1u0iiVzjvmKkOnaHSJZ + +PTyrZhwwesWIga2Q4v7TekLScMYEFhErxF+Hy9gMR+vIQ/kJHM8HT+mI5ws1sS0C + +FqlE8NhP4kRV4ktS6VnIynyrTarqp4mlQIsBwe+++fQLGruURjXQ8IlTesyVqV3n + +0hcCRWwym5+dmCMAqLCv25/Knqan6ENVbIevNys/4IJ+hBeQ2BZN15ZppN2fPP/3 + +k08hxXQT00L0KN2AXz1KkEg1t2A4zUyPG3Y+iTAwr/983HYrbvwxjU1ltBmZjFBf + +9lgUASGOzzdCjt1Eg2yqh4vCz/MKbK+Qs1E2CHWXsCXKkhHqFe7lX+mfewARAQAB + +tIRHb29nbGUgQ2hyb21lIFNlY3VyaXR5IFRlYW0gKFBsZWFzZSBwcmVmZXIgZmls + +aW5nIGEgc2VjdXJpdHkgYnVnIGF0IGNyYnVnLmNvbS9uZXcgb3ZlciB1c2luZyBQ + +R1AgYW5kIGVtYWlsLikgPHNlY3VyaXR5QGNocm9taXVtLm9yZz6JAlQEEwEKAD4W + +IQTXudUVq4807pWu3DxkbOcVMWuGOAUCX6YUTwIbAwUJBrxqAAULCQgHAwUVCgkI + +CwUWAgMBAAIeAQIXgAAKCRBkbOcVMWuGOMKyD/9Sd6KneK53YSq8+ThowntP95aF + +hC6fekIUit3pz8Z+fXUewaEvH1Q+pNiwIIIEsnsG0yUGl3Xq7WTWM3HrlfEvJL7v + +7ynlxwzN/1z9EviIlGIeNm4VkcrVEE5Gh1FR6Gyi+m/YXhMQlU6JLGJjF4VY37Cp + +3lEyb4R+7/7YCH307F5uoWRILWfyeJwTAVs8AFJne3J9ghVbWkIMvuTaL0JWzWnS + ++YhSE62THyXoi2OBj6ytW1gfiP3akJzYvfAlKjx2rbzGtVXsvrjRHJ87S8x7J0JM + +YoityTAcHqHuIYJnBnm0GIl1jFNMnGel+3W/2X6nfiIDCR0zP2YHH2FVRm1TSwh1 + +PEcPpEM2L/6h9F3niZ2HXLGGo+9R40dPUaapg4atU9qerqMHsXblv8c+lh2sgyNb + +MJtn6vRamh7MFRIel66WxTgvkWH3FWmB4XfGI+OCY0T7PU7EHp5CjrCaUosxnVa0 + +HRMkOGCEasYZTogM1Mzdqti6LcFUCEA7JFw2AZli7LG06vbCF9OOvmEgjWd7t1gC + +/GUS8iOrxoEjjyDrbkemz0fhNiiZLgCCveHUVHKsjZXd8qgFasUC3a+ISwd7h7/C + +YhEQFUzZvPzxJ5GFbY8n8rDsTMGkpT2UNI2FzZtlmFd1DVZUi8K5ZHHlCNrrZ/Ry + +a4cv3Z0lUTpS+in53YkCMwQQAQoAHRYhBIFN5ONXuKtQChzP96c4UdUywga2BQJf + +qtl5AAoJEKc4UdUywga2a6sP/2D3UCJvmCX+G+u//3q3D68i101X1EPfNix4Dlez + +FdUMD1mO3U3Xl0d42o9bJdJZrxmEuHpw4JAPB5jbGthJpgFdOl+ho50kt8ZI208C + +O2W+gJUdTb5NGV6g1rWR0EL+Gxtw+NgXDu8tmgQ7z4fzzuDnb2PFWPzS2o3+SnBI + +i1HNq/t+6bfUWtxe3XelPhaMLO12o52EOPTc2RB5JN7MMBR7510JmooUlQc6FJCl + +zGyhP6Aml7yNRkeGbVwBfh91jzDHrEUMClQ80pCO7Xa4sgjek3tajKC6EmE3UmPN + +u6T1MbEHCB9SCZZRWCg0Vjg5pHYLhAMxWAxiY4+kmDwVsBiWFwqKQ/tQj8tuTdl7 + +MMt7Ql+GWKs7PUEymhDRLn0V5ZL1goekXQnZ47nZ86v/JhGN87QH2x3R1JSdOufq + +i2FJQz8q7uLKAztp4SHTD9K/M2GYBdjlULHxeG7ROlQhDLE6YH+jSCnSBhDJvfHI + +LhwExNfUF6SadOD4cKjndiMqeo5UbQlqndy+ozLRVTOxgbT3UI+4hfv+twUDgRsH + +50D6ADKQ+n1BK45NzpSV0MV4EPUkQvG1TDE6bvVx9GBDlkE7IROTJT7N3pimtnwR + +IZ2q1hk7g+qsDH/29oaZRlWYwdA0Z1096Vt+ShaTO0mEf8CiAiHDSQgx5hWWQ2Cp + +70QPuQINBF+mFE8BEADYmBFQPhIgR8b97VXAm/El7/aPQ2p5d+G9qfh4x/VLycLN + +hMM5DHK0dR5JkzrT5LUPTYCaoKFH6GiKkTpw7iUc6BQjxdndrBjDuzaN9/Fhxqrf + +DllYZFCSNa1ezLeJNmnXZ/lBFtC6H6fyoWEbfwL08cCXc69XTh3+DLLCapfAkw7D + +QHrUvYFqIEiMen+Bj1xNPUlVuzOfjhxhjxeaaxmeBrTZF/zwZkB0NHUi43fHbf2A + +121rfqg4Banazzf/jgSxdUb8XnHDGqXrBq7sCXBpDHeHCJVqiY7r6DtBgeVbkoX/ + +uHowGaZ2UFlSlZwCBIdTe6rjcQt+eAOm/aV3W+Vl2sBjSD1XleLSGdzp2LXx7HLd + +53Er/vIe3di4Q5m9zQikML4Qvw/z0x/glDZc5aHoWlhOsqHUUOeExRfl+gaE3xOy + +xOQQYuy63+C3U++mi6qkYUEtpRoMFcJrkWuPNl4O7ldMLrUcEu7lGWCEptckpmZp + +yeX7XLH4VkkBGwXqYHA3pDSqpnoCA/UGhNO4mdQdU+I8cKrYitlAo9rNaLDxFgt7 + +BvOLwp215D37rOTnOOhovPhSImQsOSS9rZLW3tWAc+zmInBpAJK5V9S5AccuHXNr + +INymLBRGSSC/qYrluCSklAoCfmBETdWQwlPIf3FwxWkpcTGmapqd9mbm9AMe/wAR + +AQABiQI8BBgBCgAmFiEE17nVFauPNO6Vrtw8ZGznFTFrhjgFAl+mFE8CGwwFCQa8 + +agAACgkQZGznFTFrhjhE1g//Rbm1dVwTzado9AfGt5vhNGfkcBPW0e3S96JsYNU/ + +Fl2RE1iGAuFYq7YYmV+/Ha3g75sYzycWWbpV+6fie8ZGaWx5VRcaTrflajpbe7Nf + +Gku7XxZg7sDuoYeDtwgkORIxYBhKykbLlQGvSTdj+6PGs1cwmdKa+ENf/nJKWbnY + +Ow2Ua6EOL064x0Owkcy6Btig+VFxP92RvYqLGvTVPGUuojy9Oqp6pzpY7HglrBj5 + +WCVt06T86dL4Ua2Oaqr5gngntK7jbKkWCMzr6/A/t1zKj4c2ihYQspYFRt/llzxQ + +kwi9bOKi1RlqQPRp6b/VttNHbZ9F52Q/dKeCU1CN7K5CbcdL1w0ktPMOnIpiIc87 + +wtd4dNqKBImc3rDf+dMP95HdJGznHg37Tzosukj4ocHEsNoi3JoXbbbHjFMuSqgI + ++72IGvc8r1PkpBMfYjQeLWCdntreE/kfmADCW6XmdVdzb7bMmA7ez6hofWbyhjTy + +LRugMg669WQi4r4NnTudSgXcMWJbwI69UIrWKVeBFHQlR4TXymSD1hrEWsFz0e6r + +Ta+ekKm2nFiUgh2JdzFiQe4Uf9/nGcLgIQAKZQ1q7VV5lN6J6hjCCyr0RxReuYy9 + +EvceYjRLs1bP3DKliHVyMmcNMU7u8GuSCMU8Tb3T4WlGDhsxyieeabGPkj8XZE3O + +ZF0= + +=8ojo + +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/prefer-secure-origins-for-powerful-new-features/index.md b/chromium/docs/website/site/Home/chromium-security/prefer-secure-origins-for-powerful-new-features/index.md new file mode 100644 index 00000000000..998207fafd2 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/prefer-secure-origins-for-powerful-new-features/index.md @@ -0,0 +1,111 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: prefer-secure-origins-for-powerful-new-features +title: Prefer Secure Origins For Powerful New Features +--- + +We (Chrome Security) originally sent this out to various browser development +mailing lists. Here is the canonical location for the original proposal. See +[this link](https://www.w3.org/TR/powerful-features/) for the current public +draft spec. + +**This is a living document** — as we learn more, we'll probably need to change +this page. + +## Proposal + +The Chrome Security team and I propose that, for new and particularly +powerful web platform features, browser vendors tend to prefer to make +the the feature available only to secure origins by default. + +## Definitions + +“Particularly powerful” would mean things like: features that handle +personally-identifiable information, features that handle high-value information +like credentials or payment instruments, features that provide the origin with +control over the UA's trustworthy/native UI, access to sensors on the user's +device, or generally any feature that we would provide a user-settable +permission or privilege to. Please discuss! + +“Particularly powerful” would **not** mean things like: new rendering and layout +features, CSS selectors, innocuous JavaScript APIs like *showModalDialog*, or +the like. I expect that the majority of new work in HTML5 fits in this category. +Please discuss! + +“Secure origins” are origins that match at least one of the following (scheme, +host, port) patterns: + +* `(https, *, *)` +* `(wss, *, *)` +* `(*, localhost, *)` +* `(*, 127/8, *)` +* `(*, ::1/128, *)` +* `(file, *, —)` +* `(chrome-extension, *, —)` + +This list may be incomplete, and may need to be changed. Please discuss! +A bug to define “secure transport” in Blink/Chromium: + + +## For Example + +For example, Chrome is going to make Service Workers available only to secure +origins, because it provides the origin with a new, higher degree of control +over a user's interactions with the origin over an extended period of time, and +because it gives the origin some control over the user's device as a background +task. + +Consider the damage that could occur if a user downloaded a service worker +script that had been tampered with because they got it over a MITM’d or spoofed +cafe wifi connection. What should have been a nice offline document editor could +be turned into a long-lived spambot, or maybe even a surveillance bot. If the +script can only run when delivered via authenticated, integrity-protected +transport like HTTPS, that particular risk is significantly mitigated. + +## Background + +Legacy platforms/operating systems have a 1-part principal: the user. When a +user logs in, they run programs that run with the full privilege of the user: +all of a user’s programs can do anything the user can do on all their data and +with all their resources. This has become a source of trouble since the rise of +mobile code from many different origins. It has become less and less acceptable +for a user’s (e.g.) word processor to (e.g.) read the user’s private SSH keys. + +Modern platforms have a 2-part security principal: the user, and the origin of +the code. Examples of such modern platforms include (to varying degrees) the +web, Android, and iOS. In these systems, code from one origin has (or, should +have) access only to the resources it creates and which are explicitly given to +it. + +For example, the Gmail app on Android has access only to the user’s Gmail and +the system capabilities necessary to read and write that email. Without an +explicit grant, it does not have access to resources that other apps (e.g. +Twitter) create. It also does not have access to system capabilities unrelated +to email. Nor does it have access to the email of another user on the same +computer. + +In systems with 2-part principals, it is crucial to strongly authenticate both +parts of the principal, not just one part. (Otherwise, the system essentially +degrades into a 1-part principal system.) This is why, for example, both Android +and iOS require that every vendor (i.e. origin) cryptographically sign its code. +That way, when a user chooses to install Twitter and to give Twitter powerful +permissions (such as access to the device’s camera), they can be sure that they +are granting such capability only to the Twitter code, and not to just any code. + +By contrast, the web has historically made origin authentication optional. On +the web, origins are defined as having 3 parts: (scheme, host, port), e.g. +(HTTP, [example.com](http://example.com/), 80) or (HTTPS, +[mail.google.com](http://mail.google.com/), 443). Many origins use +unauthenticated schemes like HTTP, WS, or even FTP. + +Granting permissions to unauthenticated origins is, in the presence of a network +attacker, equivalent to granting the permissions to any origin. The state of the +internet is such that we must indeed assume that a network attacker is present. + +## Thank You For Reading This Far! + +We welcome discussion, critique, and cool new features! \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/pwnium-2/index.md b/chromium/docs/website/site/Home/chromium-security/pwnium-2/index.md new file mode 100644 index 00000000000..fc318486213 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/pwnium-2/index.md @@ -0,0 +1,56 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: pwnium-2 +title: Pwnium 2 +--- + +**Chromium Security Reward Program** + +**Pwnium2@HITBSecConf2012 Official Rules** + +**The Pwnium2@HITBSecConf2012 Chromium Security Reward Program ("Program") is designed to encourage involvement in improving the security of the Chromium project. Participants submit original and unreported exploits relying on security bugs in Chrome alone, or Chrome coupled with Flash / Windows / other software like drivers (an “Exploit”). Rewards will be awarded to participants who submit full and reliable Exploits (or Incomplete Exploits as described below) with critical impact as determined in the sole discretion of the Judges. NO PURCHASE NECESSARY TO ENTER OR WIN. VOID WHERE PROHIBITED.** +**SPONSOR: The Program is sponsored by Google Inc. (“Google” or "Sponsor"), a Delaware corporation with principal place of business at 1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA.** +**BINDING AGREEMENT: In order to enter the Program, you must agree to these Official Rules (“Rules”). Therefore, please read these Rules prior to entry and submission to ensure you understand and agree. You agree that submission of an Exploit in the Program constitutes agreement to these Rules. You may not submit an Exploit to the Program and are not eligible to receive the rewards described in these Rules unless you agree to these Rules. These Rules form a binding legal agreement between you and Google with respect to the Program.** +**ELIGIBILITY: To be eligible to enter the Program, you must be above the age of majority in the country, state, province or jurisdiction of residence (or at least twenty years old in Taiwan) at the time of submission (“You” or “Entrant”). The Program is void in, and not open to residents of, Cuba, Iran, Syria, North Korea or Sudan or to individuals and entities restricted by U.S. export controls and sanctions, and is void in any other nation, state, or province where prohibited or restricted by U.S. or local law.** +**Employees, interns, contractors, and official office-holders of Google and their subsidiaries, affiliates, and their respective directors, officers, employees, advertising and promotion agencies, representatives, and agents (“Program Entities”), and members of the Program Entities’ and their immediate families (parents, siblings, children, spouses, and life partners of each, regardless of where they live) and members of the households (whether related or not) of such employees, officers and directors are ineligible to participate in the Program. Google reserves the right to verify eligibility and to adjudicate on any dispute at any time. If you are entering as part of a company or on behalf of your employer, these rules are binding on you, individually, and/or your employer. If you are acting within the scope of your employment, as an employee, contractor, or agent of another party, you warrant that such party has full knowledge of your actions and has consented thereto, including your potential receipt of a reward. You further warrant that your actions do not violate your employer’s or company’s policies and procedures.** +**PROGRAM PERIOD: The Program begins at 10:00 A.M. local time (in Kuala Lumpur, Malaysia) at the HITBSecConf2012 on October 10, 2012 and ends at 2:00 P.M. local time on October 10, 2012 (“Program Period”). Google may extend the Program Period in its sole discretion. ENTRANTS ARE RESPONSIBLE FOR DETERMINING THE CORRESPONDING TIME ZONE IN THEIR RESPECTIVE JURISDICTIONS.** +**HOW TO ENTER: NO PURCHASE NECESSARY TO ENTER OR WIN. To enter the Program, visit the Google desk at HITBSecConf2012 in Kuala Lumpur, Malaysia during the Program Period. Entrants are entirely responsible for all costs and fees associated with attending the HITBSecConf2012, including (but not limited to) admission fees, transportation, accommodation and living costs. For additional information visit the Program website located at before or during the Program Period and follow the instructions for submitting an Exploit that highlights a critical importance security issue, which has not yet been reported to, or otherwise come to attention of, the Chromium project. The Exploit must meet the “Exploit Requirements,” described below. All entries must be received before the end of the Program Period. Entries are void if they are in whole or part illegible, incomplete, damaged, altered, counterfeit, obtained through fraud, or late. All entries will be deemed made by the authorized account holder of the email address submitted at the time of submission, and potential reward recipients may be required to show proof of being the authorized account holder for that email address. The "authorized account holder" is the natural person assigned to an email address by an Internet service provider, online service provider, or other organization responsible for assigning email address for the domain.** +**EXPLOIT REQUIREMENTS: The Exploit must meet the following criteria:** +**• Be an unreported and original exploit, which has not been shared or partially shared with anyone else or submitted in any other contests until it has been submitted to, and judged by, Google.** +**• Be an exploit relying on an unreported and original bug, bugs or security feature in Chrome or in Chrome when used in connection with Windows, Flash or other software e.g. drivers.** +**• Be a remote exploit accessible through the Chrome browser, which works and is reliable.** +**• Be present in the most recent supported channel(s) of Chrome, running on the latest version of Windows7 on the provided test machine.** +**• Be a critical vulnerability of high impact.** +**• Be authored or created by You.** +**• Be submitted with corresponding documentation that details each bug exploited.** +**During the Program Period, Google and/or its agents will be evaluating each Exploit to ensure that it meets the Exploit Requirements. Google reserves the right, in its sole discretion, to disqualify any entrant who submits an Exploit that does not meet the Exploit Requirements.** +**JUDGING: Each Exploit submission will be judged by a panel of experts who are employees of Google (“Judges”). Each Exploit will be evaluated by the Judges as to whether the Exploit is a critical importance vulnerability of high impact based on the potential for persistent access to the user’s account on the Windows operating system.** +**Judges will evaluate each Exploit based upon the above criteria to determine whether it is critical impact and qualifies for a reward. Rewards will be allocated on a first-come-first-served basis, based on time of submission during the Program Period specified above, until such time as the total reward pool of $2,000,000 USD (two million U.S. dollars) is exhausted.** +**In the event a potential reward recipient is disqualified for any reason, the reward allocated to that recipient will be returned to the total reward pool. The potential reward recipients will be selected and notified by telephone and/or email, at Sponsor’s discretion. If a potential reward recipient does not respond to the notification attempt within five days from the first notification attempt, then such potential recipient may be disqualified and their allocated reward will be returned to the total reward pool. With respect to notification by telephone, such notification will be deemed given when the potential reward recipient engages in a live conversation with Sponsor or when a message is left on the potential reward recipient’s voicemail service or answering machine by the Sponsor, whichever occurs first. Except where prohibited by law, each potential reward recipient may be required to sign and return a Declaration of Eligibility and Liability and Publicity Release and provide any additional information that may be required by Sponsor. If required, potential reward recipients must return all such required documents within seven days following attempted notification or such potential reward recipient may be deemed to have forfeited the reward and the reward may be returned to the total reward pool. In the event the potential reward recipient is a minor, his or her parent or legal guardian must sign the documents and return them as described herein. All notification requirements, as well as other requirements within these Rules, will be strictly enforced. In the event that no Exploits are received, no rewards will be awarded. Determinations of judges are final and binding.** +**REWARDS:** +**An Entrant submitting an Exploit demonstrating a critical importance high impact Chrome / Win7 local OS user account persistence using only bugs in Chrome itself (a “Full Chrome Exploit”), as determined in the sole discretion of the Judges, will receive a reward of $60,000 USD (sixty thousand U.S. dollars).** +**An Entrant submitting an Exploit demonstrating a critical importance high impact Chrome / Win7 local OS user account persistence using at least one bug in Chrome plus bugs in other software (e.g. a WebKit bug combined with a Windows kernel bug) (a “Partial Chrome Exploit”), as determined in the sole discretion of the Judges, will receive a reward of $50,000 USD (fifty thousand U.S. dollars).** +**An Entrant submitting an Exploit demonstrating a critical importance high impact Chrome / Win7 local OS user account persistence using only bugs not found in Chrome (e.g. bugs in Flash / Windows / drivers) (a “Non Chrome Exploit”), as determined in the sole discretion of the Judges, will receive a reward of $40,000 USD (forty thousand U.S. dollars).** +**An Entrant submitting an unreliable or incomplete Exploit demonstrating a critical importance high impact Chrome / Win7 local OS user account persistence (e.g. code execution inside a sandbox but not sandbox escape; or sandbox escape in isolation) (a “Incomplete Exploit”), as determined in the sole discretion of the Judges, may receive a reward in an amount to be determined by the judges.** +**Each reward recipient will also receive a ChromeOS netbook, provided they reside in a country to which ChromeOS netbooks can be legally shipped.** +**All rewards are contingent on Entrant's compliance with these Rules. The rewards will be awarded within approximately two weeks of receipt by Sponsor of final reward acceptance documents. No transfer, substitution or cash equivalent for rewards is allowed, except at Sponsor’s sole discretion. Sponsor reserves the right to substitute a reward, in whole or in part, of equal or greater monetary value if a reward cannot be awarded, in whole or in part, as described for any reason. Value is subject to market conditions, which can fluctuate and any difference between actual market value and ARV will not be awarded. The reward(s) may be subject to restrictions and/or licenses and may require additional hardware, software, service, or maintenance to use. The reward recipient shall bear all responsibility for use of the rewards(s) in compliance with any conditions imposed by such manufacturer(s), and any additional costs associated with its use, service, or maintenance. Program Entities have not made and Program Entities are not responsible in any manner for any warranties, representations, or guarantees, express or implied, in fact or law, relating to the reward(s), regarding the use, value or enjoyment of the reward(s), including, without limitation, its quality, mechanical condition, merchantability, or fitness for a particular purpose, with the exception of any standard manufacturer's warranty that may apply to the reward or any components thereto.** +**TAXES: PAYMENTS TO POTENTIAL REWARD RECIPIENTS ARE SUBJECT TO THE EXPRESS REQUIREMENT THAT THEY SUBMIT TO GOOGLE ALL DOCUMENTATION REQUESTED BY GOOGLE TO PERMIT IT TO COMPLY WITH ALL APPLICABLE STATE, FEDERAL, LOCAL, PROVINCIAL AND FOREIGN TAX REPORTING AND WITHHOLDING REQUIREMENTS. ALL REWARDS WILL BE NET OF ANY TAXES GOOGLE IS REQUIRED BY LAW TO WITHHOLD. ALL TAXES IMPOSED ON REWARDS ARE THE SOLE RESPONSIBILITY OF THE REWARD RECIPIENTS.** +**In order to receive a reward, potential reward recipients must submit the tax documentation requested by Google or otherwise required by applicable law, to Google or the relevant tax authority, all as determined by applicable law, including, where relevant, the law of the potential recipient’s country of residence. The potential reward recipients are responsible for ensuring that (s)he complies with all the applicable tax laws and filing requirements. If a potential reward recipient fails to provide such documentation or comply with such laws, the reward may be forfeited and Google may, in its sole discretion, return the reward to the total reward pool.** +**GENERAL CONDITIONS: All federal, state, provincial and local laws and regulations apply. Google reserves the right to disqualify any entrant from the Program if, in Google’s sole discretion, it reasonably believes that the entrant has attempted to undermine the legitimate operation of the Program by cheating, deception, or other unfair playing practices or annoys, abuses, threatens or harasses any other entrants, Google, or the Judges.** +**INTELLECTUAL PROPERTY RIGHTS: As between Google and the entrant, the entrant retains ownership of all intellectual and industrial property rights (including moral rights) in and to the Exploit. As a condition of submission, entrant grants Google, its subsidiaries, agents and partner companies, a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to use, reproduce, adapt, modify, publish, distribute, publicly perform, create a derivative work from, and publicly display the Exploit (1) for the purposes of allowing Google and the Judges to evaluate the Exploit for purposes of the Program, (2) for the purposes of evaluating the Exploit and improving Google and third party products, services, systems and networks and (3) in connection with advertising and promotion via communication to the public or other groups, including, but not limited to, the right to make screenshots, animations and Exploit clips available for promotional purposes.** +**PRIVACY: Participants agree that personal data entered during the registration, including name, mailing address, phone number, and email address may be processed, stored, shared and otherwise used for the purposes and within the context of the Program. This data will also be stored in / transferred into the United States. By entering, entrants agree to the transmission, processing, sharing and storage of this personal data in the United States. Participants also understand this data may be used by Sponsor in order to verify an Entrant’s identity, postal address and telephone number in the event a submission qualifies for a reward. Participants have the right to access, review, rectify or cancel any personal data held by Google in connection with the Program by writing to Google at the address listed above. If a participant does not provide the data require at registration, that participant’s submission will be ineligible. Otherwise, all personal information that is collected from the entrant is subject to Google’s Privacy Policy, located at http://www.google.com/privacy.html. By accepting a reward, participant agrees and consents to Google and its agencies use of entrant’s name and/or likeness to name the entrant for a reasonable time after completion of the Program in promotional and advertising material of Google (or its agents) as a recipient of a reward of the Program without additional compensation, unless prohibited by law. For residents of the EU: pursuant to EU law pertaining to data collection and processing, you are informed that: - the data controller is Google and the data recipients are Google and its agents; - your data is collected for purposes of administration of the Program and for marketing purposes; - you have a right of access to and withdrawal of your personal data. You also have a right of opposition to the data collection, under certain circumstances. To exercise such right, you may write to security@chromium.org.** +**PUBLICITY: By accepting a reward, Entrant agrees to Sponsor and its agencies use of his or her name and/or likeness and Exploit for advertising and promotional purposes without additional compensation, unless prohibited by law.** +**WARRANTY AND INDEMNITY: Participants warrant that their Exploits are their own original work and, as such, they are the sole and exclusive owner and rights holder of the submitted Exploit and that they have the right to submit the Exploit in the Program and grant all required licenses. Each entrant agrees not to submit any Exploit that (1) infringes any third party proprietary rights, intellectual property rights, industrial property rights, personal or moral rights or any other rights, including without limitation, copyright, trademark, patent, trade secret, privacy, publicity or confidentiality obligations; or (2) otherwise violates the applicable state, federal, provincial or local law.** +**To the maximum extent permitted by law, each Entrant indemnifies and agrees to keep indemnified Sponsor at all times from and against any liability, claims, demands, losses, damages, costs and expenses resulting from any act, default or omission of the Entrant and/or a breach of any warranty set forth herein. To the maximum extent permitted by law, each Entrant agrees to defend, indemnify and hold harmless the Sponsor from and against any and all claims, actions, suits or proceedings, as well as any and all losses, liabilities, damages, costs and expenses (including reasonable attorneys fees) arising out of or accruing from (a) any or other material uploaded or otherwise provided by the entrant that infringes any copyright, trademark, trade secret, trade dress, patent or other intellectual property right of any person or defames any person or violates their rights of publicity or privacy, (b) any misrepresentation made by the entrant in connection with the Program; (c) any non-compliance by the entrant with these Rules; (d) claims brought by persons or entities other than the parties to these Rules arising from or related to the Entrant’s involvement with the Program; (e) acceptance, possession, misuse or use of any reward or participation in any Program-related activity or participation in this Program; (f) any malfunction or other problem with the Program site; (g) any error in the collection, processing, or retention of submission information; or (h) any typographical or other error in the printing, offering or announcement of any reward or reward recipients.** +**ELIMINATION: Any false information provided within the context of the Program by any Entrant concerning identity, mailing address, telephone number, email address, ownership of right or non-compliance with these Rules or the like may result in the immediate elimination of the entrant from the Program.** +**NETWORK: Sponsor is not responsible for any malfunction of the entire Program site or any late, lost, damaged, misdirected, incomplete, illegible, undeliverable, or destroyed Exploits due to system errors, failed, incomplete or garbled computer or other telecommunication transmission malfunctions, hardware or software failures of any kind, lost or unavailable network connections, typographical or system/human errors and failures, technical malfunction(s) of any telephone network or lines, cable connections, satellite transmissions, servers or providers, or computer equipment, traffic congestion on the Internet or at the Program site, or any combination thereof, including other telecommunication, cable, digital or satellite malfunctions which may limit an entrant’s ability to participate.** +**RIGHT TO CANCEL, MODIFY OR DISQUALIFY: If for any reason the Program is not capable of running as planned, including infection by computer virus, bugs, tampering, unauthorized intervention, fraud, technical failures, or any other causes which corrupt or affect the administration, security, fairness, integrity, or proper conduct of the Program, Google reserves the right at its sole discretion to cancel, terminate, modify or suspend the Program. Google further reserves the right to disqualify any entrant who tampers with the submission process or any other part of the Program or Program site. Any attempt by an entrant to deliberately damage any web site, including the Program site, or undermine the legitimate operation of the Program is a violation of criminal and civil laws and should such an attempt be made, Google reserves the right to seek damages from any such entrant to the fullest extent of the applicable law.** +**NOT AN OFFER OR CONTRACT OF EMPLOYMENT: Under no circumstances shall the submission of a Exploit into the Program, the awarding of a reward, or anything in these Rules be construed as an offer or contract of employment with either Google, or any other Program entities. You acknowledge that you have submitted your Exploit voluntarily and not in confidence or in trust. You acknowledge that no confidential, fiduciary, agency or other relationship or implied-in-fact contract now exists between you and Google or any other Program entities and that no such relationship is established by your submission of an Exploit under these Rules.** +**FORUM AND RECOURSE TO JUDICIAL PROCEDURES: These Rules shall be governed by, subject to, and construed in accordance with the laws of the State of California, United States of America, excluding all conflict of law rules. If any provision(s) of these Rules are held to be invalid or unenforceable, all remaining provisions hereof will remain in full force and effect. To the extent permitted by law, the rights to litigate, seek injunctive relief or make any other recourse to judicial or any other procedure in case of disputes or claims resulting from or in connection with this Program are hereby excluded, and all Participants expressly waive any and all such rights.** +**ARBITRATION: By entering the Program, you agree that exclusive jurisdiction for any dispute, claim, or demand related in any way to the Program will be decided by binding arbitration. All disputes between you and Google of whatsoever kind or nature arising out of these Rules, shall be submitted to Judicial Arbitration and Mediation Services, Inc. (“JAMS”) for binding arbitration under its rules then in effect in the San Jose, California, USA area, before one arbitrator to be mutually agreed upon by both parties. The parties agree to share equally in the arbitration costs incurred.** +**REWARD RECIPIENT’S LIST: Reward recipients will be posted on the Program site +for three months following the conclusion of the Program.** \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/pwnium-3/index.md b/chromium/docs/website/site/Home/chromium-security/pwnium-3/index.md new file mode 100644 index 00000000000..f66c984f55b --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/pwnium-3/index.md @@ -0,0 +1,55 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: pwnium-3 +title: Pwnium 3 +--- + +**Chromium Security Reward Program** + +**Pwnium3@CanSecWest2013 Official Rules** + +**The Pwnium3@CanSecWest2013 Chromium Security Reward Program ("Program") is designed to encourage involvement in improving the security of the Chromium project. Participants submit original and unreported exploits relying on security bugs in Chrome OS including Chrome coupled with Flash / Chrome OS kernel and firmware / default apps on Chrome OS (an “Exploit”). Rewards will be awarded to participants who submit full and reliable Exploits (or Incomplete Exploits as described below) with critical impact as determined in the sole discretion of the Judges. NO PURCHASE NECESSARY TO ENTER OR WIN. VOID WHERE PROHIBITED.** +**SPONSOR: The Program is sponsored by Google Inc. (“Google” or "Sponsor"), a Delaware corporation with principal place of business at 1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA.** +**BINDING AGREEMENT: In order to enter the Program, you must agree to these Official Rules (“Rules”). Therefore, please read these Rules prior to entry and submission to ensure you understand and agree. You agree that submission of an Exploit in the Program constitutes agreement to these Rules. You may not submit an Exploit to the Program and are not eligible to receive the rewards described in these Rules unless you agree to these Rules. These Rules form a binding legal agreement between you and Google with respect to the Program.** +**ELIGIBILITY: To be eligible to enter the Program, you must be above the age of majority in the country, state, province or jurisdiction of residence (or at least twenty years old in Taiwan) at the time of submission (“You” or “Entrant”). The Program is void in, and not open to residents of, Cuba, Iran, Syria, North Korea or Sudan or to individuals and entities restricted by U.S. export controls and sanctions, and is void in any other nation, state, or province where prohibited or restricted by U.S. or local law.** +**Employees, interns, contractors, and official office-holders of Google and their subsidiaries, affiliates, and their respective directors, officers, employees, advertising and promotion agencies, representatives, and agents (“Program Entities”), and members of the Program Entities’ and their immediate families (parents, siblings, children, spouses, and life partners of each, regardless of where they live) and members of the households (whether related or not) of such employees, officers and directors are ineligible to participate in the Program. Google reserves the right to verify eligibility and to adjudicate on any dispute at any time. If you are entering as part of a company or on behalf of your employer, these rules are binding on you, individually, and/or your employer. If you are acting within the scope of your employment, as an employee, contractor, or agent of another party, you warrant that such party has full knowledge of your actions and has consented thereto, including your potential receipt of a reward. You further warrant that your actions do not violate your employer’s or company’s policies and procedures.** +**PROGRAM PERIOD: The Program begins at 10:00 A.M. local time (in Vancouver, Canada) at the CanSecWest 2013 on March 7th, 2013 and ends at 2:00 P.M. local time on March 7th, 2013 (“Program Period”). Google may extend the Program Period in its sole discretion. ENTRANTS ARE RESPONSIBLE FOR DETERMINING THE CORRESPONDING TIME ZONE IN THEIR RESPECTIVE JURISDICTIONS.** +**HOW TO ENTER: NO PURCHASE NECESSARY TO ENTER OR WIN. To enter the Program, visit the Google desk at CanSecWest 2013 in Vancouver, Canada during the Program Period. Entrants are entirely responsible for all costs and fees associated with attending the CanSecWest 2013, including (but not limited to) admission fees, transportation, accommodation and living costs. For additional information visit the Program website located at before or during the Program Period and follow the instructions for submitting an Exploit that highlights a critical importance security issue, which has not yet been reported to, or otherwise come to attention of, the Chromium project. The Exploit must meet the “Exploit Requirements,” described below. All entries must be received before the end of the Program Period. Entries are void if they are in whole or part illegible, incomplete, damaged, altered, counterfeit, obtained through fraud, or late. All entries will be deemed made by the authorized account holder of the email address submitted at the time of submission, and potential reward recipients may be required to show proof of being the authorized account holder for that email address. The "authorized account holder" is the natural person assigned to an email address by an Internet service provider, online service provider, or other organization responsible for assigning email address for the domain.** +**EXPLOIT REQUIREMENTS: The Exploit must meet the following criteria:** +**• Be an unreported and original exploit, which has not been shared or partially shared with anyone else or submitted in any other contests until it has been submitted to, and judged by, Google.** +**• Be an exploit relying on an unreported and original bug, bugs or security feature in Chrome OS, Flash or other software e.g. drivers.** +**• Be an attack that’s demonstrated against a base (WiFi) model of the Samsung Series 5 550 Chromebook, running the latest stable version of Chrome OS.** +**• Be a remote exploit accessible through the Chrome browser, which works and is reliable.** +**• Be present in the most recent supported channel(s) of Chrome OS.** +**• Be a critical vulnerability of high impact.** +**• Be authored or created by You.** +**• Be submitted with corresponding documentation that details each bug exploited.** +**During the Program Period, Google and/or its agents will be evaluating each Exploit to ensure that it meets the Exploit Requirements. Google reserves the right, in its sole discretion, to disqualify any entrant who submits an Exploit that does not meet the Exploit Requirements.** +**JUDGING: Each Exploit submission will be judged by a panel of experts who are employees of Google (“Judges”). Each Exploit will be evaluated by the Judges as to whether the Exploit is a critical importance vulnerability of high impact based on the potential for persistent access to the user’s account or Guest mode on the Chrome operating system.** +**Judges will evaluate each Exploit based upon the above criteria to determine whether it is critical impact and qualifies for a reward. Rewards will be allocated on a first-come-first-served basis, based on time of submission during the Program Period specified above, until such time as the total reward pool of $3,141,592 USD (PI million U.S. dollars) is exhausted.** +**In the event a potential reward recipient is disqualified for any reason, the reward allocated to that recipient will be returned to the total reward pool. The potential reward recipients will be selected and notified by telephone and/or email, at Sponsor’s discretion. If a potential reward recipient does not respond to the notification attempt within five days from the first notification attempt, then such potential recipient may be disqualified and their allocated reward will be returned to the total reward pool. With respect to notification by telephone, such notification will be deemed given when the potential reward recipient engages in a live conversation with Sponsor or when a message is left on the potential reward recipient’s voicemail service or answering machine by the Sponsor, whichever occurs first. Except where prohibited by law, each potential reward recipient may be required to sign and return a Declaration of Eligibility and Liability and Publicity Release and provide any additional information that may be required by Sponsor. If required, potential reward recipients must return all such required documents within seven days following attempted notification or such potential reward recipient may be deemed to have forfeited the reward and the reward may be returned to the total reward pool. In the event the potential reward recipient is a minor, his or her parent or legal guardian must sign the documents and return them as described herein. All notification requirements, as well as other requirements within these Rules, will be strictly enforced. In the event that no Exploits are received, no rewards will be awarded. Determinations of judges are final and binding.** +**REWARDS:** +**An Entrant submitting an Entry demonstrating an exploit against Chrome OS delivered via a web page and triggerable when browsing in Guest mode and affecting all subsequent Guest mode sessions across reboots (“persistent Guest-to-Guest exploit”) using bugs in Chrome OS, as determined in the sole discretion of the Judges, will receive a reward of $150,000 USD (one hundred and fifty thousand U.S. dollars).** +**An Entrant submitting an Exploit demonstrating a critical importance high impact Chrome browser level compromise delivered via a web page using only bugs in Chrome OS as determined in the sole discretion of the Judges, will receive a reward of $110,000 USD (one hundred and ten thousand U.S. dollars).** +**Each reward recipient will also receive a Chromebook, provided they reside in a country to which Chromebooks can be legally shipped.** +**All rewards are contingent on Entrant's compliance with these Rules. The rewards will be awarded within approximately two weeks of receipt by Sponsor of final reward acceptance documents. No transfer, substitution or cash equivalent for rewards is allowed, except at Sponsor’s sole discretion. Sponsor reserves the right to substitute a reward, in whole or in part, of equal or greater monetary value if a reward cannot be awarded, in whole or in part, as described for any reason. Value is subject to market conditions, which can fluctuate and any difference between actual market value and ARV will not be awarded. The reward(s) may be subject to restrictions and/or licenses and may require additional hardware, software, service, or maintenance to use. The reward recipient shall bear all responsibility for use of the rewards(s) in compliance with any conditions imposed by such manufacturer(s), and any additional costs associated with its use, service, or maintenance. Program Entities have not made and Program Entities are not responsible in any manner for any warranties, representations, or guarantees, express or implied, in fact or law, relating to the reward(s), regarding the use, value or enjoyment of the reward(s), including, without limitation, its quality, mechanical condition, merchantability, or fitness for a particular purpose, with the exception of any standard manufacturer's warranty that may apply to the reward or any components thereto.** +**TAXES: PAYMENTS TO POTENTIAL REWARD RECIPIENTS ARE SUBJECT TO THE EXPRESS REQUIREMENT THAT THEY SUBMIT TO GOOGLE ALL DOCUMENTATION REQUESTED BY GOOGLE TO PERMIT IT TO COMPLY WITH ALL APPLICABLE STATE, FEDERAL, LOCAL, PROVINCIAL AND FOREIGN TAX REPORTING AND WITHHOLDING REQUIREMENTS. ALL REWARDS WILL BE NET OF ANY TAXES GOOGLE IS REQUIRED BY LAW TO WITHHOLD. ALL TAXES IMPOSED ON REWARDS ARE THE SOLE RESPONSIBILITY OF THE REWARD RECIPIENTS.** +**In order to receive a reward, potential reward recipients must submit the tax documentation requested by Google or otherwise required by applicable law, to Google or the relevant tax authority, all as determined by applicable law, including, where relevant, the law of the potential recipient’s country of residence. The potential reward recipients are responsible for ensuring that (s)he complies with all the applicable tax laws and filing requirements. If a potential reward recipient fails to provide such documentation or comply with such laws, the reward may be forfeited and Google may, in its sole discretion, return the reward to the total reward pool.** +**GENERAL CONDITIONS: All federal, state, provincial and local laws and regulations apply. Google reserves the right to disqualify any entrant from the Program if, in Google’s sole discretion, it reasonably believes that the entrant has attempted to undermine the legitimate operation of the Program by cheating, deception, or other unfair playing practices or annoys, abuses, threatens or harasses any other entrants, Google, or the Judges.** +**INTELLECTUAL PROPERTY RIGHTS: As between Google and the entrant, the entrant retains ownership of all intellectual and industrial property rights (including moral rights) in and to the Exploit. As a condition of submission, entrant grants Google, its subsidiaries, agents and partner companies, a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive license to use, reproduce, adapt, modify, publish, distribute, publicly perform, create a derivative work from, and publicly display the Exploit (1) for the purposes of allowing Google and the Judges to evaluate the Exploit for purposes of the Program, (2) for the purposes of evaluating the Exploit and improving Google and third party products, services, systems and networks and (3) in connection with advertising and promotion via communication to the public or other groups, including, but not limited to, the right to make screenshots, animations and Exploit clips available for promotional purposes.** +**PRIVACY: Participants agree that personal data entered during the registration, including name, mailing address, phone number, and email address may be processed, stored, shared and otherwise used for the purposes and within the context of the Program. This data will also be stored in / transferred into the United States. By entering, entrants agree to the transmission, processing, sharing and storage of this personal data in the United States. Participants also understand this data may be used by Sponsor in order to verify an Entrant’s identity, postal address and telephone number in the event a submission qualifies for a reward. Participants have the right to access, review, rectify or cancel any personal data held by Google in connection with the Program by writing to Google at the address listed above. If a participant does not provide the data require at registration, that participant’s submission will be ineligible. Otherwise, all personal information that is collected from the entrant is subject to Google’s Privacy Policy, located at http://www.google.com/privacy.html. By accepting a reward, participant agrees and consents to Google and its agencies use of entrant’s name and/or likeness to name the entrant for a reasonable time after completion of the Program in promotional and advertising material of Google (or its agents) as a recipient of a reward of the Program without additional compensation, unless prohibited by law. For residents of the EU: pursuant to EU law pertaining to data collection and processing, you are informed that: - the data controller is Google and the data recipients are Google and its agents; - your data is collected for purposes of administration of the Program and for marketing purposes; - you have a right of access to and withdrawal of your personal data. You also have a right of opposition to the data collection, under certain circumstances. To exercise such right, you may write to security@chromium.org.** +**PUBLICITY: By accepting a reward, Entrant agrees to Sponsor and its agencies use of his or her name and/or likeness and Exploit for advertising and promotional purposes without additional compensation, unless prohibited by law.** +**WARRANTY AND INDEMNITY: Participants warrant that their Exploits are their own original work and, as such, they are the sole and exclusive owner and rights holder of the submitted Exploit and that they have the right to submit the Exploit in the Program and grant all required licenses. Each entrant agrees not to submit any Exploit that (1) infringes any third party proprietary rights, intellectual property rights, industrial property rights, personal or moral rights or any other rights, including without limitation, copyright, trademark, patent, trade secret, privacy, publicity or confidentiality obligations; or (2) otherwise violates the applicable state, federal, provincial or local law.** +**To the maximum extent permitted by law, each Entrant indemnifies and agrees to keep indemnified Sponsor at all times from and against any liability, claims, demands, losses, damages, costs and expenses resulting from any act, default or omission of the Entrant and/or a breach of any warranty set forth herein. To the maximum extent permitted by law, each Entrant agrees to defend, indemnify and hold harmless the Sponsor from and against any and all claims, actions, suits or proceedings, as well as any and all losses, liabilities, damages, costs and expenses (including reasonable attorneys fees) arising out of or accruing from (a) any or other material uploaded or otherwise provided by the entrant that infringes any copyright, trademark, trade secret, trade dress, patent or other intellectual property right of any person or defames any person or violates their rights of publicity or privacy, (b) any misrepresentation made by the entrant in connection with the Program; (c) any non-compliance by the entrant with these Rules; (d) claims brought by persons or entities other than the parties to these Rules arising from or related to the Entrant’s involvement with the Program; (e) acceptance, possession, misuse or use of any reward or participation in any Program-related activity or participation in this Program; (f) any malfunction or other problem with the Program site; (g) any error in the collection, processing, or retention of submission information; or (h) any typographical or other error in the printing, offering or announcement of any reward or reward recipients.** +**ELIMINATION: Any false information provided within the context of the Program by any Entrant concerning identity, mailing address, telephone number, email address, ownership of right or non-compliance with these Rules or the like may result in the immediate elimination of the entrant from the Program.** +**NETWORK: Sponsor is not responsible for any malfunction of the entire Program site or any late, lost, damaged, misdirected, incomplete, illegible, undeliverable, or destroyed Exploits due to system errors, failed, incomplete or garbled computer or other telecommunication transmission malfunctions, hardware or software failures of any kind, lost or unavailable network connections, typographical or system/human errors and failures, technical malfunction(s) of any telephone network or lines, cable connections, satellite transmissions, servers or providers, or computer equipment, traffic congestion on the Internet or at the Program site, or any combination thereof, including other telecommunication, cable, digital or satellite malfunctions which may limit an entrant’s ability to participate.** +**RIGHT TO CANCEL, MODIFY OR DISQUALIFY: If for any reason the Program is not capable of running as planned, including infection by computer virus, bugs, tampering, unauthorized intervention, fraud, technical failures, or any other causes which corrupt or affect the administration, security, fairness, integrity, or proper conduct of the Program, Google reserves the right at its sole discretion to cancel, terminate, modify or suspend the Program. Google further reserves the right to disqualify any entrant who tampers with the submission process or any other part of the Program or Program site. Any attempt by an entrant to deliberately damage any web site, including the Program site, or undermine the legitimate operation of the Program is a violation of criminal and civil laws and should such an attempt be made, Google reserves the right to seek damages from any such entrant to the fullest extent of the applicable law.** +**NOT AN OFFER OR CONTRACT OF EMPLOYMENT: Under no circumstances shall the submission of a Exploit into the Program, the awarding of a reward, or anything in these Rules be construed as an offer or contract of employment with either Google, or any other Program entities. You acknowledge that you have submitted your Exploit voluntarily and not in confidence or in trust. You acknowledge that no confidential, fiduciary, agency or other relationship or implied-in-fact contract now exists between you and Google or any other Program entities and that no such relationship is established by your submission of an Exploit under these Rules.** +**FORUM AND RECOURSE TO JUDICIAL PROCEDURES: These Rules shall be governed by, subject to, and construed in accordance with the laws of the State of California, United States of America, excluding all conflict of law rules. If any provision(s) of these Rules are held to be invalid or unenforceable, all remaining provisions hereof will remain in full force and effect. To the extent permitted by law, the rights to litigate, seek injunctive relief or make any other recourse to judicial or any other procedure in case of disputes or claims resulting from or in connection with this Program are hereby excluded, and all Participants expressly waive any and all such rights.** +**ARBITRATION: By entering the Program, you agree that exclusive jurisdiction for any dispute, claim, or demand related in any way to the Program will be decided by binding arbitration. All disputes between you and Google of whatsoever kind or nature arising out of these Rules, shall be submitted to Judicial Arbitration and Mediation Services, Inc. (“JAMS”) for binding arbitration under its rules then in effect in the San Jose, California, USA area, before one arbitrator to be mutually agreed upon by both parties. The parties agree to share equally in the arbitration costs incurred.** +**REWARD RECIPIENT’S LIST: Reward recipients will be posted on the Program site +for three months following the conclusion of the Program.** \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/pwnium-4/index.md b/chromium/docs/website/site/Home/chromium-security/pwnium-4/index.md new file mode 100644 index 00000000000..09eff14b35b --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/pwnium-4/index.md @@ -0,0 +1,364 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: pwnium-4 +title: Pwnium 4 +--- + +Pwnium4@CanSecWest2014 + +Chromium Security Reward Program + +Official Rules + +NO PURCHASE NECESSARY TO ENTER OR WIN. VOID WHERE PROHIBITED. CONTEST IS OPEN TO +RESIDENTS OF THE 50 UNITED STATES, THE DISTRICT OF COLUMBIA AND WORLDWIDE, +EXCEPT FOR RESIDENTS OF ITALY, BRAZIL, QUEBEC, CUBA, IRAN, SYRIA, NORTH KOREA, +and SUDAN. + +ENTRY IN THIS CONTEST CONSTITUTES YOUR ACCEPTANCE OF THESE OFFICIAL RULES. + +The Pwnium4@CanSecWest2014 Chromium Security Reward Program ("Program") is a +skill contest designed to encourage involvement in improving the security of the +Chromium project. Entrants submit original and unreported exploits relying on +security bugs in Chrome OS including Chrome coupled with Flash / Chrome OS +kernel and firmware / default apps on Chrome OS (an “Exploit”). The Exploits +entrants develop will be evaluated by judges, who will award rewards to entrants +who submit full and reliable Exploits (or Incomplete Exploits, as described +below) with critical impact as determined in the sole discretion of the Judges. + +1. BINDING AGREEMENT: In order to enter the Program, you must agree to these +Official Rules (“Rules”). Therefore, please read these Rules prior to entry to +ensure you understand and agree. You agree that submission of an Exploit in the +Program constitutes agreement to these Rules. You may not submit an Exploit to +the Program and are not eligible to receive the rewards described in these Rules +unless you agree to these Rules. These Rules form a binding legal agreement +between you and Google with respect to the Program. + +2. ELIGIBILITY: To be eligible to enter the Program, you must be: (1) above the +age of majority in the country, state, province or jurisdiction of residence (or +at least twenty years old in Taiwan) at the time of entry; (2) not a resident of +Italy, Brazil, Quebec, Cuba, Iran, Syria, North Korea, or Sudan; (3) not a +person or entity under U.S. export controls or sanctions; and (4) have access to +the Internet as of January 23rd, 2014. Contest is void in Italy, Brazil, Quebec, +Cuba, Iran, Syria, North Korea, Sudan), and where prohibited by law. + +Employees, interns, contractors, and official office-holders of Google, and +their parent companies, subsidiaries, affiliates, and their respective +directors, officers, employees, advertising and promotion agencies, +representatives, and agents (“Program Entities”), and members of the Program +Entities’ and their immediate families (parents, siblings, children, spouses, +and life partners of each, regardless of where they live) and members of the +households (whether related or not) of such employees, officers and directors +are ineligible to participate in the Program. Google reserves the right to +verify eligibility and to adjudicate on any dispute at any time. + +If you are entering as part of a company or on behalf of your employer, these +rules are binding on you, individually, and/or your employer. If you are acting +within the scope of your employment, as an employee, contractor, or agent of +another party, you warrant that such party has full knowledge of your actions +and has consented thereto, including your potential receipt of a reward. You +further warrant that your actions do not violate your employer’s or company’s +policies and procedures. + +3. SPONSOR: The Program is sponsored by Google Inc. (“Google” or "Sponsor"), a +Delaware corporation with principal place of business at 1600 Amphitheatre +Parkway, Mountain View, CA, 94043, USA. + +4. PROGRAM PERIOD: The Program begins at 10:00:00 A.M. Pacific Time (PT) Zone +(in Vancouver, Canada) at CanSecWest 2014 on March 12th, 2014 and ends at +12:00:00 P.M. PT on March 12th, 2014 (“Program Period”). Google may extend the +Program Period in its sole discretion. ENTRANTS ARE RESPONSIBLE FOR DETERMINING +THE CORRESPONDING TIME ZONE IN THEIR RESPECTIVE JURISDICTIONS. + +5. HOW TO ENTER: NO PURCHASE NECESSARY TO ENTER OR WIN. To enter the Program, +register before 5:00:00 P.M. PST (Pacific Standard Time) on Monday, March 10th, +2014 by sending an email with your name to +[pwnium4@chromium.org](mailto:pwnium4@chromium.org), and then visit the Google +desk at CanSecWest 2014 in Vancouver, Canada during the Program Period. Entrants +will be assigned a specific timeslot on March 12th, 2014 during which they may +demonstrate Exploits to the Judges. Exploits must be demonstrated during +entrant’s assigned time to be eligible for a reward, and must meet the “Exploit +Requirements,” described below. + +Entrants are entirely responsible for all costs and fees associated with +entrant’s participation in the Program and attending the CanSecWest 2014, +including (but not limited to) admission fees, transportation, accommodation and +living costs. All entries must be received before the end of the Program Period. +Entries are void if they are in whole or part illegible, incomplete, damaged, +altered, counterfeit, obtained through fraud, or late. All entries will be +deemed made by the authorized account holder of the email address submitted at +the time of submission, and potential reward recipients may be required to show +proof of being the authorized account holder for that email address. The +"authorized account holder" is the natural person assigned to an email address +by an Internet service provider, online service provider, or other organization +responsible for assigning email address for the domain. + +EXPLOIT REQUIREMENTS: The Exploit must meet the following criteria: + +• Be an unreported and original exploit, which has not been shared or partially +shared with anyone else or submitted in any other contests. + +• Be an exploit relying on an unreported and original bug, bugs or security +feature in Chrome OS, Flash or other software e.g. drivers. + +• Be an attack that’s demonstrated against a base (WiFi) model of the ARM-based +HP Chromebook 11, running the latest stable version of Chrome OS; or a 2GB WiFi +model of the Acer C720 Intel Chromebook, running the latest stable version of +Chrome OS. + +• Be a remote exploit accessible through the Chrome browser, which works and is +reliable. + +• Be served from a password-authenticated and HTTPS-supported Google property, +such as Google App Engine. + +• Be present in the most recent supported channel(s) of Chrome OS. + +• Be a critical vulnerability of high impact. + +• Be authored or created by You. + +• Be submitted with corresponding documentation that details each bug exploited. + +During the Program Period, Google, its agents, and/or the Judges (defined below) +will be evaluating each Exploit to ensure that it meets the Exploit +Requirements. Google reserves the right, in its sole discretion, to disqualify +any entrant who submits an Exploit that does not meet the Exploit Requirements. + +6. JUDGING: Each Exploit submission will be judged by a panel of experts who are +employees of Google (“Judges”). Each Exploit will be evaluated by the Judges as +to whether the Exploit is a critical importance vulnerability of high impact, +based on the potential for persistent access to the user’s account or guest mode +on the Chrome operating system. + +Judges will evaluate each Exploit based upon the above criteria to determine +whether it is critical impact and qualifies for a reward. + +If a potential reward recipient is disqualified for any reason, the reward +allocated to that recipient will be returned to the total reward pool. On or +about March 17th, 2014, the potential reward recipients will be selected and +notified by telephone and/or email, at Sponsor’s discretion. If a potential +reward recipient does not respond to the notification attempt within five days +from the first notification attempt, then such potential reward recipient may be +disqualified and the allocated reward will be returned to the total reward pool. +With respect to notification by telephone, such notification will be deemed +given when the potential reward recipient engages in a live conversation with +Sponsor or when a message is left on the potential reward recipient’s voicemail +service or answering machine by the Sponsor, whichever occurs first. Except +where prohibited by law, each potential reward recipient may be required to sign +and return a Declaration of Eligibility and Liability and Publicity Release and +provide any additional information that may be required by Sponsor. If required, +potential reward recipients must return all such required documents within seven +days following attempted notification or such potential reward recipient may be +deemed to have forfeited the reward and the reward may be returned to the total +reward pool. All notification requirements, as well as other requirements within +these Rules, will be strictly enforced. In the event no Exploits are received, +no rewards will be awarded. Determinations of judges are final and binding. + +7. REWARDS: Rewards for eligible Exploits will be allocated to eligible entrants +on a first-come-first-served basis, based on time of submission during the +Program Period specified above, until such time as the total reward pool of +$2.71828 million USD is exhausted: + +An entrant submitting an Exploit demonstrating a Chrome OS system-level +compromise delivered via a web page and triggerable when browsing in Guest mode +and affecting all subsequent Guest mode sessions across reboots (“persistent +Guest-to-Guest exploit”) using bugs in Chrome OS, as determined in the sole +discretion of the Judges, will receive a reward of $150,000 USD (one hundred and +fifty thousand U.S. dollars). + +An entrant submitting an Exploit demonstrating a Chrome browser-level compromise +delivered via a web page using bugs in Chrome OS as determined in the sole +discretion of the Judges, will receive a reward of $110,000 USD (one hundred and +ten thousand U.S. dollars). + +Google reserves the right to issue partial rewards, in its sole discretion, for +partial, incomplete or unreliable Exploits. Google may also consider issuing +significant bonuses for any Entrant who demonstrates a particularly impressive +or surprising exploit. + +Each reward recipient will also receive a Chromebook, provided such reward +recipient resides in a country where Chromebooks are legally available. + +Odds of winning any reward depends on the number of eligible entries received +during the Program Period and the skill of the entrants. The rewards will be +awarded within approximately two weeks of receipt by Sponsor of final reward +acceptance documents. No transfer, substitution or cash equivalent for rewards +is allowed, except at Sponsor’s sole discretion. Sponsor reserves the right to +substitute a reward, in whole or in part, of equal or greater monetary value if +a reward cannot be awarded, in whole or in part, as described for any reason. +Value is subject to market conditions, which can fluctuate and any difference +between actual market value and ARV will not be awarded. The reward(s) may be +subject to restrictions and/or licenses and may require additional hardware, +software, service, or maintenance to use. The reward recipient shall bear all +responsibility for use of the rewards(s) in compliance with any conditions +imposed by such manufacturer(s), and any additional costs associated with its +use, service, or maintenance. Program Entities have not made and Program +Entities are not responsible in any manner for any warranties, representations, +or guarantees, express or implied, in fact or law, relating to the reward(s), +regarding the use, value or enjoyment of the reward(s), including, without +limitation, its quality, mechanical condition, merchantability, or fitness for a +particular purpose, with the exception of any standard manufacturer's warranty +that may apply to the reward or any components thereto. + +9. TAXES: PAYMENTS TO POTENTIAL REWARD RECIPIENTS ARE SUBJECT TO THE EXPRESS +REQUIREMENT THAT THEY SUBMIT TO GOOGLE ALL DOCUMENTATION REQUESTED BY GOOGLE TO +PERMIT IT TO COMPLY WITH ALL APPLICABLE STATE, FEDERAL, LOCAL, AND FOREIGN +(INCLUDING PROVINCIAL) TAX REPORTING AND WITHHOLDING REQUIREMENTS. ALL REWARDS +WILL BE NET OF ANY TAXES GOOGLE IS REQUIRED BY LAW TO WITHHOLD. ALL TAXES +IMPOSED ON REWARDS ARE THE SOLE RESPONSIBILITY OF THE REWARD RECIPIENTS. In +order to receive a reward, potential reward recipients must submit the tax +documentation requested by Google or otherwise required by applicable law, to +Google or the relevant tax authority, all as determined by applicable law, +including, where relevant, the law of the potential recipient’s country of +residence. The potential reward recipients are responsible for ensuring that +(s)he complies with all the applicable tax laws and filing requirements. If a +potential reward recipient fails to provide such documentation or comply with +such laws, the reward may be forfeited and Google may, in its sole discretion, +return the reward to the total reward pool. + +10. GENERAL CONDITIONS: All federal, state, provincial and local laws and +regulations apply. Google reserves the right to disqualify any entrant from the +Program if, in Google’s sole discretion, it reasonably believes that the entrant +has attempted to undermine the legitimate operation of the Program by cheating, +deception, or other unfair playing practices or annoys, abuses, threatens or +harasses any other entrants, Google, or the Judges. + +11. INTELLECTUAL PROPERTY RIGHTS: As between Google and the entrant, the entrant +retains ownership of all intellectual and industrial property rights (including +moral rights) in and to the Exploit. By submitting an Exploit to the Program, +the entrant warrants and represents that he or she owns all of the intellectual +and industrial property rights in and to the Exploit. As a condition of +submission, entrant grants Google, its subsidiaries, agents and partner +companies, a perpetual, irrevocable, worldwide, royalty-free, and non-exclusive +license to use, reproduce, adapt, modify, publish, distribute, publicly perform, +create a derivative work from, and publicly display the Exploit (1) for the +purposes of allowing Google and the Judges to evaluate the Exploit for purposes +of the Program, (2) for the purposes of evaluating the Exploit and improving +Google and third party products, services, systems and networks and (3) in +connection with advertising and promotion via communication to the public or +other groups, including, but not limited to, the right to make screenshots, +animations and Exploit clips available for promotional purposes. + +12. PRIVACY: Entrant acknowledges and agrees that Google may collect, store, +share and otherwise use personally identifiable information provided during the +registration process and the Program, including, but not limited to, name, +mailing address, phone number, and email address. Google will use this +information in accordance with its Privacy Policy +(), including for administering the +Program and verifying Participant’s identity, postal address and telephone +number in the event an entry qualifies for a reward. + +Participant’s information may also be transferred to countries outside the +country of participant's residence, including the United States. Such other +countries may not have privacy laws and regulations similar to those of the +country of participant's residence. + +If a participant does not provide the mandatory data required at registration, +Google reserves the right to disqualify the entry. + +Participant has the right to request access, review, rectification or deletion +of any personal data held by Google in connection with the Contest by writing to +Google at this email address: security@chromium.org. + +13. PUBLICITY: By accepting a reward, entrant agrees to Sponsor and its agencies +use of his or her name and/or likeness and Exploit for advertising and +promotional purposes without additional compensation, unless prohibited by law. + +14. WARRANTY AND INDEMNITY: Entrants warrant that their Exploits are their own +original work and, as such, they are the sole and exclusive owner and rights +holder of the submitted Exploit and that they have the right to submit the +Exploit in the Program and grant all required licenses. Each entrant agrees not +to submit any Exploit that (1) infringes any third party proprietary rights, +intellectual property rights, industrial property rights, personal or moral +rights or any other rights, including without limitation, copyright, trademark, +patent, trade secret, privacy, publicity or confidentiality obligations; or (2) +otherwise violates the applicable state, federal, provincial or local law. + +To the maximum extent permitted by law, each entrant indemnifies and agrees to +keep indemnified Sponsor at all times from and against any liability, claims, +demands, losses, damages, costs and expenses resulting from any act, default or +omission of the entrant and/or a breach of any warranty set forth herein. To the +maximum extent permitted by law, each entrant agrees to defend, indemnify and +hold harmless the Sponsor from and against any and all claims, actions, suits or +proceedings, as well as any and all losses, liabilities, damages, costs and +expenses (including reasonable attorneys fees) arising out of or accruing from +(a) any Esploit or other material uploaded or otherwise provided by the entrant +that infringes any copyright, trademark, trade secret, trade dress, patent or +other intellectual property right of any person or defames any person or +violates their rights of publicity or privacy, (b) any misrepresentation made by +the entrant in connection with the Program; (c) any non-compliance by the +entrant with these Rules; (d) claims brought by persons or entities other than +the parties to these Rules arising from or related to the entrant’s involvement +with the Program; (e) acceptance, possession, misuse or use of any prize, or +participation in any Program-related activity or participation in this Program; +(f) any malfunction or other problem with the Program site; (g) any error in the +collection, processing, or retention of submission information; or (h) any +typographical or other error in the printing, offering or announcement of any +reward or reward recipients. + +15. ELIMINATION: Any false information provided within the context of the +Program by any entrant concerning identity, mailing address, telephone number, +email address, ownership of right or non-compliance with these Rules or the like +may result in the immediate elimination of the entrant from the Program. + +16. INTERNET: Sponsor is not responsible for any malfunction of the entire +Program site or any late, lost, damaged, misdirected, incomplete, illegible, +undeliverable, or destroyed Exploits or entry materials due to system errors, +failed, incomplete or garbled computer or other telecommunication transmission +malfunctions, hardware or software failures of any kind, lost or unavailable +network connections, typographical or system/human errors and failures, +technical malfunction(s) of any telephone network or lines, cable connections, +satellite transmissions, servers or providers, or computer equipment, traffic +congestion on the Internet or at the Program site, or any combination thereof, +including other telecommunication, cable, digital or satellite malfunctions +which may limit a participant’s ability to participate. + +17. RIGHT TO CANCEL, MODIFY OR DISQUALIFY: If for any reason the Program is not +capable of running as planned, including infection by computer virus, bugs, +tampering, unauthorized intervention, fraud, technical failures, or any other +causes which corrupt or affect the administration, security, fairness, +integrity, or proper conduct of the Program, Google reserves the right at its +sole discretion to cancel, terminate, modify or suspend the Program. Google +further reserves the right to disqualify any entrant who tampers with the +submission process or any other part of the Program or Program site. Any attempt +by an entrant to deliberately damage any web site, including the Program site, +or undermine the legitimate operation of the Program is a violation of criminal +and civil laws and should such an attempt be made, Google reserves the right to +seek damages from any such entrant to the fullest extent of the applicable law. + +18. NOT AN OFFER OR CONTRACT OF EMPLOYMENT: Under no circumstances shall the +submission of a Exploit into the Program, the awarding of a reward, or anything +in these Rules be construed as an offer or contract of employment with either +Google, or any other Program entities. You acknowledge that you have submitted +your Exploit voluntarily and not in confidence or in trust. You acknowledge that +no confidential, fiduciary, agency or other relationship or implied-in-fact +contract now exists between you and Google or any other Program entities and +that no such relationship is established by your submission of an Exploit under +these Rules. + +19. FORUM AND RECOURSE TO JUDICIAL PROCEDURES: These Rules shall be governed by, +subject to, and construed in accordance with the laws of the State of +California, United States of America, excluding all conflict of law rules. If +any provision(s) of these Rules are held to be invalid or unenforceable, all +remaining provisions hereof will remain in full force and effect. To the extent +permitted by law, the rights to litigate, seek injunctive relief or make any +other recourse to judicial or any other procedure in case of disputes or claims +resulting from or in connection with this Program are hereby excluded, and all +participants expressly waive any and all such rights. + +20. ARBITRATION: By entering the Program, you agree that exclusive jurisdiction +for any dispute, claim, or demand related in any way to the Program will be +decided by binding arbitration. All disputes between you and Google of +whatsoever kind or nature arising out of these Rules, shall be submitted to +Judicial Arbitration and Mediation Services, Inc. (“JAMS”) for binding +arbitration under its rules then in effect in the San Jose, California, USA +area, before one arbitrator to be mutually agreed upon by both parties. The +parties agree to share equally in the arbitration costs incurred. + +20. REWARD RECIPIENT’S LIST: Reward recipients will be posted on the Program +site for six months following the conclusion of the Program. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/quarterly-updates/index.md b/chromium/docs/website/site/Home/chromium-security/quarterly-updates/index.md new file mode 100644 index 00000000000..d0014a2b0f0 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/quarterly-updates/index.md @@ -0,0 +1,4027 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: quarterly-updates +title: Quarterly Updates +--- + +We post a newsletter-y update quarterly on +[security-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!searchin/security-dev/quarter$20summary%7Csort:date). +It's an open list, so +[subscribe](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev) +if you're interested in updates, discussion, or feisty rants related to Chromium +security. + +## Q1 and Q2 2021 + +Greetings, + +With apologies to those still waiting patiently for our Q1 update, here instead +is a look back at what the Chrome Security teams have been up to in the first +half of 2021. + +Chrome is hiring, including for security positions! See +[g.co/chrome/hiring](https://g.co/chrome/hiring). In particular we're looking +for a [lead security product +manager](https://careers.google.com/jobs/results/118648881425588934-lead-product-manager-chrome-security/) +to work with the teams doing all the great things in this update, and more +across the Chrome Trust and Safety organisation. + +The first half of 2021 is trending toward record-setting totals for the Chrome +[Vulnerability Reward Program](https://g.co/chrome/vrp) (VRP) with the security +researcher community awarded $1.7M for reporting close to 200 unique, valid +security bugs. Of these reward-eligible reports, 84 were reports for Critical +and High severity issues that impacted stable channel users. The Chrome VRP +continues to be a vital part of our security ecosystem and we greatly appreciate +the efforts of the Chrome VRP researcher community to help keep Chrome users +more secure! + +In a collaborative effort led by the Google VRP, the new [Google BugHunters +site](https://bughunters.google.com/) was launched. Chrome bugs can be reported +via that site, as well as at [crbug.com/new](https://crbug.com/new) using the +Security Bug template as before. + +In collaboration with the other VRP programs across Google, bonuses were paid +out to VRP researchers impacted by recent payment delays. We are additionally +working on ways to proactively decrease future delays, and improve the +efficiency and processes of the program. + +In Q1 the Safe Browsing team grew the [Enhanced Safe +Browsing](https://security.googleblog.com/2020/05/enhanced-safe-browsing-protection-now.html) +population by more than 400% through in-product integrations with the security +interstitial pages and Safety Check. We also started using machine learning +models to protect users who have [real-time Safe Browsing +lookups](https://security.googleblog.com/2019/12/better-password-protections-in-chrome.html#:~:text=real-time%20phishing%20protection:%20checking%20with%20safe%20browsing%E2%80%99s%20blocklist%20in%20real%20time.) +against phishing attacks which, along with heuristic-based enforcement, allowed +us to decrease our phishing false negatives by up to 20%. + +We designed improvements to our client-side phishing detection subsystem, which +will allow us to innovate faster in that area in the coming quarters. + +In Q2 we [rolled +out](https://security.googleblog.com/2021/06/new-protections-for-enhanced-safe.html) +a new set of protections for Enhanced Safe Browsing users in Chrome 91: Improved +download protection by offering scanning of suspicious downloads, and better +protection against untrusted extensions. We continued to see a phenomenal growth +in the number of users who opt in to Enhanced Safe Browsing to get Chrome’s +highest level of security. + +We helped land improvements to the client-side phishing detection subsystem in +Chrome 92 which made image-based phishing classification [up to 50 times +faster](https://blog.chromium.org/2021/07/m92-faster-and-more-efficient-phishing-detection.html). +And we landed improvements to the Chrome Cleanup Tool to remove new families of +unwanted software from the users’ machines. + +In Chrome 90, we launched a +[milestone](https://blog.chromium.org/2021/03/a-safer-default-for-navigation-https.html) +for a secure web: Chrome’s omnibox now defaults to HTTPS when users don’t +specify a scheme. We later +[announced](https://blog.chromium.org/2021/07/increasing-https-adoption.html) a +set of changes to prepare the web for an HTTPS-first future. We’re implementing +HTTPS-First Mode as an option for Chrome 94, a setting that will cause Chrome to +automatically upgrade navigations to HTTPS, and show a full-page warning before +falling back to HTTP. We’ll also be experimenting with a new security indicator +icon for HTTPS pages in Chrome 93, inspired by our research showing that many +users don’t understand the security assurances of the padlock icon. Finally, we +announced a set of guiding principles for protecting and informing users on the +slice of the web that is still HTTP. + +To try out HTTPS-First Mode in Chrome Canary, toggle “Always use secure +connections” in chrome://settings/security. You can also preview our new HTTPS +security indicator by enabling “Omnibox Updated connection security indicators” +in chrome://flags and then re-launching Chrome. + +In June, Chrome passed a huge milestone in the history of [Certificate +Transparency](https://certificate.transparency.dev/). The last certificates +issued before Chrome required CT logging have now expired. That eliminates a +hole where a malicious or compromised CA key could backdate a cert to avoid +logging it. Congratulations to all who've worked on CT over the years, and those +who continue to keep the ecosystem thriving. + +To further strengthen the Certificate Transparency ecosystem, we launched the +[first +phase](https://docs.google.com/document/d/1G1Jy8LJgSqJ-B673GnTYIG4b7XRw2ZLtvvSlrqFcl4A/edit#heading=h.7nki9mck5t64) +of SCT auditing, which helps verify that CT logs are behaving honestly, and +[designed](https://docs.google.com/document/d/1YTUzoG6BDF1QIxosaQDp2H5IzYY7_fwH8qNJXSVX8OQ/edit) +and began implementing subsequent phases to improve coverage and reliability. In +Chrome 94 we’ll launch a change to distribute CT log information to clients +faster and more reliably, which will help unblock CT enforcement on Chrome for +Android. + +We’ve made progress on under-the-hood improvements to certificates and TLS. We +[proposed](https://github.com/sleevi/cabforum-docs/tree/profiles) a set of +changes in the [CA/Browser Forum](https://cabforum.org/) to better specify how +website (and other) certificates should be structured, and we +[helped](https://cabforum.org/2021/04/22/ballot-sc42-398-day-re-use-period/) +[make](https://cabforum.org/2021/06/02/ballot-sc46-sunset-the-caa-exception-for-dns-operator/) +[improvements](https://cabforum.org/2021/05/01/ballot-sc44-clarify-acceptable-status-codes/) +such as +[tightening](https://cabforum.org/2021/06/03/ballot-sc45-wildcard-domain-validation/) +validation procedures for wildcard certificates and +[sunsetting](https://cabforum.org/2021/06/30/ballot-sc47v2-sunset-subjectorganizationalunitname/) +an unvalidated certificate field. We distrusted the Camerfirma CA, initially +planned for Chrome 90 but later delayed until Chrome 91 due to the exceptional +circumstances of some Covid-19 related government websites being slow to +migrate. + +On the TLS front, we launched a performance improvement to the latest version of +TLS — [zero round-trip +handshakes](https://www.chromestatus.com/feature/5447945241493504) in TLS 1.3 — +to Canary and Dev. We +[announced](https://groups.google.com/a/chromium.org/g/blink-dev/c/RShdgyaDoX4/m/JikQYHPuBQAJ) +and implemented the removal of the obsolete 3DES cipher. Finally, a new privacy +feature for TLS, [Encrypted Client +Hello](https://www.chromestatus.com/feature/6196703843581952), is now +implemented in our TLS library, with integration into Chrome ongoing. + +The Open Web Platform Security team implemented and specced a first version of +the [Sanitizer API](https://wicg.github.io/sanitizer-api/), that will help +developers avoid pesky XSS bugs. In combination with [Trusted +Types](https://web.dev/trusted-types/#:~:text=Trusted%20Types%20give%20you%20the,is%20available%20for%20other%20browsers.) +that we released last year, it will help websites defend against XSS attacks. + +CORS-RFC1918 got renamed to Private Network Access. We are ready to ship +[restrictions on accessing resources from private networks from public HTTP +pages](https://developer.chrome.com/blog/private-network-access-update/) in +Chrome 94: public HTTP pages will no longer be able to request resources from +private networks. We will have a reverse Origin Trial in place until our +preferred workaround (WebTransport) has shipped. We are also working on the next +stage of Private Network Access restrictions, where we will send a CORS +preflight when a public page tries to access a private resource. + +CrossOriginIsolated is really difficult to adopt for websites. We’re planning to +make a few changes to help with deployment. First, we have a new version of +[COEP](https://html.spec.whatwg.org/multipage/origin.html#coep): +[credentialless](https://developer.chrome.com/blog/coep-credentialless-origin-trial/) +currently undergoing an Origin Trial. It will help developers deploy COEP when +they embed third-party subresources. We’re also working on [anonymous +iframes](https://github.com/camillelamy/explainers/blob/main/anonymous_iframes.md), +to deploy COEP on pages that embed legacy 3rd party iframes. And we want to have +[COOP same-origin-allow-popups + COEP enable +crossOriginIsolated](https://github.com/camillelamy/explainers/blob/main/coi-with-popups.md) +to help with OAuth and payment flows support. + +In Q1, the Security Architecture team continued work on several Site Isolation +efforts: isolating sites that use [COOP](https://crbug.com/1018656) or +[OAuth](https://crbug.com/960888) on Android, metrics for protecting data with +[ORB](https://github.com/annevk/orb), better handling of about:blank origins and +tracking of content scripts, and helping with the communications for the +[Spectre +proof-of-concept](https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html) +and +[recommendations](https://blog.chromium.org/2021/03/mitigating-side-channel-attacks.html). +Additionally, [Origin Agent Cluster](https://web.dev/origin-agent-cluster/) +shipped in Chrome 88, offering process isolation at an origin granularity (for +performance reasons rather than security). We explored [new +options](https://chromium-review.googlesource.com/c/chromium/src/+/2782585) for +memory safety and helped with the +[MiraclePtr](https://docs.google.com/document/d/1pnnOAIz_DMWDI4oIOFoMAqLnf_MZ2GsrJNb_dbQ3ZBg/edit?usp=sharing) +experiments. Finally, we made several stability improvements, continued +refactoring for [SiteInstanceGroup](https://crbug.com/1195535), and helped +unblock the +[MPArch](https://docs.google.com/document/d/1NginQ8k0w3znuwTiJ5qjYmBKgZDekvEPC22q0I4swxQ/edit) +work. + +Q2 saw work improving Site Isolation protections for Origin headers (via request +initiator enforcements) and extension IPCs. We started several Site Isolation +related beta trials, including isolating [more](https://crbug.com/1018656) +[sites](https://crbug.com/960888) on Android and [isolating +extensions](https://crbug.com/1209417) from each other on desktop. We started an +early prototype of [isolating same-site sandboxed +iframes](https://crbug.com/510122) and analyzed metrics for protecting data with +[ORB](https://github.com/annevk/orb), as well. We also contributed to several +efforts to improve memory safety in Chrome, solved long-standing speculative +RenderFrameHost crashes, and improved support for [Origin Agent +Cluster](https://web.dev/origin-agent-cluster/). + +The Platform Security team had a busy first half of the year. We have now +deployed Hardware-enforced stack protection for Windows (also known as +Control-flow Enforcement Technology, +[CET](https://software.intel.com/content/www/us/en/develop/articles/technical-look-control-flow-enforcement-technology.html)) +to most Chrome processes, on supported hardware. CET protects against control +flow attacks attempting to subvert the return from a function, and we +[blogged](https://security.googleblog.com/2021/05/enabling-hardware-enforced-stack.html) +about this earlier in the year. + +With the returns from functions now protected by CET, we are making good headway +in protecting the function calls themselves — indirect calls, or 'icalls' using +[CFG](https://blog.trailofbits.com/2016/12/27/lets-talk-about-cfi-microsoft-edition/) +(Control Flow Guard). We have full CFG support for all processes behind a +compile time flag 'win_enable_cfg_guards = true', so please try it, but in the +meantime we are working on ironing out performance issues so we can roll it out +to as many processes as possible. + +The stack canary mitigation has been significantly strengthened on Linux and +Chrome OS. These platforms use the zygote for launching new processes, so the +secret stack canary value was the same in each process, which means the +mitigation is useless once an attacker has taken over a single process. The +stack canaries are now re-randomized in each process. + +On macOS, we finished our complete rollout of [our V2 sandbox +architecture](https://chromium.googlesource.com/chromium/src/sandbox/+/HEAD/mac/seatbelt_sandbox_design.md) +with the launch of the new GPU process sandbox. That marks the end of a nearly +four-year project to eliminate the unsandboxed warm-up phase of our processes, +which reduces the amount of attack surface available to a process. In addition, +we [enabled macOS +11’s](https://chromium.googlesource.com/chromium/src/+/46e23c8166086ef63e7d383149d4c91f30b7415e) +new [RIDL](https://mdsattacks.com/) CPU mitigation for processes that handle +untrustworthy arbitrary compute jobs (e.g. renderers). + +GWP-ASAN is being field trialed on Linux, Chrome OS, and Android. GWP-ASAN is a +sampling allocation tool designed to detect heap memory errors occurring in +production with negligible overhead, providing allocation/deallocation/crashing +stack traces for production crashes. It has already been launched on macOS and +Windows but hopefully launching on new platforms should help us find and fix +bugs in platform-specific code. + +XFA (the form-filling part of PDF) is now using Blink's garbage collector +[Oilpan](https://chromium.googlesource.com/chromium/src/+/refs/heads/main/third_party/blink/renderer/platform/heap/BlinkGCAPIReference.md), +protecting against use-after-frees in this code. The PDF code is also being +moved from its own process that uses the legacy Pepper interface (previously +used for Flash) into the same process as web content. + +The work on the network service sandbox continues apace. Previously the sandbox +technology being used on Windows was the same one used for the renderer (the +[restricted +token](https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/design/sandbox.md#the-token) +sandbox). However, this tighter sandbox caused issues with parts of the network +stack such as Windows Authentication and +[SSPI](https://docs.microsoft.com/en-us/windows/win32/rpc/security-support-provider-interface-sspi-) +providers, so we are moving to an LPAC (Less Privilege App Container) sandbox +which should play much nicer with enterprises. + +Speaking of enterprises, we landed a new set of policies to control the use of +the JIT (Just-In-Time) compiler in [V8](https://v8.dev/) (our JavaScript +engine). These policies allow enterprises to set a [default +policy](https://chromeenterprise.google/policies/#DefaultJavaScriptJitSetting) +and also to +[enable](https://chromeenterprise.google/policies/#JavaScriptJitAllowedForSites) +or +[disable](https://chromeenterprise.google/policies/#JavaScriptJitBlockedForSites) +JIT for certain sites. The V8 JIT has often been a juicy target for exploit +writers, and by not having any dynamically generated code we can also enable OS +mitigations such as CET (see above) and ACG (Arbitrary Code Guard) in renderer +processes to help prevent bugs from being turned into exploits as easily. +Disabling the JIT does have some drawbacks on web compatibility and performance +— but our friends in Edge subsequently wrote a great +[blog](https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/) +exploring this debate which we encourage you to read before deploying this +policy. + +In Q1 the extended team working on permissions was excited to start rolling out +the fruits of several collaborations from last year, including the MVP of the +Chrome Permission Suggestion Service (CPSS) to suppress +very-unlikely-to-be-granted prompts, the automatic revocation of notification +permission on abusive sites, a complete revamp of chrome://settings/content +pages, and experiments for Permission Chip and one-time permission grants. CPSS +reduces unwanted interruptions (number of explicit decisions which are +dismissed, denied or granted) by 20 to 30%. Additionally, the less disruptive +'chip' permission UI is now live for all users for location permission requests +and we’re migrating other permissions to the new pattern. + +We organized a virtual workshop on next-gen permissions, identifying the core +themes – modes, automation, and awareness – for future explorations, and we +conducted our very first qualitative UXR study to better understand users’ +mental models and expectations with permissions + +We'll be back to our quarterly update cadence with news from Q3 later in the +year. + +Cheers, + +Andrew + +## Q4 2020 + +## Greetings, + +## Even as 2021 is well underway, here's a look back at what Chrome Security was up to in the last quarter of 2020. + +## Interested in helping to protect users of Chrome, Chromium, and the entire web? We're hiring! Take a look at [g.co/chrome/hiring](https://g.co/chrome/hiring), with several of the roles in Washington, DC: [g.co/chrome/securityprivacydc](https://g.co/chrome/securityprivacydc). + +## The Usable Security team fully launched a new warning for [lookalike domain names](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/lookalikes/lookalike-domains.md): low-quality or suspicious domains that make it hard for people to understand which website they’re actually visiting. We continued to place some final nails in the coffin of [mixed content](https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html) (insecure subresources on secure pages). Secure pages are no longer allowed to initiate any [insecure downloads](https://blog.chromium.org/2020/02/protecting-users-from-insecure.html) as of Chrome 88. We uncovered some issues with our new [warning on mixed form submissions](https://blog.chromium.org/2020/08/protecting-google-chrome-users-from.html) due to redirects, and this warning will be re-launching in Chrome 88 as well. + +## With HTTPS adoption continuing to rise, it’s now time to begin treating https:// as the default protocol, so we began implementing a change to the Chrome address bar to default to https:// instead of http:// if the user doesn’t type a scheme. Stay tuned for more information about this change in Q1. + +## To improve the security of the Certificate Transparency (CT) ecosystem, we began dogfooding an [opt-in approach](https://docs.google.com/document/d/1G1Jy8LJgSqJ-B673GnTYIG4b7XRw2ZLtvvSlrqFcl4A/edit) to audit CT information seen in the wild, and we started [designing](https://docs.google.com/document/d/1YTUzoG6BDF1QIxosaQDp2H5IzYY7_fwH8qNJXSVX8OQ/edit#heading=h.7nki9mck5t64) improvements to make this approach more resilient. + +## The Chrome Safe Browsing team helped the Chrome for iOS team roll out real-time Safe Browsing protections in Chrome 86 for iOS. Also, in addition to our existing mechanism to disable malicious Chrome Extensions with a large install base, we rolled out a new mechanism that allows us to also disable malware extensions with a small install base. + +## On the memory safety front, we've been getting ready to ship [Oilpanned](https://chromium.googlesource.com/chromium/src/+/HEAD/third_party/blink/renderer/platform/heap/BlinkGCAPIReference.md) [XFA](https://en.wikipedia.org/wiki/XFA) and continue to engage with the [MiraclePtr and \*Scan](https://docs.google.com/document/d/1pnnOAIz_DMWDI4oIOFoMAqLnf_MZ2GsrJNb_dbQ3ZBg/edit#) project. As those initiatives are treating the symptom rather than the cause, we continue to investigate what a safer dialect of C++ would look like, and to improve Rust/C++ interoperability ahead of any possible future rust experiments. Ongoing work on exploit mitigations includes [Control-flow Enforcement Technology](https://newsroom.intel.com/editorials/intel-cet-answers-call-protect-common-malware-threats/), [GWP-ASan](https://chromium.googlesource.com/chromium/src/+/lkgr/docs/gwp_asan.md), and [Control Flow Guard](https://docs.microsoft.com/en-us/windows/win32/secbp/control-flow-guard). + +## We’re also working on reducing the privilege of the network service sandbox on Windows. We’re planning to do the same on Android later in the year. + +## [FuzzBench](https://github.com/google/fuzzbench) continues to help the research community benchmark and create more efficient fuzzing engines (e.g. [AFL++ 3.0](https://github.com/AFLplusplus/AFLplusplus/releases/tag/3.0c), [SymQEMU](https://twitter.com/mboehme_/status/1351729922364960770), etc). We added support for [bug-based benchmarking](https://github.com/google/fuzzbench/search?p=1&q=%22type%3A+bug%22) ([sample report](https://www.fuzzbench.com/reports/2020-12-19-bug/index.html)), [fuzzer stats api](https://github.com/google/fuzzbench/pull/648), [saturated corpora testing](https://github.com/google/fuzzbench/pull/760). Our [OSS-Fuzz](https://github.com/google/oss-fuzz) platform now has first-class support for [Python fuzzing](https://google.github.io/oss-fuzz/getting-started/new-project-guide/python-lang/), and continues to grow at a brisk pace ([~400](https://github.com/google/oss-fuzz/tree/master/projects) projects, [25K+](https://bugs.chromium.org/p/oss-fuzz/issues/list?q=-status%3AWontFix%2CDuplicate&can=1) bugs). Based on community feedback, we created a lightweight, standalone [ClusterFuzz python package](https://pypi.org/project/clusterfuzz/) (alpha) for common fuzzing use cases, e.g. stacktrace parsing. We have refactored [AFL fuzzing integration](https://github.com/google/clusterfuzz/pull/2147) to use the [engine interface](https://github.com/google/clusterfuzz/blob/master/src/python/lib/clusterfuzz/fuzz/engine.py). We have been working on a solution to better track vulnerabilities in third-party dependencies. We have also bootstrapped several open source security efforts under the [OpenSSF](https://openssf.org/) foundation, e.g. [security scorecards](https://opensource.googleblog.com/2020/11/security-scorecards-for-open-source.html), [finding critical projects](https://opensource.googleblog.com/2020/12/finding-critical-open-source-projects.html), etc. + +## We implemented blocking of requests from insecure contexts to private networks (first part of [CORS-RFC1918](https://web.dev/cors-rfc1918-feedback/)), and are analyzing metrics to chart a path to launch. + +## We introduced the [PolicyContainer](https://github.com/antosart/policy-container-explained) to squash bugs around inheritance of security policies to about:blank, srdoc or javascript documents. + +## We also implemented a first version of a [Sanitizer API](https://github.com/WICG/sanitizer-api) and started the specification process. + +## With [CrossOriginOpenerPolicy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy) (COOP) and [CrossOriginEmbedderPolicy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy) (COEP) launched, we were able to [re-enable SharedArrayBuffers on Android](https://docs.google.com/document/d/1tXfF0sdMQJPtwc2qEGF_V_z5xiCkP3ayS5ByRz6Rc-A/edit?ts=5f236efa) gated behind crossOriginIsolated (a.k.a COOP+COEP), which Firefox has also done. We have a plan to [deprecate all SAB usage without crossOriginIsolated](https://groups.google.com/a/chromium.org/g/blink-dev/c/1NKvbIj3dq4/m/cdfo-JazBQAJ) in Chrome 91 (with reverse Origin Trial until Chrome 93). + +## This will require users of SharedArrayBuffers to adopt COOP and COEP. Adopting COEP has proved difficult. We have heard that the deployment of COEP was difficult for a certain number of websites that embed third-party content. We are considering a new form of COEP that might alleviate those issues: [credentialless](https://github.com/mikewest/credentiallessness). To help drive adoption of COOP we moved the [COOP reporting API](https://web.dev/coop-coep/) out of Origin Trial to on by default in Chrome 89. + +## We have started to collect [metrics](https://deprecate.it/) on dangerous web behaviors, with the hope of driving them down. The first one we’ll likely be looking at is [document.domain](https://github.com/mikewest/deprecating-document-domain). + +## The Security Architecture team completed the [CORS for content scripts migration](/Home/chromium-security/extension-content-script-fetches) in Chrome 87, removing the allowlist for older extensions and strengthening Site Isolation for all desktop users! Opt-in origin isolation was renamed to [Origin-Keyed Agent Clusters](https://www.chromestatus.com/feature/5683766104162304) and is on track to launch in Chrome 88. We are making progress towards additional Android Site Isolation for OAuth and COOP sites, and we helped secure SkBitmap IPCs against memory bugs. Finally, we have been investing in architecture changes, including [SiteInfo](https://source.chromium.org/chromium/chromium/src/+/HEAD:content/browser/site_instance_impl.h;drc=62f7e7ad10582e60fb724e65dd2b088d4837fe4e;l=28) to better track principals and SiteInstanceGroup to simplify the process model, along with significant reviews for [Multiple Page Architecture](https://docs.google.com/document/d/1NginQ8k0w3znuwTiJ5qjYmBKgZDekvEPC22q0I4swxQ/edit?usp=sharing) and [Multiple Blink Isolates](https://docs.google.com/document/d/1qgDcgQWIXbsJrJUPuqnXv7sy8zf9xrf1ol90D0g7H5o/edit?usp=sharing). + +## Cheers, + +## Andrew, on behalf of the Chrome security team + +## Q3 2020 + +Greetings, + +Here's an update on what the teams in Chrome Security have been up to in the +third quarter of 2020. + +The Chrome Safe Browsing team continued the [roll-out of Enhanced Safe +Browsing](https://security.googleblog.com/2020/05/enhanced-safe-browsing-protection-now.html) +by launching it on Android in Chrome 86, and [releasing a +video](https://www.youtube.com/watch?v=w8uNzQqsTrU) with background on the +feature. We also launched [deep scanning of suspicious +downloads](https://security.googleblog.com/2020/09/improved-malware-protection-for-users.html), +initially for users of Google’s Advanced Protection program, which received +[positive +coverage](https://www.theverge.com/2020/9/16/21439599/google-chrome-scan-malicious-files-safe-browsing-advanced-protection). + +This quarter the Usable Security team vanquished a longtime foe: http:// +subresources on https:// pages. [Mixed +content](https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html) +is either upgraded to https:// or blocked. We also built new warnings for [mixed +forms](https://blog.chromium.org/2020/08/protecting-google-chrome-users-from.html) +and continued rolling out [mixed download +blocking](https://blog.chromium.org/2020/02/protecting-users-from-insecure.html). +These launches protect users’ privacy and security by decreasing plaintext +content that attackers can spy on or manipulate. + +In Chrome 86, we are beginning a gradual rollout of a new low-confidence warning +for lookalike domains. We also expanded our existing [lookalike +interstitial](https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html). + +Finally, we rolled out a 1% Chrome 86 +[experiment](https://blog.chromium.org/2020/08/helping-people-spot-spoofs-url.html) +to explore how simplifying the URL in the address bar can improve security +outcomes. + +The Platform Security team continued to move forward on memory safety: With Rust +currently not approved for use in Chromium, we must try to improve C++. Toward +that end, the [PDFium +Oilpan](https://docs.google.com/document/d/1WiZCu0D2RvdpBkYuUdL571oFlj0kSaXU1HhdoL7438Y/edit#heading=h.v9as6odlrky3) +and +[MiraclePtr/\*Scan](https://docs.google.com/document/d/1pnnOAIz_DMWDI4oIOFoMAqLnf_MZ2GsrJNb_dbQ3ZBg/edit) +projects are moving forward quickly and ready to try in Q4 and Q1 2021. + +In Sandboxing news, we made changes to Linux and our calling code to handle +coming glibc changes, servicifying the Certificate Verifier (unblocking work to +isolate the network service), and getting a better grip on Mojo. + +Bugs-- has started encouraging Chrome developers to submit vulnerability +analysis after the bug is fixed +([example](https://bugs.chromium.org/p/chromium/issues/detail?id=1126424#c41)). +This guides our future work on eliminating common bug patterns. We +cross-collaborated with fuzzing teams across Google to host 50 summer interns, +with strong impact across Chrome and other critical open source software (see +[blog +post](https://opensource.googleblog.com/2020/10/fuzzing-internships-for-open-source.html)). +We have added automated regression testing of past fixed crashes for +engine-based fuzzers (e.g. libFuzzer, AFL). We have made several changes to our +underlying fuzzing and build infrastructures - UI improvements, Syzkaller +support, OSS-Fuzz builder rewrite, etc. Lastly, we continue to push fuzzing +research across the industry using our FuzzBench benchmarking platform and have +led to improvements in +[AFL++](https://github.com/google/fuzzbench/commits?author=vanhauser-thc), +[libFuzzer](https://github.com/google/fuzzbench/commits?author=dokyungs) and +[Honggfuzz](https://github.com/google/fuzzbench/commits?author=robertswiecki) +fuzzing engines. + +The Open Web Platform security team continues to focus on two problems: +injection attacks, and isolation primitives. + +Regarding injection, we're polishing our [Trusted +Types](https://web.dev/trusted-types/) implementation, supporting Google's +security team with bug fixes as they continue to roll it out across Google +properties. We're following that up with experimental work on a [Sanitizer +API](https://github.com/WICG/sanitizer-api) that's making good progress, and +some hardening work around policy inheritance to fix a class of bugs that have +cropped up recently. + +For isolation, we're continuing to focus on +[COOP](https://web.dev/why-coop-coep/#coop) deployment. We shipped COOP's +report-only mode as an origin trial, and we're aiming to re-enable +SharedArrayBuffers behind COOP+COEP in Chrome 88 after shipping some changes to +the process model in Chrome 87 to enable \`crossOriginIsolated\`. + +In Q3, Chrome's Security Architecture team has enabled CORS for extension +content scripts in Chrome 85, moving to a more secure model against compromised +renderers. We made further progress on opt-in origin isolation, and we took the +first steps towards several improved process model abstractions for Chrome. +MiraclePtr work is progressing towards experiments, and we wrapped up the test +infrastructure improvements from last quarter. + +The CA/Browser Forum guidelines got big updates, with ballots to overhaul the +guidelines to [better match browser +requirements](https://github.com/cabforum/documents/pull/195), including +certificate lifetimes, and long overdue [cleanups and +clarifications](https://github.com/cabforum/documents/pull/208). One good revamp +deserves another, and the [Chrome Root Certificate +Policy](https://g.co/chrome/root-policy) got a big facelift, as part of +transitioning to a Chrome Root Store. + +CT Days 2020 [was held in +September](https://docs.google.com/document/d/18hRJQW5Qzgcb87P-YIkWIuna9_pRUNGsZPC4V0fiq5w/preview), +including the big announcement that Chrome was working to remove the One Google +Log requirement by implementing [SCT +auditing](https://docs.google.com/document/d/1G1Jy8LJgSqJ-B673GnTYIG4b7XRw2ZLtvvSlrqFcl4A/edit). + +[This +summer](https://security.googleblog.com/2020/10/fuzzing-internships-for-open-source.html), +we also hosted an intern who worked on [structure-aware ASN.1 +fuzzing](https://github.com/google/libprotobuf-mutator-asn1), and began +integration with BoringSSL. + +Cheers, + +Andrew, on behalf of the Chrome security team + +## Q2 2020 + +Greetings, + +The 2nd quarter of 2020 saw Chrome Security make good progress on multiple +fronts, all helping to keep our users, and the web safe. + +The Chrome Safe Browsing team launched real-time phishing protection for all +Android devices, and observed a 164% increase in phishing warnings for +main-frame URLs. We also completed the rollout of [Enhanced Safe +Browsing](https://security.googleblog.com/2020/05/enhanced-safe-browsing-protection-now.html) +to all users of Chrome on desktop platforms. + +We helped the Chrome for iOS team implement hash-based Safe Browsing protection +in Chrome 84 for iOS for the first time ever. Also working with various teams, +most notably the Mobile UX, we made significant progress in shipping Enhanced +Safe Browsing in Chrome 86 for Android. + +For desktop platforms, we landed changes to the in-browser phishing detection +mechanism to help reduce phishing false negatives using new machine learning +models for Chrome 84 and beyond. We also finalized the plan to disable more +malicious Chrome Extensions, starting with Chrome 85. + +The Enamel team put the finishing touches on our work to prevent https:// pages +from loading insecure content. We built a new warning for https:// pages with +forms targeting insecure endpoints, and prepared to start rolling out [mixed +download +warnings](https://blog.chromium.org/2020/02/protecting-users-from-insecure.html) +in Chrome 84. This release will also include [mixed image +autoupgrading](https://security.googleblog.com/2019/10/no-more-mixed-messages-about-https_3.html) +and the second phase of [TLS 1.0/1.1 +deprecation](https://security.googleblog.com/2019/10/chrome-ui-for-deprecating-legacy-tls.html). + +Even on an https:// website, users need to accurately understand which website +they’re visiting. We expanded our [lookalike domain +warning](https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html) +with new triggering heuristics, and prepared to launch an additional warning +(pictured) for lower-precision heuristics in M86. + +The Platform Security team continued to make good progress on many of our longer +term projects, including sandboxing the network service (and associated +certificate verification servicification), +[adopting](https://docs.google.com/document/d/1WiZCu0D2RvdpBkYuUdL571oFlj0kSaXU1HhdoL7438Y/) +Oilpan garbage collection in PDFium's XFA implementation, and investigating +memory safety techniques, and exploitation mitigation technologies. + +Along with our colleagues in Chrome Security Architecture, we've sharpened the +security focus on +[Mojo](https://chromium.googlesource.com/chromium/src/+/HEAD/mojo/README.md), +Chrome's IPC system, and started looking at what's needed to improve developer +ergonomics and make it easier to reason about communicating over security +boundaries. Also with CSA, we've worked on how +[MiraclePtr](https://docs.google.com/document/d/1pnnOAIz_DMWDI4oIOFoMAqLnf_MZ2GsrJNb_dbQ3ZBg/edit?usp=sharing) +could help prevent use after free bugs in C++ code. + +Bugs-- continued to develop and improve the FuzzBench platform which has helped +the security research community develop more efficient fuzzing engines +(HonggFuzz, AFL++ got several improvements and leads the [benchmarking +results](https://www.fuzzbench.com/reports/2020-07-13/index.html)). Based on +FuzzBench results, we have successfully integrated +[Entropic](https://mboehme.github.io/paper/FSE20.Entropy.pdf) as a fuzzing +strategy in ClusterFuzz. We have started rewriting/improving several Chrome +blackbox fuzzers (e.g. dom, webbot, media, ipc), and also deprecated ~50 +duplicate/unneeded fuzzers. In OSS-Fuzz service, we added first-class fuzzing +support for +[Golang](https://google.github.io/oss-fuzz/getting-started/new-project-guide/go-lang/) +and +[Rust](https://google.github.io/oss-fuzz/getting-started/new-project-guide/rust-lang/) +languages (better compiler instrumentation, crash parsing, and easier project +integration) and improved CI (e.g. Honggfuzz checks). Lastly, we worked closely +with Android Security and improved ClusterFuzz for on-device and host fuzzing +use cases (e.g. syzkaller support, pixel hardware fuzzing). + +The Open Web Platform Security team remained focused on mitigating injection +attacks on the one hand, and improving isolation of sensitive content on the +other. Q2 was exciting on both fronts! + +We shipped an initial implementation of [Trusted +Types](https://web.dev/trusted-types/), which gives developers the ability to +meaningfully combat DOM XSS, and nicely compliments CSP's existing mitigations +against other forms of injection. Google has deployed Trusted Types in +high-value applications like [My Google +Activity](https://myactivity.google.com/), and we're excited about further +rollouts. +We also rolled out our first pass at [two new isolation +primitives](https://web.dev/coop-coep): Cross-Origin Opener Policy and +Cross-Origin Embedder Policy. Opting-into these mechanisms improves our ability +to process-isolate your pages, mitigating some impacts of Spectre and XSLeaks, +which makes it possible to safely expose powerful APIs like SharedArrayBuffers. + +The Chrome Security Architecture team has started Origin Trials for [opt-in +origin isolation](https://www.chromestatus.com/feature/5683766104162304), +allowing origins to use separate processes from the rest of their site. We have +also made progress on [securing extension content script +requests](/Home/chromium-security/extension-content-script-fetches) and +enforcements for request initiators, and we improved the update mechanism for +Android Site Isolation's list of isolated sites. Much of Q2 was spent on cleanup +and documentation, though, particularly test infrastructure and flaky test +improvements. Finally, we also contributed to +[MiraclePtr](https://docs.google.com/document/d/1pnnOAIz_DMWDI4oIOFoMAqLnf_MZ2GsrJNb_dbQ3ZBg/edit?usp=sharing) +efforts to reduce memory bugs, and we helped more teams use WebUI by adding +support for web iframes. + +In the world of the Web PKI, TLS certificates issued from default-trusted CAs +after 2020-09-01 will be rejected if their lifetime is greater than 398 days, +beginning with Chrome 85. See the [documentation and +FAQ](https://chromium.googlesource.com/chromium/src/+/HEAD/net/docs/certificate_lifetimes.md). +This is part of a number of changes [adopted +by](https://cabforum.org/2020/07/16/ballot-sc31-browser-alignment/) CA/Browser +Forum with unanimous support from major Browsers, which aligns the Baseline +Requirements with many existing Browser root program requirements. + +We continued informal cross-browser collaboration and met with the European +Union on their eIDAS Regulation, exploring how certificates can be used to +provide identity information for domains in a manner consistent with the Web +Platform. + +Until next time, on behalf of Chrome Security, I wish you all the very best. + +Andrew + +## Q1 2020 + +Greetings, + +Amongst everything the first quarter of 2020 has thrown at the world, it has +underlined the crucial role the web plays in our lives. As always, the Chrome +Security teams have been focusing on the safety of our users, and on keeping +Chrome secure and stable for all those who depend on it. + +The Chrome Safe Browsing team, with the support of many teams, introduced a new +Safe Browsing mode that users can opt-in to get “faster, proactive protection +against dangerous websites, downloads, and extensions.” + +We launched [previously +announced](https://www.blog.google/products/chrome/better-password-protections/) +faster phishing protection to Chrome users on high-memory Android devices. This +led to a 116% increase in the number of phishing warnings shown to users for +main frame URLs. + +We also launched predictive phishing protections to all users of Chrome Password +Manager on Android, which warns users when they type their saved password on an +unsafe website. The initial estimate from the launch on Beta population suggests +an 11% increase in the number of warnings shown compared to that on Windows. + +Chrome's Enamel team finalized plans to bring users a more secure HTTPS +ecosystem by blocking [mixed +content](https://security.googleblog.com/2019/10/no-more-mixed-messages-about-https_3.html), +[mixed +downloads](https://blog.chromium.org/2020/02/protecting-users-from-insecure.html), +and [legacy TLS +versions](https://security.googleblog.com/2019/10/chrome-ui-for-deprecating-legacy-tls.html). +These changes have now been delayed due to changing global circumstances, but +are still planned for release at the appropriate time. + +To improve how users understand website identity, we experimented with a [new +security indicator +icon](https://bugs.chromium.org/p/chromium/issues/detail?id=1008219) for +insecure pages. We also experimentally launched a [new +warning](https://bugs.chromium.org/p/chromium/issues/detail?id=982930) for sites +with spoofy-looking domain names. We’re now analyzing experiment results and +planning next steps for these changes. + +The Platform Security team made significant forward progress on enabling the +network service to be sandboxed on all platforms (it already is on macOS). This +required getting significant changes into Android R, migrating to a new way of +using the Data Protection API on Windows (which had the side-effect of [breaking +some crime rings’ +operations](https://www.zdnet.com/article/chrome-80-update-cripples-top-cybercrime-marketplace/), +albeit +[temporarily](https://www.bleepingcomputer.com/news/security/malware-unfazed-by-google-chromes-new-password-cookie-encryption/)), +and more. When complete, this will reduce the severity of bugs in that service +from Critical to High. + +We also made progress on Windows sandboxing, working towards adopting +AppContainer, and are refactoring our Linux/Chrome OS sandbox to handle +disruptive upstream changes in glibc and the kernel. + +Discussions about the various ways we can improve memory safety continue, and we +laid plans to migrate PDFium’s XFA support to +[Oilpan](https://chromium.googlesource.com/chromium/src/+/HEAD/third_party/blink/renderer/platform/heap/BlinkGCAPIReference.md) +garbage collection, with the help of Oilpan and V8 teams. This will enable us to +safely ship XFA in production, hopefully in 2020. + +The bugs-- team launched [FuzzBench](https://github.com/google/fuzzbench), a +fuzzer benchmarking platform to bridge the gap between academic fuzzing research +and industry fuzzing engines (e.g libFuzzer, AFL, Honggfuzz). We have integrated +new techniques in ClusterFuzz to improve fuzzing efficiency and break coverage +walls - dataflow trace based fuzzing, in-process grammar mutators (radamsa, +peach). Also, launched +[CIFuzz](https://google.github.io/oss-fuzz/getting-started/continuous-integration/) +for OSS-Fuzz projects to catch obvious security regressions in a project’s +continuous integration before they are checked in. + +The Chrome Security Architecture (née Site Isolation) team has been +strengthening Site Isolation this quarter. We're [securing extension content +script requests](/Home/chromium-security/extension-content-script-fetches) to +unify CORS and CORB behavior, and we're progressing with a +[prototype](https://crbug.com/1042415) to let websites opt in to [origin-level +isolation](https://github.com/WICG/origin-isolation). To improve Chrome's +security architecture, the team is working on a proposal for a new +SecurityPrincipal abstraction. We have also cleaned up RenderWidget/RenderView +lifetimes. Finally, we are starting to formalize our thinking about privilege +levels and their interactions in Chrome. We are enumerating problem spots in IPC +and other areas as we plan the next large projects for the team. + +For the past five years, Chrome, along with counterparts at browser vendors such +as Mozilla, Microsoft, Apple, Opera, and Vivaldi, have been discussing technical +challenges involved in [the eIDAS +Regulation](https://ec.europa.eu/futurium/en/content/eidas-regulation-regulation-eu-ndeg9102014) +with members of the European Commission, [ETSI](https://www.etsi.org/), and +[European Union Agency for Cybersecurity (ENISA)](https://www.enisa.europa.eu/). +These discussions saw more activity this past quarter, with browsers [publicly +sharing](https://cabforum.org/pipermail/servercert-wg/2020-January/001555.html) +an [alternative technical +proposal](https://cabforum.org/pipermail/servercert-wg/attachments/20200114/3a5fa74c/attachment-0001.pdf) +to the current ETSI-defined approach, in order to help the Commission make the +technology easier to use and interoperate with the web and browsers. + +We announced [Chrome’s 2020 Certificate Transparency +plans](https://groups.google.com/a/chromium.org/d/msg/ct-policy/dqFtoFBy8YU/Xa67FWVCEgAJ) +with a focus on removing “One Google Log” policy dependency. Pending updates to +travel policy, we have tentatively planned CT Days 2020 and sent out an +[interest +survey](https://docs.google.com/forms/d/1NzHadfwhqUPEXqcHHtZTwfVDS1yj9vGvhP0y1qluYEU/edit) +for participants. + +Until next time, on behalf of Chrome Security I wish you all the very best. + +Andrew + +## Q4 2019 + +As we start 2020 and look forward to a new year and a [new +decade](https://xkcd.com/2249/), the Chrome Security Team took a moment to look +back at the final quarter of 2019. + +The Safe Browsing team launched two features that significantly improve phishing +protections available to Chrome users: + +We reduced the false negative rate for Safe Browsing lookups in Chrome by +launching [real-time Safe Browsing +lookups](https://security.googleblog.com/2019/12/better-password-protections-in-chrome.html) +for users who have opted in to “Make Searches and Browsing better.” Early +results are promising, with up to [55% more warnings +shown](https://screenshot.googleplex.com/EADPM3soc10) to users who had this +protection turned on, compared to those who did not. + +A while ago we launched predictive phishing protections to warn users who are +syncing history in Chrome when they enter their Google Account password into +suspected phishing sites that try to steal their credentials. [With the Chrome +79](https://security.googleblog.com/2019/12/better-password-protections-in-chrome.html), +we expanded this protection to everyone signed in to Chrome, even if you have +not enabled Sync. In addition, this feature will now work for all the passwords +that the user has stored in Chrome’s password manager; this will show an +estimated 10 times more warnings daily. + +We also had two telemetry based launches for sending pings to Safe Browsing when +users who have opted into Safe Browsing Extended Reporting focus on password +fields and reuse their passwords on Android. + +[HTTPS adoption](https://transparencyreport.google.com/https/overview?hl=en) has +risen dramatically, but +[many](https://chromestatus.com/metrics/feature/timeline/popularity/609) +https:// pages still include http:// subresources — known as mixed content. In +October, the Usable Security team published a +[plan](https://security.googleblog.com/2019/10/no-more-mixed-messages-about-https_3.html) +to eradicate mixed content from the web. The first phases of this plan started +shipping in Chrome 79. In Chrome 79, we relocated the setting that allows users +to load mixed content when it’s blocked by default. This setting used to be a +shield icon in the Omnibox, and is now available in Site Settings instead. In +Chrome 80, mixed audio and video will be automatically upgraded to https://, and +they will be blocked if they fail to load. We started work on a [web +standard](https://w3c.github.io/webappsec-mixed-content/level2.html) to codify +these changes. See [this +article](https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content) +for how to fix mixed content if you run an affected website. + +Website owners should keep their HTTPS configurations up-to-date with the latest +security settings. Back in 2018, we (alongside other browsers) announced +[plans](https://security.googleblog.com/2018/10/modernizing-transport-security.html) +to remove support for legacy TLS versions 1.0 and 1.1. In October, we updated +these plans to +[announce](https://security.googleblog.com/2019/10/chrome-ui-for-deprecating-legacy-tls.html) +the specific UI treatments that we’ll use for this deprecation. Starting in +January 2020, Chrome 79 will label affected websites with a “Not Secure” chip in +the omnibox. Chrome 81 will show a full-page error. Make sure your server +supports TLS >=1.2 to avoid this warning treatment. + +To continue to polish our security UI, we iterated on our +[warning](https://blog.chromium.org/2019/06/new-chrome-protections-from-deception.html) +for lookalike domains to make the warning more understandable. We introduced a +new gray triangle icon for http:// sites to make a clearer distinction between +http:// and https://. This icon will appear for some users as part of a +small-scale experiment in Chrome 80. Finally, we cleaned up a large backlog of +low severity security UI vulnerabilities. We fixed, closed, or removed +visibility restrictions on 33 out of 42 bugs. + +The Platform Security Team sandboxed the network service on macOS in Chrome 79, +and continued the work on sandboxing it on other Desktop platforms. There is +also some forward momentum for reducing its privilege in version R of Android. + +You can now check the sandboxing state of processes on Windows by navigating to +chrome://sandbox. Also on Windows, we experimented with enabling the renderer +App Container but ran into crashes likely related to third party software, and +are now working to improve error reporting to support future experimentation. +Chrome 79 also saw Code Integrity Guard enabled on supported Windows versions, +blocking unsigned code injection into the renderer process. + +We have also begun investigating new systemic approaches to memory unsafety. +Look for news in 2020, as well as continual improvements to the core libraries +in Chromium and PDFium. + +In Q4, the Bugs-- team moved closer to our goal of achieving 50% fuzzing +coverage in Chrome (it's currently at 48%). We added new features to our +ClusterFuzz platform, such as [Honggfuzz](https://github.com/google/honggfuzz) +support, libFuzzer support for Android, improved fuzzer weights and more +accurate statistics gathering pipeline. We also enabled several new UBSan +features across both Chrome and OSS-Fuzz. As part of OSS-Fuzz, we added Go +language support and on-boarded several new Go projects. We also gave a talk +about ClusterFuzz platform at [Black Hat +Europe](https://www.blackhat.com/eu-19/briefings/schedule/#clusterfuzz-fuzzing-at-google-scale-17505). + +In conversation with our friends and colleagues at Mozilla over the course of +Q4, the Open Web Platform Security team made substantial progress on +[Cross-Origin-Opener-Policy](https://github.com/whatwg/html/issues/3740) and +[Cross-Origin-Embedder-Policy](https://mikewest.github.io/corpp/). These +isolation primitives will make it possible for us to ensure that process +isolation is robust, even as we ship new and exciting APIs that give developers +more capability. Implementations of both are mostly complete behind a flag, and +we're looking forward to getting them out the door, and beginning the process of +relying upon them to [when deciding whether to allow cross-thread access to +shared +memory](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/SharedArrayBuffer/Planned_changes). + +Similarly, we're polishing our implementation of [Trusted +Types](https://w3c.github.io/webappsec-trusted-types/dist/spec/) based on +feedback from origin trials and other vendors' review of the spec. We're still +excited about its potential for injection mitigation, and we're looking forward +to closing out the last few issues we know about in our implementation. + +The Site Isolation team posted to the [Google Security +Blog](https://security.googleblog.com/2019/10/improving-site-isolation-for-stronger.html) +and the [Chromium +Blog](https://blog.chromium.org/2019/10/recent-site-isolation-improvements.html) +about our recent milestones for Site Isolation on Android and defending against +compromised renderer processes. We also gave a talk at [Black Hat +Europe](https://www.blackhat.com/eu-19/briefings/schedule/#site-isolation-confining-untrustworthy-code-in-the-web-browser-17974) +about Site Isolation and how to look for new bypasses for the +[VRP](https://www.google.com/about/appsecurity/chrome-rewards/index.html). At +the same time, we made progress on additional enforcement, and we ran +experiments to expand Android coverage to more devices. Finally, we also used Q4 +to clean up a lot of core Site Isolation code, and we started updating Chrome's +WebUI framework to better support new types of Chrome features without large +risks of privilege escalation. + +In the world of Web PKI Security, as part of our ongoing collaboration with +Microsoft and Mozilla on the [Common CA Database](https://www.ccadb.org/), +"Audit Letter Validation" is now enabled for the full set of publicly trusted +Certificate Authorities. This tool, developed by Microsoft and Mozilla, +automatically validates the contents of audit letters to ensure they include the +information required of a publicly trusted CA. Audit letter validation was +previously done by hand, which was not scalable to CA's 2,500+ intermediate +certificates. + +Audit Letter Validation enabled us and other root stores to detect a wide +variety of issues in the Web PKI that had previously gone unnoticed. We’ve spent +the past quarter leading the incident response effort, working with +non-compliant CAs to remediate issues and mitigate future risk. This helps not +only Chrome users, but all users who trust these CAs. We can now automatically +detect issues as they happen, ensuring prompt remediation. + +We also collaborate with Mozilla to provide [detailed +reviews](https://wiki.mozilla.org/CA/Dashboard#Detailed_CP.2FCPS_Review) of +organizations applying to be CAs, completing several in Q4. These public reviews +take an extremely detailed look at how the CA is operated, looking at both +compliance and for risky behaviour not explicitly forbidden, as well as +opportunities for improvement based on emerging good practices. + +[Certificate Transparency](https://www.certificate-transparency.org/) (CT) +continues to be an integral part of our work. Beyond helping protect users by +allowing quick detection of potentially malicious certificates, the large-scale +analysis that CT enables has been essential in helping improve the Web PKI. +Analysis of CT logs this quarter revealed a number of systemic flaws in how +Extended Validation certificates are validated, which has spurred industry-wide +effort to address these issues. + +We took steps to protect users from trusting harmful certificates that might be +installed by software or which they might be directed to install. Working with +the Enamel team, we built on steps we’d [previously taken to protect +users](https://security.googleblog.com/2019/08/protecting-chrome-users-in-kazakhstan.html) +from certificates used to intercept their communications by adding the ability +to rapidly deploy targeted protections via our +[CRLSet](/Home/chromium-security/crlsets) mechanism. CRLSets allow us to quickly +respond, using the [Component +Updater](https://chromium.googlesource.com/chromium/src/+/HEAD/components/component_updater/README.md), +without requiring a full Chrome release or respin. + +More generally, we continue to work on the “patch gap”, where security bug fixes +are posted in our open-source code repository but then take some time before +they are released as a Chrome stable update. We now make regular refresh +releases every two weeks, containing the latest severe security fixes. This has +brought down the median “patch gap” from 33 days in Chrome 76 to 15 days in +Chrome 78, and we continue to work on improving it. + +Finally, you can read what the Chrome (and other Google) Vulnerability Rewards +Programs have been up to in 2019 in our [recent blog +post](https://security.googleblog.com/2020/01/vulnerability-reward-program-2019-year.html). + +Cheers, + +Andrew, on behalf of the Chrome security team + +## Q3 2019 + +Greetings! + +With the equinox behind us, it's time for an update on what the Chrome security +team has been up to in the third quarter of 2019. + +The Chrome Safe Browsing team +[launched](https://www.blog.google/technology/safety-security/advanced-protection-program-expands-chrome/) +Stricter Download Protections for [Advanced +Protection](https://landing.google.com/advancedprotection/) users in Chrome and +significantly reduce users’ exposure to potentially risky downloads. + +In Q3, Safe Browsing also brought Google password protection to signed in, +non-sync users. This project is code complete, and the team plans to roll it out +in Chrome 79. + +Enamel, the Security UX team, have been looking at mixed content: http:// +subresources on https:// pages. Mixed content presents a confusing UX and a risk +to user security and privacy. After a long-running data-gathering +[experiment](https://groups.google.com/a/chromium.org/d/msg/blink-dev/ZJxkCJq5zo4/4sSMVZzBAwAJ) +on pre-stable channels, the Enamel team +[publicized](https://security.googleblog.com/2019/10/no-more-mixed-messages-about-https_3.html) +plans to start gradually blocking mixed content. In Chrome 79, the team plans to +relocate the setting to bypass mixed content blocking from a shield icon in the +omnibox to Site Settings. In Chrome 80, we will start auto-upgrading mixed audio +and video to https://, blocking resources if they fail to auto-upgrade. Chrome +80 will also introduce a “Not Secure” omnibox chip for mixed images, which we +plan to start auto-upgrading in a future version of Chrome. + +Furthering our quest to improve the quality of HTTPS deployments, we +[announced](https://security.googleblog.com/2019/10/chrome-ui-for-deprecating-legacy-tls.html) +a new UI plan for the upcoming [legacy TLS +deprecation](https://security.googleblog.com/2018/10/modernizing-transport-security.html) +in early 2020. + +In Q3, Enamel also made improvements to our lookalike domain warning, with +clearer strings and new heuristics for detecting spoofing attacks. We also added +additional signals in our [Suspicious Site Reporter +extension](https://chrome.google.com/webstore/detail/suspicious-site-reporter/jknemblkbdhdcpllfgbfekkdciegfboi?hl=en-US) +for power users to identify suspicious sites that they can report to Safe +Browsing for scanning. In Chrome 77, we +[relocated](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/ev-to-page-info.md) +the Extended Validation certificate UI to Page Info; we presented the user +research that inspired this change at [USENIX Security +2019](https://www.usenix.org/conference/usenixsecurity19/presentation/thompson). + +The Platform Security team continues to help improve the memory safety of the +PDFium code base, and have finished removing all bare new/delete pairs, and +ad-hoc refcounting. We continued to push for greater [memory +safety](https://twitter.com/arw/status/1159631867835895808) on a number of +fronts, and are busy working on plans for the rest of the year and 2020. Q3 saw +a number of projects enter trials on Beta and Stable, including the V2 sandbox +for GPU process and network service sandbox on macOS, and Code Integrity Guard +on Windows. Look out for news of their launch in next quarter's update! + +The [XSS Auditor](/developers/design-documents/xss-auditor), which attempted to +detect and prevent reflected XSS attacks, was [removed in Chrome +78](https://www.zdnet.com/article/google-to-remove-chromes-built-in-xss-protection-xss-auditor/). +It had [a number of +issues](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TuYw-EZhO9g/blGViehIAwAJ), +and in the end the cons outweighed the pros. + +The Bugs-- team added +[FuzzedDataProvider](https://github.com/google/fuzzing/blob/master/docs/split-inputs.md#fuzzed-data-provider) +(FDP) as part of Clang, making it simple to write fuzz targets that require +multiple inputs with just a single header file include. We refactored +ClusterFuzz code to make it easier to add new fuzzing engines and migrated +libFuzzer to use this new +[interface](https://github.com/google/clusterfuzz/blob/master/src/python/bot/fuzzers/engine.py). +We rewrote the ClusterFuzz reproduce tool, which is now part of main ClusterFuzz +GitHub repo. On the OSS front, we launched new features in OSS-Fuzz - Golang +support, X86 config support, FDP support, and OSS-Fuzz Badges. We also did +fuzzer strategy weight adjustments based on multi-armed bandit experiments. +Jonathan Metzman +[presented](https://www.blackhat.com/us-19/briefings/schedule/index.html#going-beyond-coverage-guided-fuzzing-with-structured-fuzzing-16110) +at Black Hat (USA) on structure aware fuzzing. + +The Open Web Platform Security team have been working on [Trusted +Types](https://github.com/w3c/webappsec-trusted-types), the Origin Trial for +which is about to finish. We are making a number of changes to the feature, +mainly to aid deployment and debugging of TT deployments, as well as some +overall simplifications. We expect this work to finish in early Q4, and to +launch in the same quarter. + +The [Site Isolation](/Home/chromium-security/site-isolation) team reached two +more important milestones in Q3. First, we enabled Site Isolation for password +sites on Chrome for Android (on devices with at least 2GB of memory), bringing +Spectre mitigations to mobile devices! Second, we added enough compromised +renderer protections on Chrome for Desktop to include cross-site data disclosure +to the [Chrome +VRP](https://www.google.com/about/appsecurity/chrome-rewards/index.html)! We're +very excited about the new protections, and we continue to improve the defenses +on both Android and Desktop. Separately, we [presented our USENIX Security +paper](https://www.usenix.org/conference/usenixsecurity19/presentation/reis) in +August and launched OOPIF-based PDF support, clearing the way to remove +BrowserPlugin. + +In the Web PKI space, the government of Kazakhstan recently created a Root CA +and with local ISPs engaged in a campaign to encourage all KZ citizens to +install and trust the CA. Ripe Atlas detected this CA [conducting a +man-in-the-middle](https://censoredplanet.org/kazakhstan) on social media. +Chrome blocked this certificate to prevent it from being used for MITMing Chrome +users. In conjunction with several other major browsers, we made a [joint PR +statement](https://blog.mozilla.org/blog/2019/08/21/mozilla-takes-action-to-protect-users-in-kazakhstan/) +against this type of intentional exploitation of users. Following this incident, +we began working on a long-term solution to handling MITM CAs in Chrome. + +In hacker philanthropy news, in July we increased the amounts awarded to +security researchers who submit security bugs to us under the [Chrome +Vulnerability Reward Program](https://g.co/ChromeBugRewards). The update aligned +both categories and amounts with the areas we'd like researchers to focus on. +This generated some good [press +coverage](https://techcrunch.com/2019/07/18/google-will-now-pay-bigger-rewards-for-discovering-chrome-security-bugs/) +which should help spread the word about the Chrome VRP. Tell your friends, and +submit your Chrome security bugs +[here](https://bugs.chromium.org/p/chromium/issues/entry?template=Security%20Bug) +and they'll be considered for a reward when they're fixed! + +In Chrome security generally we've been working to address an issue called the +“patch gap”, where security bug fixes are posted in our open-source code +repository but then take some time before they are released as a Chrome stable +update. During that time, adversaries can use those fixes as evidence of +vulnerabilities in the current version of Chrome. To reduce this problem, we’ve +been merging more security fixes directly to stable, and we’re now always making +a security respin mid-way through the six-week development cycle. This has +reduced the median patch gap from ~33 days in Chrome 76 to ~19 days in Chrome +77. This is still too long, and we’re continuing to explore further solutions. + +Cheers, + +Andrew, on behalf of the Chrome security team + +## Q2 2019 + +Greetings, + +With 2019 already more than 58% behind us, here's an update on what Chrome +Security was up to in the second quarter of this year. + +Chrome SafeBrowsing is launching stricter download protections for [Advanced +Protection](https://landing.google.com/advancedprotection/) users, and a +teamfood has begun to test the policy in M75. This will launch broadly with M76. +This significantly reduces an Advanced Protection user’s exposure to potentially +risky downloads by showing them warnings when they try to download “risky” files +(executable files that haven’t been vetted by SafeBrowsing) in Chrome. + +Users need to understand site identity to make safe decisions on the web. Chrome +Security UX published a [USENIX Security +paper](https://ai.google/research/pubs/pub48199) exploring how users understand +modern browser identity indicators. To help users understand site identity from +confusing URLs, we launched a [new +warning](https://security.googleblog.com/2019/06/new-chrome-protections-from-deception.html) +detecting domains that look similar to domains you’ve visited in the past. We +published a +[guide](https://docs.google.com/document/d/1_xJz3J9kkAPwk3pma6K3X12SyPTyyaJDSCxTfF8Y5sU/edit) +to how we triage spoofing bugs involving such domains. We also built a +[Suspicious Site Reporter +extension](https://chrome.google.com/webstore/detail/suspicious-site-reporter/jknemblkbdhdcpllfgbfekkdciegfboi) +that power users can use to report deceptive sites to Google’s Safe Browsing +service, to help protect non-technical users who might not be able to discern a +deceptive site’s identity as well. + +Site identity is meaningless without HTTPS, and we continue to promote HTTPS +adoption across the web. We implemented an experimental flag to +[block](https://groups.google.com/a/chromium.org/d/msg/blink-dev/mALJa0JM13I/-jxMlOyrBAAJ) +high-risk nonsecure downloads initiated from secure contexts. And we continued +to roll out our experiment that auto-upgrades mixed content to HTTPS, pushing to +10% of beta channel and adding new metrics to quantify breakage. + +In addition to helping with the usual unfaltering flow of security launch +reviews, Platform Security engineers have been continuing to investigate ways to +help Chrome engineers create fewer memory safety bugs for clusterfuzz to find. +While performance is a concern when adding checks to libraries, some reports of +regressions nicely turned out to be [red +herrings](https://bugs.chromium.org/p/chromium/issues/detail?id=957296#c15). On +macOS, Chrome executables are [now +signed](https://chromium-review.googlesource.com/c/chromium/src/+/1666734) with +the [hardened runtime +options](https://developer.apple.com/documentation/security/hardened_runtime_entitlements) +enabled. Also on macOS, the change to have [Mojo use Mach +IPC](https://docs.google.com/document/d/1nEUEAP3pq6T9WgEucy2j02QwEHi0PaFdpaQcT8ooH9E/edit#), +rather than POSIX file descriptors/socket pairs, is now fully rolled out. On +Windows, we started to +[enable](https://bugs.chromium.org/p/chromium/issues/detail?id=961831) +[Arbitrary Code +Guard](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard#mitigation-comparison) +on processes that don't need dynamic code at runtime. + +We've done a lot of analysis on the types of security bugs which are still +common in Chromium. The conclusion is that memory safety is still our biggest +problem, so we've been working to figure out the best next steps to solve +that—both in terms of safer C++, and investigating other choices to find if we +can parse data in a safe language without disrupting the Chromium development +environment too much. + +We've also been looking at how security fixes are released, to ensure fixes get +to our users in the quickest possible way. We have also improved some of the +automatic triage that Clusterfuzz does to make sure that bugs get the right +priority. + +To augment our fuzzing efforts and find vulnerabilities for known bad patterns, +we have decided to invest in static code analysis efforts with +[Semmle](https://semmle.com/). We have written our custom QL queries and +reported +[15](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=label%3AFound-With-Semmle) +bugs so far (some of these were developed in collaboration with [Project +Zero](https://googleprojectzero.blogspot.com/)). + +We have made several changes to improve fuzzing efficiency which include - +leveraging [DFSan](https://clang.llvm.org/docs/DataFlowSanitizer.html) for +[focused mutations](https://github.com/google/clusterfuzz/issues/503), added +support for [custom mutators](https://github.com/google/clusterfuzz/pull/286), +build-type optimizations (sanitizers without instrumentation) and libFuzzer fork +mode on Windows. We have +[upstreamed](https://cs.chromium.org/chromium/src/third_party/libFuzzer/src/utils/FuzzedDataProvider.h) +a helper module in libFuzzer to make it easy to split fuzz input and decrease +fuzz target complexity. + +The Open Web Platform Security team was mainly focused on [Trusted +Types](https://github.com/WICG/trusted-types), and conducted an Origin Trial for +the feature in Q2. The team is presently scrambling to address the issues raised +by public feedback, to modify the feature to make it easier to deploy, and to +generally make Trusted Types fit for a full launch. + +The [Site Isolation](/Home/chromium-security/site-isolation) team published +their Usenix Security 2019 paper about the desktop launch ([Site Isolation: +Process Separation for Web Sites within the +Browser](https://ai.google/research/pubs/pub48285)), which will be presented in +August. We now have a small Stable channel trial of Android Site Isolation, +which isolates the sites that users log into rather than all sites. That work +included persisting and clearing the sites to isolate, fixing text autosizing, +and adding more metrics. Separately, we ran a trial of isolating origins rather +than sites to gauge overhead, and we helped ship [Sec-Fetch-Site +headers](https://w3c.github.io/webappsec-fetch-metadata/). We also started +collecting data on how well CORB is protecting sensitive resources in practice, +and we've started launch trials of out-of-process iframe based PDFs (which adds +CORB protection for PDFs). + +The Chrome OS Security team has been working on the technology underlying Chrome +OS verified boot. Going forward, dm_verity will use SHA256 as its hashing +algorithm, replacing SHA1. So long, weak hashing algorithm! + +We also spent some time making life easier for Chrome OS developers. Devs now +have access to a +[time-of-check-time-of-use](https://en.wikipedia.org/wiki/Time-of-check_to_time-of-use) +safe [file +library](https://chromium.googlesource.com/chromiumos/platform2/libbrillo/+/HEAD/brillo/safe_fd.h), +and a [simplified +mechanism](https://groups.google.com/a/chromium.org/d/msg/chromium-os-dev/zYP4tlXQmRg/aMyd2l-SBAAJ) +for building system call filtering policies. + +Cheers, + +Andrew, on behalf of the Chrome security team + +## Q1 2019 + +Greetings, + +Here's an update on what Chrome Security was up to in the first quarter of 2019! + +The [Site Isolation](/Home/chromium-security/site-isolation) team finished the +groundwork for Android Beta Channel field trials, and the trials are now in +progress. This Android mode isolates a subset of sites that users log into, to +protect site data with less overhead than isolating all sites. We also started +enforcing Cross-Origin Read Blocking for [extension content script +requests](/Home/chromium-security/extension-content-script-fetches), maintaining +a temporary allowlist for affected extensions that need to migrate. We tightened +compromised renderer checks for navigations, postMessage, and BroadcastChannel. +We also continued cross-browser discussions about [Long-Term Web Browser +Mitigations for +Spectre](https://docs.google.com/document/d/1dnUjxfGWnvhQEIyCZb0F2LmCZ9gio6ogu2rhMGqi6gY/edit?usp=sharing), +as well as headers for [isolating +pages](https://github.com/whatwg/html/issues/3740) and [enabling precise +timers](https://github.com/whatwg/html/issues/4175). Finally, we are close to +migrating PDFs from BrowserPlugin to out-of-process iframes, allowing +BrowserPlugin to be deleted. + +In the last several years, the Usable Security team have put a lot of effort +into [improving HTTPS +adoption](https://transparencyreport.google.com/https/overview) across the web, +focusing on getting top sites to migrate to HTTPS for their top-level resources. +We’re now starting to turn our attention to insecure subresources, which can +harm user security and privacy even if the top-level page load is secure. We are +currently running an +[experiment](https://chromestatus.com/feature/5557268741357568) on Canary, Dev, +and Beta that automatically upgrades insecure subresources on secure pages to +HTTPS. We also collected metrics on insecure downloads in Q1 and have started +putting together a +[proposal](https://lists.w3.org/Archives/Public/public-webappsec/2019Apr/0004.html) +to block high-risk insecure downloads initiated from secure pages. + +People need to understand website identity to make good security and trust +decisions, but +[lots](http://people.ischool.berkeley.edu/~tygar/papers/Phishing/why_phishing_works.pdf) +[of](http://www.usablesecurity.org/papers/jackson.pdf) +[research](http://grouplab.cpsc.ucalgary.ca/grouplab/uploads/Publications/Publications/2011-DomainHighlighting.CHI.pdf) +suggests that they don’t. We summarized our own research and thinking on this +topic in an [Enigma 2019 talk](https://www.youtube.com/watch?v=RPoAc0ScdTM). We +open-sourced a [tool](https://github.com/chromium/trickuri) that we use to help +browser developers display site identity correctly. We also published a set of +[URL display +guidelines](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/url_display_guidelines/url_display_guidelines.md) +and subsequently incorporated them into the [URL +standard](https://url.spec.whatwg.org/#url-rendering). + +The Safe Browsing team increased the coverage against malware and unwanted +software downloads by changing the logic of which file types to check against +Safe Browsing. We flipped the heuristic to an allow-list of known-safe file +extensions, and made the rest require verification. This adds protection from +both the [uncommon +](https://chromium-review.googlesource.com/c/chromium/src/+/1459317)file +extensions (where attackers convince users to rename them to a common executable +after scanning), and from [Office document +types](https://chromium-review.googlesource.com/c/chromium/src/+/1449110) where +the incidence of malware has increased significantly. + +The Chrome Cleanup Tool is now in the Chromium repository! This lets the public +audit the data collected by the tool, which is a win for user privacy, and gives +an example of how to sandbox a file scanner. The open source version includes a +sample scanner that detects only test files, while the version shipped in Chrome +will continue to depend on internal resources for a licensed engine. + +The Bugs-- team has [open sourced](https://github.com/google/clusterfuzz) +ClusterFuzz, a fuzzing infrastructure that we have been developing over the past +8 years! This army of robots has found 30,000+ bugs in Chrome and 200+ open +source projects. To improve the efficiency of our cores, we have developed +automated fuzzer weights management based on fuzzer quality/freshness/code +changes. Additionally, we have developed several new WebGL fuzzers (some of them +leverage [GraphicsFuzz](https://github.com/google/graphicsfuzz)) and found +[63](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=metzman_graphicsfuzz_crash_fuzzer+-status%3AWontFix%2CDuplicate+OR+metzman_graphicsfuzz_mutator++-status%3AWontFix%2CDuplicate+OR+metzman_webgl_api_fuzzer++-status%3AWontFix%2CDuplicate+OR+metzman_webgl_mutator++-status%3AWontFix%2CDuplicate) +bugs. We have significantly scaled up fuzzing Chrome on Android (x86) by using +[Cuttlefish](https://github.com/google/android-cuttlefish) over +[GCE](https://cloud.google.com/compute/docs/). Lastly, we have transitioned +Chrome code coverage tools development to Chrome Infra team, see the new dash +[here](https://analysis.chromium.org/p/chromium/coverage). + +The Platform Security team added some checks for basic safety to our base and +other fundamental libraries, and are investigating how to do more while +maintaining efficiency (run-time, run space, and object code size). We hope to +continue to do more, as well as investigate how to use absl without forgoing the +safety checks. We’ve been having great success with this kind of thing in PDFium +as well, where we’ve found that the compiler can often optimize away these +checks, and investigating where it hasn’t been able to has highlighted several +pre-existing bugs. On macOS, we have re-implemented the Mojo IPC Channel under +the hood to use Mach IPC, which should help reduce system resource shortage +crashes. This also led to the development of two libprotobuf-mutator (LPM) +fuzzers for Mach IPC servers. We’re working on auto-generating an LPM based +fuzzer from Mojo API descriptions to automatically fuzz Mojo endpoints, +in-process. We also continue to write LPM fuzzers for tricky-to-reach areas of +the code like the disk cache. We are also investigating reducing the privilege +of the network process on Windows and macOS. + +Our next update will be the first full quarter after joining Chrome Trust and +Safety. We're looking forward to collaborating with more teams who are also +working to keep our users safe! + +Cheers, + +Andrew on behalf of Chrome Security + +## Q4 2018 + +Greetings, + +With the new year well underway, here's a look back at what Chrome Security was +up to in the last quarter of 2018. + +In our quest to make HTTPS the default, we started marking HTTP sites with a red +Not Secure icon when users enter data into forms. This change launched to stable +in Chrome 70 in October. A new version of the HTTPS error page also launched to +the stable channel as an experiment: it looks the same but is much improved +[under the +hood](https://docs.google.com/document/d/1rEBpw5V-Nn1UIi8CIFa5ZZvwlR08SkY3CogvWE2UMFs/edit). +We built a new version of the [HTTPS Transparency +Report](https://transparencyreport.google.com/https/overview?hl=en) for top +sites; the report now displays aggregate statistics for the top sites instead of +individual sites. We also built a [new interstitial +warning](https://blog.chromium.org/2018/11/notifying-users-of-unclear-subscription.html) +to notify Chrome users of unclear mobile subscription billing pages. The new +warning and policy launched in Chrome 71. + +The Bugs-- team ported libFuzzer to work on Windows, which was previously +lacking coverage guided fuzzing support, and this resulted in +[93](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=windows_libfuzzer_chrome_asan+reporter%3Aclusterfuzz%40chromium.org+-status%3Aduplicate%2Cwontfix&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) +new bugs. We hosted a month-long +[Fuzzathon](https://groups.google.com/a/chromium.org/d/msg/chromium-dev/MAiBRTllPuI/hPbEMRWQDAAJ) +in November, focused on improving fuzz coverage for Chrome’s browser process and +Chrome OS. This effort led to 85 submissions and +[157](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=-status%3AWontFix%2CDuplicate+id%3A907387%2C908754%2C903899%2C907386%2C904054%2C911112%2C904053%2C906711%2C912230%2C906370%2C907662%2C907663%2C910842%2C910843%2C906416%2C906417%2C906418%2C907302%2C903724%2C906395%2C906393%2C906391%2C911475%2C906399%2C908049%2C901782%2C907912%2C908196%2C906007%2C908829%2C907847%2C905334%2C912202%2C910918%2C912208%2C910917%2C904613%2C906568%2C906374%2C907561%2C907560%2C912455%2C907070%2C903251%2C910852%2C910851%2C903252%2C906396%2C910480%2C903828%2C911030%2C906349%2C908678%2C903052%2C903782%2C912219%2C902693%2C902690%2C904689%2C904682%2C905273%2C905272%2C905275%2C907999%2C911320%2C906352%2C906350%2C906356%2C906354%2C910497%2C910970%2C906359%2C904055%2C905649%2C910930%2C905401%2C906469%2C906705%2C910522%2C907693%2C906462%2C910835%2C902964%2C907051%2C906466%2C906372%2C903772%2C912299%2C911155%2C910926%2C910929%2C910928%2C906659%2C903233%2C907345%2C907344%2C904093%2C904090%2C905413%2C906329%2C909713%2C908781%2C905985%2C909801%2C912506%2C906801%2C901649%2C904382%2C905259%2C902605%2C908039%2C903280%2C904141%2C908004%2C910898%2C902131%2C910069%2C904655%2C910896%2C903088%2C906337%2C906440%2C912476%2C906333%2C908392%2C902227%2C912479%2C906448%2C906339%2C910248%2C904712%2C904792%2C910469%2C903690%2C901239%2C902860%2C911700%2C906381%2C906382%2C911822%2C905621%2C904725%2C910866%2C910862%2C911827%2C910860%2C907524%2C901675%2C901674%2C906438%2C906439%2C910892%2C907278%2C904736%2C904734%2C907718%2C907157%2C910592%2C908237%2C907453%2C908232%2C904105%2C908230%2C912227%2C912224%2C912223%2C904221%2C905463%2C903237%2C903236%2C904227%2C903234%2C906425%2C906421%2C906423%2C906422%2C906429%2C906428%2C908209%2C911409%2C912520&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) +bugs. We have added more automation towards auto-adjusting cpu cycles allocated +to various fuzzers based on code coverage changes and recency of fuzzer +submission. Lastly, we added Linux x86 fuzzing configurations +([1](https://ci.chromium.org/p/chromium/builders/luci.chromium.ci/Libfuzzer%20Upload%20Linux32%20ASan), +[2](https://ci.chromium.org/p/chromium/builders/luci.chromium.ci/Libfuzzer%20Upload%20Linux32%20ASan%20Debug)) +for libFuzzer, which resulted in +[100](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=x86_libfuzzer_chrome_asan+-status%3AWontFix%2CDuplicate+OR+x86_libfuzzer_chrome_asan_debug+-status%3AWontFix%2CDuplicate&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) +new bugs. + +In Platform Security, we started sandboxing the network service on macOS. On +Windows, we’re starting to experiment with an improved GPU sandbox. The network +service has the beginnings of a sandbox on Windows, and we’ll be working on +tightening it in future work. We’re also continuing to gradually harden the +implementations of core Chromium libraries in base/ and elsewhere. We had a +great adventure finding and fixing bugs in SQLite as well, including an +innovative and [productive new +fuzzer](https://github.com/google/fuzzer-test-suite/blob/master/tutorial/structure-aware-fuzzing.md#example-sqlite). +We’re continuing to hammer away at bugs in PDFium, and refactoring it +significantly. + +To help sites defend against cross-site scripting (XSS), we are working on +[Trusted Types](https://wicg.github.io/trusted-types/dist/spec/). This aims to +bring a derivative of Google's "[Safe HTML +Types](https://github.com/google/safe-html-types/blob/master/doc/safehtml-types.md)" +— which relies on external tooling that may be incompatible with existing +workflows or code base — directly into the web platform, thus making it +available to everyone. Both Google-internal and [external +teams](https://github.com/cure53/DOMPurify/blob/master/demos/trusted-types-demo.html) +are presently working on integrating Trusted Types into existing frameworks +which, if successful, offers the chance to rapidly bring this technique to large +parts of the web. Chrome 73 will see an [origin +trial](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/I9To21DXcLo/NrU9P0M4EAAJ). + +The work on [Site Isolation](/Home/chromium-security/site-isolation) continues +as we focus on enabling it on Android — support for adding isolated origins at +runtime, fixing issues with touch events, and balancing process usage for +maximizing stability. We added improvements to CORB to prevent bypasses from +exploited renderers, we announced [extensions changes for content script +requests](/Home/chromium-security/extension-content-script-fetches), and we +reached out to affected authors with guidance on how to update. Additionally, we +continue to add more enforcements to mitigate compromised renderers, which is +the ultimate end goal of the project. Last but not least, we have worked to +improve code quality and clean up architectural deficiencies which accumulated +while developing the project. + +Chrome OS 71 saw the initial, limited release of USBGuard, a technology that +improves the security of the Chrome OS lock screen by (carefully) blocking USB +devices on the lock screen. + +As ever, many thanks to all those in the Chromium community, and our VRP +reporters, who help make the Web more secure! + +Cheers, + +Andrew, on behalf of the Chrome security team + +## Q3 2018 + +Greetings! + +Chrome turned 10 in September! Congrats to the team on a [decade of making the +web more +secure](https://www.wired.com/story/chrome-decade-making-the-web-more-secure/). + +In the quest to find security bugs, the Bugs-- team incorporated Machine +Learning in ClusterFuzz infrastructure using [RNN +model](https://en.wikipedia.org/wiki/Recurrent_neural_network) to improve upon +corpus quality and code coverage. We experimented with improving fuzzing +efficiency by adding instability handling and mutation stats strategies inside +libFuzzer. We added a new [Mojo service +fuzzer](https://bugs.chromium.org/p/chromium/issues/detail?id=607649) by +extending the Mojo javascript bindings and found [security +bugs](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=mojo_fuzzer+label%3AClusterFuzz+Type%3DBug-Security&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids). +We also +[migrated](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/code_coverage.md) +our fuzzing infrastructure to provide [Clang Source-based Code +Coverage](https://clang.llvm.org/docs/SourceBasedCodeCoverage.html) reports and +deprecated [Sancov](https://clang.llvm.org/docs/SanitizerCoverage.html). + +The Platform Security team continued to add hardening and checks to fundamental +classes and libraries in base/, and did some of the same work in PDFium and +other parsers and interpreters in Chromium. We also provided some sandboxing +consulting to other teams for their new services including audio and networking. + +Chrome on macOS now has a new sandbox architecture, launched in Chrome 69, which +immediately initializes when a new process executes. This reduces Chrome’s +attack surface and allows better auditing of system resource access between +macOS versions. + +Chrome OS Security wrapped up the response to the [L1TF +vulnerability](https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html), +fixes for which enabled shipping Linux apps on Chrome OS without exposing users +to extra risk. Moreover, we received [an (almost) full-chain exploit for Chrome +OS](https://bugs.chromium.org/p/chromium/issues/detail?id=884511) that both +validated earlier sandboxing work (like for Shill, Chrome OS’s connection +manager) and also shed light on further hardening work that was wrapped up in +Q3. + +Chrome 70 shipped TLS 1.3, although we did have to disable a downgrade check in +this release due to a last-minute incompatibility with some network devices. + +After the excitement [enabling Site Isolation by default on desktop +platforms](https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html) +in Q2, the team has been focused on building a form of Site Isolation suitable +for devices that run Android, which have more limited memory and processing +power. We've been fixing Android-specific issues (alongside a lot of maintenance +for the desktop launch), we have started field trials for isolating a subset of +sites, and we are working on ways to add more sites to isolate at runtime. +Separately, we added several more enforcements to mitigate compromised +renderers, to extend the protection beyond Spectre. + +Users should expect that the web is safe by default, and they’ll be warned when +there’s an issue. In Chrome 68, we hit a milestone for Chrome security UX, +[marking all HTTP +sites](https://www.blog.google/products/chrome/milestone-chrome-security-marking-http-not-secure/) +as “not secure”. We continued down that path in Chrome 70, [showing the “not +secure” string in +red](https://www.blog.google/products/chrome/milestone-chrome-security-marking-http-not-secure/) +when users enter data on an HTTP page. We began stepping towards removing +Chrome’s positive security indicators so that the default unmarked state is +secure, starting by [removing the “Secure” +wording](https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html) +in Chrome 69. + +We [would like to +experiment](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/ZJxkCJq5zo4/4sSMVZzBAwAJ) +with mixed content autoupgrading to simplify (i.e. improve) the user experience, +and are currently collecting metrics about the impact. We’re also working to +improve Chrome security UX under the hood -- we launched [committed HTTPS +interstitials](https://docs.google.com/document/d/1rEBpw5V-Nn1UIi8CIFa5ZZvwlR08SkY3CogvWE2UMFs/edit) +on Canary and Dev. + +As ever, many thanks to all those in the Chromium community, and our[ VRP +reporters](https://www.google.com/about/appsecurity/chrome-rewards/index.html), +who help make the Web more secure! + +Cheers, + +Andrew, on behalf of the Chrome security team + +## Q2 2018 + +Greetings and salutations, + +It's time for another (rather belated!) update from your friends in Chrome +Security, who are hard at work to keep Chrome the most secure platform to browse +the Internet. + +We're very excited that [Site Isolation](/Home/chromium-security/site-isolation) +is now [enabled by +default](https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html) +as a Spectre mitigation in M67 for Windows, macOS, Linux, and Chrome OS users! +This involved an incredible number of fixes from the team in Q2 to make +out-of-process iframes fully functional, especially in areas like painting, +input events and performance, and it included standardizing [Cross-Origin Read +Blocking (CORB)](/Home/chromium-security/corb-for-developers). Stay tuned for +more updates on Site Isolation coming later this year, including additional +protections from compromised renderers. Chris and Emily talked about Spectre +response, Site Isolation, and necessary developer steps [at +I/O](https://youtu.be/dBuykrdhK-A). We also announced that security bugs found +in Site Isolation could qualify for [higher VRP reward +payments](https://www.google.com/about/appsecurity/chrome-rewards/index.html#special) +for a limited time. + +In their quest to find security bugs, the Bugs-- team integrated [Clang +Source-based Code +Coverage](https://clang.llvm.org/docs/SourceBasedCodeCoverage.html) into +Chromium project and launched a +[dashboard](https://chromium-coverage.appspot.com/) to make it easy for +developers to see which parts of the code are not covered by fuzzers and unit +tests. We wrote a [Mojo service +fuzzer](https://cs.chromium.org/chromium/src/mojo/public/tools/fuzzers/) that +generates fuzzing bindings in JS and found some scary +[vulnerabilities](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=mojo_fuzzer+Type%3DBug-Security&sort=-type&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified+Type&x=m&y=releaseblock&cells=ids). +We added [libFuzzer fuzzing support in Chrome +OS](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/fuzzing.md) and +got new fuzz target contributions from Chrome OS developers and found several +[bugs](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=libfuzzer_asan_chromeos+-status%3ADuplicate%2CWontFix+label%3AClusterFuzz&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids). +We made numerous improvements to our ClusterFuzz fuzzing infrastructure, +examples include dynamically adjusting CPU allocation for inefficient fuzz +targets until their performance issues are resolved, cross-pollinating corpuses +across fuzz targets and projects, and more. + +The Platform Security team has been working on adding bounds checks and other +sanity checks to +[base/containers](https://bugs.chromium.org/p/chromium/issues/detail?id=817982), +as part of an overarching effort to harden heavily-used code and catch bugs. +We’ve had some good initial success and expect to keep working on this for the +rest of the year. This is a good area for open source contributors and VRP +hunters to work on, too! + +In our quest to move the web to 100% HTTPS, we prepared for showing Not Secure +warnings on all http:// pages which started in M68. We sent Search Console +messages to affected sites and expanded our [enterprise +controls](/administrators/policy-list-3#UnsafelyTreatInsecureOriginAsSecure) for +this warning. We +[announced](https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html) +some further changes to Chrome’s connection security indicators: in M69, we’ll +be removing the Secure chip next to https:// sites, and in M70 we’ll be turning +the Not Secure warning red to more aggressively warn users when they enter data +on a non-secure page. + +We also added some features to help users and developers use HTTPS more often. +The omnibox now remembers pages that redirect from http:// to https://, so that +users don’t get sent to the http:// version in the future. We fixed a +longstanding bug with the +[upgrade-insecure-requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests) +CSP directive that helps developers find and fix mixed content: it now upgrades +requests when following redirects. Finally, we added a setting to +chrome://flags#unsafely-treat-insecure-origin-as-secure to let developers more +easily test HTTPS-only features, especially on Android and ChromeOS. + +To better protect users from unwanted extensions, we announced [the deprecation +of inline installations for +extensions](https://blog.chromium.org/2018/06/improving-extension-transparency-for.html). +This change will result in Chrome users being directed to the Chrome Web Store +when installing extensions, helping to ensure user can make a better informed +decision. + +Chrome OS spent a big chunk of Q2 updating and documenting our processes to +ensure we can better handle future incidents like Spectre and Meltdown. We +expanded our [security review +guidelines](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/security_review_howto.md) +so that they can be used both by security engineers while reviewing a feature, +as well as by SWE and PM feature owners as they navigate the Chrome OS launch +process. + +We continued our system hardening efforts by making Shill, the Chrome OS network +connection manager, run in a restrictive, non-root environment starting with +M69. [Shill was exploited as part of a Chrome OS full-chain +exploit](https://googleprojectzero.blogspot.com/2016/12/chrome-os-exploit-one-byte-overflow-and.html), +so sandboxing it was something that we’ve been wanting to do for a long time. +With PIN sign-in launching with M68, the remaining work to make the underlying +user credential brute force protection mechanism more robust is underway, and we +plan to enable it for password authentication later this year. Hardening work +also happened on the Android side, as we made progress on functionality that +will allow us to verify generated code on Android using the TPM. + +Q2 continued to require incident response work on the Chrome OS front, as the +fallout from Spectre and Meltdown included several researchers looking into the +consequences of speculative execution. The good news is that we started +receiving updated microcode for Intel devices and these updates will start to go +out with M69. + +As ever, many thanks to all those in the Chromium community, and our [VRP +reporters](https://www.google.com/about/appsecurity/chrome-rewards/index.html), +who help make the Web more secure! + +Cheers + +Andrew + +on behalf of the Chrome Security Team + +## Q1 2018 + +**Greetings and salutations,** + +It's time for another update from your friends in Chrome Security, who are hard at work trying to keep Chrome as the most secure platform to browse the Internet. We'd also like to welcome our colleagues in Chrome OS security to this update - you'll be able to hear what they've been up to each quarter going forward.** + +In our effort to find and fix bugs, we collaborated with the [Skia](https://skia.org/) team and [integrated](https://github.com/google/oss-fuzz/tree/master/projects/skia) 21 fuzz targets into OSS-Fuzz for continuous 24x7 fuzzing on Skia trunk. So far, we have found [38](https://bugs.chromium.org/p/oss-fuzz/issues/list?can=1&q=Proj%3Dskia+Type%3DBug-Security+-status%3ADuplicate&colspec=ID+Type+Component+Status+Proj+Reported+Owner+Summary&cells=ids) security vulns! We also added several new fuzz targets as part of a 2-week bug bash (e.g. [multi-msg mojo fuzzer](https://chromium-review.googlesource.com/c/chromium/src/+/973685), [audio decoder fuzzer](https://chromium-review.googlesource.com/c/chromium/src/+/976184), [appcache manifest parsing fuzzer](https://chromium-review.googlesource.com/c/chromium/src/+/982677), [json fuzzer](https://chromium-review.googlesource.com/c/chromium/src/+/959564) [improvements](https://chromium-review.googlesource.com/c/chromium/src/+/971063), etc) and found an additional [vulnerability](https://crbug.com/826193) through code review. We added libFuzzer support for Chrome OS and integrated it with ClusterFuzz. Sample [puffin fuzzer](https://chromium-review.googlesource.com/c/chromiumos/overlays/chromiumos-overlay/+/944190) found [11](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=libfuzzer_asan_chromeos+-status%3AWontFix%2CDuplicate&colspec=ID+Type+Component+Status+Proj+Reported+Owner+Summary&x=m&y=releaseblock&cells=ids) bugs (includes 2 security). We made several improvements to AFL fuzzing engine integration and fuzzing strategies. This brings it on-par with libFuzzer in terms of the number of bugs found -- it's now ~3X more productive than before! We added support for building MSan instrumented system libraries for newer debian distros ([1](https://github.com/google/oss-fuzz/issues/608), [2](/developers/testing/memorysanitizer)).** + +To [help users infected with unwanted software](https://support.google.com/chrome/answer/2765944?co=GENIE.Platform%3DDesktop&hl=en), we moved the standalone Chrome Cleanup Tool into Chrome. Scanning and cleaning Windows machines can now be triggered by visiting chrome://settings/cleanup. There was some misunderstanding on Twitter about why Chrome was scanning, which we clarified. We also pointed people to the [unwanted software protection](https://www.google.com/chrome/privacy/whitepaper.html#unwantedsoftware) section of Chrome's privacy whitepaper so they can understand what data is and isn’t sent back to Google.** + +In our effort to move the web to 100% HTTPS, we [announced](https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html) that Chrome will start marking all HTTP pages with a Not Secure warning in July. This is a big milestone that concludes a multi-year effort to roll out this warning to all non-secure pages. Alongside that announcement, we added a [mixed content audit](https://developers.google.com/web/tools/lighthouse/audits/mixed-content) to [Lighthouse](https://developers.google.com/web/tools/lighthouse/), an automated tool for improving webpage quality. This audit helps developers find and fix mixed content, a major hurdle for migrating to HTTPS. We also [announced](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/ANnafFBhReY/1Xdr53KxBAAJ) the deprecation of AppCache in nonsecure contexts.** + +In addition to MOAR TLS, we also want more secure and usable HTTPS, or BETTER TLS. With that goal in mind, we made changes to get better metrics about features intended to help users with client or network misconfigurations that break their HTTPS connections (like our [customized certificate warnings](https://research.google.com/pubs/archive/46359.pdf)). We also added more of these “helper” features too: for example, we now bundle help content targeted at users who are stuck with incorrect clocks, captive portals, or other configuration problems that interfere with HTTPS. Finally, we started preparing for Chrome’s upcoming Certificate Transparency [enforcement deadline](https://groups.google.com/a/chromium.org/d/msg/ct-policy/wHILiYf31DE/iMFmpMEkAQAJ) by analyzing and releasing some [metrics](https://www.youtube.com/watch?v=e_rwG7MA5VU) about the state of CT adoption so far.** + +To help make security more usable in Chrome, we’re exploring how [URLs are problematic](https://www.youtube.com/watch?v=UD-ukjVoeLc). We removed https/http schemes and www/m subdomains from the steady-state omnibox, and we’re studying the impact of removing positive security indicators that might mislead or distract from the important security information in the origin.** + +**Chrome OS Security had a busy Q1. The vulnerabilities known as [Meltdown and +Spectre](https://meltdownattack.com/) were disclosed in early January, and a +flurry of activity followed as we rushed to patch older kernels against Meltdown +in Chrome OS 66, and incorporated Spectre fixes for ARM Chrome OS devices in +Chrome OS 67. We also started codifying our [security review guidelines in a +HOWTO +doc](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/security_review_howto.md), +to allow the larger Chrome OS team to better prepare for security reviews of +their features. Moreover, after being bit by symlinks and FIFOs being used as +part of [several](https://bugs.chromium.org/p/chromium/issues/detail?id=344051) +[exploit](https://bugs.chromium.org/p/chromium/issues/detail?id=648971) +[chains](https://bugs.chromium.org/p/chromium/issues/detail?id=766253), we +finally landed +[symlink](https://chromium-review.googlesource.com/c/chromiumos/platform2/+/966683) +and +[FIFO](https://chromium-review.googlesource.com/c/chromiumos/platform2/+/978780) +blocking in Chrome OS 67. On the hardware-backed security front, we've split off +the component that allows irreversible once-per-boot decisions into its own +service, bootlockboxd. Finally, work is nearing completion for a first shipping +version of a** hardware-backed mechanism to protect user credentials against +brute force attacks**. This will allow PIN codes as a new authentication +mechanism for Chrome OS meeting our** authentication security guidelines**, and +we'll use it to upgrade password-based authentication to a higher security bar +subsequently.** + +**Spectre kept us busy on the Chrome Browser side as well. The V8 team landed a large number of JIT mitigations to make Spectre exploits harder to produce, and high resolution timers like SharedArrayBuffer were temporarily disabled; more details on our response [here](/Home/chromium-security/ssca). In parallel, the [Site Isolation](/Home/chromium-security/site-isolation) team significantly ramped up efforts to get Site Isolation launched as a Spectre mitigation, since it helps avoid having data worth stealing anywhere in a compromised process. In Q1, we substantially improved support for the Site Isolation enterprise policies that launched prior to the Spectre disclosure, including:** + + **Reducing total memory overhead from 20% to 10%.** + + **Significantly improving input event handling in out-of-process iframes + (OOPIFs).** + + **Significantly improving DevTools support for OOPIFs.** + + **Adding ChromeDriver support for OOPIFs.** + + **Adding support for printing OOPIFs.** + + **Improving rendering performance for OOPIFs.** + + **Starting standards discussions for Cross-Origin Read Blocking (CORB).** + +**Thanks to these improvements, we have been running field trials and are preparing to launch the strict Site Isolation policy on desktop. We [talked about](https://www.youtube.com/watch?v=dBuykrdhK-A) much of this work at Google I/O.** + +**Finally, we continue to work on exploit mitigations and other security hardening efforts. For example, [Oilpan](https://chromium.googlesource.com/chromium/src/+/lkcr/third_party/WebKit/Source/platform/heap/BlinkGCDesign.md), blink's garbage collecting memory management system, [removed its inline metadata](https://bugs.chromium.org/p/chromium/issues/detail?id=633030), which make it more difficult to overwrite with memory corruption bugs. This was the culmination of several years of effort, as performance issues were worked through. In Android P, we refactored the WebView [zygote](https://developer.android.com/topic/performance/memory-overview) to become a child of the main app_process zygote, reducing memory usage and helping with the performance of future Site Isolation efforts. Members of Platform Security also helped coordinate the response to Spectre and Meltdown, and still managed to find time to conduct their routine reviews of new [Chrome features](https://www.chromestatus.com/features).** + +## Q4 2017 + +Greetings and salutations, + +It's time for another update from your friends in Chrome Security, who are hard +at work trying to make Chrome the[ most secure platform to browse the +Internet](/Home/chromium-security). As it's the start of 2018, [we +reflected](https://www.blog.google/products/chrome/reflecting-years-worth-chrome-security-improvements/) +on a year’s worth of security improvements, and announced new stats around our +VRP and Safe Browsing warnings. + +Here are some highlights from the last quarter of 2017: + +In effort to find and fix bugs, we (Bugs--): + + Wrote a new and easily extensible javascript fuzzer using + [Babel](https://babeljs.io/), which found 100+ bugs in both V8 + ([list](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=ochang_js_fuzzer+-status%3ADuplicate%2CWontFix&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles)) + and other browser javascript engines + ([list](https://bugs.chromium.org/p/oss-fuzz/issues/list?can=1&q=js_fuzzer+-status%3AWontFix%2CDuplicate&colspec=ID+Type+Component+Status+Proj+Reported+Owner+Summary&cells=ids)). + + Started integrating [Clang Source-based Code + Coverage](https://clang.llvm.org/docs/SourceBasedCodeCoverage.html) in the + Chromium build system and are deprecating [Sanitizer + Coverage](https://clang.llvm.org/docs/SanitizerCoverage.html). Clang + coverage is very precise, shows hit frequencies and is much easier to + visualize. You can follow progress + [here](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=component%3ATools%3ECodeCoverage). + + Hosted a month long fuzzathon in October where Chromium developers + participated in writing new [fuzz + targets](https://chromium.googlesource.com/chromium/src/testing/libfuzzer/+/HEAD/README.md) + and fixing blockers for existing ones. This resulted in 93 bugs, several of + which were in new uncovered areas of codebase; results + [here](https://clusterfuzz.com/v2/fuzzathon). + + Fixed several + [bugs](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=component%3ATools%3ETest%3EPredator+status%3AFixed%2CVerified&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) + in our automated owner and component assignment pipeline and + [expanded](https://bugs.chromium.org/p/chromium/issues/detail?id=760607) our + builder infrastructure to archive builds more frequently, for more accurate + blame results. Faster and more accurate bug triaging means faster fixes for + users! + +Other than fixing bugs, we (MOAR TLS, Enamel, Safe Browsing) also: + + [Blogged](https://www.blog.google/topics/safety-security/say-yes-https-chrome-secures-web-one-site-time/) + about the massive uptick in HTTPS we saw in 2017: 71 of the top 100 sites on + the Web use HTTPS by default, up from 37 a year ago. We also announced our + continuing platinum sponsorship of Let’s Encrypt. + + Delivered a change (in M62, [announced in + April](https://blog.chromium.org/2017/04/next-steps-toward-more-connection.html)), + extending the “Not Secure” omnibox warning chip to non-secure pages loaded + while Incognito and to non-secure pages after the user edits a form field. + + Added an [enterprise + policy](/administrators/policy-list-3#UnsafelyTreatInsecureOriginAsSecure) + (in M65) for treating insecure origins as secure contexts, to help with + development, testing, and intranet sites that are not secured with HTTPS. + + More tightly integrated Chrome’s captive portal detection with operating + system APIs. This feature helps users log in to captive portals (like hotel + or airport wifi networks) rather than seeing unhelpful TLS certificate + errors. + + [Launched](https://www.blog.google/topics/safety-security/new-security-protections-tailored-you/) + predictive phishing protection to warn users when they’ve typed their Google + password into a never-seen-before phishing site. + +As always, we invest a lot in security architecture and exploit mitigations. +Last quarter, we (Platform Security / Site Isolation): + + Started rolling out the [Mac Sandbox + v2](https://chromium.googlesource.com/chromium/src/+/HEAD/sandbox/mac/seatbelt_sandbox_design.md), + bringing both greater security and cleaner code. + + [Refactored sandbox code out of + //content](https://bugs.chromium.org/p/chromium/issues/detail?id=708738) to + make it easier to use across the system. + + Worked on and helped coordinate Chrome's response to the recently announced + [Spectre and Meltdown CPU + vulnerabilities](https://blog.google/topics/google-cloud/what-google-cloud-g-suite-and-chrome-customers-need-know-about-industry-wide-cpu-vulnerability/) + and worked with the [V8 team](https://developers.google.com/v8/) who + spearheaded Chrome's Javascript and WebAssembly mitigations which are + rolling out to users now. + + Accelerated the rollout of [Site + Isolation](/Home/chromium-security/site-isolation) as a + [mitigation](/Home/chromium-security/ssca) for + [Spectre/Meltdown](https://blog.google/topics/google-cloud/what-google-cloud-g-suite-and-chrome-customers-need-know-about-industry-wide-cpu-vulnerability/). + Enabling Site Isolation reduces the amount of valuable cross-site data that + can be stolen by such attacks. We're working to fix the currently known + issues so that we can start enabling it by default. + + Implemented [cross-site document + blocking](http://www.chromium.org/developers/design-documents/blocking-cross-site-documents) + in (M63) when Site Isolation is enabled. This ensures that cross-site HTML, + XML, JSON, and plain text files are not given to a renderer process on + subresource requests unless allowed by [CORS](https://www.w3.org/TR/cors/). + Both --site-per-process and --isolate-origins modes are [now available via + enterprise + policy](https://www.blog.google/topics/connected-workspaces/security-enhancements-and-more-enterprise-chrome-browser-customers/) + in Chrome 63. + + Ran field trials of --site-per-process and --isolate-origins on 50% of + Chrome Canary instances to measure performance, fix crashes, and spot + potential issues. In a separate launch involving out-of-process iframes and + Site Isolation logic, now has a dedicated + renderer process in Chrome 63 to support upcoming requirements for Chrome + Signin. + + We have landed a large number of functional and performance improvements for + Site Isolation, including fixes for input events, DevTools, OAuth, hosted + apps, crashes, and same-site process consolidation which reduces memory + overhead. + +To help users that inadvertently installs unwanted software, we (Chrome +Protector): + + Launched new Chrome Cleanup Tool UI , which we think is more comprehensible + for users. + + Launched a sandboxed ESET-Powered [Chrome Cleanup + Tool](https://blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/) + + Running on 100% of Chrome users by Nov 23 + +Lastly, we (BoringSSL) deployed TLS 1.3 to Chrome stable for a couple weeks in +December and gathered [valuable +data](https://www.ietf.org/mail-archive/web/tls/current/msg25168.html). + +As ever, many thanks to all those in the Chromium community who help make the +Web more secure! + +Cheers + +Andrew + +on behalf of the Chrome Security Team + +## Q3 2017 + +Greetings and salutations, + +It's time for another update from your friends in Chrome Security, who are hard +at work trying to make Chrome the[ most secure platform to browse the +Internet](/Home/chromium-security). Give you're reading this, you might well be +interested in [two +whitepapers](https://www.blog.google/topics/connected-workspaces/2-new-white-papers-examine-enterprise-web-browser-security/) +evaluating enterprise browser security that were released recently. + +Beyond that, here's a recap from last quarter: + +Bugs-- team + + We've been researching ways to fuzz grammar based formats efficiently. We + experimented with in-process fuzzing with + [libprotobuf-mutator](https://github.com/google/libprotobuf-mutator) and + added a + [sample](https://chromium.googlesource.com/chromium/src/+/HEAD/testing/libfuzzer/libprotobuf-mutator.md). + + Recent ClusterFuzz improvements for developers: + + The [reproduce tool](https://github.com/google/clusterfuzz-tools) is now + out of beta and supports Linux and Android platforms. + + Performance improvements to ClusterFuzz UI and migrated to [Polymer + 2](https://www.polymer-project.org/2.0/docs/about_20). + + We finished the remaining pieces of our end-to-end bug triage automation + and are now auto-assigning + [owners](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=label%3ATest-Predator-AutoOwner&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) + and + [components](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=label%3ATest-Predator-AutoComponents&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) + for all newly filed bugs. + + We have also made infrastructure improvements to + [OSS-Fuzz](https://github.com/google/oss-fuzz) to better isolate workloads + between different projects. OSS-Fuzz continues to improve the security of + the overall web + ([74](https://github.com/google/oss-fuzz/tree/master/projects) projects + running 24x7, + [636](https://bugs.chromium.org/p/oss-fuzz/issues/list?can=1&q=-component%3AInfra+status%3ANew%2CFixed%2CVerified+Type%3DBug-Security+&sort=-id&colspec=ID+Type+Component+Status+Proj+Reported+Owner+Summary&cells=ids) + security bugs fixed)! + +Enamel, Permissions + + We began [marking FTP as Not + Secure](https://groups.google.com/a/chromium.org/d/msg/security-dev/HknIAQwMoWo/xYyezYV5AAAJ) + with Chrome 63. + + We published a [paper](https://research.google.com/pubs/pub46359.html) in + CCS 2017 describing years of work we’ve done to investigate and mitigate + false-positive certificate errors. We also launched new improvements to help + users who see lots of these spurious errors: + + We launched an interstitial to help users with buggy MITM Software with + Chrome 63 (see chrome://interstitials/). + + We launched an interstitial to help users affected by Superfish with + Chrome 61 (see chrome://interstitials/). + + Better integration with the OS for captive portal detection on Android + and Windows in Chrome 63. + + Launched new [Site + Details](https://docs.google.com/document/d/1gQG1-QjOuswdwZC-yMhWai7divOPXiCp0mO82SO5VSs/edit?pli=1) + page. + + Removed non-factory-default settings from PageInfo and added back in the + Certificate Viewer link. + + Launching [modal permission prompts on Android + ](https://blog.chromium.org/2017/10/chrome-63-beta-dynamic-module-imports_27.html)in + M63. + + Removed the ability to request Notification permission from iframes and over + HTTP. + +MOAR TLS + + The change to [mark HTTP + pages](https://blog.chromium.org/2017/04/next-steps-toward-more-connection.html) + in Incognito or after form field editing as Not Secure is in Chrome 62. We + sent > 1 million Search Console messages warning webmasters about this + change. + + Google is [preloading HSTS for more + TLDs](https://security.googleblog.com/2017/09/broadening-hsts-to-secure-more-of-web.html), + the first new ones since .google was preloaded in 2015. + +Chrome Safe Browsing + + Launched the [PVer4](https://developers.google.com/safe-browsing/v4/) + database-update protocol to all users, saving them 80% of the bandwidth used + by Safe Browsing. + +Platform Security + + Added support for [new Win10 sandbox + mitigations](https://bugs.chromium.org/p/chromium/issues/detail?id=733739) + in M61 as part of our continued Windows Sandbox efforts. + + To help block 3rd-party code being injected into Chrome processes on Windows + we've [Enabled third-party blocking on all child + processes](https://bugs.chromium.org/p/chromium/issues/detail?id=750886#c1), + after warmup (delayed mitigation), in M62. + + New in Android O, the Chrome-powered WebView component [now renders content + in a separate, sandboxed + process](https://android-developers.googleblog.com/2017/06/whats-new-in-webview-security.html)! + This brings the same security and stability benefits of Chrome to web pages + rendered within apps. + +Site Isolation + + We launched [OOPIF](/developers/design-documents/oop-iframes)-based + <webview> in M61 for ChromeOS/Mac/Linux and in M62 for Windows. This + eliminates BrowserPlugin for everything except PDFs (which we're working on + now), helping to clean up old code. + + Running an experiment in M63 to give process isolation to + [accounts.google.com](http://accounts.google.com/), to improve Chrome Signin + security. + + Finished design plans for using isolated processes when users click through + SafeBrowsing malware warnings. + + Improved some of the Site Isolation enforcement mechanisms, including + passwords and localStorage. + + Improved OOPIF support in several areas, including basic frame architecture + (e.g., how proxy frames are created), touch selection editing, and gesture + fling. Also making progress on OOPIF printing support. + +As ever, many thanks to all those in the Chromium community who help make the +web more secure! + +Cheers + +Andrew, on behalf of the Chrome Security Team + +## Q2 2017 + +Greetings and salutations, + +It's time for another update from your friends in Chrome Security, who are hard +at work trying to make Chrome the[ most secure platform to browse the +Internet](/Home/chromium-security). Here’s a recap from last quarter: + +The Bugs-- team have released a [new +tool](https://github.com/google/clusterfuzz-tools) to make ClusterFuzz testcase +reproduction easy for developers. Our open source fuzzing efforts (aka +[OSS-Fuzz](https://github.com/google/oss-fuzz)) continue to improve the security +of the overall web +([86](https://github.com/google/oss-fuzz/tree/master/projects) projects, +[1859](https://bugs.chromium.org/p/oss-fuzz/issues/list?can=1&q=-component:Infra%20status:New,Fixed,Verified&sort=-id&colspec=ID%20Type%20Component%20Status%20Proj%20Reported%20Owner%20Summary) +bugs, see recent blog post +[here](https://testing.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html)). +We have written a new Javascript fuzzer that has filed +[102](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=inferno_js_fuzzer%20-status:Duplicate,WontFix%20OR%20inferno_js_fuzzer_c%20-status:Duplicate,WontFix&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID%20Pri%20Status%20Summary%20Modified%20OS%20M%20Security_severity%20Security_impact%20Owner%20Reporter) +bugs to date, many with security implications. We also found some interesting +vulnerabilities +([1](https://bugs.chromium.org/p/chromium/issues/detail?id=740710), +[2](https://bugs.chromium.org/p/chromium/issues/detail?id=716044), +[3](https://bugs.chromium.org/p/chromium/issues/detail?id=724299)) through our +code auditing efforts. + +We integrated the Safe Browsing API with WebView [starting in Android +O](https://developer.android.com/preview/features/managing-webview.html), +allowing custom interstitial blocking pages. WebView developers will be able to +opt-in to check URLs against Google Safe Browsing’s list of unsafe websites. + +We understand that sites which repeatedly prompt for powerful permissions often +annoy users and generate warning fatigue. Starting in Chrome 59, we’ve started +[temporarily blocking permission +requests](https://www.chromestatus.com/feature/6443143280984064) if users have +dismissed a permission prompt from a site multiple times. We’re also moving +forward with plans to [deprecate permissions in cross-origin +iframes](/Home/chromium-security/deprecating-permissions-in-cross-origin-iframes) +by default. Permission requests from iframes have the potential to mislead users +into granting access to content they didn’t intend. + +The Platform Security team has concluded several years of A/B experimentation on +Android, and with Chrome 58 we have turned on the [Seccomp-BPF +sandbox](https://bugs.chromium.org/p/chromium/issues/detail?id=166704) for all +compatible devices. This sandbox filters system calls to reduce the attack +surface of the Linux kernel in renderer processes. Currently about 50% of +Android devices support Seccomp, and this number is rising at a steady rate. In +Chrome 59, you can navigate to about:sandbox to see whether your Android device +supports Seccomp. + +We have migrated PDFium to use PartitionAlloc for most allocations, with +distinct partitions for strings, array buffers, and general allocations. In +Chrome 61, all three partitions will be active. + +We continue to work on MOAR+BETTER TLS and +[announced](https://blog.chromium.org/2017/04/next-steps-toward-more-connection.html) +the next phase of our plan to help people understand the security limitations of +non-secure HTTP. Starting in Chrome 62 (October), we’ll mark HTTP pages as “Not +secure” when users enter data in forms, and on all HTTP pages in Incognito mode. +We [presented](https://youtu.be/GoXgl9r0Kjk) new HTTPS migration case studies at +Google I/O, focusing on real-world site metrics like SEO, ad revenue, and site +performance. + +We experimented with improvements to Chrome’s captive portal detection on Canary +and launched them to stable in Chrome 59, to avoid a predicted 1% of all +certificate errors that users see. + +Also, users [may +restore](https://textslashplain.com/2017/05/02/inspecting-certificates-in-chrome/) +the Certificate information to the Page Information bubble! + +Those working on the Open Web Platform have implemented three new [Referrer +Policies](https://w3c.github.io/webappsec-referrer-policy/#referrer-policies), +giving developers more control over their HTTP Referer headers and bringing our +implementation in line with the spec. We also fixed a longstanding bug so that +site owners can now use [upgrade-insecure-requests in conjunction with CSP +reporting](https://w3c.github.io/webappsec-upgrade-insecure-requests/#reporting-upgrades), +allowing site owners to both upgrade and remediate HTTP references on their +HTTPS sites. + +After our launch of --isolate-extensions in Chrome 56, the Site Isolation team +has been preparing for additional uses of [out-of-process +iframes](/developers/design-documents/oop-iframes) (OOPIFs). We implemented a +new --isolate-origins=https://example.com command line flag that can give +dedicated processes to a subset of origins, which is an important step towards +general [Site Isolation](/developers/design-documents/site-isolation). We also +prepared the OOPIF-based <webview> field trial for Beta and Stable +channels, and we ran a Canary field trial of Top Document Isolation to learn +about the performance impact of putting all cross-site iframes into one subframe +process. We've been improving general support for OOPIFs as well, including +spellcheck, screen orientation, touch selection, and printing. The DevTools team +has also helped out: OOPIFs can now be shown in the main frame's inspector +window, and DevTools extensions are now more fully isolated from DevTools +processes. + +As ever, many thanks to all those in the Chromium community who help make the +web more secure! + +## Q1 2017 + +Greetings and salutations, + +It's time for another update from your friends in Chrome Security, who are hard +at work trying to make Chrome the[ most secure platform to browse the +Internet](/Home/chromium-security). Here’s a recap from last quarter: + +Our [Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. In order to get bugs fixed faster, we released a [new +tool](https://github.com/google/clusterfuzz-tools) to improve developer +experience when trying to reproduce ClusterFuzz bugs. We have overhauled a +significant part of the [ClusterFuzz +UI](https://github.com/google/oss-fuzz/blob/master/docs/clusterfuzz.md) which +now feature a new fuzzer statistics page, crash statistics page and fuzzer +performance analyzer. We’ve also continued to improve our +[OSS-Fuzz](https://github.com/google/oss-fuzz) +[offering](https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html), +adding numerous +[features](https://github.com/google/oss-fuzz/issues?page=3&q=is%3Aissue+is%3Aclosed) +requested by developers and reaching [1000 +bugs](https://bugs.chromium.org/p/oss-fuzz/issues/list?can=1&q=status%3AFixed%2CVerified+Type%3ABug%2CBug-Security+-component%3AInfra+) +milestone with 47 +[projects](https://github.com/google/oss-fuzz/tree/master/projects) in just five +months since launch. + +Members of the Chrome Security team attended the 10th annual [Pwn2Own +competition](http://blog.trendmicro.com/pwn2own-returns-for-2017-to-celebrate-10-years-of-exploits/) +at CanSecWest. While Chrome was again a target this year, no team was able to +demonstrate a fully working chain to Windows SYSTEM code execution in the time +allowed! + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. Chrome 56 takes advantage of [Control Flow Guard +(CFG)](https://msdn.microsoft.com/en-us/library/windows/desktop/mt637065(v=vs.85).aspx) +on Windows for Microsoft system DLLs inside the Chrome.exe processes. CFG makes +exploiting corruption vulnerabilities more challenging by limiting valid call +targets, and is available from Win 8.1 Update 3. + +[Site Isolation](/developers/design-documents/site-isolation) makes the most of +Chrome's multi-process architecture to help reduce the scope of attacks. The big +news in Q1 is that we launched --isolate-extensions to Chrome Stable in Chrome +56! This first use of out-of-process iframes (OOPIFs) ensures that web content +is never put into an extension process. To maintain the launch and prepare for +additional uses of OOPIFs, we fixed numerous bugs, cleaned up old code, reduced +OOPIF memory usage, and added OOPIF support for more features (e.g., +IntersectionObserver, and hit testing and IME on Android). Our next step is +expanding the OOPIF-based <webview> trial from Canary to Dev channel and +adding more uses of dedicated processes. + +Beyond the browser, our [web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features. Over the +holidays, Google's security team gave us a holiday gift consisting entirely of +[interesting ways to bypass CSP's +nonces](http://sebastian-lekies.de/csp/bypasses.php). We've fixed some +[obvious](https://bugs.chromium.org/p/chromium/issues/detail?id=679291) +[bugs](https://bugs.chromium.org/p/chromium/issues/detail?id=680072) they +uncovered, and we'll continue working with other vendors to harden the spec and +our implementations. In other CSP news, we polished a mechanism to [enforce CSP +on child frames](https://w3c.github.io/webappsec-csp/embedded/), shipped a +[\`script-sample\` +property](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/XlcpobBfJOI/8WYpiyk0CQAJ) +in CSP reports, and [allowed hashes to match external +scripts](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/t2ai4lsHhWI/MndrZyEWCwAJ). +We're also gathering data to support a few [dangling markup +mitigations](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/rOs6YRyBEpw/D3pzVwGJAgAJ), +and dropped support for subresource URLs with [embedded +credentials](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/lx-U_JR2BF0/Hsg1fiZiBAAJ) +and [legacy +protocols](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/bIJdwwoQ98U/-F1aL2FgBAAJ). + +We also spend time building[ security +features](/developers/design-documents/safebrowsing) that[ users +see](/Home/chromium-security/enamel). To protect users from Data URI phishing +attacks, Chrome shows the “not secure” warning on Data URIs and [intends to +deprecate and +remove](https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/GbVcuwg_QjM) +content-initiated top-frame navigations to Data URIs. We also brought [AIA +fetching](https://docs.google.com/document/d/1ryqFMSHHRDERg1jm3LeVt7VMfxtXXrI8p49gmtniNP0/edit) +to Chrome for Android, and early metrics show over an 85% reduction in the +fraction of HTTPS warnings caused by misconfigured certificate chains on +Android. We made additional progress on improving Chrome’s captive portal +detection. Chrome now keeps precise attribution of where bad downloads come +from, so we can catch malware and UwS earlier. Chrome 57 also saw the launch of +a [secure time service](/developers/design-documents/sane-time), for which early +data shows detection of bad client clocks when validating certificates improving +from 78% to 95%. + +We see migration to HTTPS as foundational to any web security whatsoever, so +we're actively working to drive #MOARTLS across Google and the Internet at +large. To help people understand the security limitations of non-secure HTTP, +Chrome now marks HTTP pages with passwords or credit card form fields as “not +secure” in the address bar, and is experimenting with in-form contextual +warnings. We’ll [remove +support](https://bugs.chromium.org/p/chromium/issues/detail?id=672605) for EME +over non-secure origins in Chrome 58, and we’ll [remove +support](https://groups.google.com/a/chromium.org/forum/m/#!topic/blink-dev/IVgkxkRNtMo) +for notifications over non-secure origins in Chrome 61. We talked about our +#MOARTLS methodology and the HTTPS business case at +[Enigma](https://www.youtube.com/watch?v=jplIY1GXBHM&feature=youtu.be). + +In addition to #MOARTLS, we want to ensure more secure TLS through work on +protocols and the certificate ecosystem. TLS 1.3 is the next, major version of +the Transport Layer Security protocol. In Q1, Chrome tried the first, +significant deployment of TLS 1.3 by a browser. Based on what we learned from +that we hope to fully enable TLS 1.3 in Chrome in Q2. + +In February, researchers from Google and CWI Amsterdam successfully mounted a +[collision](https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html) +attack against the SHA-1 hash algorithm. It had been known to be weak for a very +long time, and in Chrome 56 dropped support for website certificates that used +SHA-1. This was the culmination of a plan first +[announced](https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html) +back in 2014, which we've +[updated](https://security.googleblog.com/2015/12/an-update-on-sha-1-certificates-in.html) +a [few +times](https://security.googleblog.com/2016/11/sha-1-certificates-in-chrome.html) +since. + +As ever, many thanks to all those in the Chromium community who help make the +web more secure! + +Cheers + +Andrew, on behalf of the Chrome Security Team + +For more thrilling security updates and feisty rants,[ subscribe to +security-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev). +You can find older updates at[ +https://dev.chromium.org/Home/chromium-security/quarterly-updates](/Home/chromium-security/quarterly-updates). + +## Q4 2016 + +Greetings and salutations, + +It's time for another update from your friends in Chrome Security, who are hard +at work trying to make Chrome the[ most secure platform to browse the +Internet](/Home/chromium-security). Here’s a recap from the last quarter of +2016: + +Our [Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. + +We announced [OSS-Fuzz](https://github.com/google/oss-fuzz), a new Beta program +developed over the past years with the [Core Infrastructure +Initiative](https://www.coreinfrastructure.org/) community. This program will +provide continuous fuzzing for select core open source software. See full blog +post +[here](https://security.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html). +So far, more than [50 +projects](https://github.com/google/oss-fuzz/tree/master/projects) have been +integrated with OSS-Fuzz and we found ~350 +[bugs](https://bugs.chromium.org/p/oss-fuzz/issues/list?can=1&q=Type%3ABug%2CBug-Security%20-component%3AInfra%20-status%3ADuplicate%2CWontFix&colspec=ID%20Type%20Component%20Status%20Proj%20Reported%20Owner%20Summary&num=100&start=300). + +Security bugs submitted by external researchers can receive cash money from the +[Chrome VRP](https://g.co/ChromeBugRewards). + +Last year the Chrome VRP paid out almost one million dollars! More details in a +[blog +post](https://security.googleblog.com/2017/01/vulnerability-rewards-program-2016-year.html) +we did with our colleagues in the Google and Android VRPs. + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. + +[Win32k +lockdown](https://docs.google.com/document/d/1gJDlk-9xkh6_8M_awrczWCaUuyr0Zd2TKjNBCiPO_G4/edit#heading=h.ieb3qn2r8rq1) +for Pepper processes, including Adobe Flash and PDFium was shipped to Windows 10 +clients on all channels in October 2016. Soon after the mitigation was enabled, +a Flash 0-day that used win32k.sys as a [privilege +escalation](https://technet.microsoft.com/en-us/library/security/ms16-135.aspx) +vector was discovered being used in the wild, and this was successfully blocked +by this mitigation! James Forshaw from Project Zero also wrote a +[blog](https://googleprojectzero.blogspot.com/2016/11/breaking-chain.html) about +the process of shipping this new mitigation. + +A new security mitigation on >= Win8 hit stable in October 2016 (Chrome 54). +This mitigation disables extension points (legacy hooking), blocking a number of +third-party injection vectors. Enabled on all child processes - [CL +chain](https://chromium.googlesource.com/chromium/src/+/c06d6fb1850d6217d35a5cccb1abccd6db0e7a2a). +As usual, you can find the Chromium sandbox documentation +[here](/developers/design-documents/sandbox). + +[Site Isolation](/developers/design-documents/site-isolation) makes the most of +Chrome's multi-process architecture to help reduce the scope of attacks. + +Our earlier plan to launch --isolate-extensions in Chrome 54 hit a last minute +delay, and we're now aiming to turn it on in Chrome 56. In the meantime, we've +added support for drag and drop into [out-of-process +iframes](/developers/design-documents/oop-iframes) (OOPIFs) and for printing an +OOPIF. We've fixed several other security and functional issues for +--isolate-extensions as well. We've also started an A/B trial on Canary to use +OOPIFs for Chrome App <webview> tags, and we're close to starting an A/B +trial of --top-document-isolation. + +Beyond the browser, our[ web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features. + +After a good deal of experimentation, we (finally) [tightened the behavior of +cookies' \`secure\` +attribute](https://www.chromestatus.com/feature/4506322921848832). [Referrer +Policy](https://www.w3.org/TR/referrer-policy/) moved to a candidate +recommendation, we made solid progress on +[Clear-Site-Data](https://w3c.github.io/webappsec-clear-site-data/), and we +expect to start an [origin +trial](https://github.com/jpchase/OriginTrials/blob/gh-pages/developer-guide.md) +for [Suborigins](https://w3c.github.io/webappsec-suborigins/) shortly. + +Looking to the future, we've started to flesh out our proposal for [stronger +origin isolation properties](https://wicg.github.io/isolation/), continued +discussions on a proposal for [setting origin-wide +policy](https://wicg.github.io/origin-policy/), and began working with the IETF +to expand [opt-in Certificate Transparency +enforcement](https://datatracker.ietf.org/doc/draft-stark-expect-ct/) to the +open web. We hope to further solidify all of these proposals in Q1. + +We also spend time building[ security +features](/developers/design-documents/safebrowsing) that[ users +see](/Home/chromium-security/enamel). + +Our security indicator text labels launched in Chrome 55 for “Secure” HTTPS, +“Not Secure” broken HTTPS, and “Dangerous” pages flagged by Safe Browsing. As +part of our long-term effort to mark HTTP pages as non-secure, we built +[address-bar warnings into Chrome +56](https://blog.chromium.org/2016/12/chrome-56-beta-not-secure-warning-web.html) +to mark HTTP pages with a password or credit card form fields as “Not secure”. + +We see migration to HTTPS as foundational to any web security whatsoever, so +we're actively working to drive #MOARTLS across Google and the Internet at +large. + +We added a new [HTTPS Usage +section](https://www.google.com/transparencyreport/https/metrics/?hl=en) to the +Transparency Report, which shows how the percentage of Chrome pages loaded over +HTTPS increases with time. We talked externally at O’Reilly Security NYC + +Amsterdam and [Chrome Dev Summit](https://www.youtube.com/watch?v=iP75a1Y9saY) +about upcoming HTTP UI changes and the business case for HTTPS. We published +[positive +stories](https://blog.chromium.org/2016/11/heres-to-more-https-on-web.html) +about HTTPS migrations. + +In addition to #MOARTLS, we want to ensure more secure TLS. + +We [concluded](https://www.imperialviolet.org/2016/11/28/cecpq1.html) our +experiment with post-quantum key agreement in TLS. We implemented TLS 1.3 draft +18, which will be enabled for a fraction of users with Chrome 56. + +And here are some other areas we're still investing heavily in: + +Keeping users safe from Unwanted Software (UwS, pronounced 'ooze') and improving +the [Chrome Cleanup Tool](https://www.google.com/chrome/cleanup-tool/), which +has helped millions remove UwS that was injecting ads, changing settings, and +otherwise blighting their machines. + +Working on usable, understandable permissions prompts. We're experimenting with +different prompt UIs, tracking prompt interaction rates, and continuing to learn +how best to ensure users are in control of powerful permissions. + +As ever, many thanks to all those in the Chromium community who help make the +web more secure! + +Cheers + +Andrew, on behalf of the Chrome Security Team + +For more thrilling security updates and feisty rants,[ subscribe to +security-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev). +You can find older updates at[ +https://dev.chromium.org/Home/chromium-security/quarterly-updates](/Home/chromium-security/quarterly-updates). + +## Q3 2016 + +Greetings and salutations! + +It's time for another update from your friends in Chrome Security, who are hard +at work trying to make Chrome the[ most secure platform to browse the +Internet](/Home/chromium-security). Here’s a recap from last quarter: + +Our[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. + +We have continued to improve upon our [libFuzzer](http://go/libfuzzer-chrome) +and +[AFL](https://cs.chromium.org/chromium/src/third_party/afl/?q=third_party/afl&sq=package:chromium&dr) +integration with ClusterFuzz, which includes automated performance analysis and +quarantining of bad units (like slow units, leaks, etc). We have scaled our code +coverage to +~[160](https://cs.chromium.org/search/?q=%22+int+LLVMFuzzerTestOneInput%22+-libFuzzer/src+-llvm/+-buildtools+-file:.md&sq=package:chromium&type=cs) +targets with help from Chrome developers, who contributed these during the +month-long +[Fuzzathon](https://groups.google.com/a/chromium.org/forum/#!topic/chromium-dev/MAiBRTllPuI). +We have improved our infrastructure reliability and response times by adding a +24x7 monitoring solution, and fixing more than two dozen fuzzers in the process. +Finally, we have refined our crash bucketization algorithm and enabled automatic +bug filing remove human latency in filing regression bugs — long live the +machines! + +For [Site Isolation](/developers/design-documents/site-isolation), the first +uses of [out-of-process iframes](/developers/design-documents/oop-iframes) +(OOPIFs) have reached the Stable channel in Chrome 54! + +We're using OOPIFs for --isolate-extensions mode, which ensures that web content +is never put into a privileged extension process. In the past quarter, we made +significant progress and fixed all our blocking bugs, including enabling the new +session history logic by default, supporting cross-process POST submissions, and +IME in OOPIFs. We also fixed bugs in painting, input events, and many other +areas. As a result, --isolate-extensions mode has been enabled for 50% of M54 +Beta users and is turned on by default in M55. From here, we plan to further +improve OOPIFs to support --top-document-isolation mode, Chrome App +<webview> tags, and Site Isolation for real web sites. + +We also spend time building[ security +features](/developers/design-documents/safebrowsing) that[ users +see](/Home/chromium-security/enamel). + +We +[overhauled](https://docs.google.com/document/u/2/d/1jIfCjcsZUL6ouLgPOsMORGcTTXc7OTwkcBQCkZvDyGE/pub) +Chrome’s site security indicators in Chrome 52 on Mac and Chrome 53 on all other +platforms, including adding new icons for Safe Browsing. These icons were the +result of extensive user research which we shared in a [peer-reviewed +paper](https://www.usenix.org/system/files/conference/soups2016/soups2016-paper-porter-felt.pdf). +Lastly, we made recovering blocked-downloads much [less +confusing](https://docs.google.com/document/d/1M9AvvXafVRSNquKGhzjAqo3Pl7sSATuEECA78pfkpmA/edit#). + +We like to avoid showing unnecessarily scary warnings when we can. We analyzed +data from opted-in Safe Browsing Extended Reporting users to quantify the major +causes of spurious TLS warnings, like [bad client +clocks](/developers/design-documents/sane-time) and [misconfigured intermediate +certificates](https://docs.google.com/document/d/1ryqFMSHHRDERg1jm3LeVt7VMfxtXXrI8p49gmtniNP0/edit?pli=1). +We also launched two experiments, +[Expect-CT](https://docs.google.com/document/d/1VDtHiKa5c96ohP_p-V1k6u83fIh952e_szZVypO4AvQ/edit) +and +[Expect-Staple](https://docs.google.com/document/d/1aISglJIIwglcOAhqNfK-2vtQl-_dWAapc-VLDh-9-BE/edit), +to help site owners deploy advanced new TLS features (Certificate Transparency +and OCSP stapling) without causing warnings for their users. + +Beyond the browser, our[ web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features. + +We continued to lock down the security of the web platform while also expanding +capabilities to developers. We helped lock down cookies by starting to ship +[Strict Secure Cookies](https://www.chromestatus.com/feature/4506322921848832). +Similarly, we also shipped the [Referrer +Policy](https://www.w3.org/TR/referrer-policy/) spec and policy header. [Content +Security Policy](https://www.w3.org/TR/CSP3/) was expanded with the +[strict-dynamic](https://www.w3.org/TR/CSP3/#strict-dynamic-usage) and +[unsafe-hashed-attributes](https://www.w3.org/TR/CSP3/#unsafe-hashed-attributes-usage) +directives. Our work on +[suborigins](https://w3c.github.io/webappsec-suborigins/) continued, updating +the serialization and adding new web platform support. + +We've also been working on making users feel more in control of powerful +permissions. + +In M55 and M56 we will be running experiments on permissions prompts to evaluate +how this affects acceptance and decision rates. The experiments are to let users +make temporary decisions, to auto-deny prompts if users keep ignoring them, and +making permission prompts modal. + +We see migration to HTTPS as foundational to any web security whatsoever, so +we're actively working to drive #MOARTLS across Google and the Internet at +large. + +We +[announced](https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html) +concrete steps towards marking HTTP sites as non-secure in Chrome UI — starting +with marking HTTP pages with password or credit card form fields as “Not secure” +starting in Chrome 56 (Jan 2017). We [added YouTube and +Calendar](https://security.googleblog.com/2016/08/adding-youtube-and-calendar-to-https.html) +to the HTTPS Transparency Report. We’re also happy to report that +[www.google.com](http://www.google.com/) [uses +HSTS](https://security.googleblog.com/2016/07/bringing-hsts-to-wwwgooglecom.html)! + +In addition to #MOARTLS, we want to ensure more secure TLS. + +We continue to work on TLS 1.3, a major revision of TLS. For current revisions, +we’re also keeping the TLS ecosystem running smoothly with a little +[grease](https://tools.ietf.org/html/draft-davidben-tls-grease-01). We have +removed [DHE based +ciphers](https://www.chromestatus.com/feature/5128908798164992) and added +[RSA-PSS](https://www.chromestatus.com/features/5748550642171904). Finally, +having removed RC4 from Chrome earlier this year, we’ve now removed it from +BoringSSL’s TLS logic completely. + +We launched a very rough prototype of +[Roughtime](https://roughtime.googlesource.com/roughtime), a combination of NTP +and Certificate Transparency. In parallel we’re investigating what reduction in +Chrome certificate errors a secure clock like Roughtime could give us. + +We also continued our experiments with [post-quantum +cryptography](https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html) +by implementing [CECPQ1](https://www.chromestatus.com/features/5749214348836864) +to help gather some real world data. + +As ever, many thanks to all those in the Chromium community who help make the +web more secure! + +Cheers + +Andrew on behalf of the Chrome Security Team + +## Q2 2016 + +Greetings Earthlings, + +It's time for another update from your friends in Chrome Security, who are hard +at work trying to make Chrome the[ most secure platform to browse the +Internet](/Home/chromium-security). Here’s a recap from last quarter: + +**Our[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and +exterminate) security bugs.** At the start of the quarter, we initiated a +team-wide Security FixIt to trim the backlog of open issues… a bit of Spring +cleaning our issue tracker, if you will :) With the help of dozens of engineers +across Chrome, we fixed over 61 Medium+ severity security bugs in 2 weeks and +brought the count of open issues down to 22! On the fuzzing front, we’ve added +support for[ AFL](http://lcamtuf.coredump.cx/afl/) and continued to improve the[ +libFuzzer](http://llvm.org/docs/LibFuzzer.html)-[ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz) +integration, both of which allow coverage-guided testing on a per-function +basis. The number of libFuzzer based fuzzers have expanded from 70 to[ +115](https://cs.chromium.org/search/?q=TestOneInput%5C(const+-file:third_party/llvm+-file:third_party/libFuzzer/src&sq=package:chromium&type=cs), +and we’re processing ~500 Billion testcases every day! We’re also researching +new ways to improve fuzzer efficiency and maximize code coverage +([example](https://chromium.googlesource.com/chromium/src/+/1a6bef1675e05626a4692ab6fa43cbbc5515299b)). +In response to recent trends from[ Vulnerability Reward Program +(VRP)](https://www.google.com/about/appsecurity/chrome-rewards/index.html) and[ +Pwnium](http://blog.chromium.org/2015/02/pwnium-v-never-ending-pwnium.html) +submissions, we wrote a new fuzzer for v8 builtins, which has already yielded[ +bugs](https://bugs.chromium.org/p/chromium/issues/detail?id=625752). Not +everything can be automated, so we started auditing parts of[ +mojo](/developers/design-documents/mojo), Chrome’s new IPC mechanism, and found +several issues +([1](https://bugs.chromium.org/p/chromium/issues/detail?id=611887),[ +2](https://bugs.chromium.org/p/chromium/issues/detail?id=612364),[ +3](https://bugs.chromium.org/p/chromium/issues/detail?id=612613),[ +4](https://bugs.chromium.org/p/chromium/issues/detail?id=613698),[ +5](https://bugs.chromium.org/p/chromium/issues/detail?id=622522)). + +**Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds +in multiple layers of defense.** Many Android apps use[ +WebView](https://developer.android.com/reference/android/webkit/WebView.html) to +display web content inline within their app. A compromised WebView can get +access to an app’s private user data and a number of Android system services / +device drivers. To mitigate this risk, in the upcoming release of[ Android +N](https://developer.android.com/preview/support.html#dp3), we’ve worked to +move[ +WebView](https://developer.android.com/reference/android/webkit/WebView.html) +rendering out-of-process into a sandboxed process. This new process model is +still experimental and can be enabled under Developer Options in Settings. On +Windows, a series of ongoing stability experiments with[ App +Container](/developers/design-documents/sandbox#TOC-App-Container-low-box-token-:) +and[ win32k +lockdown](/developers/design-documents/sandbox#TOC-Win32k.sys-lockdown:) for[ +PPAPI](/nativeclient/getting-started/getting-started-background-and-basics#TOC-Pepper-Plugin-API-PPAPI-) +processes (i.e. Flash and pdfium) have given us good data that puts us in a +position to launch both of these new security mitigations on Windows 10 very +soon! + +**For[ Site Isolation](/developers/design-documents/site-isolation), we're +getting close to enabling --isolate-extensions for everyone.** We've been hard +at work fixing launch blocking bugs, and[ out-of-process +iframes](/developers/design-documents/oop-iframes) (OOPIFs) now have support for +POST submissions, fullscreen, find-in-page, zoom, scrolling, Flash, modal +dialogs, and file choosers, among other features. We've also made lots of +progress on the new navigation codepath, IME, and the task manager, along with +fixing many layout tests and crashes. Finally, we're experimenting with +--top-document-isolation mode to keep the main page responsive despite slow +third party iframes, and with using OOPIFs to replace BrowserPlugin for the +<webview> tag. + +**We also spend time building[ security +features](/developers/design-documents/safebrowsing) that[ users +see](/Home/chromium-security/enamel).** We’re overhauling the omnibox security +iconography in Chrome -- new,[ +improved](https://www.usenix.org/conference/soups2016/technical-sessions/presentation/porter-felt) +connection security indicators are now in Chrome Beta (52) on Mac and Chrome Dev +(53) for all other platforms. We created a[ +reference](https://github.com/google/safebrowsing) interstitial warning that +developers can use for their implementations of the[ Safe Browsing +API](https://developers.google.com/safe-browsing/). Speaking of Safe Browsing, +we’ve extended protection to cover files downloaded by Flash apps, we’re +evaluating many more file types than before, and we closed several gaps that +were reported via our Safe Browsing[ Download Protection +VRP](https://www.google.com/about/appsecurity/chrome-rewards/) program. + +**Beyond the browser, our[ web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features.** We +shipped an implementation of the[ Credential Management +API](https://w3c.github.io/webappsec-credential-management/) (and[ presented a +detailed overview](https://youtu.be/MnvUlGFb3GQ?t=7m23s) at Google I/O), +iterated on[ Referrer Policy](https://www.w3.org/TR/referrer-policy/) with a[ +\`referrer-policy\` +header](https://www.w3.org/TR/referrer-policy/#referrer-policy-header) +implementation behind a flag, and improved our support for[ SameSite +cookies](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site). We're +continuing to experiment with[ +Suborigins](https://w3c.github.io/webappsec-suborigins/) with developers both +inside and outside Google, built a prototype of[ +CORS-RFC1918](https://mikewest.github.io/cors-rfc1918/), and introduce safety +nets to protect against XSS vulnerabilities due to browser bugs\[1\]. + +**We've also been working on making users feel more in control of powerful +permissions.** All permissions will soon be[ scoped to +origins](https://codereview.chromium.org/2075103002/), and we've started +implementing[ permission +delegation](https://noncombatant.github.io/permission-delegation-api/) (which is +becoming part of[ feature policy](https://github.com/igrigorik/feature-policy)). +We’re also actively working to show fewer permission prompts to users, and to +improve the prompts and UI we do show... subtle, critical work that make web +security more human-friendly (and thus, effective). + +**We see migration to HTTPS as foundational to any web security whatsoever, so +we're actively working to drive #MOARTLS across Google and the Internet at +large.**[ Emily](https://twitter.com/estark37) and[ +Emily](https://twitter.com/emschec) busted HTTPS myths for large audiences at[ +Google +I/O](https://www.youtube.com/watch?v=YMfW1bfyGSY&index=19&list=PLOU2XLYxmsILe6_eGvDN3GyiodoV3qNSC) +and the[ Progressive Web App dev +summit](https://www.youtube.com/watch?v=e6DUrH56g14). The[ HSTS Preload +list](https://cs.chromium.org/chromium/src/net/http/transport_security_state_static.json) +has seen[ 3x growth](https://twitter.com/lgarron/status/747530273047273472) +since the beginning of the year – a great problem to have! We’ve addressed some[ +growth +hurdles](https://docs.google.com/document/d/1LqpwT2aAekrWPtLui5GYdHSGlZNMNRYmPR14NXMRsQ4/edit#) +by a rewrite of the[ submission site](https://hstspreload.appspot.com/), and +we’re actively working on the preload list infrastructure and how to +additionally scale in the long term. + +**In addition to #MOARTLS, we want to ensure more secure TLS.** Some of us have +been involved in the[ TLS 1.3 standardization +work](https://tlswg.github.io/tls13-spec/) and[ +implementation](https://boringssl.googlesource.com/boringssl/). On the PKI +front, and as part of our[ Expect CT +project](https://docs.google.com/document/d/1VDtHiKa5c96ohP_p-V1k6u83fIh952e_szZVypO4AvQ/edit), +we built the infrastructure in Chrome that will help site owners track down +certificates for their sites that are not publicly logged in[ Certificate +Transparency](https://www.certificate-transparency.org/) logs. As of Chrome 53, +we’ll be requiring Certificate Transparency information for certificates issued +by Symantec-operated CAs, per[ our announcement last +year](https://security.googleblog.com/2015/10/sustaining-digital-certificate-security.html). +We also[ launched some post-quantum cipher suite +experiments](https://security.googleblog.com/2016/07/experimenting-with-post-quantum.html) +to protect everyone from... crypto hackers of the future and more advanced +worlds ;) + +For more thrilling security updates and feisty rants, [subscribe to +security-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev). +You can find older updates at +. + +Happy Hacking, + +Parisa, on behalf of Chrome Security + +\[1\] Please[ let us know](/Home/chromium-security/reporting-security-bugs) if +you manage to work around them! + +## Q1 2016 + +Greetings web fans, + +The[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. On the fuzzing front, we’ve continued to improve the integration +between [libFuzzer](http://llvm.org/docs/LibFuzzer.html) and +[ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz), which allows +coverage-guided testing on a per-function basis. With the help of many +developers across several teams, we’ve expanded our collection of fuzzing +targets in Chromium (that use libFuzzer) to 70! Not all bugs can be found by +fuzzing, so we invest effort in targeted code audits too. We wrote a [guest post +on the Project Zero +blog](https://googleprojectzero.blogspot.com/2016/02/racing-midi-messages-in-chrome.html) +describing one of the more interesting vulnerabilities we discovered. Since we +find a lot of bugs, we also want to make them easier to manage. We’ve updated +our [Sheriffbot](/issue-tracking/autotriage) tool to simplify the addition of +new rules and expanded it to help manage functional bugs in addition just +security issues. We’ve also automated assigning [security +severity](/developers/severity-guidelines) recommendations. Finally, we continue +to run our [vulnerability reward +program](https://www.google.com/about/appsecurity/chrome-rewards/) to recognize +bugs discovered from researchers outside of the team. As of M50, [we’ve paid out +over $2.5 +million](https://chrome.googleblog.com/2016/04/chrome-50-releases-and-counting.html) +since the start of the reward program, including over $500,000 in 2015. Our +median payment amount for 2015 was $3,000 (up from $2,000 for 2014), and we want +to see that increase again this year! + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. On Android, our +[seccomp-bpf](https://www.kernel.org/doc/Documentation/prctl/seccomp_filter.txt) +experiment has been running on the Dev channel and will advance to the Stable +and Beta channels with M50. + +Chrome on Windows is evolving rapidly in step with the operating system. We +shipped [four new layers of defense in +depth](https://bugs.chromium.org/p/chromium/issues/detail?id=504006) to take +advantage of the latest capabilities in Windows 10, some of which patch +vulnerabilities found by our own +[research](https://googleprojectzero.blogspot.co.uk/2015/05/in-console-able.html) +and +[feedback](https://bugs.chromium.org/p/project-zero/issues/detail?id=213&redir=1)! +There was great media attention when these changes landed, from [Ars +Technica](http://arstechnica.com/information-technology/2016/02/chrome-picks-up-bonus-security-features-on-windows-10/) +to a [Risky Business podcast](http://risky.biz/RB398), which said: “There have +been some engineering changes to Chrome on Windows 10 which look pretty good. … +It’s definitely the go-to browser, when it comes to not getting owned on the +internet. And it’s a great example of Google pushing the state of the art in +operating systems.” + +For our[ Site Isolation](/developers/design-documents/site-isolation) effort, we +have expanded our on-going launch trial of --isolate-extensions to include 50% +of both Dev Channel and Canary Channel users! This mode uses [out-of-process +iframes](/developers/design-documents/oop-iframes) (OOPIFs) to keep dangerous +web content out of extension processes. (See +[here](/developers/design-documents/oop-iframes#TOC-Dogfooding) for how to try +it.) We've fixed many launch blocking bugs, and improved support for navigation, +input events, hit testing, and security features like CSP and mixed content. We +improved our test coverage and made progress on updating features like +fullscreen, zoom, and find-in-page to work with OOPIFs. We're also excited to +see progress on other potential uses of OOPIFs, including the <webview> +tag and an experimental "top document isolation" mode. + +We spend time building[ security +features](/developers/design-documents/safebrowsing) that[ people +see](/Home/chromium-security/enamel). In response to user feedback, we’ve +replaced [the old full screen +prompt](https://bugs.chromium.org/p/chromium/issues/attachment?aid=178299&inline=1) +with a [new, lighter weight ephemeral +message](https://bugs.chromium.org/p/chromium/issues/attachment?aid=222712&inline=1) +in M50 across Windows and Linux. We launched a few bug fixes and updates to the +[Security +panel](https://developers.google.com/web/updates/2015/12/security-panel?hl=en), +which we continue to iterate on and support in an effort to drive forward HTTPS +adoption. We also continued our work on [removing powerful features on insecure +origins](/Home/chromium-security/deprecating-powerful-features-on-insecure-origins) +(e.g. [geolocation](https://crbug.com/561641)). + +We’re working on preventing abuse of powerful features on the web. We continue +to support great “permissions request” UX, and have started reaching out to top +websites to directly help them improve how they request permissions for +[powerful +APIs](/Home/chromium-security/prefer-secure-origins-for-powerful-new-features). +To give top-level websites more control over how iframes use permissions, we +started external discussions about a new [Permission Delegation +API](http://noncombatant.github.io/permission-delegation-api/). We also +[extended](https://security.googleblog.com/2016/03/get-rich-or-hack-tryin.html) +our [vulnerability rewards +program](https://www.google.com/about/appsecurity/chrome-rewards/index.html#rewards) +to support [Safe +Browsing](https://www.google.com/transparencyreport/safebrowsing/) reports, in a +first program of its kind. + +Beyond the browser, our[ web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features. We now +have an implementation of +[Suborigins](https://w3c.github.io/webappsec-suborigins/) behind a flag, and +have been experimenting with Google developers on usage. We polished up the +[Referrer Policy](https://www.w3.org/TR/referrer-policy/) spec, refined its +integration with [ServiceWorker](https://www.w3.org/TR/service-workers/) and +Fetch, and shipped the \`referrerpolicy\` attribute from that document. We're +excited about the potential of new CSP expressions like +['unsafe-dynamic'](https://w3c.github.io/webappsec-csp/#unsafe-dynamic-usage), +which will ship in Chrome 52 (and is experimentally deployed on [our shiny new +bug tracker](https://bugs.chromium.org/p/chromium/issues/list)). In that same +release, we finally shipped [SameSite +cookies](https://tools.ietf.org/html/draft-west-first-party-cookies), which we +hope will help prevent +[CSRF](https://en.wikipedia.org/wiki/Cross-site_request_forgery). Lastly, we're +working to pay down some technical debt by refactoring our Mixed Content +implementation and X-Frame-Options to work in an OOPIF world. + +We see migration to HTTPS as foundational to any security whatsoever +([and](https://tools.ietf.org/html/rfc7258)[ +we're](https://www.iab.org/2014/11/14/iab-statement-on-internet-confidentiality/)[ +not](https://www.iab.net/iablog/2015/03/adopting-encryption-the-need-for-https.html)[ +the](https://w3ctag.github.io/web-https/)[ only](https://https.cio.gov/)[ +ones](https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/)), +so we're actively working to drive #MOARTLS across Google and the Internet at +large. We worked with a number of teams across Google to help [publish an HTTPS +Report +Card](https://security.googleblog.com/2016/03/securing-web-together_15.html), +which aims to hold Google and other top sites accountable, as well as encourage +others to encrypt the web. In addition to #MOARTLS, we want to ensure more +secure TLS. [We mentioned we were working on it last +time](https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/vgi_rQuhKgAJ), +but RC4 support is dead! The [insecure TLS version fallback is also +gone](https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/yz1lU9YTeys/yCsK50I3CQAJ). +With help from the [libFuzzer](http://llvm.org/docs/LibFuzzer.html) folks, we +got much better fuzzing coverage on +[BoringSSL](https://boringssl.googlesource.com/boringssl/), which resulted in +[CVE-2016-0705](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0705). +We ended up adding a "fuzzer mode" to the SSL stack to help the fuzzer get past +cryptographic invariants in the handshake, which smoked out some minor (memory +leak) bugs. + +Last, but not least, we rewrote a large chunk of BoringSSL's ASN.1 parsing with +a simpler and more standards-compliant stack. + +For more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](mailto:security-dev@chromium.org). You can find +older updates at +. + +Happy Hacking, + +Parisa, on behalf of Chrome Security + +## Q4 2015 + +Happy 2016 from the Chrome Security Team! + +For those that don’t know us already, we do stuff to help make Chrome the [most +secure platform to browse the Internet](/Home/chromium-security). Here’s a recap +of some work from last quarter: + +**The [Bugs--](/Home/chromium-security/bugs) effort aims to find (and +exterminate) security bugs.** We’ve integrated +[libFuzzer](http://llvm.org/docs/LibFuzzer.html) into +[ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz), which means we +can do coverage-guided fuzz testing on a per-function basis. The result, as you +may have guessed, is several [new +bugs](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3AStability-LibFuzzer&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles). +The Bugs-- team has a larger goal this year to help Chromium developers write a +ClusterFuzz fuzzer alongside every unittest, and libFuzzer integration is an +important step toward achieving that goal. Separately, we’ve made security +improvements and cleanups in the [Pdfium](https://code.google.com/p/pdfium/) +codebase and [fixed lots of open +bugs](https://code.google.com/p/chromium/issues/list?can=1&q=status%3AFixed+type%3DBug-Security+owner%3Aochang+Cr%3DInternals-Plugins-PDF). +We also started some manual code auditing efforts, and discovered several high +severity bugs ([here](https://crbug.com/555784), +[here](https://crbug.com/559310), and [here](https://crbug.com/570427)), and +[1](https://crbug.com/564501) critical severity bug. + +**Bugs still happen, so our [Guts](/Home/chromium-security/guts) effort builds +in multiple layers of defense.** On Android, we’re running an experiment that +adds an additional +[seccomp-bpf](https://www.kernel.org/doc/Documentation/prctl/seccomp_filter.txt) +sandbox to renderer processes, like we already do on Desktop Linux and Chrome +OS. On Windows 8 (and above), a Win32k lockdown experiment has been implemented +for PPAPI plugins including Flash and Pdfium to help reduce the kernel attack +surface for potential sandbox escapes. Also on Windows 8 (and above), an +AppContainer sandbox experiment has been introduced, which further reduces +kernel attack surface and blocks network communication from renderers. + +**Our [Site Isolation](/developers/design-documents/site-isolation) effort +reached a large milestone in December: running trials of the +--isolate-extensions mode on real Chrome Canary users!** This mode uses +[out-of-process iframes](/developers/design-documents/oop-iframes) to isolate +extension processes from web content for security. ([Give it a +try!](/developers/design-documents/oop-iframes#TOC-Dogfooding)) The trials were +made possible by many updates to session history, session restore, extensions, +painting, focus, save page, popup menus, and more, as well as numerous crash +fixes. We are continuing to fix the [remaining blocking +issues](https://csreis.github.io/oop-iframe-dependencies/), and we aim to launch +both --isolate-extensions and the broader Site Isolation feature in 2016. + +**We also spend time building [security +features](/developers/design-documents/safebrowsing) that [users +see](/Home/chromium-security/enamel).** The Safe Browsing team publicly +announced a [new social engineering +policy](https://googleonlinesecurity.blogspot.com/2015/11/safe-browsing-protection-from-even-more.html), +expanding Chrome’s protection against deceptive sites beyond phishing. One major +milestone is the [launch of Safe Browsing in Chrome for +Android](https://googleonlinesecurity.blogspot.com/2015/12/protecting-hundreds-of-millions-more.html), +protecting hundreds of millions of additional users from phishing, malware, and +other web threats! This is on by default and is already stopping millions of +attacks on mobile Chrome users. The next time you come across a Safe Browsing +warning, you can search for the blocked website in the +[new](https://googleonlinesecurity.blogspot.com/2015/10/behind-red-warning-more-info-about.html) +[Site Status +section](https://www.google.com/transparencyreport/safebrowsing/diagnostic/) of +the Transparency Report to learn why it’s been flagged by our systems. On the +other hand, we’re also trying to show users fewer security warnings in the first +place by decreasing our false positive rate for HTTPS warnings. We spent a large +part of the quarter analyzing client errors that contribute to false alarm HTTPS +errors; check out our [Real World Crypto +talk](https://docs.google.com/presentation/d/1Qmpl-5epx0B5C2t4XsUTyjgbwab_rXfK_4iHqX3IC30/edit?pref=2&pli=1#slide=id.gf44795496_0_1) +for more details. + +**Beyond the browser, our [web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features.** We've +made good progress [with folks in the +IETF](https://lists.w3.org/Archives/Public/ietf-http-wg/2015OctDec/0165.html) to +make some meaningful changes to cookies; [cookie +prefixes](https://www.chromestatus.com/features/4952188392570880) and [locking +down 'secure' cookies](https://www.chromestatus.com/features/4506322921848832) +will be shipping shortly. [Subresource +Integrity](https://lists.w3.org/Archives/Public/public-webappsec/2016Jan/0020.html) +and [Mixed +Content](https://lists.w3.org/Archives/Public/public-webappsec/2016Jan/0021.html) +are trucking along the W3C Recommendation path, we've solidified our [Suborigins +proposal](https://w3c.github.io/webappsec-suborigins/), and have our eyes on +some new hotness like [HSTS Priming](https://mikewest.github.io/hsts-priming/), +[CSP3](https://w3c.github.io/webappsec-csp/) +[bits](https://w3c.github.io/webappsec-csp/embedded/) +[and](https://w3c.github.io/reporting/) +[pieces](https://w3c.github.io/webappsec-csp/cookies/), and [limiting access to +local network resources](https://mikewest.github.io/cors-rfc1918/). + +**We see migration to HTTPS as foundational to any security whatsoever +([and](https://tools.ietf.org/html/rfc7258) +[we're](https://www.iab.org/2014/11/14/iab-statement-on-internet-confidentiality/) +[not](https://www.iab.net/iablog/2015/03/adopting-encryption-the-need-for-https.html) +[the](https://w3ctag.github.io/web-https/) [only](https://https.cio.gov/) +[ones](https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/)), +so we're actively working to drive #MOARTLS across Google and the Internet at +large.** We've continued our effort to [deprecate powerful features on insecure +origins](/Home/chromium-security/deprecating-powerful-features-on-insecure-origins) +by readying to block insecure usage of [geolocation +APIs](http://dev.w3.org/geo/api/spec-source.html). We also took to the +[stage](https://www.youtube.com/watch?v=9WuP4KcDBpI) at the [Chrome Dev +Summit](https://developer.chrome.com/devsummit) to spread the word, telling +developers about what we’re doing in Chrome to make deploying TLS easier and +more secure. + +In addition to more TLS, we want to ensure more secure TLS, which depends +heavily on the certificate ecosystem. Via [Certificate +Transparency](http://www.certificate-transparency.org/), we [detected a +fraudulent Symantec-issued certificate in +September](https://googleonlinesecurity.blogspot.com/2015/09/improved-digital-certificate-security.html), +which [subsequently revealed a pattern of additional misissued +certificates](https://googleonlinesecurity.blogspot.com/2015/10/sustaining-digital-certificate-security.html). +Independent of that incident, we took proactive measures to protect users from a +Symantec Root Certificate that was being decommissioned in a way that puts users +at risk (i.e. no longer complying with the CA/Browser Forum’s [Baseline +Requirements](https://cabforum.org/about-the-baseline-requirements/)). Other +efforts include working with +[Mozilla](https://groups.google.com/forum/#!topic/mozilla.dev.platform/JIEFcrGhqSM/discussion) +and +[Microsoft](https://blogs.windows.com/msedgedev/2015/09/01/ending-support-for-the-rc4-cipher-in-microsoft-edge-and-internet-explorer-11/) +to [phase out RC4 ciphersuite +support](https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/kVfCywocUO8/vgi_rQuhKgAJ), +and [continuing the deprecation of SHA-1 +certificates](https://googleonlinesecurity.blogspot.com/2015/12/an-update-on-sha-1-certificates-in.html), +which were shown to be [even weaker than previously +believed](https://sites.google.com/site/itstheshappening/). To make it easier +for developers and site operators to understand these changes, we debuted a new +[Security +Panel](https://developers.google.com/web/updates/2015/12/security-panel?hl=en) +that provides enhanced diagnostics and will continue to be improved with richer +diagnostics in the coming months. + +For more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](mailto:security-dev@chromium.org). You can find +older updates at +. + +Happy Hacking, + +Parisa, on behalf of Chrome Security + +## Q3 2015 + +Hello from the Chrome Security Team! + +For those that don’t know us already, we do stuff to help make Chrome the[ most +secure platform to browse the Internet](/Home/chromium-security). Here’s a recap +of some work from last quarter: + +The[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. We’ve continued our collaboration with Android Security team and +now have a fully functional +[AddressSanitizer](http://clang.llvm.org/docs/AddressSanitizer.html) (ASAN) +build configuration of [AOSP](https://source.android.com/index.html) master +(public instructions +[here](http://source.android.com/devices/tech/debug/asan.html)). +[ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz) is helping Android +Security team triage and verify bugs, including incoming [vulnerability +reward](https://www.google.com/about/appsecurity/android-rewards/) submissions, +and now supports custom APK uploads and the ability to launch commands. Back on +the Chrome front, we’re working on enabling [Control Flow Integrity (CFI) +checks](https://code.google.com/p/chromium/issues/detail?id=464797) on Linux, +which converts invalid vptr accesses into non-exploitable crashes; [8 +bugs](https://code.google.com/p/chromium/issues/list?can=1&q=linux_cfi_chrome&colspec=ID+Pri+M+Stars+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +discovered so far! We’ve made [numerous +improvements](https://code.google.com/p/chromium/issues/detail?id=511270) to how +we fuzz Chrome on Android with respect to speed and accuracy. We also made some +progress toward our goal of expanding ClusterFuzz platform support to include +iOS. In our efforts to improve Chrome Stability, we added +[LeakSanitizer](http://clang.llvm.org/docs/LeakSanitizer.html) (LSAN) into our +list of supported memory tools, which has already found [38 +bugs](https://code.google.com/p/chromium/issues/list?can=1&q=label%3AClusterFuzz+-status%3AWontFix%2CDuplicate+%22-leak%22+linux_lsan_chrome_mp&sort=id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles). + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. Plugin security remains a very important area of +work. With the final [death](https://g.co/npapi) of unsandboxed NPAPI plugins in +September, we’ve continued to introduce mitigations for the remaining sandboxed +PPAPI (Pepper) plugins. First, we implemented [support for Flash component +updates on Linux](https://codereview.chromium.org/1261333004/), a long-standing +feature request, which allows us to respond to [Flash +0-day](http://www.zdnet.com/article/adobe-releases-emergency-patch-for-flash-zero-day-flaw/) +incidents without waiting to qualify a new release of Chrome. We’ve also been +spending time improving the code quality and test coverage of +[Pdfium](https://code.google.com/p/pdfium/), the [now open-source version of the +Foxit PDF +reader](https://plus.sandbox.google.com/+FrancoisBeaufort/posts/9wwSiWDDKKP). In +addition, we have been having some success with enabling [Win32k syscall +filtering](/developers/design-documents/sandbox#TOC-Process-mitigation-policies-Win32k-lockdown-) +on Windows PPAPI processes (PDFium and Adobe Flash). This makes it even tougher +for attackers to get out of the Chromium Flash sandbox, and can be enabled on +Windows 8 and above on Canary channel right now by toggling the settings in +chrome://flags/#enable-ppapi-win32k-lockdown. + +We’ve been making steady progress on [Site +Isolation](/developers/design-documents/site-isolation), and are preparing to +enable out-of-process iframes (OOPIFs) for web pages inside extension processes. +You can test this mode before it launches with --isolate-extensions. We have +[performance +bots](https://chromeperf.appspot.com/report?sid=74ebe5d13c09e34915152f51ee178f77421b1703d2bf26a7a586375f2c5e2cc7) +and UMA stats lined up, and we'll start with some early trials on Canary and Dev +channel. Meanwhile, we've added support for hit testing in the browser process, +scrolling, context menus, and script calls between all reachable frames (even +with changes to window.opener). + +Not all security problems can be solved in[ Chrome’s +guts](/Home/chromium-security/guts), so[ we work on making security more +user-friendly](/Home/chromium-security/enamel) too. To support developers +migrating to HTTPS, starting with M46, Chrome is marking the “[HTTPS with Minor +Errors](https://googleonlinesecurity.blogspot.com/2015/10/simplifying-page-security-icon-in-chrome.html)” +state using the same neutral page icon as HTTP pages (instead of showing the +yellow lock icon). We’ve started analyzing invalid (anonymized!) TLS certificate +reports gathered from the field, to understand the root causes of unnecessary +TLS/SSL warnings. One of the first causes we identified and fixed was +certificate hostname mismatches due to a missing ‘www’. We also launched +[HPKP](https://tools.ietf.org/html/rfc7469) violation reporting in Chrome, +helping developers detect misconfigurations and attacks by sending a report when +a pin is violated. Finally, in an effort to support the Chrome experience across +languages and locales, we made strides in improving how the omnibox is displayed +in [RTL languages](https://en.wikipedia.org/wiki/Right-to-left). + +Beyond the browser, our [web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features. We +shipped [Subresource +Integrity](https://w3c.github.io/webappsec-subresource-integrity/) (SRI), which +defends against resource substitution attacks by allowing developers to specify +a hash against which a script or stylesheet is matched before it's executed. +We’re excited to see large sites, like +[Github](http://githubengineering.com/subresource-integrity/), already deploying +SRI! We've sketched out a concept for a [Clear Site +Data](http://w3c.github.io/webappsec-clear-site-data/) feature which we hope +will make it possible for sites to reset their storage, and we're hard at work +on the next iteration of [Content Security +Policy](https://w3c.github.io/webappsec-csp/). Both of these will hopefully +start seeing some implementation in Q4. + +We see migration to HTTPS as foundational to any security whatsoever +([and](https://tools.ietf.org/html/rfc7258) +[we're](https://www.iab.org/2014/11/14/iab-statement-on-internet-confidentiality/) +[not](https://www.iab.net/iablog/2015/03/adopting-encryption-the-need-for-https.html) +[the](https://w3ctag.github.io/web-https/) [only](https://https.cio.gov/) +[ones](https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/)), +so we're actively working to drive #MOARTLS across Google and the Internet at +large. We shipped [Upgrade Insecure +Requests](http://www.w3.org/TR/upgrade-insecure-requests/), which eases the +transition to HTTPS by transparently correcting a page's spelling from +\`http://\` to \`https://\` for all resources before any requests are triggered. +We've also continued our effort to [deprecate powerful features on insecure +origins](/Home/chromium-security/deprecating-powerful-features-on-insecure-origins) +by solidifying the definition of a "[Secure +Context](https://w3c.github.io/webappsec-secure-contexts/)", and applying that +definition to block insecure usage of +[getUserMedia()](https://groups.google.com/a/chromium.org/d/msg/blink-dev/Dsoq5xPdzyw/21znuLWVCgAJ). + +For more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](mailto:security-dev@chromium.org). + +Happy Hacking, + +Parisa, on behalf of Chrome Security + +## Q2 2015 + +Hello from the Chrome Security Team! + +For those that don’t know us already, we do stuff to help make Chrome the[ most +secure platform to browse the Internet](/Home/chromium-security). Here’s a recap +of some work from last quarter: + +The[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. At the start of the quarter, we initiated a [Security +FixIt](https://docs.google.com/spreadsheets/d/1za0aWxDx4ga3dKBwrlS8COci6_VXLBaiVg3x5Y6rrFg/edit#gid=0) +to trim back the fat backlog of open issues. With the help of dozens of +engineers across Chrome, we fixed over 40 Medium+ severity security bugs in 2 +weeks and brought the count of issues down to 15! We also collaborated with +Android Security Attacks Team and added native platform fuzzing support to +[ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz) (and +[imported](https://cs.corp.google.com/#android/vendor/google_experimental/users/natashenka/&q=natashenka) +[their](https://cs.corp.google.com/#android/vendor/google/tools/security/ServiceProbe/src/com/google/wireless/android/security/serviceprobe/ServiceFuzzer.java&l=22) +[fuzzers](https://cs.corp.google.com/#android/vendor/google_experimental/users/jlarimer/lhf/README.TXT&l=1)), +which resulted in ~30 new bugs discovered. ClusterFuzz now supports fuzzing on +all devices of the Nexus family (5,6,7,9) and Android One and is running on a +few dozen devices in the Android Lab. On top of this, we have doubled our +fuzzing capacity in [Compute Engine](https://cloud.google.com/compute/) to ~8000 +cores by leveraging [Preemptible +VMs](http://googlecloudplatform.blogspot.com/2015/05/Introducing-Preemptible-VMs-a-new-class-of-compute-available-at-70-off-standard-pricing.html). +Lastly, we have upgraded all of our sanitizer builds on Linux (ASan, MSan, TSan +and UBSan) to report [edge-level +coverage](http://clang.llvm.org/docs/SanitizerCoverage.html) data, which is now +aggregated in the ClusterFuzz +[dashboard](https://cluster-fuzz.appspot.com/#coverage). We’re using this +coverage information to expand data bundles by existing fuzzers and improve our +corpus distillation. + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. Our [Site +Isolation](/developers/design-documents/site-isolation) project is getting +closer to its first stage of launch: using out-of-process iframes (OOPIFs) for +web pages inside extension processes. We've made substantial progress (with lots +of help from others on the Chrome team!) on core Chrome features when using +--site-per-process: OOPIFs now work with back/forward, DevTools, and extensions, +and they use [Surfaces](/developers/design-documents/chromium-graphics/surfaces) +for efficient painting (and soon input event hit-testing). We've collected some +preliminary performance data using [Telemetry](/developers/telemetry), we've +fixed lots of crashes, and we've started enforcing cross-site security +restrictions on cookies and passwords. Much work remains, but we're looking +forward to turning on these protections for real users! + +On Linux and Chrome OS, we’ve made changes to restrict [one PID namespace per +renderer process](https://crbug.com/460972), which strengthens and cleans-up our +sandbox (shipping in Chrome 45). We also finished up a [major cleanup necessary +toward deprecating the setuid sandbox](https://crbug.com/312380), which should +be happening soon. Work continued to prepare for the launch of Windows 10, which +offers some opportunities for new security +[mitigations](/developers/design-documents/sandbox#TOC-Process-mitigation-policies-Win32k-lockdown-); +the new version looks like the most secure Windows yet, so be sure to upgrade +when it comes out! + +Not all security problems can be solved in[ Chrome’s +guts](/Home/chromium-security/guts), so[ we work on making security more +user-friendly](/Home/chromium-security/enamel) too. We’ve continued our efforts +to avoid showing unnecessary TLS/SSL warnings: decisions are now remembered for +a week instead of a session, and a [new checkbox on TLS/SSL warnings allows +users to send us invalid certificate chains +](https://www.google.com/chrome/browser/privacy/whitepaper.html#ssl)that help us +root out false-positive warnings. Since developers and power users have been +asking for more tools to debug TLS/SSL issues, we’ve started building more +security information into DevTools and plan to launch a first version in Q3! + +Another large focus for the team has been improving how users are asked for +permissions, like camera and geolocation. We’ve finalized a redesign of the +fullscreen permission flow that we hope to launch by the end of the year, fixed +a number of bugs relating to permission prompts, and launched another round of +updates to PageInfo and Website Settings on Android. + +Beyond the browser, our [web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features. The +W3C's[ WebAppSec](http://www.w3.org/2011/webappsec/) working group continues to +be a fairly productive venue for a number of important features: we've polished +the [Subresource +Integrity](https://w3c.github.io/webappsec/specs/subresourceintegrity/) spec and +shipped an implementation in Chrome 46, published first drafts of [Credential +Management](https://w3c.github.io/webappsec/specs/credentialmanagement/) and +[Entry Point Regulation](https://w3c.github.io/webappsec/specs/epr/), continue +to push [Content Security Policy Level 2](http://www.w3.org/TR/CSP2/) and [Mixed +Content](http://www.w3.org/TR/mixed-content/) towards "Recommendation" status, +and fixed some [longstanding](https://crbug.com/483458) +[bugs](https://crbug.com/508310) with our [Referrer +Policy](http://www.w3.org/TR/referrer-policy/) implementation. + +Elsewhere, we've started prototyping [Per-Page +Suborigins](https://code.google.com/p/chromium/issues/detail?id=336894) with the +intent of bringing a concrete proposal to WebAppSec, published a new draft of +[First-Party-Only +cookies](https://tools.ietf.org/html/draft-west-first-party-cookies-03) (and are +working through some [infrastructure +improvements](https://docs.google.com/document/d/19NACt9PXOUTJi60klT2ZGcFlgHM5wM1Owtcw2GQOKPI/edit) +so we can ship them), and [poked at sandboxed +iframes](https://wiki.whatwg.org/index.php?title=Iframe_sandbox_improvments) to +make it possible to sandbox ads. + +We see migration to HTTPS as foundational to any security whatsoever +([and](https://tools.ietf.org/html/rfc7258) +[we're](https://www.iab.org/2014/11/14/iab-statement-on-internet-confidentiality/) +[not](https://www.iab.net/iablog/2015/03/adopting-encryption-the-need-for-https.html) +[the](https://w3ctag.github.io/web-https/) [only](https://https.cio.gov/) +[ones](https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/)), +so we're actively working to drive #MOARTLS across Google and the Internet at +large. As a small practical step on top of the [HTTPS webmasters fundamentals +section](https://developers.google.com/web/fundamentals/discovery-and-distribution/security-with-https/?hl=en), +we’ve added some functionality to [Webmaster +Tools](https://www.google.com/webmasters/tools/home?hl=en&pli=1) to provide +better assistance to webmasters when dealing with common errors in managing a +site over TLS (launching soon!). Also, we're now measuring the usage of +[pre-existing, powerful features on non-secure +origins](/Home/chromium-security/deprecating-powerful-features-on-insecure-origins), +and are now printing deprecation warnings in the JavaScript console. Our +ultimate goal is to make all powerful features, such as Geolocation and +getUserMedia, available only to secure origins. + +For more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](mailto:security-dev@chromium.org). + +Happy Hacking, + +Parisa, on behalf of Chrome Security + +## Q1 2015 + +Hello from the Chrome Security Team! + +For those that don’t know us already, we do stuff to help make Chrome the[ most +secure platform to browse the Internet](/Home/chromium-security). Here’s a recap +of some work from last quarter: + +The[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. Last quarter, we rewrote our IPC fuzzer, which resulted in +[lots](https://code.google.com/p/chromium/issues/list?can=1&q=linux_asan_chrome_ipc+type%3Dbug-security+-status%3AWontFix%2CDuplicate+&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +[more](https://code.google.com/p/chromium/issues/list?can=1&q=linux_asan_chrome_ipc_32bit+type%3Dbug-security+-status%3AWontFix%2CDuplicate&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +[bugs](https://code.google.com/p/chromium/issues/list?can=1&q=linux_msan_chrome_ipc+type%3Dbug-security+-status%3AWontFix%2CDuplicate&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +discovered by [ClusterFuzz](/Home/chromium-security/bugs/using-clusterfuzz)! We +also expanded fuzzing platform support (Android Lollipop, Linux with Nvidia +GPU), added [archived +builds](http://storage.cloud.google.com/chrome-test-builds/media) for +[proprietary media codecs](http://www.chromium.org/audio-video) testing on all +platforms, and used more code annotations to find bugs (like +[this](https://code.google.com/p/chromium/issues/detail?id=468519&can=1&q=%22Container-overflow%20in%20%22%20type%3Dbug-security%20-status%3AWontFix%2CDuplicate&sort=-id%20-security_severity%20-secseverity%20-owner%20-modified&colspec=ID%20Pri%20Status%20Summary%20Modified%20OS%20M%20Security_severity%20Security_impact%20Owner%20Reporter) +or +[this](https://code.google.com/p/chromium/issues/detail?id=468406&can=1&q=%22Container-overflow%20in%20%22%20type%3Dbug-security%20-status%3AWontFix%2CDuplicate&sort=-id%20-security_severity%20-secseverity%20-owner%20-modified&colspec=ID%20Pri%20Status%20Summary%20Modified%20OS%20M%20Security_severity%20Security_impact%20Owner%20Reporter)). +We auto-add previous crash tests to our data corpus, which helps to catch +regressions even if a developer forgets to add a test +([example](https://code.google.com/p/chromium/issues/detail?id=478745)). We’ve +also started experimenting with enabling and leveraging code coverage +information from fuzzing. Contrary to what [some reports may +imply](http://secunia.com/resources/vulnerability-review/browser-security/), [we +don’t think vulnerability counting is a good standalone metric for +security](http://lcamtuf.blogspot.com/2010/05/vulnerability-databases-and-pie-charts.html), +and more bugs discovered internally +([653](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3AClusterFuzz+opened-after%3A2014%2F1%2F1+opened-before%3A2015%2F1%2F1+-status%3AWontFix%2CDuplicate&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +bugs in 2014 vs. +[380](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3AClusterFuzz+opened-after%3A2013%2F1%2F1+opened-before%3A2014%2F1%2F1+-status%3AWontFix%2CDuplicate&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +bugs in 2013), means more bugs fixed, means safer software! Outside of +engineering, inferno@ gave a talk at [nullcon](http://nullcon.net/) about Chrome +fuzzing +([slides](http://nullcon.net/website/archives/ppt/goa-15/analyzing-chrome-crash-reports-at-scale-by-abhishek-arya.pdf)) +and we launched [never-ending +Pwnium](http://blog.chromium.org/2015/02/pwnium-v-never-ending-pwnium.html) with +a rewards pool up to $∞ million! + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. On Linux and Chrome OS, we did some work to improve +the seccomp-BPF compiler and infrastructure. On modern kernels, we [finally +completed the switch](https://crbug.com/312380) from the [setuid sandbox to a +new design using +](https://code.google.com/p/chromium/wiki/LinuxSandboxing#The_setuid_sandbox)[unprivileged +namespaces](https://code.google.com/p/chromium/wiki/LinuxSandboxing#User_namespaces_sandbox)[. +](https://code.google.com/p/chromium/wiki/LinuxSandboxing#The_setuid_sandbox)We’re +also working on a generic, re-usable sandbox API on Linux, which we hope can be +useful to other Linux projects that want to employ sandboxing. On Android, we’ve +been experimenting with single-threaded renderer execution, which can yield +performance and security benefits for Chrome. We’ve also been involved with the +ambitious [Mojo](/developers/design-documents/mojo) effort. On OSX, we [shipped +crashpad](https://groups.google.com/a/chromium.org/forum/#!topic/chromium-dev/6eouc7q2j_g) +(which was a necessary project to investigate those sometimes-security-relevant +crashes!). Finally, on Windows, the support to block +[Win32k](/developers/design-documents/sandbox#TOC-Process-mitigation-policies-Win32k-lockdown-) +system calls from renderers on Windows 8 and above is now enabled on Stable - +and renderers on these systems are also running within [App +Containers](/developers/design-documents/sandbox#TOC-App-Container-low-box-token-) +on Chrome Beta, which blocks their access to the network. We also ensured all +Chrome allocations are safe - and use less memory (!) - by moving to the Windows +heap. + +On our [Site Isolation](/developers/design-documents/site-isolation) project, +we’ve made progress on the underlying architecture so that complex pages are +correct and stable (e.g. rendering any combination of iframes, evaluating +renderer-side security checks, sending postMessage between subframes, keeping +script references alive). Great progress has also been made on session history, +DevTools, and test/performance infrastructure, and other teams have started +updating their features for out-of-process iframes after our [Site Isolation +Summit](https://www.youtube.com/playlist?list=PL9ioqAuyl6UJmC0hyI-k1wYW08O71lBn8). + +Not all security problems can be solved in[ Chrome’s +guts](/Home/chromium-security/guts), so[ we work on making security more +user-friendly](/Home/chromium-security/enamel) too. In an effort to determine +the causes of SSL errors, we’ve added a new checkbox on SSL warnings that allows +users to send us invalid certificate chains for analysis. We’ve started looking +at the data, and in the coming months we plan to introduce new warnings that +provide specific troubleshooting steps for common causes of spurious warnings. +We also recently launched the new permissions bubble UI, which solves some of +the problems we had with permissions infobars (like better coalescing of +multiple permission requests). And for our Android users, we recently revamped +PageInfo and Site Settings, making it easier than ever for people to manage +their permissions. Desktop updates to PageInfo and Site Settings are in +progress, too. Finally, we just launched a new extension, [Chrome User +Experience +Surveys](https://chrome.google.com/webstore/detail/chrome-user-experience-su/hgimloonaobbeeagepickockgdcghfnn?utm_source=newsletter&utm_medium=security&utm_campaign=CUES%20extension), +which asks people for in-the-moment feedback after they use certain Chrome +features. If you’re interested in helping improve Chrome, you should try it out! + +Beyond the browser, our [web platform efforts](/Home/chromium-security/owp) +foster cross-vendor cooperation on developer-facing security features. We're +working hard with the good folks in the W3C's +[WebAppSec](http://www.w3.org/2011/webappsec/) working group to make progress on +a number of specifications: [CSP 2](http://www.w3.org/TR/CSP2/) and [Mixed +Content](http://www.w3.org/TR/mixed-content/) have been published as Candidate +Recommendations, [Subresource Integrity](http://www.w3.org/TR/SRI/) is +implemented behind a flag and the spec is coming together nicely, and we've +fixed a number of [Referrer Policy](http://www.w3.org/TR/referrer-policy/) +issues. [First-Party-Only +Cookies](https://tools.ietf.org/html/draft-west-first-party-cookies) are just +about ready to go, and [Origin +Cookies](https://tools.ietf.org/html/draft-west-origin-cookies) are on deck. + +We see migration to HTTPS as foundational to any security whatsoever +([and](https://tools.ietf.org/html/rfc7258) +[we're](https://www.iab.org/2014/11/14/iab-statement-on-internet-confidentiality/) +[not](https://www.iab.net/iablog/2015/03/adopting-encryption-the-need-for-https.html) +[the](https://w3ctag.github.io/web-https/) [only](https://https.cio.gov/) +[ones](https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/)), +so we're actively working to [define the properties of secure +contexts](https://w3c.github.io/webappsec/specs/powerfulfeatures/), [deprecate +powerful features on insecure +origins](/Home/chromium-security/deprecating-powerful-features-on-insecure-origins), +and to make it simpler for developers to [Upgrade Insecure +Requests](https://w3c.github.io/webappsec/specs/upgrade/) on existing sites. + +For more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](mailto:security-dev@chromium.org). + +Happy Hacking, + +Parisa, on behalf of Chrome Security + +P.S. Go here to travel back in time and view previous [Chrome security quarterly +updates](/Home/chromium-security/quarterly-updates). + +## Q4 2014 + +Hello from the Chrome Security Team! + +For those that don’t know us already, we do stuff to help make Chrome the[ most +secure platform to browse the +Internet](http://www.chromium.org/Home/chromium-security). Here’s a recap of +some work from last quarter: + +The[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. Last quarter, we incorporated more [coverage +data](https://code.google.com/p/address-sanitizer/wiki/AsanCoverage) into our +[ClusterFuzz dashboard](https://cluster-fuzz.appspot.com/#coverage), especially +for [Android](https://cluster-fuzz.appspot.com/coverage?platform=ANDROID). With +this, we hope to optimize our test cases and improve fuzzing efficiency. We also +incorporated 5 new fuzzers from the external research community as part of the +fuzzer reward program. This has resulted in +[33](https://code.google.com/p/chromium/issues/list?can=1&q=decoder_langfuzz+Type%3DBug-Security+-status%3ADuplicate&colspec=ID+Pri+M+Week+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +[new](https://code.google.com/p/chromium/issues/list?can=1&q=therealholden_worker+Type%3DBug-Security+-status%3ADuplicate&colspec=ID+Pri+M+Week+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +[security](https://code.google.com/p/chromium/issues/list?can=1&q=cdiehl_peach+Type%3DBug-Security+-status%3ADuplicate&colspec=ID+Pri+M+Week+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +vulnerabilities. Finally, we wrote a multi-threaded test case minimizer from +scratch based on [delta debugging](https://www.st.cs.uni-saarland.de/dd/) (a +long-standing request from blink devs!) which produces clean, small, +reproducible test cases. In reward program news, we've paid over $1.6 million +for externally reported Chrome bugs since 2010 ([$4 million total across +Google](http://googleonlinesecurity.blogspot.com/2015/01/security-reward-programs-year-in-review.html)). +In 2014, over 50% of reward program bugs were found and fixed before they hit +the stable channel, protecting our main user population. Oh, and in case you +didn’t notice, the [rewards we’re paying out for vulnerabilities went +up](http://googleonlinesecurity.blogspot.com/2014/09/fewer-bugs-mo-money.html) +again. + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. We’re most excited about progress toward a tighter +sandbox for Chrome on Android (via +[seccomp-bpf](https://www.kernel.org/doc/Documentation/prctl/seccomp_filter.txt)), +which required landing seccomp-bpf support in Android and [enabling TSYNC on all +Chrome OS](https://codereview.chromium.org/759343002/) and Nexus kernels. We’ve +continued to improve our Linux / Chrome OS sandboxing by (1) adding full +cross-process interaction restrictions at the BPF sandbox level, (2) making API +improvements and some code refactoring of //sandbox/linux, and (3) implementing +a more powerful policy system for the GPU sandbox. + +After ~2 years of work on [Site +Isolation](/developers/design-documents/site-isolation), we’re happy to announce +that [out-of-process iframes](/developers/design-documents/oop-iframes) are +working well enough that some Chrome features have [started updating to support +them](https://docs.google.com/document/d/1dCR2aEoBJj_Yqcs6GuM7lUPr0gag77L5OSgDa8bebsI/edit?usp=sharing)! +These include autofill (done), accessibility (nearly done), <webview> +(prototyping), devtools, and extensions. We know how complex a rollout this will +be, and we’re ready with testing infrastructure and +[FYI](http://build.chromium.org/p/chromium.fyi/builders/Site%20Isolation%20Linux) +[bots](http://build.chromium.org/p/chromium.fyi/builders/Site%20Isolation%20Win). +As we announced at our recent Site Isolation Summit +([video](https://www.youtube.com/playlist?list=PL9ioqAuyl6UJmC0hyI-k1wYW08O71lBn8), +[slides](https://docs.google.com/presentation/d/10HTTK4dsxO5p6FcpEOq8EkuV4yiBx2n6dBki8cqDWyo/edit?usp=sharing)), +our goal for Q1 is to finish up OOPIF support with the help of all of Chrome. + +Not all security problems can be solved in [Chrome’s +Guts](/Home/chromium-security/guts), so[ we work on making security more +user-friendly](/Home/chromium-security/enamel) too. For the past few months, +we’ve been looking deeper into the causes of SSL errors by looking at UMA stats +and monitoring user help forums. One source of SSL errors is system clocks with +the wrong time, so we landed a more informative error message in Chrome 40 to +let users know they need to fix their clock. We’ve also started working on a +warning interstitial for [captive +portals](http://en.wikipedia.org/wiki/Captive_portal) to distinguish those SSL +errors from the rest. Finally, we [proposed a plan for browsers to migrate their +user interface from marking insecure origins (i.e. HTTP) as explicitly +insecure](/Home/chromium-security/marking-http-as-non-secure); the [initial +discussion](https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/DHQLv76QaEM%5B1-25-false%5D) +and [external attention](http://www.bbc.com/news/technology-30505970) has been +generally positive. + +Over the past few years, we’ve worked on a bunch of isolated projects to push +security on the Open Web Platform forward and make it possible for developers to +write more secure apps. We recognized we can move faster if we get some of the +team fully dedicated to this work, so we formed a new group that will focus on +[web platform efforts](/Home/chromium-security/owp). + +As usual, for more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](mailto:security-dev@chromium.org). + +To a safer web in 2015! + +Parisa, on behalf of Chrome Security + +## Q3 2014 + +Hello from the Chrome Security Team! + +For those that don’t know us already, we do stuff to help make Chrome the[ most +secure platform to browse the +Internet](http://www.chromium.org/Home/chromium-security). Here’s a recap of +some work from last quarter: + +The[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. We increased Clusterfuzz cores across all desktop platforms (Mac, +Android, Windows, and Linux), resulting in +[155](https://code.google.com/p/chromium/issues/list?can=1&q=Type%3DBug-Security+label%3AClusterFuzz+opened-after%3A2014%2F7%2F1+opened-before%3A2014%2F9%2F31+-status%3AWontFix%2CDuplicate&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +security and +[275](https://code.google.com/p/chromium/issues/list?can=1&q=Type%3DBug+label%3AClusterFuzz+opened-after%3A2014%2F7%2F1+opened-before%3A2014%2F9%2F31+-status%3AWontFix%2CDuplicate&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +functional bugs since last update! We also started fuzzing D-Bus system services +on Chrome OS, which is our first attempt at leveraging Clusterfuzz for the +operating system. One of the common security pitfalls in C++ is bad casting +(often rooted in aggressive polymorphism). To address, [one of our +interns](http://www.cc.gatech.edu/~blee303/) tweaked [UBSAN (Undefined Behavior +Sanitizer) +vptr](https://drive.google.com/file/d/0Bxvv8gduedamTEJCUlN6eERtWUE/view?usp=sharing) +to detect bad-casting at runtime, which resulted in [11 new security +bugs](https://code.google.com/p/chromium/issues/list?can=1&q=Type%3DBug-Security+linux_ubsan_vptr_chrome+-status%3ADuplicate%2CWontFix&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles&)! +We’ve continued to collaborate with external researchers on new fuzzing +techniques to find bugs in V8, Pdfium, Web Workers, IDB, and more. Shout out to +attekett, cloudfuzzer, decoder.oh, and therealholden for their attention and +bugs over the past quarter! + +Finding bugs is only half the battle, so we also did a few things to make it +easier to get security bugs ==fixed==, including (1) a new [security +sheriff](/Home/chromium-security/security-sheriff) +[dashboard](https://cluster-fuzz.appspot.com/#sheriff) and (2) contributing to +the [FindIt +project](https://chromium.googlesource.com/chromium/src.git/+/lkgr/tools/findit/), +which helps narrow down suspected CL(s) for a crash (given a regression range +and stacktrace), thereby saving manual triage cycles. + +Bugs still happen, so our[ Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. We did a number of things to push +[seccomp-bpf](http://blog.chromium.org/2012/11/a-safer-playground-for-your-linux-and.html) +onto more platforms and architectures, including: (1) adding support for +[MIPS](https://code.google.com/p/chromium/issues/detail?id=369594) and +[ARM64](https://code.google.com/p/chromium/issues/detail?id=355125), (2) adding +a [new capability](https://lkml.org/lkml/2014/7/17/844) to initialize +seccomp-bpf in the presence of threads (bringing us a big step closer to a +stronger sandbox on Android), (3) [general tightening of the +sandboxes](https://crbug.com/413855), and (4) writing a [domain-specific +language to better express BPF +policies](https://drive.google.com/file/d/0B9LSc_-kpOQPVHhvcVBza3NWR0k/view). We +also helped ensure a [safe launch of Android apps on Chrome +OS](http://chrome.blogspot.com/2014/09/first-set-of-android-apps-coming-to.html), +and continued sandboxing new system services. + +On Windows, we [launched Win64 to +Stable](http://blog.chromium.org/2014/08/64-bits-of-awesome-64-bit-windows_26.html), +giving users a safer, speedier, and more stable version of Chrome! On Windows 8, +we added Win32k system call filtering behind a +[switch](https://code.google.com/p/chromium/codesearch#chromium/src/content/public/common/content_switches.cc&sq=package:chromium&l=966), +further reducing the kernel attack surface accessible from the renderer. We also +locked down the [alternate +desktop](http://www.chromium.org/developers/design-documents/sandbox#TOC-The-alternate-desktop) +sandbox tokens and refactored the sandbox startup to cache tokens, which +improves new tab responsiveness. + +Finally, work continues on [site +isolation](http://www.chromium.org/developers/design-documents/site-isolation). +Over the past few months, we’ve started creating RemoteFrames in Blink's frame +tree to support out-of-process iframes (OOPIF) and got +[Linux](http://build.chromium.org/p/chromium.fyi/builders/Site%20Isolation%20Linux) +and +[Windows](http://build.chromium.org/p/chromium.fyi/builders/Site%20Isolation%20Win) +FYI bots running tests with --site-per-process. We’ve also been working with the +[Accessibility](https://groups.google.com/a/chromium.org/forum/#!forum/chromium-accessibility) +team as our guinea pig feature to support OOPIF, and since that work is nearly +done, we’re reaching out to more teams over the next few months to update their +features (see our [FAQ about updating +features](https://docs.google.com/a/chromium.org/document/d/1Iqe_CzFVA6hyxe7h2bUKusxsjB6frXfdAYLerM3JjPo/edit)). + +Not all security problems can be solved in[ Chrome’s +guts](/Home/chromium-security/guts), so[ we work on making security more +user-friendly](/Home/chromium-security/enamel) too. SSL-related warnings are +still a major source of user pain and confusion. Over the past few months, we’ve +been focused on determining the causes of false positive SSL errors (via adding +UMA stats for known client / server errors) and investigating +[pinning](/Home/chromium-security/education/tls#TOC-Certificate-Pinning) +violation reports. We’ve also been [experimenting with cert memory +strategies](https://codereview.chromium.org/369703002/) and integrating relevant +detail when we detect a (likely) benign SSL error due to captive portal or a bad +clock. + +Developers are users too, so we know it’s important to support new web security +features and ensure new features are safe to use by default. In that vein, we +recently landed a first pass at [subresource +integrity](https://w3c.github.io/webappsec/specs/subresourceintegrity/) +[support](https://codereview.chromium.org/566083003/) behind a flag (with +[useful console errors](https://codereview.chromium.org/596043003/)), we’re +[shipping](https://groups.google.com/a/chromium.org/d/msg/blink-dev/wToP6b04zVE/imuPatGy3awJ) +most of [CSP 2](https://w3c.github.io/webappsec/specs/content-security-policy/) +in M40, we’ve continued to [tighten +up](https://groups.google.com/a/chromium.org/d/msg/blink-dev/Uxzvrqb6IeU/9FAie9Py4cIJ) +handling of [mixed +content](https://w3c.github.io/webappsec/specs/mixedcontent/), and are working +to define and implement [referrer +policies](https://w3c.github.io/webappsec/specs/referrer-policy/). We’ve also +been helping on some security consulting for [Service +Worker](/blink/serviceworker); kudos to the team for making changes to [handle +plugins more +securely](https://code.google.com/p/chromium/issues/detail?id=413094), [restrict +usage to secure origins](http://crbug.com/394213), and for addressing some +memory caching issues. If you want to learn more about what’s going on in the +Blink Security world, check out the +[Blink-SecurityFeature](https://code.google.com/p/chromium/issues/list?q=label:Cr-Blink-SecurityFeature) +label. + +And then there’s other random things, like ad-hoc hunting for security bugs +(e.g. [local privilege escalation bug in +pppd](https://code.google.com/p/chromium/issues/detail?id=390709)), [giving +Chromebooks](http://www.washingtonpost.com/blogs/the-switch/wp/2014/08/18/finding-a-safe-space-for-kids-to-hack/) +to [kids at +DEFCON](https://www.flickr.com/photos/asirap/sets/72157645916802437), and +various artistic endeavors, like [color-by-risk +diagramming](https://docs.google.com/a/chromium.org/drawings/d/1TuECFL9K7J5q5UePJLC-YH3satvb1RrjLRH-tW_VKeE/edit) +and [security-inspired +fashion](https://www.flickr.com/photos/asirap/14798014040/). + +For more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev). + +Happy Hacking (and Halloween), + +Parisa, on behalf of Chrome Security + +## Q2 2014 + +Hello from the Chromium Security Team! + +For those that don’t know us already, we do stuff to help make Chrome the[ most +secure platform to browse the +Internet](http://www.chromium.org/Home/chromium-security). Here’s a recap of +some work from last quarter: + +One of our primary responsibilities is security **adviser**, and the main way we +do this is via security reviews. A few weeks ago, jschuh@ announced [a new and +improved security review +process](http://www.chromium.org/Home/chromium-security/security-reviews) that +helps teams better assess their current security posture and helps our team +collect more meaningful data about Chrome engineering. All features for M37 went +through the new process, and we’ll be shepherding new projects and launches +through this process going forward. + +The[ Bugs--](/Home/chromium-security/bugs) effort aims to find (and exterminate) +security bugs. One of our best ways of finding bugs and getting them fixed +quickly is fuzz testing via [ClusterFuzz](https://cluster-fuzz.appspot.com/). +This quarter, we started fuzzing Chrome on Mac OS (extending the existing +platform coverage on Windows, Linux, and Android). We also added [code coverage +stats](https://cluster-fuzz.appspot.com/#coverage) to the ClusterFuzz UI, which +some teams have been finding helpful as a complement to their QA testing, as +well as [fuzzer stats](https://cluster-fuzz.appspot.com/#fuzzerstats), which [V8 +team now +checks](https://cluster-fuzz.appspot.com/fuzzerstats?fuzzer_name=stgao_chromebot2&job_type=linux_asan_chrome_v8&last_n_revisions=30) +in new rollouts. Finally, we added some new fuzzers (WebGL, GPU commands) and +integrated a number of memory debugging tools to find new classes of bugs (e.g. +[AddressSanitizer](https://code.google.com/p/address-sanitizer/) on Windows +found +[22](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+%22windows_asan_chrome%22&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +bugs, [Dr. Memory](http://www.drmemory.org/) on Windows found +[1](https://code.google.com/p/chromium/issues/list?can=2&q=Stability%3DMemory-DrMemory+label%3Aclusterfuzz&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +bug, +[MemorySanitizer](https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer) +on Linux found +[146](https://code.google.com/p/chromium/issues/list?can=1&q=label%3AClusterFuzz+Stability%3DMemory-MemorySanitizer+&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +bugs, and +[LeakSanitizer](https://code.google.com/p/address-sanitizer/wiki/LeakSanitizer) +on Linux found +[18](https://code.google.com/p/chromium/issues/list?can=1&q=label%3AClusterFuzz+Stability%3DMemory-LeakSanitizer+&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +bugs). + +Another source of security bugs is our [vulnerability reward +program](/Home/chromium-security/vulnerability-rewards-program), which saw a +quiet quarter: only 32 reports opened in Q2 (lowest participation in 12 months) +and an average payout of $765 per bug (lowest value in 12 months). This trend is +likely due to (1) fuzzers, both internal and external, finding over 50% of all +reported bugs in Q2, (2) a reflection of both the increasing difficulty of +finding bugs and outdated reward amounts being less competitive, and (3) +researcher fatigue / lack of interest or stimulus. Plans for Q3 include +reinvigorating participation in the rewards program through a more generous +reward structure and coming up with clever ways to keep researchers engaged. + +Outside of external bug reports, we spent quite a bit of time [improving the +security posture of Pdfium](/Home/chromium-security/pdfium-security) (Chrome's +[recently opensourced](http://blog.foxitsoftware.com/?p=641) PDF renderer) via +finding / fixing +~[150](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+Cr%3DInternals-Plugins-PDF+closed-after%3A2014%2F4%2F1+closed-before%3A2014%2F7%2F31&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +bugs, removing risky code (e.g. [custom +allocator](https://pdfium.googlesource.com/pdfium/+/3522876d5291922ddc62bf1b70d02743b0850673)), +and using [secure integer +library](https://code.google.com/p/chromium/codesearch#chromium/src/base/numerics/&ct=rc&cd=1&q=numerics&sq=package:chromium) +for overflow checks. Thanks to ifratric@, mjurczyk@, and gynvael@ for their PDF +fuzzing help! + +Bugs still happen, so our [Guts](/Home/chromium-security/guts) effort builds in +multiple layers of defense. We did lots of sandboxing work across platforms last +quarter. On Mac OS, rsesek@ started working on a brand new [bootstrap sandbox +for +OSX](https://docs.google.com/a/chromium.org/document/d/108sr6gBxqdrnzVPsb_4_JbDyW1V4-DRQUC4R8YvM40M/edit) +(//sandbox/mac) and on Android, he got a proof-of-concept renderer running under +[seccomp-bpf](http://lwn.net/Articles/475043/). On Linux and Chrome OS, we +continued to improve the sandboxing testing framework and wrote dozens of new +tests; all our security tests are now running on the Chrome OS BVT. We also +refactored all of NaCl-related “outer” sandboxing to support a new and faster +Non-SFI mode for [NaCl](https://developer.chrome.com/native-client). This is +being used to run Android apps on Chrome, as you may have seen [demoed at Google +I/O](https://www.google.com/events/io). + +After many months of hard work, we’re ecstatic to announce that we [released +Win64 on dev and +canary](http://blog.chromium.org/2014/06/try-out-new-64-bit-windows-canary-and.html) +to our Windows 7 and Windows 8 users. This release takes advantage of [High +Entropy +ASLR](http://blogs.technet.com/b/srd/archive/2013/12/11/software-defense-mitigating-common-exploitation-techniques.aspx) +on Windows 8, and the extra bits help improve the effectiveness of heap +partitioning and mitigate common exploitation techniques (e.g. JIT spraying). +The Win64 release also reduced ~⅓ of the crashes we were seeing on Windows, so +it’s more stable too! + +Finally, work continues on [site +isolation](http://www.chromium.org/developers/design-documents/site-isolation): +lots of code written / rewritten / rearchitected and unknown unknowns discovered +along the way. We're close to having "remote" frames for each out-of-process +iframe, and you can now see subframe processes in Chrome's Task Manager when +visiting a test page like +[this](http://csreis.github.io/tests/cross-site-iframe.html) with the +--site-per-process flag. + +Not all security problems can be solved in[ Chrome’s +guts](/Home/chromium-security/guts), so[ we work on making security more +user-friendly](/Home/chromium-security/enamel) too. The themes of Q2 were SSL +and permissions. For SSL, we nailed down a new ["Prefer Safe Origins for +Powerful Features" +policy](/Home/chromium-security/prefer-secure-origins-for-powerful-new-features), +which we’ll transition to going forward; kudos to palmer@ and sleevi@ for +ironing out all the details and getting us to a safer default state. We’ve also +been trying to improve the experience of our SSL interstitial, which most people +ignore :-/ Work includes launching new UX for [SSL +warnings](https://test-sspev.verisign.com/) and incorporating captive portal +status (ongoing). Congrats to agl@ for launching +[boringssl](https://www.imperialviolet.org/2014/06/20/boringssl.html) - if +boring means avoiding Heartbleed-style hysteria, sounds good to us! + +On the permissions front, we’re working on ways to give users more control over +application privileges, such as (1) reducing the number of install-time CRX +permissions, (2) running UX experiments on the effectiveness of permissions, and +(3) working on building a security and permissions model to bring native +capabilities to the web. + +For more thrilling security updates and feisty rants, subscribe to +[security-dev@chromium.org](mailto:security-dev@chromium.org). + +In the meantime, happy hacking! + +Parisa, on behalf of Chrome Security + +P.S. A big kudos to the V8 team, and jkummerow@ in particular, for their extra +security efforts this quarter! The team rapidly responded to and fixed a number +of security bugs on top of doing some security-inspired hardening of V8 runtime +functions. + +## Q1 2014 + +Hello from the Chrome Security Team! + +For those that don’t know us already, we help make Chrome the [most secure +platform to browse the +Internet](http://www.chromium.org/Home/chromium-security). In addition to +security reviews and consulting, running a [vulnerability reward +program](/Home/chromium-security/vulnerability-rewards-program), and dealing +with security surprises, we instigate and work on engineering projects that make +Chrome safer. Here’s a recap of some work from last quarter: + +The [Bugs-- ](/Home/chromium-security/bugs)effort aims to find (and exterminate) +exploitable bugs. A major accomplishment from Q1 was getting +[ClusterFuzz](https://cluster-fuzz.appspot.com/) coverage for Chrome on Android; +we’re aiming to scale up resources from [a few devices on inferno@’s +desk](https://plus.sandbox.google.com/u/0/103970240746069356722/posts/LckbsWq6QFZ) +to 100 bots over the next few months. On the fuzzer front, mbarbella@ wrote a +new V8 fuzzer that helped shake out +[30+](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Dbug-security+-status%3Aduplicate+mbarbella_js_mutation&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles) +[bugs](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Dbug-security+-status%3Aduplicate+mbarbella_js_mutation_test&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&x=m&y=releaseblock&cells=tiles); +kudos to the V8 team for being so proactive at fixing these issues and +prioritizing additional proactive security work this quarter. Spring welcomed a +hot new line of PoC exploits at [Pwn2Own](http://www.pwn2own.com/) and [Pwnium +4](http://blog.chromium.org/2014/01/show-off-your-security-skills.html): +highlights included a classic ensemble of overly broad IPC paired with a Windows +“feature,” and a bold chain of 5 intricate bugs for persistent system compromise +on Chrome OS; more details posted soon [here](/Home/chromium-security/bugs). +Beyond exploit contests, we’ve rewarded $52,000 for reports received this year +(from 16 researchers for 23 security bugs) via our ongoing [vulnerability reward +program](/Home/chromium-security/vulnerability-rewards-program). We also started +rewarding researchers for bugs in [Chrome extensions developed "by +Google.”](http://googleonlinesecurity.blogspot.com/2014/02/security-reward-programs-update.html) +Outside of finding and fixing bugs, jschuh@ landed [a safe numeric +class](https://code.google.com/p/chromium/issues/detail?id=332611) to help +prevent arithmetic overflow bugs from being introduced in the first place; use +it and you'll [sleep better](https://xkcd.com/571/) too! + +Bugs still happen, so we build in multiple layers of defense. One of our most +common techniques is [sandboxing](/Home/chromium-security/guts), which helps to +reduce the impact of any single bug. Simple in theory, but challenging to +implement, maintain, and improve across all platforms. On Linux and Chrome OS, +we spent a lot of the quarter paying back technical debt: cleaning up the GPU +sandbox, writing and fixing tests, and replacing the setuid sandbox. On Android, +we reached consensus with the Android Frameworks team on a path forward for +seccomp-bpf sandboxing for Clank. We've started writing the CTS tests to verify +this in Android, landed the baseline policy in upstream Clankium, and are +working on the required [upstream Linux Kernel +changes](https://lkml.org/lkml/2014/1/13/795) to be incorporated into Chrome +Linux, Chrome OS, and Android L. The [site isolation +project](http://www.chromium.org/developers/design-documents/site-isolation) +(i.e. sandboxing at the site level) landed a usable cross-process iframe +implementation behind --site-per-process, which supports user interaction, +nested iframes (one per doc), sad frame, and basic DevTools support. Major +refactoring of Chrome and Blink, performance testing, and working with teams +that need to update for site isolation continues this quarter. On Windows, we +shipped Win64 canaries, landed code to sandbox the auto update mechanism, and +improved the existing sandboxing, reducing the win32k attack surface by ~30%. +Thanks to the Windows Aura team, we’ve also made tremendous progress on +disabling win32k entirely in the Chrome sandbox, which will eventually eliminate +most Windows-specific sandbox escapes. + +Not all security can be solved in [Chromium’s +Guts](/Home/chromium-security/guts), so [we work on making security more +user-friendly](/Home/chromium-security/enamel) too. We finally landed the +controversial change to [remember passwords, even when +autocomplete='off'](https://code.google.com/p/chromium/issues/detail?id=177288) +in +[M34](http://blog.chromium.org/2014/02/chrome-34-responsive-images-and_9316.html), +which is a small, but [significant change to return control back to the +user](/Home/chromium-security/security-faq). We also made some [tweaks to the +malware download UX in +M32](https://docs.google.com/a/google.com/presentation/d/16ygiQS0_5b9A4NwHxpcd6sW3b_Up81_qXU-XY86JHc4/edit#slide=12); +previously users installed ~29% of downloads that were known malware, and that +number is now down to <5%! We’ve recently been thinking a lot about how to +improve the security of Chrome Extensions and Apps, including experimenting with +several changes to the permission dialog to see if we can reduce the amount of +malicious crx installed by users without reducing the amount of non-malicious +items. Separately, we want to make it easier for developers to write secure +APIs, so meacer@ wrote up some [security +tips](https://docs.google.com/document/d/1RamP4-HJ7GAJY3yv2ju2cK50K9GhOsydJN6KIO81das/pub) +to help developers avoid common abuse patterns we’ve identified from bad actors. + +Finally, since [Heartbleed](http://heartbleed.com/) is still on the forefront of +many minds, a reminder that Chrome and Chrome OS [were not directly +affected](http://googleonlinesecurity.blogspot.com/2014/04/google-services-updated-to-address.html). +And if you're curious about how and why Chrome does SSL cert revocation the way +it does, agl@ wrote a great +[post](https://www.imperialviolet.org/2014/04/19/revchecking.html) explaining +that too. + +For more thrilling security updates and feisty rants, subscribe to[ +security-dev@chromium.org](mailto:security-dev@chromium.org). + +Happy Hacking, +Parisa, on behalf of Chrome Security + +## Q4 2013 + +Hello from the Chrome Security Team! +For those that don’t know us already, we help make Chromium the [most secure +browsing platform in the +market](http://www.chromium.org/Home/chromium-security). In addition to security +reviews and consulting, running a [vulnerability reward +program](/Home/chromium-security/vulnerability-rewards-program), and dealing +with security surprises, we instigate and work on engineering projects that make +Chrome more secure. +The end of last year flew by, but here are a couple of things we’re most proud +of from the last quarter of 2013: +Make security more usable: We made a number of changes to the malware download +warning to discourage users from installing malware. We also worked on a +reporting feature that lets users upload suspicious files to [Safe +Browsing](http://www.google.com/transparencyreport/safebrowsing/), which will +help Safe Browsing catch malicious downloads even faster. +Since PDFs are a common vehicle for exploit delivery, we’ve modified PDF +handling in Chrome so that they're all opened in Chrome’s PDF viewer by default. +This is a huge security win because we believe Chrome’s PDF viewer is the +safest, most hardened, and security-tested viewer available. [Malware via +Microsoft .docs are also +common](https://www.eff.org/deeplinks/2014/01/vietnamese-malware-gets-personal), +so we’re eagerly awaiting the day we can open Office Docs in +[Quickoffice](https://support.google.com/quickoffice/answer/2986862?hl=en) by +default. +Find (and fix) more security bugs: We recently welcomed a new member to the +team, +[Sheriffbot](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+commentby%3Aclusterfuzz%40chromium.org+-reporter%3Aclusterfuzz%40chromium.org&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner+Reporter&cells=tiles). +He’s already started making the [mortal security +sheriffs’](/Home/chromium-security/security-sheriff) lives easier by finding new +owners, adding Cr- area labels, helping apply and fix bug labels, and reminding +people about open security bugs they have assigned to them. +Our fuzzing mammoth, [ClusterFuzz](https://cluster-fuzz.appspot.com/), is now +fully supported on Windows and has helped find +[32](https://code.google.com/p/chromium/issues/list?can=1&q=type:bug-security%20label:Hotlist-SyzyASAN%20label:ClusterFuzz&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID%20Pri%20Status%20Summary%20Modified%20OS%20M%20Security_severity%20Security_impact%20Owner%20Reporter) +new bugs. We’ve added a bunch of new fuzzers to cover Chromium IPC (5 high +severity bugs), networking protocols (1 critical severity bug from a certificate +fuzzer, 1 medium severity bug from an HTTP protocol fuzzer), and WebGL (1 high +severity bug in Angle). Want to write a +[fuzzer](http://en.wikipedia.org/wiki/Fuzz_testing) to add security fuzzing +coverage to your code? Check out the [ClusterFuzz +documentation](/Home/chromium-security/bugs/using-clusterfuzz), or get in touch. +In November, we helped sponsor a [Pwn2Own contest at the PacSec conference in +Tokyo](http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Mobile-Pwn2Own-2013/ba-p/6202185#.Ut6t45DTm91). +Our good friend, Pinkie Pie, exploited an integer overflow in V8 to get reliable +code execution in the renderer, and then exploited a bug in a Clipboard IPC +message to get code execution in the browser process (by spraying multiple +gigabytes of shared memory). We’ll be publishing a full write-up of the exploit +[on our site](/Home/chromium-security/bugs) soon, and are starting to get +excited about our [upcoming +Pwnium](http://blog.chromium.org/2014/01/show-off-your-security-skills.html) in +March. +Secure by default, defense in depth: In [Chrome +32](http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html), +we started [blocking NPAPI by +default](http://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html) +and have plans to completely remove support by the end of the year. This change +significantly reduces Chrome’s exposure to browser plugin vulnerabilities. We +also implemented additional [heap partitioning for buffers and +strings](https://code.google.com/p/chromium/issues/detail?id=270531) in Blink, +which further mitigates memory exploitation techniques. Our Win64 port of +Chromium is now continuously tested on the main waterfall and is on track to +ship this quarter. Lastly, we migrated our Linux and Chrome OS sandbox to a new +policy format and did a lot of overdue sandbox code cleanup. +On our [site isolation](/developers/design-documents/site-isolation) project, +we’ve started landing infrastructure code on trunk to support out-of-process +iframes. We are few CLs away from having functional cross-process iframe behind +a flag and expect it to be complete by the end of January! +Mobile, mobile, mobile: We’ve started focusing more attention to hardening +Chrome on Android. In particular, we’ve been hacking on approaches for strong +sandboxing (e.g. +[seccomp-bpf](http://blog.chromium.org/2012/11/a-safer-playground-for-your-linux-and.html)), +adding [Safe Browsing](http://www.google.com/transparencyreport/safebrowsing/) +protection, and getting [ClusterFuzz](https://cluster-fuzz.appspot.com/) tuned +for Android. +For more thrilling security updates and feisty rants, catch ya on +[security-dev@chromium.org](mailto:security-dev@chromium.org). +Happy Hacking, +Parisa, on behalf of Chrome Security + +## Q3 2013 + +An early +[boo](http://mountainbikerak.blogspot.com/2010/11/google-chrome-pumpkin.html) +and (late) quarter update from the Chrome Security Team! + +For those that don’t know us already, we help make Chromium the [most secure +browsing platform in the +market](http://www.chromium.org/Home/chromium-security). In addition to security +reviews and consulting, running a [vulnerability reward +program](/Home/chromium-security/vulnerability-rewards-program), and dealing +with security surprises, we instigate and work on engineering projects that make +Chrome more secure. + +Last quarter, we reorganized the larger team into 3 subgroups: + +**Bugs--**, a group focused on finding security bugs, responding to them, and +helping get them fixed. The group is currently working on expanding +[Clusterfuzz](https://cluster-fuzz.appspot.com/) coverage to other platforms +(Windows and Mac), adding fuzzers to cover IPC, networking, and WebGL, adding +more [security +ASSERTS](http://svnsearch.org/svnsearch/repos/BLINK/search?logMessage=ASSERT_WITH_SECURITY_IMPLICATION) +to catch memory corruption bugs. They're also automating some of the grungy and +manual parts of being [security +sheriff](/Home/chromium-security/security-sheriff) to free up human cycles for +more exciting things. + +Enamel, a group focused on usability problems that affect end user security or +the development of secure web applications. In the near-term, Enamel is working +on: improving the malware download warnings, SSL warnings, and extension +permission dialogs; making it safer to open PDFs and .docs in Chrome; and +investigating ways to combat popular phishing attacks. + +Guts, a group focused on ensuring Chrome’s architecture is secure by design and +resilient to exploitation. Our largest project here is [site +isolation](/developers/design-documents/site-isolation), and in Q4, we’re aiming +to have a usable cross-process iframe implementation (behind a flag ;) Other +Guts top priorities include sandboxing work (stronger sandboxing on Android, +making Chrome OS’s +[seccomp-bpf](https://code.google.com/p/chromium/wiki/LinuxSandboxing#The_seccomp-bpf_sandbox) +easier to maintain and better tested), supporting [NPAPI +deprecation](http://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html), +launching 64bit Chrome for Windows, and Blink memory hardening (e.g. heap +partitioning). + +Retrospectively, here are some of notable security wins from recent Chrome +releases: + +In [Chrome +29](http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html), +we tightened up the sandboxing policies on Linux and added some defenses to the +Omaha (Chrome Update) plugin, which is a particularly exposed and attractive +target in Chrome. The first parts of Blink heap partition were released, and +we’ve had “backchannel” feedback that we made an impact on the greyhat exploit +market. + +In [Chrome +30](http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html) +we fixed a load of security bugs! The spike in bugs was likely due to a few +factors: (1) we started accepting fuzzers (7 total) from invited external +researchers as part of a Beta extension to our vulnerability reward program +(resulting in +[26](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3AExternal-Fuzzer-Contribution+-status%3AWontFix%2CDuplicate&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Stars+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner&x=m&y=releaseblock&cells=tiles) +new bugs), (2) we [increased reward +payouts](http://googleonlinesecurity.blogspot.com/2013/08/security-rewards-at-google-two.html) +to spark renewed interest from the public, and (3) we found a bunch of new +buffer (over|under)flow and casting bugs ourselves by adding +[ASSERT_WITH_SECURITY_IMPLICATION](http://svnsearch.org/svnsearch/repos/BLINK/search?logMessage=ASSERT_WITH_SECURITY_IMPLICATION)s +in Blink. In M30, we also added [a new layer of +sandboxing](https://code.google.com/p/chromium/issues/detail?id=168812) to NaCl +on Chrome OS, with seccomp-bpf. + +Last, but not least, we want to give a shout out to individuals outside the +security team that made an extraordinary effort to improve Chrome security: + +* Jochen Eisinger for redoing the pop-up blocker... so that it + [actually blocks + pop-ups](https://code.google.com/p/chromium/issues/detail?id=38458) + (instead of hiding them). Beyond frustrating users, this bug was a + security liability, but due to the complexity of the fix, languished + in the issue tracker for years. +* Mike West for his work on CSP, as well as tightening downloading of + bad content types. +* Avi Drissman for fixing a [longstanding bug where PDF password input + was not + masked](http://code.google.com/p/chromium/issues/detail?id=54748#c49). +* Ben Hawkes and Ivan Fratic for finding + [four](https://code.google.com/p/chromium/issues/list?can=1&q=label%3AWinFuzz) + potentially exploitable Chrome bugs using WinFuzz. +* Mateusz Jurczyk on finding ton of bugs in VP9 video decoder. + +Happy Hacking, +Parisa, on behalf of Chrome Security + +## Q2 2013 + +Hello from the Chrome Security Team! + +For those that don’t know us, we’re here to help make Chrome a very (the most!) +[secure browser](http://www.chromium.org/Home/chromium-security). That boils +down to a fair amount of work on security reviews (and other consulting), but +here’s some insight into some of the other things we were up to last quarter: + +Bug Fixin’ and Code Reviews + +At the start of the quarter, we initiated a Code 28 on security bugs to trim +back the fat backlog of open issues. With the help of dozens of engineers across +Chrome, we fixed over 100 security bugs in just over 4 weeks and brought the +count of Medium+ severity issues to single digits. (We’ve lapsed a bit in the +past week, but hopefully will recover once everyone returns from July vacation +:) + +As of July 1st, [Clusterfuzz](http://goto/clusterfuzz) has helped us find and +fix +[822](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+ClusterFuzz+status%3AFixed+closed-before%3A2013%2F7%2F1&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner&x=m&y=releaseblock&cells=tiles) +bugs! Last quarter, we added a [new +check](http://svnsearch.org/svnsearch/repos/BLINK/search?logMessage=ASSERT_WITH_SECURITY_IMPLICATION) +to identify out of bound memory accesses and bad casts +(ASSERT_WITH_SECURITY_IMPLICATION), which resulted in +~[72](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+%22ASSERTION+FAILED%22+status%3AFixed+opened-after%3A2013%2F1%2F1&sort=-security_severity+-secseverity+-owner+-modified&colspec=ID+Stars+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner&x=m&y=releaseblock&cells=tiles) +new bugs identified and fixed. We’re also beta testing a “Fuzzer Donation” +extension to our [vulnerability reward +program](/Home/chromium-security/vulnerability-rewards-program). + +Anecdotally, this quarter we noticed an increase in the number of IPC reviews +and marked decrease in security issues! Not sure if our recent [security tips +doc](/Home/chromium-security/security-tips-for-ipc) is to credit, but well done +to all the IPC authors and editors! + +Process hardening + +We’ve mostly wrapped up the [binding +integrity](/Home/chromium-security/binding-integrity) exploit mitigation changes +we started last quarter, and it’s now landed on all desktop platforms and Clank. +Remaining work entails [making additional V8 wrapped types inherit from +ScriptWrappable](https://code.google.com/p/chromium/issues/detail?id=236671&can=1&q=tsepez%20scriptwrappable&colspec=ID%20Pri%20M%20Iteration%20ReleaseBlock%20Cr%20Status%20Owner%20Summary%20OS%20Modified) +so more Chrome code benefits from this protection. We also started a new memory +hardening change that aims to [place DOM nodes inside their own heap +partition](https://code.google.com/p/chromium/issues/detail?id=246860). Why +would we want to do that? Used-after-free memory bugs are common. By having a +separate partition, the attacker gets a more limited choice of what to overlap +on top of the freed memory slot, which makes these types of bugs substantially +harder to exploit. (It turns out there is some performance improvement in doing +this too!) + +Sandboxing++ + +We’re constantly trying to improve [Chrome +sandboxing](/developers/design-documents/sandbox). On [Chrome OS and +Linux](https://code.google.com/p/chromium/wiki/LinuxSandboxing), The GPU process +is now sandboxed on ARM +([M28](https://code.google.com/p/chromium/issues/detail?id=235870)) and we’ve +been been working on [sandboxing +NaCl](https://code.google.com/p/chromium/issues/detail?id=168812) under +[seccomp-bpf](http://blog.chromium.org/2012/11/a-safer-playground-for-your-linux-and.html). +We’ve also increased seccomp-bpf test coverage and locked down sandbox +parameters (i.e. less attack surface). Part of the Chrome seccomp-bpf sandbox is +now used in google3 (//third_party/chrome_seccomp), and Seccomp-legacy and +SELinux [have been +deprecated](https://code.google.com/p/chromium/wiki/LinuxSandboxing) as +sandboxing mechanisms. + +Chrome work across platforms + + Mobile platforms pose a number of challenges to replicating some of the + security features we’re most proud of on desktop, but with only expected + growth of mobile, we know we need to shift some security love here. We’re + getting more people ramped up to help on consulting (security and code + reviews) and making headway on short and long-term goals. + + On Windows, we’re still chugging along sorting out tests and build + infrastructure to get a stable Win64 release build for canary tests. + + On Chrome OS, work on kernel ASLR is ongoing, and we continued sandboxing + [system + daemons](https://code.google.com/p/chromium/issues/detail?id=224082). + +Site Isolation Efforts + +After some design and planning in Q1, we started building the early support for +[out-of-process +iframes](http://www.chromium.org/developers/design-documents/oop-iframes) so +that [Chrome's sandbox can help us enforce the Same Origin +Policy](http://www.chromium.org/developers/design-documents/site-isolation). In +Q2, we added a FrameTreeNode class to track frames in the browser process, +refactored some navigation logic, made DOMWindow own its Document (rather than +vice versa) in Blink, and got our prototype to handle simple input events. We'll +be using these changes to get basic out-of-process iframes working behind a flag +in Q3! + +Extensions & Apps + +This quarter, we detected and removed ~N bad extensions from the Web Store that +were either automatically detected or manually flagged as malicious or violating +our policies. We’ve started transitioning manual CRX malware reviews to a newly +formed team, who are staffing and ramping up to handle this significant +workload. Finally, we’ve been looking at ways to improve the permission dialog +for extensions so that it’s easier for users to understand the security +implications of what they’re installing, and working on a set of experiments to +understand how changes to the permissions dialog affect user installation of +malware. + +Happy Q3! + +Parisa, on behalf of Chrome Security + +## Q1 2013 + +Hi from the Chrome Security Team! + +For those that don’t know us already, we’re here to help make Chrome the [most +secure browser in the market](http://www.chromium.org/Home/chromium-security). +We do a fair bit of work on security reviews of new features (and other +consulting), but here’s a summary of some of the other things we were up to last +quarter: + +Bug, bugs, bugs + +Though some time is still spent [handeling external security +reports](http://www.chromium.org/Home/chromium-security/security-sheriff) +(mainly from participants of our [vulnerability reward +program](http://www.chromium.org/Home/chromium-security/vulnerability-rewards-program)), +we spent comparatively more time in Q1 hunting for security bugs ourselves. In +particular, we audited a bunch of IPC implementations after the +[two](http://blog.chromium.org/2012/10/pwnium-2-results-and-wrap-up_10.html) +[impressive](http://blog.chromium.org/2012/05/tale-of-two-pwnies-part-1.html) +IPC-based exploits from last year - aedla found some juicy sandbox bypass +vulnerabilities ([161564](http://crbug.com/161564), +[162114](http://crbug.com/162114), [167840](http://crbug.com/167840), +[169685](http://crbug.com/169685)) and cdn and cevans found / fixed a bunch of +other interesting memory corruption bugs +([169973](https://code.google.com/p/chromium/issues/detail?id=169973), +[166708](https://code.google.com/p/chromium/issues/detail?id=166708), +[164682](https://code.google.com/p/chromium/issues/detail?id=164682)). +Underground rumors indicate many of these internally discovered bugs collided +with discoveries from third party researchers (that were either sitting on or +using them for their own purposes). At this point, most of the IPCs that handle +file paths have been audited, and we’ve started putting together a doc with +[security tips to mind when writing +IPC](https://sites.google.com/a/google.com/chrome-security/security-tips-for-ipc). + +On the fuzzing front, we updated and added a number of [fuzzers to +Clusterfuzz](https://cluster-fuzz.appspot.com/#fuzzers): HTML (ifratric, +mjurczyk), Flash (fjserna), CSS (bcrane), V8 (farcasia), Video VTT (yihongg), +extension APIs (meacer), WebRTC (phoglund), Canvas/Skia (aarya), and +Flicker/media (aarya); aarya also taught Clusterfuzz to look for dangerous +ASSERTs with security implications, which resulted in even more bugs. Kudos to +Clusterfuzz and the ASAN team for kicking out another [132 security +bugs](https://code.google.com/p/chromium/issues/list?can=1&q=type%3Abug-security+label%3AClusterFuzz+opened-after%3A2012%2F12%2F31+-status%3Awontfix+-status%3Aduplicate+opened-before%3A2013%2F4%2F1&sort=-id+-security_severity+-secseverity+-owner+-modified&colspec=ID+Stars+Pri+Status+Summary+Modified+OS+M+Security_severity+Security_impact+Owner&x=m&y=releaseblock&cells=tiles) +last quarter! One downside to all these new bugs is that our queue of open +security bugs across Chrome has really spiked ([85+ as of +today](https://code.google.com/p/chromium/issues/list?can=2&q=Security_Severity%3DCritical+OR+Security_Severity%3DHigh+OR+Security_Severity%3DMedium&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles)). +PIease help us fix these bugs! + +Process hardening + +We’re constantly thinking about proactive hardening we can add to Chrome to +eliminate or mitigate exploitation techniques. We find inspiration not only from +cutting edge security defense research, but also industry chatter around what +the grey and black hats are using to exploit Chrome and other browsers. This +past quarter jln implemented more fine grained support for [sandboxing on +Linux](https://code.google.com/p/chromium/wiki/LinuxSandboxing), in addition to +some low level tcmalloc changes that improve ASLR and general allocator security +on 64-bit platforms. With jorgelo, they also implemented support for a stronger +GPU sandbox on Chrome OS (which we believe was instrumental in avoiding a Pwnium +3 exploit). tsepez landed support for [V8 bindings +integrity](/Home/chromium-security/binding-integrity) on Linux and Mac OS, a +novel feature that ensures DOM objects are valid when bound to Javascript; this +avoids exploitation of type confusion bugs in the DOM, which Chrome has suffered +from in the past. palmer just enabled bindings integrity for Chrome on Android, +and work is in progress on Windows. + +Work across platforms + +One of our key goals is to get Chrome running natively on 64-bit Windows, where +the platform mitigations against certain attacks (such as heap spray) are +stronger than when running within a WOW64 process. (We’ve also seen some +performance bump on graphics and media on 64-bit Windows!) We made serious +progress on this work in Q1, coordinating with engineers on a dozen different +teams to land fixes in our codebase (and dependencies), working with Adobe on +early Flapper builds, porting components of the Windows sandbox to Win64, and +landing 100+ generic Win64 build system and API fixes. Thanks to all that have +made this possible! + +As Chrome usage on mobile platforms increases, so too must our security +attention. We’ve set out some short and long-term goals for mobile Chrome +security, and are excited to start working with the Clank team on better +sandboxing and improved HTTPS authentication. + +Site isolation + +Work continues on the ambitious project to support [site-per-process +sandboxing](http://www.chromium.org/developers/design-documents/site-isolation), +which should help us [prevent additional attacks aimed at stealing or tampering +with user data from a specific +site](https://docs.google.com/a/google.com/document/d/1X5xZ2hYZurR_c2zU11AoEn15Ebu1er4cCLEudLJvPHA/edit). +Last quarter, we published a more complete [design for out-of-process +iframes](http://www.chromium.org/developers/design-documents/oop-iframes), set +up performance and testing infrastructure, and hacked together a prototype +implementation that helped confirm the feasibility of this project and surface +some challenges and open questions that need more investigation. + +Extensions + +When not feeding the team fish, meacer added a lot of features to Navitron to +make flagged extensions easier to review and remove from the WebStore. To put +this work in perspective, each week ~X new items are submitted to Webstore, ~Y +of them are automatically flagged as malware (and taken down), ~Z malware +escalations are manually escalated from extension reviewers (and then reviewed +again by security;. meacer also added a fuzzer for extensions and apps APIs, and +has been fixing [the resulting +bugs](https://code.google.com/p/chromium/issues/list?can=1&q=Fuzzer%3A+Meacer_extension_apis&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles). + +Until we meet again (probably in the issue tracker)... + +Parisa, on behalf of Chrome Security diff --git a/chromium/docs/website/site/Home/chromium-security/reporting-security-bugs/index.md b/chromium/docs/website/site/Home/chromium-security/reporting-security-bugs/index.md new file mode 100644 index 00000000000..b3ca063bcb7 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/reporting-security-bugs/index.md @@ -0,0 +1,129 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: reporting-security-bugs +title: Reporting Security Bugs +--- + +The Chromium project takes security very seriously, but any complex software +project is going to have some vulnerabilities. You can help us make Chromium +more secure by following the guidelines below when filing security bugs against +Chromium. And as an added benefit to you, following these guidelines will +increase both the chance and size of the reward you could receive under the +[Vulnerability Rewards Program](https://g.co/ChromeBugRewards). + +[TOC] + +### Scope + +Do not report physically-local attacks. For example, please do not report that +you can compromise Chromium by installing a malicious DLL on a computer in a +place where Chromium will find it and load it. Similarly, please do not report +password disclosure using the Inspect Element feature to convert the +"\*\*\*\*\*\*\*" into the underlying text. + +To understand why, see the [Chromium Security +FAQ.](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/faq.md) + +### General Guidelines + +These are the criteria that we expect from a good security bug report: + +* Was filed via the [security + template](https://code.google.com/p/chromium/issues/entry?template=Security%20Bug). +* Contains a clear and descriptive title. +* Includes the Chromium/Chrome version number and [release + channel](/getting-involved/dev-channel). +* Lists the operating system, version, and service pack level of the + testing platform. +* Includes a reproducible example of the bug, such as an attached HTML + or binary file that triggers the bug when loaded into Chrome. + * **Please** make the file as small as possible and remove any + content not necessary to trigger the vulnerability. + * **Please** avoid dependencies on third-party libraries such as + jQuery or Prototype (which can dramatically complicate the + process of diagnosing a potential vulnerability). + * ***For short** (e.g. 15 lines), text-based reproductions (eg. + HTML or SVG), please include the reproduction case directly in + the report text.* + * **For larger** or more complex cases, please attach files + directly to the bug, not in an archive. + * If you host a page that demonstrates the bug, **please also + attach** the files and config needed reproduce locally. + * **Note** that a screen capture or video showing the issue is + largely unnecessary except in the case for security UI issues, + and is not a substitute for a well-written, reproducible test + case. +* Provides a brief description (where appropriate) of the nature of + the bug along with any additional details required to reproduce it. +* Avoids unnecessary commentary or hyperbole. (If you choose to + provide a severity estimate please follow the criteria at [Severity + Guidelines for Security Issues](/developers/severity-guidelines).) + +### Reporting Crash Bugs + +In addition to the general guidelines above, we look for the following +information on bugs that trigger browser crashes or sad tabs: + +* Whether the crash is in the browser (application crash) or the + renderer (sad tab). +* Paste into the bug description the exception details, register + state, and relevant portion of the stack trace. + * General crash reporting information is available at [Reporting a + Crash + Bug](/for-testers/bug-reporting-guidelines/reporting-crash-bug). + * Platform specific debugger configuration (including instructions + on setting up symbols) is available for + [Windows](/developers/how-tos/debugging), [Mac OS + X](/developers/debugging-on-os-x), and + [Linux](https://code.google.com/p/chromium/wiki/LinuxDebugging). +* If crash reporting is enabled, please provide your [client + ID](/for-testers/bug-reporting-guidelines/reporting-crash-bug). +* Please ensure that **all stack traces include symbols**. + +#### Signs A Crash Is Not A Security Bug + +Generally, we do not consider a denial of service (DoS) issues to be security +vulnerabilities. Examples of these bug classes include: consistent fixed-offset +[NULL pointer +dereferences](https://en.wikipedia.org/wiki/Pointer_(computing)#Null_pointer), +[call stack overflows (stack +exhaustion)](https://blogs.technet.com/b/srd/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx), +and [out of memory (OOM) errors](https://en.wikipedia.org/wiki/Out_of_memory). +Some of these crashes are valid bugs, and should be reported; however, they are +not security bugs and should be filed through the [normal defect +template](https://code.google.com/p/chromium/issues/entry). + +### Going Above and Beyond + +While we don't expect security vulnerability reporters to provide us any of the +following information, we certainly find it extremely helpful and would take it +into consideration when determining whether or not a particular report qualified +for a larger award: + +* An extremely clear and well-reduced test case demonstrating the + vulnerability. +* An accurate analysis of the exact nature of a crash (e.g. + identifying the reason for and location of a premature pointer + deletion in a use-after-free vulnerability). +* An explanation of a broader vulnerability or recurring vulnerable + pattern associated with the reported bug (e.g. noting that a + vulnerability arises in more than one location due to a common + misuse pattern on a particular class). +* Helpful guidance for fixing the vulnerability, or providing an + effective fix as part of the reporting process. +* Identifying any particularly interesting or impactful issue that + goes beyond the scope of a single report. +* Any noteworthy cooperation in the reporting and resolution that goes + significantly beyond the normal reporting guidelines. +* We reward more where the reporter [provides a good analysis + demonstrating probable exploitability](/system/errors/NodeNotFound). + +### Bug Visibility + +The visibility of security bugs is restricted until a fix has been widely +deployed. For more information see the [Security +FAQ](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/faq.md#TOC-Can-you-please-un-hide-old-security-bugs-). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/reviews-and-consulting/index.md b/chromium/docs/website/site/Home/chromium-security/reviews-and-consulting/index.md new file mode 100644 index 00000000000..13178eefb53 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/reviews-and-consulting/index.md @@ -0,0 +1,33 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: reviews-and-consulting +title: Reviews and Consulting +--- + +So, ya need some security help? Our talents are many, but here are the things we +normally assist Chromium engineers with: + +**Security Reviews** + +Features that are new or substantial refactors / expansions should go through +the [Chrome Security Review](/Home/chromium-security/security-reviews) process +via the Chrome launch process. The purpose of a security review is ==not== the +elimination of all possible vulnerabilities, but rather the promotion of [secure +design and implementation practices in +Chromium](/Home/chromium-security/education). It also helps the security team +stay engaged with the rest of Chromium engineering. + +**Adding new code to third_party** + +Third party code is a hot spot for security vulnerabilities, so make sure to +[give security a head's up by getting a code +review](http://www.chromium.org/developers/adding-3rd-party-libraries#TOC-Get-a-Review). + +**One-off questions** + +If you are not sure what to do, or need other help, you can always just reach us +at [security@chromium.org](mailto:security@chromium.org). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/root-ca-policy/index.md b/chromium/docs/website/site/Home/chromium-security/root-ca-policy/index.md new file mode 100644 index 00000000000..61a5b7787f4 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/root-ca-policy/index.md @@ -0,0 +1,210 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: root-ca-policy +title: Chrome Root Program +--- + +## Last updated: 2020-11-02 + +Bookmark this page as + +## Introduction + +Google Chrome relies on Certification Authorities (CAs) to issue certificates to +websites. Chrome uses these certificates to ensure the HTTPS connections it +makes on behalf of its users are secure and private. + +As part of establishing a secure connection, Chrome cryptographically verifies +that the website's certificate was issued by a recognized CA. Certificates that +are not issued by a CA recognized by Chrome, or by a user's local settings, can +cause users to see warnings and error pages. + +If you’re an enterprise managing trusted CAs for your organization, including +locally installed enterprise CAs, the policies described in this document do not +apply to your CA. No changes are currently planned for how enterprise +administrators manage those CAs within Chrome. CAs that have been installed by +the device owner or administrator into the operating system trust store are +expected to continue to work as they do today. + +If you’re a Chrome user experiencing a certificate error, please see [this +support article](https://support.google.com/chrome/answer/6098869?hl=en) for +more information. + +If you're a website operator, you can learn more about [why HTTPS +matters](https://web.dev/why-https-matters/) and how to [secure your site with +HTTPS](https://support.google.com/webmasters/answer/6073543). If you've got a +question about a certificate you've been issued, including questions about +validity and revocation, please contact the CA that issued the certificate. + +Though uncommon, certificates can also be used by websites to identify clients +connecting to them. Other than ensuring it is well formed, Chrome simply passes +the certificate to the server, which performs the evaluation and enforces its +chosen policy. The policies on this page do not apply to client certs. + +## Chrome Root Program + +When Chrome presents the connection to a website as secure, Chrome is making a +statement to its users about the security properties of that connection. Because +of the CA's critical role in upholding those properties, Chrome must ensure the +CAs who issue certificates are operated in a consistent and trustworthy manner. +This is achieved by referring to a list of root certificates from CAs that have +demonstrated why continued trust in them is justified. This list is referred to +as a Root Store. The policies and requirements for participating and being +included in a Root Store are known as a Root Program. + +## Root Program Transition + +The sections below describe the Chrome Root Program, and policies and +requirements for CAs to have their certificates included in a default +installation of Chrome, as part of the transition to the Chrome Root Store. + +Historically, Chrome has integrated with the Root Store provided by the platform +on which it is running. Chrome is in the process of transitioning certificate +verification to use a common implementation on all platforms where it's under +application control, namely Android, Chrome OS, Linux, Windows, and macOS. Apple +policies prevent the Chrome Root Store and verifier from being used on Chrome +for iOS. This will ensure users have a consistent experience across platforms, +that developers have a consistent understanding of Chrome's behavior, and that +Chrome will be better able to protect the security and privacy of users' +connections to websites. + +For CAs that already participate in other public Root Programs, such as the +[Mozilla Root +Program](https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/), +many of these requirements and processes should be familiar. + +### Transitional Root Store + +During this transition, the Chrome Root Store contains a variety of existing +Certification Authorities' certificates that have historically worked in Chrome +on the majority of supported platforms. This promotes interoperability on +different devices and platforms, and minimizes compatibility issues. This should +ensure as seamless a transition as possible for users. + +In addition to compatibility considerations, CAs have been selected on the basis +of past and current publicly available and verified information, such as that +within the Common CA Certificate Database ([CCADB](https://ccadb.org)). CCADB is +a datastore run by Mozilla and used by a variety of operating systems, browser +vendors, and Certification Authorities to share and disclose information +regarding the ownership, historical operation, and audit history of CA +certificates and key material. + +### Requesting Inclusion + +For Certification Authorities that have not been included as part of this +initial [Chrome Root Store](https://g.co/chrome/root-store), questions can be +directed to +[chrome-root-authority-program@google.com](mailto:chrome-root-authority-program@google.com). +Priority is given to CAs that are widely trusted on platforms that Chrome +supports, in order to minimize compatibility issues. + +For the inclusion of new CA certificates, priority is given to CAs in the +following order, in order to minimize disruption or risks to Chrome users: + + CAs that are widely trusted, and which are replacing older certificates with + certificates and key material created within the past five years, and have + an unbroken sequence of annual audits where these certificates and key + material are explicitly listed in scope. + + CAs whose certificates and certificate hierarchy are only used to issue TLS + server certificates, and do not issue other forms of certificates. + + CAs that have undergone a widely-recognized public discussion process + regarding their CP, CPS, audits, and practices. At this time, the only + discussion process recognized as acceptable is the discussion process + operated by Mozilla on behalf of the open-source community at + [mozilla.dev.security.policy](https://www.mozilla.org/en-US/about/forums/#dev-security-policy). + + CAs that maintain sole control over all CA key material within their CA + certificate hierarchy, and include their entire certificate hierarchy within + a single audit scope. + + CAs that have been annually audited according to both of the “WebTrust + Principles and Criteria for Certification Authorities” and the “WebTrust + Principles and Criteria for Certification Authorities - SSL Baseline With + Network Security”. Other audit criteria may be accepted on a discretionary + basis, but Chrome will prioritize audits conducted according to both of + these criteria. + +Certification Authorities that do not meet all of the above criteria will be +dealt with on a case-by-case basis. Note that the above requirements are +illustrative only; Google includes CAs in its Root Program, and includes or +removes CA certificates within its Root Store as it deems appropriate for user +safety. The selection and ongoing membership of CAs is done to enhance the +security of Chrome and promote interoperability; CAs that do not provide a broad +service to all browser users are unlikely to be suitable. + +As this transition occurs, CAs should continue to work with the relevant vendors +of operating systems where Chrome is supported to additionally request inclusion +within their root certificate programs as appropriate. This will help minimize +any disruption or incompatibilities for end users, by ensuring that Chrome is +able to validate certificates from the CA regardless of whether it is using the +Chrome Root Store or existing platform integrations. + +The Chrome Root Store Policy will be updated to more fully detail the set of +formal ongoing requirements for working with Google in order to be distributed +and included in a default installation of Chrome, as well as additional steps +for applying or updating existing included certificates. Any questions regarding +this policy can be directed to +[chrome-root-authority-program@google.com](mailto:chrome-root-authority-program@google.com) + +## Responding to Incidents + +Chrome requires that CAs included in the Chrome Root Program abide by their +Certificate Policy and/or Certification Practices Statement, where the CA +describes how they operate, and must incorporate [CA/Browser Forum’s Baseline +Requirements](https://cabforum.org/baseline-requirements-documents/). Failure of +a CA to meet their commitments, as outlined in their CP/CPS and the Baseline +Requirements, is considered an incident, as is any other situation that may +impact the CA’s integrity, trustworthiness, or compatibility. + +Chrome requires that any suspected or actual compliance incident be promptly +reported and publicly disclosed upon discovery by the CA, along with a timeline +for [an analysis of root +causes](https://landing.google.com/sre/sre-book/chapters/postmortem-culture/), +regardless of whether the non-compliance appears to the CA to have a serious or +immediate security impact on end users. Chrome will evaluate every compliance +incident on a case-by-case basis, and will work with the CA to identify +ecosystem-wide risks or potential improvements to be made in the CA’s operations +or in root program requirements that can help prevent future compliance +incidents. + +When evaluating a CA’s incident response, Chrome’s primary concern is ensuring +that browsers, CAs, users, and website developers have the necessary information +to identify improvements, and that the CA is responsive to addressing identified +issues. + +Factors that are significant to Chrome when evaluating incidents include (but +are not limited to): a demonstration of understanding of the root causes of an +incident, a substantive commitment and timeline to changes that clearly and +persuasively address the root cause, past history by the CA in its incident +handling and its follow through on commitments, and the severity of the security +impact of the incident. In general, a single compliance incident considered +alone is unlikely to result in removal of a CA from the Chrome Root Store. + +Chrome expects CAs to be detailed, candid, timely, and transparent in describing +their architecture, implementation, operations, and external dependencies as +necessary for Chrome and the public to evaluate the nature of the incident and +depth of the CA’s response. + +When a CA fails to meet their commitments made in their CP/CPS, Chrome expects +them to file an incident report. Due to the incorporation of the Baseline +Requirements into the CP and CPS, incidents may include a prescribed follow-up +action, such as revoking impacted certificates within a certain timeframe. If +the CA doesn’t perform the required follow-up actions, or doesn’t perform them +in the expected time, the CA should file a secondary incident report describing +any certificates involved, the CA’s expected timeline to complete any follow-up +actions, and what changes the CA is making to ensure they can meet these +requirements consistently in the future. + +When a CA becomes aware of or suspects an incident, they should notify +[chrome-root-authority-program@google.com](mailto:chrome-root-authority-program@google.com) +with a description of the incident. If the CA has publicly disclosed this +incident, this notification should include a link to the disclosure. If the CA +has not yet disclosed this incident, this notification should include an initial +timeline for public disclosure. Chrome uses the information on the public +disclosure as the basis for evaluating incidents. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-bug-lifecycle/index.md b/chromium/docs/website/site/Home/chromium-security/security-bug-lifecycle/index.md new file mode 100644 index 00000000000..ba0c5a39d17 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-bug-lifecycle/index.md @@ -0,0 +1,258 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: security-bug-lifecycle +title: Security Bug Lifecycle +--- + +The [canonical version of this document is now in the Chromium source +tree](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/sheriff.md). + +The following document describes the process of working from an inbound security +bug report to releasing a fix on all affected branches. You can also refer to +the [Security Cheat Sheets](/system/errors/NodeNotFound) to provide a quick walk +through or as a reference to check your progress. + +[TOC] + +## Triage + +The first step of triage is confirming that a bug does exist and it does +represent a vulnerability. Most reporters provide a version in the bug report, +but you’ll generally need to verify against the current stable, beta, and trunk +builds. The [Reporting Security +Bugs](/Home/chromium-security/reporting-security-bugs) page provides information +on what detail is required and how to get it, so you should use that as a guide +to fill in anything the report is missing. If you don’t have a particular build +on hand to perform the analysis against, you can leave a comment in the bug +requesting that another team member assist in verifying it. The list of +currently open security (modulo **Security-Severity-None**) bugs can be viewed +with [this +query](https://code.google.com/p/chromium/issues/list?can=2&q=Type%3DBug-Security+-Security_Severity%3DNone&sort=-secseverity&groupby=&colspec=ID+Pri+Area+Feature+Status+Summary+Modified+Owner+Mstone+OS+Secseverity+Reporter+Secimpacts). + +### Security Features & Non-Vulnerabilities + +There are a number of bugs we want to keep track of for security reasons, but +shouldn't track as vulnerabilities. This includes new security features and +improvements, or changes that simply have a security impact or warrant a closer +inspection from a security perspective. In this case the bug should *not* be +filed as *Type-Security*. Instead it should be filed as whatever type is +relevant (generally **Type-Bug**) and also have the **Feature-Security** label +set. This ensures the security team will still receive updates, but keeps it out +of the list of open vulnerabilities. + +### Assigning Labels + +**==First verify the bug, requirements to trigger, and affected platforms==**; +if you cannot verify the bug directly (e.g. nonavailability of the affected +platform) then assign or CC an owner who can. Once you’ve verified the bug, you +need to determine the appropriate labels. You should follow the severity +guidelines [Severity Guidelines for Security +Issues](/developers/severity-guidelines) to determine the rating for the +**Security-Severity-**\* label. Remember to also consider any mitigating factors +that might reduce the severity, such as unusual or excessive interaction, or the +feasibility of reliably triggering the condition in the wild (e.g. race +conditions are notoriously difficult). + +Once you’ve determined the severity you can assign the milestone and priority +according to the following guidelines: + +* **Security-Severity-Critical** + * **Pri-0** + * Current stable milestone (or earliest milestone impacted) +* **Security-Severity-High** + * **Pri-1** + * Current stable milestone (or earliest milestone impacted) +* **Security-Severity-Medium** + * **Pri-2** + * Next stable milestone +* **Security-Severity-Low** + * **Pri-3** + * Next stable milestone +* **Security-Severity-None** + * No priority required + * No milestone required + +Set the SecImpacts flags to identify the affected branches, so we know what +needs to be merged and have historical tracking data: + +* **SecImpacts-Stable** - Affects shipping branch and should be + considered for merge. +* **SecImpacts-Beta** - Affects beta branch and fix and should be + considered for merge. +* **SecImpacts-None** - Doesn't affect a shipping branch (no merge + required). + +The milestone targets may shift slightly to adjust for a release schedule. For +example, when the current stable is at the end of its cycle you will generally +bump all open bugs to target the next stable milestone. + +Also, it's important to ensure that all security bugs are set to +**Type-Security** and any security bugs with a severity other than +**Security-Severity-None** include the **Restrict-View-SecurityTeam** flag. + +The remaining triage follows the [standard +guidelines](/getting-involved/bug-triage). Key points to remember are the +following: + +* Update the status to **Untriaged**, **Available**, **Assigned**, or + **Started** (as appropriate). +* Apply the following labels as needed: **OS-**\*, **Feature-**\*, + **Area-**\*, **Internals-**\*, **Crash**. +* Any changes that will be merged to the beta branch must be labeled + as **ReleaseBlock-Stable**. +* Ensure the comment adequately explains any status changes + *(severity, milestone, and priority assignment generally require + explanatory text)*. + +### Upstreaming WebKit Bugs + +Any WebKit bugs should be upstreamed to +[bugs.webkit.org](http://bugs.webkit.org/) immediately after verification, basic +analysis to isolate the issue, and reducing any test cases to a manageable size. +When upstreaming WebKit security bugs, remember the following points: + +* File against the security component +* Include a link back to the Chromium bug in your comment +* Include a credit to the original reporter if appropriate +* CC any Chromium Team members working on the bug downstream + +#### Getting Access to WebKit Security Bugs + +Any members of the Chromium Security Team involved in bug triage will need to +join the [WebKit Security Group](http://www.webkit.org/security/). If you're not +already on WebKit Security, please ask another Chromium Security Team member to +nominate you. After joining you'll need to request security bug access (this can +be done by replying to your confirmation email). Once bug access is granted, +you'll need to configure your account to get emailed on all inbound security +bugs. You do this by adding **webkit-security-unassigned@lists.webkit.org** to +the **User Watching** section on the [Email +Preferences](https://bugs.webkit.org/userprefs.cgi?tab=email) tab on WebKit's +bugzilla. (You'll probably want to create a Gmail filter on these messages as +well.) + +**Landing WebKit Patches** + +To contribute a patch to WebKit you can generally just follow the [instructions +on webkit.org](http://www.webkit.org/coding/contributing.html). However, one +additional step must be taken to land patches for security bugs, because the +WebKit Commit Bot and the WebKit Review Bot are not included in the WebKit +Security Group. This means your patch will not be placed in the commit queue +after receiving cq+ unless the bots are explicitly given access to the bug. To +do this, add these addresses to the cc: list of the WebKit bug: + +* webkit.review.bot@gmail.com +* commit-queue@webkit.org + +### Timeline + +As a rule, you’ll want to ensure that the full initial triage is performed and +the bug is updated within 48 hours of the initial report. During business hours +the basic triage and bug update should occur within four hours at most. + +### Erroneous Reports + +Some reports are obviously not legitimate, or represent behavior that we do not +intend to change. In those cases you should mark the bug as **WontFix** or +**Invalid** (as appropriate) and provide a simple explanation to the reporter. +For non-security bugs erroneously reported via the security template, you should +remove all security labels, set the “Crash” label if appropriate, add in the +appropriate area/feature labels, and set the status to “Untriaged.” + +## Shepherding + +The shepherding process starts with finding an owner for a bug. If you have +access to security bugs, you can find a list of all open security bugs without +an owner +[here](http://code.google.com/p/chromium/issues/list?can=2&q=Type%3DBug-Security+-Security_SecSeverity%3DNone+-has%3Aowner&sort=-security_secseverity&colspec=ID+Pri+Area+Feature+Status+Summary+Modified+Owner+Mstone+OS+Secseverity&x=mstone&y=area&cells=tiles). +When analysing a bug for triage you’ll often find that you can work out a +solution yourself. If that’s the case and you have time to develop a patch, then +this is usually the most expedient solution to getting a fix out. + +For bugs that you can’t fix yourself, you’ll need to find an owner. If you don’t +know who to assign a bug to, it’s often best to start by asking other members of +the security team if they’re familiar with the code. Then they can either take +the ownership of the bug, or point you to a developer who would make a good +owner. + +If no one on the security team has a good suggestion, you’ll generally have to +use svn blame or some other means to track back one of the original developers +of the code. If you don’t have a checkout handy, you can always use the annotate +feature on . + +### Following Up + +Priorities and schedules vary between developers. So, when you assign a security +bug to an owner you should make sure you convey the timeline you’re expecting +for a fix. If you don’t see regular progress in the bug report, you may need to +manually follow up with the owner. Oftentimes, the bug just ended up being +harder to reproduce or fix than it originally appeared, so it’s a good idea to +offer help whenever there are unanticipated delays. + +Keep in mind that on average we get high severity bugs fixed on the release +branch within *30 days* of the initial report, and almost always within *60 +days* at the most. For critical severity bugs we have a hard deadline of 60 days +from initial report to a shipping fix. + +### Handling a Fix + +Once a fix is applied to trunk either you or the owner will change the bug +status to **Merge-Approved** and switch the **Restrict-View-SecurityTeam** label +to **Restrict-View-SecurityNotify**. At that point you’ll need to evaluate +whether the bug is a good candidate for a merge. + +## Merging + +Security fixes often need to be merged to the stable branch (this includes +patches to Chrome, WebKit, or other dependencies). Generally this is done by one +of the security team members. The first thing you need to do is evaluate whether +a fix should be considered for merge. Generally any high or critical severity +fixes should be seriously considered for merge. Medium and low-severity fixes +can be considered as well if they're particularly worrisome (e.g. bad +information leak), have significant non-security impact (e.g. top crasher), or +are just very low risk. + +One of the key considerations in determining what to merge is assessing the risk +of breakage, which the bug’s owner should be able to convey. For risky fixes +you’ll often want to consider bumping it to a later milestone. When you've +decided to merge a fix, you should verify with a release manager that the merge +window is open for any affected branches. Normally a fix will need to be merged +to both the current stable and beta branches. + +You should merge fixes via [drover](/developers/how-tos/drover), which automates +most of the process. If the [drover merge](/developers/how-tos/drover) does not +apply cleanly you may want to reconsider whether the fix will introduce an +unacceptable breakage risk. In the event that you can’t use drover to merge a +fix, you still have the option of manually merging from a branch checkout. In +general, most team members should have a checkout for the current stable, beta +and trunk branches. So, this can generally just follow the [normal patch +process](/developers/contributing-code), but using a branch repository. + +Once the fix is successfully merged you will need to update the the bug with the +merge revision numbers, and change the status to **FixUnreleased** (or to +**Fixed** if the stable branch is not affected) and set the merge status to +**Merge-Completed** (if drover didn't do so). For beta merges, you should also +verify that the **ReleaseBlock-Stable** flag is present. + +### Updating and Release Notes + +After a patch has been landed (and potentially merged) you’ll need to update the +[security release +document](https://docs.google.com/a/google.com/Doc?docid=0AUtTDLyP_VtYY2dxczZrNHpfODhzajZzbWd6&hl=en), +which is used for tracking security bugs for release notes. + +### Vulnerability Rewards Nomination + +Generally, once a fix has been applied to trunk we will consider a bug for a +vulnerability reward. This will generally be done by the team member shepherding +the bug, or the owner if it’s a security team member. To remind yourself that +you may want to consider a specific bug you can add the **reward-topanel** label +in the tracker. + +When nominating a bug for a reward, be sure to consider the overall quality, and +any additional value the reporter brought to the process. For reference, the +general guidelines are listed on the [Vulnerability Rewards +Program](/Home/chromium-security/vulnerability-rewards-program) page. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-faq/index.md b/chromium/docs/website/site/Home/chromium-security/security-faq/index.md new file mode 100644 index 00000000000..a7b987dea7a --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-faq/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: security-faq +title: Security FAQ +--- + +**The [canonical version of the FAQ is now in the Chromium source +tree](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/faq.md).** \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-faq/service-worker-security-faq/index.md b/chromium/docs/website/site/Home/chromium-security/security-faq/service-worker-security-faq/index.md new file mode 100644 index 00000000000..230a45a998c --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-faq/service-worker-security-faq/index.md @@ -0,0 +1,340 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +- - /Home/chromium-security/security-faq + - Security FAQ +page_name: service-worker-security-faq +title: Service Worker Security FAQ +--- + +#### **Do not edit — for historical reference only** + +#### The [canonical version of the FAQ is now in the Chromium source +tree](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/service-worker-security-faq.md). + +#### [TOC] + +This FAQ is specifically about service workers. Also see the general [security +FAQ](/Home/chromium-security/security-faq). + +Like the general security FAQ, this document is a collaborative effort by many +Chromium developers. (rsesek, estark, falken, slightlyoff, jakearchibald, evn, +raymes, ainslie, mek, lgarron, elawrence, kinuko, palmer, your name here...) +Last updated 12 May 2017. If you see an error or have an additional question, +and have a Chromium account, go ahead and fix it. If you don't have a Chromium +account, email palmer@chromium.org for a fix. + +#### Service Workers seem extremely risky! Why are they OK? + +Service Workers (SW) are indeed powerful. They support compelling web +applications that can run offline or with intermittent connectivity. You can +edit documents, browse and buy from catalogs, send social media messages, write +email, etc. even in the subway! Service Workers can make the web platform more +viable than ever before, enabling web apps to better compete with native apps +even while essentially retaining the browse-to-use, sandboxed nature of the +[Open Web Platform](https://www.w3.org/wiki/Open_Web_Platform) (OWP) that we all +love. The rest of this FAQ will explain how the SW designers and implementers +have mitigated the risks that necessarily come with this functionality. + +Service Workers are a replacement for and an improvement on the legacy +[Application Cache +API](https://developer.mozilla.org/en-US/docs/Web/HTML/Using_the_application_cache), +which has been available in the OWP for a very long time. + +For more background on Service Workers, see [Service Workers +Explained](https://github.com/w3c/ServiceWorker/blob/master/explainer.md). + +#### Do Service Workers run in a sandbox? + +Yes, SWs run in renderer processes. When Chrome starts a SW, it chooses a +renderer process that is associated with the SW’s origin. If one does not exist, +the browser creates a new one using a new SiteInstance for the origin. + +#### What APIs can Service Workers access? + +The HTML [specification partially enumerates the API surface available to +Workers](https://html.spec.whatwg.org/#apis-available-to-workers). See also +[Client](https://developer.mozilla.org/en-US/docs/Web/API/Client), and +[ServiceWorkerGlobalScope](https://w3c.github.io/ServiceWorker/#serviceworkerglobalscope-interface). +(Note that SWs do not have access to synchronous APIs.) + +However, other web platform specifications can add new API surface. For example, +[the Permissions API exposes a permissions attribute to +workers](https://w3c.github.io/permissions/#navigator-and-workernavigator-extension). +Generally, SWs have access to a subset of the web platform APIs, although there +are some Worker- and Service Worker-specific APIs that do not make sense for +in-page JavaScript. + +(\[Service\]WorkerGlobalScope is of course not necessarily a strict subset of +Window, and similarly WorkerNavigator is not necessarily a strict subset of +Navigator. And the various SW events are of course only exposed to SWs.) + +#### Do Service Workers obey the same-origin policy? + +Service Worker registration specifies that [Service Workers must run in the same +origin as their +callers](https://w3c.github.io/ServiceWorker/#register-algorithm). + +The origin comparison for finding a Service Worker registration for a request is +[specified](https://w3c.github.io/ServiceWorker/#scope-match-algorithm) to be to +be a longest-prefix match of serialized URLs, including their path. (E.g. + != .) This specification +gap seems fragile to us, [and should be fixed to be specified and implemented as +actual origin equality](https://github.com/w3c/ServiceWorker/issues/1118), but +doesn’t currently seem exploitable. + +Only [Secure Contexts can register or use Service +Workers](https://w3c.github.io/webappsec-secure-contexts/#example-c52936fc). + +Because SWs can call importScripts to import scripts (from any other origin), it +is a good idea for site operators to set a Content-Security-Policy response +header on the ServiceWorker’s JavaScript response, instructing the browser what +sources of script the origin considers trustworthy. That would reduce an XSS +attacker’s ability to pull in their own code. + +#### Do Service Workers live forever? + +There are two concepts of “live” here. One is about the installed registration +and one is about the running Service Worker thread. + +The installed registration lasts indefinitely, similar to origin-scoped storage +like +[IndexedDB](https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API). +Additionally, the browser performs an update check after any navigation using +the Service Worker, invalidating the HTTP cache every 24 hours. (Additionally, +[according to a recent spec +change](https://w3c.github.io/ServiceWorker/#dfn-use-cache), browsers will +revalidate the HTTP cache for SW scripts unless the site opts into using the +cache. Chrome does not yet adhere to this new part of the spec, [but will +soon](https://bugs.chromium.org/p/chromium/issues/detail?id=675540).) + +The browser also performs an update check whenever the SW starts and +periodically while the worker is running, if it has not checked in the last 24 +hours (86,400 seconds, [as specified in the Handle Functional Event +algorithm](https://w3c.github.io/ServiceWorker/#handle-functional-event-algorithm)). + +The browser can terminate a running SW thread at almost any time. Chrome +terminates a SW if the SW has been idle for 30 seconds. Chrome also detects +long-running workers and terminates them. It does this if an event takes more +than 5 minutes to settle, or if the worker is busy running synchronous +JavaScript and does not respond to a ping within 30 seconds. When a SW is not +running, Developer Tools and chrome://serviceworker-internals show its status as +STOPPED. + +#### How can I see Service Workers in Chrome? + +You can see them in the Service Workers field in the Application tab of +Developer Tools. You can also look at chrome://serviceworker-internals. + +#### Do Service Workers keep running after I close the tab? + +If an origin has any Service Workers running, each worker will be shut down soon +after it processes the last event. Events that can keep a worker alive include +push notifications. (Note that the [push notifications will trigger a +user-visible notification if the SW does not create +one](https://cs.chromium.org/chromium/src/chrome/browser/push_messaging/push_messaging_notification_manager.cc?type=cs&l=270), +and they also require the person to grant the origin permission in a prompt. you +can see that in action in this [push notifications demo +app](https://gauntface.github.io/simple-push-demo/).) + +#### Can attackers use Service Workers to trigger attacks developed after SW registration? + +For example, could an attacker convince users to visit a malicious website, then +wait for (e.g.) a V8 bug to show up in Chrome's repository, then write an +exploit, and then somehow run that exploit on the machines of everyone who +visited the malicious website in the last month or so? + +Without explicit permission from the user, the browser won't let the SW poll +for/receive any push notification events the attacker's server may (try to) +send, and hence the SW won't get a chance to handle the events. + +Similarly, you might imagine a SW that tries to use importScripts to +periodically (re-)load maybe-v8-payload.js. But, the SW would only get to do +that as part of an event handler. And if the SW isn't getting any events +(because the person is not browsing or navigating to attacker.com, and because +the person never granted attacker.com push notification permission), then it +will never get to run its event handlers, and so again the SW won't get a chance +to attack. If the person *is* currently browsing attacker.com, then the attacker +doesn't gain any additional attack benefit from a Service Worker. They can just +<script src="maybe-v8-payload.js"> as usual, from the in-page JavaScript. + +**However,** if/when [Foreign +Fetch](https://github.com/w3c/ServiceWorker/blob/master/foreign_fetch_explainer.md) +ships, the situation will change if people browse sites that fetch resources +from the attacker's server. + +#### If a site has an XSS vulnerability, can the attacker permanently compromise that origin for me? + +An XSS attacker can indeed register an evil SW. As before SWs, XSS is a very +powerful mode of attack on a web origin. To mitigate the risk that an XSS attack +will register a malicious SW, the browser requires that the SW registration URL +come from the origin itself. Thus, to use an XSS attack to register a malicious +SW, the attacker needs the additional capability to host their own scripts on +the server. + +Here is another exploit scenario: If the page with an XSS vulnerability also has +a JSONP endpoint, the attacker could use it to (1) bypass CSP; (2) register a +SW; and (3) call importScripts to import a third-party script to persist until + + the site operators detect and remediates the issue, and + + users navigate to the site again while online. + +In an XSS situation, the 24 hour cache directive limit ensures that a malicious +or compromised SW will outlive a fix to the XSS vulnerability by a maximum of 24 +hours (assuming the client is online). Site operators can shrink the window of +vulnerability by setting lower TTLs on SW scripts. We also encourage developers +to [build a kill-switch +SW](https://stackoverflow.com/questions/33986976/how-can-i-remove-a-buggy-service-worker-or-implement-a-kill-switch/38980776#38980776). + +In the near future, the right cleanup strategy (for this and other issues) will +be [Clear-Site-Data](https://www.w3.org/TR/clear-site-data/). + +Additionally, site operators should ignore (e.g. respond with 400 Bad Request) +requests that have the Service-Worker request header for domains or paths that +the server doesn’t expect to be serving SW scripts for. + +#### Can sites opt out of Service Workers? + +Sites that do not intend to serve Service Workers on particular domains or paths +can check for and explicitly reject requests for worker scripts, by checking for +[the Service-Worker request +header](https://w3c.github.io/ServiceWorker/#service-worker-script-request). + +#### How many SWs can an origin, or Chrome itself, spawn? + +The current specification and the current implementation in Chrome do not define +any limits. + +#### Can attackers 'hide' Service Worker scripts in JPEGs or other non-script MIME types? + +*Can an attacker upload (for example) JPEG files to a site that supports the +capability, and then use the uploaded files as SW scripts?* The SW specification +and implementation require that a SW script have the right JavaScript MIME type. +(Additionally, as noted elsewhere in this document, server operators should +reject SW script requests except for the exact endopints they intend to serve SW +scripts from.) + +#### Can iframes register Service Workers? + +Yes, if and only if they are themselves secure contexts. [By +definition](https://w3c.github.io/webappsec-secure-contexts/#examples-framed), +that means that they must be nested inside secure contexts, all the way up to +the top-level document. + +Additionally, third-party iframes can’t register Service Workers if third party +cookies are blocked. (See chrome://settings/content.) + +#### Why doesn’t Chrome prompt the user before registering a Service Worker? + +The Chrome Team generally prefers to ask people about things that are +privacy-relevant, using nouns and verbs that are simple and precise (camera, +mic, geo-location, and so on). But we avoid asking questions about resource-use +(caching, persistence, CPU, and so on). We’re better prepared to make those +types of resource decisions automatically. (Consider, for example, that the HTTP +cache, AppCache, and even [Google +Gears](https://en.wikipedia.org/wiki/Gears_(software)) also do not/did not +prompt the user.) + +[An informal study by Chrome team members Rebecca Rolfe, Ben Wells, and Raymes +Khoury](https://docs.google.com/presentation/d/1suzMhtvMtA11jxPUdH1jL1oPh-82rTymCnslgR3ehEE/edit#slide=id.p) +suggests that people do not generally have sufficient context to understand +permission requests triggered by API calls from origins in iframes. It seems +reasonable that people would similarly lack the context to understand requests +from Service Workers. + +#### What if I don't want any SWs? + +You can disable SWs by disabling storage in chrome://settings. SW are gated on +cookie/local data storage settings. (That is, the **Block sites from setting any +data** radio button in **Content Settings**.) + +Clearing browser data (CBD; the **Clear browsing data...** button in Settings or +chrome://settings/clearBrowserData) also deletes SWs. You can verify that by +following this test procedure: + +1. Visit https://gauntface.github.io/simple-push-demo/ +2. In a second tab, visit chrome://serviceworker-internals/ to see the + ACTIVATED and RUNNING SW + 1. Note that the origin/the origin's SW cannot actually send any + push notifications until you grant it that permission +3. In a third tab, go to chrome://settings/clearBrowserData to clear + browsing data; clear it by clicking **Clear browsing data** +4. Reload chrome://serviceworker-internals/ to see that the SW's status + is now REDUNDANT and STOPPED +5. Close the Simple Push Demo tab +6. Reload chrome://serviceworker-internals/ to see that the SW is now + gone + +You can also remove individual SW registrations with +chrome://serviceworker-internals/. + +If you really want to not use the modern web, you can use one of the browsers +that don't (yet) support SWs. But, eventually, the Open Web Platform will +continue to evolve into a powerful, useful platform supporting applications that +are [secure, linkable, indexable, composable, and +ephemeral](https://paul.kinlan.me/slice-the-web/). Yes, SWs make web apps +somewhat less ephemeral, but we believe the increased applicability of the OWP +is worth it. + +Browser vendors are committed to ensuring the security of the OWP improves even +as we give it new capabilities. This process happens in the open, in fora like +[W3C Technical Architecture Group](https://www.w3.org/2001/tag/), [W3C’s Web +Platform Incubator Community Group](https://www.w3.org/blog/2015/07/wicg/), and +[blink-dev@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/blink-dev). +Security and privacy reviews are part of the process and we invite knowledgeable +experts to participate in those open fora. + +#### What are some SW best practices for site operators? + + [Build a kill-switch + SW](https://stackoverflow.com/questions/33986976/how-can-i-remove-a-buggy-service-worker-or-implement-a-kill-switch/38980776#38980776). + + Use [Clear-Site-Data](https://www.w3.org/TR/clear-site-data/) when it + becomes available. + + Be aware of the need for longer session lifetimes, since clients may go + offline and SWs might need to POST cached requests after coming back online. + [Here is one way to handle + that](https://developers.google.com/web/updates/2016/06/2-cookie-handoff). + +#### What SW bugs would quality for a bounty under [Chrome’s VRP](/Home/chromium-security/vulnerability-rewards-program)? + +If you could break one or more of the security assertions we make in this FAQ, +that would be potentially rewardable under the Vulnerability Rewards Program +(VRP). Here is a non-exhaustive list of examples: + + Over-long registration/lifetime (e.g. a SW able to run or stay alive even + without incoming events to handle) + + Same-origin bypass or off-origin SW registration + + Access to APIs that require prompts, choosers, or permissions, without + permission having been granted to the origin + + Geolocation + + Hardware sensors + + Microphone, camera, media devices + + USB, Bluetooth + +Here is [a list of historical SW security +bugs](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=Type%3DBug-Security+serviceworker&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) +in Chromium’s bug tracker. + +If you believe you have found a bug in the SW specification, please [file a new +Chromium bug using the Security +template](https://bugs.chromium.org/p/chromium/issues/entry?template=Security%20Bug). +It’s a good idea to file bugs with all browser vendors that implement the buggy +section of the spec. + +If you believe you have found a bug in Chrome’s implementation of SW, please +[file a new bug using the Security +template](https://bugs.chromium.org/p/chromium/issues/entry?template=Security%20Bug). +The Chrome Security Team will triage it within 1 or 2 business days. Good bug +reports come with minimal test cases that demonstrate the problem! \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-labels/index.md b/chromium/docs/website/site/Home/chromium-security/security-labels/index.md new file mode 100644 index 00000000000..b2ab4a36a6e --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-labels/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: security-labels +title: Security labels/components +--- + +Please see +[security-labels.md](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/security-labels.md). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-release-management/index.md b/chromium/docs/website/site/Home/chromium-security/security-release-management/index.md new file mode 100644 index 00000000000..c85bfbd8e7b --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-release-management/index.md @@ -0,0 +1,156 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: security-release-management +title: Security Release Management +--- + +## **[TOC]** + +## **Merging Fixes** + +Engineers outside the Chrome Security team shouldn’t request merges for security +fixes. Instead, please [mark the bug as +Fixed](https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/security/security-labels.md#TOC-Merge-labels) +and we’ll take care of it. The instructions below are for the Chrome Security +team itself. + +### **TODO(chrome-security@): Identifying fixes to merge.** + +Security fixes often need to be merged to the Stable or Beta branch. One of the +key considerations in picking a fix to merge is assessing the risk of breakage, +which the bug’s owner should be able to convey. For risky fixes you should +consider bumping it to a later milestone. Generally, you should consider merging +the following: + +* [Critical or High severity bugs](/developers/severity-guidelines) +* [Medium severity bugs](/developers/severity-guidelines) if they're + particularly worrisome (e.g. info leak) or have significant + non-security impact (e.g. top crasher). +* [Low severity bugs](/developers/severity-guidelines) where the fixes + are very low risk. + +For Critical and High bugs, we aim to fix users fast and work directly with +Chrome TPMs to make sure any merge or release is done safely. The following are +general recommendations on when / where to merge: + +* ==Released Critical vulnerability==: Emergency, out of band release, + target a fix as soon as we have a viable release candidate. +* ==Unreleased Critical vulnerability==: Target a fix for the next + scheduled Stable point release. (An exception here is if we know it + will be released prior to the next scheduled release, then we push + as fast as needed to address it). +* ==Released High vulnerability==: A fix should be merged to the next + scheduled Stable point release. +* ==Unreleased High (and lower severity) vulnerability==: Target the + merge to the next scheduled Stable milestone release. + +Other factors to consider in your merge vs. no-merge calculation are: + +* **Bake time**. If a fix has been landed on trunk for weeks and made + it into various dev channels with no observed screaming, a merge + candidate is said to be "well baked". A well baked patch might be + considered for merge even if it is of lower severity, or appears + scary. Conversely, we should rarely be merging anything that hasn't + landed for a few days and been released to a dev channel. +* **Ease of discovery**. If a bug has been found independently by + multiple efforts (e.g. an external researcher as well as ClusterFuzz + internally), this suggests that the bug is readily discoverable and + should be merged sooner rather than later. +* **Ease of merge**. If the merge is a total nightmare, it may be fair + to not merge the fix and just wait for the fix on trunk to "roll + into stable", as all work on trunk eventually does. Of course, if + the bug is critical or other factors (ease of discovery, highly + exploitable, etc.) apply, then we should bite the bullet and + undertake the extra work in order to best protect users. +* **Change of behavior**. If the fix in fact changes behavior (locks + something down, turns something off, etc.) then it is best to have + the fix appear as a major revision bump as opposed to a patch on the + stable channel. This doesn't mean "don't merge" but it does suggest + we might merge to beta but not the existing stable. + +Your worklist for merges is defined by the following bug database criteria: + +* All Issues +* Type-Bug-Security +* Merge=Request,Review + +(Note: beware of querying on the milestone. At this stage in the bug's life, the +milestone label represents the earliest affected release at the time the bug was +filed. So if current stable is M27, there might still be bugs in this list which +are M25, M26, etc., if we've been a little slow in fixing them. Conversely, +anything marked M28 denotes a regression since M27 stable, so it only needs to +be merged to the M28 beta.) + +### **TODO(bug owner): Merging a security patch.** + +When a security merge has been approved, please go ahead and merge. + +To avoid accidentally losing a fix for a Chrome release, branch merges should be +done in a "newer first" manner. For example, if you're merging a fix to M27 +stable and M28 is branched and affected, then merge to M28 first. Such a +strategy can also be used to bake a fix on the M28 branch in order to gain +confidence about an M27 stable channel merge. + +#### **How to merge** + +You should merge fixes with [gerrit](/developers/how-tos/drover), which +automates most of the process. If the [gerrit merge](/developers/how-tos/drover) +does not apply cleanly you may want to reconsider whether the fix will introduce +an unacceptable breakage risk. In the event that you can’t use gerrit to merge a +fix, you still have the option of manually merging from a branch checkout. This +follows the normal developer [normal patch +process](/developers/contributing-code). + +#### **Post-merge bug cleanup.** + +Once the fix is successfully merged you will need to: + +1. Update the bug with the merge revision numbers (one for each branch + you've merged to). +2. Set the merge status to Merge-Approved to Merge-Merged (if drover + didn't do so). + +**Release Notes** + +For every new release, we include notes from security bugs that match the +following search criteria: + +* Type=Bug-Security +* M=? (Milestone) +* Release-x-Myy +* -Security_Severity=None +* Security_Impact=Stable + +For example, [this +link](https://code.google.com/p/chromium/issues/list?can=1&q=Type%3DBug-Security+M%3D26+Release%3D0+-Security_Severity%3DNone+-OS%3DChrome+-OS%3DAndroid&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +shows the security fixes that went into the initial Beta -> Stable promotion +of Chrome 26, and [this +link](https://code.google.com/p/chromium/issues/list?can=1&q=Type%3DBug-Security+M%3D24+Release%3D1+-Security_Severity%3DNone+-OS%3DChrome+-OS%3DAndroid&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) +shows the security fixes that went into the first post-stable patch of the +Chrome 24 branch. + +Every externally reported issue gets assigned a CVE ID per MITRE's [CVE Counting +Rules](https://cve.mitre.org/cve/editorial_policies/counting_rules.html). +Chrome's CVE pool is +[here](https://docs.google.com/a/google.com/spreadsheet/ccc?key=0AoQyc9BFHd9FdE43bkxKZFRtOEk3eW5zeEhST29zTmc#gid=0) +(Google internal-only link, sorry). As of Chrome 27, we're focusing the release +notes on externally reported issues. This mirrors how Mozilla Firefox arranges +their release notes, saves the precious resource of CVEs, saves a lot of time in +preparing release notes, and appropriately focuses our security release notes on +the excellent contributions and rewards of external researchers. + +CVEs are allocated when the stable release that contains the fix is released, +and they are then placed into the bug tracker using the CVE label, and copied +into the release notes. An example of how it looks is [here for the Chrome 27 +release +notes](http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html). + +### **security-notify@chromium.org** + +There is no longer any need to pre-notify security-notify@chromium.org with a +copy of release notes. Very few list members were finding it useful or +actionable. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-reviews/index.md b/chromium/docs/website/site/Home/chromium-security/security-reviews/index.md new file mode 100644 index 00000000000..d3ce166a507 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-reviews/index.md @@ -0,0 +1,84 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: security-reviews +title: Chrome Security Reviews +--- + +All launches and major changes to Chrome undergo a security review. + +Please note that filing a launch bug requires an @google.com account. For +non-Google/open source contributors, find a Google PM who can help you with your +launch. (If you don't know whom to ask, ask on chromium-dev@chromium.org). + +The Chrome Security Team used to ask engineers and PMs to provide the same +information over and over again for incremental launches. We also had a hard +time keeping on top of incremental changes and we weren't really using the +cumulative review data to give us insight into the ongoing engineering practices +across Chrome. + +This process aims to address these issues and make the review process simpler +and faster for everyone. If you have further questions, ping adetaylor@. + +## How does the security review process work? + +The full story is here: [New Chrome Security Review +Plan](https://docs.google.com/document/d/11bnI_H0_Hg_o1mILjjH28PHB98bpSC4STh_OXLwv1gA/edit). + +TL;DR: File a launch bug, and the security team will see it on their dashboard. +Make sure to link to a design document in the launch bug. The security +reviewer(s) will look to the design doc first, and will probably comment and ask +questions in the document. + +If your project is especially tricky or large, it's best to reach out to +security@chromium.org (for public stuff; preferable) or +chrome-security@google.com (for Google confidential stuff) well ahead of time. + +## FAQ + +#### Q: Why do we do security reviews? + +Great question, and thanks for asking it! Security reviews serve three main +purposes: + + Provides an opportunity to educate and advise on potential security issues. + Chrome is one of the hardest pieces of software in the world to secure: + millions of lines of security-critical code, rendering untrusted content + from all corners of the web, sitting on over 1 billion devices... that makes + it an attractive target for the bad guys! Everyone in Chrome is responsible + for security, and we're here to help point out and avoid security pitfalls. + + It’s a second pair of (expert) eyes looking for security holes. An attacker + needs to only find one security bug in your project to exploit, while you + have the job of defending your entire codebase. Not fair, right? We want an + engineer on Chrome to look over your project with an eye on security, before + someone with different motives takes a look when the project lands. + + Gives the security team an overview of what is happening in Chrome. Good + security advice is tailored to a team, but great security advice also + considers the strategic direction of the entire product area. When we can + keep tabs on developments and product trajectories across teams, it + (hopefully) allows us to provide meaningful advice and recommendations, + sometimes even before you approach us and ask for it! + +#### Q: Is there anything security reviews are NOT? + +Unfortunately, security reviews don’t mean that you can stop caring about +security. Your team is still accountable and responsible for ensuring that your +code is free of security bugs. Security reviews won’t catch all bugs, but they +certainly do help to make sure your security practices are sound. + +#### Q: Are Chrome and Chrome OS using the same security review process? + +Yes, but with one important difference: for Chrome OS, kerrnel@ is the main +point of contact. To file a Chrome OS feature survey, please follow the steps at +go/cros-security-review. + +#### Q: I have other questions. How can I get in contact? + +The best address for us is security@chromium.org, or if you’re a Googler you can +reach us at chrome-security@google.com for Chrome stuff, +chromeos-security@google.com for Chrome OS stuff. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (1).png.sha1 b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (1).png.sha1 new file mode 100644 index 00000000000..c6a66c0cd85 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (1).png.sha1 @@ -0,0 +1 @@ +32118b68b5ad4afe076287b5df689fbce052a122 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (2).png.sha1 b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (2).png.sha1 new file mode 100644 index 00000000000..f6d7ae4aeb6 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (2).png.sha1 @@ -0,0 +1 @@ +60af70776d7c99f008418434ce035c4d686584c6 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (3).png.sha1 b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (3).png.sha1 new file mode 100644 index 00000000000..b83274fa097 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue (3).png.sha1 @@ -0,0 +1 @@ +c3934652eac2e21e4eb20872cc71838828b01255 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue.png.sha1 b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue.png.sha1 new file mode 100644 index 00000000000..86f5cb457c0 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Life of a Security Issue.png.sha1 @@ -0,0 +1 @@ +20d867a7595911beeb2c456cfd76649b5e4418bd \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-sheriff/Screen Shot 2016-05-20 at 15.41.22.png.sha1 b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Screen Shot 2016-05-20 at 15.41.22.png.sha1 new file mode 100644 index 00000000000..fee823d5b8d --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-sheriff/Screen Shot 2016-05-20 at 15.41.22.png.sha1 @@ -0,0 +1 @@ +b855ec7ad24d2f8ed5c1eba131b58b041403a081 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/security-sheriff/index.md b/chromium/docs/website/site/Home/chromium-security/security-sheriff/index.md new file mode 100644 index 00000000000..57a66a4da2b --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/security-sheriff/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: security-sheriff +title: Security Sheriff +--- + +The [canonical version of this document is now in the Chromium source +tree](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/sheriff.md). \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/site-isolation/index.md b/chromium/docs/website/site/Home/chromium-security/site-isolation/index.md new file mode 100644 index 00000000000..b6f3b6ae035 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/site-isolation/index.md @@ -0,0 +1,377 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: site-isolation +title: Site Isolation +--- + +## Overview + +Site Isolation is a security feature in Chrome that offers additional protection +against some types of security bugs. It uses Chrome's sandbox to make it harder +for untrustworthy websites to access or steal information from your accounts on +other websites. + +Websites are typically not allowed to access each other's data inside the +browser, thanks to code that enforces the Same Origin Policy. Occasionally, +security bugs are found in this code and malicious websites may try to bypass +these rules to attack other websites. The Chrome team aims to fix such bugs as +quickly as possible. + +Site Isolation offers an extra line of defense to make such attacks less likely +to succeed. It ensures that pages from different websites are always put into +different processes, each running in a sandbox that limits what the process is +allowed to do. It also makes it possible to block the process from receiving +most types of sensitive data from other sites. As a result, a malicious website +will find it much more difficult to steal data from other sites, even if it can +break some of the rules in its own process. + +This protection is made possible by the following changes in Chrome's behavior: + +* Cross-site documents are always put into a different process, + whether the navigation is in the current tab, a new tab, or an + iframe (i.e., one web page embedded inside another). Note that only + a subset of sites are isolated on Android, to reduce overhead. +* Cross-site data (such as HTML, XML, JSON, and PDF files) is not + delivered to a web page's process unless the server says it should + be allowed (using [CORS](https://www.w3.org/TR/cors/)). +* Security checks in the browser process can detect and terminate a + misbehaving renderer process (only on desktop platforms for the time + being). + +Here, we use a precise definition for a **site**: the scheme and registered +domain name, including the public suffix, but ignoring subdomains, port, or +path. For example, an origin like https://foo.example.com:8080 would have a site +of https://example.com. We use sites instead of origins to avoid breaking +compatibility with existing web pages that might modify their document.domain to +communicate across multiple subdomains of a site. + +For more technical information about the protections offered by Site Isolation +and how they are built, please see the [project's design +document](/developers/design-documents/site-isolation). + +[TOC] + +## Motivation + +Web browser security is important: browsers must defend against untrustworthy +web pages that try to attack other sites or access the user's machine. Given the +complexity of the browser, it is necessary to use a "defense in depth" approach +to limit the damage that occurs even if an attacker finds a way around the Same +Origin Policy or other security logic in the browser. As a result, Chrome uses a +sandbox and Site Isolation to try to defend against even powerful attackers +(e.g., who might know about bugs in the browser). This is motivated by several +different types of attacks. + +First, compromised renderer processes (also known as "arbitrary code execution" +attacks in the renderer process) need to be explicitly included in a browser’s +security threat model. We assume that determined attackers will be able to find +a way to compromise a renderer process, for several reasons: + +* Past experience suggests that potentially exploitable bugs will be + present in future Chrome releases. There were [10 potentially + exploitable bugs in renderer components in + M69](https://bugs.chromium.org/p/chromium/issues/list?can=1&q=Release%3D0-M69%2C1-M69%2C2-M69%2C3-M69+Type%3DBug-Security+Security_Severity%3DHigh%2CCritical+-status%3ADuplicate+label%3Aallpublic+component%3ABlink%2CInternals%3ECompositing%2CInternals%3EImages%3ECodecs%2CInternals%3EMedia%2CInternals%3ESkia%2CInternals%3EWebRTC%2C+-component%3ABlink%3EMedia%3EPictureInPicture%2CBlink%3EPayments%2CBlink%3EStorage%2CInternals%3ECore%2CInternals%3EPrinting%2CInternals%3EStorage%2CMojo%2CServices%3ESync%2CUI%3EBrowser&sort=m&groupby=&colspec=ID+Status+CVE+Security_Severity+Security_Impact+Component+Summary), + [5 in + M70](https://bugs.chromium.org/p/chromium/issues/list?sort=m&groupby=&colspec=ID%20Status%20CVE%20Security_Severity%20Security_Impact%20Component%20Summary&q=Release%3D0-M70%2C1-M70%2C2-M70%2C3-M70%20Type%3DBug-Security%20Security_Severity%3DHigh%2CCritical%20-status%3ADuplicate%20label%3Aallpublic%20component%3ABlink%2CInternals%3ECompositing%2CInternals%3EImages%3ECodecs%2CInternals%3EMedia%2CInternals%3ESkia%2CInternals%3EWebRTC%2C%20-component%3ABlink%3EMedia%3EPictureInPicture%2CBlink%3EPayments%2CBlink%3EStorage%2CInternals%3ECore%2CInternals%3EPrinting%2CInternals%3EStorage%2CMojo%2CServices%3ESync%2CUI%3EBrowser&can=1), + [13 in + M71](https://bugs.chromium.org/p/chromium/issues/list?sort=m&groupby=&colspec=ID%20Status%20CVE%20Security_Severity%20Security_Impact%20Component%20Summary&q=Release%3D0-M71%2C1-M71%2C2-M71%2C3-M71%20Type%3DBug-Security%20Security_Severity%3DHigh%2CCritical%20-status%3ADuplicate%20label%3Aallpublic%20component%3ABlink%2CInternals%3ECompositing%2CInternals%3EImages%3ECodecs%2CInternals%3EMedia%2CInternals%3ESkia%2CInternals%3EWebRTC%2C%20-component%3ABlink%3EMedia%3EPictureInPicture%2CBlink%3EPayments%2CBlink%3EStorage%2CInternals%3ECore%2CInternals%3EPrinting%2CInternals%3EStorage%2CMojo%2CServices%3ESync%2CUI%3EBrowser&can=1), + [13 in + M72](https://bugs.chromium.org/p/chromium/issues/list?sort=m&groupby=&colspec=ID%20Status%20CVE%20Security_Severity%20Security_Impact%20Component%20Summary&q=Release%3D0-M72%2C1-M72%2C2-M72%2C3-M72%20Type%3DBug-Security%20Security_Severity%3DHigh%2CCritical%20-status%3ADuplicate%20label%3Aallpublic%20component%3ABlink%2CInternals%3ECompositing%2CInternals%3EImages%3ECodecs%2CInternals%3EMedia%2CInternals%3ESkia%2CInternals%3EWebRTC%2C%20-component%3ABlink%3EMedia%3EPictureInPicture%2CBlink%3EPayments%2CBlink%3EStorage%2CInternals%3ECore%2CInternals%3EPrinting%2CInternals%3EStorage%2CMojo%2CServices%3ESync%2CUI%3EBrowser&can=1), + [15 in + M73](https://bugs.chromium.org/p/chromium/issues/list?sort=m&groupby=&colspec=ID%20Status%20CVE%20Security_Severity%20Security_Impact%20Component%20Summary&q=Release%3D0-M73%2C1-M73%2C2-M73%2C3-M73%20Type%3DBug-Security%20Security_Severity%3DHigh%2CCritical%20-status%3ADuplicate%20label%3Aallpublic%20component%3ABlink%2CInternals%3ECompositing%2CInternals%3EImages%3ECodecs%2CInternals%3EMedia%2CInternals%3ESkia%2CInternals%3EWebRTC%2C%20-component%3ABlink%3EMedia%3EPictureInPicture%2CBlink%3EPayments%2CBlink%3EStorage%2CInternals%3ECore%2CInternals%3EPrinting%2CInternals%3EStorage%2CMojo%2CServices%3ESync%2CUI%3EBrowser&can=1). + This volume of bugs holds steady despite years of investment into + developer education, fuzzing, Vulnerability Reward Programs, etc. + Note that this only includes bugs that are reported to us or are + found by our team. +* Security bugs can often be made exploitable: even 1-byte buffer + overruns [can be turned into an + exploit](https://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html). +* Deployed mitigations (like + [ASLR](http://en.wikipedia.org/wiki/Address_space_layout_randomization) + or [DEP](http://en.wikipedia.org/wiki/Data_Execution_Prevention)) + are [not always + effective](https://googleprojectzero.blogspot.com/2019/04/virtually-unlimited-memory-escaping.html). + +Second, universal cross-site scripting (UXSS) bugs pose a similar threat. +Security bugs of this form would normally let an attacker bypass the Same Origin +Policy within the renderer process, though they don't give the attacker complete +control over the process. Such UXSS bugs tend to be +[common](https://ai.google/research/pubs/pub48028). + +Third, side channel attacks such as [Spectre](https://spectreattack.com/) make +reading arbitrary renderer process memory possible, even without bugs in Chrome. +This poses additional risks to sensitive data in the renderer process, and it +can make exploitation easier. + +Chrome's architecture provides additional defenses against these powerful +attacks. Chrome's +[sandbox](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/design/sandbox.md) +helps prevent a compromised renderer process from being able to access arbitrary +local resources (e.g. files, devices). Site Isolation helps protect websites +against attacks from compromised renderer processes, UXSS, and side-channel +attacks like Spectre. + +For more background and motivation, see our [Usenix Security 2019 conference +paper](https://www.usenix.org/conference/usenixsecurity19/presentation/reis) on +Site Isolation, and Chrome's [Post-Spectre Threat Model +Re-Think](https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/security/side-channel-threat-model.md). + +## Current Status + +#### Desktop Platforms + +Site Isolation was [enabled by +default](https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html) +for all sites in Chrome 67 on Windows, Mac, Linux, and Chrome OS to help to +defend against attacks that are able to read otherwise inaccessible data within +a process, such as [speculative side-channel attack +techniques](https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html) +like Spectre/Meltdown. As of Chrome 77, Site Isolation also now defends against +fully compromised renderer processes and UXSS bugs on desktop platforms. In M92, +Site Isolation expanded to isolate all extensions from each other as well. + +#### Android + +On Android devices with at least 2 GB of RAM, Site Isolation has been enabled +for sites that users log into since Chrome 77. In Chrome 92, this expanded to +include sites that use third-party login providers (e.g., OAuth) and sites that +adopt Cross-Origin-Opener-Policy headers. + +## Related Blog Posts + +* [Improving extension security with out-of-process + iframes](https://blog.chromium.org/2017/05/improving-extension-security-with-out.html) + \- May 2017 +* [Mitigating Spectre with Site Isolation in + Chrome](https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html) + \- July 2018 +* [Improving Site Isolation for Stronger Browser + Security](https://security.googleblog.com/2019/10/improving-site-isolation-for-stronger.html) + / [Recent Site Isolation + improvements](https://blog.chromium.org/2019/10/recent-site-isolation-improvements.html) + \- October 2019 +* [Mitigating Side-Channel + Attacks](https://blog.chromium.org/2021/03/mitigating-side-channel-attacks.html) + / [A Spectre proof-of-concept for a Spectre-proof + web](https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html) + \- March 2021 +* [Protecting more with Site + Isolation](https://security.googleblog.com/2021/07/protecting-more-with-site-isolation.html) + / [Privacy and performance, working together in + Chrome](https://blog.google/products/chrome/privacy-and-performance-working-together-chrome/) + \- July 2021 + +## Limitations + +* **Sites vs Origins**: Compatibility with document.domain changes + currently requires us to use sites (e.g., https://example.com) + rather than origins (e.g., https://foo.example.com) for defining + process boundaries. This allows multiple origins within a site to + share the same process. +* **Filtering cross-site data**: Cross-Origin Read Blocking (CORB) is + a best effort approach that tries to protect as much sensitive + content as possible, but it is limited by the need to preserve + compatibility with incorrectly labeled resources (e.g., JavaScript + files labeled as HTML). +* **Unavailable in some settings**: Site Isolation is not yet + supported in Android WebView, or on Chrome for Android devices with + less than 2GB of RAM, or in the <webview> tags used in Chrome + Apps. + +## Tradeoffs + +Site Isolation represents a major architecture change for Chrome, so there are +some tradeoffs when enabling it, such as increased memory overhead. The team has +worked hard to minimize this overhead and fix as many functional issues as +possible. A few known issues remain: + +For users: + +* Higher overall memory use in Chrome. On desktop in Chrome 67, this + is about 10-13% when isolating all sites with many tabs open. On + Android in Chrome 77, this is about 3-5% overhead when isolating + sites that users log into. + +For web developers: + +* Full-page layout is no longer synchronous, since the frames of a + page may be spread across multiple processes. This may affect pages + that change the size of a frame and then send a postMessage to it, + since the receiving frame may not yet know its new size when + receiving the message. One workaround is to send the new size in the + postMessage itself if the receiving frame needs it. As of Chrome 68, + pages can also work around this by forcing a layout in the sending + frame before sending the postMessage. See [Site Isolation for web + developers](https://developers.google.com/web/updates/2018/07/site-isolation) + for more details. +* Unload handlers may not always run when the tab is closed. + postMessage might not work from an unload handler + ([964950](https://crbug.com/964950)). +* When debugging with `--disable-web-security`, it may also be necessary + to disable Site Isolation (using + `--disable-features=IsolateOrigins,site-per-process`) to access + cross-origin frames. + +## How to Configure + +For most users, no action is required, and Site Isolation is enabled at an +appropriate level based on available resources. + +For more advanced cases, it is possible to isolate additional sites and origins +in a few ways. Note that changes to chrome://flags and the command line only +affect the current device, and are not synced to your other instances of Chrome. + +### 1) Isolating All Sites (Android) + +This mode is already enabled by default for 100% of Chrome users on Windows, +Mac, Linux, and Chrome OS. The instructions below can still be useful on +Android, for users desiring the highest security on devices with sufficient RAM. + +This mode ensures that all sites are put into dedicated processes that are not +shared with other sites. It can be enabled in either of the following ways: + +* Visit chrome://flags#enable-site-per-process, click Enable, and + restart. (See also: [help center + article](https://support.google.com/chrome/answer/7623121). Note + that this flag is only present on Android. It is missing on other + platforms, where it is already enabled by default.) + + ![](/Home/chromium-security/site-isolation/site-isolation-flag-1.png) + +* Or, use an [Enterprise + Policy](https://support.google.com/chrome/a/answer/7581529) to + enable + [SitePerProcess](/administrators/policy-list-3#SitePerProcess) or + [SitePerProcessAndroid](/administrators/policy-list-3#SitePerProcessAndroid) + within your organization. + +### 2) Isolating Specific Origins + +This mode allows you to provide a list of specific origins that will be given +dedicated processes. On desktop platforms where Site Isolation is already fully +enabled, these origins will be isolated at a finer granularity than their site +(e.g., https://foo.example.com can be isolated from the rest of +https://example.com). On Android, these origins will be isolated in addition to +any other sites already isolated. This can be used to isolate any origins that +need extra protection, such as any that you log into. (Note that wildcards are +supported to isolate all origins underneath a given origin.) + +This mode is automatically enabled on Android devices with at least 2 GB of +memory as of Chrome 77, for sites that users log into. This mode can be further +manually configured in any of the following ways: + +* In Chrome 77 or later versions: Enable + chrome://flags/#isolate-origins, provide the list of origins to + isolate (e.g. + "https://foo.example.com,https://[*.]corp.example.com"), and + restart Chrome. + +* Use [command line flags](/for-testers/command-line-flags) to start + Chrome with `--isolate-origins` followed by a comma-separated list of + origins to isolate. For example: + `--isolate-origins=https://foo.example.com,https://[*.]corp.example.com` + Be careful not to include effective top-level domains (e.g., https://co.uk + or https://appspot.com; see the full list at ), + because these will be ignored. +* Or, use an [Enterprise + Policy](https://support.google.com/chrome/a/answer/7581529) to + enable + [IsolateOrigins](https://chromeenterprise.google/policies/#IsolateOrigins) + or + [IsolateOriginsAndroid](https://chromeenterprise.google/policies/#IsolateOriginsAndroid) + within your organization. + +### **3) Isolating All Origins** + +This mode is experimental and will break any pages that depend on modifying +document.domain to access a cross-origin but same-site page. It will also +increase Chrome's process count and may affect performance. The benefit is that +every origin will require its own dedicated process, such that two origins from +the same site won't share a process. + +This mode can be configured by enabling chrome://flags#strict-origin-isolation + +### Diagnosing Issues + +If you encounter problems when Site Isolation is enabled, you can try turning it +off by undoing the steps above, to see if the problem goes away. + +You can also try opting out of field trials of Site Isolation to diagnose bugs, +by visiting chrome://flags#site-isolation-trial-opt-out, choosing "Disabled (not +recommended)," and restarting. + +![](/Home/chromium-security/site-isolation/site-isolation-flag-2.png) + +Starting Chrome with the `--disable-site-isolation-trials` flag is equivalent to +the opt-out above. + +Note that if Site Isolation has been enabled by enterprise policy, then none of +these options can be used to disable it. + +We encourage you to [file bugs](https://goo.gl/XBoKtY) if you encounter problems +when using Site Isolation that go away when disabling it. In the bug report, +please describe the problem and mention whether it is specific to having Site +Isolation enabled. + +### Verifying + +You can visit chrome://process-internals to see whether a Site Isolation mode is +enabled. + +If you would like to test that Site Isolation has been successfully turned on in +practice, you can follow the steps below: + +1. Navigate to a website that has cross-site subframes. For example: + * Navigate to + . + * Click the "Go cross-site (complex page)" button. + * The main page will now be on the http://csreis.github.io site + and the subframe will be on the https://chromium.org site. +2. Open Chrome's Task Manager: Chrome Menu -> More tools -> Task + manager (Shift+Esc). +3. Verify that the main page and the subframe are listed in separate + rows associated with different processes. For example: + * Tab: creis.github.io/tests/cross-site-iframe.html - Process ID = 1234 + * Subframe: https://chromium.org - Process ID = 5678 + +If you see the subframe process in Chrome's Task Manager, then Site Isolation is +correctly enabled. These steps work when using the "Isolating all sites" +approach above (e.g., --site-per-process). They also work when using the +"Isolating certain sites" approach above (e.g., --isolate-origins), as long as +the list of origins provided includes either http://csreis.github.io or +https://chromium.org. + +## Recommendations for Web Developers + +Site Isolation can help protect sensitive data on your website, but only if +Chrome can distinguish it from other resources which any site is allowed to +request (e.g., images, scripts, etc.). Chrome currently tries to identify URLs +that contain HTML, XML, JSON, and PDF files, based on MIME type and other HTTP +headers. See [Cross-Origin Read Blocking for Web +Developers](/Home/chromium-security/corb-for-developers) for information on how +to ensure that sensitive information on your website will be protected by Site +Isolation. + +**We strongly recommend following the guidelines in [Post-Spectre Web +Development](https://www.w3.org/TR/post-spectre-webdev/) to protect content**, +which can help in browsers with and without Site Isolation support. The +[Mitigating Side-Channel +Attacks](https://blog.chromium.org/2021/03/mitigating-side-channel-attacks.html) +blog post provides a good overview of these mechanisms and how they help. For +example, using HTTP response headers such as +[Cross-Origin-Resource-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)) +and +[Cross-Origin-Opener-Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy) +can help control which process a resource can load in. Consider also inspecting +the [Sec-Fetch-](https://w3c.github.io/webappsec-fetch-metadata/) request +headers in the HTTP server to identify the source of the request before deciding +how to handle a request. + +See also [Site Isolation for web +developers](https://developers.google.com/web/updates/2018/07/site-isolation) +for more discussion of how Site Isolation can protect web page content and in +which cases it might affect page behavior. diff --git a/chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-1.png.sha1 b/chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-1.png.sha1 new file mode 100644 index 00000000000..ecdfc881ca9 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-1.png.sha1 @@ -0,0 +1 @@ +bef7d27bc0f2815d8e2c617110d025311e54013a \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-2.png.sha1 b/chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-2.png.sha1 new file mode 100644 index 00000000000..9021077c687 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/site-isolation/site-isolation-flag-2.png.sha1 @@ -0,0 +1 @@ +435a10332929ba379951a727f1a8e27661b6cb6f \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/site-isolation/site-per-process-flag.png.sha1 b/chromium/docs/website/site/Home/chromium-security/site-isolation/site-per-process-flag.png.sha1 new file mode 100644 index 00000000000..94f00435edb --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/site-isolation/site-per-process-flag.png.sha1 @@ -0,0 +1 @@ +f7db07cfc74ede5b89d96e6350d732c699b51348 \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/ssca/index.md b/chromium/docs/website/site/Home/chromium-security/ssca/index.md new file mode 100644 index 00000000000..2f6003cc48e --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/ssca/index.md @@ -0,0 +1,109 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: ssca +title: Mitigating Side-Channel Attacks +--- + +At the beginning of 2018, researchers from Google's [Project +Zero](https://googleprojectzero.blogspot.com/2014/07/announcing-project-zero.html) +[disclosed](https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html) +a series of new attack techniques against speculative execution optimizations +used by modern CPUs. Security researchers will continue to find new variations +of these and other side-channel attacks. Such techniques have implications for +products and services that execute third-party code, including Chrome and other +browsers with support for features like JavaScript and WebAssembly. + +The Chrome Security Team has written [a document covering the variety of defense +techniques +available](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/security/side-channel-threat-model.md). + +**Protecting users with Site Isolation** + +Chrome has been working on a feature called [Site +Isolation](/Home/chromium-security/site-isolation) which provides extensive +mitigation against exploitation of these types of vulnerabilities. With Site +Isolation enabled, the amount of data exposed to side-channel attacks is reduced +as Chrome renders content for each website in a separate process. This allows +websites to be protected from each other by the security guarantees provided by +the operating system on which Chrome is running. + +Site Isolation is enabled by default on Windows, Mac, Linux, and Chrome OS since +Chrome 67, and can also can be controlled [via enterprise +policies](https://support.google.com/chrome/a/answer/7581529) or [with +chrome://flags](https://support.google.com/chrome/answer/7623121). More details +can be found in our blog post [Mitigating Spectre with Site Isolation in +Chrome](https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html). + +Site Isolation is most effective when website developers follow modern security +best practices: + + Where possible cookies should use + [SameSite](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7) + and[ HTTPOnly](https://www.owasp.org/index.php/HttpOnly) attributes and + pages should avoid reading from document.cookie. + + Make sure [MIME types are + correct](/Home/chromium-security/site-isolation#TOC-Recommendations-for-Web-Developers) + and specify an X-Content-Type-Options: nosniff response header for any URLs + with user-specific or sensitive content, to take full advantage of + [Cross-Origin Read + Blocking](https://chromium.googlesource.com/chromium/src/+/HEAD/services/network/cross_origin_read_blocking_explainer.md) + (CORB). + +Web developers should also see the [Meltdown/Spectre +WebFundamentals](https://developers.google.com/web/updates/2018/02/meltdown-spectre) +post. + +Spectre and Meltdown + +The attacks known as [Spectre and Meltdown](https://meltdownattack.com/), +originally +[disclosed](https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html) +by Project Zero, have implications for Chrome. For information about other +Google products and services, including Chrome OS please see the [Google Online +Security +Blog](https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html). + +These attacks are mitigated by Site Isolation. Additionally, staring in Chrome +64, Chrome's JavaScript engine [V8](https://www.v8project.org/) has included +[further mitigations](https://github.com/v8/v8/wiki/Untrusted-code-mitigations) +which provide protection on platforms where Site Isolation is not enabled. + +In line with +[other](https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/) +[browsers'](https://blogs.windows.com/msedgedev/2018/01/03/speculative-execution-mitigations-microsoft-edge-internet-explorer/) +response to Spectre and Meltdown, Chrome disabled[ +SharedArrayBuffer](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/SharedArrayBuffer) +in Chrome 63 starting on Jan 5th 2018, and modified the behavior of other APIs +such as performance.now to help reduce the efficacy of side-channel attacks. + +SharedArrayBuffer is now re-enabled in Chrome versions where Site Isolation is +on by default. + +GLitch + +Researchers from Vrije Universiteit Amsterdam disclosed +[details](https://www.vusec.net/wp-content/uploads/2018/05/glitch.pdf) of the +GLitch attack. Part of the attack uses high-precision GPU timers available in +WebGL to obtain information that is then used to perform a +[Rowhammer-style](https://en.wikipedia.org/wiki/Row_hammer) bit-flip attack. + +Starting in Chrome 65, the +[EXT_disjoint_timer_query](https://developer.mozilla.org/en-US/docs/Web/API/EXT_disjoint_timer_query) +and EXT_disjoint_timer_query_webgl2 WebGL extensions have been disabled, and the +behaviour of clientWaitSync and other \*Sync functions has been changed to +reduce their effective precision as clocks. + +Although the GLitch attack is unrelated to Spectre and Meltdown, +EXT_disjoint_timer_query and EXT_disjoint_timer_query_webgl2 could also be used +to mount Spectre and Meltdown attacks. Accordingly, they will remain disabled in +Chrome until Site Isolation is on by default, at which point they will be +re-enabled with sufficiently reduced precision to mitigate GLitch attacks. + +Also see [more +details](http://www.chromium.org/chromium-os/glitch-vulnerability-status) about +GLitch and Chrome OS. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/strict-origin-isolation-trial/index.md b/chromium/docs/website/site/Home/chromium-security/strict-origin-isolation-trial/index.md new file mode 100644 index 00000000000..6006b060ffd --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/strict-origin-isolation-trial/index.md @@ -0,0 +1,95 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: strict-origin-isolation-trial +title: Strict Origin Isolation Trial +--- + +tl;dr This page describes a desktop Canary-only field trial to study the effect +of isolating pages by origin (as opposed to the current [Site +Isolation](/Home/chromium-security/site-isolation) approach using sites) on +Chrome's performance. The trial will be one week in duration, starting around +May 23rd, 2019. Some pages, such as those that rely on setting document.domain +to perform cross-origin scripting, may encounter issues during this trial. + +Tracking Issue: “Evaluate feasibility of widespread +origin isolation” + +## Overview + +The Strict Origin Isolation Trial is a short-duration (one week) field trial +designed to gather preliminary data about the performance impact of changing the +granularity of isolation from site (protocol and eTLD+1) to origin (protocol, +host, and port). + +Strict Origin Isolation would improve security by ensuring different origins do +not share a process with each other, but it poses a risk of increased resource +usage. This study will allow us to study the expected impact on process count, +memory usage, and other performance metrics if all origins were isolated, +including potential performance benefits from increased parallelization. + +However, this trial also poses a functional risk to web pages that script +same-site but cross-origin frames, which is possible if the pages modify their +document.domain values via JavaScript. Such cross-origin scripting will be +disrupted if the documents are in different processes, resulting in JavaScript +errors visible in the DevTools console and potentially broken page features. + + + + + + + + + + + + + + + + +
Sample cross-origin scripting error:On a page a.example.com with a subframe b.example.com, where both execute document.domain = ‘example.com’, and b.example.com attempts something like top.document.body.innertext, the following error occurs:
VM118:1 Uncaught DOMException: Blocked a frame with origin "https://b.example.com" from accessing a cross-origin frame. at <anonymous>:1:5
+ +Because of this risk, we will limit this trial to a single week on only the +Canary channel, to avoid disruptions to users of the Dev, Beta, and Stable +channels. 50% of Canary channel users will be opted in to the Strict Origin +Isolation mode, while the remaining 50% will act as a control group using Site +Isolation. The trial will only affect Chrome versions 76.0.3791.0 and higher. + +## Trial Contact Information + +During the trial, if you need further information, please reach out to: + + [wjmaclean@chromium.org](mailto:wjmaclean@chromium.org) + + [site-isolation-dev@chromium.org](mailto:site-isolation-dev@chromium.org) + +## Disabling the Trial + +If you encounter issues during the trial, you can opt-out by running Chrome with +--disable-features=StrictOriginIsolation, or changing the +chrome://flags/#strict-origin-isolation flag from Default to Disabled. + +## Reporting Bugs + +If you experience incorrect behaviour during the trial, first check the +variations list in chrome://version to see if the variation for the trial +(0x4c825337 or 1283609399), is present. If so, and if the issue goes away when +disabling the trial (see above), please file a bug by clicking on [this +link](https://bugs.chromium.org/p/chromium/issues/entry?template=Defect+report+from+user&components=Internals%3ESandbox%3ESiteIsolation&blocking=902399&cc=wjmaclean@chromium.org&summary=Issue+during+Strict+Origin+Isolation+Trial:). + +## Recommended Developer Actions + +To avoid impact from the trial (and otherwise improve security), web developers +can avoid modifying document.domain to script cross-origin frames. + +## Summary + +Determining the feasibility of increasing Chromium’s isolation granularity from +sites to origins is important for improving security performance for our users. +This trial is a first step to better understand the implications, before +considering next steps. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/symantec-legacy-pki/index.md b/chromium/docs/website/site/Home/chromium-security/symantec-legacy-pki/index.md new file mode 100644 index 00000000000..d05a2b5c643 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/symantec-legacy-pki/index.md @@ -0,0 +1,87 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: symantec-legacy-pki +title: Symantec Legacy PKI +--- + +Following our +[announcement](https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html) +in September 2017 to distrust the Legacy Symantec PKI, Chrome has executed on +this plan in incremental phases across several releases. As described in detail +in previous announcements, this distrust is the result of a consensus of +cross-browser efforts to maintain a trusted and secure web. The phased distrust +of this PKI has been implemented as follows: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ReleaseDescription of Changes
Chrome 65Remove trust in certificates issued after December 1, 2017, effectively stopping trust in new issuance from the Legacy Symantec PKI.
Chrome 66Remove trust in certificates issued from the Legacy Symantec PKI before June 01, 2016, which were the most at-risk certificates based on the numerous issues identified by the Browser and Web PKI communities.
Chrome 70Remove trust in all certificates issued from the Legacy Symantec PKI. Trust will be removed via staged rollout.
+ +We are approaching the final phase of distrust now that M70 is about to reach +Stable. The following describes Chrome’s behavior with respect to Legacy +Symantec TLS certificates across our various release channels. + +### Chrome 71 and beyond + +### Following the ramp-up to 100% of users in Chrome 70 Stable, Chrome 71 and beyond will be enabling the Legacy Symantec PKI distrust by default. This change is present in all release channels: Canary, Dev, Beta, and Stable. Users observing the distrust in Chrome 70 should experience the exact same behavior in Chrome 71 and up. + +### Chrome 70 Stable + +The distrust of the Legacy Symantec PKI is rolling out to users of Chrome +throughout the release of Chrome 70. At the initial release of Chrome 70, this +change will reach a small percentage of Chrome 70 users, and then slowly scaling +up to 100% of Chrome 70 users over several weeks. This approach seeks to +minimize any remaining breakage associated with this change while still +providing affected sites the ability to diagnose and take corrective action. + +Site Operators receiving problem reports from users are strongly encouraged to +take corrective action by replacing their website certificates as soon as +possible. Instructions on how to determine whether your site is affected as well +as what corrective action is needed can be found +[here](https://security.googleblog.com/2018/03/distrust-of-symantec-pki-immediate.html). + +### Chrome 70 Early Release Channels + +Chrome 70 Canary and Dev + +In M70 Canary and Dev, the Symantec PKI has been distrusted by default for all +users. In these release channels, page loads over TLS connecting to sites using +Legacy Symantec TLS certificates display a full page interstitial with the error +code NET::ERR_CERT_SYMANTEC_LEGACY. Additionally, subresources served over such +connections will fail to load, possibly degrading site functionality. + +Chrome 70 Beta + +Distrust in the Legacy Symantec PKI was rolled out over time, starting with the +first Chrome 70 Beta. As a result of this Beta period, many sites still using +Legacy Symantec TLS certificates replaced their certificates. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/chromium-security/vulnerability-rewards-program/index.md b/chromium/docs/website/site/Home/chromium-security/vulnerability-rewards-program/index.md new file mode 100644 index 00000000000..c4a400045f8 --- /dev/null +++ b/chromium/docs/website/site/Home/chromium-security/vulnerability-rewards-program/index.md @@ -0,0 +1,14 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/chromium-security + - Chromium Security +page_name: vulnerability-rewards-program +title: Vulnerability Rewards Program +--- + +The Chrome Reward Program is hosted at +. + +Go forth and report bugs! \ No newline at end of file diff --git a/chromium/docs/website/site/Home/debugging-on-webview/index.md b/chromium/docs/website/site/Home/debugging-on-webview/index.md new file mode 100644 index 00000000000..2f937346124 --- /dev/null +++ b/chromium/docs/website/site/Home/debugging-on-webview/index.md @@ -0,0 +1,8 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: debugging-on-webview +title: debugging-on-webview +--- + diff --git a/chromium/docs/website/site/Home/domui-testing/index.md b/chromium/docs/website/site/Home/domui-testing/index.md new file mode 100644 index 00000000000..90a0ae931e8 --- /dev/null +++ b/chromium/docs/website/site/Home/domui-testing/index.md @@ -0,0 +1,127 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: domui-testing +title: DOMUI Testing +--- + +This document contains a mini design doc for one way to approach testing of +DOMUI pages. + +PLEASE See [WebUI browser_tests](/Home/domui-testing/webui-browser_tests) for +details on current implementation. + +Objective + +Improve quality of DOMUI and find regressions early. + +* Allow unit testing of JS used for DOM UI. +* Allow unit testing of HTML widgets used for DOM UI. +* Allow testing end to end DOMUI + +Problem + +More and more of the UI in Chrome and ChromeOS is built using DOMUI. DOMUI is +the name of Chrome UI built using HTML, JS and CSS with the ability to +comunicate to with the browser process using chrome.send calls. Example of UIs +implemented using DOMUI consists of the New Tab Page, History, Downloads, +Extensions, about:versions and many others. ChromeOS is also in the process of +using DOMUI for menus. + +Testing these UIs is [possible +today](http://www.google.com/codesearch/p?hl=en#OAMlx_jo-ck/src/chrome/browser/dom_ui/new_tab_ui_uitest.cc&q=NewTabUITest%20NTPHasLoginName&exact_package=chromium&sa=N&cd=1&ct=rc&l=55) +using +[UITest](http://www.google.com/codesearch/p?hl=en#OAMlx_jo-ck/src/chrome/test/ui/ui_test.h&q=%22class%20UITest%22&exact_package=chromium&sa=N&cd=1&ct=rc&l=458) +with DOM automation enabled. However, writing these test require generating +strings of JavaScript code that is (using the automation provider) +asynchronously evaluated in the browser tab and the result of that is +asynchronously returned. + +There are 3 problems with this approach: + +1. Setting up the browser tab requires some C++ and a lot of waiting + for the document to be ready. +2. A string representing the JavaScript needs to be generated. +3. The evaluation is async making test harder to write and more flaky. + +Requirements + +Make it easier to write tests by + +1. Allowing writing the test in JavaScript. After all, we need to use + JavaScript to interact with the UI so it is only natural to do the + test with it. Also dynamic languages are very good for writing unit + tests. +2. Provide a new test class that is specialized for writing tests for + DOMUI. It would wrap up all of the boiler plate code and it + should... +3. Allow any DOM UI to be tested by simply providing the URL of the + page and... +4. Provide the URL or path to the test file and... +5. allow other utility js files to be injected + +It might also be interesting to allow a blank page to be used and just inject +all the js and css we care about. This could be useful for testing widgets in +isolation. + +Solution + +Create a new test class similar to ExtensionBrowserTest but optimized for DOMUI. +This class would have a RunDOMUITest (similar to RunExtensionTest) which would: + +1. Open a tab and navigate to a URL. +2. Inject one or more javascript files. +3. Run tests provided by the JavaScript files (ExtensionBrowerTest uses + a global array of functions to run called test) + +This is better than what we have now for a few reasons: + +* We do not have to open a new browser for every single test. We can + run multiple tests in the same web page. +* We can write the test in JS, reducing the work needed to write + tests. +* We do not have to generate js code and evaluate it using the + automation provider for every single test (these are async) + +Example Use-cases + +The following is based on the same model as the ExtensionApiTest. + +.cc file + +IN_PROC_BROWSER_TEST_F(DOMUITest, NewTabPage) { + +ASSERT_TRUE(RunDOMUITest("chrome://newtabpage", path_to_js_test_file); + +} + +.js file + +var assertEq = chrome.test.assertEq; + +var tests = \[ + +function testLogin() { + +var loginSpan = $(‘login-username’); + +assertEq(loginSpan.textContent, ‘test@gmail.com’); + +} + +\]; + +Tradeoffs + +This solution requires 2 (or more files) for every test. One for the C++ test +function that bootstraps the javascript tests. + +Alternatives + +We could probably do incremental improvements over UITest... + +The most similar thing today is Extension API tests. These are test end to end +of the extension APIs and these use extension pages and + +Another option is to make all DOMUI extensions and just use \ No newline at end of file diff --git a/chromium/docs/website/site/Home/domui-testing/webui-browser_tests/index.md b/chromium/docs/website/site/Home/domui-testing/webui-browser_tests/index.md new file mode 100644 index 00000000000..d63c1a44dc8 --- /dev/null +++ b/chromium/docs/website/site/Home/domui-testing/webui-browser_tests/index.md @@ -0,0 +1,230 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/domui-testing + - DOMUI Testing +page_name: webui-browser_tests +title: WebUI browser_tests +--- + +***Note: This page is out of date. If you are using modern practices, you are +using a BrowserProxy for your JS/C++ interactions. The +[BrowserProxy](https://docs.google.com/document/d/1c20VYdwpUPyBRQeAS0CMr6ahwWnb0s26gByomOwqDjk/edit) +document covers some testing practices for that case.*** + +~~[TOC]~~ + +~~### Problem~~ + +~~See Also [domui-testing](/Home/domui-testing).~~ + +~~WebUI contains Javascript, which runs in the renderer and a C++ handler, which +runs in the UI thread of the browser process. While this is a necessary part of +the design, testing across these boundaries of both language and process/thread +is cumbersome at best.~~ + +~~### Objective~~ + +~~Make it possible to test the Javascript portion of WebUI in Javascript:~~ + +* ~~Write WebUI tests in Javascript.~~ +* ~~Run in browser_tests so that the page is loaded in a real chrome + browser.~~ +* ~~Allow WebUI handlers to be mocked in Javascript.~~ + +~~### Solution~~ + +~~The solution comes in the following parts:~~ + +* ~~Support libraries: `chrome/test/data/webui/test_api.js`, + `chrome/third_party/mock4js/mock4js.js`.~~ +* ~~gyp rules for js2webui generator feeding results into + browser_tests.~~ +* ~~WebUIBrowserTest C++ class in + `chrome/browser/ui/webui/web_ui_browsertest*` .~~ +* ~~Test source files next to the implementation or in + chrome/test/data/webui/ - see + chrome/browser/ui/webui/options/options_browsertest.js and + chrome/test/data/webui/print_preview.js for reference.~~ + +~~### How to write a test~~ + +~~The best reference examples are chrome/test/data/webui/print_preview.js and +chrome/browser/ui/webui/options/options_browsertest.js~~ + +* ~~#### \[maybe\] create a new test file~~ + + * ~~Create new file `chrome/test/data/webui/`*`mytest`*`.js`~~ + * ~~Add `chrome/test/data/webui/`*`mytest`*`.js` to the sources + for browser_tests in `chrome/chrome_tests.gypi`~~ + +* ~~#### Write a test fixture, defining the page to browse to:~~ + +~~```none +/** + * TestFixture for OptionsPage WebUI testing. + * @extends {testing.Test} + * @constructor + **/ +function OptionsWebUITest() {} +OptionsWebUITest.prototype = { +  __proto__: testing.Test.prototype, +  /** +   * Browse to the options page & call our preLoad(). +   **/ +  browsePreload: 'chrome://settings-frame', +  // ... +}; +```~~ + +* ~~#### Mock the Javascript handler:~~ + +~~```none +OptionsWebUITest.prototype = { +... +  /** +   * Register a mock handler to ensure expectations are met and options pages +   * behave correctly. +   **/ +  preLoad: function() { +      this.makeAndRegisterMockHandler( +            ['defaultZoomFactorAction', +             'fetchPrefs', +             'observePrefs', +             'setBooleanPref', +             'setIntegerPref', +             'setDoublePref', +             'setStringPref', +             'setObjectPref', +             'clearPref', +             'coreOptionsUserMetricsAction', +            ]); +      // Register stubs for methods expected to be called before/during tests. +      // Specific expectations can be made in the tests themselves. +      this.mockHandler.stubs().fetchPrefs(ANYTHING); +      this.mockHandler.stubs().observePrefs(ANYTHING); +      this.mockHandler.stubs().coreOptionsUserMetricsAction(ANYTHING); +  }, +... +}; +```~~ + +* ~~#### Mock stubs which call a function:~~ + +~~```none +    mockHandler.stubs().getDefaultPrinter(). +        will(callFunction(function() { +          setDefaultPrinter('FooDevice'); +        })); +```~~ + +* ~~#### Define a test using mock expectations:~~ + +~~```none +TEST_F('OptionsWebUITest', 'testSetBooleanPrefTriggers', function() { +  var showHomeButton = $('toolbarShowHomeButton'); +  var trueListValue = [ +    'browser.show_home_button', +    true, +    'Options_Homepage_HomeButton', +  ]; +  // Note: this expectation is checked in testing::Test::TearDown. +  this.mockHandler.expects(once()).setBooleanPref(trueListValue); +  // Cause the handler to be called. +  showHomeButton.click(); +  showHomeButton.blur(); +}); +```~~ + +* ~~#### Conditionally run a test using generated c++ ifdefs:~~ + +~~#### See [Handling a failing test](/developers/tree-sheriffs/handling-a-failing-test) for more details on style and how/when to disable a test.~~ + +~~```none +// Not meant to run on ChromeOS at this time. +// Not finishing in windows. http://crbug.com/81723 +GEN('#if defined(OS_CHROMEOS) || defined(OS_MACOSX) || defined(OS_WIN) \\'); +GEN('    || defined(TOUCH_UI)'); +GEN('#define MAYBE_testRefreshStaysOnCurrentPage \\'); +GEN('    DISABLED_testRefreshStaysOnCurrentPage'); +GEN('#else'); +GEN('#define MAYBE_testRefreshStaysOnCurrentPage ' + +    'testRefreshStaysOnCurrentPage'); +GEN('#endif'); +TEST_F('OptionsWebUITest', 'MAYBE_testRefreshStaysOnCurrentPage', function() { +  var item = $('advancedPageNav'); +  item.onclick(); +  window.location.reload(); +  var pageInstance = AdvancedOptions.getInstance(); +  var topPage = OptionsPage.getTopmostVisiblePage(); +  var expectedTitle = pageInstance.title; +  var actualTitle = document.title; +  expectEquals("chrome://settings/advanced", document.location.href); +  expectEquals(expectedTitle, actualTitle); +  expectEquals(pageInstance, topPage); +}); +```~~ + +~~### Maintaining~~ + +* ~~Adding more goodies to generator - edit + `chrome/test/ui/webui/javascript2webui.js` and tests in + `chrome/test/data/webui/`.~~ +* ~~Disabling a test - find tests in `chrome/test/data/webui/` & mark + `FLAKY_`, `DISABLED_` or use the `MAYBE_` trick shown above to + conditionally decide.~~ + +~~### Considerations/FAQs~~ + +* ~~*Isn't mocking in javascript not testing the WebUI message + passing?* True, but that should be tested as a unit test and then + trusted. Mocking in JS is easier, less flaky (always recursive - no + synchronization challenges) and much better than not having any + tests at all.~~ +* ~~*If you already have the page in question why don't you just run + all tests without starting a new IN_PROCESS_BROWSER_TEST?* You are + more than welcome to group tons of expect\* calls into a single + test; all errors will be reported after the entire test runs. Having + tests be separate IN_PROCESS_BROWSER_TEST calls ensures the state is + exactly the same at the start of each tests with no pollution from + previous tests.~~ + +~~### Caveats~~ + +* ~~\[[crbug.com/88104](http://crbug.com/88104)\] The generator relies + on d8 to be built for the host. Currently the v8.gyp rules aren't + correct for Arm as they have conditionals on the 'target_host' and + don't heed the 'toolset". A gyp condition only runs the js2webui + rule on non-arm platforms.~~ +* ~~Use of `MAYBE_` to ifdef will have a different run name from GTEST + than from `test_api.js` - this is because `MAYBE_xyz` will be + defined as either `xyz` or `DISABLED_xyz` in C++, but not changed in + javascript.~~ + +~~### Best practices~~ + +* ~~As described in the [gtest + docs](http://code.google.com/p/googletest/), prefer expect\* over + assert\*, as it will not halt the test, but will register the + failure and allow other checks in that particular testcase to run.~~ +* ~~Since the call is included in the failure error message, the + optional `message` parameter should only include information not + available:~~ + +~~```none +// NO +TEST_F('FooTest', 'TestFoo', function() { +  expectEquals(foo, bar, 'foo != bar'); +  expectEquals(foo, bar, foo + '!=' + bar); +  var i = ...; +  expectEquals(5, array[i], 'array[i] != 5'); +}); +// YES +TEST_F('FooTest', 'TestFoo', function() { +  expectEquals(foo, bar); +  expectEquals(foo, bar); +  var i = ...; +  expectEquals(5, array[i], 'i=' + i); +}); +```~~ \ No newline at end of file diff --git a/chromium/docs/website/site/Home/domui-testing/webui-browser_tests/webui-accessibility-audit/index.md b/chromium/docs/website/site/Home/domui-testing/webui-browser_tests/webui-accessibility-audit/index.md new file mode 100644 index 00000000000..8b3d656578a --- /dev/null +++ b/chromium/docs/website/site/Home/domui-testing/webui-browser_tests/webui-accessibility-audit/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/domui-testing + - DOMUI Testing +- - /Home/domui-testing/webui-browser_tests + - WebUI browser_tests +page_name: webui-accessibility-audit +title: WebUI accessibility audit +--- + diff --git a/chromium/docs/website/site/Home/flying_browser.png.sha1 b/chromium/docs/website/site/Home/flying_browser.png.sha1 new file mode 100644 index 00000000000..e325f1e9394 --- /dev/null +++ b/chromium/docs/website/site/Home/flying_browser.png.sha1 @@ -0,0 +1 @@ +000e0bd968a843e5f3c3e46efbf42fdb2fbff46a \ No newline at end of file diff --git a/chromium/docs/website/site/Home/google-ssl.xml b/chromium/docs/website/site/Home/google-ssl.xml new file mode 100644 index 00000000000..80e356d8771 --- /dev/null +++ b/chromium/docs/website/site/Home/google-ssl.xml @@ -0,0 +1,9 @@ + + +Google SSL +Search Google over SSL +UTF-8 + + +https://www.google.com/favicon.ico + diff --git a/chromium/docs/website/site/Home/ice-cream-sandwich-support-deprecation-faq/index.md b/chromium/docs/website/site/Home/ice-cream-sandwich-support-deprecation-faq/index.md new file mode 100644 index 00000000000..5ce1f0bd39b --- /dev/null +++ b/chromium/docs/website/site/Home/ice-cream-sandwich-support-deprecation-faq/index.md @@ -0,0 +1,78 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: ice-cream-sandwich-support-deprecation-faq +title: Ice Cream Sandwich Support Deprecation +--- + +## What is happening? + +Chrome 42 will be the last supported release of Chrome for Android on all Ice +Cream Sandwich (Android 4.0) devices. Ice Cream Sandwich (ICS) users will +receive no further updates to Chrome on Android. + +## Why the change? + +While the number of Ice Cream Sandwich devices is shrinking, supporting them in +terms of engineering effort and technical complexity is increasingly difficult +over time. Each new feature or web capability that’s added to Chrome must be +built and tested for ICS. Often workarounds and special cases have to be added +specifically for ICS, and that adds code complexity, slows performance, and +increases development time. + +The number of ICS devices is now sufficiently small that we can better serve our +users by phasing out support for earlier devices and focusing on making Chrome +better for the vast majority of users on more modern devices. + +## What does this mean for users? + +Users on Ice Cream Sandwich can continue to use Chrome, but will not receive +updates beyond Chrome 42. + +## How many devices will be affected? + +Ice Cream Sandwich makes up a small percentage of devices with a recent version +of Chrome for Android. Over the past year we’ve seen a thirty percent decrease +in the overall number of users using Chrome on Ice Cream Sandwich. + +## When is the last Chrome release for Ice Cream Sandwich devices scheduled? + +Chrome 42 will be the last update on Ice Cream Sandwich, and is expected to be +released in mid-April 2015. Chrome 43 will no longer support ICS and is expected +to be released toward the end of May 2015. + +## Will there be any further Chrome updates or security patches for ICS devices? + +We will continue to issue patches while Chrome 42 is the most recent Chrome +version. Once Chrome 43 is released, we don’t plan to issue further updates for +ICS devices. + +## What will happen to the code supporting ICS? + +We will be removing the code for ICS from trunk after the branch point for +Chrome 43. + +## Are there other Android versions affected? + +No. This only affects Ice Cream Sandwich. + +## How can I handle developing for two versions of Chrome? What should I tell my users? + +We encourage all developers irrespective of browser platform to consider +progressive enhancement when it comes to building apps and sites. By using +progressive enhancement you will be able to offer a good experience for as many +users as possible and in the case of the platform’s capabilities you will be +able to detect which features you will be able to support and which you might +need to polyfill. + +## Where can I ask more questions or leave feedback? + +For end users, Chrome has an extensive feedback reporting tool (accessible from +the Chrome menu). + +For developers, the +[chromium-discuss](https://groups.google.com/a/chromium.org/forum/#!forum/chromium-discuss) +mailing list is a good place to start if you have specific issues with Ice Cream +Sandwich (note it is not a general support channel), or reach out to +@[ChromiumDev](https://twitter.com/ChromiumDev) on Twitter. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/index.md b/chromium/docs/website/site/Home/index.md new file mode 100644 index 00000000000..5e70b9a9cec --- /dev/null +++ b/chromium/docs/website/site/Home/index.md @@ -0,0 +1,76 @@ +--- +breadcrumbs: [] +page_name: Home +title: Chromium +--- + +
+
+ +Chromium is an open-source browser project that aims to build a safer, faster, +and more stable way for all Internet users to experience the web. This site +contains design documents, architecture overviews, testing information, and more +to help you learn to build and work with the Chromium source code. + +#### Learn how to + +* [Browse](https://chromium.googlesource.com/chromium/src.git) or + [search](https://cs.chromium.org/) the sources online +* [Get the Code: Checkout, Build, & + Run](/developers/how-tos/get-the-code) +* [Contributing code](/developers/contributing-code) +* Debug on [Windows](/developers/how-tos/debugging-on-windows), [OS + X](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/mac/debugging.md), + [Linux](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/linux/debugging.md) + or + [Android](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/android_debugging_instructions.md). +* [Report a bug](/for-testers/bug-reporting-guidelines) + +#### Other important links + +* [Documentation in the source + tree](https://chromium.googlesource.com/chromium/src.git/+/HEAD/docs/) +* [Discussion Groups](/developers/discussion-groups) (such as + [chromium-discuss](http://groups.google.com/a/chromium.org/group/chromium-discuss)) +* [Chromium Blog](http://blog.chromium.org) +* [Chromium Issue + Tracker](https://bugs.chromium.org/p/chromium/issues/list) +* [Chromium Release Calendar](/developers/calendar) +* [For Third Party Developers](/Home/third-party-developers) +* [For Webmasters: Common pitfalls making a site work in multiple + browsers.](/Home/chromecompatfaq) +* [For Web Developers: Google Chrome Developer Tools](/devtools) + +
+
+ +![picture of a web browser window with wings, flying](/Home/flying_browser.png) + +#### Sections + +* [Getting Involved](/getting-involved): learn how you can help the + Chromium project +* [For Developers](/developers): design docs, how-tos, and other + useful information for developers +* [For Testers](/for-testers): bug reporting guidelines, test plans, + and other quality-related documentation +* [User Experience](/user-experience): the design philosophy behind + many of Chromium's features +* [Issue Tracking](/issue-tracking): process documentation related to + issue tracking and management. +* [Contact](/contact): report a bug or a security issue, or get in + touch with individual members of the team +* [Security](/Home/chromium-security): learn about Chromium security, + and how to contact us or get involved +* [Privacy](/Home/chromium-privacy): information about Chromium + privacy, how to get more information, and how to contact us + +#### Life Of A Chromium Developer + +Interested but don't know where to start? Need a quick crash course on Chromium +development? Take a look through the [Life Of A Chromium +Developer](https://docs.google.com/presentation/d/1abnqM9j6zFodPHA38JG1061rG2iGj_GABxEDgZsdbJg) +slide deck: + +
+
diff --git a/chromium/docs/website/site/Home/loading/clovis/index.md b/chromium/docs/website/site/Home/loading/clovis/index.md new file mode 100644 index 00000000000..eae75d160da --- /dev/null +++ b/chromium/docs/website/site/Home/loading/clovis/index.md @@ -0,0 +1,18 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/loading + - Loading +page_name: clovis +title: clovis +--- + +[Guiding +Design](https://docs.google.com/document/d/1rvrbD570aqiFLu3KihUSnyVgRrCD7pGnznC6pj3jjMM/edit#) + +Detailed Design Documents + +* [Page similarity + metric](https://docs.google.com/document/d/17XZ7iMT5JGr8LhuUhOUNoqGyTskRu4MALB-62NTpU9M/edit) +* [Metrics](https://docs.google.com/document/d/1QFltLe07S_mY3rTX8wp1bRxuHc1iZmOeq79g1-6jDR0/edit) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/loading/index.md b/chromium/docs/website/site/Home/loading/index.md new file mode 100644 index 00000000000..1bdd21d50d6 --- /dev/null +++ b/chromium/docs/website/site/Home/loading/index.md @@ -0,0 +1,75 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: loading +title: Loading +--- + +## Information about Loading efforts in Chromium + +Last updated May 2021 + +## **North Star** + +Loading on the web is user centric, sustainable, fast and delightful. + +* **user centric:** the experience is described through key user + moments or needs, and assessed against a perceptual model of + performance. +* **sustainable:** a sensible contract between Web developers, UA and + users about how a web application loads, with usage of memory / + power / data that is proportional to value. +* **fast and delightful:** + * Meet the [Core Web Vitals + thresholds](https://web.dev/defining-core-web-vitals-thresholds/) + +These are the goals we should strive for. + +Some aspects might be extremely challenging but making progress toward these is +what should drive our work. + +## How do I find out what's happening? + +* Communications: loading-dev@chromium.org is our public discussion + group for all things related to Loading in Chrome. +* crbug: + [blink](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=component%3ABlink%3ELoader%2CBlink%3ENetwork%2CBlink%3EServiceWorker%2CBlink%3EWorker&sort=pri+-component&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids) + +## I have a reproducible bad Loading user experience, what do I do? + +* ## As a user: + * ## File a [Speed + bug](https://bugs.chromium.org/p/chromium/issues/entry?template=Speed%20Bug) + * ## Include the "Loading" keyword in the subject if the issue + fits within the scope of the North Star. + * ## If you are not sure, don't include the "Loading" keyword, + triage will make sure it shows up in the right bucket. +* ## As a chromium developer + * ## Same steps but try to [record a + trace](/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs) + (select every trace categories on the left side). + +## I'm a dev and interested in helping on Loading. How do I get started? + +Reach out via loading-dev@ and tell us more about you: + +* share your particular interest and expertise +* tell us how familiar you are with chromium development +* point to CLs if not a lot of developers are familiar with your work + +## Contacts + +Your friendly PM: kenjibaheux + +Blink TLs: kinuko, falken, yhirano (blink>network) + +"Here here!": reach out to kenjibaheux@ if you want your name to be added here. + +## Other resources + +* [OOR-CORS: Ouf of Renderer CORS](/Home/loading/oor-cors) +* +* +* +* \ No newline at end of file diff --git a/chromium/docs/website/site/Home/loading/oor-cors/index.md b/chromium/docs/website/site/Home/loading/oor-cors/index.md new file mode 100644 index 00000000000..90dd55b2165 --- /dev/null +++ b/chromium/docs/website/site/Home/loading/oor-cors/index.md @@ -0,0 +1,242 @@ +--- +breadcrumbs: +- - /Home + - Chromium +- - /Home/loading + - Loading +page_name: oor-cors +title: 'OOR-CORS: Out of Renderer CORS' +--- + +**CORS: Cross-Origin Resource Sharing** + +Cross-Origin Resource Sharing is a standardized mechanism to negotiate access +permissions among the web browser and servers for a visiting site. See, [MDN's +document](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) for details. + +Chrome 79 will replace the CORS implementation to be more secure. As a result, +there are behavior changes for several reasons, and it will cause compatibility +issues. New CORS implementation, aka OOR-CORS, will be rolled out incrementally, +starting on January 6th, 2020, over the following several weeks. For WebView, it +will be enabled later so that WebView based applications can migrate safely. It +will probably happen at Chrome 83-84. + +For enterprise users, we are providing Enterprise Policies to mitigate the +compatibility issues, or manage to use the legacy CORS implementation until +Chrome 82. See [Chrome Enterprise release notes - Chrome +79](https://support.google.com/chrome/a/answer/7679408) for details. These are +available on the Chrome Admin Console now. + +**Extra Resources for WebView developers** + +We have a document for WebView specific details to clarify CORS behaviors on +Android/WebView specific schemes, APIs and so on. Please check the document, +[CORS and WebView +API](https://chromium.googlesource.com/chromium/src/+/HEAD/android_webview/docs/cors-and-webview-api.md). + +**Behavior Changes by OOR-CORS** + +**Resource Timing API does not count CORS preflight request as a separate +entry** + +With the legacy CORS, [Resource Timing +API](https://w3c.github.io/resource-timing/) counts CORS preflight request as a +separate entry. But this is not aligned with the spec requirement. Once the +OOR-CORS is rolled out, it does not. See [the relevant crbug +entry](https://bugs.chromium.org/p/chromium/issues/detail?id=982924) for +detailed discussion. + +**Cross-origin redirects for <img crossorigin=anonymous> do not send +Cookies any more** + +With the legacy CORS, Chrome had a bug to send cookies even after cross-origin +redirects, though this violated the spec. Once the OOR-CORS is rolled out, it +does not. + +**XHR failures for intent://... will dispatch readystatechange and error events +(Android only)** + +With the legacy CORS, Android Chrome had a bug to fail silently without +notifying any error on fetching intent:// over XHR. Once the OOR-CORS is rolled +out, it will dispatch **readystatechange** and **error** events correctly. For +other APIS, image loading, Fetch API, and so on, it correctly reports errors +until today, and from now on. + +**Extensions' webRequest API (Desktop only)** + +There are announced API changes. See [the API document, +chrome.webRequest](https://developer.chrome.com/extensions/webRequest), for +details. There are three major changes explained as "Starting from Chrome 79," +in the document. + +**Internally modified requests will also follow the CORS protocol** + +With the legacy CORS, internally modified requests didn't follow the CORS +protocol correctly. For instance, Chrome sometime injects extra headers in +enterprise uses for access controls. In such case, Chrome won't send CORS +preflight even for the case that the modified requests does not meet the "simple +request" conditions. But once the OOR-CORS is fully enabled, Chrome will follow +the CORS protocol strictly even if the request is modified by intermediate code +as it can as possible. This also affects Chrome Extensions, and part of the +announced API changes are related to this enforcement. This behavior change may +affect Chrome Extensions that intercepts and modifies requests to Google +services or responses from Google services. + +**Behavior Changes by Other Blink Updates** + +**BUG: Redirects from allowlisted content scripts blocked by CORB+CORS in Chrome +79** + +See [crbug.com/](http://crbug.com/)[1034408](http://crbug.com/1034408). There is +a temporary breakage in the original CORS implementation at Chrome 79. This will +be fixed by enabling OOR-CORS or updating to Chrome 80. + +**CSS -webkit-mask starts using CORS-enabled requests from Chrome 79** + +See [crbug.com/](http://crbug.com/)[786507](http://crbug.com/786507) and +[crbug.com/](http://crbug.com/)[1034942](http://crbug.com/1034942). This will +result in observing CORS related errors if the same URL is also requested by +other no-cors requests and the server does not care for HTTP caches. [CORS +protocol and HTTP +caches](https://fetch.spec.whatwg.org/#cors-protocol-and-http-caches) section in +the fetch spec will help you to understand the problem. + +**Origin header from Extensions' background page is changed from Chrome 80 (may +be postponed for breaking many?)** + +See [crbug.com/](http://crbug.com/)[1036458](http://crbug.com/1036458). When +Chrome sends a request from Extensions' background page and Origin header is +needed, chrome-extensions://<extensions id> has been set. But from Chrome +80, the origin of the target URL will be used. + +**Troubleshooting** + +If a site stops loading sub-resources correctly, or stops working correctly, +please [open the +DevTools](https://developers.google.com/web/tools/chrome-devtools/open) and [see +the console](https://developers.google.com/web/tools/chrome-devtools/console) to +check if there are CORS related errors. You may see the following keywords: + +* CORS +* Cross-origin requests +* Access-Control-Allow-... +* preflight + +You can check all keywords in [the relevant source +code](https://cs.chromium.org/chromium/src/third_party/blink/renderer/platform/loader/cors/cors_error_string.cc) +if you are interested in. + +If there are, something OOR-CORS incompatible issues may happen. + +The first check point for desktop users is Chrome Extensions. As explained in +the behavior changes, there are some API changes, and some Chrome Extensions may +not follow up the change. You can try a new Chrome profile to see if the same +problem happens without any Chrome Extensions. If it solves the problem, one of +your installed Chrome Extensions may cause the issue. You can disable each +Chrome Extensions at chrome://extensions/ step by step to find the problematic +one. Once you find the one, please report the issue to the Chrome Extensions +developers. For enterprise users, there is a workaround, +[CorsMitigationList](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=CorsMitigationList). +If you set this policy (empty list is also fine), all Chrome Extensions run in a +compatible mode. This will cause small negative performance impact, but it will +work. + +If you are a bit familiar with CORS, you can do further debugging to have a +crafted workaround or to find a solution. If you see CORS preflight failures in +the logs, and you are sure that the target server does not handle CORS preflight +correctly, you can craft the +[CorsMitigationList](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=CorsMitigationList) +not to send a preflight request for such condition. You will put your seeing +non-standard HTTP header name into the +[CorsMitigationList](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=CorsMitigationList). +For instance, if the CORS preflight has the following line in the request +header: + +> Access-Control-Request-Headers: my-auth,my-account + +adding "my-auth" and "my-account" into the +[CorsMitigationList](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=CorsMitigationList) +will stop sending the CORS preflight for the case. Registered header names will +be exempted from the CORS preflight condition checks as [CORS-safelisted request +headers](https://fetch.spec.whatwg.org/#cors-safelisted-request-header). Note +that this may allow malicious attackers to exploit through potential server side +vulnerability on handling these headers. + +CORS releated detailed network transaction can not be observed via DevTools' +[Network](https://developers.google.com/web/tools/chrome-devtools/network) tab. +You need to take a [NetLog dump](/for-testers/providing-network-details) for +further investigation. You can use +==[netlogchk.html](/Home/loading/oor-cors/netlogchk.html)== to analyze the +obtained NetLog dump to see if there is CORS related error. [NetLog +Viewer](https://netlog-viewer.appspot.com/#import) is general purpose online +tools to check details on the dump. + +The last resort for enterprise users is +[CorsLegacyModeEnabled](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=CorsLegacyModeEnabled). +It will allow you to use the legacy CORS instead of OOR-CORS. For other users, +setting chrome://flags/#out-of-blink-cors to Disabled will have the same effect. +But this option will be removed at Chrome m83. So please be careful about that. +You should contact us through [this bug report +link](https://bugs.chromium.org/p/chromium/issues/entry?components=Blink%3ESecurityFeature%3ECORS,Blink%3ELoader&cc=toyoshim@chromium.org). +Concrete repro steps or [NetLog dump](/for-testers/providing-network-details) +will help us and make investigation smooth. + +**WebView Specific Information** + +OOR-CORS will be launched for WebView in M83 incrementally. We will start +enabling the feature step by step from Jun.1st, 2020. + +**Mitiation:** Enterprise policies are not available on WebView, but the +OOR-CORS can be controlled via [WebView +DevTools](https://chromium.googlesource.com/chromium/src/+/HEAD/android_webview/docs/developer-ui.md) +per device basis. The document says the tool is supported in WebView 84+. But, +actually, it experimentally supports OOR-CORS feature control in WebView 83. The +device needs to [enable USB +debugging](https://developer.android.com/studio/debug/dev-options) to inactivate +the OOR-CORS. But once the setting is changed, users can disable the debugging +mode. + +**NetLog dump:** WebView does not allow end users to take NetLog dump, and +“userdebug” or “eng” builds of Android system are needed to take. See [Net +debugging in +WebView](https://chromium.googlesource.com/chromium/src/+/HEAD/android_webview/docs/net-debugging.md) +for details. + +**DevTools:** End users can not use DevTools for remote debugging as they do for +Chrome. This is because the debugging functionality is disabled by default on +recent Android systems. WebView application developers can modify their +application code to allow remote debugging to debug CORS issues. See the +article, [Remote Debugging +Webviews](https://developers.google.com/web/tools/chrome-devtools/remote-debugging/webviews). + +**Bug Reports:** Please file a report from [this +link](https://bugs.chromium.org/p/chromium/issues/entry?components=Blink%3ESecurityFeature%3ECORS,Blink%3ELoader,Mobile%3EWebView&cc=toyoshim@chromium.org) +(Components: Blink>SecurityFeatyre>CORS, +Blink>Loader,Mobile>WebView; CC: toyoshim@chromium.org). Early reports +without strong confidence are welcomed as the team wants to get early feedback +so that the team can provide a fixed binary ASAP. + +Information for Chrome Developers + +**FYI Builders** + +Now the OOR-CORS is enabled by default on the main waterfall, and OOR-CORS +enabled fyi bots were turned down. Insteads Blink-CORS bots are running to +monitor legacy Blink implementation. + +- +[linux-oor-cors-rel](https://ci.chromium.org/p/chromium/builders/ci/linux-oor-cors-rel) +(turned down) + +- [Android WebView P OOR-CORS FYI +(rel)](https://ci.chromium.org/p/chromium/builders/ci/Android%20WebView%20P%20OOR-CORS%20FYI%20%28rel%29) +(turned down) + +- +[linux-blink-cors-rel](https://ci.chromium.org/p/chromium/builders/ci/linux-blink-cors-rel) + +- [Android WebView P Blink-CORS FYI +(rel)](https://ci.chromium.org/p/chromium/builders/ci/Android%20WebView%20P%20Blink-CORS%20FYI%20%28rel%29) +- wpt may fail and should be be compared with [Android WebView P FYI +(rel)](https://ci.chromium.org/p/chromium/builders/ci/Android%20WebView%20P%20FYI%20%28rel%29) +tracked by [crbug.com/1011098](http://crbug.com/1011098) \ No newline at end of file diff --git a/chromium/docs/website/site/Home/loading/oor-cors/netlogchk.html b/chromium/docs/website/site/Home/loading/oor-cors/netlogchk.html new file mode 100644 index 00000000000..d2509ab80b5 --- /dev/null +++ b/chromium/docs/website/site/Home/loading/oor-cors/netlogchk.html @@ -0,0 +1,231 @@ + + + +
+
+
+
+ + + diff --git a/chromium/docs/website/site/Home/memory/index.md b/chromium/docs/website/site/Home/memory/index.md new file mode 100644 index 00000000000..e4fc7d80c02 --- /dev/null +++ b/chromium/docs/website/site/Home/memory/index.md @@ -0,0 +1,11 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: memory +title: OBSOLETE. Memory! Landing page for information on memory efforts and tools + in Chromium +--- + +Content moved to + \ No newline at end of file diff --git a/chromium/docs/website/site/Home/third-party-developers/index.md b/chromium/docs/website/site/Home/third-party-developers/index.md new file mode 100644 index 00000000000..4ab93e92105 --- /dev/null +++ b/chromium/docs/website/site/Home/third-party-developers/index.md @@ -0,0 +1,191 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: third-party-developers +title: Third Party Developers +--- + +[TOC] + +## Important Notice + +The +[ForceNetworkInProcess](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=ForceNetworkInProcess) +will be removed soon. The official announcement will start from [Chrome +Enterprise release notes](https://support.google.com/chrome/a/answer/7679408) +for Chrome 80. The original plan was to remove it at Chrome 82, but will be +postponed to do it at Chrome 84. + +## Policy + +At Google, we believe that if we focus on the user, all else will follow. In our +[Software Principles](https://www.google.com/about/software-principles.html), we +provided general recommendations for software that delivers a great user +experience. This policy expands upon those general recommendations by defining +third party software, and clarifying how it will be treated by Chrome. Software +that meets the definition is considered as potentially harmful to the Chrome +user experience, and we will take steps to prevent such software from injecting +itself into Chrome’s process space. It steps beyond this simple definition to +lay guidelines for our interactions with third party software developers, and +our commitment to helping them as well as the ecosystem in general. + +This policy was initially announced in November of 2017 via this [blog +post](https://blog.chromium.org/2017/11/reducing-chrome-crashes-caused-by-third.html). + +### Definition + +*Any module that is not signed by Microsoft or Google is considered to be third +party software.* + +Software that is produced by third parties but that is signed by Microsoft via +their WHQL program is not considered third party software under this definition. +This is intended, and required for hardware support in some cases. + +### Baseline Policy + +*Software should stay out of Chrome’s address space. Period.* + +The intent of this policy is take a stance against third party code injecting +into Chrome’s processes, for any reason. + +### Exceptions + +*Software that is deemed critical to the ecosystem or to certain end users may +be excluded from being blocked.* + +The third party blocking mechanism will have provision to allow (at least +temporarily) acceptable third party software. This is primarily intended to +allow accessibility software to continue to work with Chrome. This may be +extended to other classes of software at Google’s discretion to include other +modules that would otherwise be considered third party. Exceptions should be +considered as temporary, and are intended to allow the developer sufficient time +to develop alternative solutions that do not violate this policy. + +### Commitment to Building Alternatives + +*Where no viable alternative to code injection exists for a legitimate use case +that provides concrete value to users, Chrome is committed to developing and/or +implementing alternative mechanisms that does not require code injection.* + +This may include working with specific publishers, developers, industry steering +groups or standards bodies. We are generally convinced that most legitimate use +cases can be addressed via existing platform and extension APIs, but are willing +to consider supporting new APIs where there is a clear and justified use case. + +Where long term support of a legacy injection mechanism is required to enable a +valid exceptional use case we will make efforts to move the logic to an external +utility process so that the injection does not need to occur in the Chrome +browser process. For more information refer to the FAQ for questions around +printing, shell extensions and AMSI implementations. + +### Outreach and Grace Period + +*Developers should be notified that their software will start to be blocked, and +provided a reasonable period of time during which they may develop alternative +solutions.* + +The overall third party strategy includes a relatively lengthy notification-only +period, during which time we will make all efforts to directly engage with +developers of third party software with non-trivial user bases. This will also +include direct communication with the community via blog posts and other means. + +### Escalation + +*Developers should have a mechanism for escalating their particular use case.* + +It is very likely that there is a long tail of use cases that we have not +considered. If a developer feels they have a use case that is not easily +addressed using alternative APIs or known workarounds they can feel free to +reach out to the team by [filing a +bug](https://bugs.chromium.org/p/chromium/issues/entry?description=Please+describe+your+third+party+use+case+here.&labels=Hotlist-ThirdPartySoftware,OS-Windows&oss=linux&owner=chrisha@chromium.org&components=Internals%3EPlatformIntegration). +You can also reach out to the team on the +[windows-third-party@chromium.org](mailto:windows-third-party@chromium.org) +mailing list. + +## FAQ + +**Q. How can I determine how this feature impacts my software?** + +A. We have provided testing documentation that [walks you through the +process](https://docs.google.com/document/u/1/d/e/2PACX-1vT-nKiuYFLx6faY7sx6NFfYA6V9DgwzIpbOLSnIh44caYxvKjMXZNhU2EOqg795eoBL02Ri1L09VgMY/pub) +of evaluating the impact of blocking on your software. + +**Q. Can my software be added to the allowlist?** + +A. The short answer is no. Unless you are a publisher of accessibility software, +in which case we will happily allow your software until suitable alternative +APIs are available. Please [file a +bug](https://bugs.chromium.org/p/chromium/issues/entry?description=Please+describe+your+third+party+use+case+here.&labels=Hotlist-ThirdPartySoftware,OS-Windows&oss=linux&owner=chrisha@chromium.org&components=Internals%3EPlatformIntegration)! + +**Q. What about shell extensions?** + +A. For the time being we are warning about shell extensions that inject, and +blocking them when possible. We realize that this is less than ideal given that +most shell extensions injection innocently. We are actively [moving all file +dialog code to an external utility +process](https://bugs.chromium.org/p/chromium/issues/detail?id=884075&q=out%20of%20process%20file%20dialogs&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified) +where injection will be allowed. As of November 2018 this is being experimented +with. + +**Q. What about printing?** + +A. Chrome will allow software to inject as part of the printing stack, and will +not warn about modules that are injected during printing. We are actively +[working to move printing to an external utility +process](https://bugs.chromium.org/p/chromium/issues/detail?id=809738) so that +this injection will no longer incur in the browser process. + +**Q. What about IME?** + +A. Currenty Chrome will allow registered IME modules to inject so as to break +alternative text entry systems. Chrome is moving towards +[TSF](https://docs.microsoft.com/en-us/windows/desktop/tsf/text-services-framework) +rather than +[IMM32](https://docs.microsoft.com/en-us/windows/desktop/api/_intl/). Eventually +IMM32 will be deprecated, and these modules will no longer be allowed to inject. + +**Q. What about Win32 event hooks?** + +A. On Windows 8 and above we will be blocking event hooks (and other legacy +injection mechanisms) from injecting into the browser process using the +[PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON](https://www.google.com/search?q=PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON&oq=PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON&aqs=chrome..69i57j69i59.542j0j4&sourceid=chrome&ie=UTF-8) +mitigation policy. Note that there is [ongoing work](/developers/mus-ash) to +move window management and input to an external UI process. We will be +evaluating whether or not to bring this technology to the windows platform, and +if we do, whether or not to allow legacy injection in this process as part of +that work. + +**Q. What about AMSI providers?** + +A. +[AMSI](https://docs.microsoft.com/en-us/windows/desktop/amsi/antimalware-scan-interface-portal) +providers are currently allowed to inject into Chrome, and no warning or +blocking will apply. They are invoked when downloaded files are scanned using +[IAttachmentExecute](https://docs.microsoft.com/en-us/windows/desktop/api/shobjidl_core/nn-shobjidl_core-iattachmentexecute) +(and also in some other situations, for example, by some printer drivers), which +is used to enable [Mark of the +Web](https://technet.microsoft.com/en-us/ms537628(v=VS.71)) support on the +Windows platform. This scanning is being [moved to a utility +process](https://bugs.chromium.org/p/chromium/issues/detail?id=883477&q=owner%3Apmonette%40chromium.org%20&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified) +so that the injection will no longer incur in the browser process. + +**Q. What about *\[feature or use case X\]*?** + +A. Our general advice is to stop injecting into Chrome, and to seek alternative +mechanisms that use some combination of modern APIs, external processes, Chrome +extensions and [native +messaging](https://developer.chrome.com/apps/nativeMessaging). + +**Q. What about enterprise use cases?** + +A. We maintain an [enterprise +policy](/administrators/policy-list-3#ThirdPartyBlockingEnabled) for +specifically *allowing* third party injection, and a [companion +policy](/administrators/policy-list-3#ForceNetworkInProcess) for controlling +whether or not Chromium's network stack is in the main browser process. These +policies will be supported for at minimum the calendar year 2019, and 6 months +(4 Chromium versions) notice will be provided prior to removing them. Notice +will be provided on this page, as well as via the [enterprise release +notes](https://support.google.com/chrome/a/answer/7679408?hl=en) for the +affected release. \ No newline at end of file diff --git a/chromium/docs/website/site/Home/tls13/index.md b/chromium/docs/website/site/Home/tls13/index.md new file mode 100644 index 00000000000..915019f40d0 --- /dev/null +++ b/chromium/docs/website/site/Home/tls13/index.md @@ -0,0 +1,46 @@ +--- +breadcrumbs: +- - /Home + - Chromium +page_name: tls13 +title: TLS 1.3 +--- + +Chrome enabled TLS 1.3 in Chrome 70. However, due to bugs in some +man-in-the-middle proxies, anti-downgrade enforcement was not enabled. The +problematic proxies in question are duplicating a value in the TLS handshake +from the origin server rather than randomly generating it themselves. Firstly, +this means that they're implementing a slightly different protocol than TLS on +their LAN side, the security properties of which are not clear. Secondly, it +means that these proxies appear to TLS 1.3-enabled clients to be signaling that +a downgrade attack is occurring because they're taking TLS 1.3-based values from +the origin server and using them in a lower-version TLS handshake on the LAN +side. + +In Chrome 72, downgrade protection will be enabled for TLS connections that use +certificates that chain to a public CA. This should not affect MITM proxies +since they cannot use publicly-trusted certificates. However, in order to get to +the point where this workaround can be removed, all affected MITM proxies will +need to be updated. The following lists minimum firmware versions for affected +products that we're aware of: + +Palo Alto Networks: + +* PAN-OS 8.1 must be ≥ 8.1.4 +* PAN-OS 8.0 must be ≥ 8.0.14 +* PAN-OS 7.1 must be ≥ 7.1.21 + +Cisco Firepower Threat Defense and ASA with FirePOWER Services when operating in +“Decrypt - Resign mode/SSL Decryption Enabled” +([advisory](https://www.cisco.com/c/dam/en/us/td/docs/security/firepower/SA/SW_Advisory_CSCvj93913.pdf)) +: + +* Firmware 6.2.3 must be ≥ 6.2.3.4 +* Firmware 6.2.2 must be ≥ 6.2.2.5 +* Firmware 6.1.0 must be ≥ 6.1.0.7 + +Administrators can test compatibility by flipping +chrome://flags/#enforce-tls13-downgrade to Enabled + +Please report problems on the [administrator's +forum](https://productforums.google.com/forum/#!forum/chrome-admins). \ No newline at end of file diff --git a/chromium/docs/website/site/OWNERS b/chromium/docs/website/site/OWNERS new file mode 100644 index 00000000000..f469885b9a9 --- /dev/null +++ b/chromium/docs/website/site/OWNERS @@ -0,0 +1 @@ +file://CONTENT_OWNERS diff --git a/chromium/docs/website/site/_assets/customLogo.png.sha1 b/chromium/docs/website/site/_assets/customLogo.png.sha1 new file mode 100644 index 00000000000..da047e2faef --- /dev/null +++ b/chromium/docs/website/site/_assets/customLogo.png.sha1 @@ -0,0 +1 @@ +9635ad74717513b5c7d701844ad9d3459aaf0733 \ No newline at end of file diff --git a/chromium/docs/website/site/_includes/page.njk b/chromium/docs/website/site/_includes/page.njk new file mode 100644 index 00000000000..2813de5d60b --- /dev/null +++ b/chromium/docs/website/site/_includes/page.njk @@ -0,0 +1,118 @@ +--- +use_title_as_h1: true +--- + +{%- macro selected_href(url) -%} +{%- if (page.url | lower) == (url + '/') -%} +class="selected" href="{{ url }}" +{%- else -%} +href="{{ url }}" +{%- endif -%} +{%- endmacro -%} + +{%- set script_tag %} +// Configure Algolia search. +let s = document.createElement('script'); +s.src = '/_scripts/@docsearch/index.js'; +document.head.append(s); + +window.addEventListener('load', () => { + // Add the Algolia search widget. + docsearch({ + container: '#search', + appId: 'RZDQYCCABX', + apiKey: '98b0eabafeb13fe3e1af693d5713d8b4', + indexName: 'chromium' + }); +}); + +// Configure Google Analytics. +s = document.createElement('script'); +s.src = 'https://www.googletagmanager.com/gtag/js?id=UA-5484340-1' +s.async = true; +document.head.append(s) + +window.dataLayer = window.dataLayer || []; +function gtag(){dataLayer.push(arguments);} +gtag('js', new Date()); +gtag('config', 'UA-5484340-1'); + +// Configure consent bar. +s = document.createElement('script'); +s.src = 'https://www.gstatic.com/brandstudio/kato/cookie_choice_component/cookie_consent_bar.v3.js' +s.dataset.autoloadCookieConsentBar = true; +s.dataset.autoloadCookieContentBarIntlCode = ''; +document.head.append(s); +{%- endset -%} + + +{%- if redirect %} + + + + +{%- else %} + + + {%- if title %} + {{ title }} + {%- endif %} + + + + +
+ + the Chromium logo +

The Chromium Projects

+ + +
+ +
+ +
+ {%- if breadcrumbs %} +
+ {%- for link in breadcrumbs %} + {{ link[1] }} > + {%- endfor %} +
+ {%- endif %} + {%- if use_title_as_h1 and title %} +

{{ title }}

+ {%- endif %} + {{content | safe}} +
+
+ +{%- endif %} diff --git a/chromium/docs/website/site/_scripts/selector.js b/chromium/docs/website/site/_scripts/selector.js new file mode 100644 index 00000000000..0e3993892e2 --- /dev/null +++ b/chromium/docs/website/site/_scripts/selector.js @@ -0,0 +1,138 @@ +(function() { + fetch('/pages.json'). + then(resp => resp.blob()). + then(blob => blob.text()). + then( + function (text) { + let pages = JSON.parse(text); + let currentLoc = new URL(document.location); + let currentPath = trimd(currentLoc.pathname); + let currentView = currentLoc.searchParams.get('view') || 'new'; + let currentPage = pages.indexOf(currentPath) + 1; + let currentHeight = 0; + + let container = document.getElementById('pages-container'); + let pageNumber = document.getElementById('page-number'); + let path = document.getElementById('path'); + + function trimd(s) { + var end = s.length - 1; + while (s[end] === '/') { + end -= 1; + } + return s.substr(0, end + 1); + }; + + function updatePage(newPage) { + if (newPage > pages.length) { + newPage = 1; + } else if (newPage < 1) { + newPage = pages.length; + } + updatePath(pages[newPage - 1]); + } + + function updatePath(newPath) { + newPath = trimd(newPath); + let newPage = pages.indexOf(newPath) + 1; + if (newPage === 0) { + newPage = 1; + } + + if (newPath != currentPath) { + if (currentView != 'new') { + newPath += '?view=' + currentView; + } + window.location.href = newPath; + } + currentPage = newPage; + pageNumber.value = newPage; + path.value = newPath; + } + + function changeView(evt) { + updateView(evt.target.id); + evt.preventDefault() + return false; + } + + function updateView(view) { + for (let v of ['both', 'old', 'new']) { + document.getElementById(v).classList.remove('selected'); + } + document.getElementById(view).classList.add('selected'); + let oldPage = document.getElementById('old-page'); + let newPage = document.getElementById('new-page'); + oldPage.style.display = 'none'; + newPage.style.display = 'none'; + newPage.style.borderLeft = '0px'; + if (view === 'old' || view === 'both') { + oldPage.style.display = 'block'; + } + if (view === 'new' || view === 'both') { + newPage.style.display = 'block'; + if (view === 'both') { + newPage.style.borderLeft = '1px solid black'; + } + } + + if (view != currentView) { + currentView = view; + history.pushState({}, '', currentPath + '?view=' + view); + } + } + + function adjustHeight() { + let new_el = document.querySelector('#new-page'); + let new_height = new_el.offsetHeight; + let old_el = document.querySelector('#old-page iframe'); + if (old_el?.contentWindow?.document?.body) { + let old_height = old_el.contentWindow.document.body.offsetHeight; + let max_height = + (old_height > new_height) ? old_height : new_height; + old_el.style.height = max_height + 'px'; + new_el.style.height = max_height + 'px'; + } + setTimeout(adjustHeight, 100); + } + + document.querySelector("#selector > form").onsubmit = function (evt) { + evt.preventDefault(); + return false; + } + document.getElementById('page-number').onchange = function(evt) { + updatePage(pageNumber.value); + evt.preventDefault(); + return false; + } + document.getElementById('path').onchange = function(el) { + updatePath(path.value); + el.preventDefault(); + return false; + } + document.getElementById('pages').innerText = pages.length; + document.getElementById('prev').onclick = function(el) { + updatePage(currentPage - 1); + el.preventDefault(); + return false; + }; + document.getElementById('next').onclick = function(el) { + updatePage(currentPage + 1); + el.preventDefault(); + return false; + }; + document.getElementById('old').onclick = changeView; + document.getElementById('new').onclick = changeView; + document.getElementById('both').onclick = changeView; + + updatePage(currentPage); + updateView(currentView); + adjustHeight(); + + window.onresize = () => { + if (currentView === 'both') { + adjustHeight(); + } + }; + }) + })(); diff --git a/chromium/docs/website/site/_stylesheets/_reset.scss b/chromium/docs/website/site/_stylesheets/_reset.scss new file mode 100644 index 00000000000..7f344c377bb --- /dev/null +++ b/chromium/docs/website/site/_stylesheets/_reset.scss @@ -0,0 +1,100 @@ +// This is lifted from developer.chrome.com, which is CC-Attribute Licensed, +// but their file is actually based on the MIT-licensed +// Andy Bell's "modern reset" https://github.com/hankchizljaw/modern-css-reset + +// Box sizing rules +*, +*::before, +*::after { + box-sizing: border-box; +} + +// Remove default margin +body, +h1, +h2, +h3, +h4, +h5, +h6, +p, +figure, +blockquote, +dl, +dd, +pre { + margin: 0; +} + +// Set core body defaults +body { + min-height: 100vh; +} + +// Remove list styles on ul, ol elements with a list role, which suggests +// default styling will be removed. +// https://github.com/hankchizljaw/modern-css-reset/issues/30 +ul[role='list'], +ol[role='list'] { + list-style: none; +} + +// Don't let lists spill outside of their containing box. +ul, +ol { + list-style-position: inside; +} + +// Anchor elements that don't have a class get default styles +a:not([class]) { + text-decoration-skip-ink: auto; +} + +// Make images easier to work with +img { + display: block; + height: auto; + max-width: 100%; +} + +p img { + display: inline-block; + vertical-align: sub; +} + +// Inherit fonts for inputs and buttons +input, +button, +textarea, +select { + font: inherit; + letter-spacing: inherit; + word-spacing: inherit; +} + +// Remove the default border on iframes +iframe { + border: 0; +} + +// Blur images when they have no alt attribute +// Note: an empty alt (alt="") is fine and can be used to hide decorative images +img:not([alt]) { + filter: blur(10px); +} + +// Define a basic hairline element. +hr { + height: 1px; + margin: 0; +} + +// Remove all animations and transitions for people that prefer not to see them. +@media (prefers-reduced-motion: reduce) { + * { + animation-duration: 0.01s !important; + animation-iteration-count: 1 !important; + scroll-behavior: auto !important; + transition-duration: 0.01s !important; + } +} diff --git a/chromium/docs/website/site/_stylesheets/default.scss b/chromium/docs/website/site/_stylesheets/default.scss new file mode 100644 index 00000000000..a1e6eda17ab --- /dev/null +++ b/chromium/docs/website/site/_stylesheets/default.scss @@ -0,0 +1,418 @@ +@import "reset"; + +/* fonts */ + +$body-fonts: Arial, Verdana, sans-serif; +$monospace-fonts: monospace; + +/* colors */ + +$body-bg-color: rgb(247, 247, 247); +$body-color: rgb(0, 0, 0); + +$box-border-color: rgb(211, 211, 211); +$box-bg-color: rgb(241, 241, 241); + +$button-bg-color: rgb(3, 25, 79); +$button-color: rgb(255, 255, 255); +$button-border-color: rgb(192, 192, 192); + +$code-color: rgb(0, 96, 0); +$code-bg-color: rgb(239, 239, 239); + +$del-bg-color: rgb(244, 204, 204); +$ins-bg-color: rgb(217, 234, 211); + +$heading-color: rgb(0, 0, 0); + +$main-bg-color: rgb(255, 255, 255); +$main-border-color: $box-border-color; + +$license-color: rgb(94, 106, 114); +$license-bg-color: rgb(255, 255, 255); + +$link-color: rgb(0, 102, 204); +$link-color-heading: $link-color; +$link-color-heading-em: rgb(0, 102, 204); // TODO: Figure out if this is used? +$link-disabled-color: rgb(102, 102, 102); // TODO: Figure out if this is used? +$link-visited-color: rgb(71, 18, 100); + +$selector-bg-color: rgb(90, 112, 166); + +$sidebar-section-bg-color: rgb(255, 255, 255); +$sidebar-section-color: rgb(72, 72, 72); +$sidebar-section-selected-color: black; + +$table-border-color: rgb(217, 217, 217); + +/* page-wide settings */ + +a { + color: $link-color; + &.disabled { + color: $link-disabled-color; + text-decoration: none; + } +} + +b { + font-weight: 700; +} + +body { + background-color: $body-bg-color; + color: $body-color; + font-family: $body-fonts; +} + +code { + background: $code-bg-color; + color: $code-color; + font-family: $monospace-fonts; +} + +em, +i { + font-style: italic; +} + +pre { + background: $code-bg-color; + border: 1px solid $box-border-color; + margin: 1em; + padding: 0.5em 1em 0.5em 1em; +} + +header { + align-items: center; + display: flex; + justify-content: space-between; + margin: 5px 5px 5px 10px; + + a { + align-items: center; + color: $link-color-heading; + display: flex; + text-decoration: none; + + h2 { + width: 100%; + } + } + + img { + display: block; + margin-right: 10px; + } +} + +/* main panel */ + +#main-wrapper { + display: flex; +} + + +#sidebar-left { + flex: 0 auto; + font-size: 12px; + line-height: 1.33em; + min-width: 160px; + width: 160px; + + section { + background-color: $sidebar-section-bg-color; + margin: 0 5px 6px 5px; + padding: 0 0 0 5px; + } + + a { + color: $link-color; + display: block; + text-decoration: none; + + &.selected { + color: $sidebar-section-selected-color; + font-weight: bold; + } + } + + h4 { + color: $sidebar-section-color; + font-weight: 700; + font-size: 13px; + margin-bottom: 1px; + padding: 3px 0 2px 0; + } + + #license { + background-color: $license-bg-color; + color: $license-color; + font-size: 10px; + line-height: normal; + margin: 0 5px 6px 5px; + padding: 11px 5px 5px 5px; + + a { + display: inline; + text-decoration: underline; + } + } + + // Explicitly use the `a` tag to override the specificity of `#sidebar a`. + a#edit-this-page { + background-color: $button-bg-color; + border: 1px solid $button-border-color; + color: $button-color; + display: block; + font-size: 14px; + font-weight: 700; + margin: 20px auto; + padding: 6px 12px; + text-align: center; + text-decoration: none; + width: 90%; + } +} + +main { + background-color: $main-bg-color; + border: 1px solid $main-border-color; + flex: 1 100%; + font-family: $body-fonts; + font-size: 13.333px; + line-height: 1.3; + margin-right: 5px; + padding: 20px; + + a:visited { + color: $link-visited-color; + } + + a.header-anchor { + color: inherit; + text-decoration: inherit; + } + + blockquote { + margin-bottom: 13.33px; + margin-top: -12px; + } + + del { + background-color: $del-bg-color; + text-decoration: inherit; + } + + h1 { + font-size: 22px; + font-weight: 700; + margin: 10px 0 1.4em; + + a { + color: $link-color-heading; + } + } + + h2 { + font-size: 20px; + font-weight: 700; + margin: 1.2em 0 .8em 0; + } + + h3 { + font-size: 16px; + font-weight: 700; + margin: 1.2em 0 .7em 0; + } + + h4 { + font-weight: 700; + margin: 1.2em 0 .6em 0; + + a { + color: $link-color-heading; + } + + i a { + color: $link-color-heading-em; + font-weight: 400; + } + } + + ins { + background-color: $ins-bg-color; + text-decoration: inherit; + } + + p { + margin-bottom: 13.33px; + margin-top: 1.4em; + } + + pre { + white-space: break-spaces; + word-break: break-all; + } + + #title-crumbs { + padding: 6px 0 0 10px; + + + h3 { + margin-top: 6px; + } + } + + ul { + display: block; + list-style-position: outside; + list-style-type: disc; + margin-bottom: 1em; + margin-top: 1em; + padding-left: 40px; + + li { + margin-bottom: 5px; + margin-top: 5px; + + > p:first-of-type { + display: inline; + } + } + + ul { + list-style-type: circle; + margin-bottom: 0; + margin-top: 0; + + ul { + list-style-type: square; + } + } + } + + ol { + list-style-position: outside; + list-style-type: decimal; + padding-left: 40px; + margin: 1em 0; + + li { + margin: 5px 0; + p { + margin: .5em 0; + } + + > p:first-of-type { + display: inline; + } + } + + ul { + list-style-type: circle; + margin-bottom: 0; + margin-top: 0; + } + } + + table { + border-collapse: collapse; + border-spacing: 0px; + border-width: 1px solid $table-border-color; + margin: 1.3em 0 1.3em 0; + + td, + th { + border: 1px solid $table-border-color; + padding: 5px 10px 5px 10px; + vertical-align: top; + } + } + + /* Rules for particular extensions */ + + // Used by the `{% subpages collections.all %}` extension. + nav.subpage-listing { + background-color: $box-bg-color; + border: 1px solid $box-border-color; + + details { + margin-left: -1em; + } + + h4 { + margin: inherit; + padding: 0.5em 0 0 0.5em; + } + + li { + font-weight: normal; + list-style: none; + list-style-image: none; + margin-left: 1.2em; + padding-left: 1.3em; + + a { + text-decoration: none; + } + } + + ul { + padding-left: 0px; + } + + > ul { + margin: 0.5em 0 0.5em 0; + + > li { + border-top: 1px solid white; + font-weight: bold; + margin: 3px 0 3px 0; + padding: 2px 0 2px 1.3em; + } + } + } + + // Used by the `[TOC]` extension. + .table-of-contents { + border: 1px solid $box-border-color; + background-color: $box-bg-color; + display: table; + font-size: 12px; + margin-left: 1em; + padding: 1em 2em 1em 1em; + + a { + text-decoration: none; + } + + > ol::before { + content: "Contents"; + display: block; + font-weight: 700; + margin: 0 0 0.5em -1em; + } + + ol { + line-height: 1.1em; + margin: 0; + padding-left: 1.2em; + + li { + list-style-type: none; + } + } + } + + // Used for two-column content "extension". + .two-column-container { + align-items: flex-start; + display: flex; + + > div.column { + flex: 50%; + margin: 0; + padding-right: 30px; + } + } +} diff --git a/chromium/docs/website/site/administrators/advanced-integration-for-saml-sso-on-chrome-devices/index.md b/chromium/docs/website/site/administrators/advanced-integration-for-saml-sso-on-chrome-devices/index.md new file mode 100644 index 00000000000..432489270ec --- /dev/null +++ b/chromium/docs/website/site/administrators/advanced-integration-for-saml-sso-on-chrome-devices/index.md @@ -0,0 +1,264 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: advanced-integration-for-saml-sso-on-chrome-devices +title: Advanced Integration for SAML SSO on Chrome Devices +--- + +This page describes the advanced integration that **may** be done in enabling +SAML SSO on Chrome Devices. This article is intended for partners, SAML SSO +vendors and IT administrators. The integration described in this document is not +mandatory for the feature to work. For basic information on how SAML SSO can be +enabled for Chrome Devices, please refer to [this +article](https://support.google.com/chrome/a/answer/6060880). + +### Chrome Credentials Passing API + +API version 1.0 - 3rd June 2014 + +#### Motivation + +Users can sign in to Chrome with their Google accounts. The password is verified +by Google’s authentication servers but is also used locally in Chrome to provide +features such as session lock/unlock, Chrome Device offline sign-in and Chrome +Device user data encryption. For SAML users, authentication is performed by a +third-party identity provider (IdP). This document describes an API that SAML +IdPs can use to securely provide Chrome with the user credentials required to +implement the session lock/unlock, offline sign-in, and data encryption +features. + +#### Overview + +The Chrome sign-in flow is entirely web-based. Google’s authentication service +redirects to the IdP, the IdP guides the user through the authentication process +and eventually redirects back to a Google URL, reporting success or failure (see +the [Google developer +documentation](https://developers.google.com/google-apps/sso/saml_reference_implementation)). +The IdP’s authentication flow typically consists of at least three steps: + + an HTML login form collects user credentials + + the IdP verifies that the credentials submitted are correct + + an HTML page performs the redirect to the Google URL, indicating + success/failure + +This document introduces a JavaScript API via which the IdP can pass user +credentials to Chrome in step 1 and can inform Chrome when the credentials have +been verified in step 3. The API works locally: API methods are called by a +script that is executed by Chrome as part of the SAML IdP’s web-based +authentication flow and are processed by the same instance of Chrome. They do +not flow through any server. The API methods are provided by a JavaScript file +that handles the lower-level communication with Chrome. This file is hosted by +Google at: + + + +We recommend that SAML IdPs reference this file at the above location in their +scripts. This way, any improvements and bug fixes to the file will be picked up +automatically. We will make every effort to keep the API provided by this file +stable. + +#### Key Types + +To support session lock/unlock, offline sign-in and user data encryption, Chrome +must be able to authenticate a returning user without contacting any servers. +This is done by deriving a key from the user’s password via a one-way hash +function during initial authentication. When the user returns and enters his/her +password again, the same one-way hash function is applied to this password. If +the resulting keys match, the password entered was correct and the user is +authenticated. + +Chrome uses a built-in one-way hash function to derive keys from passwords for +non-SAML users. The same one-way hash function is used when a SAML IdP passes a +user’s password to Chrome via the API described in this document. Chrome +discards the password after hashing and does not store it anywhere. An +alternative is for the IdP to apply a one-way hash function and pass the derived +key to Chrome. When the user returns and enters his/her password, Chrome must +apply the same one-way hash function to determine whether the password entered +is correct. The IdP must therefore use a one-way hash function supported by +Chrome and must also pass Chrome any additional metadata required to repeat the +hashing, such as a salt. + +Chrome provides the SAML IdP with a list of supported key derivation mechanisms +when the IdP initializes the API. KEY_TYPE_PASSWORD_PLAIN is always supported. +For this key type, the IdP passes the password to Chrome and Chrome applies its +built-in one-way hash function to it. Additional key types, in which the IdP +applies a one-way hash function and passes the key and metadata to Chrome, will +be added in the future. + +#### API Methods + +The API consists of three JavaScript methods: + + initialize(callback) + + add(details, callback) + + complete(details, callback) + +All methods are asynchronous. Each method will invoke the callback passed to it +when its work is done. The initialize method must be called first to initialize +the API. The add method is then used to pass credentials to Chrome and the +complete method is used to inform Chrome that the passed credentials have been +verified. IdP login flows typically span multiple HTML login pages. The API +supports this by allowing its methods to be called from different pages. + +However, the API must correlate the complete call that indicates authentication +success with the add call that passed the corresponding credentials. This +correlation is established using the token argument: The SAML IdP passes a token +of its choosing in the details provided to the add call and must then pass the +same token in the details of the corresponding complete call. The API uses the +token to correlate these method calls only. The token is treated as opaque, is +not interpreted in any way and is discarded at the end of the sign-in process. + +If authentication fails, Chrome may return to the sign-in form, asking the user +to try signing in again. A sign-in process can thus encompass multiple +authentication attempts. To ensure that method calls are correlated correctly, +the SAML IdP should use a different token for each of these authentication +attempts. The IdP must then choose a token when calling add and must keep this +token as part of its internal state until complete is called. The need to +generate and keep track of a suitable token can be avoided by using the +RelayState (see the [Google SAML developer +documentation](https://developers.google.com/google-apps/sso/saml_reference_implementation) +for a definition) as the token. The RelayState meets all requirements that the +token must fulfill: + + The RelayState remains constant throughout an authentication attempt + + The RelayState is different for each authentication attempt + + The RelayState must be passed through from the start to the end of the + authentication flow so that it will be available in steps 1 and 3 of the + flow + +While the RelayState is an obvious choice for the token, a SAML IdP is free to +choose any other token instead, as long as it allows the add and complete calls +to be correlated. + +> ## initialize(callback) + +> The initialize method should be invoked once at the start of the +> authentication flow. While the API is currently implemented by Chrome only, a +> SAML IdP is not required to (and should not) interpret the user agent string +> to determine whether the API is available or not. Instead, the initialize +> method should always be called at the start of the authentication flow, +> regardless of user agent. + +> If the authentication attempt is part of a sign-in process on a version of +> Chrome that provides the API, Chrome will invoke the callback with a list of +> supported key types. Once the callback has been invoked by Chrome, the IdP may +> use the API by calling the add and complete methods. + +> In all other cases (e.g., not Chrome, older version of Chrome, not part of the +> sign-in process), the callback will not be invoked. If the callback is not +> invoked, the API is not available and the IdP must not call any of its other +> methods. If the IdP’s authentication flow spans multiple HTML pages, the IdP +> must keep track of the initialization result across these pages. If the API is +> available, the IdP should call the add and complete methods at the appropriate +> points in the authentication flow. Otherwise, the add and complete methods +> must not be called. + +> The callback should be a function that takes a single argument, keyTypes. +> Chrome passes an array of string constants indicating the supported key +> derivation mechanisms via this argument (see the key types section for +> details). The constant ’KEY_TYPE_PASSWORD_PLAIN’ will always be present in +> this array. Additional constants indicating further key derivation mechanisms +> will be added in the future. + +> ## add(details, callback) + +> This method should be invoked when the user has finished entering his/her +> credentials. The details should be a JavaScript object that contains the +> following fields: + +> token +> user +> passwordBytes +> keyType + +> The token is used to correlate the add call with a subsequent complete call. +> It is not interpreted by the API in any way and may be freely chosen by the +> IdP (see the API methods section for details). The user field should be set to +> the user’s e-mail address. If the IdP does not know the user’s e-mail address, +> an empty string should be passed. + +> The next two fields are used to pass a key to Chrome. keyType indicates the +> key derivation mechanism that the IdP used to derive the key from the user’s +> password. It must be one of the string constants that the API returned in the +> keyTypes array during initialization (see the previous section for details). +> passwordBytes contains the key and any metadata required to repeat the hashing +> process that was used to derive the key. + +> When the keyType is ’KEY_TYPE_PASSWORD_PLAIN’, passwordBytes contains the +> password itself. For other key types that will be added in the future, +> passwordBytes will contain the metadata, such as a salt, and the key, +> separated by a delimiter. + +> The callback will be invoked when Chrome has received the credentials. Since +> the user has not been authenticated yet, Chrome keeps the credentials in +> memory only and does not store them permanently until the corresponding +> complete method is called. + +> The add method will typically be called when the HTML login form is about to +> submitted. It is important to not actually submit the form until after the +> callback has been invoked. If the IdP calls the add method and submits the +> form without waiting for the callback, the HTML page containing the login form +> and any scripts it is running it will be torn down immediately, preventing the +> credentials from reaching Chrome. The recommended way to handle form +> submission is to set the callback to form.submit.bind(form), where form is the +> DOM node representing the login form. This way, the form will be submitted +> automatically when Chrome has received the credentials and invokes the +> callback. + +> If the credentials entered are incorrect, the IdP will typically end the +> authentication flow with a SAMLResponse indicating failure. However, an IdP +> may also redirect back to the IdP’s login form, allowing the user to try +> entering his/her credentials again. If the IdP implements this flow, the add +> method should be called whenever new credentials are entered. It is +> permissible to reuse the same token in this case. When the add method is +> called with new credentials, any credentials previously passed with the same +> token are superseded and replaced. + +> ## complete(details, callback) + +> The complete method should be invoked when the user’s credentials have been +> verified by the SAML IdP and the user is authenticated. The details should be +> a JavaScript object that contains one field, token. The token must match the +> one that was passed to the add call for this authentication attempt, allowing +> the two calls to be correlated. The complete call indicates that the +> credentials which the IdP had passed to the corresponding add call are valid. +> Chrome will use these credentials to provide the session lock/unlock, offline +> sign-in, and data encryption features for this user. The callback will be +> invoked when Chrome has processed the credentials and has stored them +> permanently. + +> After verifying the user’s credentials, an IdP needs to redirect to a Google +> URL, passing the RelayState and SAMLResponse. This is typically done by +> serving an HTML page that contains a hidden form which is submitted to the +> Google URL automatically upon page load. It is important to not actually +> submit the form until after the callback has been invoked. The recommended way +> to handle this is to call the complete method upon page load, setting the +> callback to form.submit.bind(form), where form is the DOM node representing +> the hidden form. This way, the form will be submitted automatically when +> Chrome has processed the credential and invokes the callback. + +> If the credentials provided are incorrect, the IdP must not call the complete +> method. When the SAML authentication flow completes with a SAMLResponse +> indicating authentication failure, Chrome will inform the user of the +> authentication failure and will allow him/her to try again, starting a new +> authentication flow. + +#### Limitations + +The API can be used to securely pass a key derived from the user’s password to +Chrome. If the user authenticates using other means (e.g., smart card, +biometrics, single-use codes) and does not have a password, the API cannot be +used as no key can be derived. Support for other authentication types is a +separate problem outside the scope of the API at this time. + +The API is available in Chrome 36 and higher. Earlier Chrome versions behave +like other user agents that do not support the API: It is safe to call the +initialize method. Since the API is not supported, the callback passed to +initialize will never be invoked. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/certificate-management-extension-api-on-chrome-os/index.md b/chromium/docs/website/site/administrators/certificate-management-extension-api-on-chrome-os/index.md new file mode 100644 index 00000000000..5f72ce9b33c --- /dev/null +++ b/chromium/docs/website/site/administrators/certificate-management-extension-api-on-chrome-os/index.md @@ -0,0 +1,281 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: certificate-management-extension-api-on-chrome-os +title: 'Developer Guide: Certificate Management Extension API on Chrome OS' +--- + +This document is for extension developers and describes how to use the extension +API +[enterprise.platformKeys](https://developer.chrome.com/extensions/enterprise_platformKeys) +for client certificate enrollment. + +## Motivation + +Client certificates allow secure authentication to digital resources, like +networks or web resources. A typical certificate based authentication protocol +is [Transport Layer +Security](http://en.wikipedia.org/wiki/Transport_Layer_Security) (TLS, formerly +known as SSL) and the protocols that are built on top like EAP-TLS for network +authentication and HTTPS for web resources. + +This article describes how to manage and make use of client certificates on +Chrome OS using the +[enterprise.platformKeys](https://developer.chrome.com/extensions/enterprise_platformKeys) +extension API: in particular, how to provision a new client certificate and how +to use a client certificate for network or web authentication. + +## Overview + +Many certificate enrollment protocols exist, like +[SCEP](http://tools.ietf.org/html/draft-nourse-scep-23), +[EST](https://tools.ietf.org/html/rfc7030) or +[CMC](https://tools.ietf.org/html/rfc5272), that define the communication +between the client (in this case, the Chrome OS device) and the Certificate +Authority (CA), which can be accompanied by a Registration Authority. The +[enterprise.platformKeys](https://developer.chrome.com/extensions/enterprise_platformKeys) +API is designed in a way that extensions have the freedom to implement any +enrollment protocol based on what is supported by the target Certificate +Authority. + +Independent of which specific protocol is used to communicate, the following +steps describe the typical flow of a certificate enrollment: + +1. Trigger the enrollment process, e.g. the user tries to authenticate but no +client cert is installed, or the user manually starts the enrollment. +2. Obtain the enrollment configuration, e.g. URL of the CA, or the attributes +to use for the certification request. +3. Obtain credentials to authenticate the certification request, either by +asking the user or by using an API, e.g. +[chrome.identity](https://developer.chrome.com/apps/identity). +4. Generate public/private key pair locally on the device. +5. Create the certification request, which contains data like the public key +and some attributes, which in turn is signed by the private key. The private +key is kept secret and is not part of the request. +6. Send the certification request to the CA. +7. After the CA authorizes the request, it creates the client certificate and +sends it to the client. +8. The client receives the certificate and installs it. + +After successful enrollment the certificate can be used to authenticate to +resources like a network or a web page. + +## The enterprise.platformKeys API + +This extension API of Chrome OS allows extensions to generate a key pair, sign a +certification request, and to manage the installed client certificates (import, +get and remove certificates). Using this API, an extension can drive the process +of installing a new client certificate to a Chrome OS device. + +In order to use the API, an extension must be pre-installed by user policy. Only +extensions installed by policy can use the API. + +### How to implement the enrollment process in an extension +1. The enrollment can be started by several events. + * The extension can expose a link or an icon that the user can use to manually + start the enrollment process, see for example + [chrome.browserAction](https://developer.chrome.com/extensions/browserAction). + * The first time the user tries to connect to a network that requires a client + certificate for authentication, Chrome OS can automatically open the + extension if the following required step has been taken by the + administrator: + The network must be configured by policy to use client certificates for + authentication (e.g. a 802.1x WiFi with EAP-TLS) and the Client Enrollment + URL must be set to a page of the extension, see [Manage + Networks](https://support.google.com/chrome/a/answer/2634553). + Every time the user attempts to connect to this network and there is no + matching certificate in the user’s certificate store, Chrome OS will open + the configured Client Enrollment URL in a new browser tab. + * The extension can use an [event + page](https://developer.chrome.com/extensions/event_pages) (succeeding + [background page](https://developer.chrome.com/extensions/background_pages)) + to check whether a valid client certificate is already installed at certain + times (e.g. after login and once per day). If not or if the certificate is + expiring soon, the extension can trigger the enrollment flow. + +2. The extension needs some configuration about the enrollment process, at a +minimum the URL of the CA and maybe attributes to embed in the certification +request. + + The configuration can + + * be part of the extension itself, which prevents reuse of the extension with + other configurations, + * be part of the Client Enrollment URL that is opened by Chrome OS (see + previous step), + * be pushed through [policy for + extensions](https://developer.chrome.com/extensions/manifest/storage), which + allows the administrator to configure the extension in the management + console. + +3. To obtain credentials to authenticate the certification request at the CA, +the extension can present any UI and ask the user to provide the credentials or +use any other APIs, for example, OAuth. + +4. The extension has to obtain the user +[Token](https://developer.chrome.com/extensions/enterprise_platformKeys#type-Token) +(with the id `"user"`) using +[enterprise.platformKeys.getTokens](https://developer.chrome.com/extensions/enterprise_platformKeys#method-getTokens) +and generate a key pair using the +[subtleCrypto.generateKey](http://www.w3.org/TR/WebCryptoAPI/#subtlecrypto-interface) +method of the +[Token](https://developer.chrome.com/extensions/enterprise_platformKeys#type-Token). +The private key will be generated by the TPM and is guaranteed to never leave +the device or even the TPM. + + ```none + function getUserToken(callback) { + chrome.enterprise.platformKeys.getTokens(function(tokens) { +   for (var i = 0; i < tokens.length; i++) { +   if (tokens[i].id == "user") { +        callback(tokens[i]); +        return; +      } +    } +    callback(null); +  }); + } + ``` + + ```none + var algorithm = { +  name: "RSASSA-PKCS1-v1_5", + +   // RsaHashedKeyGenParams: +   modulusLength: 2048, + +  // Equivalent to 65537 +   publicExponent: new Uint8Array([0x01, 0x00, 0x01]), +  hash: { +    name: "SHA-1" +  } + }; + + userToken.subtleCrypto.generateKey(algorithm, false /* not extractable */, ["sign"]) + .then(function(keyPair) { ... continue with generated keyPair ... }, +        console.error.bind(console)); + ``` + +5. Extract the public key from the key handle using the +[subtleCrypto.exportKey](http://www.w3.org/TR/WebCryptoAPI/#subtlecrypto-interface) +method of the +[Token](https://developer.chrome.com/extensions/enterprise_platformKeys#type-Token): + + ```none + userToken.subtleCrypto.exportKey("spki", keyPair.publicKey) +   .then(function(publicKey) { ... continue with publicKey ... }, +        console.error.bind(console)); + ``` + +6. Create the content for the certification request in the extension. This +request must contain at least the public key. The CA may expect additional +attributes that must be added. If the request is PKCS#10 based, for example, the +open source library [forge](https://github.com/digitalbazaar/forge) may be used. + + ```none + var request = CreateCertificationRequest(); + request.setPublicKey(publicKey); + request.setSubject('CommonName', 'some name'); + ``` + +7. Sign the content of the certification request (using the +[subtleCrypto.sign](http://www.w3.org/TR/WebCryptoAPI/#subtlecrypto-interface) +method of the +[Token](https://developer.chrome.com/extensions/enterprise_platformKeys#type-Token)) +and create the final request from the content and the signature. Any subsequent +attempt to use the same key for signing will fail for security reasons: This API +guarantees that only Chrome OS itself can use the private key and the +certificate for authentication. + + ```none + function signData(data, callback) { +  userToken.subtleCrypto.sign({name : "RSASSA-PKCS1-v1_5"}, keyPair.privateKey, data) +    .then(callback, console.error.bind(console)); + } + + request.setSignFunction(signData); + request.sign(); + ``` + +8. Send the certification request to the CA and receive the client certificate +(e.g. using XMLHttpRequest) + + ```none + var xhr = new XMLHttpRequest(); + function onReadyStateChange() { +  if (xhr.readyState !== 4) +    return; +  if (xhr.status !== 200) { + ... handle error ... +    return; +  } +  ... continue with xhr.response which contains the certificate .... + } + xhr.onreadystatechange = onReadyStateChange; + xhr.open('POST', caUrl); + xhr.setRequestHeader('Content-Type', ...); + xhr.send(request); + ``` + +9. Install the client certificate using +[enterprise.platformKeys.importCertificate](https://developer.chrome.com/extensions/enterprise_platformKeys#method-importCertificate) + + ```none + chrome.enterprise.platformKeys.importCertificate(userToken.id, certificate); + ``` + +10. Different methods to use the client certificate for authentication are +available + + For network authentication: + * The user can manually select the client certificate in the network + configuration dialog. + * The selection can also be automated if the network is configured by policy. + For network types that support client certificates, like EAP-TLS, the + administrator can configure a Certificate Pattern that defines which client + certificates are valid for authenticating to this network. Chrome OS will + automatically select the most recent matching client certificate and use it + for authentication on every connection attempt. + + For web pages requiring client certificate authentication: + * When accessing a web page that requires the client to present a certificate, + Chrome OS will show the user a list of available client certificates. After + selecting one, Chrome OS will use it to authenticate. + * The selection can also be automated for specific URLs using the policy + [Automatically select client certificates for these + sites](https://support.google.com/chrome/a/answer/2657289?#AutoSelectCertificateForUrls): + For URLs that are listed in this policy, the most recent matching client + certificate will automatically be used for authentication without prompting + the user. + +Note that the +[enterprise.platformKeys](https://developer.chrome.com/extensions/enterprise_platformKeys) +API guarantees, that client certificates imported using the API can only be used +by Chrome OS itself for authentication. The extension is not able to drive any +authentication with such a certificate and in particular the API guarantees that +the certificate can’t be extracted to authenticate any other user or device. + +### Re-enrollment + +To determine whether any valid client certificate is already installed and to +check the expiration of the installed certificates, an extension can use the +[platformKeys.getCertificates](https://developer.chrome.com/extensions/enterprise_platformKeys#method-getCertificates) +function and if necessary trigger the process to obtain a new client +certificate. + +```none +chrome.enterprise.platformKeys.getCertificates(userToken.id, function(certificates) { + for (var i = 0; i < certificates.length; i++) { +   var certificate = certificates[i]; +   ... check whether certificate is valid and matches the required attributes ... + } +}); +``` + +An installed certificate can be removed from the user’s certificate store using +the function +[enterprise.platformKeys.removeCertificate](https://developer.chrome.com/extensions/enterprise_platformKeys#method-removeCertificate). +As client certificates can be selected automatically (see last step in the +enrollment process above), unnecessary certificates should be removed to prevent +conflicts. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/common-problems-and-solutions/index.md b/chromium/docs/website/site/administrators/common-problems-and-solutions/index.md new file mode 100644 index 00000000000..b35f3b89f0e --- /dev/null +++ b/chromium/docs/website/site/administrators/common-problems-and-solutions/index.md @@ -0,0 +1,241 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: common-problems-and-solutions +title: Common Problems and Solutions +--- + +**Installation** + +**What method should we use to install and auto-update?** + +> There are two ways to handle installation and version management: + +> 1. Install the MSI and leave auto-updates on. + +> Implications to consider: + +> * The installations will auto-update themselves, so the MSI you use + to deploy will eventually not work for repairs and over-installs. + You'll need to get the latest MSI. +> * Updates are performed silently, and occur often. +> * Your users will always be up-to-date with the latest stable + version. + +> 2. Install the MSI and turn auto-updates off. + +> Implications to consider: + +> * You must keep the MSI you use to deploy archived for repairs or + over-installs, as we do not publish old MSIs. +> * Not auto-updating will mean users are running old, and potentially + vulnerable, versions of the browser. +> * You can push a new MSI install over the old MSI install when + you're ready. + +I'm trying to install behind a firewall, and the install is timing out and +failing. + +> The problem is that by default, Google Update is attempting to check for an +> update on install and fails at the firewall. + +> When passed a special parameter, the installation will not do this check, and +> should install regardless of outside connectivity. + +> The special parameter is "NOGOOGLEUPDATEPING=1", and is used like this: + +> msiexec /i GoogleChromeStandaloneEnterprise.msi NOGOOGLEUPDATEPING=1 /l\*v +> log.txt + +When I attempt to push a new MSI, the install fails with an error that says: **"Google Chrome or Google Chrome Frame cannot be updated on account of inconsistent Google Update Group Policy settings. Use the Group Policy Editor to set the update policy override for the Google Chrome Binaries application and try again." + +> Between Chrome 12 and 13, the group policy settings to control auto-updates +> changed. Rather than have auto-updates start unexpectedly, this error was +> added so that you know to set the new auto-update group policies. + +> Find out more information here: + +> + +**Can I store my users' Chrome profiles on a Roaming Profile? Or sync it to a +network drive?** + +> Chrome user profiles are not backwards-compatible. If you try to use +> mismatched profiles and Chrome versions, **you may experience crashes or data +> loss**. This mismatch can often occur if a Chrome profile is synced to a +> roaming profile or network drive across multiple machines that have different +> versions of Chrome. We strongly encourage admins & users to consider using +> [Google Chrome +> Sync](http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=165139&from=165140&rd=1), +> which persists user settings across machines, instead of using roaming +> profiles for the time being. + +> That said, there are policies for controlling the location of the user profile +> and the cache: + +> + +> + +**I'm trying to install the MSI over an existing MSI install, but I keep getting +the error "more recent version exists".** + +> If you left auto-updates on, it's possible that the version of the MSI you're +> trying to install is already outdated. If you already have the dev channel or +> beta channel installed, the MSI cannot overwrite that since they'll be on +> newer versions too. + +> Verify that you are attempting to install a later version of the MSI by +> downloading the latest version +> [here](http://www.google.com/chrome/eula.html?msi=true). + +> To see what the latest stable version of Chrome is for Windows, click +> [here](http://omahaproxy.appspot.com/win). + +**I'm trying to repair an installation, but the repair is failing.** + +> If you left auto-updates on, it is likely that your installs auto-updated to a +> later version. This is causing the repair to fail because you're already on a +> later version than the MSI. + +> You can download the latest stable MSI +> [here](http://www.google.com/chrome/eula.html?msi=true), and use this MSI for +> the repair instead. + +**When applying the MSI over a previous install, I get the error "There is a +problem with this Windows Installer package. A program required for this install +to complete could not be run. Contact your support personal or package vendor"** + +> If you are running with the /f flag to run it as a "minor" update, you will +> need to use the /i flag to run it as a "major" update instead. + +**Do you have old versions of the MSI available?** + +> No. The latest stable version is always available at the link above. + +> If you are looking to repair an existing MSI install, and you left +> auto-updates on, you can repair with the latest stable MSI. + +**How often do you update the MSI?** + +> We update the MSI on every stable release. We'll release a new "major" version +> to the stable channel about every six weeks, although there are often several +> updates to the stable channel between major updates that typically contain +> crash and security fixes. + +> If, for some reason, the version of the MSI at the link above is old, please +> let us know by [filing a +> bug](http://code.google.com/p/chromium/issues/entry?template=Enterprise%20Issue) +> so we can fix it! + +**What happens if the user already has 'consumer Chrome' installed and I try to +push out 'Enterprise Chrome'? Will they end up with two Chromes?** + +> There is only ever one Chrome on the machine. When the MSI notices that +> consumer Chrome is already there, it will remove it and update the user's +> shortcuts. + +> The next time the user attempts to launch Chrome, it will launch the +> 'Enterprise Chrome' instead. + +> This should look seamless to the user, but sometimes behaves inconsistently. +> You may want to consider uninstalling 'consumer Chrome' before pushing out the +> MSI. + +**I want to remove 'consumer Chrome' from target machines entirely before +pushing out 'Enterprise Chrome'. What command can I use to uninstall?** + +> You can append several registry keys together with an additional parameter, +> and execute them. + +> HKEY_CURRENT_USER\\Software\\Google\\Update\\ClientState\\{8A69D345-D564-463c-AFF1-A69D9E530F96}\\UninstallString +> + +> HKEY_CURRENT_USER\\Software\\Google\\Update\\ClientState\\{8A69D345-D564-463c-AFF1-A69D9E530F96}\\UninstallArguments +> + ' --force-uninstall' + +> The command will end up looking something like + +> '\[Path to user's data directory\]\\setup.exe --uninstall --force-uninstall' + +**If I uninstall 'consumer Chrome', will that wipe out the user's data?** + +> No. Users' data is kept separate from the Chrome installation. + +> However, if the user was using a more recent version of Chrome, their profile +> data may not work in an older version of Chrome and they'll see a warning when +> they try to run it. You may want to verify that you're pushing out the latest +> stable channel version of Chrome. + +**Auto-Update** + +**I see a new version was just released, by my installs don't seem to be +auto-updating.** + +> We typically throttle updates the first few days after an update to watch +> stability rates and make sure we're pushing out a good update. Not all users +> will get the update immediately, so you may see some machines auto-update and +> others not in this timeframe. + +> If you require the most up-to-date version immediately, you may want to +> download the latest MSI and push it out manually. + +**Policy** + +**What policy settings do I need to use to integrate with my Windows NTLM +login?** + +> Using the AuthServerWhitelist policy, set the value of the policy to the list +> of the **Domain Controllers' FQDN and the proxy server**. Also, using the +> AuthSchemes policy, specify **all four** of basic, digest, ntlm, and +> negotiate. + +**I'm trying to force-install an extension that is internal to our network (not +on the Chrome Web Store), but it's not being force-installed.** + +> First, verify that the policy you are applying is being properly picked up by +> the browser. Navigate to "about:policy" and look for a policy named +> "ExtensionInstallForcelist" -- your setting should be there. If it is not, it +> is possible that your policy is under the wrong registry key. + +> Second, verify that the extension you built installs manually -- install the +> extension CRX and verify it installs correctly (you may see some security +> warnings when installing manually that you will not see when +> force-installing). + +> Third, verify that other extensions from the Chrome Web Store install +> properly. There is an example in the documentation. + +> Lastly, if all of that does not work, it is likely that the URL you specified +> as part of the policy setting does not point to a valid auto-update XML file. +> The URL specified in the policy ==must point to the auto-update XML file, not +> the CRX==. + +**I'm trying to set the default search provider, but it's not working.** + +> The policy uses a different format for the search provider URL from the format +> you see when you open the options dialog. Using the 'options dialog format' +> will actually cause the policy to not be respected. + +> Instead of using "%s" in the search URL to denote the search keywords, you +> must use "{searchTerms}" instead. Using Google's search URL as an example: + +> Wrong: http://www.google.com/?q=%s + +> Right: http://www.google.com/?q={searchTerms} + +**Chrome does not read policy from the Windows registry.** + +> Please use GPO instead. Chrome only loads policies from the registry on +> machines that are part of an Active Directory domain. + +**Chrome does not honor policy provided via GPO.** + +> Even when using GPO, very few policies still require the machine to be part of +> an Active Directory domain. See the [Policy +> List](/administrators/policy-list-3) for more details. + +**Didn't Find the Answer?** + +If you didn't find the question and answer you were looking for, please [file a +bug](http://code.google.com/p/chromium/issues/entry?template=Enterprise%20Issue). \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks4.png.sha1 b/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks4.png.sha1 new file mode 100644 index 00000000000..255c832b9d5 --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks4.png.sha1 @@ -0,0 +1 @@ +da302547a41190df7c263ae1965655851a73d295 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks5.png.sha1 b/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks5.png.sha1 new file mode 100644 index 00000000000..aa60718f69c --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks5.png.sha1 @@ -0,0 +1 @@ +662968d6a18c1a06f861b61fcb0aff165f045866 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks6.png.sha1 b/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks6.png.sha1 new file mode 100644 index 00000000000..7f63de51aba --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/bookmarks6.png.sha1 @@ -0,0 +1 @@ +f7595764e34a5d98e1cdb241b69538f144d364aa \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/index.md b/chromium/docs/website/site/administrators/complex-policies-on-windows/index.md new file mode 100644 index 00000000000..7d3edb4eb74 --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/index.md @@ -0,0 +1,228 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: complex-policies-on-windows +title: Complex policies on Windows +--- + +[TOC] + +## Background + +Chrome represents policies as JSON values internally. Up until version 37 all +Chrome policies were of simple types: + +* **Booleans** (example: + [SafeBrowsingEnabled](/administrators/policy-list-3#SafeBrowsingEnabled)) +* **Integers** (example: + [DefaultCookiesSetting](/administrators/policy-list-3#DefaultCookiesSetting)) +* **Strings** (example: + [ProxyPacUrl](/administrators/policy-list-3#ProxyPacUrl)) + +Additionally, Chrome has supported some policies as **Lists of Strings** +(example: [URLBlacklist](/administrators/policy-list-3#URLBlacklist)). + +These policy types match what GPO can represent natively on Windows using +Administrative Template files (ADM or ADMX). + +Some policies need more complex values that don't fit well in any of these +types. For example, +[ExtensionInstallForcelist](/administrators/policy-list-3#ExtensionInstallForcelist) +defines a list of extensions to install automatically. Each extension is defined +by its extension ID and a remote update URL (to support extensions from private +stores). This can be easily represented in JSON as a list of objects, where each +object has two strings: + + + + + + + + + + + + + + +
\[ { "id": "public-ext-id-1", "update_url": "https://clients2.google.com/service/update2/crx" }, { "id": "private-ext-id-2", "update_url": "http://www.local/chrome/updates.xml" }\]
+ +Unfortunately there is no native GPO type to represent this and the policy needs +to be configured as a List of Strings, where each string contains both the ID +and the update URL separated by a semicolon: + + + + + + + + +
\[ "public-ext-id-1;https://clients2.google.com/service/update2/crx", "private-ext-id-2;http://www.local/chrome/updates.xml"\]
+ +## New in Chrome 37: complex policies + +Chrome 37 introduced new policies with complex values that don't fit in any of +the native GPO or Registry types: +[RegisteredProtocolHandlers](http://www.chromium.org/administrators/policy-list-3#RegisteredProtocolHandlers) +and [Managed +Bookmarks](http://www.chromium.org/administrators/policy-list-3#ManagedBookmarks). + +There are 3 ways to configure the values for these policies: as a JSON string in +the GPO editor, as a JSON string in the registry, or as an expanded JSON object +in the registry. + +## JSON values as strings + +All of these policies can be configured as strings that contain a JSON value. +Any JSON editor should able to edit and validate the JSON string, including some +[online editors](http://google.com/search?q=json%20editor). + +JSON can contain simple values: + +* Strings are wrapped in quotes: "example string value" +* Integers are just spelled out: 123 +* Boolean values can be specified as true or false + +JSON supports lists of values. The values should be enclosed between \[ and \] +and separated by commas: \[ "this", "is", "a", "list", "of", "strings" \]. + +JSON also supports objects (sometimes called dictionaries), which contain a +string key mapped to any other valid JSON value (which may be a list or another +object/dictionary): { "key": "string value", "key that maps to integer": 123, +"key that maps to list": \[ 1, 2, 3 \] } + +The examples below will configure the [Managed +Bookmarks](http://www.chromium.org/administrators/policy-list-3#ManagedBookmarks) +policy to build this bookmark structure: + +* Google (google.com) +* YouTube (youtube.com) +* Chrome links + * Chromium (chromium.org) + * List of Policies + (http://www.chromium.org/administrators/policy-list-3) + +Each bookmark is a JSON object with a "name" key indicating its name, and a +"url" key indicating the URL or a "children" key that maps to another list of +bookmarks, to create folders. + +The JSON string for the structure listed above is: + +\[ { "name": "Google", "url": "google.com" }, { "name": "YouTube", "url": +"youtube.com" }, { "name": "Chrome links", "children": \[ { "name": "Chromium", +"url": "chromium.org" }, { "name": "List of Policies", "url": +"http://www.chromium.org/administrators/policy-list-3" } \] } \] + +[image](/administrators/complex-policies-on-windows/bookmarks4.png) + +## Option 1: JSON strings in the GPO editor + +If you use the ADM or ADMX templates you can just locate the policy to configure +(in this case, "Managed Bookmarks"), enable it, and set the JSON string in the +string field for that policy: + +[image](/administrators/complex-policies-on-windows/bookmarks5.png) + +## Option 2: JSON strings in the registry editor + +**Note**: Chrome only loads policies directly from the registry on AD enrolled +machines. + +Chrome policies can be configured under Software\\Policies\\Google\\Chrome (or +Software\\Policies\\Chromium for Chromium) in HKCU or HKLM. For complex +policies, just create a new String value with the policy name and set the JSON +string in the Value field. + +[image](/administrators/complex-policies-on-windows/bookmarks6.png) + +## Option 3: expanded JSON in the registry + +**Note**: Chrome only loads policies directly from the registry on AD enrolled +machines. + +Chrome will try to load JSON lists and JSON objects/dictionaries directly from +the registry too, for the new complex policies. This format makes it easier to +directly edit the policy values in the registry but requires understanding how a +JSON list and a JSON dictionary can be represented in the registry. + +The basic rules are: + +* Strings are stored as String Values (right-click on the right side, + choose New -> String Value) +* Integers are stored as Dword Values (New -> DWORD (32-bits)) +* Booleans are also stored as Dword Values. Use 0 for false and 1 for + true. + +Objects/dictionaries can contain any of these simple types. Just add the value +as described above, and use the "Value Name" field to set the name of the entry +in the dictionary. + +If the entry in the dictionary is a list or another dictionary then you can +create a new Key on the left side of the registry editor. Its name will be used +for the dictionary key name, and its contents will be interpreted as another +dictionary. + +Lists are represented just like dictionaries, but they key names must be "1", +"2", "3" and so on. Note that counting starts at 1 and not at 0 (this is what +the GPO editor does for lists too). Chrome knows the expected policy format +internally, and will load each entry as a list or object as appropriate. + +Here's an example for the Managed Bookmarks configuration listed above. Start by +creating a new registry Key (these are shown as folders on the left side) named +"ManagedBookmarks": + +[image](/administrators/complex-policies-on-windows/reg1.png) + +The value of this policy is a list of objects, so this folder will contain other +subfolders named "1", "2", etc. Start by creating a subfolder named "1": + +[image](/administrators/complex-policies-on-windows/reg2.png) + +The contents of this folder are the keys for the first object inside the list of +bookmarks. You can now add the 2 strings that declare a bookmark, the "name" and +the "url". This configuration should be enough to show one bookmark in Chrome. + +To add bookmark folders, start by adding a new entry in the main list (see +folder "3" below) and give the folder a "name" too. But instead of specifying a +"url", add a new subfolder named "children" that contains the bookmarks for that +folder. The "children" folder is a list of bookmarks, so it should contain +subfolders named "1", "2", etc again. + +[image](/administrators/complex-policies-on-windows/reg3.png) + +Each child bookmark of the folder needs to have its "name" and "url" defined +again: + +[image](/administrators/complex-policies-on-windows/reg4.png) + +## Troubleshooting + +The first step to diagnose problems is the internal chrome://policy page. You +should see your policies listed in that page and their corresponding values. + +* If the policy is present and its value is shown too but it doesn't + seem to work then this might be a new bug. Please file a new report + at [crbug.com](http://crbug.com) with the Enterprise template. +* If the policy is present but the value is invalid then there is a + problem in the JSON configuration. +* If the policy is not present then it wasn't found by Chrome. + +Policies configured via GPO have some delay until they are applied; run the +gpupdate command to flush them. If you use the registry then note that Chrome +only loads those policies on machines that are enrolled to an AD domain. + +It's generally a good idea to validate your JSON string to make sure it doesn't +have any invalid constructs; a common source of errors is trailing commas at the +end of a list or a dictionary, which is not supported in JSON. Use an [online +JSON validator](http://google.com/search?q=json%20validator) (like +[JSONLint](http://jsonlint.com/)) to make sure your JSON string is valid. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/reg1.png.sha1 b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg1.png.sha1 new file mode 100644 index 00000000000..812d21dd94a --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg1.png.sha1 @@ -0,0 +1 @@ +0184eeedcb0f20c359efd576a287d8efc4d6573e \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/reg2.png.sha1 b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg2.png.sha1 new file mode 100644 index 00000000000..1b0d763bbf4 --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg2.png.sha1 @@ -0,0 +1 @@ +9a74cd54c80c064ce0af01469f32716fde94b01e \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/reg3.png.sha1 b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg3.png.sha1 new file mode 100644 index 00000000000..5ede675b878 --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg3.png.sha1 @@ -0,0 +1 @@ +7b8316767961124aee6b4b027d5cb375ed598005 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/complex-policies-on-windows/reg4.png.sha1 b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg4.png.sha1 new file mode 100644 index 00000000000..ca0f1a3e44c --- /dev/null +++ b/chromium/docs/website/site/administrators/complex-policies-on-windows/reg4.png.sha1 @@ -0,0 +1 @@ +7b89c2fb1310b8d6aa5e7264f1076e6637347aa1 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/configuring-other-preferences/index.md b/chromium/docs/website/site/administrators/configuring-other-preferences/index.md new file mode 100644 index 00000000000..fd59278021d --- /dev/null +++ b/chromium/docs/website/site/administrators/configuring-other-preferences/index.md @@ -0,0 +1,263 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: configuring-other-preferences +title: Configuring Other Preferences +--- + +Not all user preferences are managed through policy, typically because they do +not need to be managed centrally. + +**Preferences vs. Policies** + +Preferences and policies are two different methods for controlling the browser's +behavior. They have different purposes, however: + +Preferences: + +* Keep state of a user's personal browsing experience. +* Are usually unique to each user. +* Are writable by the user, as they live in the user's directory in a + text file. +* Are often under-the-hood, technical settings that don't necessarily + make sense to pre-set per user or lock in with policy. +* Use the master_preferences file as a template if no Preferences + already exist. **Preferences are copied from master_preferences + ==only once==; changes to the master_preferences file made after + that are not respected!** + +Policies: + +* Are rules that the user's browsing experience must abide by. +* Do not keep state of the user's experience. +* Are usually applied to groups of users; they are not necessarily + unique to each user. +* Are not (typically) writable by the user. +* Are clearly enumerated and are intended for the admin to use & set. +* Are set only by the admin in special locations (registry, MCX, + /etc/...). +* Policies that should be editable by the user are called "recommended + policies" and offer a better alternative than the master_preferences + file. Their contents can be changed and are respected as long as the + user has not modified the value of that preference themselves. + +There are several notable preferences that are also policies, "homepage" being +the most common. + +Policies take precedence to preferences and preferences take precedence to +recommended policies. If "homepage" is specified in both the policies, and in +the "master_preferences" file, policies will always override. + +**Should I use a Preference, or a Policy?** + +Prefer policies to configure Chrome on managed computers. Use recommended +policies for settings that users should be able to change, and use mandatory +policies for settings that users should not be able to change. A +master_preferences file may be used to make default settings for new users, +though doing so has some drawbacks: + +* The contents of a master_preferences file are copied once per + profile at profile creation. As a result, it is not possible to + automatically propagate modifications to a master_preferences file + to users. +* The preferences that may be set via master_preferences are not + guaranteed to work in the future. It is possible that preferences + may change or be removed such that values in master_preferences + files would be ignored. + +### The Gritty Details + +Preferences are kept in a file named "Preferences", which every Chromium / +Google Chrome user will have in their own user directory. This Preferences file +is a text file that contains JSON markup. Going through and editing every user's +Preferences file to deploy a behavior change is really cumbersome and some +preferences are protected by cryptographic hashes and can not be manually +edited, so there are easier ways to manage this: + +* When users start Chromium / Google Chrome for the first time, they + don't yet have any Preferences file. +* A file named "master_preferences" located next to chrome.exe or + chromium executable, is used as a template for what becomes users' + Preferences file. On a system with Chrome installed from an MSI, + this will be C:\\Program Files + (x86)\\Google\\Chrome\\Application\\master_preferences + * On **Mac OS X**, for **Google Chrome**, this file is either of + ~/Library/Application Support/Google/Chrome/Google Chrome Master + Preferences or /Library/Google/Google Chrome Master Preferences + * On **Mac OS X**, for **Chromium**, this file is either of + ~/Library/Application Support/Chromium/Chromium Master + Preferences or /Library/Application Support/Chromium/Chromium + Master Preferences +* You only need to create and populate the master_preferences file + when you deploy Google Chrome, and all users on that machine will + get those settings when they first start Chromium / Google Chrome. + +The master_preferences file, like each user's Preferences file, is simply a text +file that contains JSON markup, and will look something like this: + +```none +{ +  "homepage" : "http://www.chromium.org/", +  "homepage_is_newtabpage" : false, +  "distribution" : { +      ...more stuff here ... +  } +} +``` + +Some of the preferences should be obvious, but some are not entirely clear -- +they are described at the end of this document. + +Moreover, you'll notice that some of these preferences are managed by policy. +Note that **no matter what is in the master_preferences or Preferences files, +policy always takes precedence.** Setting the home page in both the Preferences +file and policy means that the home page in policy will be the one that Chromium +/ Google Chrome uses, and the user will not be able to edit it. + +**Preferences List** + +So, what preferences should you actually use? There are actually lots and lots +of preferences, most of which you won't really care about. + +Here is a sample master_preferences list that may be of interest (this is a +fully-functional master_preferences file): + +{ + +"homepage": "http://www.google.com", + +"homepage_is_newtabpage": false, + +"browser": { + +"show_home_button": true + +}, + +"session": { + +"restore_on_startup": 4, + +"startup_urls": \[ + +"http://www.google.com/ig" + +\] + +}, + +"bookmark_bar": { + +"show_on_all_tabs": true + +}, + +"sync_promo": { + +"show_on_first_run_allowed": false + +}, + +"distribution": { + +"import_bookmarks_from_file": "bookmarks.html", + +"import_bookmarks": true, + +"import_history": true, + +"import_home_page": true, + +"import_search_engine": true, + +"ping_delay": 60, + +"do_not_create_desktop_shortcut": true, + +"do_not_create_quick_launch_shortcut": true, + +"do_not_create_taskbar_shortcut": true, + +"do_not_launch_chrome": true, + +"do_not_register_for_update_launch": true, + +"make_chrome_default": true, + +"make_chrome_default_for_user": true, + +"system_level": true, + +"verbose_logging": true + +}, + +"first_run_tabs": \[ + +"http://www.example.com", + +"http://welcome_page", + +"http://new_tab_page" + +\] + +} + +Most of these settings should be self-explanatory. The most interesting settings +are: + +* import_bookmarks_from_file: silently imports bookmarks from the + given HTML file. +* import_\*: each of these import parameters will trigger automatic + imports of settings on first run. +* ping_delay: RLZ ping delay in seconds. +* do_not_create_any_shortcuts: suppress creation of all shortcuts + (including the Start Menu shortcut) +* do_not_create_taskbar_shortcut: only supported on Windows 8 and + below -- TaskBar shortcuts are never created on Windows 10 +* do_not_launch_chrome: doesn't launch chrome after the first install. +* do_not_register_for_update_launch: does not register with Google + Update to have Chrome launched after install. +* make_chrome_default: makes chrome the default browser. +* make_chrome_default_for_user: makes chrome the default browser for + the current user. +* system_level: install chrome to system-wide location. +* verbose_logging: emit extra details to the installer's log file to + diagnose install or update failures. +* first_run_tabs: these are the tabs & URLs shown on the first launch + (and only on first launch) of the browser. +* sync_promo.show_on_first_run_allowed: prevents the sign-in page from + appearing on first run. + +### Pre-installed Bookmarks + +To add pre-installed bookmarks, you have to create a file that contains all of +your bookmarks, then give the right signals for a Chrome install to import them +when a user runs Chrome for the first time. + +1. First, set up bookmarks in Chrome as you'd like them to appear to + the end-user +2. Go to the Wrench Menu -> Bookmark Manager -> Organize + Bookmarks -> Export Bookmarks +3. The file that is saved/exported contains all of the bookmark data + that will be imported. + +To instruct an end-user's Chrome to import these bookmarks, include these +elements in your master_preferences: + +{ "distribution": { "import_bookmarks": false, "import_bookmarks_from_file": +"c:\\\\path\\\\to\\\\your\\\\bookmarks.html" }, "bookmark_bar": { +"show_on_all_tabs": true } } + +The relevant entries are: + +* "import_bookmarks_from_file": needs to have the path to bookmark + file. **The backslashes in the path must be escaped by a backslash; + use double-backslashes. Also be sure that this file exists at the + point that the user first runs Chrome.** +* "import_bookmarks" should probably be false, so your imported + bookmarks don't get overwritten. +* "show_on_all_tabs": can either be true or false, whether we've + promised the partner to show the bookmarks bar on by default or not. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/configuring-policy-for-extensions/index.md b/chromium/docs/website/site/administrators/configuring-policy-for-extensions/index.md new file mode 100644 index 00000000000..438c8b992cb --- /dev/null +++ b/chromium/docs/website/site/administrators/configuring-policy-for-extensions/index.md @@ -0,0 +1,227 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: configuring-policy-for-extensions +title: Configuring Apps and Extensions by Policy +--- + +Policies can also be configured for extensions that support policy management +via the [managed storage +API](http://developer.chrome.com/extensions/manifest/storage). The sample +[Managed +Bookmarks](http://developer.chrome.com/extensions/examples/extensions/managed_bookmarks.zip) +extension can be used to configure Chrome bookmarks via a policy, for example. +Extensions that support policy management are listed in **chrome://policy**, +together with the policies configured for them. + +This page documents how to configure policies for extensions, using the Managed +Bookmarks extension as an example. Extensions can also be [installed via +policy](http://www.chromium.org/administrators/policy-list-3#ExtensionInstallForcelist); +the examples below assume that the Managed Bookmarks extension has been loaded +as an unpacked extension from **chrome://extensions** and got the extension ID +"gihmafigllmhbppdfjnfecimiohcljba". + +This extension supports two policies: "Bookmarks Bar" and "Other Bookmarks". +Each is a list of bookmarks, where each bookmark is a dictionary that contains a +"title" and either a "url" or a list of "children". The examples below configure +a "Chromium" bookmark to "chromium.org" and a "Videos" folder with a bookmark to +"youtube.com". + +**Chrome OS** + +Policies for Chrome OS must be configured via the admin console at +. + +The policy for the extension can be uploaded in a txt file after the extension +has been selected to be configured. Note that this option only appears for +extensions that support policy configuration. + +The txt file should contain a valid JSON object, mapping a policy name to an +object describing the policy. For now only the policy value can be configured; +other options may be added in the future, such as the policy level. + +Example txt file for simple policy values: + +``` +{ + "Server": { + "Value": "http://my.server/api" + }, + "CloudSync": { + "Value": true + }, + + "Allowlist": { + "Value": [ "foo", "bar", "baz" ] + } +} +``` + +The following example txt file is equivalent to the bookmarks configurations +above: + +``` +{ + "Bookmarks Bar": { + "Value": [ + { + "title": "Chromium", + "url": "chromium.org" + }, + { + "title": "Videos", + "children": [ + { + "title": "YouTube", + "url": "youtube.com" + } + ] + } + ] +} +``` + +## Windows + +Policies for extensions should be written to the registry under +`HKLM\Software\Policies\Google\Chrome\3rdparty\extensions\gihmafigllmhbppdfjnfecimiohcljba\policy` +or under +`HKLM\Software\Policies\Chromium\3rdparty\extensions\gihmafigllmhbppdfjnfecimiohcljba\policy` +for Chromium. It's also possible to use HKCU instead of HKLM. The equivalent +path can be configured via GPO. + +Example reg file to configure bookmarks (TODO: this hasn't been verified yet): + +``` +Windows Registry Editor Version 5.00 +[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\3rdparty\extensions\gihmafigllmhbppdfjnfecimiohcljba\policy\Bookmarks Bar\1] +"title"="Chromium" +"url"="chromium.org" +[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\3rdparty\extensions\gihmafigllmhbppdfjnfecimiohcljba\policy\Bookmarks Bar\2] +"title"="Videos" +[HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\3rdparty\extensions\gihmafigllmhbppdfjnfecimiohcljba\policy\Bookmarks Bar\2\children\1] +"title"="YouTube" +"url"="youtube.com" +``` + +## Linux + +Policies for Chrome are configured via JSON files placed in +`/etc/opt/chrome/policies/managed/` (for Chrome) or +`/etc/chromium/policies/managed/` (for Chromium). These JSON files should contain +dictionaries that map a policy name to its value. The special 3rdparty key can +be used to configure policies for Chrome components. Under that key, the +extensions key is used to configure extensions, by mapping an extension's ID to +its policies. For example: + +``` +{ + "ShowHomeButton": true, + "3rdparty": { + "extensions": { + "gihmafigllmhbppdfjnfecimiohcljba": { + "Bookmarks Bar": [ + { + "title": "Chromium", + "url": "chromium.org" + }, + { + "title": "Videos", + "children": [ + { + "title": "YouTube", + "url": "youtube.com" + } + ] + } + ] + } +} +``` + +In this configuration, ShowHomeButton is one of the Chrome policies, and the +policies for the extension are listed under the gihmafigllmhbppdfjnfecimiohcljba +key. + +## Mac + +The policies for the extension can be configured via MCX preferences for the +`com.google.Chrome.extensions.gihmafigllmhbppdfjnfecimiohcljba` bundle, or for the +`org.chromium.Chromium.extensions.gihmafigllmhbppdfjnfecimiohcljba` bundle if +using Chromium. This can be done by creating a plist file with the configuration +and importing it using dscl: + +``` + + + + + com.google.Chrome.extensions.gihmafigllmhbppdfjnfecimiohcljba + + Bookmarks Bar + + state + always + value + + + title + Chromium + url + chromium.org + + + title + Videos + children + + + title + YouTube + url + youtube.com + + + + + + + + +``` + +The first key indicates the bundle ID that is to be configured. Note that each +policy maps first to its metadata, and its value is listed inside the value key. +The state key is used by the MCX preferences to determine how often this policy +should be enforced; setting it to always keeps this policy in place at all +times. This configuration can be imported with dscl using an administrator +account: + +``` +$ dscl -u admin_username /Local/Default -mcximport /Computers/local_computer configuration.plist +``` + +Substitute `admin_username` with a valid administrator username, and +`configuration.plist` with the path to the plist configuration listed above. If +dscl complains that the path is invalid then you can create a node for the local +computer with these commands: + +``` +$ GUID=\`uuidgen\` +$ ETHER=\`ifconfig en0 | awk '/ether/ {print $2}'\` +$ dscl -u admin_username /Local/Default -create /Computers/local_computer +$ dscl -u admin_username /Local/Default -create /Computers/local_computer RealName "Local Computer" +$ dscl -u admin_username /Local/Default -create /Computers/local_computer GeneratedUID $GUID +$ dscl -u admin_username /Local/Default -create /Computers/local_computer ENetAddress $ETHER +``` + +The preferences system can be told to propagate these changes immediately: + +``` +$ sudo mcxrefresh -n username +``` + +If `username` is running Chrome with the Managed Bookmarks extension then Chrome +will load this policy in the next 10 seconds. Pressing "Reload policies" in +**chrome://policy** loads them immediately. diff --git a/chromium/docs/website/site/administrators/diagnostic-mode/diagmode_wiki.png.sha1 b/chromium/docs/website/site/administrators/diagnostic-mode/diagmode_wiki.png.sha1 new file mode 100644 index 00000000000..573b655fca2 --- /dev/null +++ b/chromium/docs/website/site/administrators/diagnostic-mode/diagmode_wiki.png.sha1 @@ -0,0 +1 @@ +f82ca621e2e2ecbc2f8dd829939bee51047ba545 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/diagnostic-mode/index.md b/chromium/docs/website/site/administrators/diagnostic-mode/index.md new file mode 100644 index 00000000000..79524854bbc --- /dev/null +++ b/chromium/docs/website/site/administrators/diagnostic-mode/index.md @@ -0,0 +1,56 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: diagnostic-mode +title: Diagnostic Mode +--- + +Chromium (and Google Chrome) comes with a set of built-in diagnostic tests that +any user can run. These tests can help determine the root cause of the following +problems. + +* Chrome fails to start +* Chrome crashes quickly after started +* Chrome starts but any tab created crashes or fails to load +* Chrome is extremely slow + +**Work in Progress** : Diagnostic mode is currently only available in the +tip-of-tree version of Chromium for Windows and in the developer channel version +of Google Chrome for Windows. Furthermore, only a small set of diagnostic tests +currently run (more are planned in the future). + +Diagnostic mode is an environment that runs a set of tests before the browser +starts. These tests vary in sophistication, from trivial checks that critical +files exist, to more complex (and time consuming) tests that test the integrity +of the key databases. Each test can pass, fail or simply be skipped if the test +is not applicable. The output should be used as as a starting point for further, +more specific, investigation and troubleshooting. + +### Privacy + +Diagnostic mode does not automatically send any information to Google. It is up +to the user to copy the text output from running diagnostic mode that they +consider appropriate and helpful for others to see. Furthermore, care has been +taken to expose little to no personal information in the diagnostic output so +that users can feel comfortable sharing it with internet help groups. + +### How to run (windows only) + +1. Make sure no instances of chrome.exe are running. Check in the + Windows Task Manager for any zombie chrome.exe processes and end + them if necessary. +2. Open a command line session (cmd.exe) +3. Change directory (cd) to the directory of chrome.exe, for example,in + Vista, regular chrome install is in C:\\Users\\<user + name>\\AppData\\Local\\Google\\Chrome\\Application +4. Type chrome.exe --diagnostics \[enter\] + +A second console window will open and the tests will run automatically, and you +should see something like this: + +[image](/administrators/diagnostic-mode/diagmode_wiki.png) + +This shows a run where all tests passed. If a test fails it will be marked with +a **\[FAIL\]** entry. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/1.png.sha1 b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/1.png.sha1 new file mode 100644 index 00000000000..5e12c5c7f52 --- /dev/null +++ b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/1.png.sha1 @@ -0,0 +1 @@ +128a04f141e28426d62287c4d091b8590bb71617 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/2.png.sha1 b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/2.png.sha1 new file mode 100644 index 00000000000..4715c09685c --- /dev/null +++ b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/2.png.sha1 @@ -0,0 +1 @@ +c35c49140b4ca6423a48fba78f8a73a264d778f4 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/3.png.sha1 b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/3.png.sha1 new file mode 100644 index 00000000000..2e706fb342b --- /dev/null +++ b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/3.png.sha1 @@ -0,0 +1 @@ +ea8d773c01f8fae0881e6b28ca2530b0ed8d01a8 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/index.md b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/index.md new file mode 100644 index 00000000000..1c2129edfe9 --- /dev/null +++ b/chromium/docs/website/site/administrators/err_eset_anti_virus_ssl_interception/index.md @@ -0,0 +1,28 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: err_eset_anti_virus_ssl_interception +title: ESET Anti-Virus +--- + +Some home security / anti-virus software can interact badly with Chrome. If you +have been directed here you may need to configure your anti-virus software to +allow Chrome to access the Internet. + +**ESET Smart Security** + +Under \`Setup’ click \`Toggle Advanced mode’: + +[image](/administrators/err_eset_anti_virus_ssl_interception/1.png) + +Once in advanced mode, click \`Enter entire advanced setup tree’: + +[image](/administrators/err_eset_anti_virus_ssl_interception/2.png) + +Find \`SSL’ under \`Protocol filtering’ and select \`Do not scan SSL protocol’: + +[image](/administrators/err_eset_anti_virus_ssl_interception/3.png) \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/index.md b/chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/index.md new file mode 100644 index 00000000000..78c36371cdd --- /dev/null +++ b/chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/index.md @@ -0,0 +1,13 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: err_ssl_weak_server_ephemeral_dh_key +title: ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY +--- + +See + +image \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/redirect-dh.xml b/chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/redirect-dh.xml new file mode 100644 index 00000000000..67d282f6a30 --- /dev/null +++ b/chromium/docs/website/site/administrators/err_ssl_weak_server_ephemeral_dh_key/redirect-dh.xml @@ -0,0 +1,12 @@ + + + + + + + + + ]]> + + diff --git a/chromium/docs/website/site/administrators/frequently-asked-questions/index.md b/chromium/docs/website/site/administrators/frequently-asked-questions/index.md new file mode 100644 index 00000000000..3e9cf7a060d --- /dev/null +++ b/chromium/docs/website/site/administrators/frequently-asked-questions/index.md @@ -0,0 +1,230 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: frequently-asked-questions +title: Frequently Asked Questions +--- + +****What is Google Chrome?**** + +> **Google Chrome is a new, fast web browser from Google.** + +****Why should we use Google Chrome? What would it give my organization?**** + +> **Google Chrome offers a number of benefits, including security, speed, stability, and simplicity. Find out about all the features of Google Chrome [here](http://google.com/chrome).** + +**What is Google Chrome for Enterprise? Is it a different build than the Google +Chrome I install from google.com?** + +> Google Chrome for Enterprise is just Google Chrome. Every Google Chrome has +> the same features, so it's equivalent to the Google Chrome you can download +> from google.com. + +**What enterprise features does Chrome offer?** + +> Support for (group) policy and centralized configuration (list of supported +> policies [here](/administrators/policy-list-3)), a specialized MSI installer, +> and control over auto-update frequency. + +**Does Google Chrome support enterprise features on all platforms?** + +> Yes. + +**How do I install Google Chrome?** + +> You can download Google Chrome from . + +**Do you have an offline installer or an MSI?** + +> Yes. You can download the latest MSI +> [here](https://enterprise.google.com/chrome/chrome-browser/). + +**Can I roll back Google Chrome to a previous version?** + +> No - rollback is not supported. + +> To get to a previous version (which would not be supported by Google), you +> would need to uninstall your current version, delete every user's saved +> profile data, and re-install the older version. Users' personal profile data +> is kept in: + +> On Windows XP: C:\\Documents and Settings\\<user>\\Local +> Settings\\Application Data\\Google\\Chrome\\User Data + +> On Windows Vista / 7: +> C:\\Users\\<user>\\AppData\\Local\\Google\\Chrome\\User Data + +> This means users will lose their bookmarks, history, etc., so use this method +> with extreme caution. + +**Are there older versions of the MSI available?** + +> No, we do not currently make older versions of the MSI available, as they are +> no longer supported. + +**How can I install per-system instead of per-user?** + +> The MSI will only install at system-level, which means all users on the +> machine will have access to the same instance / version of Google Chrome. + +**Does Google Chrome install over itself? What if users already have it +installed?** + +> Google Chrome does not install over itself. It first checks if it is already +> installed at the same elevation level. + +> However, if Google Chrome is already installed by the user at user-level, +> installing it system-level will remove the user-level installs and replace +> them with a system-level install. User/profile data would remain. + +**How do I control Google Chrome's settings?** + +> You can control and lock down user preferences through [Group Policy +> settings](/administrators/windows-quick-start) on Windows, [MCX configuration +> on Mac](/administrators/mac-quick-start), and [JSON files in special +> directories on Linux](/administrators/linux-quick-start). For Windows, it is +> recommended to use Group Policy vs. preferences files because only Group +> Policy can be enforced. + +**What settings does Google Chrome allow an administrator to configure?** + +> A list of supported policies is [here](/administrators/policy-list-3). + +**Does Google Chrome allow me to set mandatory preferences and recommended +preferences through policy?** + +> Yes. On Windows, you can set policies in HKEY_LOCAL_MACHINE and +> HKEY_CURRENT_USER, respectively. On Linux, set the policy files under +> /etc/opt/chrome/policies/managed and /etc/opt/chrome/policies/recommended, +> respectively. + +**Do you have group policy templates, or an example of a policy file?** + +> Yes. You can find group policy templates +> [here](/administrators/policy-templates). + +**Where can I get a policy template for Google Chrome for Mac?** + +> The template is bundled into the application package itself. + +**What if I need to pre-configure a setting that is not a supported policy?** + +> You can put some preferences into a file called "master_preferences" next to +> the Google Chrome executable, and those will be interpreted as part of the +> user's preferences. You can find out more about this technique +> [here](/administrators/configuring-other-preferences). + +**What if users have already installed Chrome themselves? Will those Chromes +respect policies I set?** + +> Yes. + +**How do I pre-install extensions?** + +> Information on pre-installing extensions is +> [here](/administrators/pre-installed-extensions). + +****How do I turn off auto-updates?**** + +> **Although it is not recommended, you can find out how to turn off +> auto-updates [here](/administrators/turning-off-auto-updates).** + +**How often does Google Chrome update? How many versions per year should one +expect?** + +> Google Chrome's stable channel updates often. You can see how many major and +> minor updates there were to the stable channel on +> + +**Where do I go to find out about Google Chrome updates? How do I know a new +update is coming?** + +> Follow the updates on . We suggest +> adding this as one of your regular RSS feeds. We post here every time there is +> a new release of any channel. + +**Does Google Chrome auto-update, even if the users on a machine do not have +administrative rights?** + +> Yes. + +**Where can I find release notes for each version?** + +> **** has high-level release notes +> and lists security fixes for each release. We suggest you follow this blog. + +**How can I get early warning and information about security updates?** + +> Subscribing to the blog at will +> give you information about security updates as soon as they are public; this +> is the right list to watch. + +**How many versions back do you support?** + +> We **only** support the most current stable channel release. Older releases +> are not supported. + +**How do I know what the most current version of Google Chrome is for Windows?** + +> We've created a utility at to list the +> current stable version on Windows. + +**How do I know what the most current version of Google Chrome is for other +platforms?** + +> As above, provides a list of current +> revisions. + +**Can I get phone or email support?** + +> Yes, if you are a Google Apps for Business customer. Call the same number, use +> the same email address, or file a ticket via your control panel the same way +> you do for any Google Apps issues. Click +> [here](http://support.google.com/enterprisehelp/bin/answer.py?hl=en&answer=138863) +> for information on how to access the Google Enterprise Support Portal. + +**What other support resources are available?** + +> Google Chrome has a full [help +> center](http://www.google.com/support/chrome/?hl=en-US), along with a [help +> forum](http://www.google.com/support/forum/p/Chrome?hl=en&utm_source=HC&utm_medium=leftnav&utm_campaign=chrome), +> and [public bug tracker](http://code.google.com/p/chromium/issues/list). + +**I found a bug in Chrome that I need fixed. Who should I contact and when can I +expect it fixed?** + +> [Please file a bug](http://code.google.com/p/chromium/issues/entry) in our +> public issue tracker. You may want to search for any other similar bugs to +> make sure the issue isn't already being resolved. + +> Unfortunately, we cannot give exact timing on when specific issues will be +> fixed. You can follow the public bug to see when changes are made, when it is +> marked as fixed and closed. + +> If you have support from Google via Google Apps subscription, please contact +> Google as you would for a Google Apps issue. + +**Google Chrome doesn't work with some of our internal applications. Will you +fix this?** + +> Most of these issues are not actually bugs in Google Chrome -- the +> applications themselves were written for a specific web browser, and do not +> handle other browsers properly. You may want to contact whoever administrates +> those applications and ask about browser compatibility, as Google Chrome +> cannot fix those issues. + +> Of course, if you do find issues that are true bugs in Google Chrome (pages +> crash, it shows web pages differently than Safari, etc.), then [please let us +> know](http://code.google.com/p/chromium/issues/entry) by filing a bug. + +**We want to deploy Google Chrome, but we have legacy applications that don't +work in it. What can we do?** + +> There are a couple of options in this scenario: + +> 1. Update the legacy application to work on modern browsers (if possible) + +> 2. Use Chrome's [legacy browser +> support](https://support.google.com/chrome/a/answer/3019558?hl=en) to enable +> loading legacy applications in a legacy browser. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/guide-for-chrome-os-saml-sso-smart-card-integration/index.md b/chromium/docs/website/site/administrators/guide-for-chrome-os-saml-sso-smart-card-integration/index.md new file mode 100644 index 00000000000..bb8f231ab30 --- /dev/null +++ b/chromium/docs/website/site/administrators/guide-for-chrome-os-saml-sso-smart-card-integration/index.md @@ -0,0 +1,95 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: guide-for-chrome-os-saml-sso-smart-card-integration +title: Guide for Chrome OS SAML SSO smart card integration +--- + +## Objective + +Document the requirements for third-party Identity Providers in order to +integrate with Chrome OS smart card based user login. + +## Background + +Starting from version 83, Chrome OS supports authenticating OS users using smart +cards (instead of passwords). A smart card is a physical device that can +securely store private keys and certificates, and, when inserted into a smart +card reader, can be used in order to perform private key operations and +authenticate the user. + +The Chrome OS smart card based user authentication is based on the SAML SSO +functionality. This means that the smart card based authentication has to be set +up by the administrator on the side of the third-party identity provider (IdP) +that is used in the given Chrome OS deployment. + +After the user successfully authenticated using a smart card at the IdP website +on Chrome OS Login Screen, the user profile associated with the certificate will +be created on the Chromebook. Subsequent logins of this user may then be handled +by Chrome OS in the “offline” mode, without reaching out to the IdP (note that +this can be customized using the +[SAMLOfflineSigninTimeLimit](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=SAMLOfflineSigninTimeLimit) +policy). + +Note that the smart card based authentication is NOT implemented for regular +Gaia users. + +## Overview + +Requirements for the Identity Provider in order to be compatible with Chrome OS +smart card based user authentication: + + The authentication should be performed using the standard TLS client + authentication. + Exactly one certificate from the smart card has to be used during the + authentication. + (Currently, only TLS 1.2 is supported; in the future, the support of TLS 1.3 + will be added into Chrome OS as well. + Note that using multiple client certificates during a single authentication + session is NOT supported.) + + The key on the smart card should be an RSA key. + The key size should be 2048 bits (recommended) or 1024 bits (NOT + recommended). + (I.e., the elliptic-curve cryptography is currently NOT supported.) + + The client certificate must allow signature operations using the + RSASSA-PKCS1-v1_5 signature scheme. + At least SHA-1 should be supported if the customer is going to use this on + Chromebooks equipped with the TPM 1.2 chips; it’s also recommended to + additionally support SHA-256/SHA-384/SHA-512. + (I.e., the certificates that only allow decryption are NOT supported, and + the RSA-PSS signature algorithm is NOT supported too.) + + The smart card should be a PIV or a CAC contact card; some other types of + cards are also supported. + (There are many various types of cards and card profiles; the best way of + checking for compatibility with Chrome OS is to try using the card on a + Chromebook for visiting a website inside a user session, using the CSSI + smart card middleware according to this Help Article: + [support.google.com/chrome/a/answer/7014689](https://support.google.com/chrome/a/answer/7014689).) + +Other notes: + + The user’s Chromebook must be managed (“enrolled”). + The Chrome OS administrator has to configure several special device-level + policies in order to enable the smart card support (the details of the admin + configuration will be described in a separate document). + + The certificate expiration or revocation are NOT automatically checked by + Chrome OS. Instead, the administrator should enforce the user to + periodically go through the online login process, allowing the IdP to + perform all necessary checks. + + When the certificate on the user’s smart card is changed, the users profile + on the Chromebook will have to be recreated, wiping out all their locally + cached data. + (That’s caused by the fact that the user’s profile is cryptographically + bound to the key that is stored on the card. However, in the future Chrome + OS will support re-binding the user’s profile to new keys, allowing to + update the smart card without losing locally cached data.) + + The set of supported smart card readers is documented on the page of the + CCID free software driver: + [ccid.apdu.fr/ccid/section.html](https://ccid.apdu.fr/ccid/section.html) \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/index.md b/chromium/docs/website/site/administrators/index.md new file mode 100644 index 00000000000..0694d0e3670 --- /dev/null +++ b/chromium/docs/website/site/administrators/index.md @@ -0,0 +1,59 @@ +--- +breadcrumbs: [] +page_name: administrators +title: Documentation for Administrators +--- + +This page describes the features and details of Chromium’s central management of +policies and preferences. + +Chromium supports methods of managing the browser's behavior centrally, through +group policy, MCX files, and external configuration files. This gives you, as an +administrator, a way to manage the installations of Chromium-based browsers in +your organization. + +These policies are strictly intended to be used to configure instances of Chrome +internal to your organization. Use of these policies outside of your +organization (for example, in a publicly distributed program) is considered +malware and will likely be labeled as malware by Google and anti-virus vendors. + +**Getting Started** + +* [Windows Quick Start](/administrators/windows-quick-start) +* [Mac Quick Start](/administrators/mac-quick-start) +* [Linux Quick Start](/administrators/linux-quick-start) +* [Turning off Auto-Updates](/administrators/turning-off-auto-updates) +* [Full list of supported + Policies](https://chromeenterprise.google/policies/) + +**Full Documentation** + +* [Common problems and + solutions](/administrators/common-problems-and-solutions) +* [Policy templates](/administrators/policy-templates) +* [Configuring other preferences that are not + policies](/administrators/configuring-other-preferences) +* [Configuring Apps and Extensions by + Policy](/administrators/configuring-policy-for-extensions) +* [Pre-installing + Extensions](/administrators/pre-installed-extensions) +* [Frequently Asked + Questions](/administrators/frequently-asked-questions) +* [Supported directory path + variables](/administrators/policy-list-3/user-data-directory-variables) +* [Known + Issues](http://code.google.com/p/chromium/issues/list?can=2&q=Feature%3DEnterprise) +* [iOS MDM Policy Format](/administrators/ios-mdm-policy-format) +* [Advanced Integration for SAML SSO on Chrome + Devices](/administrators/advanced-integration-for-saml-sso-on-chrome-devices) +* [Guide for Chrome OS SAML SSO smart card + integration](/administrators/guide-for-chrome-os-saml-sso-smart-card-integration) +* [Complex policies on + Windows](/administrators/complex-policies-on-windows) +* [Policies on + Webview](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/webview_policies.md) +* [Administrative Log Messages](/administrators/log-messages) + +You can view all of the Enterprise feature requests and bugs sorted by their +milestone on the [Chromium bug +tracker](http://code.google.com/p/chromium/issues/list?can=2&q=Cr%3DEnterprise&mode=grid&y=&x=Mstone&cells=tiles). \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/installation/index.md b/chromium/docs/website/site/administrators/installation/index.md new file mode 100644 index 00000000000..48d942cac3c --- /dev/null +++ b/chromium/docs/website/site/administrators/installation/index.md @@ -0,0 +1,16 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: installation +title: Google Chrome Installation +--- + +### Standard Meta-installer + +The standard Google Chrome meta-installer can be downloaded from +. + +### MSI + +The MSI can be downloaded from . \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/ios-mdm-policy-format/index.md b/chromium/docs/website/site/administrators/ios-mdm-policy-format/index.md new file mode 100644 index 00000000000..4be31d3fb52 --- /dev/null +++ b/chromium/docs/website/site/administrators/ios-mdm-policy-format/index.md @@ -0,0 +1,175 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: ios-mdm-policy-format +title: iOS MDM Policy Format +--- + +Policy Support on Chrome on iOS is being removed in Chrome 48 as part of +Chrome's move to WKWebView where supporting many of the policies was not +possible. + +Policies can be configured for Chrome on iOS via MDM starting with version 35. + +The iOS device must be enrolled for Mobile Device Management (MDM) with an MDM +vendor to enable this feature. This page documents the format of the managed app +configuration settings that Chrome expects, and is meant to help MDM vendors +integrate Chrome management into their solutions. + +This uses the managed app configuration API introduced in iOS 7, and only work +with device running iOS 7 or later. For an introduction to the API see session +301 from WWDC 2013, "Extending Your Apps for Enterprise and Education Use", at +. + +#### Keys loaded by Chrome + +The managed app configuration pushed to Chrome should be an NSDictionary, +encoded as a <dict> element in the Plist format. Chrome then looks for 2 +keys in this dictionary: + +* **ChromePolicy** is the main key to configure policies for Chrome. + This key must map to another NSDictionary, which then maps a Chrome + policy to its value. + +* **EncodedChromePolicy** is a fallback key which is loaded only if + ChromePolicy is not present. This key supports the same policies but + its value should be a single NSString (encoded as a <string> + on the wire), which contains a serialized Plist encoded in Base64. + +ChromePolicy is the recommended key to configure Chrome. EncodedChromePolicy may +be used by legacy products that are limited to String values. As of version 35 +Chrome doesn't load any other keys; new keys may be introduced in future +versions. + +#### Example ChromePolicy + +This example contains the full Plist that can be set down as the managed app +configuration for Chrome: + +` ` +`` +`` +` ` +` ChromePolicy` +` ` +` AutoFillEnabled` +` ` +` CookiesAllowedForUrls` +` ` +` http://www.example.com` +` [*.]example.edu` +` ` +` CookiesBlockedForUrls` +` ` +` http://www.example.com` +` [*.]example.edu` +` ` +` CookiesSessionOnlyForUrls` +` ` +` http://www.example.com` +` [*.]example.edu` +` ` +` DefaultCookiesSetting` +` 1` +` DefaultPopupsSetting` +` 1` +` DefaultSearchProviderEnabled` +` ` +` DefaultSearchProviderKeyword` +` mis` +` DefaultSearchProviderName` +` My Intranet Search` +` DefaultSearchProviderSearchURL` +` http://search.my.company/search?q={searchTerms}` +` ManagedBookmarks` +` ` +` ` +` name` +` Google` +` url` +` google.com` +` ` +` ` +` name` +` Youtube` +` url` +` youtube.com` +` ` +` ` +` PasswordManagerEnabled` +` ` +` PopupsAllowedForUrls` +` ` +` http://www.example.com` +` [*.]example.edu` +` ` +` PopupsBlockedForUrls` +` ` +` http://www.example.com` +` [*.]example.edu` +` ` +` ProxyBypassList` +` http://www.example1.com,http://www.example2.com,http://internalsite/` +` ProxyMode` +` direct` +` ProxyPacUrl` +` http://internal.site/example.pac` +` ProxyServer` +` 123.123.123.123:8080` +` SearchSuggestEnabled` +` ` +` TranslateEnabled` +` ` +` URLBlacklist` +` ` +` example.com` +` https://ssl.server.com` +` hosting.com/bad_path` +` http://server:8080/path` +` .exact.hostname.com` +` ` +` URLWhitelist` +` ` +` example.com` +` https://ssl.server.com` +` hosting.com/bad_path` +` http://server:8080/path` +` .exact.hostname.com` +` ` +` ` +` ` +`` + +#### Example EncodedChromePolicy + +This example contains an EncodedChromePolicy value that contains the same Plist +as above, after being encoded in Base64: + +` ` +`` +`` +` ` +` EncodedChromePolicy` +` PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSBwbGlzdCAgUFVCTElDICctLy9BcHBsZS8vRFREIFBMSVNUIDEuMC8vRU4nICAnaHR0cDovL3d3dy5hcHBsZS5jb20vRFREcy9Qcm9wZXJ0eUxpc3QtMS4wLmR0ZCc+PHBsaXN0IHZlcnNpb249IjEuMCI+PGRpY3Q+PGtleT5BdXRvRmlsbEVuYWJsZWQ8L2tleT48ZmFsc2UvPjxrZXk+Q29va2llc0FsbG93ZWRGb3JVcmxzPC9rZXk+PGFycmF5PjxzdHJpbmc+aHR0cDovL3d3dy5leGFtcGxlLmNvbTwvc3RyaW5nPjxzdHJpbmc+WyouXWV4YW1wbGUuZWR1PC9zdHJpbmc+PC9hcnJheT48a2V5PkNvb2tpZXNCbG9ja2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Db29raWVzU2Vzc2lvbk9ubHlGb3JVcmxzPC9rZXk+PGFycmF5PjxzdHJpbmc+aHR0cDovL3d3dy5leGFtcGxlLmNvbTwvc3RyaW5nPjxzdHJpbmc+WyouXWV4YW1wbGUuZWR1PC9zdHJpbmc+PC9hcnJheT48a2V5PkRlZmF1bHRDb29raWVzU2V0dGluZzwva2V5PjxpbnRlZ2VyPjE8L2ludGVnZXI+PGtleT5EZWZhdWx0UG9wdXBzU2V0dGluZzwva2V5PjxpbnRlZ2VyPjE8L2ludGVnZXI+PGtleT5EZWZhdWx0U2VhcmNoUHJvdmlkZXJFbmFibGVkPC9rZXk+PHRydWUvPjxrZXk+RGVmYXVsdFNlYXJjaFByb3ZpZGVyS2V5d29yZDwva2V5PjxzdHJpbmc+bWlzPC9zdHJpbmc+PGtleT5EZWZhdWx0U2VhcmNoUHJvdmlkZXJOYW1lPC9rZXk+PHN0cmluZz5NeSBJbnRyYW5ldCBTZWFyY2g8L3N0cmluZz48a2V5PkRlZmF1bHRTZWFyY2hQcm92aWRlclNlYXJjaFVSTDwva2V5PjxzdHJpbmc+aHR0cDovL3NlYXJjaC5teS5jb21wYW55L3NlYXJjaD9xPXtzZWFyY2hUZXJtc308L3N0cmluZz48a2V5Pk1hbmFnZWRCb29rbWFya3M8L2tleT48YXJyYXk+PGRpY3Q+PGtleT5uYW1lPC9rZXk+PHN0cmluZz5Hb29nbGU8L3N0cmluZz48a2V5PnVybDwva2V5PjxzdHJpbmc+Z29vZ2xlLmNvbTwvc3RyaW5nPjwvZGljdD48ZGljdD48a2V5Pm5hbWU8L2tleT48c3RyaW5nPllvdXR1YmU8L3N0cmluZz48a2V5PnVybDwva2V5PjxzdHJpbmc+eW91dHViZS5jb208L3N0cmluZz48L2RpY3Q+PC9hcnJheT48a2V5PlBhc3N3b3JkTWFuYWdlckVuYWJsZWQ8L2tleT48dHJ1ZS8+PGtleT5Qb3B1cHNBbGxvd2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Qb3B1cHNCbG9ja2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Qcm94eUJ5cGFzc0xpc3Q8L2tleT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZTEuY29tLGh0dHA6Ly93d3cuZXhhbXBsZTIuY29tLGh0dHA6Ly9pbnRlcm5hbHNpdGUvPC9zdHJpbmc+PGtleT5Qcm94eU1vZGU8L2tleT48c3RyaW5nPmRpcmVjdDwvc3RyaW5nPjxrZXk+UHJveHlQYWNVcmw8L2tleT48c3RyaW5nPmh0dHA6Ly9pbnRlcm5hbC5zaXRlL2V4YW1wbGUucGFjPC9zdHJpbmc+PGtleT5Qcm94eVNlcnZlcjwva2V5PjxzdHJpbmc+MTIzLjEyMy4xMjMuMTIzOjgwODA8L3N0cmluZz48a2V5PlNlYXJjaFN1Z2dlc3RFbmFibGVkPC9rZXk+PHRydWUvPjxrZXk+VHJhbnNsYXRlRW5hYmxlZDwva2V5Pjx0cnVlLz48a2V5PlVSTEJsYWNrbGlzdDwva2V5PjxhcnJheT48c3RyaW5nPmV4YW1wbGUuY29tPC9zdHJpbmc+PHN0cmluZz5odHRwczovL3NzbC5zZXJ2ZXIuY29tPC9zdHJpbmc+PHN0cmluZz5ob3N0aW5nLmNvbS9iYWRfcGF0aDwvc3RyaW5nPjxzdHJpbmc+aHR0cDovL3NlcnZlcjo4MDgwL3BhdGg8L3N0cmluZz48c3RyaW5nPi5leGFjdC5ob3N0bmFtZS5jb208L3N0cmluZz48L2FycmF5PjxrZXk+VVJMV2hpdGVsaXN0PC9rZXk+PGFycmF5PjxzdHJpbmc+ZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPmh0dHBzOi8vc3NsLnNlcnZlci5jb208L3N0cmluZz48c3RyaW5nPmhvc3RpbmcuY29tL2JhZF9wYXRoPC9zdHJpbmc+PHN0cmluZz5odHRwOi8vc2VydmVyOjgwODAvcGF0aDwvc3RyaW5nPjxzdHJpbmc+LmV4YWN0Lmhvc3RuYW1lLmNvbTwvc3RyaW5nPjwvYXJyYXk+PC9kaWN0PjwvcGxpc3Q+` +` ` +`` + +#### Verifying a Plist + +A .plist file can be verified with the plutil command on Mac OS X: + +# plutil -lint file.plist + +The EncodedChromePolicy value should decode correctly as Base64: + +# base64 < encoded.txt > decoded.plist + +# plutil -lint decoded.plist + +#### Policies supported by Chrome on iOS + +The page at indicates +which platforms are supported for each policy. It will list policies for iOS +once it's updated to version 35. Note that the examples above are exhaustive as +of version 35. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_chrome_policy.plist b/chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_chrome_policy.plist new file mode 100644 index 00000000000..4829a38b26e --- /dev/null +++ b/chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_chrome_policy.plist @@ -0,0 +1,98 @@ + + + + + + ChromePolicy + + AutoFillEnabled + + CookiesAllowedForUrls + + http://www.example.com + [*.]example.edu + + CookiesBlockedForUrls + + http://www.example.com + [*.]example.edu + + CookiesSessionOnlyForUrls + + http://www.example.com + [*.]example.edu + + DefaultCookiesSetting + 1 + DefaultPopupsSetting + 1 + DefaultSearchProviderEnabled + + DefaultSearchProviderKeyword + mis + DefaultSearchProviderName + My Intranet Search + DefaultSearchProviderSearchURL + http://search.my.company/search?q={searchTerms} + ManagedBookmarks + + + name + Google + url + google.com + + + name + Youtube + url + youtube.com + + + PasswordManagerEnabled + + PopupsAllowedForUrls + + http://www.example.com + [*.]example.edu + + PopupsBlockedForUrls + + http://www.example.com + [*.]example.edu + + ProxyBypassList + http://www.example1.com,http://www.example2.com,http://internalsite/ + ProxyMode + direct + ProxyPacUrl + http://internal.site/example.pac + ProxyServer + 123.123.123.123:8080 + SearchSuggestEnabled + + TranslateEnabled + + URLBlacklist + + example.com + https://ssl.server.com + hosting.com/bad_path + http://server:8080/path + .exact.hostname.com + + URLWhitelist + + example.com + https://ssl.server.com + hosting.com/bad_path + http://server:8080/path + .exact.hostname.com + + + + diff --git a/chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_encoded_chrome_policy.plist b/chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_encoded_chrome_policy.plist new file mode 100644 index 00000000000..27342efbac0 --- /dev/null +++ b/chromium/docs/website/site/administrators/ios-mdm-policy-format/ios_encoded_chrome_policy.plist @@ -0,0 +1,28 @@ + + + + + + EncodedChromePolicy + PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSBwbGlzdCAgUFVCTElDICctLy9BcHBsZS8vRFREIFBMSVNUIDEuMC8vRU4nICAnaHR0cDovL3d3dy5hcHBsZS5jb20vRFREcy9Qcm9wZXJ0eUxpc3QtMS4wLmR0ZCc+PHBsaXN0IHZlcnNpb249IjEuMCI+PGRpY3Q+PGtleT5BdXRvRmlsbEVuYWJsZWQ8L2tleT48ZmFsc2UvPjxrZXk+Q29va2llc0FsbG93ZWRGb3JVcmxzPC9rZXk+PGFycmF5PjxzdHJpbmc+aHR0cDovL3d3dy5leGFtcGxlLmNvbTwvc3RyaW5nPjxzdHJpbmc+WyouXWV4YW1wbGUuZWR1PC9zdHJpbmc+PC9hcnJheT48a2V5PkNvb2tpZXNCbG9ja2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Db29raWVzU2Vzc2lvbk9ubHlGb3JVcmxzPC9rZXk+PGFycmF5PjxzdHJpbmc+aHR0cDovL3d3dy5leGFtcGxlLmNvbTwvc3RyaW5nPjxzdHJpbmc+WyouXWV4YW1wbGUuZWR1PC9zdHJpbmc+PC9hcnJheT48a2V5PkRlZmF1bHRDb29raWVzU2V0dGluZzwva2V5PjxpbnRlZ2VyPjE8L2ludGVnZXI+PGtleT5EZWZhdWx0UG9wdXBzU2V0dGluZzwva2V5PjxpbnRlZ2VyPjE8L2ludGVnZXI+PGtleT5EZWZhdWx0U2VhcmNoUHJvdmlkZXJFbmFibGVkPC9rZXk+PHRydWUvPjxrZXk+RGVmYXVsdFNlYXJjaFByb3ZpZGVyS2V5d29yZDwva2V5PjxzdHJpbmc+bWlzPC9zdHJpbmc+PGtleT5EZWZhdWx0U2VhcmNoUHJvdmlkZXJOYW1lPC9rZXk+PHN0cmluZz5NeSBJbnRyYW5ldCBTZWFyY2g8L3N0cmluZz48a2V5PkRlZmF1bHRTZWFyY2hQcm92aWRlclNlYXJjaFVSTDwva2V5PjxzdHJpbmc+aHR0cDovL3NlYXJjaC5teS5jb21wYW55L3NlYXJjaD9xPXtzZWFyY2hUZXJtc308L3N0cmluZz48a2V5Pk1hbmFnZWRCb29rbWFya3M8L2tleT48YXJyYXk+PGRpY3Q+PGtleT5uYW1lPC9rZXk+PHN0cmluZz5Hb29nbGU8L3N0cmluZz48a2V5PnVybDwva2V5PjxzdHJpbmc+Z29vZ2xlLmNvbTwvc3RyaW5nPjwvZGljdD48ZGljdD48a2V5Pm5hbWU8L2tleT48c3RyaW5nPllvdXR1YmU8L3N0cmluZz48a2V5PnVybDwva2V5PjxzdHJpbmc+eW91dHViZS5jb208L3N0cmluZz48L2RpY3Q+PC9hcnJheT48a2V5PlBhc3N3b3JkTWFuYWdlckVuYWJsZWQ8L2tleT48dHJ1ZS8+PGtleT5Qb3B1cHNBbGxvd2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Qb3B1cHNCbG9ja2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Qcm94eUJ5cGFzc0xpc3Q8L2tleT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZTEuY29tLGh0dHA6Ly93d3cuZXhhbXBsZTIuY29tLGh0dHA6Ly9pbnRlcm5hbHNpdGUvPC9zdHJpbmc+PGtleT5Qcm94eU1vZGU8L2tleT48c3RyaW5nPmRpcmVjdDwvc3RyaW5nPjxrZXk+UHJveHlQYWNVcmw8L2tleT48c3RyaW5nPmh0dHA6Ly9pbnRlcm5hbC5zaXRlL2V4YW1wbGUucGFjPC9zdHJpbmc+PGtleT5Qcm94eVNlcnZlcjwva2V5PjxzdHJpbmc+MTIzLjEyMy4xMjMuMTIzOjgwODA8L3N0cmluZz48a2V5PlNlYXJjaFN1Z2dlc3RFbmFibGVkPC9rZXk+PHRydWUvPjxrZXk+VHJhbnNsYXRlRW5hYmxlZDwva2V5Pjx0cnVlLz48a2V5PlVSTEJsYWNrbGlzdDwva2V5PjxhcnJheT48c3RyaW5nPmV4YW1wbGUuY29tPC9zdHJpbmc+PHN0cmluZz5odHRwczovL3NzbC5zZXJ2ZXIuY29tPC9zdHJpbmc+PHN0cmluZz5ob3N0aW5nLmNvbS9iYWRfcGF0aDwvc3RyaW5nPjxzdHJpbmc+aHR0cDovL3NlcnZlcjo4MDgwL3BhdGg8L3N0cmluZz48c3RyaW5nPi5leGFjdC5ob3N0bmFtZS5jb208L3N0cmluZz48L2FycmF5PjxrZXk+VVJMV2hpdGVsaXN0PC9rZXk+PGFycmF5PjxzdHJpbmc+ZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPmh0dHBzOi8vc3NsLnNlcnZlci5jb208L3N0cmluZz48c3RyaW5nPmhvc3RpbmcuY29tL2JhZF9wYXRoPC9zdHJpbmc+PHN0cmluZz5odHRwOi8vc2VydmVyOjgwODAvcGF0aDwvc3RyaW5nPjxzdHJpbmc+LmV4YWN0Lmhvc3RuYW1lLmNvbTwvc3RyaW5nPjwvYXJyYXk+PC9kaWN0PjwvcGxpc3Q+ + + diff --git a/chromium/docs/website/site/administrators/linux-quick-start/index.md b/chromium/docs/website/site/administrators/linux-quick-start/index.md new file mode 100644 index 00000000000..2ffad250991 --- /dev/null +++ b/chromium/docs/website/site/administrators/linux-quick-start/index.md @@ -0,0 +1,105 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: linux-quick-start +title: Linux Quick Start +--- + +This page describes the steps to get a managed instance of Google Chrome or +Chromium up and running on Linux. + +**Download / Build the Browser** + +Depending on your network's requirements, you may either want to deploy Chromium +or Google Chrome. The differences are described +[here](http://code.google.com/p/chromium/wiki/ChromiumBrowserVsGoogleChrome). + +There are several different ways to get the browser: + +* If you want to deploy Google Chrome, download Google Chrome + [here](http://www.google.com/chrome/eula.html?platform=linux&hl=en&hl=en). +* If you want to deploy Chromium, your distro may have already + repackaged Chromium for you. See which distros have repackaged + Chromium + [here](http://code.google.com/p/chromium/wiki/LinuxChromiumPackages). +* If you want to deploy Chromium but you want to build it yourself, + follow the instructions on building Chromium + [here](http://code.google.com/p/chromium/wiki/LinuxBuildInstructions). + +At the end of this process, you should have Google Chrome or Chromium installed. +Verify that the version you are running is **later than 6.0.444.0**. + +**Set Up Policies** + +Policy configuration files live under **/etc/chromium** for Chromium, and under +**/etc/opt/chrome** for Google Chrome (note the lack of **opt** for Chromium). +There are two sets of policies kept in these directories: one set that is +required and mandated by an administrator, and one set that is recommended for +users but not required. These two sets live at: + +/etc/opt/chrome/policies/managed/ + +/etc/opt/chrome/policies/recommended/ + +Create these directories if they do not already exist: + +```none +>mkdir /etc/opt/chrome/policies +>mkdir /etc/opt/chrome/policies/managed +>mkdir /etc/opt/chrome/policies/recommended +``` + +Make sure that the files under /managed are not writable by non-admin users; +otherwise, they could just overwrite your policies to get the configuration they +want! + +```none +>chmod -w /etc/opt/chrome/policies/managed +``` + +To set policies that are required, create a file named "test_policy.json" in +/etc/opt/chrome/policies/managed/ + +```none +>touch /etc/opt/chrome/policies/managed/test_policy.json +``` + +In this file, put the following content: + +```none +{ + "HomepageLocation": "www.chromium.org" +} +``` + +That's it! The next time you start Google Chrome on that machine, the home page +will be locked to this value. + +To see what other policies you can control, review the [exhaustive list of all +manageable policies](/administrators/policy-list-3). + +You can spread your policies over multiple JSON files. Chrome will read and +apply them all. However, you should not be setting the **same** policy in more +than one file. If you do, it is **undefined** which of the values you specified +prevails. + +**Make sure that policy JSON files under ../managed/ are not writable by just +anyone! Google Chrome / Chromium gives these files higher priority, so they +should only be writable by an administrator or root!** + +**Push out the Policies and Browser** + +Using whatever mechanism you use to push files to clients, whether it be a +utility or just a script file, push the "test_policy.json" file out to the +target machines in your network. Make sure that this file exists at +/etc/opt/chrome/policies/managed/ on all the target machines. You could do this +simply by scp'ing the files to the target: + +```none +>scp /etc/opt/chrome/policies adminusername@targetmachine:/etc/opt/chrome +``` + +Similarly, use whatever file-pushing utility or script to push out Google Chrome +/ Chromium. Whenever a user on those target machines runs Google Chrome / +Chromium, it will obey the policy files you copied onto those machines. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/log-messages/index.md b/chromium/docs/website/site/administrators/log-messages/index.md new file mode 100644 index 00000000000..cafb3239d94 --- /dev/null +++ b/chromium/docs/website/site/administrators/log-messages/index.md @@ -0,0 +1,52 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: log-messages +title: Administrative Log Messages +--- + +When Chrome encounters events that may be important to system administrators, it +adds entries to a system log file that administrators can access and monitor. +For example, these may include informational messages about enterprise policies +or warnings about security events. + +These events are logged to the Windows Event Log on Windows, or to the messages +log file on POSIX systems. In Chrome's code, the SYSLOG macro is used to +generate the logs, and the code around the uses of the [SYSLOG +macro](https://cs.chromium.org/chromium/src/base/syslog_logging.h) can often +give some context to the meaning of the message. + +More information about Chrome's debug logs can be found +[here](https://support.google.com/chrome/a/answer/6271282?hl=en). + +## Site Isolation SYSLOGs + +One category of administrative log messages has been added in Chrome 68 to track +violations of [Site Isolation](/Home/chromium-security/site-isolation) security +restrictions. These messages may indicate that a renderer process has been +compromised and is trying to access cross-site data that would otherwise be +off-limits, such as cookies, passwords, or localStorage. The messages occur when +Chrome has decided to kill a misbehaving renderer process in one of these +situations. (Keep in mind that there may be some false positives in the log if a +bug in Chrome causes a renderer process to send the wrong IPCs.) + +The current log messages include: + +* Cookies: + * Killing renderer: illegal cookie write. Reason: N + * Killing renderer: illegal cookie read. Reason: N +* Passwords: + * Killing renderer: illegal password access from about: or data: + URL. Reason: N + * Killing renderer: illegal password access. Reason: N +* localStorage: + * Killing renderer: illegal localStorage request. + +Most of these messages include a reason code, which corresponds to an enum value +in +[content/browser/bad_message.h](https://cs.chromium.org/chromium/src/content/browser/bad_message.h) +(or, in the case of passwords, in +[components/password_manager/content/browser/bad_message.h](https://cs.chromium.org/chromium/src/components/password_manager/content/browser/bad_message.h)). +These enum values can point administrators to the relevant part of Chrome's code +to understand more about what happened during the event. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/mac-quick-start/index.md b/chromium/docs/website/site/administrators/mac-quick-start/index.md new file mode 100644 index 00000000000..800293406d4 --- /dev/null +++ b/chromium/docs/website/site/administrators/mac-quick-start/index.md @@ -0,0 +1,68 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: mac-quick-start +title: Mac Quick Start +--- + +This page describes how to get started with managing Google Chrome on a Mac +network using Apple’s Profile Manager. These instructions are only an example to +help you get started. You can use any system management software you choose, but +specific steps may vary. + +Note: These steps focus only on pushing out a plist configuration file for the +Chrome Browser. Your Mac network must be set up and in a managed state. This +guide does not cover how to setup macOS Server or Profile Manager to manage your +Mac devices. + +1. Log into Profile Manager on the server machine from a web browser +2. Navigate to **Devices** > **Settings**, choose the device group + for which to define Chrome policies. +3. Click **Edit**. +4. Go to **Custom Settings** and add a Preference Domain with domain + '*com.google.Chrome'* +5. Upload a pre-configured plist file or manually add items by key and + value. A full list and description of policies can be found at + . +6. Click **Ok** and payload will be created and synced to the selected + devices. + +**Debugging** + +If you have trouble, it usually pays off to examine whether the settings are +correctly stored and read by Chrome. First of all, navigate to about:policy in +Chrome. It lists any policy settings that Chrome has picked up. If your settings +show up, good. If not, you can dig deeper and check whether macOS actually put +them into place correctly. Mandatory policy is stored in /Library/Managed +Preferences/<username>/com.google.Chrome.plist while recommended policy is +stored in /Library/Preferences/com.google.Chrome.plist. The plutil command can +be used from a terminal to convert it to XML format: + +* # sudo -s +* # cd /Library/Managed Preferences/<username> +* # plutil -convert xml1 com.google.Chrome.plist +* # cat com.google.Chrome.plist + +For debugging, this file is in a place where it can be edited manually. Chrome +will pick up the updated preferences automatically. Note that this is not +recommended for making persistent changes to policy, since macOS will rewrite +the file with settings configured through Workgroup Manager. + +Chrome on macOS does not show unknown policies on the chrome://policy page. If +you don't find a policy you have set there check if the name is spelled +correctly and if the policy is actually supported on the macOS platform. + +**Notes for Chromium** + +Chromium can be managed in a similar way, with a few differences: + +* The Chromium application must be managed, instead of Google Chrome +* Chromium is identified as "org.chromium.Chromium" +* The plist file is in the same place but is named + "org.chromium.Chromium.plist" + +**Unknown issues** + +Please file a bug report at and select the "Enterprise +Issue" template. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/policy-list-3/atomic_groups/index.md b/chromium/docs/website/site/administrators/policy-list-3/atomic_groups/index.md new file mode 100644 index 00000000000..590c409acb5 --- /dev/null +++ b/chromium/docs/website/site/administrators/policy-list-3/atomic_groups/index.md @@ -0,0 +1,875 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +- - /administrators/policy-list-3 + - Policy List +page_name: atomic_groups +title: Atomic Policy Groups +--- + +Both Chromium and Google Chrome have some groups of policies that depend on each +other to provide control over a feature. These sets are represented by the +following policy groups. Given that policies can have multiple sources, only +values coming from the highest priority source will be applied. Values coming +from a lower priority source in the same group will be ignored. The order of +priority is defined in . + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Policy NameDescription
ActiveDirectoryManagementMicrosoft® Active Directory® management settings
DeviceMachinePasswordChangeRateMachine password change rate
DeviceUserPolicyLoopbackProcessingModeUser policy loopback processing mode
DeviceKerberosEncryptionTypesAllowed Kerberos encryption types
DeviceGpoCacheLifetimeGPO cache lifetime
DeviceAuthDataCacheLifetimeAuthentication data cache lifetime
AttestationAttestation
AttestationEnabledForDeviceEnable remote attestation for the device
AttestationEnabledForUserEnable remote attestation for the user
AttestationExtensionWhitelistExtensions allowed to to use the remote attestation API
AttestationForContentProtectionEnabledEnable the use of remote attestation for content protection for the device
BrowserSwitcherLegacy Browser Support
AlternativeBrowserPathAlternative browser to launch for configured websites.
AlternativeBrowserParametersCommand-line parameters for the alternative browser.
BrowserSwitcherChromePathPath to Chrome for switching from the alternative browser.
BrowserSwitcherChromeParametersCommand-line parameters for switching from the alternative browser.
BrowserSwitcherDelayDelay before launching alternative browser (milliseconds)
BrowserSwitcherEnabledEnable the Legacy Browser Support feature.
BrowserSwitcherExternalSitelistUrlURL of an XML file that contains URLs to load in an alternative browser.
BrowserSwitcherExternalGreylistUrlURL of an XML file that contains URLs that should never trigger a browser switch.
BrowserSwitcherKeepLastChromeTabKeep last tab open in Chrome.
BrowserSwitcherUrlListWebsites to open in alternative browser
BrowserSwitcherUrlGreylistWebsites that should never trigger a browser switch.
BrowserSwitcherUseIeSitelistUse Internet Explorer's SiteList policy for Legacy Browser Support.
ChromeReportingExtensionChrome Reporting Extension
ReportVersionDataReport OS and Chromium Version Information
ReportPolicyDataReport Chromium Policy Information
ReportMachineIDDataReport Machine Identification information
ReportUserIDDataReport User Identification information
ReportExtensionsAndPluginsDataReport Extensions and Plugins information
ReportSafeBrowsingDataReport Safe Browsing information
CloudReportingEnabledEnables Chromium cloud reporting
ContentPackContent pack
ContentPackDefaultFilteringBehaviorDefault behavior for sites not in any content pack
ContentPackManualBehaviorHostsManaged user manual exception hosts
ContentPackManualBehaviorURLsManaged user manual exception URLs
CookiesSettingsCookies settings
DefaultCookiesSettingDefault cookies setting
CookiesAllowedForUrlsAllow cookies on these sites
CookiesBlockedForUrlsBlock cookies on these sites
CookiesSessionOnlyForUrlsLimit cookies from matching URLs to the current session
DateAndTimeDate and time
SystemTimezoneTimezone
SystemTimezoneAutomaticDetectionConfigure the automatic timezone detection method
DefaultSearchProviderDefault search provider
DefaultSearchProviderEnabledEnable the default search provider
DefaultSearchProviderNameDefault search provider name
DefaultSearchProviderKeywordDefault search provider keyword
DefaultSearchProviderSearchURLDefault search provider search URL
DefaultSearchProviderSuggestURLDefault search provider suggest URL
DefaultSearchProviderInstantURLDefault search provider instant URL
DefaultSearchProviderIconURLDefault search provider icon
DefaultSearchProviderEncodingsDefault search provider encodings
DefaultSearchProviderAlternateURLsList of alternate URLs for the default search provider
DefaultSearchProviderSearchTermsReplacementKeyParameter controlling search term placement for the default search provider
DefaultSearchProviderImageURLParameter providing search-by-image feature for the default search provider
DefaultSearchProviderNewTabURLDefault search provider new tab page URL
DefaultSearchProviderSearchURLPostParamsParameters for search URL which uses POST
DefaultSearchProviderSuggestURLPostParamsParameters for suggest URL which uses POST
DefaultSearchProviderInstantURLPostParamsParameters for instant URL which uses POST
DefaultSearchProviderImageURLPostParamsParameters for image URL which uses POST
DisplayDisplay
DeviceDisplayResolutionSet display resolution and scale factor
DisplayRotationDefaultSet default display rotation, reapplied on every reboot
DriveDrive
DriveDisabledDisable Drive in the Chromium OS Files app
DriveDisabledOverCellularDisable Google Drive over cellular connections in the Chromium OS Files app
ExtensionsExtensions
ExtensionInstallBlacklistConfigure extension installation blacklist
ExtensionInstallWhitelistConfigure extension installation whitelist
ExtensionInstallForcelistConfigure the list of force-installed apps and extensions
ExtensionInstallSourcesConfigure extension, app, and user script install sources
ExtensionAllowedTypesConfigure allowed app/extension types
ExtensionAllowInsecureUpdatesAllow insecure algorithms in integrity checks on extension updates and installs
ExtensionSettingsExtension management settings
GoogleCastGoogle Cast
CastReceiverEnabledEnable casting content to the device
CastReceiverNameName of the Google Cast destination
HomepageHomepage
HomepageLocationConfigure the home page URL
HomepageIsNewTabPageUse New Tab Page as homepage
NewTabPageLocationConfigure the New Tab page URL
ShowHomeButtonShow Home button on toolbar
ImageSettingsImage settings
DefaultImagesSettingDefault images setting
ImagesAllowedForUrlsAllow images on these sites
ImagesBlockedForUrlsBlock images on these sites
JavascriptSettingsJavascript settings
DefaultJavaScriptSettingDefault JavaScript setting
JavaScriptAllowedForUrlsAllow JavaScript on these sites
JavaScriptBlockedForUrlsBlock JavaScript on these sites
KeygenSettingsKeygen settings
DefaultKeygenSettingDefault key generation setting
KeygenAllowedForUrlsAllow key generation on these sites
KeygenBlockedForUrlsBlock key generation on these sites
KioskKiosk settings
DeviceLocalAccountsDevice-local accounts
DeviceLocalAccountAutoLoginIdDevice-local account for auto-login
DeviceLocalAccountAutoLoginDelayDevice-local account auto-login timer
DeviceLocalAccountAutoLoginBailoutEnabledEnable bailout keyboard shortcut for auto-login
DeviceLocalAccountPromptForNetworkWhenOfflineEnable network configuration prompt when offline
LoginScreenOriginsLogin and screen origins
DeviceLoginScreenIsolateOriginsEnable Site Isolation for specified origins
DeviceLoginScreenSitePerProcessEnable Site Isolation for every site
NativeMessagingNative messaging
NativeMessagingBlacklistConfigure native messaging blacklist
NativeMessagingWhitelistConfigure native messaging whitelist
NativeMessagingUserLevelHostsAllow user-level Native Messaging hosts (installed without admin permissions)
NetworkFileSharesNetwork File Shares settings
NetworkFileSharesAllowedContorls Network File Shares for ChromeOS availability
NetBiosShareDiscoveryEnabledControls Network File Share discovery via NetBIOS
NTLMShareAuthenticationEnabledControls enabling NTLM as an authentication protocol for SMB mounts
NetworkFileSharesPreconfiguredSharesList of preconfigured network file shares.
NotificationsSettingsNotification settings
DefaultNotificationsSettingDefault notification setting
NotificationsAllowedForUrlsAllow notifications on these sites
NotificationsBlockedForUrlsBlock notifications on these sites
PasswordManagerPassword manager
PasswordManagerEnabledEnable saving passwords to the password manager
PasswordManagerAllowShowPasswordsAllow users to show passwords in Password Manager (deprecated)
PasswordProtectionPassword protection
PasswordProtectionWarningTriggerPassword protection warning trigger
PasswordProtectionLoginURLsConfigure the list of enterprise login URLs where password protection service should capture fingerprint of password.
PasswordProtectionChangePasswordURLConfigure the change password URL.
PinUnlockPin unlock
PinUnlockMinimumLengthSet the minimum length of the lock screen PIN
PinUnlockMaximumLengthSet the maximum length of the lock screen PIN
PinUnlockWeakPinsAllowedEnable users to set weak PINs for the lock screen PIN
PluginVmPluginVm
PluginVmAllowedAllow devices to use a PluginVm on Chromium OS
PluginVmLicenseKeyPluginVm license key
PluginVmImagePluginVm image
PluginsSettingsPlugins settings
DefaultPluginsSettingDefault Flash setting
PluginsAllowedForUrlsAllow the Flash plugin on these sites
PluginsBlockedForUrlsBlock the Flash plugin on these sites
PopupsSettingsPopups settings
DefaultPopupsSettingDefault popups setting
PopupsAllowedForUrlsAllow popups on these sites
PopupsBlockedForUrlsBlock popups on these sites
ProxyProxy
ProxyModeChoose how to specify proxy server settings
ProxyServerModeChoose how to specify proxy server settings
ProxyServerAddress or URL of proxy server
ProxyPacUrlURL to a proxy .pac file
ProxyBypassListProxy bypass rules
ProxySettingsProxy settings
QuickUnlockQuick unlock
QuickUnlockModeWhitelistConfigure allowed quick unlock modes
QuickUnlockTimeoutSet how often user has to enter password to use quick unlock
RemoteAccessRemote access
RemoteAccessClientFirewallTraversalEnable firewall traversal from remote access client
RemoteAccessHostClientDomainConfigure the required domain name for remote access clients
RemoteAccessHostClientDomainListConfigure the required domain names for remote access clients
RemoteAccessHostFirewallTraversalEnable firewall traversal from remote access host
RemoteAccessHostDomainConfigure the required domain name for remote access hosts
RemoteAccessHostDomainListConfigure the required domain names for remote access hosts
RemoteAccessHostRequireTwoFactorEnable two-factor authentication for remote access hosts
RemoteAccessHostTalkGadgetPrefixConfigure the TalkGadget prefix for remote access hosts
RemoteAccessHostRequireCurtainEnable curtaining of remote access hosts
RemoteAccessHostAllowClientPairingEnable or disable PIN-less authentication for remote access hosts
RemoteAccessHostAllowGnubbyAuthAllow gnubby authentication for remote access hosts
RemoteAccessHostAllowRelayedConnectionEnable the use of relay servers by the remote access host
RemoteAccessHostUdpPortRangeRestrict the UDP port range used by the remote access host
RemoteAccessHostMatchUsernameRequire that the name of the local user and the remote access host owner match
RemoteAccessHostTokenUrlURL where remote access clients should obtain their authentication token
RemoteAccessHostTokenValidationUrlURL for validating remote access client authentication token
RemoteAccessHostTokenValidationCertificateIssuerClient certificate for connecting to RemoteAccessHostTokenValidationUrl
RemoteAccessHostDebugOverridePoliciesPolicy overrides for Debug builds of the remote access host
RemoteAccessHostAllowUiAccessForRemoteAssistanceAllow remote users to interact with elevated windows in remote assistance sessions
RemoteAccessHostAllowFileTransferAllow remote access users to transfer files to/from the host
RestoreOnStartupAction on startup
RestoreOnStartupAction on startup
RestoreOnStartupURLsURLs to open on startup
SAMLSAML
DeviceSamlLoginAuthenticationTypeSAML login authentication type
DeviceTransferSAMLCookiesTransfer SAML IdP cookies during login
SafeBrowsingSafe Browsing settings
SafeBrowsingEnabledEnable Safe Browsing
SafeBrowsingExtendedReportingEnabledEnable Safe Browsing Extended Reporting
SafeBrowsingExtendedReportingOptInAllowedAllow users to opt in to Safe Browsing extended reporting
SafeBrowsingWhitelistDomainsConfigure the list of domains on which Safe Browsing will not trigger warnings.
SupervisedUsersSupervised users
SupervisedUsersEnabledEnable supervised users
SupervisedUserCreationEnabledEnable creation of supervised users
SupervisedUserContentProviderEnabledEnable the supervised user content provider
UserAndDeviceReportingUser and device reporting
ReportDeviceVersionInfoReport OS and firmware version
ReportDeviceBootModeReport device boot mode
ReportDeviceUsersReport device users
ReportDeviceActivityTimesReport device activity times
ReportDeviceLocationReport device location
ReportDeviceNetworkInterfacesReport device network interfaces
ReportDeviceHardwareStatusReport hardware status
ReportDeviceSessionStatusReport information about active kiosk sessions
ReportDeviceBoardStatusReport board status
ReportDevicePowerStatusReport power status
ReportDeviceStorageStatusReport storage status
ReportUploadFrequencyFrequency of device status report uploads
ReportArcStatusEnabledReport information about status of Android
HeartbeatEnabledSend network packets to the management server to monitor online status
HeartbeatFrequencyFrequency of monitoring network packets
LogUploadEnabledSend system logs to the management server
DeviceMetricsReportingEnabledEnable metrics reporting
WebUsbSettingsWeb USB settings
DefaultWebUsbGuardSettingControl use of the WebUSB API
DeviceWebUsbAllowDevicesForUrlsAutomatically grant permission to these sites to connect to USB devices with the given vendor and product IDs.
WebUsbAllowDevicesForUrlsAutomatically grant permission to these sites to connect to USB devices with the given vendor and product IDs.
WebUsbAskForUrlsAllow WebUSB on these sites
WebUsbBlockedForUrlsBlock WebUSB on these sites
WiFiWiFi
DeviceWiFiFastTransitionEnabledEnable 802.11r Fast Transition
DeviceWiFiAllowedEnable WiFi
\ No newline at end of file diff --git a/chromium/docs/website/site/administrators/policy-list-3/cookie-legacy-samesite-policies/index.md b/chromium/docs/website/site/administrators/policy-list-3/cookie-legacy-samesite-policies/index.md new file mode 100644 index 00000000000..307fb6d0b7d --- /dev/null +++ b/chromium/docs/website/site/administrators/policy-list-3/cookie-legacy-samesite-policies/index.md @@ -0,0 +1,142 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +- - /administrators/policy-list-3 + - Policy List +page_name: cookie-legacy-samesite-policies +title: Cookie Legacy SameSite Policies +--- + +**NOTE: These policies are available as of Chrome 79.** + +**(May 6, 2021) LegacySameSiteCookieBehaviorEnabledForDomainList will be +available until at least Dec 31, 2022. As previously announced, +LegacySameSiteCookieBehaviorEnabled will be available until at least Aug 31, +2021. We will be monitoring feedback about these policies and will provide +updates on their lifetime as appropriate.** + +~~**(Nov 6, 2020) LegacySameSiteCookieBehaviorEnabled will be available until at +least Aug 31, 2021. LegacySameSiteCookieBehaviorEnabledForDomainList will be +available until at least Mar 8, 2022. We will be monitoring feedback about these +policies and will provide updates on their lifetime as appropriate.**~~ + +~~**(May 29, 2020) These policies will be available until at least July 14, +2021. We will be monitoring feedback about these policies and will provide +updates on their lifetime as appropriate.**~~ + +~~**(Feb 10, 2020) These policies will be available for at least 12 months after +the release of Chrome 80 stable. We will be monitoring feedback about these +policies and will provide updates on their lifetime as appropriate.**~~ + +The policies +[LegacySameSiteCookieBehaviorEnabled](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=LegacySameSiteCookieBehaviorEnabled) +and +[LegacySameSiteCookieBehaviorEnabledForDomainList](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=LegacySameSiteCookieBehaviorEnabledForDomainList) +allow you to revert the SameSite behavior of cookies (possibly on specific +domains) to legacy behavior. + +All cookies that match a domain pattern listed in +LegacySameSiteCookieBehaviorEnabledForDomainList (see below) will be reverted to +legacy behavior. For cookies that do not match a domain pattern listed in +LegacySameSiteCookieBehaviorEnabledForDomainList, or for all cookies if +LegacySameSiteCookieBehaviorEnabledForDomainList is not set, the global default +setting will be used. If LegacySameSiteCookieBehaviorEnabled is set, legacy +behavior will be enabled for all cookies as a global default. If +LegacySameSiteCookieBehaviorEnabled is not set, the user's personal +configuration will determine the global default setting. + +**The SameSite attribute** + +The SameSite attribute of a cookie specifies whether the cookie should be +restricted to a first-party or same-site context. Several values of SameSite are +allowed: + +* A cookie with "SameSite=Strict" will only be sent with a same-site + request. +* A cookie with "SameSite=Lax" will be sent with a same-site request, + or a cross-site top-level navigation with a "safe" HTTP method. +* A cookie with "SameSite=None" will be sent with both same-site and + cross-site requests. + +See + +for the definition of the SameSite attribute. See + for a more detailed explanation of +the SameSite attribute with examples. + +Schemeful Same-Site + +Schemeful Same-Site is a modification of the definition of a “site” to include +both the scheme and the registrable domain. This means that, with Schemeful +Same-Site, and are now considered +cross-site whereas previously they would be considered same-site. + +This feature is still being prototyped and has a tentative M88 launch. See +[Chrome Platform Status +page](https://www.chromestatus.com/feature/5096179480133632). + +See the [Schemeful Same-Site +explainer](https://github.com/sbingler/schemeful-same-site) for more details and +examples. + +See + +for the spec. + +**Legacy SameSite behavior** + +As of Chrome 80 (see [launch timeline](/updates/same-site)), a cookie that does +not explicitly specify a SameSite attribute will be treated as if it were +"SameSite=Lax". In addition, any cookie that specifies "SameSite=None" must also +have the Secure attribute. (See + +for the definition of the Secure attribute.) + +Reverting to the legacy SameSite behavior causes cookies to be handled like they +were prior to May 2019 (when the new SameSite behavior described above first +became available). Under legacy behavior, cookies that don't explicitly specify +a SameSite attribute are treated as if they were "SameSite=None", i.e., they +will be sent with both same-site and cross-site requests. In addition, reverting +to the legacy behavior removes the requirement that "SameSite=None" cookies must +also specify the Secure attribute. As of Chrome 86 reverting to legacy behavior +will also disable Schemeful Same-Site. + +**Configuring LegacySameSiteCookieBehaviorEnabledForDomainList** + +In this policy setting, you can list specific domains for which legacy SameSite +behavior will be used. For cookies you want to revert to legacy SameSite +behavior, list the domain/host on which the cookies are set, NOT the +domains/hosts from which cross-site requests are made. + +The domain of a cookie specifies those hosts to which the cookie will be sent. +If the Domain attribute of the cookie is specified, then the cookie will be sent +to hosts for which the specified Domain attribute is a suffix of the hostname, +and reversion to legacy SameSite behavior will be triggered only if the value of +the specified Domain attribute matches any of the patterns listed in this policy +setting. If the Domain attribute of the cookie is not specified, then the cookie +will only be sent to the origin server which set the cookie, and reversion to +legacy SameSite behavior will be triggered only if the hostname of the origin +server matches any of the patterns listed in this policy setting. See + +for the definition of the Domain attribute. + +*Example 1*: If the Domain attribute of the cookie is set to +"Domain=example.com", the cookie will be sent when making HTTP requests to +example.com, www.example.com, or www.corp.example.com. To revert to legacy +behavior for such a cookie, use the pattern '\[\*.\]example.com' or +'example.com'. The value of the Domain attribute (example.com) will match either +of these patterns. Even though the cookie would be sent to www.example.com, the +pattern 'www.example.com' will NOT match such a cookie, because the Domain +attribute value (example.com) does not match the pattern 'www.example.com'. + +*Example 2*: If the Domain attribute of a cookie set by www.example.com is not +specified, the cookie will be sent only when making HTTP requests to +www.example.com. The cookie will not be sent when making HTTP requests to +example.com or sub.www.example.com. To revert to legacy behavior for such a +cookie, use the pattern 'www.example.com' or '\[\*.\]example.com'. The origin +server's hostname (www.example.com) will match either of these patterns. + +Note that patterns you list here are treated as domains, not URLs, so you should +not specify a scheme or port. Specifying a scheme or port may result in +undefined behavior. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/policy-list-3/deprecated-policies/index.md b/chromium/docs/website/site/administrators/policy-list-3/deprecated-policies/index.md new file mode 100644 index 00000000000..6b7eff8e253 --- /dev/null +++ b/chromium/docs/website/site/administrators/policy-list-3/deprecated-policies/index.md @@ -0,0 +1,1046 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +- - /administrators/policy-list-3 + - Policy List +page_name: deprecated-policies +title: Deprecated Policies +--- + +### DefaultMediaStreamSetting (deprecated) + +Default mediastream settingData type:Integer \[Windows:REG_DWORD\]Windows +registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\DefaultMediaStreamSettingWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\DefaultMediaStreamSettingMac/Linux +preference name:DefaultMediaStreamSettingSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 22 +* Google Chrome OS (Google Chrome OS) since version 22 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +Allows you to set whether websites are allowed to get access to media capture +devices. Access to media capture devices can be allowed by default, or the user +can be asked every time a website wants to get access to media capture devices. + +If this policy is left not set, 'PromptOnAccess' will be used and the user will +be able to change it. + +* 2 = Do not allow any site to access the camera and microphone +* 3 = Ask every time a site wants to access the camera and/or + microphone + +Example value:0x00000002 (Windows), 2 (Linux), 2 (Mac)[Back to top](#top) + +### ScreenDimDelayAC (deprecated) + +Screen dim delay when running on AC powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ScreenDimDelayACSupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the screen is dimmed +when running on AC power. + +When this policy is set to a value greater than zero, it specifies the length of +time that the user must remain idle before Google Chrome OS dims the screen. + +When this policy is set to zero, Google Chrome OS does not dim the screen when +the user becomes idle. + +When this policy is unset, a default length of time is used. + +The policy value should be specified in milliseconds. Values are clamped to be +less than or equal the screen off delay (if set) and the idle delay. + +Example value:0x000668a0 (Windows)[Back to top](#top) + +### ScreenOffDelayAC (deprecated) + +Screen off delay when running on AC powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ScreenOffDelayACSupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the screen is turned +off when running on AC power. + +When this policy is set to a value greater than zero, it specifies the length of +time that the user must remain idle before Google Chrome OS turns off the +screen. + +When this policy is set to zero, Google Chrome OS does not turn off the screen +when the user becomes idle. + +When this policy is unset, a default length of time is used. + +The policy value should be specified in milliseconds. Values are clamped to be +less than or equal the idle delay. + +Example value:0x00075300 (Windows)[Back to top](#top) + +### ScreenLockDelayAC (deprecated) + +Screen lock delay when running on AC powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ScreenLockDelayACSupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the screen is locked +when running on AC power. + +When this policy is set to a value greater than zero, it specifies the length of +time that the user must remain idle before Google Chrome OS locks the screen. + +When this policy is set to zero, Google Chrome OS does not lock the screen when +the user becomes idle. + +When this policy is unset, a default length of time is used. + +The recommended way to lock the screen on idle is to enable screen locking on +suspend and have Google Chrome OS suspend after the idle delay. This policy +should only be used when screen locking should occur a significant amount of +time sooner than suspend or when suspend on idle is not desired at all. + +The policy value should be specified in milliseconds. Values are clamped to be +less than the idle delay. + +Example value:0x000927c0 (Windows)[Back to top](#top) + +### IdleWarningDelayAC (deprecated) + +Idle warning delay when running on AC powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IdleWarningDelayACSupported on: + +* Google Chrome OS (Google Chrome OS) since version 27 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which a warning dialog is +shown when running on AC power. + +When this policy is set, it specifies the length of time that the user must +remain idle before Google Chrome OS shows a warning dialog telling the user that +the idle action is about to be taken. + +When this policy is unset, no warning dialog is shown. + +The policy value should be specified in milliseconds. Values are clamped to be +less than or equal the idle delay. + +The warning message is only shown if the idle action is to logout or shut down. + +Example value:0x000850e8 (Windows)[Back to top](#top) + +### IdleDelayAC (deprecated) + +Idle delay when running on AC powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IdleDelayACSupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the idle action is +taken when running on AC power. + +When this policy is set, it specifies the length of time that the user must +remain idle before Google Chrome OS takes the idle action, which can be +configured separately. + +When this policy is unset, a default length of time is used. + +The policy value should be specified in milliseconds. + +Example value:0x001b7740 (Windows)[Back to top](#top) + +### ScreenDimDelayBattery (deprecated) + +Screen dim delay when running on battery powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ScreenDimDelayBatterySupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the screen is dimmed +when running on battery power. + +When this policy is set to a value greater than zero, it specifies the length of +time that the user must remain idle before Google Chrome OS dims the screen. + +When this policy is set to zero, Google Chrome OS does not dim the screen when +the user becomes idle. + +When this policy is unset, a default length of time is used. + +The policy value should be specified in milliseconds. Values are clamped to be +less than or equal the screen off delay (if set) and the idle delay. + +Example value:0x000493e0 (Windows)[Back to top](#top) + +### ScreenOffDelayBattery (deprecated) + +Screen off delay when running on battery powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ScreenOffDelayBatterySupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the screen is turned +off when running on battery power. + +When this policy is set to a value greater than zero, it specifies the length of +time that the user must remain idle before Google Chrome OS turns off the +screen. + +When this policy is set to zero, Google Chrome OS does not turn off the screen +when the user becomes idle. + +When this policy is unset, a default length of time is used. + +The policy value should be specified in milliseconds. Values are clamped to be +less than or equal the idle delay. + +Example value:0x00057e40 (Windows)[Back to top](#top) + +### ScreenLockDelayBattery (deprecated) + +Screen lock delay when running on battery powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ScreenLockDelayBatterySupported +on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the screen is locked +when running on battery power. + +When this policy is set to a value greater than zero, it specifies the length of +time that the user must remain idle before Google Chrome OS locks the screen. + +When this policy is set to zero, Google Chrome OS does not lock the screen when +the user becomes idle. + +When this policy is unset, a default length of time is used. + +The recommended way to lock the screen on idle is to enable screen locking on +suspend and have Google Chrome OS suspend after the idle delay. This policy +should only be used when screen locking should occur a significant amount of +time sooner than suspend or when suspend on idle is not desired at all. + +The policy value should be specified in milliseconds. Values are clamped to be +less than the idle delay. + +Example value:0x000927c0 (Windows)[Back to top](#top) + +### IdleWarningDelayBattery (deprecated) + +Idle warning delay when running on battery powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IdleWarningDelayBatterySupported +on: + +* Google Chrome OS (Google Chrome OS) since version 27 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which a warning dialog is +shown when running on battery power. + +When this policy is set, it specifies the length of time that the user must +remain idle before Google Chrome OS shows a warning dialog telling the user that +the idle action is about to be taken. + +When this policy is unset, no warning dialog is shown. + +The policy value should be specified in milliseconds. Values are clamped to be +less than or equal the idle delay. + +The warning message is only shown if the idle action is to logout or shut down. + +Example value:0x000850e8 (Windows)[Back to top](#top) + +### IdleDelayBattery (deprecated) + +Idle delay when running on battery powerData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IdleDelayBatterySupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Specifies the length of time without user input after which the idle action is +taken when running on battery power. + +When this policy is set, it specifies the length of time that the user must +remain idle before Google Chrome OS takes the idle action, which can be +configured separately. + +When this policy is unset, a default length of time is used. + +The policy value should be specified in milliseconds. + +Example value:0x000927c0 (Windows)[Back to top](#top) + +### IdleAction (deprecated) + +Action to take when the idle delay is reachedData type:Integer +\[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IdleActionSupported on: + +* Google Chrome OS (Google Chrome OS) since version 26 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +Note that this policy is deprecated and will be removed in the future. + +This policy provides a fallback value for the more-specific IdleActionAC and +IdleActionBattery policies. If this policy is set, its value gets used if the +respective more-specific policy is not set. + +When this policy is unset, behavior of the more-specific policies remains +unaffected. + +* 0 = Suspend +* 1 = Log the user out +* 2 = Shut down +* 3 = Do nothing + +Example value:0x00000000 (Windows)[Back to top](#top) + +### IdleActionAC (deprecated) + +Action to take when the idle delay is reached while running on AC powerData +type:Integer \[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IdleActionACSupported on: + +* Google Chrome OS (Google Chrome OS) since version 30 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +When this policy is set, it specifies the action that Google Chrome OS takes +when the user remains idle for the length of time given by the idle delay, which +can be configured separately. + +When this policy is unset, the default action is taken, which is suspend. + +If the action is suspend, Google Chrome OS can separately be configured to +either lock or not lock the screen before suspending. + +* 0 = Suspend +* 1 = Log the user out +* 2 = Shut down +* 3 = Do nothing + +Example value:0x00000000 (Windows)[Back to top](#top) + +### IdleActionBattery (deprecated) + +Action to take when the idle delay is reached while running on battery powerData +type:Integer \[Windows:REG_DWORD\]Windows registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IdleActionBatterySupported on: + +* Google Chrome OS (Google Chrome OS) since version 30 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +When this policy is set, it specifies the action that Google Chrome OS takes +when the user remains idle for the length of time given by the idle delay, which +can be configured separately. + +When this policy is unset, the default action is taken, which is suspend. + +If the action is suspend, Google Chrome OS can separately be configured to +either lock or not lock the screen before suspending. + +* 0 = Suspend +* 1 = Log the user out +* 2 = Shut down +* 3 = Do nothing + +Example value:0x00000000 (Windows)[Back to top](#top) + +### ProxyServerMode (deprecated) + +Choose how to specify proxy server settingsData type:Integer \[Android:choice, +Windows:REG_DWORD\]Windows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\ProxyServerModeWindows registry +location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ProxyServerModeMac/Linux +preference name:ProxyServerModeAndroid restriction name:ProxyServerModeSupported +on: + +* Google Chrome (Linux, Mac, Windows) since version 8 +* Google Chrome OS (Google Chrome OS) since version 11 +* Google Chrome (Android) since version 30 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated, use ProxyMode instead. + +Allows you to specify the proxy server used by Google Chrome and prevents users +from changing proxy settings. + +This policy only takes effect if the ProxySettings policy has not been +specified. + +If you choose to never use a proxy server and always connect directly, all other +options are ignored. + +If you choose to use system proxy settings or auto detect the proxy server, all +other options are ignored. + +If you choose manual proxy settings, you can specify further options in 'Address +or URL of proxy server', 'URL to a proxy .pac file' and 'Comma-separated list of +proxy bypass rules'. Only the HTTP proxy server with the highest priority is +available for ARC-apps. + +For detailed examples, visit: +. + +If you enable this setting, Google Chrome ignores all proxy-related options +specified from the command line. + +Leaving this policy not set will allow the users to choose the proxy settings on +their own. + +* 0 = Never use a proxy +* 1 = Auto detect proxy settings +* 2 = Manually specify proxy settings +* 3 = Use system proxy settings + +Note for Google Chrome OS devices supporting Android apps: + +You cannot force Android apps to use a proxy. A subset of proxy settings is made +available to Android apps, which they may voluntarily choose to honor. See the +ProxyMode policy for more details. + +Example value:0x00000002 (Windows), 2 (Linux), 2 (Android), 2 (Mac)[Back to +top](#top) + +### RemoteAccessHostClientDomain (deprecated) + +Configure the required domain name for remote access clientsData type:String +\[Windows:REG_SZ\]Windows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\RemoteAccessHostClientDomainWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\RemoteAccessHostClientDomainMac/Linux +preference name:RemoteAccessHostClientDomainSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 22 +* Google Chrome OS (Google Chrome OS) since version 41 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +This policy is deprecated. Please use RemoteAccessHostClientDomainList instead. + +Example value:"my-awesome-domain.com"[Back to top](#top) + +### RemoteAccessHostDomain (deprecated) + +Configure the required domain name for remote access hostsData type:String +\[Windows:REG_SZ\]Windows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\RemoteAccessHostDomainWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\RemoteAccessHostDomainMac/Linux +preference name:RemoteAccessHostDomainSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 22 +* Google Chrome OS (Google Chrome OS) since version 41 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: NoDescription: + +This policy is deprecated. Please use RemoteAccessHostDomainList instead. + +Example value:"my-awesome-domain.com"[Back to top](#top) + +### SafeBrowsingExtendedReportingOptInAllowed (deprecated) + +Allow users to opt in to Safe Browsing extended reportingData type:Boolean +\[Windows:REG_DWORD\]Windows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\SafeBrowsingExtendedReportingOptInAllowedWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\SafeBrowsingExtendedReportingOptInAllowedMac/Linux +preference name:SafeBrowsingExtendedReportingOptInAllowedSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 44 +* Google Chrome OS (Google Chrome OS) since version 44 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This setting is deprecated, use SafeBrowsingExtendedReportingEnabled instead. +Enabling or disabling SafeBrowsingExtendedReportingEnabled is equivalent to +setting SafeBrowsingExtendedReportingOptInAllowed to False. + +Setting this policy to false stops users from choosing to send some system +information and page content to Google servers. If this setting is true or not +configured, then users will be allowed to send some system information and page +content to Safe Browsing to help detect dangerous apps and sites. + +See for more info on Safe +Browsing. + +Example value:0x00000001 (Windows), true (Linux), <true /> (Mac)[Back to +top](#top) + +### AutoFillEnabled (deprecated) + +Enable AutoFillData type:Boolean \[Windows:REG_DWORD\]Windows registry location +for Windows clients:Software\\Policies\\Google\\Chrome\\AutoFillEnabledWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\AutoFillEnabledMac/Linux +preference name:AutoFillEnabledAndroid restriction name:AutoFillEnabledSupported +on: + +* Google Chrome (Linux, Mac, Windows) since version 8 +* Google Chrome OS (Google Chrome OS) since version 11 +* Google Chrome (Android) since version 30 + +Supported features:Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per +Profile: YesDescription: + +This policy is deprecated in M70, please use AutofillAddressEnabled and +AutofillCreditCardEnabled instead. + +Enables Google Chrome's AutoFill feature and allows users to auto complete web +forms using previously stored information such as address or credit card +information. + +If you disable this setting, AutoFill will be inaccessible to users. + +If you enable this setting or do not set a value, AutoFill will remain under the +control of the user. This will allow them to configure AutoFill profiles and to +switch AutoFill on or off at their own discretion. + +Example value:0x00000000 (Windows), false (Linux), false (Android), <false +/> (Mac)[Back to top](#top) + +### DeveloperToolsDisabled (deprecated) + +Disable Developer ToolsData type:Boolean \[Windows:REG_DWORD\]Windows registry +location for Windows +clients:Software\\Policies\\Google\\Chrome\\DeveloperToolsDisabledWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\DeveloperToolsDisabledMac/Linux +preference name:DeveloperToolsDisabledSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 9 +* Google Chrome OS (Google Chrome OS) since version 11 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated in M68, please use DeveloperToolsAvailability instead. + +Disables the Developer Tools and the JavaScript console. + +If you enable this setting, the Developer Tools can not be accessed and web-site +elements can not be inspected anymore. Any keyboard shortcuts and any menu or +context menu entries to open the Developer Tools or the JavaScript Console will +be disabled. + +Setting this option to disabled or leaving it not set allows the user to use the +Developer Tools and the JavaScript console. + +If the policy DeveloperToolsAvailability is set, the value of the policy +DeveloperToolsDisabled is ignored. + +Note for Google Chrome OS devices supporting Android apps: + +This policy also controls access to Android Developer Options. If you set this +policy to true, users cannot access Developer Options. If you set this policy to +false or leave it unset, users can access Developer Options by tapping seven +times on the build number in the Android settings app. + +Example value:0x00000000 (Windows), false (Linux), <false /> (Mac)[Back to +top](#top) + +### DisabledPlugins (deprecated) + +Specify a list of disabled pluginsData type:List of stringsWindows registry +location for Windows +clients:Software\\Policies\\Google\\Chrome\\DisabledPluginsWindows registry +location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\DisabledPluginsMac/Linux +preference name:DisabledPluginsSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 8 +* Google Chrome OS (Google Chrome OS) since version 11 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated. Please use the DefaultPluginsSetting to control the +avalability of the Flash plugin and AlwaysOpenPdfExternally to control whether +the integrated PDF viewer should be used for opening PDF files. + +Specifies a list of plugins that are disabled in Google Chrome and prevents +users from changing this setting. + +The wildcard characters '\*' and '?' can be used to match sequences of arbitrary +characters. '\*' matches an arbitrary number of characters while '?' specifies +an optional single character, i.e. matches zero or one characters. The escape +character is '\\', so to match actual '\*', '?', or '\\' characters, you can put +a '\\' in front of them. + +If you enable this setting, the specified list of plugins is never used in +Google Chrome. The plugins are marked as disabled in 'about:plugins' and users +cannot enable them. + +Note that this policy can be overridden by EnabledPlugins and +DisabledPluginsExceptions. + +If this policy is left not set the user can use any plugin installed on the +system except for hard-coded incompatible, outdated or dangerous plugins. + +Example value:Windows (Windows +clients):Software\\Policies\\Google\\Chrome\\DisabledPlugins\\1 = "Java" +Software\\Policies\\Google\\Chrome\\DisabledPlugins\\2 = "Shockwave Flash" +Software\\Policies\\Google\\Chrome\\DisabledPlugins\\3 = "Chrome PDF +Viewer"Windows (Google Chrome OS +clients):Software\\Policies\\Google\\ChromeOS\\DisabledPlugins\\1 = "Java" +Software\\Policies\\Google\\ChromeOS\\DisabledPlugins\\2 = "Shockwave Flash" +Software\\Policies\\Google\\ChromeOS\\DisabledPlugins\\3 = "Chrome PDF +Viewer"Android/Linux:\[ "Java", "Shockwave Flash", "Chrome PDF Viewer" +\]Mac:<array> <string>Java</string> <string>Shockwave +Flash</string> <string>Chrome PDF Viewer</string> +</array>[Back to top](#top) + +### DisabledPluginsExceptions (deprecated) + +Specify a list of plugins that the user can enable or disableData type:List of +stringsWindows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\DisabledPluginsExceptionsWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\DisabledPluginsExceptionsMac/Linux +preference name:DisabledPluginsExceptionsSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 11 +* Google Chrome OS (Google Chrome OS) since version 11 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated. Please use the DefaultPluginsSetting to control the +avalability of the Flash plugin and AlwaysOpenPdfExternally to control whether +the integrated PDF viewer should be used for opening PDF files. + +Specifies a list of plugins that user can enable or disable in Google Chrome. + +The wildcard characters '\*' and '?' can be used to match sequences of arbitrary +characters. '\*' matches an arbitrary number of characters while '?' specifies +an optional single character, i.e. matches zero or one characters. The escape +character is '\\', so to match actual '\*', '?', or '\\' characters, you can put +a '\\' in front of them. + +If you enable this setting, the specified list of plugins can be used in Google +Chrome. Users can enable or disable them in 'about:plugins', even if the plugin +also matches a pattern in DisabledPlugins. Users can also enable and disable +plugins that don't match any patterns in DisabledPlugins, +DisabledPluginsExceptions and EnabledPlugins. + +This policy is meant to allow for strict plugin blacklisting where the +'DisabledPlugins' list contains wildcarded entries like disable all plugins '\*' +or disable all Java plugins '\*Java\*' but the administrator wishes to enable +some particular version like 'IcedTea Java 2.3'. This particular versions can be +specified in this policy. + +Note that both the plugin name and the plugin's group name have to be exempted. +Each plugin group is shown in a separate section in about:plugins; each section +may have one or more plugins. For example, the "Shockwave Flash" plugin belongs +to the "Adobe Flash Player" group, and both names have to have a match in the +exceptions list if that plugin is to be exempted from the blacklist. + +If this policy is left not set any plugin that matches the patterns in the +'DisabledPlugins' will be locked disabled and the user won't be able to enable +them. + +Example value:Windows (Windows +clients):Software\\Policies\\Google\\Chrome\\DisabledPluginsExceptions\\1 = +"Java" Software\\Policies\\Google\\Chrome\\DisabledPluginsExceptions\\2 = +"Shockwave Flash" +Software\\Policies\\Google\\Chrome\\DisabledPluginsExceptions\\3 = "Chrome PDF +Viewer"Windows (Google Chrome OS +clients):Software\\Policies\\Google\\ChromeOS\\DisabledPluginsExceptions\\1 = +"Java" Software\\Policies\\Google\\ChromeOS\\DisabledPluginsExceptions\\2 = +"Shockwave Flash" +Software\\Policies\\Google\\ChromeOS\\DisabledPluginsExceptions\\3 = "Chrome PDF +Viewer"Android/Linux:\[ "Java", "Shockwave Flash", "Chrome PDF Viewer" +\]Mac:<array> <string>Java</string> <string>Shockwave +Flash</string> <string>Chrome PDF Viewer</string> +</array>[Back to top](#top) + +### DisabledSchemes (deprecated) + +Disable URL protocol schemesData type:List of stringsWindows registry location +for Windows clients:Software\\Policies\\Google\\Chrome\\DisabledSchemesWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\DisabledSchemesMac/Linux +preference name:DisabledSchemesSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 12 +* Google Chrome OS (Google Chrome OS) since version 12 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated, please use URLBlacklist instead. + +Disables the listed protocol schemes in Google Chrome. + +URLs using a scheme from this list will not load and can not be navigated to. + +If this policy is left not set or the list is empty all schemes will be +accessible in Google Chrome. + +Example value:Windows (Windows +clients):Software\\Policies\\Google\\Chrome\\DisabledSchemes\\1 = "file" +Software\\Policies\\Google\\Chrome\\DisabledSchemes\\2 = "https"Windows (Google +Chrome OS clients):Software\\Policies\\Google\\ChromeOS\\DisabledSchemes\\1 = +"file" Software\\Policies\\Google\\ChromeOS\\DisabledSchemes\\2 = +"https"Android/Linux:\[ "file", "https" \]Mac:<array> +<string>file</string> <string>https</string> +</array>[Back to top](#top) + +### EnabledPlugins (deprecated) + +Specify a list of enabled pluginsData type:List of stringsWindows registry +location for Windows +clients:Software\\Policies\\Google\\Chrome\\EnabledPluginsWindows registry +location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\EnabledPluginsMac/Linux preference +name:EnabledPluginsSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 11 +* Google Chrome OS (Google Chrome OS) since version 11 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated. Please use the DefaultPluginsSetting to control the +avalability of the Flash plugin and AlwaysOpenPdfExternally to control whether +the integrated PDF viewer should be used for opening PDF files. + +Specifies a list of plugins that are enabled in Google Chrome and prevents users +from changing this setting. + +The wildcard characters '\*' and '?' can be used to match sequences of arbitrary +characters. '\*' matches an arbitrary number of characters while '?' specifies +an optional single character, i.e. matches zero or one characters. The escape +character is '\\', so to match actual '\*', '?', or '\\' characters, you can put +a '\\' in front of them. + +The specified list of plugins is always used in Google Chrome if they are +installed. The plugins are marked as enabled in 'about:plugins' and users cannot +disable them. + +Note that this policy overrides both DisabledPlugins and +DisabledPluginsExceptions. + +If this policy is left not set the user can disable any plugin installed on the +system. + +Example value:Windows (Windows +clients):Software\\Policies\\Google\\Chrome\\EnabledPlugins\\1 = "Java" +Software\\Policies\\Google\\Chrome\\EnabledPlugins\\2 = "Shockwave Flash" +Software\\Policies\\Google\\Chrome\\EnabledPlugins\\3 = "Chrome PDF +Viewer"Windows (Google Chrome OS +clients):Software\\Policies\\Google\\ChromeOS\\EnabledPlugins\\1 = "Java" +Software\\Policies\\Google\\ChromeOS\\EnabledPlugins\\2 = "Shockwave Flash" +Software\\Policies\\Google\\ChromeOS\\EnabledPlugins\\3 = "Chrome PDF +Viewer"Android/Linux:\[ "Java", "Shockwave Flash", "Chrome PDF Viewer" +\]Mac:<array> <string>Java</string> <string>Shockwave +Flash</string> <string>Chrome PDF Viewer</string> +</array>[Back to top](#top) + +### ForceBrowserSignin (deprecated) + +Enable force sign in for Google ChromeData type:Boolean +\[Windows:REG_DWORD\]Windows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\ForceBrowserSigninMac/Linux +preference name:ForceBrowserSigninAndroid restriction +name:ForceBrowserSigninSupported on: + +* Google Chrome (Windows) since version 64 +* Google Chrome (Mac) since version 66 +* Google Chrome (Android) since version 65 + +Supported features:Dynamic Policy Refresh: No, Per Profile: NoDescription: + +This policy is deprecated, consider using BrowserSignin instead. + +If this policy is set to true, user has to sign in to Google Chrome with their +profile before using the browser. And the default value of +BrowserGuestModeEnabled will be set to false. Note that existing unsigned +profiles will be locked and inaccessible after enabling this policy. For more +information, see help center article. + +If this policy is set to false or not configured, user can use the browser +without sign in to Google Chrome. + +Example value:0x00000000 (Windows), false (Android), <false /> (Mac)[Back +to top](#top) + +### ForceSafeSearch (deprecated) + +Force SafeSearchData type:Boolean \[Windows:REG_DWORD\]Windows registry location +for Windows clients:Software\\Policies\\Google\\Chrome\\ForceSafeSearchWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ForceSafeSearchMac/Linux +preference name:ForceSafeSearchAndroid restriction name:ForceSafeSearchSupported +on: + +* Google Chrome (Linux, Mac, Windows) since version 25 +* Google Chrome OS (Google Chrome OS) since version 25 +* Google Chrome (Android) since version 30 + +Supported features:Can Be Recommended: No, Dynamic Policy Refresh: Yes, Per +Profile: YesDescription: + +This policy is deprecated, please use ForceGoogleSafeSearch and +ForceYouTubeRestrict instead. This policy is ignored if either the +ForceGoogleSafeSearch, the ForceYouTubeRestrict or the (deprecated) +ForceYouTubeSafetyMode policies are set. + +Forces queries in Google Web Search to be done with SafeSearch set to active and +prevents users from changing this setting. This setting also forces Moderate +Restricted Mode on YouTube. + +If you enable this setting, SafeSearch in Google Search and Moderate Restricted +Mode YouTube is always active. + +If you disable this setting or do not set a value, SafeSearch in Google Search +and Restricted Mode in YouTube is not enforced. + +Example value:0x00000000 (Windows), false (Linux), false (Android), <false +/> (Mac)[Back to top](#top) + +### ForceYouTubeSafetyMode (deprecated) + +Force YouTube Safety ModeData type:Boolean \[Windows:REG_DWORD\]Windows registry +location for Windows +clients:Software\\Policies\\Google\\Chrome\\ForceYouTubeSafetyModeWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\ForceYouTubeSafetyModeMac/Linux +preference name:ForceYouTubeSafetyModeAndroid restriction +name:ForceYouTubeSafetyModeSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 41 +* Google Chrome OS (Google Chrome OS) since version 41 +* Google Chrome (Android) since version 41 + +Supported features:Can Be Recommended: No, Dynamic Policy Refresh: Yes, Per +Profile: YesDescription: + +This policy is deprecated. Consider using ForceYouTubeRestrict, which overrides +this policy and allows more fine-grained tuning. + +Forces YouTube Moderate Restricted Mode and prevents users from changing this +setting. + +If this setting is enabled, Restricted Mode on YouTube is always enforced to be +at least Moderate. + +If this setting is disabled or no value is set, Restricted Mode on YouTube is +not enforced by Google Chrome. External policies such as YouTube policies might +still enforce Restricted Mode, though. + +Note for Google Chrome OS devices supporting Android apps: + +This policy has no effect on the Android YouTube app. If Safety Mode on YouTube +should be enforced, installation of the Android YouTube app should be +disallowed. + +Example value:0x00000000 (Windows), false (Linux), false (Android), <false +/> (Mac)[Back to top](#top) + +### Http09OnNonDefaultPortsEnabled (deprecated) + +Enable HTTP/0.9 support on non-default portsData type:Boolean +\[Windows:REG_DWORD\]Windows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\Http09OnNonDefaultPortsEnabledWindows +registry location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\Http09OnNonDefaultPortsEnabledMac/Linux +preference name:Http09OnNonDefaultPortsEnabledSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 54 until version + 77 +* Google Chrome OS (Google Chrome OS) since version 54 until version + 77 + +Supported features:Dynamic Policy Refresh: No, Per Profile: NoDescription: + +This policy is deprecated, and slated for removal in Chrome 78, with no +replacement. + +This policy enables HTTP/0.9 on ports other than 80 for HTTP and 443 for HTTPS. + +This policy is disabled by default, and if enabled, leaves users open to the +security issue . + +This policy is intended to give enterprises a chance to migrate exising servers +off of HTTP/0.9, and will be removed in the future. + +If this policy is not set, HTTP/0.9 will be disabled on non-default ports. + +Example value:0x00000000 (Windows), false (Linux), <false /> (Mac)[Back to +top](#top) + +### IncognitoEnabled (deprecated) + +Enable Incognito modeData type:Boolean \[Windows:REG_DWORD\]Windows registry +location for Windows +clients:Software\\Policies\\Google\\Chrome\\IncognitoEnabledWindows registry +location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\IncognitoEnabledMac/Linux +preference name:IncognitoEnabledAndroid restriction +name:IncognitoEnabledSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 11 +* Google Chrome OS (Google Chrome OS) since version 11 +* Google Chrome (Android) since version 30 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated. Please, use IncognitoModeAvailability instead. +Enables Incognito mode in Google Chrome. + +If this setting is enabled or not configured, users can open web pages in +incognito mode. + +If this setting is disabled, users cannot open web pages in incognito mode. + +If this policy is left not set, this will be enabled and the user will be able +to use incognito mode. + +Example value:0x00000000 (Windows), false (Linux), false (Android), <false +/> (Mac)[Back to top](#top) + +### JavascriptEnabled (deprecated) + +Enable JavaScriptData type:Boolean \[Windows:REG_DWORD\]Windows registry +location for Windows +clients:Software\\Policies\\Google\\Chrome\\JavascriptEnabledWindows registry +location for Google Chrome OS +clients:Software\\Policies\\Google\\ChromeOS\\JavascriptEnabledMac/Linux +preference name:JavascriptEnabledAndroid restriction +name:JavascriptEnabledSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 8 +* Google Chrome OS (Google Chrome OS) since version 11 +* Google Chrome (Android) since version 30 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated, please use DefaultJavaScriptSetting instead. + +Can be used to disabled JavaScript in Google Chrome. + +If this setting is disabled, web pages cannot use JavaScript and the user cannot +change that setting. + +If this setting is enabled or not set, web pages can use JavaScript but the user +can change that setting. + +Example value:0x00000001 (Windows), true (Linux), true (Android), <true /> +(Mac)[Back to top](#top) + +### MachineLevelUserCloudPolicyEnrollmentToken (deprecated) + +The enrollment token of cloud policy on desktopData type:String +\[Windows:REG_SZ\]Windows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\MachineLevelUserCloudPolicyEnrollmentTokenMac/Linux +preference name:MachineLevelUserCloudPolicyEnrollmentTokenSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 66 + +Supported features:Dynamic Policy Refresh: No, Per Profile: NoDescription: + +This policy is deprecated in M72. Please use CloudManagementEnrollmentToken +instead. + +Example value:"37185d02-e055-11e7-80c1-9a214cf093ae"[Back to top](#top) + +### SigninAllowed (deprecated) + +Allow sign in to Google ChromeData type:Boolean \[Windows:REG_DWORD\]Windows +registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\SigninAllowedMac/Linux preference +name:SigninAllowedAndroid restriction name:SigninAllowedSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 27 +* Google Chrome (Android) since version 38 + +Supported features:Dynamic Policy Refresh: Yes, Per Profile: YesDescription: + +This policy is deprecated, consider using BrowserSignin instead. + +Allows the user to sign in to Google Chrome. + +If you set this policy, you can configure whether a user is allowed to sign in +to Google Chrome. Setting this policy to 'False' will prevent apps and +extensions that use the chrome.identity API from functioning, so you may want to +use SyncDisabled instead. + +Example value:0x00000001 (Windows), true (Linux), true (Android), <true /> +(Mac)[Back to top](#top) + +### UnsafelyTreatInsecureOriginAsSecure (deprecated) + +Origins or hostname patterns for which restrictions on insecure origins should +not applyData type:List of stringsWindows registry location for Windows +clients:Software\\Policies\\Google\\Chrome\\UnsafelyTreatInsecureOriginAsSecureMac/Linux +preference name:UnsafelyTreatInsecureOriginAsSecureSupported on: + +* Google Chrome (Linux, Mac, Windows) since version 65 + +Supported features:Dynamic Policy Refresh: No, Per Profile: NoDescription: + +Deprecated in M69. Use OverrideSecurityRestrictionsOnInsecureOrigin instead. + +The policy specifies a list of origins (URLs) or hostname patterns (such as +"\*.example.com") for which security restrictions on insecure origins will not +apply. + +The intent is to allow organizations to allow origins for legacy applications +that cannot deploy TLS, or to set up a staging server for internal web +development so that their developers can test out features requiring secure +contexts without having to deploy TLS on the staging server. This policy will +also prevent the origin from being labeled "Not Secure" in the omnibox. + +Setting a list of URLs in this policy has the same effect as setting the +command-line flag '--unsafely-treat-insecure-origin-as-secure' to a +comma-separated list of the same URLs. If the policy is set, it will override +the command-line flag. + +This policy is deprecated in M69 in favor of +OverrideSecurityRestrictionsOnInsecureOrigin. If both policies are present, +OverrideSecurityRestrictionsOnInsecureOrigin will override this policy. + +For more information on secure contexts, see + + +Example value:Windows (Windows +clients):Software\\Policies\\Google\\Chrome\\UnsafelyTreatInsecureOriginAsSecure\\1 += "http://testserver.example.com/" +Software\\Policies\\Google\\Chrome\\UnsafelyTreatInsecureOriginAsSecure\\2 = +"\*.example.org"Android/Linux:\[ "http://testserver.example.com/", +"\*.example.org" \]Mac:<array> +<string>http://testserver.example.com/</string> +<string>\*.example.org</string> </array>[Back to top](#top) \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/policy-list-3/extension-settings-full/index.md b/chromium/docs/website/site/administrators/policy-list-3/extension-settings-full/index.md new file mode 100644 index 00000000000..3252ee19a25 --- /dev/null +++ b/chromium/docs/website/site/administrators/policy-list-3/extension-settings-full/index.md @@ -0,0 +1,121 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +- - /administrators/policy-list-3 + - Policy List +page_name: extension-settings-full +title: Extension Settings Full Description +--- + +**For help setting this policy, see the help center for examples for +[Windows](https://support.google.com/chrome/a/answer/7532015?hl=en&ref_topic=7517516), +[macOS](https://support.google.com/chrome/a/answer/7517624?hl=en&ref_topic=7517516), +and +[Linux](https://support.google.com/chrome/a/answer/7517525?hl=en&ref_topic=7517516).** + +This policy controls multiple settings, including settings controlled by any +existing extension-related policies. This policy will override any legacy +policies if both are set. + +This policy maps an extension ID to its configuration. With an extension ID, +configuration will be applied to the specified extension only. A default +configuration can be set for the special ID "\*", which will apply to all +extensions that don't have a custom configuration set in this policy. + +The configuration for each extension is another dictionary that can contain the +fields documented below. + +* "installation_mode": Maps to a string indicating the installation + mode for the extension. The valid strings are: + * "allowed": allows the extension to be installed by the user. + This is the default behavior. + * "blocked": blocks installation of the extension. + * "removed" 3: blocks installation of the extension and removes it + from the device if already installed. + * "force_installed" 1: the extension is automatically installed + and can't be removed by the user. + * "normal_installed" 1: the extension is automatically installed + but can be disabled by the user. +* "update_url": Maps to a string indicating where Chrome can download + a force_installed or normal_installed extension. + * The update URL set in this policy is only used for the initial + installation; subsequent updates of the extension will use the + update URL indicated in the extension's manifest. + * The update URL should point to an Update Manifest XML document + as mentioned above. + * If installing from the Chrome Web Store, use the following URL + * http://clients2.google.com/service/update2/crx +* "blocked_permissions": maps to a list of strings indicating the + blocked API permissions for the extension. + * The permissions names are same as the permission strings + declared in manifest of extension as described at + . + This setting also can be configured for "\*" extension. If the + extension requires a permission which is on the blocklist, the + user will be blocked from installing the extension. If the user + already has an extension installed which matches the blocklist + it will not be allowed to load. If it contains a blocked + permission as optional requirement, it will be handled in the + normal way, but requesting conflicting permissions will be + declined automatically at runtime. +* "minimum_version_required": maps to a version string. + * The format of the version string is the same as the one used in + extension manifest, as described at + . An + extension with a version older than the specified minimum + version will be disabled. This applies to force-installed + extensions as well. +* "install_sources" 2: Each item in this list is an extension-style + [match + pattern](https://developer.chrome.com/extensions/match_patterns). + * Users will be able to easily install items from any URL that + matches an item in this list. Both the location of the \*.crx + file and the page where the download is started from (i.e. the + referrer) must be allowed by these patterns. +* "allowed_types" 2: This setting lists the allowed types of + extension/apps that can be installed in Google Chrome. + * The value is a list of strings, each of which should be one of + the following: + * "extension", "theme", "user_script", "hosted_app", + "legacy_packaged_app", "platform_app" + * See extensions documentation for more information on these + types. +* "blocked_install_message": This maps to a string specifying the + error message to display to users if they're blocked from installing + an extension. + * This setting allows you to append text to the generic error + message displayed on the Chrome Web Store. This could be be used + to direct users to your help desk, explain why a particular + extension is blocked, or something else. + * This error message will be truncated if longer than 1000 + characters. +* "runtime_blocked_hosts": Maps to a list of strings representing + hosts whose webpages the extension will be blocked from modifying. + * This includes injecting javascript, altering and viewing + webRequests / webNavigation, viewing and altering cookies, + exceptions to the same-origin policy, etc. + * The format is similar to [match + patterns](https://developer.chrome.com/extensions/match_patterns) + except no paths may be defined. + * e.g. "\*://\*.example.com" + * This also supports effective TLD wildcarding e.g. + "\*://example.\*" + * The list can contain not more than 100 entries. Any further + entry is discarded. +* "runtime_allowed_hosts": Maps to a list of strings representing + hosts that an extension can interact with regardless of whether they + are listed in "runtime_blocked_hosts" + * This is the same format as "runtime_blocked_hosts". + * The list can contain not more than 100 entries. Any further + entry is discarded. + +____________________________________________________________________________ + +1: This option is **not** valid for the "\*" id as Chrome wouldn't know which +extension to automatically install. The "update_url" setting MUST be set for +this extension or the policy will be invalid. + +2: This settings can be used **only** for the default configuration "\*". + +3: This setting is available since Chrome 75. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/policy-list-3/index.md b/chromium/docs/website/site/administrators/policy-list-3/index.md new file mode 100644 index 00000000000..46ff5282aa0 --- /dev/null +++ b/chromium/docs/website/site/administrators/policy-list-3/index.md @@ -0,0 +1,10 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: policy-list-3 +title: Policy List +--- + +The Chrome Enterprise policy list is moving! Please update your bookmarks to +. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/policy-list-3/user-data-directory-variables/index.md b/chromium/docs/website/site/administrators/policy-list-3/user-data-directory-variables/index.md new file mode 100644 index 00000000000..c7148dafbe9 --- /dev/null +++ b/chromium/docs/website/site/administrators/policy-list-3/user-data-directory-variables/index.md @@ -0,0 +1,93 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +- - /administrators/policy-list-3 + - Policy List +page_name: user-data-directory-variables +title: Supported Directory Variables +--- + +The policy for modifying the user data directory and other paths for Chrome to +use has support for several variables, so you don't need to set a hard-coded +path for all users. For example, if you want to store your profile data under +the user local application data on Windows, set the UserDataDir policy to : +"${local_app_data}\Chrome\Profile" Which on most Windows 7 / Vista +installations would resolve to : +C:\Users\CurrentUser\AppData\Chrome\Profile. + +**Chrome profiles are _not_ backwards compatible, so storing the user profile +on a network drive and using it with different versions of Chrome can cause +crashes and data loss.** Please see + for more +details. + +### Some hints about setting paths in policies + +* All policies that concern paths where Chrome stores different data are + platform-dependent. Some of these are only available on specific platforms + but others can be used on all platforms. +* Paths should be absolute to avoid errors caused by applications starting in + different location on different occasions. +* Every variable can occur **only once** in a path. For the majority of them, + this is the only meaningful way of using them as they resolve to absolute + paths. +* Almost all policies will create the path if it doesn't exist and if possible +* **Using network locations for some policies can lead to unexpected results.** + For example, the user profile is not backwards-compatible, so running a + different version/channel of Chrome with the same profile may corrupt your + profile. + +### List of supported path variables + +#### All platforms + +**${user_name}** - The user that is running Chrome (respects suids). \ +(example resolution: "johndoe") + +**${machine_name}** - The machine name possibly with domain \ +(example resolution : "johnny.cg1.cooldomain.org" or simply “johnnyspc”) + +#### Windows only + +**${documents}** - The "Documents" folder for the current user. \ +(example resolution : "C:\Users\Administrator\Documents") + +**${local_app_data}** - The Application Data folder for the current user. \ +(example resolution : "C:\Users\Administrator\AppData\Local") + +**${roaming_app_data}** - The Roamed Application Data folder for the current user. \ +(example resolution : "C:\\Users\\Administrator\\AppData\\Roaming") + +**${profile}** - The home folder for the current user. \ +(example resolution : "C:\\Users\\Administrator") + +**${global_app_data}** - The system-wide Application Data folder. \ +(example resolution : "C:\AppData") + +**${program_files}** - The "Program Files" folder for the current process. +Depends on whether it is 32 or 64 bit process. \ +(example resolution : "C:\Program Files (x86)") + +**${windows}** - The Windows folder +(example resolution : "C:\WINNT" or "C:\Windows") + +**${client_name)** - The name of the client pc connected to an RDP or Citrix +session. Take into account that this variable is empty if used from a local +session. Therefore if used in paths you might want to prefix it with something +which is guaranteed to be non-empty. \ +(example : C:\chrome_profiles\session_${client_name} - produces +c:\chrome_profiles\session_ for local sessions and +c:\chrome_profiles\session_somepcname for remote sessions.) + +**${session_name}** - The name of the active session. Useful for distinguishing +multiple simultaneously connected remote sessions to a single user profile. \ +(example resolution: WinSta0 for local desktop sessions) + +#### MacOS only + +**${users}** - The folder where users profiles are stored \ +(example resolution : "/Users") + +**${documents}** - The "Documents" folder of the current user. \ +(example resolution : "/Users/johndoe/Documents") diff --git a/chromium/docs/website/site/administrators/policy-templates/index.md b/chromium/docs/website/site/administrators/policy-templates/index.md new file mode 100644 index 00000000000..2a99fc03f21 --- /dev/null +++ b/chromium/docs/website/site/administrators/policy-templates/index.md @@ -0,0 +1,86 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: policy-templates +title: Policy Templates +--- + +To ease your policy setup, several policy templates can guide you easily through +the configurable options. + +Templates can also be generated locally by building the policy_templates +Chromium project. + +**Windows** + +There are two types of templates available, an ADM and an ADMX template. You +will want to verify what template type you can use on your network. + +[ZIP file of ADM/ADMX/JSON templates and +documentation](https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip). +[Beta](https://dl.google.com/chrome/policy/beta_policy_templates.zip) and +[Dev](https://dl.google.com/chrome/policy/dev_policy_templates.zip) +administrative templates are also available for testing them before a stable +release. + +Google Update (auto-update) has its own templates as well, in +[ADM](https://dl.google.com/update2/enterprise/GoogleUpdate.adm) and +[ADMX](http://dl.google.com/dl/update2/enterprise/googleupdateadmx.zip) forms. + +The recommended way to configure policy on Windows is Group Policy Object (GPO), +however on machines that are joined to an Active Directory domain, policy +settings may also be stored in the registry under HKEY_LOCAL_MACHINE or +HKEY_CURRENT_USER in the following paths: + +* Google Chrome: Software\\Policies\\Google\\Chrome\\ +* Chromium: Software\\Policies\\Chromium\\ + +**Mac** + +Policies are defined on a Mac in a plist (property list) file. The latest plist +template is included in the Google Chrome/Chromium installer package. To find +the plist: + +1. [Download Google Chrome](https://www.google.com/chrome/) +2. Open the bundle and find the Configuration folder +3. Open a file called com.google.Chrome.manifest. This is the latest + plist template. +4. Review the plist template. +5. Use the template to create your own plist file. +6. Create your own plist file with appropriate policies based on the + plist template. Use the property list editor of your choice. +7. Use your system management tool to push the configuration file to + client Macs. + +To see an example of how to load this file into Profile Manager, see the [Mac +Quickstart guide](/administrators/mac-quick-start). + +**Note:** Any other system management tool can be used instead of Profile +Manager such as Jamf or Puppet. + +**Linux** + +For Linux, consult the HTML documentation contained in the [ZIP file of ADM/ADMX +templates and +documentation](https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip) +for the JSON keys that correspond to each policy. + +To see where to put this file, see the [Linux Quickstart +guide](/administrators/linux-quick-start). + +**Google Chrome OS** + +Google Chrome OS devices that are [joined to an Active Directory +domain](https://support.google.com/chrome/a/answer/7497916) can be managed via +Group Policy. + +The ADMX templates containing all applicable Chrome OS user and device policies +can be found in the + +[ZIP file of ADM/ADMX/JSON templates and +documentation](https://dl.google.com/dl/edgedl/chrome/policy/policy_templates.zip). +[Beta](https://dl.google.com/chrome/policy/beta_policy_templates.zip) and +[Dev](https://dl.google.com/chrome/policy/dev_policy_templates.zip) +administrative templates are also available for testing them before a stable +release. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/pre-installed-extensions/index.md b/chromium/docs/website/site/administrators/pre-installed-extensions/index.md new file mode 100644 index 00000000000..5ccc7e2734a --- /dev/null +++ b/chromium/docs/website/site/administrators/pre-installed-extensions/index.md @@ -0,0 +1,178 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: pre-installed-extensions +title: Pre-installed Extensions +--- + +Pre-installing an extension can be done in one of three ways: via Group Policy, +via the Registry, or via master_preferences. + +**Pre-installing via Group Policy** + +Using policy to deploy an Extension or Chrome Web App is by far the easiest and +scalable method. This is the recommended method for pushing extensions, as it +does not require the CRX file to be on the machine, it must simply be available +at a given URL. + +To use this method, just set the policy to 'force install' the extension, as +documented [here](/administrators/policy-list-3#ExtensionInstallForcelist). + +**Pre-installing via the Registry** + +Using this method, a special registry key indicates what extensions Google +Chrome should load. This means that the extension .crx file (the file downloaded +from the gallery, or the file you package yourself) needs to already be on the +machine. This method is not to be confused with setting policy -- this method +sets a completely different registry key and requires the CRX to be on the +machine in question. + +Once you have the extension .crx file you'd like to pre-install, follow these +steps: + +1. Copy the .crx file to a location such as: C:\\path\\to\\your\\extension.crx + +2. Create the registry key: + +32-bit Windows: HKEY_LOCAL_MACHINE\\SOFTWARE\\Google\\Chrome\\Extensions\\\[id +of your extension crx\] 64-bit Windows: +HKEY_LOCAL_MACHINE\\SOFTWARE\\**Wow6432Node**\\Google\\Chrome\\Extensions\\\[id +of your extension crx\] + +3. Create the following registry key values: + +32-bit Windows: HKEY_LOCAL_MACHINE\\SOFTWARE\\Google\\Chrome\\Extensions\\\[id +of your extension crx\]\\path 64-bit Windows: +HKEY_LOCAL_MACHINE\\SOFTWARE\\**Wow6432Node**\\Google\\Chrome\\Extensions\\\[id +of your extension crx\]\\path TYPE: REG_SZ VALUE: +"C:\\path\\to\\your\\extension.crx" 32-bit Windows: +HKEY_LOCAL_MACHINE\\SOFTWARE\\Google\\Chrome\\Extensions\\\[id of your extension +crx\]\\version 64-bit Windows: +HKEY_LOCAL_MACHINE\\SOFTWARE\\**Wow6432Node**\\Google\\Chrome\\Extensions\\\[id +of your extension crx\]\\version TYPE: REG_SZ VALUE: \[version of your .crx as +specified in the manifest\] + +This method requires the CRX is on the machine; this method may not be flexible +enough for all deployments. However, it does mean that users can have an +extension pre-installed behind a corporate firewall that restricts downloading +of files. + +**Pre-installing via master_preferences** + +You should already be familiar with configuring preferences. If you are not, +read the documentation on [master_preferences and other methods of +pre-configuring preferences](/administrators/configuring-other-preferences). + +Pre-installed extensions are added to the master_preferences file that lives +next to chrome.exe. This means that the extension CRX file can live anywhere, +and the bits do not need to live on the target user's machine and don't need to +be packaged into any installation script. If you are not familiar with the +master_preferences file or how it works, you will need to [read this +documentation first](/administrators/configuring-other-preferences). + +There are some requirements to using this method: + +* This method only works if the user has access to the public + extension gallery or another URL where the CRX file is kept; this + method may not work if the user is behind a corporate firewall or + proxy that restrict access to the gallery. +* This method generally only works on new installs. Making it work + with an existing install is cumbersome and requires a lot of + clean-up steps. + +To pre-install an extension with just master_preferences changes, + +1. Find the CRX file you want to install. Download it from the gallery, etc. + +2. Open up the CRX with a zip program and find the manifest.json file (it's just +a text file). This contains many values you will need. + +3. Set up your master_preferences with values from the manifest.json file. + +Here is an example master_preferences, which pre-installs the Google Reader +extension: + +{ "homepage" : "http://dev.chromium.org", "homepage_is_newtabpage" : true, +"extensions": { "settings": { "apflmjolhbonpkbkooiamcnenbmbjcbf": { "location": +1, "manifest": { "key": +"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5cK3ybDkh173plsjDXoqUzvsjFRMtbc5+a8HR6dxYBETeXQ7GOR5/xYnsY2R4smo5ly4yUK69iF7rnPNH+X97K7e7JFbuH5W/ZRc8YaIG66oJ9JwKZagSOZasSJPWNz4f1GdaHD1Z4KRucvOYxsaPVdwS2W3nbG6i3oQFaio+JQIDAQAB", +"name": "Google Reader Notifier (Installing...)", "permissions": \[ "tabs", +"http://www.google.com/" \], "update_url": +"http://clients2.google.com/service/update2/crx", "version": "0.0", +"manifest_version": 2 }, "path": "apflmjolhbonpkbkooiamcnenbmbjcbf\\\\0.0", +"state": 1 } } } } + +Breaking down the lines in this master_preferences file, + +* Under settings, the first value is the hash of the extension + ("apflmjolhbonpkbkooiamcnenbmbjcbf"). You get this by packaging up + the CRX file, and is also the extension's identifier in the gallery. +* "location" must always be 1. +* The "manifest" section must contain "key", "name", "permissions", + "update_url", "version", and "manifest_version". These can come from + the extension's manifest. +* The "key" value comes from the packaged extension, just like the + hash. If you look at an unzipped CRX file, you'll find the "key" in + manifest.json. +* "name" can be anything, although having a temporary tag (i.e. + "(Installing...)") will help users understand why an extension is + taking an extra bit of time to load. +* "permissions" **must be the same as the permissions in the extension + CRX file** at "update_url", or the user will see lots of warnings + and it won't load. So, you can't specify and empty permissions + array, and the real extension requires lots of permissions -- that + would hide escalating privilege. +* "update_url" is the URL where the CRX lives. Again, this is in the + manifest.json file. +* "version" should always be "0.0" +* "manifest_version" should be the same as in the extension CRX file + manifest.json (current manifest_version 2) +* "path" should always be the extension's hash followed by "\\\\0.0". +* "state" should always be 1. + +If any of these rules are broken, the extension may not load or the user may see +a warning. + +**Important:** If the extension contains content scripts that need permissions, +they must be listed in the master_preferences as well. For example, + +{ "extensions": { "settings": { "apflmjolhbonpkbkooiamcnenbmbjcbf": { +"location": 1, "manifest": { "content_scripts": \[ { "all_frames": true, "js": +\[ "script.js" \], "matches": \[ "http://\*/\*", "https://\*/\*" \], "run_at": +"document_start" } \], "key": +"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5cK3ybDkh173plsjDXoqUzvsjFRMtbc5+a8HR6dxYBETeXQ7GOR5/xYnsY2R4smo5ly4yUK69iF7rnPNH+X97K7e7JFbuH5W/ZRc8YaIG66oJ9JwKZagSOZasSJPWNz4f1GdaHD1Z4KRucvOYxsaPVdwS2W3nbG6i3oQFaio+JQIDAQAB", +"name": "Google Reader Notifier (Installing...)", ... + +If the extension has content scripts that need permissions / access, and you do +not specify it here, the extension will not load! + +You can pre-load multiple extensions. Adding an additional extension is as easy +as adding another block under "settings": + +{ "extensions": { "settings": { "apflmjolhbonpkbkooiamcnenbmbjcbf": { <-- +extension one "location": 1, "manifest": { ... } }, +"oaiwevnmzvoinziufeuibyfnzwevmiiw": { <-- extension two "location": 1, +"manifest": { ... }, ... } } } + +If the extension has any permissions that require user approval, you also need +to include a granted_permissions section: + +{ "extensions": { "settings": { "mihcahmgecmbnbcchbopgniflfhgnkff": { +"location": 1, "manifest": { ... }, "granted_permissions": { "api": \[ "tabs" +\], "explicit_host": \[ "http://\*.google.com/\*", "https://\*.google.com/" \], +"scriptable_host": \[ "http://example.com/" \] }, ... }, ... } } } + +If you do not include a granted_permissions section, Chrome immediately disables +the extension. The granted_permissions field has the following subfields: + +* "api" contains API permissions in the "permissions" key of the + manifest +* "explicit_host" contains any host permissions in the "permissions" + key of the manifest +* "scriptable_host" should be set to any hosts in the extension's + content scripts + +The easiest way to generate the granted_permissions field is to install the +extension locally and then copy the extension's granted_permissions from the +Preferences file of your [Chrome profile](/user-experience/user-data-directory). \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/turning-off-auto-updates/index.md b/chromium/docs/website/site/administrators/turning-off-auto-updates/index.md new file mode 100644 index 00000000000..6af08afa3ec --- /dev/null +++ b/chromium/docs/website/site/administrators/turning-off-auto-updates/index.md @@ -0,0 +1,109 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: turning-off-auto-updates +title: Turning Off Auto Updates in Google Chrome +--- + +Google Chrome on Windows and Mac auto-updates itself on a regular basis. The +auto-updating procedure is performed by Google Update, which is based on the +open-source [Omaha](https://github.com/google/omaha) project. Auto-updated +provide fixes to sometimes critical issues, limiting exposure. + + + + + +
Warning: Turning off auto-updates should be done with caution. You may not receive the latest security updates if you do not auto-update.
+ +**Turning off Auto-Updates on Windows** + +To turn off auto-updates of Google Chrome on Windows, you need to instruct +Google Update to not update it. To do this, you can either: + +1. Use the **Google Update** ADM templates provided [on this + page](/administrators/policy-templates) or as described in [this + article](https://support.google.com/chrome/a/answer/6350036). +2. Set the value of + HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Google\\Update\\AutoUpdateCheckPeriodMinutes + to the REG_DWORD value of "0". + +Warning: To prevent abuse of this policy, if a device is not joined to an Active +Directory domain, and if this policy has been set to 0 or to a value greater +than 77 hours, this setting will not be honored and replaced by 77 hours after +August 2014. If you are affected by this, and still want to disable Chrome +updates (NOT RECOMMENDED), you may do so by using 'Update policy override' as +described [here](https://support.google.com/chrome/a/answer/6350036#Policies). + +More information about Google Update's group policy support is +[here](https://support.google.com/chrome/a/answer/6350036). + +**Turning off Auto-Updates on Mac** + +More information about turning off auto-updates on a Mac network is +[here](http://www.google.com/support/installer/bin/answer.py?hl=en&answer=147176&ctx=go). + +**Turning off Auto-Updates on Linux** + +Google Chrome and Chromium are not auto-updated automatically on Linux; your +package manager handles this. + +**Frequently Asked questions** + +**Q: Does Chrome on Linux auto-update too?** + +A: Google Chrome on Linux does not auto-update itself; it relies on your package +manager to update it. + +**Q: Does the open-source Chromium browser auto-update like Chrome?** +No. Chromium does not have its own auto-update process, so if you are deploying +Chromium, do you not need to worry about turning off auto-updates. + +**Q: How do I know if there is an auto-update happening soon?** + +A: You can subscribe to the blog at , +which lists every dev, beta, and stable release of Google Chrome. Chromium does +not auto-update. + +**Q: How often do auto-updates happen? How many can I expect this year?** + +A: Major version updates to the stable channel of Google Chrome tend to happen +about every six weeks, although security fixes can come at any time. See +[Release Early, Release +Often](http://blog.chromium.org/2010/07/release-early-release-often.html) for +more information. + +**Q: Do you have release notes with each version?** + +A: Yes, see the Chrome Enterprise Release Notes. Also, for a granular list of +what's changed and links to all the fixes made, see +. + +**Q: Why would I not want to turn off auto-updates?** + +A: Turning off auto-updates means you may miss an update that includes security +fixes, leaving your users at risk. + +**Q: Can I turn auto-updates back on?** + +A: Yes. Just set the value of the registry key you changed back up to a +reasonable number of minutes between update checks (greater than "0"). + +**Q: How would I update my users without turning auto-update back on?** + +A: You can deploy the latest MSI, which is available +[here](http://www.google.com/chrome/eula.html?msi=true). + +**Q: I need auto-updates off so I can test new versions of Google Chrome / +Chromium before everyone else gets them. What do you suggest I do?** + +A: Turn off auto-updates via the steps above, and push the group policy to your +network. Then download the latest MSI +[here](http://www.google.com/chrome/eula.html?msi=true). Deploy it on your test +machines, and do your verification. Once it is certified, deploy that same MSI +on the rest of your network. And watch for updates on + for new versions of the MSI to test and +deploy. Enterprise customers can find additional downloads, such as ADMX +templates to manage Chrome policies +[here](https://cloud.google.com/chrome-enterprise/browser/download/). \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/url-blacklist-filter-format/index.md b/chromium/docs/website/site/administrators/url-blacklist-filter-format/index.md new file mode 100644 index 00000000000..1562d041966 --- /dev/null +++ b/chromium/docs/website/site/administrators/url-blacklist-filter-format/index.md @@ -0,0 +1,11 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: url-blacklist-filter-format +title: URL Blocklist filter format (legacy link) +--- + +Please update your link to point to + +. \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/url-blocklist-filter-format/index.md b/chromium/docs/website/site/administrators/url-blocklist-filter-format/index.md new file mode 100644 index 00000000000..2dfef299ae9 --- /dev/null +++ b/chromium/docs/website/site/administrators/url-blocklist-filter-format/index.md @@ -0,0 +1,140 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: url-blocklist-filter-format +title: URL Blocklist filter format +--- + +The format of filters for the URLBlocklist and URLAllowlist policies, as of +Chrome 52, is: + +\[scheme://\]\[.\]host\[:port\]\[/path\]\[@query\] + +* Scheme can be http, https, ftp, chrome, etc. This field is optional, + and must be followed by '://'. +* An optional '.' (dot) can prefix the host field to disable subdomain + matching, see below for details. +* The host field is required, and is a valid hostname or an IP + address. It can also take the special '\*' value, see below for + details. +* An optional port can come after the host. It must be a valid port + value from 1 to 65535. +* An optional path can come after port. Any string can be used here. +* An optional query can come in the end, which is a set of key-value + and key-only tokens delimited by '&'. The key-value tokens are + separated by '='. A query token can optionally end with a '\*' to + indicate prefix match. Token order is ignored during matching. + +The format is very similar to the URL format, with some exceptions: + +* user:pass fields can be included but will be ignored (e.g. + http://user:pass@ftp.example.com/pub/bigfile.iso). +* If a reference separator '#' is present, it is ignored along with + everything that appears after it. +* The host can be '\*'. It can also have a '.' as a prefix. +* The host can have a '/' or '.' as suffix. If it is the case, that + suffix is ignored. + +The filter selected for a URL is the most specific match found: + +1. First, the filters with the longest host match will be selected; +2. Among these, filters with a non-matching scheme or port are + discarded; +3. Among these, the filter with the longest matching path is selected; +4. Among these, the filter with the longest set of query tokens are + selected; +5. If no valid filter is left at step 3, the host is reduced by + removing the left-most subdomain, and trying again from step 1; +6. If a filter is available at step 3, its decision (block or allow) is + enforced. If no filter ever matches, the default is to allow the + request. + +The special '\*' host will be the last searched, and matches all hosts. When +both a blocklist and allowlist filter apply at step 4 (with the same path length +and number of query tokens), the allowlist filter takes precedence. If a filter +has a '.' (dot) prefixing the host, only exact host matches will be filtered: + +* "example.com" matches "example.com", "www.example.com" and + "sub.www.example.com"; +* ".www.example.com" only matches exactly "www.example.com". + +The scheme can be either a standard or a custom one. Supported standard schemes +are: about, blob, content, chrome, cid, data, file, filesystem, ftp, gopher, +http, https, javascript, mailto, ws, wss. All other schemes are treated as +custom schemes. As of Chrome 52, custom schemes are supported, but only the +patterns scheme:\* and scheme://\* are allowed. They match all URLs with that +scheme. + +* The patterns "custom://\*" or "custom:\*" are valid and match + "custom:app". +* The patterns "custom:app" or "custom://app" are invalid. + +The scheme and as of Chrome 52 the host are case insensitive, while path and +query are case sensitive. + +* "http://example.com" matches "HTTP://Example.com", + "http://example.COM" and "http://example.com"; +* "http://example.com/path?query=1" doesn't match + "http://example.com/path?Query=1", "http://example.com/Path?query=1" + but matches "http://Example.com/path?query=1"; + +Example of searching for a match for "http://mail.example.com/mail/inbox": + +1. First find filters for "mail.example.com", and go to step 2. If that + fails, then try again with "example.com", "com" and finally "". +2. Among the current filters, remove those that have a scheme which is + not http. +3. Among the current filters, remove those that have an exact port + number and it not 80; +4. Among the current filters, remove those that don't have + "/mail/inbox" as a prefix of the path; +5. Pick the filter with the longest path prefix, and apply it. If no + such filter exists, go back to step 1 and try the next subdomain. + +Some examples: + +* "example.com" blocks all requests to that domain and any subdomain; +* "http://example.com" blocks all HTTP requests to that domain and any + subdomain; Requests with other schemes (such as https, ftp, etc.) + are still allowed; +* "https://\*" blocks all HTTPS requests to any domain; +* "mail.example.com" blocks this domain but not "www.example.com" nor + "example.com"; +* ".example.com" blocks exactly "example.com", and won't block + subdomains; +* "\*" blocks all requests; only allowlisted URLs will be allowed; +* "\*:8080" blocks all requests to port 8080; +* "example.com/stuff" blocks all requests to any subdomain of + "example.com" that have "/stuff" as a prefix of the path; +* "192.168.1.2" blocks requests to this exact IP address; +* Any request with the query "?video=100" is blocked by "\*?v\*", + "\*?video\*", "\*?video=\*" and "\*?video=100\*"; +* "\*?a=1&b=2" blocks any request with the query "?b=2&a=1", + "?a=1&b=2", "?a=1&c=3&b=2", ...; +* For a blocklist any occurrence of the key-value pair is sufficient, + i.e., blocklisting "youtube.com/watch?v=xyz" would block + "youtube.com/watch?v=123&v=xyz". +* For an allowlist every occurrence of the key should have a matching + value, i.e., allowlisting "youtube.com/watch?v=V2" does not allow + "youtube.com/watch?v=V1&v=V2", it allows + "youtube.com/watch?v=V2&v=V2" though. + +Example: allowing only a small set of sites: + +* Block "\*" +* Allow selected sites: "mail.example.com", "wikipedia.org", + "google.com" + +Example: block all access to a domain, except to the mail server using HTTPS and +to the main page: + +* Block "example.com" +* Allow "https://mail.example.com" +* Allow ".example.com", and maybe ".www.example.com" + +Example: block all access to youtube, except for selected videos. + +* Block "youtube.com" +* Allow "youtube.com/watch?v=V1" +* Allow "youtube.com/watch?v=V2" \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/windows-quick-start/GoogleChromeStandaloneEnterprise.msi.sha1 b/chromium/docs/website/site/administrators/windows-quick-start/GoogleChromeStandaloneEnterprise.msi.sha1 new file mode 100644 index 00000000000..44b2a017a7b --- /dev/null +++ b/chromium/docs/website/site/administrators/windows-quick-start/GoogleChromeStandaloneEnterprise.msi.sha1 @@ -0,0 +1 @@ +720bd362d0c4bee42c03e36ef8663f544a682754 \ No newline at end of file diff --git a/chromium/docs/website/site/administrators/windows-quick-start/index.md b/chromium/docs/website/site/administrators/windows-quick-start/index.md new file mode 100644 index 00000000000..96d92f677b9 --- /dev/null +++ b/chromium/docs/website/site/administrators/windows-quick-start/index.md @@ -0,0 +1,74 @@ +--- +breadcrumbs: +- - /administrators + - Documentation for Administrators +page_name: windows-quick-start +title: Windows Quick Start +--- + +This tutorial is meant as an expedited way to get Chromium-based browsers +deployed and configured on a Windows network, by deploying an MSI and applying +group policy. For further configuration, please reference the other +documentation at . +**1. Download the MSI.** + +Download the [Google Chrome +MSI](http://www.google.com/chrome/eula.html?msi=true). +**2. Download the ADM / ADMX template.** +You can download the ADM template or ADMX template +[here](/administrators/policy-templates). +**3. Configure the settings for your network.** +Open up the ADM or the ADMX template you downloaded with these steps: + +ADM file import: + +* Navigate to Start > Run: gpedit.msc +* Navigate to Local Computer Policy > Computer Configuration > + Administrative Templates +* Right-click Administrative Templates, and select Add/Remove + Templates +* Add the **chrome.**adm template via the dialog. +* Once complete, a Google / Chrome folder will appear under + 'Administrative Templates' if it's not there already. + +ADMX file import: + +* Copy the **chrome.admx** file to **%SystemRoot%\\PolicyDefinitions** +* Copy one or more of the language directories, for example **en-US**, + to **%SystemRoot%\\PolicyDefinitions** as well. You should copy all + language folders which already exist under the PolicyDefinitions + folder. +* Navigate to Start > Run: gpedit.msc +* Navigate to Local Computer Policy > Computer Configuration > + Administrative Templates +* A Google / Chrome folder will appear under 'Administrative + Templates' if it's not there already. + +Change the configuration settings for the target group of users. The policies +you will be most interested in are: + +* Home page - This is the URL that users see when they first open the + browser or click the “home” button. +* Send anonymous usage statistics and crash information. - To turn off + sending any crash information or anonymous statistics to Google, + change this setting to be False. +* **Turning off auto-updates** - steps to turn off auto-update are + [here](/administrators/turning-off-auto-updates). + +A full list of supported policies is [here](/administrators/policy-list-3). +You should then apply the policies to the target users / machines. Depending on +your network’s configuration, this may require time for the policy to propogate, +or you may need to propogate those policies manually via administrator tools. +**4. Push the MSI out to your network.** +If you are using SMS or other tools, use these to push out the Google Chrome MSI +as you would any other installation bundle. +Otherwise, you can run the MSI on the target machines directly, and silently, +with this command: + +Msiexec /q /I GoogleChrome.msi + +**5. Test your installation.** +On a target machine, launch Google Chrome. The settings you applied in step 3 +should be noticeable on the test machine. Congratulations! +If the policies have not propagated to the test machine / user, you may be able +to run “gpupdate” to refresh policy settings. \ No newline at end of file diff --git a/chromium/docs/website/site/android/contributing-to-drm_hwcomposer/index.md b/chromium/docs/website/site/android/contributing-to-drm_hwcomposer/index.md new file mode 100644 index 00000000000..f0fbfbbfa13 --- /dev/null +++ b/chromium/docs/website/site/android/contributing-to-drm_hwcomposer/index.md @@ -0,0 +1,9 @@ +--- +breadcrumbs: +- - /android + - Android +page_name: contributing-to-drm_hwcomposer +title: Contributing to drm_hwcomposer +--- + +### This project has moved! Please refer to \ No newline at end of file diff --git a/chromium/docs/website/site/android/drm_hwcomposer-overview/index.md b/chromium/docs/website/site/android/drm_hwcomposer-overview/index.md new file mode 100644 index 00000000000..06c5fe349a5 --- /dev/null +++ b/chromium/docs/website/site/android/drm_hwcomposer-overview/index.md @@ -0,0 +1,10 @@ +--- +breadcrumbs: +- - /android + - Android +page_name: drm_hwcomposer-overview +title: drm_hwcomposer Overview +--- + +This project has moved! Please refer to + \ No newline at end of file diff --git a/chromium/docs/website/site/android/index.md b/chromium/docs/website/site/android/index.md new file mode 100644 index 00000000000..0712369582d --- /dev/null +++ b/chromium/docs/website/site/android/index.md @@ -0,0 +1,6 @@ +--- +breadcrumbs: [] +page_name: android +title: Android +--- + diff --git a/chromium/docs/website/site/apple-touch-icon.png.sha1 b/chromium/docs/website/site/apple-touch-icon.png.sha1 new file mode 100644 index 00000000000..f3eaa87945c --- /dev/null +++ b/chromium/docs/website/site/apple-touch-icon.png.sha1 @@ -0,0 +1 @@ +70efdb9a3e1ca43dfac4d488b9578261c0d17fff \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/ChromiumMediaBuffering.png.sha1 b/chromium/docs/website/site/audio-video/ChromiumMediaBuffering.png.sha1 new file mode 100644 index 00000000000..6469a479a59 --- /dev/null +++ b/chromium/docs/website/site/audio-video/ChromiumMediaBuffering.png.sha1 @@ -0,0 +1 @@ +544b78f70ce0b76cf433015f424fcfd1194e55df \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/ChromiumMediaBuffering.svg.sha1 b/chromium/docs/website/site/audio-video/ChromiumMediaBuffering.svg.sha1 new file mode 100644 index 00000000000..8be80770c0b --- /dev/null +++ b/chromium/docs/website/site/audio-video/ChromiumMediaBuffering.svg.sha1 @@ -0,0 +1 @@ +ae1ca452a21a0fd5abbfa0e160023f4ce8f18193 \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack (1).png.sha1 b/chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack (1).png.sha1 new file mode 100644 index 00000000000..1f2f7f52e63 --- /dev/null +++ b/chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack (1).png.sha1 @@ -0,0 +1 @@ +7c5d958a0d36eca73a1225e49031ad9ada10f72c \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack.png.sha1 b/chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack.png.sha1 new file mode 100644 index 00000000000..5ddf3d00132 --- /dev/null +++ b/chromium/docs/website/site/audio-video/ChromiumMediaPlayerFSStack.png.sha1 @@ -0,0 +1 @@ +091eea813719bddc4005ccdef32353ac3a9cb801 \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/autoplay/autoplay-policy-design-rationale/index.md b/chromium/docs/website/site/audio-video/autoplay/autoplay-policy-design-rationale/index.md new file mode 100644 index 00000000000..fce03205fd7 --- /dev/null +++ b/chromium/docs/website/site/audio-video/autoplay/autoplay-policy-design-rationale/index.md @@ -0,0 +1,174 @@ +--- +breadcrumbs: +- - /audio-video + - Audio/Video +- - /audio-video/autoplay + - Autoplay +page_name: autoplay-policy-design-rationale +title: Autoplay Policy Design Rationale +--- + +This page captures the first principles and design rationale for the autoplay +policy in Chrome. + +#### Problem + +Browsers have historically been poor at helping the user manage sound, and +unwanted noise is the primary reason that users don’t want autoplay. However, +not all autoplay is unwanted, and a significant portion of blocked autoplays in +Chrome are subsequently played by the user. + +#### Vision + +A core mission of Chrome is simplicity and ideally Chrome would accurately allow +audio playback when a user wants it, and prevent surprises when they don’t. A +long-term goal is for fewer users to block audio at the OS level, meaning that +more users will hear sound overall. It’s unlikely that Chrome can be 100% +accurate at meeting user expectations, but a reasonable vision is: + + For 99% of users, Chrome will be 95% accurate at predicting when a user + wants an audible playback before a user gesture on a page. + + In cases where Chrome is inaccurate (for example, while learning the user’s + preferences), 99% of the time the user will control sound by interacting + with the page. + + When the page does not allow the user to control sound, or when a user more + generally has different requirements than what Chrome can provide, Chrome + will provide the user control over their browsing experience. Direct + interaction with Chrome to manage sound will be infrequent. + +Realization of this vision would result in the following user experience: + + In 95% of browsing sessions, audio will match user expectations. + + In 4.95% of browsing sessions, users will interact with the page to control + audio. + + In 0.05% of browsing sessions, users will either terminate the session or + will use Chrome to control audio. + +#### Core Principles + +The following core principles were used to design Chrome’s autoplay policy. + +Note that these principles do not apply when the user has made an explicit +choice in Chrome to control sound for a site. For example, if a user has muted a +site, these principles do not apply. + +1. User Gesture Should Allow Sound + +If users ask for sound, they should get it. A core user expectation is that +hitting ‘play’ (e.g. on a media element or a game) will enable audio. But any +HTML element could be a ‘play’ button and Chrome can’t tell the difference. +Thus, Chrome must assume that any user gesture should allow sound playback on +the page. + +2. Sites Can’t Control The Policy + +There are incentives for sites to play video and audio regardless of user +expectations, and sites will leverage any API they can to play audio on page +load. The site cannot be a steward of the user’s audio experience before a user +gesture, and cannot override Chrome’s policy choices. For this reason, the site +cannot override Chrome’s choices or control when autoplay is allowed. + +3. The Site Must Know when Audio or Autoplay is Blocked + +When the policy blocks autoplay for audible media, site developers may want to +show a different user experience (e.g. click-to-play), apply different logic +(e.g. choosing muted ads), and at the very least will want to update any visual +indication of audio playback state (e.g. a volume status indicator). For this +reason, if autoplay with audio is blocked the site must know that it is blocked. + +4. The Site Must Be Allowed To Request the User Gesture + +A user gesture is on the page, and the site is thus best positioned to present a +UX that explains the impact of a user gesture to enable sound, give a place to +click or tap, and apply logic to that user gesture. Alternatives where Chrome +enables sound arbitrarily will be more confusing for the user. For this reason, +the site (not Chrome) is in the best position to help the user play media with +sound. + +5. The Site Needs Predictable Behavior + +When sound is allowed, developers need predictable control over audio playback +state, to ensure that the right elements are playing, the UX is in sync, and the +timing of audio playback is aligned with other elements on the page. +Alternatives where Chrome enables sound or plays media arbitrarily may break +sites or cause a poor user experience. For this reason, the site must be +responsible for starting playback or enabling audio when it is allowed. + +6. User-Initiated Audio Playback is a Moderately Strong Signal to Chrome + +Sustained, audible playback as a result of a user gesture is a moderately strong +signal that audio was desired. This signal is not perfect (e.g. a site could +hijack a click and play audio on a system that has no speakers). However, Chrome +will use regular, sustained playback as a signal of user intent. + +7. Chrome Must Learn And Adapt to User Preferences + +A key learning from early MEI analysis was that there is a wide range of user +preferences for audio playback. This is true not only across different sites, +but even within the same site where one user might find audio annoying, but +another will expect it to work automatically. Chrome cannot rely upon a static +list of ‘acceptable’ sites and must learn and adapt to individual user +preferences. As such, for each individual user Chrome will learn on which sites +autoplay is expected, and where it is not. All sites will be subjected to the +same rules; there are no sites where autoplay is always expected by all users. + +#### Design Implications + +The above principles drive the following design conclusions: + +Chrome Can’t Prompt To Enable Audio + +Sites will generally present a UX that allows the user to enable audio. If +Chrome adds its own prompt, this will lead to user confusion about where to +click, and additional friction in cases where users end up clicking twice. +(Note: A more subtle UX such as a play/pause button in the Omnibox may still be +acceptable, especially if the logic which detects when to display it is designed +to avoid confusion.) + +Chrome Can’t Use Tab Muting For Automatic Control + +Automatic management of sound through tab muting wouldn’t allow the site to +detect that they were muted, and wouldn’t allow them to manage user +expectations. Further, it would prevent the site from prompting for a user +gesture and managing user expectations. + +The Site (not Chrome) Must Enable Audio + +If Chrome enables audio, it may appear random to the developer, meaning that the +site UX gets out of sync, and developers may lose control over which audio +elements are playing. Further, the developer may (in response to a user gesture) +wish to perform tasks before enabling sound. The developer, not Chrome, must be +responsible for enabling sound after a user gesture. + +Blocking, Not Muting, for Chrome’s Default Behavior + +Blocking audio is a predictable, active signal that audio is not allowed. Mute +state introduces unpredictability for developers, because it requires a query +after audio has started. In cases where audio playback triggers a visual +display, developers may not be able to prevent a brief flash of visuals before +they can make the query and disable the visuals. + +Further, (1) the use of mute state is inconsistent with existing policies for +audio management (e.g. in other browsers, on mobile, or in IFrames), (2) not all +audio APIs have provisions for muting, (3) for APIs that do have mute +attributes, making them dynamically controlled by Chrome overloads their +behavior, and (4) it consumes more CPU power to have a running (muted) stream +than a stopped one. + +Not like pop-up blocker + +Sound management will not eliminate sound, nor will it eliminate autoplay (which +will be allowed when Chrome believes the user wants it). The frequency of +scenarios where a user wants autoplay will not decrease over time. This puts +autoplay in a different category than other types of interventions, where the +behavior being blocked is expected to fall into disuse, reducing the frequency +of Chrome-based prompts. + +Further, it is expected that over time most sites will monitor their attempts to +autoplay and manage the user experience when it is not allowed. This will over +time reduce the need for any type of Chrome-based prompt to enable blocked +autoplay. \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/autoplay/autoplay-pre-seeding-in-chrome/index.md b/chromium/docs/website/site/audio-video/autoplay/autoplay-pre-seeding-in-chrome/index.md new file mode 100644 index 00000000000..9e44fd10e9d --- /dev/null +++ b/chromium/docs/website/site/audio-video/autoplay/autoplay-pre-seeding-in-chrome/index.md @@ -0,0 +1,31 @@ +--- +breadcrumbs: +- - /audio-video + - Audio/Video +- - /audio-video/autoplay + - Autoplay +page_name: autoplay-pre-seeding-in-chrome +title: Autoplay Pre-Seeding in Chrome +--- + +### Chrome's Autoplay policy uses a metric called Media Engagement Index (MEI) to determine whether or not to permit media to autoplay on a given site. MEI learns, locally, from a user's individual browsing behaviors, on a site-by-site basis, whether the user regularly consumes media on each site. This helps Chrome to meet user expectations; if a user frequently consumes media for longer than 7 seconds in a previously activated tab, their media engagement score will increase, and eventually autoplay will be permitted for that site without a user gesture. Today, Chrome typically learns a user’s preferences within six to twenty visits. + +Generally users do expect autoplay behavior for some sites, and until Chrome +learns individual preferences, based on MEI history, simply blocking all +autoplay isn’t the best match for user expectations. So, for new users, or users +who clear their browsing history, who won’t have historical media engagement +data, Chrome has a pre-seeded list of sites that are permitted to autoplay +media, based on aggregated anonymized data on what percentage of visitors to +that site regularly permit media playback with sound. This ensures that the +default behavior for sites with a high frequency of permitted media playbacks is +most likely to match what a typical visitor to that site expects - as a user +continues to use Chrome, their individual preferences will supplant the +pre-seeded MEI scores. + +The pre-seeded site list is generated based on the global percentage of site +visitors who train Chrome to allow autoplay for that site; a site will be +included on the list if a sizable majority of site visitors permit autoplay on +it. The list is algorithmically generated, rather than manually curated, and +with no minimum traffic requirement. With the implementation of the autoplay +policy for Web Audio in M71, Web Audio playback is also included in calculating +the MEI score for a given site. \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/autoplay/index.md b/chromium/docs/website/site/audio-video/autoplay/index.md new file mode 100644 index 00000000000..96f212def62 --- /dev/null +++ b/chromium/docs/website/site/audio-video/autoplay/index.md @@ -0,0 +1,251 @@ +--- +breadcrumbs: +- - /audio-video + - Audio/Video +page_name: autoplay +title: Autoplay +--- + +***Update (November 22, 2018)*** + +*For the Web Audio API, the Autoplay Policy will launch in M71.* + +***Update (May 15, 2018)*** + +*The Autoplay Policy launched in M66 Stable for <video> and <audio> +and is effectively blocking roughly half of unwanted media autoplays in Chrome.* + +*For the Web Audio API, the autoplay policy will launch in M70. This affects web +games, some WebRTC applications, and other web pages using audio features. +Developers will need to [update their +code](https://developers.google.com/web/updates/2017/09/autoplay-policy-changes#webaudio) +to take advantage of the policy. More detail can be found in the Web Audio API +section below.* + +**Summary** +This policy controls when video and audio is allowed to autoplay, and is +designed to meet three primary goals: + +* Provide user control over what content can autoplay +* Enable legitimate uses of autoplay without complicated workarounds +* Make progress towards consistent policies across mobile and desktop + platforms + +Under the new policy media content will be allowed to autoplay under the +following conditions: + +* The content is muted, or does not include any audio (video only) +* The user tapped or clicked somewhere on the site during the browsing + session +* On mobile, if the site has been [added to the Home + Screen](https://developers.google.com/web/updates/2017/02/improved-add-to-home-screen) + by the user +* On desktop, if the user has frequently played media on the site, + according to the [Media Engagement + Index](https://docs.google.com/document/d/1_278v_plodvgtXSgnEJ0yjZJLg14Ogf-ekAFNymAJoU/edit#heading=h.c1rqulonmckg) + +By default embedded IFrames will only be able to play muted or silent videos. +However, if site owners wish for IFrames on their site to be able to play +unmuted content, they may pass the autoplay permissions to the IFrame using +[allow=autoplay](https://github.com/WICG/feature-policy/blob/gh-pages/features.md). +This attribute allows any video contained in the IFrame to play as if it were +hosted on the site. +For a more detailed design and rationale, please click +[here](https://docs.google.com/document/d/1EH7qZatVnTXsBGvQc_53R97Z0xqm6zRblKg3eVmNp30/edit). +**Autoplay blocking** +Around the same time we will be making two additional changes related to +autoplay that will make muted autoplay more reliable. These two changes will +make it possible for sites and advertisers to use muted videos instead of +animated .gifs, which in most cases will reduce overall bandwidth consumption. + +* Removing the block autoplay setting that is currently available on + Chrome for Android +* Removing autoplay blocking on mobile when data saver mode is enabled + +**Developer Recommendations: <video> and <audio>** + +* **Use autoplay sparingly.** Autoplay can be a powerful engagement + tool, but it can also annoy users if undesired sound is played or + they perceive unnecessary resource usage (e.g. data, battery) as the + result of unwanted video playback. +* If you do want to use autoplay, consider **starting with muted + content and let the user unmute** if they are interested in + exploring more. This technique is being effectively used by numerous + sites and social networks. +* Unless there is a specific reason to do so, we recommend **using the + browser’s native controls for video and audio playback**. This will + ensure that autoplay policies are properly handled. +* If you are using custom media controls, **ensure that your website + functions properly when autoplay is not allowed.** We recommend that + you always look at the promise returned by the play function to see + if it was rejected: + +> var promise = document.querySelector('video').play(); + +> if (promise !== undefined) { + +> promise.then(_ => { + +> // Autoplay started! + +> }).catch(error => { + +> // Autoplay was prevented. + +> // Show a "Play" button so that user can start playback. + +> }); + +> } + +* Prompt users to [add your mobile site to the + homescreen](https://developers.google.com/web/updates/2017/02/improved-add-to-home-screen) + on Android devices. This will automatically give your application + unmuted autoplay privileges. + +Developer Recommendations: Web Audio API + +The Web Audio API will be included in the Autoplay policy with M70 (October +2018). Generally, in Chrome developers can no longer assume that audio is +allowed to play when a user first arrives at a site, and should assume that +playback may be blocked until a user first interacts with the site through a +user activation (a click or a tap). Any attempt to create an audioContext before +that time may result in a suspended audioContext that will have to be explicitly +switched to running after a user activation. + +Developers who write games, WebRTC applications, or other websites that use the +Web Audio API should call context.resume() after the first user gesture (e.g. a +click, or tap). For example: + +// Resume playback when user interacted with the page. + +document.querySelector('button').addEventListener('click', function() { + +context.resume().then(() => { + +console.log('Playback resumed successfully'); + +}); + +}); + +Web Audio API developers can detect whether or not autoplay is allowed by +creating a new AudioContext and then checking its state to see whether it is +running (allowed) or suspended (blocked). + +Depending upon the site, it may make sense to add additional user interface +elements (such as a ‘play’ button in front of a game, or an ‘unmute’ button in +some other cases), to explicitly capture a user gesture. This can either be done +prior to creating AudioContext, or afterwards with a call to resume() upon +click. + +**IFrame embedded content** + +Embedded content in a cross-origin IFrame needs to have permission to autoplay +delegated to it, otherwise the audioContext will never be allowed to run. + +Developers that host IFrames with content inside them (e.g. game hosting sites) +can enable audio for that content without requiring the underlying content to +change any code, by doing the following: + + If the content is in a cross-origin IFrame, ensure that the IFrame includes + the attribute allow="autoplay" + + Ensure that before the embedded content loads and runs, the site captures a + user gesture (e.g. prompt for a click or a tap) + +Developers can find more details about specific code changes, and debugging tips +[here](http://developers.google.com/web/updates/2017/09/autoplay-policy-changes). + +*Web Audio API FAQs* + + Why is the Web Audio API part of the autoplay policy? Users don’t like to + click on a link and have sound played automatically that they weren’t + expecting. The Web Audio API produces sound, so it must be included in the + autoplay policy to ensure consistency across all web experiences. + + Wait, didn’t you launch the autoplay policy for Web Audio API in M66? Yes, + briefly, but we reverted the change about a week later. We’re always working + to improve things for users and developers, but in this case we did not do + an effective job of communicating the change to developers using the Web + Audio API. We are moving the launch to October 2018 to give those developers + more time to prepare. If you develop web games, WebRTC applications, or + other web experiences with sound please see the developer recommendations. + +Release Schedule + + + + + + + + + + + + + + + + + + + + + + + +
September 2017New autoplay policies announcedBegin collecting Media Engagement Index (MEI) data in M62 Canary and Dev
December 2017Site muting available in M64 Beta Autoplay policies available in M65 Canary and Dev
January 2018Site muting available in M64 Stable
April 2018Autoplay policies are enforced for <video> and <audio> in M66 Stable
October 2018Autoplay policies will be enforced for Web Audio API in M70 Stable
+ +**General FAQs** + +* **What is the difference between this and Chrome’s enforcement of + the [better ad standard](https://www.betterads.org/standards/)?** + The current better ad standard states that sites cannot embed + [stand-alone ads with unmuted + audio](https://www.betterads.org/desktop-auto-playing-video-ad-with-sound/). + This standard does not apply to content integral to the page (e.g., + video of a news article that goes along with the text). The autoplay + policy is applicable to all video content regardless of its content. +* **What is the MEI threshold and how will it apply to my site?** We + are still working on the implementation and don’t have any data yet + on what the threshold will be or how that will impact individual + sites. Our general guidance is if your site offers video content + exclusively, assume that autoplay will work. If it has mixed + content, assume it won’t unless users interact with the site in some + way. +* **Can my site be exempted from the policy?** Unfortunately, Chrome + cannot provide any exceptions to the autoplay policy. +* **What counts as "user interaction on the domain?"** Any click on + the document itself (this excludes scrolling) will count as user + interaction. +* **Will autoplay work if a user leaves my site after watching video + and returns later in a browsing session.** Assuming the MEI + threshold hasn't been met, autoplay will not work in that context. + The user interaction requirement only applies to contiguous + navigations. +* **Will gestures and/or MEI score apply across tabs/windows?** If the + user opens a link in a new tab via context menu, yes, the user + gesture will be counted and the MEI will reflect any views on the + new tab. +* **How can I view my own MEI scores?** Navigate to + chrome://media-engagement to see your personal scores. Individual or + average scores will not be made available at this time. + +More information + +[Autoplay policy summary +presentation](https://docs.google.com/presentation/d/1DhW29bTLkDO6JSqp_wLUyByo00nI4krQ9laGQYQEJLU/edit?usp=sharing) + +[Autoplay design +document](https://docs.google.com/document/d/1EH7qZatVnTXsBGvQc_53R97Z0xqm6zRblKg3eVmNp30/edit) + +[Media engagement index (MEI) design +document](https://docs.google.com/document/d/1_278v_plodvgtXSgnEJ0yjZJLg14Ogf-ekAFNymAJoU/edit) + +[Autoplay Policy Changes +(developers.google.com)](https://developers.google.com/web/updates/2017/09/autoplay-policy-changes) + +[DOMException: The play() request was interrupted +(developers.google.com)](https://developers.google.com/web/updates/2017/06/play-request-was-interrupted) \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/index.md b/chromium/docs/website/site/audio-video/index.md new file mode 100644 index 00000000000..4f2751b7296 --- /dev/null +++ b/chromium/docs/website/site/audio-video/index.md @@ -0,0 +1,159 @@ +--- +breadcrumbs: [] +page_name: audio-video +title: Audio/Video +--- + +Everything you need to know about audio/video inside Chromium and Chromium OS! + +### Whom To Contact + +It's best to have discussions on chromium-dev@chromium.org or +media-dev@chromium.org for media specific matters. + +We are component +[Internals>Media](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=component%3AInternals%3EMedia) +on the Chromium bug tracker. + +### Documentation + +See +[media/README.md](https://chromium.googlesource.com/chromium/src/+/HEAD/media/README.md). +For historical reference, here's the original [design doc for HTML5 +audio/video](/developers/design-documents/video). + +### Codec and Container Support + +Container formats + +* MP4 (QuickTime/ MOV / MPEG4) +* Ogg +* WebM +* WAV + +* HLS \[Only on Android and only single-origin manifests\] + +Codec formats (Decode Only) + +==Audio== + +* FLAC +* MP3 +* Opus +* PCM 8-bit unsigned integer +* PCM 16-bit signed integer little endian +* PCM 32-bit float little endian +* PCM μ-law +* Vorbis + +* AAC \[Main, LC, HE profiles only, xHE-AAC on Android P+\] \[Google + Chrome only\] + +* AMR-NB \[Google Chrome OS only\] +* AMR-WB \[Google Chrome OS only\] +* GSM \[Google Chrome OS Only\] + +==Video== + +* VP8 +* VP9 + +* AV1 \[Only Chrome OS, Linux, macOS, and Windows at present\] + +* Theora \[Except on Android variants\] + +* H.264 \[Google Chrome only\] +* H.265 \[Google Chrome OS on Intel Gen 11-based Chromebooks for + protected content playback only\] + +* MPEG-4 \[Google Chrome OS only\] + +### Code Location + +**Chromium** + +media/ - Home to all things media! +media/audio - OS audio input/output abstractions +media/video/capture - OS camera input abstraction +media/video - software/hardware video decoder interfaces + implementations +third_party/ffmpeg - Chromium's copy of FFmpeg +third_party/libvpx - Chromium's copy of libvpx + +**Blink** + +third_party/blink/renderer/core/html/media/html_media_element.{cpp,h,idl} - +media element base class + +third_party/blink/renderer/core/html/media/html_audio_element.{cpp,h,idl} - +audio element implementation + +third_party/blink/renderer/core/html/media/html_video_element.{cpp,h,idl} - +video element implementation + +**Particularly Interesting Bits** + +media/base/mime_util.cc - defines canPlayType() behaviour and file extension +mapping + +media/blink/buffered_data_source.{cc,h} - Chromium's main implementation of +DataSource for the media pipeline + +media/blink/buffered_resource_loader.{cc,h} - Implements the sliding window +buffering strategy (see below) + +third_party/blink/public/platform/web_media_player.h - Blink's media player +interface for providing HTML5 audio/video functionality + +media/blink/webmediaplayer_impl.{cc,h} - Chromium's main implementation of +WebMediaPlayer + +### How does everything get instantiated? + +WebFrameClient::createMediaPlayer() is the Blink embedder API for creating a +WebMediaPlayer and passing it back to Blink. Every HTML5 audio/video element +will ask the embedder to create a WebMediaPlayer. + +For Chromium this is handled in RenderFrameImpl. + +### GN Flags + +There are a few GN flags which can alter the behaviour of Chromium's HTML5 +audio/video implementation. + +ffmpeg_branding + +Overrides which version of FFmpeg to use + +Default: $(branding) + +Values: + +Chrome - includes additional proprietary codecs (MP3, etc..) for use with Google +Chrome + +Chromium - builds default set of codecs + +proprietary_codecs + +Alters the list of codecs Chromium claims to support, which affects +<source> and canPlayType() behaviour + +Default: 0(gyp)/false(gn) + +Values: + +0/false - <source> and canPlayType() assume the default set of codecs + +1/true - <source> and canPlayType() assume they support additional +proprietary codecs + +### How the %#$& does buffering work? + +Chromium uses a combination of range requests and an in-memory sliding window to +buffer media. We have a low and high watermark that is used to determine when to +purposely stall the HTTP request and when to resume the HTTP request. + +It's complicated, so here's a picture: + +[image](/audio-video/ChromiumMediaBuffering.png) \ No newline at end of file diff --git a/chromium/docs/website/site/audio-video/media-internals/index.md b/chromium/docs/website/site/audio-video/media-internals/index.md new file mode 100644 index 00000000000..2c7beac03f0 --- /dev/null +++ b/chromium/docs/website/site/audio-video/media-internals/index.md @@ -0,0 +1,77 @@ +--- +breadcrumbs: +- - /audio-video + - Audio/Video +page_name: media-internals +title: Media Internals +--- + +# [chrome://media-internals](javascript:void(0);) is a tool to dig into the guts of the Chrome [audio/video stack](/audio-video). + +It currently displays 3 things: + +1. Everything it can dig up from the media stack about active media + players. Includes buffered data, video properties, measured times + between events, and a log of events. +2. Status and volume of active audio streams. These are not yet + associated with a particular tab. +3. Cache activity, including reads from and writes to the media cache. + +## Adding Support for your New Feature + +If your code lies in media/ or webkit/glue/, information about it can appear on +chrome://media-internals. Simply get a hold of the MediaLog instance associated +with WebMediaPlayer or PipelineImpl and start logging! + +1. You’ll probably need to add a new event type to + media/base/media_log_events.h and potentially a helper method or two + to media/base/media_log.{h,cc}; see those already there for + reference. Parameter names should be unique! +2. Add logging calls to your code. +3. That’s it; you're done. Your events will show up in the Log section, + and any parameters you passed will show up in Properties. + +Well, ok, not quite. You may have noticed the Metrics section. If you’d like a +new time measurement to appear there, simply open up +chrome/browser/ui/webui/media/metrics.js and add the two events between which +you’d like to measure to the list at the top. + +## Media Internals Internals + +## image + +MediaLog contains helper methods for creating MediaLogEvents, and +ContentMediaLog implements its AddEvent() function to send a MediaLogEvent to +the browser process as an IPC message. A single instance of MediaLog is +associated with each WebMediaPlayer. This instance currently gets passed down to +PipelineImpl and BufferedResourceLoader and can easily be handed off to other +potential data sources (it’s RefCountedThreadSafe). + +MediaInternals is a singleton attached to the IO thread. The IPC messages from +ContentMediaLog get passed to it, and it handles notifications from +AudioRendererHost. It lives in chrome/, but it implements the MediaObserver +interface in content/, allowing AudioRendererHost and RenderMessageFilter (the +IPC message handler) to call it. + +MediaInternals talks to [chrome://media-internals](javascript:void(0);) by +packaging up and sending JavaScript function calls to it via MediaInternalsUI. +It also currently stores the information it receives from AudioRendererHost to +hand off to newly created media-internals tabs, but this functionality may be +removed in the future. +MediaInternalsUI is a WebUI component that hosts chrome://media-internals. +There’s not much of interest here, just lots of proxying function calls across +threads. +[chrome://media-internals](javascript:void(0);) contains most of the logic. It +handles MediaLogEvents, NetLog events, and updates from AudioRendererHost. It +infers the contents of the media cache from NetLog events (cache_entry.js, +disjoint_range_set.js) and displays a log of events (event_list.js) and +properties (media_player.js) of each active media player. I also displays time +measurements between pre-defined events (metrics.js) and some basic information +about audio streams from AudioRendererHost. + +## Potential Future Work + +* Associate data from AudioRendererHost with data from the MediaLog + from the same player. +* Embed a video player in the page, something like scherkus@’s + IHeartVideo project. \ No newline at end of file diff --git a/chromium/docs/website/site/blink/activedomobject/index.md b/chromium/docs/website/site/blink/activedomobject/index.md new file mode 100644 index 00000000000..0a3950ac445 --- /dev/null +++ b/chromium/docs/website/site/blink/activedomobject/index.md @@ -0,0 +1,48 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: activedomobject +title: ActiveDOMObject +--- + +**DRAFT. NEEDS REVIEW** + +The ActiveDOMObject is used to implement DOM objects that can involve +asynchronous operations such as loading data from network (e.g. XMLHttpRequest, +WebSocket) to + +* keep them alive while async op is active +* hold back actions resulting from async op while the document is + suspended + +The ActiveDOMObject classes can override its hasPendingActivity() method to keep +the object alive while some async operation is in progress. As long as +hasPendingActivity() returns true, V8 prolongs its life so that it doesn't get +garbage collected even when it becomes unreachable. Note that there must be a V8 +wrapper for the object in order to this to work. + +While hasPendingActivity() returns true, the life of the parent Document object +is also prolonged (explanation TBA). You rarely need to override +contextDestroyed() for ActiveDOMObject subclasses. + +ActiveDOMObjects are notified of detach of the parent Document object (or +shutdown of the parent WorkerThread) as the stop() method called on it. +Commonly, they start shutdown of the asynchronous operation in stop() if any. +This detach occurs regardless of hasPendingActivity(). + +suspend() is called when dialogs such as alert(), prompt(), etc. are going to be +shown or the WebInspector's pause is going to be active. resume() is called when +the dialog is closed or the WebInspector resumes script execution. Between +suspend() and resume(), it's recommended that operations on the ActiveDOMObjects +are suspended. Since resource loading is automatically suspended by Chrome's +resource dispatched code, you may not need to manually hold back async method +calls. + +When implementing, it is critical that you also add ActiveDOMObject to the +interface flags in your IDL file, or GC will pay no attention to +hasPendingActivity()! + +As of Nov 12 2013 by tyoshino@. Updated July 17, 2014 by kouhei@ + +Thanks haraken@, abarth@ \ No newline at end of file diff --git a/chromium/docs/website/site/blink/blink-api-owners-requirements/index.md b/chromium/docs/website/site/blink/blink-api-owners-requirements/index.md new file mode 100644 index 00000000000..cd1147cda83 --- /dev/null +++ b/chromium/docs/website/site/blink/blink-api-owners-requirements/index.md @@ -0,0 +1,9 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-api-owners-requirements +title: Blink API OWNERS Requirements +--- + +## [Moved here](/blink/guidelines/api-owners/requirements) \ No newline at end of file diff --git a/chromium/docs/website/site/blink/blink-gardening/index.md b/chromium/docs/website/site/blink/blink-gardening/index.md new file mode 100644 index 00000000000..b2e1660ff2b --- /dev/null +++ b/chromium/docs/website/site/blink/blink-gardening/index.md @@ -0,0 +1,10 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-gardening +title: Blink gardening +--- + +This page has moved (there's no more Blink gardening!). See [Handling Blink +failures](/blink/sheriffing) \ No newline at end of file diff --git a/chromium/docs/website/site/blink/blink-gc/index.md b/chromium/docs/website/site/blink/blink-gc/index.md new file mode 100644 index 00000000000..871984b9e60 --- /dev/null +++ b/chromium/docs/website/site/blink/blink-gc/index.md @@ -0,0 +1,10 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-gc +title: Garbage Collection for Blink C++ objects (a.k.a. Oilpan) +--- + +This documentation was moved to +. \ No newline at end of file diff --git a/chromium/docs/website/site/blink/blink-in-js/index.md b/chromium/docs/website/site/blink/blink-in-js/index.md new file mode 100644 index 00000000000..11411b08519 --- /dev/null +++ b/chromium/docs/website/site/blink/blink-in-js/index.md @@ -0,0 +1,278 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-in-js +title: Blink-in-JavaScript +--- + +## NOTE: THIS DOCUMENT IS NO LONGER VALID + +## It is left available out of historical interest. + +## Overview + +***Blink-in-JavaScript*** is a mechanism to enable Blink developers to implement +DOM features in JavaScript (instead of C++). The goal of Blink-in-JS is to +improve web layering by implementing high-level DOM features on top of existing +web-exposed APIs. You can learn the design in [this design +document](https://docs.google.com/a/google.com/document/d/13cT9Klgvt_ciAR3ONGvzKvw6fz9-f6E0FrqYFqfoc8Y/edit#) +and [this +slide](https://docs.google.com/a/google.com/presentation/d/1XvZdAF29Fgn19GCjDhHhlsECJAfOR49tpUFWrbtQAwU/edit#slide=id.g3840fe06e_00). +If you are interested in the security model, you can also look at [this +document](https://docs.google.com/a/google.com/document/d/1AtnKpzQaSY3Mo1qTm68mt_3DkcZzrp_jcGS92a3a1UU/edit). + +## Guideline + +When you want to implement a feature in Blink-in-JS, you need to follow the +following guideline. + +1. If you plan to implement a feature in Blink-in-JS, you need to send + an Intent-to-Implement to blink-dev@. The Intent-to-Implement should + explain the advantages of the Blink-in-JS and have a list of private + script APIs that will be required for the Blink-in-JS. (\*\*) +2. You are strongly discouraged to use private script APIs. If you need + to add a private script API, you need to provide a justification for + the API and get an LGTM from one API owner (\*\*\*). The API must + meet either of the following conditions: + + * The API is a missing part of the current web and going to be + exposed to the web in the future. + * The API is for supporting a will-be-deprecated feature. + +(\*) See [this +slide](https://docs.google.com/a/chromium.org/presentation/d/1-5wpqeIltM40DAZdQBhbqnzOZuFNezS4eUfx1T4YV50/edit#slide=id.g437b0e633_00) +for a background of this guideline. + +(\*\*) The fact that we’re lowering the priority of Blink-in-JS means that we +are going to be conservative about accepting your Intent-to-Implement. It is +important to consider if your Blink-in-JS work has higher impact than other +projects you could work on alternately. The Intent-to-Implement must provide +clear advantages of why you think it is important for Blink to implement the +feature in Blink-in-JS. For example, the following Intent-to-Implements look +appealing: + +* I need to implement MediaControls for Android. There are two options + for us: implement it in C++ or implement it in JS. Given that + MediaControls is a self-contained and high-level feature that can be + developed on top of existing web-exposed API, I propose to implement + MediaControls in Blink-in-JS. It is easier to develop and maintain. +* XMLViewer is already written in JS and it is invoked using direct V8 + APIs. Given that Blink-in-JS has a safer mechanism to run JS in + Blink, I propose to move XMLViewer to Blink-in-JS. +* I plan to make a substantial restructuring of the rendering system + for performance. I noticed that marquee-specific code in the + rendering system prevents us from making the restructuring. Given + that marquee is an out-dated feature, I want to just factor out the + implementation to Blink-in-JS instead of supporting the + marquee-specific code in the new rendering system. + +On the other hand, the following Intent-to-Implement would not be appealing: + +* HTMLFormControls are self-contained and it is not hard to move the + implementation to Blink-in-JS. The benefit is that we can remove a + bunch of code from C++. However, I’m not sure if HTMLFormControls is + an actively developed area and thus it’s not clear at this point how + helpful it is for on-going Blink projects. + +(Note: These are just examples and not intending to imply go or non-go of +MediaControls-in-JS etc) + +(\*\*\*) It is a good idea to ask review for dglazkov@ (API owner), jochen@ (API +owner), haraken@ and area experts of the API. + +## Basics + +The most common usage of Blink-in-JS is to implement DOM features defined in an +IDL file in JavaScript. For example, consider to implement a <marquee> tag +in Blink-in-JS. + +In this case, what you need to do is just to: + +* Add \[ImplementedInPrivateScript\] IDL extended attributes to DOM + attributes/methods in an IDL file. +* Implement the DOM attributes/methods in JavaScript (This JavaScript + file is called a ***private script***.) + +Specifically, you first need to add \[ImplementedInPrivateScript\] IDL extended +attributes to DOM attributes/methods in +[HTMLMarqueeElement.idl](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/core/html/HTMLMarqueeElement.idl&q=htmlmarqueeelement.idl&sq=package:chromium&type=cs). + +```none +interface HTMLMarqueeElement : HTMLElement { +  [ImplementedInPrivateScript] void start(); +  [ImplementedInPrivateScript] void stop(); +  [ImplementedInPrivateScript] attribute long loop; +  [ImplementedInPrivateScript] attribute long scrollAmount; +  ...; +}; +``` + +Second, you need to implement the DOM attributes/methods in +[HTMLMarqueeElement.js](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/core/html/HTMLMarqueeElement.js&sq=package:chromium&type=cs). + +```none +installClass("HTMLMarqueeElement", function(HTMLMarqueeElementPrototype)) { +  HTMLMarqueeElementPrototype.start = function() { +    // Implement the start() method. +    // |this| object is equal to the wrapper of the element. +  } +  Object.defineProperty(HTMLMarqueeElementPrototype, 'loop', { +      get: function() { +        // Implement the getter of the loop attribute. +        // |this| object is equal to the wrapper of the element. +      }, +      set: function(value) { +        // Implement the setter of the loop attribute. +        // |this| object is equal to the wrapper of the element. +      }, +  }); +  ...; // Implement other DOM attributes/methods. +}; +``` + +That's it. Then the IDL compiler auto-generates the binding code that connects +user's script with the JavaScript functions defined in the private script. + +The important points are as follows: + +* A private script runs in a dedicated isolated world. For security + reasons, no JavaScript objects nor DOM wrappers are shared between + the private script and user's script. This restriction is needed to + prevent the private script from leaking confidential information to + user's script. +* To force the restriction, the type of arguments you can pass from + user's script to the private script is limited to JavaScript + primitive types (e.g., int, double, string, boolean etc) and DOM + wrappers. Similarly, the type you can return from the private script + back to user's script is limited to JavaScript primitive types and + DOM wrappers. You cannot pass JavaScript functions, JavaScript + objects, Promises etc. +* |global| is a window object of the private script. You can use the + |global| object as you like, but note that the |global| object is + shared among all private scripts. For example, HTMLMarqueeElement.js + and XSLT.js share the same |global| object. Thus you should not + cache data specific to your private script onto the |global| object. +* |HTMLMarqueeElementPrototype| is a prototype object of the private + script. Your main work is to define DOM attributes/methods on the + prototype object. +* |this| object is equal to the wrapper of the <marquee> element + in the isolated world for private scripts. Due to the security + isolation, |this| object is a different wrapper from the wrapper of + the <marquee> element in the main world. You can cache + whatever you want onto the |this| object. It is guaranteed that the + |this| object is not accessible from user's script. + + By default, the IDL compiler assumes that you have HTMLMarqueeElement.h in + Blink. If you don't want to have HTMLMarqueeElement.h, you need to add + \[NoImplHeader\] IDL attribute on the interface. + +* |this| object has the following prototype chain: |this| --> + HTMLMarqueeElementPrototype --> HTMLMarqueeElement.prototype + --> HTMLElement.prototype --> Element.prototype --> + Node.prototype --> .... + +For more details, you can look at how +[HTMLMarqueeElement.js](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/core/html/HTMLMarqueeElement.js&sq=package:chromium&type=cs) +and +[PrivateScriptTest.js](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/core/testing/PrivateScriptTest.js&q=privatescripttest.js&sq=package:chromium&type=cs) +are implemented. + +## Details + +By using the \[ImplementedInPrivateScript\] IDL extended attribute, you can +implement DOM features exposed to the web in a private script. However, this is +sometimes not sufficient to implement real-world DOM features in a private +script. Sometimes you will need to invoke a private script from C++. Sometimes +you will need to implement internal DOM attributes/methods that are only exposed +to private scripts. + +In general, Blink-in-JS supports the following four kinds of APIs. + +* \[user's script & private script => C++\]: This is a normal DOM + attribute/method (where Blink-in-JS is not involved). The DOM + attribute/method is implemented in C++, and the DOM attribute/method + is exposed to both user's script and private scripts. +* \[user's script & private script => private script\]: This is the + most common usage of Blink-in-JS explained above. The DOM + attribute/method is implemented in a private script, and the DOM + attribute/method is exposed to both user's script and private + scripts. +* \[private script => C++\]: This is an "internal" DOM + attribute/method for private scripts. The DOM attribute/method is + implemented in C++, and the DOM attribute/method is exposed only to + private scripts (not exposed to user's script). +* \[C++ => private script\]: This is a way to invoke a private + script from C++. The DOM attribute/method is implemented in a + private script, and a C++ static function is provided to invoke the + DOM attribute/method so that Blink can use it wherever it wants. + +You can control the kind of each API by combining the +\[ImplementedInPrivateScript\] IDL extended attribute and +\[OnlyExposedToPrivateScript\] IDL attribute. + +* \[user's script & private script => C++\]: Use no IDL extended + attributes. +* \[user's script & private script => private script\]: Use + \[ImplementedInPrivateScript\]. +* \[private script => C++\]: Use \[OnlyExposedToPrivateScript\]. +* \[C++ => private script\]: Use \[ImplementedInPrivateScript, + OnlyExposedToPrivateScript\]. + +Here is an example: + +```none +interface XXX { +  void f1();  // Normal DOM method implemented in C++; exposed to user's script and private scripts. +  [ImplementedInPrivateScript] void f2();  // DOM method implemented in a private script; exposed to user's script and private scripts. +  [OnlyExposedToPrivateScript] void f3();  // DOM method implemented in C++; exposed only to private scripts. +  [ImplementedInPrivateScript, OnlyExposedToPrivateScript] void f4();  // DOM method implemented in a private script; V8XXX::PrivateScript::f4Method() is provided as a static method so that Blink can invoke the private script. +}; +``` + +For more details, see test cases in +[PrivateScriptTest.idl](https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/core/testing/PrivateScriptTest.idl&sq=package:chromium&type=cs). + +DOM attributes/methods that have \[OnlyExposedToPrivateScript\] IDL attribute +are "backdoors". **Backdoors are strongly discouraged** unless you are certain +that the backdoors are APIs that are missing in the current web platform and +should be exposed to the web in the future. Ideally Blink-in-JS should be +implemented only by using existing web platform APIs. The only case where +backdoors are allowed is a case where we think that the API is a missing part of +the current web platform and should be exposed to the web in the future. (One of +the goals of Blink-in-JS is to understand what APIs are missing in the web +platform by trying to implement built-in contents of Blink in JavaScript.) + +## Where Your Private Script lives? + +Your private script lives in `blink_resources.pak` in +`out/*config*/gen/blink/public/resources/`, which is generated by +[`blink_resouces.gyp`](https://chromium.googlesource.com/chromium/blink/+/HEAD/public/blink_resources.gyp), +then it repacked into `content_shell.pak`, `resources.pak` and so. + +So, you need to do following steps putting your private script into resource +file: + +1. Change + [`blink_resources.grd`](https://chromium.googlesource.com/chromium/blink/+/HEAD/public/blink_resources.grd) + in Blink repository to include your private script, e.g. + [crrev/570863002](http://crrev.com/570863002) + * Since we also need to change file in Chromium repository, I + recommend to create dummy file and check-in this before + reviewing your private script. +2. Change + [`content/child/blink_platform_impl.cc`](https://chromium.googlesource.com/chromium/src/+/HEAD/content/child/blink_platform_impl.cc) + in Chromium repository, e.g. + [crrev/556793006](http://crrev.com/556793006) + * **You should wait step #1 blink change is rolled into Chromium + rather than landed into blink repository.** + +Note: Due to [crbug/415908](http://crbug.com/415908), blink_resources.pak isn't +rebuild when your private script file changed. You may want to remove it, +`out/Debug/gen/blink/public/resources/blink_resources.pak`. + +## Contacts + +If you have any questions or comments, feel to free to ask haraken@. I'm +planning to factor out more things from C++ to Blink-in-JS to improve the +hackability of the Blink core. Your contributions are super welcome! \ No newline at end of file diff --git a/chromium/docs/website/site/blink/blink-network-stack/index.md b/chromium/docs/website/site/blink/blink-network-stack/index.md new file mode 100644 index 00000000000..eaa496cbd9b --- /dev/null +++ b/chromium/docs/website/site/blink/blink-network-stack/index.md @@ -0,0 +1,14 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-network-stack +title: Blink Networking APIs +--- + +> [See here for Chromium Network Stack team +> info](/developers/design-documents/network-stack) + +> + +> #### Blink Networking APIs \ No newline at end of file diff --git a/chromium/docs/website/site/blink/blink-post-merge-faq/index.md b/chromium/docs/website/site/blink/blink-post-merge-faq/index.md new file mode 100644 index 00000000000..c8ca2aa4e0c --- /dev/null +++ b/chromium/docs/website/site/blink/blink-post-merge-faq/index.md @@ -0,0 +1,165 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-post-merge-faq +title: Blink post-merge FAQ +--- + +## Merge versions + +**Pre-merge:** + +> Blink git SHA: +> [37d233bde3baaea720a9a81296fa77b63c9d8981](https://chromium.googlesource.com/chromium/blink/+/HEAD) + +> Blink revision: **[202666](http://blinkrev.hasb.ug/202666)** + +> Chromium git SHA: +> [70aa692d68ee86d365928edd160c3575fda2b453](https://chromium.googlesource.com/chromium/src/+/70aa692d68ee86d365928edd160c3575fda2b453) +> [350323](http://crrev.com/350323) Chromium revision: +> Chrome version: +> [47.0.2518.0](https://chromium.googlesource.com/chromium/src/+/70aa692d68ee86d365928edd160c3575fda2b453/chrome/VERSION) + +**Post-merge:** + +> Blink git SHA: *n/a* + +> Blink revision: *n/a* + +> Chromium git SHA: +> [b59b6df51a249895fbba24f92b661f744e031546](https://chromium.googlesource.com/chromium/src/+/b59b6df51a249895fbba24f92b661f744e031546) + +> Chromium revision: **[350324](http://crrev.com/350324)** + +> Chrome version: +> [47.0.2519.0](https://chromium.googlesource.com/chromium/src/+/341be68a2f3f424685a709aacc683d227f0de7eb) +> -- version bump came 1 day after +> [branch](https://chromium.googlesource.com/chromium/src/+/b59b6df51a249895fbba24f92b661f744e031546/chrome/VERSION) + +## How to migrate local /src (chromium main project) branches + +* ## Only once to update the remote + + ## ```none + git remote update (or git fetch)   + ``` + + ## `For each branch` + + ## ```none + git rebase $(git merge-base branch_name origin/master) branch_name --onto origin/master + ``` + +## How to migrate local /src/third_party/WebKit branches + +When running gclient sync after the merge point, the previous .git directory +(containing all the local branches) for blink will be saved in +//src/../old_src_third_party_WebKit.git + +For each local branch, run the following steps: + +* Create a patch file + + ```none + git diff origin/master...branch_name > /tmp/old-blink.patch + ``` + +And then in the new checkout, after the branch point + +* Recreate the branch + + ```none + git new-branch old-blink + ``` + +* Apply the patch + + ```none + git apply -3 --directory third_party/WebKit/ /tmp/old-blink.patch + ``` + +## How to migrate blink patches from Rietveld + +If you have the patch locally as a git branch, migrating that would be easier. +Otherwise, follow these steps: + +1. Download the raw patch from codereview.chomium.org/123456 +2. Create a new local git branch in a post-merge checkout + + ```none + git new-branch issue123456 + ``` + +3. Apply the patch + + ```none + git apply -3 --directory third_party/WebKit/ issue123456_1001.diff + ``` + +4. Add new files and commit changes +5. Upload to a new CL + +## How can I avoid getting the entire Blink history when going over the merge commit + +If you use `git log` or similar over the merge commit, use `--first-parent` to +walk up only in the chromium history. + +## Cherry-picking a Blink CL to a release branch + +The active releases branches will be merged (i.e. won't have a +third_party/WebKit subproject) as well. + +For CL that get landed after the merge day, it won't be any different than +cherry-picking a chromium CL. Just follow the +[git-drover](http://commondatastorage.googleapis.com/chrome-infra-docs/flat/depot_tools/docs/html/git-drover.html) +man page. + +To cherry-pick a blink CL that was landed before the merge day: + +* Find the corresponding commit that you want to cherry-pick in the + chromium master and note its SHA1 (note: it will have a different + SHA1 than what reported in the codereview.chromium.org/NNNN) + e.g., if you want to cherry-pick + + + ```none + git log origin/master --grep codereview.chromium.org/1340403003 -- third_party/WebKit + commit c614d6deae3c6e4cc0bfbb60bb15a17305b418b7 + Author: .... + ``` + +* Follow the + [git-drover](http://commondatastorage.googleapis.com/chrome-infra-docs/flat/depot_tools/docs/html/git-drover.html) + documentation using SHA1 above when doing git cherry-pick -x + +## Creating a checkout using fetch blink does no longer work + +Use `fetch chromium` instead. + +## Converting revision range links from SVN to git + +See [this document +](https://docs.google.com/document/d/1v2fTiNF2FNzbSZXuF1JQxT3UHghM9GUI5csWIpSdu68/edit)for +instructions. + +## Bisecting across the merge point + +* Bisect scripts (src/tools/bisect-builds.py) and bots should Just + Work TM. File a bug if that is not the case. +* Doing a git bisect on a revision range that includes the merge point + requires a little trick. (See [\[chromium-dev\] Merge of Chromium + and Blink repositories - git bisect is + broken?](https://groups.google.com/a/chromium.org/forum/#!topic/chromium-dev/ydCRw4V6u5o) + for context and details) +* The trick consists in convincing git that the merge commit + (b59b6df51) did NOT pull in the blink history (70aa692d6) using + grafts + + ```none + git replace --graft b59b6df51 70aa692d6 + # Do the git bisect as usual + git bisect start GOOD_SHA1 BAD_SHA1  + # Remove the grafts at the end + $ git replace -d b59b6df51 + ``` diff --git a/chromium/docs/website/site/blink/blink-testing-and-the-w3c/index.md b/chromium/docs/website/site/blink/blink-testing-and-the-w3c/index.md new file mode 100644 index 00000000000..f302488b4b0 --- /dev/null +++ b/chromium/docs/website/site/blink/blink-testing-and-the-w3c/index.md @@ -0,0 +1,203 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-testing-and-the-w3c +title: Blink, Testing, and the W3C +--- + +*Blink is currently running a subset of the W3C's tests automatically, as +documented in [Importing the W3C tests to Blink](/blink/importing-the-w3c-tests) +.* + +*This document is left here for historical purposes and to document some of the design and process tradeoffs involved.* + +> *Document owner: [dpranke@chromium.org](mailto:dpranke@chromium.org)* + +## Overview + +The W3C has defined a large number of tests used for conformance testing. + +Blink has inherited from WebKit a large number of tests that are used for +regression testing. Many of these tests (mostly the so-called "pixel tests") +require manual verification of correctness and take a fair amount of work to +keep these tests up-to-date. Many are also not written in a way that can be +easily used by other browser vendors. + +Blink does not currently (4/2013) regularly import and run the W3C's tests, but +we have done some ad-hoc partial imports of test suites in the past into our +existing regression test suites. Some of these previously imported W3C tests are +therefore out of date and/or redundant. + +The Blink team [has stated](/blink/#testing) that any new features being +developed should be accompanied by conformance tests and that we should be +working with the W3C on these tests. We believe that having a comprehensive, +vendor-neutral set of tests for the web platform is good for the web as a whole. + +Thus, there are several interrelated problems: + + *The W3C has a lot of tests that aren't being run regularly (by us, at + least).* + + *We have redundant and/or out of date tests.* + + *We have a lot of tests that are hard to maintain.* + + *We have a lot of tests we could potentially share with the W3C.* + + *We do not have a great sense of the coverage of either or both sets of + tests.* + + *Neither we nor the W3C have smoothly running development processes to make + these two sets of tests converge where possible.* + +I will also note that although I used the words "conformance" and "regression" +above, they don't necessarily mean much difference in practice. You can, and +probably should, use conformance tests for regression testing. + +## Ideal state + +We should work together with the W3C to resolve these problems as much as +possible. The ideal end state might look something like: + + *All of the W3C’s tests would be in a single location or repository, clearly + organized by some scheme that identified which features each test targeted, + and what the state of the test was (submitted, accepted/approved, etc.)* + + *There would be some sort of process for minimizing or eliminating redundant + tests.* + + *The test suite coverage would be comprehensive, and portable (it would be + well understood how to write tests that ran in the major browsers).* + + *The processes for submitting new tests, getting changes made to existing + tests, and downloading the latest test suites and integrating them into our + builds would be well defined and practiced.* + + *The tests could be run and evaluated automatically (i.e., tests would not + require manual review to see if you passed or failed).* + + *The number of chromium-/blink- specific layout tests would be kept to a + minimum; if the test suites were comprehensive, arguably we’d have little + need for custom tests except for features that weren’t standards-track. We + would have a well-polished process for removing our tests when they were + made redundant.* + +## Current state + +Today, as I currently understand it, none of these things are true, although +some are closer than others. Item-by-item: + + *Tests are scattered across multiple locations.* + + **Most of them can be found somewhere on the W3C’s mercurial repository + (dvcs.w3.org/hg), and are mirrored to w3c-test.org .** + + **Some tests are also being moved to Github. The W3C has claimed a goal + of moving everything to Github by the end of 2013.** + + **Different WGs follow different naming conventions, although I think + things are fairly consistent for newer tests.** + + *I have no idea how people figure out if there are redundant tests in the + W3C suites. My guess is that reviewers and spec editors make their best + efforts here.* + + *I have no real idea how comprehensive the existing test suites are, nor how + many of them run on Blink as-is (let alone pass).* + + **At a rough guess, there’s somewhere between 13,000 and 18,000 existing + tests in various stages of approval.** + + **I don’t yet really know how many reftests really are portable and + aren’t subject to diffs resulting from rounding errors and other things + that don’t really affect correctness.** + + **On a related note, it’s hard to say how many of the tests are “good”, + in the sense that they are maintainable, clear, focused, fast, etc.** + + *I think the processes for submitting new tests are roughly defined for most + groups at this point, but I don’t know how broadly shared they are between + WGs. We in Blink are at least not very familiar with the processes.* + + *Many of the older tests (e.g., CSS1, CSS2.1) were written assuming someone + would look at them individually to decide if they were passing.* + + **We currently run those as pixel tests, but it would be difficult to + say with confidence how many of them we were “passing” (due to the way + Blink manages passing vs. expected results).** + + **There may be some tests that require interactive (manual) execution, + as well as manual review. I don’t know if we are interested in them at + all (I’m not, personally).** + + *I have no idea how many of our existing regression tests are redundant, nor + how many of them could be reused by other vendors.* + +**Work items** + +So, this leaves us with the following (unprioritized) set of potential work +items: + + *Pull all of the existing tests down and see:* + + **How many of them we already have?** + + **How many of them are ref tests or are otherwise self-contained (i.e., + we don’t need to generate -expected results separately and review them + for correctness)?** + + **What sort of coverage do we have? How much overlap with existing Blink + tests do we have?** + + **How well do they integrate into the existing harnesses we have?** + + *Help organize the W3C repos.* + + *Work on tools and processes for submitting new tests, getting tests + approved, and pulling them down to run, etc.* + + *Work to identify areas missing coverage.* + + *Work to write tests for those areas.* + + *Formalize tracking the test suites for new features we’re working on and + ensuring the test suites are accepted (I think we do this today in a fairly + ad-hoc and informal way). We should at least be regularly running our own + tests!* + + *Work on the w3c’s test harness and figure out if it needs more features to + be able to get better test coverage and/or work more portably.* + + *Publish our test results regularly somehow.* + + *Perhaps help publish the results of other implementations (Helping to build + a common dashboard or something; presumably we don’t want to be publishing + the results from other vendors ourselves).* + +This is all a fair amount of work, but there are too many unknowns to be able to +really give a resource estimate (at least I wouldn’t want to). + +## Q2 2013 goals + +We on Blink have a Q2 2013 goal of at least the following: + + *Develop tools to import some of the larger test suites from the W3C, if not + all of them. (with some [help from + Adobe](https://lists.webkit.org/pipermail/webkit-dev/2013-March/024055.html))* + + *Import and run the tests in an automated manner as part of our existing + regression testing processes (the layout tests). This will not include any + tests requiring manual verification of correctness (i.e., no tests requiring + new platform-specific baselines).* + + *Provide at least an initial set of feedback to the W3C on what did and + didn't work (including which tests are and aren't passing), including + enhancement requests for their infrastructure and processes if we find our + needs aren't currently met.* + +This should give us a pretty good sense of where we're at and how much work the +remaining open problems may be. + +Note that if we get this working smoothly, we can hopefully extend these +processes to other standards bodies as need be (ECMA, Khronos, etc.) \ No newline at end of file diff --git a/chromium/docs/website/site/blink/blink-triaging/index.md b/chromium/docs/website/site/blink/blink-triaging/index.md new file mode 100644 index 00000000000..07bd8f4ed41 --- /dev/null +++ b/chromium/docs/website/site/blink/blink-triaging/index.md @@ -0,0 +1,105 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: blink-triaging +title: Component:Blink bug labeling rotation +--- + +[Document with tips for bug +labeling](https://docs.google.com/document/d/1l9XehKEHAJu3-LnWDdXl8-t-8rz9dk8dy1bEI4zzUOU/edit) + +## [Mapping of labels to owners and teams](https://docs.google.com/spreadsheets/d/19JEFMvsxD3eThyGiJRqAjcpx362LHUDdVzICAg7TYZA/edit#gid=0) + +## Goal + +Deliver Blink bugs in crbug.com to engineers who are responsible for the bug +area by adding Blink>*Foo* components. + +## Example Instructions + +We don't have a common instruction yet. The below is an example, and you don't +need to follow it. Important points are: + +* Reduce the number of [Component=Blink + bugs](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=Component%3DBlink) +* Newer bugs are important. + +### Task 1: Handling Component=Blink issues (mandatory, daily) + +1) Search for ["Component=Blink -Hotlist=CodeHealth -Needs=Feedback +-Needs=Reduction"](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=Component%3DBlink+-Hotlist%3DCodeHealth+-Needs%3DFeedback+-Needs%3DReduction) + +2) Read the issue description and comments and add Blink>*Foo* component and +remove Blink component, if the area/ownership is clear. Otherwise: + +* If the issue has not enough information, ask for additional + information, add Needs-Feedback label, and add your email address to + Cc field. + Add a Next-Action value set to 14 days from the current date. + You're responsible for this bug. You should handle the bug until you + identify Blink areas or feedback timeout. + [This + link](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=component%3DBlink+-Hotlist%3DCodeHealth+Needs%3DFeedback+cc%3Ame&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=tiles) + shows the list of bugs of this kind you are responsible for. +* If the issue doesn't seem to be reproducible, but plausible, add + Needs-TestConfirmation. +* If the reproduction is too complex to understand the culprit area, + add Needs-Reduction. +* If you understand the culprit, but can't find an appropriate + Blink>*Foo* component (eg. by looking at similar bugs resolved in + the not-too-distant past), email + [crblink-rotation@](https://groups.google.com/a/chromium.org/forum/#!forum/crblink-rotation) + (and/or add Hotlist-BlinkNoLabel, this is TBD). You should find an + owner if the bug looks serious. + +**Task 2: Handling Component=UI issues (mandatory, daily)** + +1) Search for untriaged +[Component=UI](https://bugs.chromium.org/p/chromium/issues/list?q=Component%3DUI%20-Needs%3DFeedback%20-Type%3DFeature%2CTask&can=2) +bugs + +2) Read the issue description and add comments or move to sub-components of UI +or other components (including Blink sub-components as appropriate). Set +priorities as needed. + +### Task 3: Handling issues without Component: field (optional) + +Do the same things as task 1 and task 2 for issues without Component: field. If +an issue isn't related to Blink, add appropriate non-Blink components such as +Component:`UI`, Component:`Internals`. + +* [Bugs created in the last 30 days without + owners](https://bugs.chromium.org/p/chromium/issues/list?q=-has%3Acomponent%20-reporter%3Achromium.org%20-label%3Aautofiled%20-label%3Aperformance%20-hotlist%3DHistogramEraser%20%20-hotlist%3DMetrics-Eraser%20opened%3Etoday-30%20-has%3Aowner&can=2) +* [Bugs that have owners but that haven't been modified in the last + year](https://bugs.chromium.org/p/chromium/issues/list?q=-has%3Acomponent%20-reporter%3Achromium.org%20-label%3Aautofiled%20-label%3Aperformance%20-hotlist%3DHistogramEraser%20%20-hotlist%3DMetrics-Eraser%20modified%3Ctoday-365%20has%3Aowner%20%20-hotlist%3DExpiredHistograms&can=2) +* [All bugs without + owners](https://bugs.chromium.org/p/chromium/issues/list?q=-has%3Acomponent%20-reporter%3Achromium.org%20-label%3Aautofiled%20-label%3Aperformance%20-hotlist%3DHistogramEraser%20%20-hotlist%3DMetrics-Eraser%20-has%3Aowner&can=2) +* [All + bugs](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=-has%3Acomponent+-reporter%3Achromium.org+-label%3Aautofiled+-label%3Aperformance+-hotlist%3DHistogramEraser++-hotlist%3DMetrics-Eraser) + +**Task 4: monitor stale P0/P1 security bugs (optional)** + +* Review all result from [this + search](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=Type%3DBug-Security+component%3Ablink+pri%3D0%2C1+modified%3Ctoday-30&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids). +* Check that the bug has an owner, the owner is actively working on + the issue, and is fixing. Re-assign, re-categorize or ping the bug + as appropriate. + +**Deprecated:** + +### Reducing/Confirming Component=Blink bugs (mandatory, daily) + +1) Search for "[Component=Blink +Needs=Reduction](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=Component%3DBlink+Needs%3DReduction)", +choose one, and investigate it to identify Blink areas by reading HTML/CSS/JS +code and/or making a reduction. + +2) Add Blink>*Foo* components, remove Blink component and Needs-Reduction +when confirmed and updated the status accordingly, if needed. + +## Contact + +Public mailing list: +[crblink-rotation@chromium.org](https://groups.google.com/a/chromium.org/forum/#!forum/crblink-rotation) +() \ No newline at end of file diff --git a/chromium/docs/website/site/blink/coding-style/index.md b/chromium/docs/website/site/blink/coding-style/index.md new file mode 100644 index 00000000000..1b667e4f987 --- /dev/null +++ b/chromium/docs/website/site/blink/coding-style/index.md @@ -0,0 +1,69 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: coding-style +title: Blink Coding Style Guidelines +--- + +These guidelines are specific to the [Blink](/blink) project, not to be confused +with the general [Chromium coding +style](https://chromium.googlesource.com/chromium/src/+/HEAD/styleguide/styleguide.md). + +[TOC] + +## C++ + +This documentation has moved to the [Blink C++ Style +Guide](https://chromium.googlesource.com/chromium/src/+/HEAD/styleguide/c++/blink-c++.md). + +## Python + +This documentation has moved to the [Blink Python Style +Guide](https://chromium.googlesource.com/chromium/src/+/HEAD/styleguide/python/blink-python.md). + +## Web tests + +See [Writing Web +Tests](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/testing/writing_web_tests.md). + +## License + +Existing files in Blink use a longer header license block inherited from WebKit, +however new files should follow the Chromium [File Header +Style](https://chromium.googlesource.com/chromium/src/+/HEAD/styleguide/c++/c++.md#File-headers). + +To use this license block you must make sure you have completed the [External +Contributor +Checklist](/developers/contributing-code/external-contributor-checklist). + +## License for this document + +*This page began as the [WebKit Coding Style +Guidelines](http://www.webkit.org/coding/coding-style.html), Licensed under +[BSD](http://www.webkit.org/coding/bsd-license.html):* + +BSD License +Copyright (C) 2009 Apple Inc. All rights reserved. +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: +1. Redistributions of source code must retain the above copyright notice, this +list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation and/or +other materials provided with the distribution. +THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS “AS IS” AND ANY +EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY +DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON +ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +## References + +\[1\] Comments on comments + \ No newline at end of file diff --git a/chromium/docs/website/site/blink/coding-style/layout-test-style-guidelines/index.md b/chromium/docs/website/site/blink/coding-style/layout-test-style-guidelines/index.md new file mode 100644 index 00000000000..e5fb1897d06 --- /dev/null +++ b/chromium/docs/website/site/blink/coding-style/layout-test-style-guidelines/index.md @@ -0,0 +1,11 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +- - /blink/coding-style + - Blink Coding Style Guidelines +page_name: layout-test-style-guidelines +title: Web Test Style Guidelines +--- + +[docs/testing/writing_web_tests.md](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/testing/writing_web_tests.md) \ No newline at end of file diff --git a/chromium/docs/website/site/blink/deprecating-features/index.md b/chromium/docs/website/site/blink/deprecating-features/index.md new file mode 100644 index 00000000000..8f4438ad286 --- /dev/null +++ b/chromium/docs/website/site/blink/deprecating-features/index.md @@ -0,0 +1,28 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: deprecating-features +title: Deprecating Features +--- + +[TOC] + +## How To Measure Usage and Notify Developers + +1. Add your feature to [web_feature.mojom's + WebFeature](https://cs.chromium.org/chromium/src/third_party/WebKit/public/platform/web_feature.mojom?q=third_party/WebKit/public/platform/web_feature.mojom&sq=package:chromium&dr&l=16). +2. Add a clever deprecation message to the big switch in + [UseCounter::deprecationMessage](https://cs.chromium.org/chromium/src/third_party/WebKit/Source/core/frame/Deprecation.cpp?type=cs&q=Deprecation::DeprecationMessage%5C(&l=295). +3. Instrument your code by: + * Adding + `[DeprecateAs](https://chromium.googlesource.com/chromium/src/+/HEAD/third_party/WebKit/Source/bindings/IDLExtendedAttributes.md#DeprecateAs_m_a_c)=[your + enum value here]` to the feature's IDL definition (see [these + examples](https://cs.chromium.org/search/?q=DeprecateAs+file:%5Esrc/third_party/WebKit/Source/modules/+package:%5Echromium$&type=cs)). + * Adding a call to + `[Deprecation::CountDeprecation](https://cs.chromium.org/chromium/src/third_party/WebKit/Source/core/frame/Deprecation.h?type=cs&l=43)` + somewhere relevant (as we're dong for the + [UserMediaRequest](https://cs.chromium.org/chromium/src/third_party/WebKit/Source/modules/mediastream/UserMediaRequest.cpp?type=cs&q=Deprecation::CountDeprecation%5C(document-%3EGetFrame%5C(%5C),&l=422)). + +Note that `DeprecateAs` is intended to replace `MeasureAs` in the IDL file. +Specifying both is redundant. \ No newline at end of file diff --git a/chromium/docs/website/site/blink/developer-faq/index.md b/chromium/docs/website/site/blink/developer-faq/index.md new file mode 100644 index 00000000000..e452d1d4408 --- /dev/null +++ b/chromium/docs/website/site/blink/developer-faq/index.md @@ -0,0 +1,318 @@ +--- +breadcrumbs: +- - /blink + - Blink (Rendering Engine) +page_name: developer-faq +title: Developer FAQ - Why Blink? +--- + +[« Back to the Blink project page](http://www.chromium.org/blink) + +[TOC] + +### Why is Chrome spawning a new browser engine? + +There are two main reasons why we’re making this change. + + The main reason is that Chromium uses a different multi-process architecture + from other WebKit-based browsers. So, over the years, supporting multiple + architectures has led to increasing complexity for both the WebKit and + Chromium communities, slowing down the collective pace of innovation. + + In addition, this gives us an opportunity to do open-ended investigations + into other performance improvement strategies. We want web applications to + be as fast as possible. So for example, we want to make as many of the + browser’s duties as possible run in parallel, so we can keep the main thread + free for your application code. We’ve already made significant progress + here--for example by reducing the impact JavaScript and layout have on page + scrolling, and making it so an increasing number of CSS animations can run + at 60fps even while JavaScript is doing some heavy-lifting--but this is just + the start. + +We want to do for networking, rendering and layout what V8 did for JavaScript. +Remember JS engines before V8? We want the same sort of healthy innovation that +benefits all users of the web, on all browsers. + +### What sorts of things should I expect from Chrome? + +In the Blink [Architectural +Changes](http://www.chromium.org/blink#architectural-changes) section we have +listed a few changes that will improve the speed and stability of the web +platform in Chrome. Meanwhile, there are more improvements whose feasibility and +performance benefits we're excited to investigate: + +* Deliver a speedier DOM and JS engine + * Multi-process, security-focused, and faster low-overhead DOM + bindings to V8 + * JIT DOM attribute getters in V8. That would allow V8 to access + div.id, div.firstChild, etc without leaving JIT code. Mozilla is + also meanwhile trying to[ JIT DOM attribute + getters](https://bugzilla.mozilla.org/show_bug.cgi?id=747285). + * Implement the DOM in JS. This has the potential to make + JavaScript DOM access dramatically faster, but will involve a + very large re-write of WebKit’s DOM implementation. IE is + already doing this and overall, this helps yield faster GC, and + faster DOM bindings + * Support snapshotting in V8. This could allow us to have no + parse-time overhead and near-instant startup of previously + loaded pages. +* Keep the platform secure + * Better sandboxing of the compositor thread + * [Out-of-process + iframes](http://www.chromium.org/developers/design-documents/oop-iframes). + Use renderer processes [as a security + boundary](http://www.chromium.org/developers/design-documents/site-isolation) + between cross-site iframes. +* Refactor for performance + * Reduce binding layer overhead. We can make things even faster by + simplifying the many abstractions in the binding layers that + have existed to share code between JavaScriptCore and V8 (e.g. + ScriptState, DOMRequestState, etc). + * Improve the performance of style resolution. + * Improve utilization of multiple cores. +* Enable more powerful rendering and layout + * Pursue multi-threaded layout + * Overhaul style recalculation and selector resolution performance + * Stop creating renderers for hidden iframes + * Fix old bugs like plugins unloading when they're set to + display:none. + * Allow generated content to be selectable and copy-pasteable. + * Rewrite event handling to be more consistent and have fewer bugs + with focus, mouse up, clicks, etc. + * Fire ``). + +> Note: If both src and srcdoc are set, the latter takes precedence. + +> Availability: m20 + +> Spec: +> [whatwg](http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-srcdoc) + +> **sandbox** + +> Method of running external site pages with reduced privileges (i.e. no +> JavaScript) in iframes (``) + +> Availability: m19 + +> Spec: +> [whatwg](http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-sandbox) + +#### #### matchMedia() + +#### API for testing if a given media query will apply. + +#### Availability: m9 + +#### Spec: [w3c cssom +spec](http://dev.w3.org/csswg/cssom-view/#dom-window-matchmedia) + +#### Notes: [webkit changeset](http://trac.webkit.org/changeset/72552) + +#### Pointer Lock (TAPIFKA Mouse Lock) + +Gives access to raw mouse movement, locks the target of mouse events to a single +element, eliminates limits of how far mouse movement can go in a single +direction, and removes the cursor from view. Obvious use cases are for first +person or real time strategy games. +Availability: m18 behind flag. On be default in m22 with a refined API similar +to requestFullScreen. + +Spec: [W3C Editor's +draft](http://dvcs.w3.org/hg/webevents/raw-file/default/mouse-lock.html) + +Documentation: [HTML5 +Rocks](http://updates.html5rocks.com/2012/02/Pointer-Lock-API-Brings-FPS-Games-to-the-Browser) + +Notes: [Chromium tracking +issue](http://code.google.com/p/chromium/issues/detail?id=72754) + +Dev contact: scheib + +Note, late breaking changes: + +Pointer lock can only work within one document. If you lock in one iframe, you +can not have another iframe try to lock and transfer the target... it will error +instead. The first iframe has to unlock, then the second iframe can lock. + +Also, iframes work by default, but sandboxed iframes block pointer lock. Landed +recently into WebKit the ability to use <iframe +sandbox="allow-pointer-lock">, but that will not percolate into Chrome until +23. + +#### Page Visibility + +Provides an API to ask whether the current tab is visibile or not. If you, you +might want to throttle back action or set an idle state. + +Availability: m13, prefixed as `document.webkitHidden` + +Notes: Relatedly, setTimeout/Interval are clamped to 1000ms when in a background +tab as of [m11](http://code.google.com/p/chromium/issues/detail?id=66078). +Firefox 5 has the +[same](https://developer.mozilla.org/en/DOM/window.setTimeout#Minimum_delay_and_timeout_nesting) +behavior. + +Spec: [w3c draft +spec](http://dvcs.w3.org/hg/webperf/raw-file/tip/specs/PageVisibility/Overview.html) + +Demo: [samdutton.com/pageVisibility](http://samdutton.com/pageVisibility) + +Dev Contact: shishir + +#### Workers + +Provides a threading API + +Availability: Chrome 3, Safari 4, Firefox 3.5. Shared workers available in m4. + +Android Availability: Dedicated workers in m16 (0.16). No shared workers, yet. + +Spec: [WHATWG](http://www.whatwg.org/specs/web-workers/current-work/) + +Notes: Pre-M15, there was a limit to the number of workers that each page can +start, as well as the number of workers that can be running globally across all +pages. This was because a new process was started for each worker. As of M15, +workers are started in-process, meaning less memory footprint and faster +messaging. Transferrable objects landed in m17 (see next) + +Dev Contact: Dmitry Lomov (dslomov), Drew Wilson (atwilson) + +#### Transferable Object messaging passing + +With transferable objects/data, ownership is transferred from one context to +another. It is zero-copy, which vastly improves the performance of sending data +to a Worker or another window. + +Availability: m17 + +Spec: [w3c +spec](http://dev.w3.org/html5/spec/common-dom-interfaces.html#transferable-objects) + +Notes: landed as prefixed. Unprefixed in M24. + +```none +worker.postMessage(arrayBuffer, [arrayBuffer]) +window.postMessage(arrayBuffer, targetOrigin, [arrayBuffer]) +``` + +See: [html5rocks +update](http://updates.html5rocks.com/2011/12/Transferable-Objects-Lightning-Fast), +[demo](http://html5-demos.appspot.com/static/workers/transferables/index.html) + +#### <link> load/error events + +Specify and onload or onerror event for a stylesheet to load. + +Availability: m19? + +Spec: [W3C](http://www.w3.org/TR/html5/the-link-element.html#the-link-element) + +#### Touch Events + +Android Availability: m16 (0.16) + +**MathML** + +Availability: m24 + +Spec: [w3c spec](http://www.w3.org/TR/MathML3/) + +**JS Internationalization API** + +Allows collation (string comparison), number formatting, and date and time +formatting for JavaScript applications. More info +[here](http://norbertlindenberg.com/2012/10/ecmascript-internationalization-api/index.html). + +Availability: m24 + +Spec: +[here](http://www.ecma-international.org/publications/standards/Ecma-402.htm) + +**Resource Timing API** + +Availability: m25 + +Spec: [w3c](http://www.w3.org/TR/2011/WD-resource-timing-20110524/) + +**User Timing API** + +Availability: m25 + +Spec: [w3c](http://w3c-test.org/webperf/specs/UserTiming/) + +**Object.observe()** + +Way to observe changes to JS objects. + +Availability: m25 (behind Enable Experimental JS Features in about:flags) + +Info: + + +## Webforms + +Availability: **See [HTML5 Forms +Status](http://www.chromium.org/developers/web-platform-status/forms) for all +details.** (Updated as recently as Nov 28th, 2012). + +Includes details in input types (like date and color), input attributes, +datalist and more. + +#### Autocomplete + +Provides hints to the autofill implementation to allow Chrome to better provide +suggested values to the user. + +Availability: The `x-autocompletetype` attribute was implemented in Chrome 15. +It used [token values that are documented +here](http://wiki.whatwg.org/wiki/Autocomplete_Types#Experimental_Implementation_in_Chrome), +but later revised. Chrome 24 features an implementation of the `autocomplete` +attribute that [matches the HTML +spec](http://www.whatwg.org/specs/web-apps/current-work/multipage/association-of-controls-and-forms.html#autofilling-form-controls:-the-autocomplete-attribute). + +#### formElement.requestAutocomplete() + +Allows a form to be filled out on demand by the browser's autofill. + +Availability: in development. + +Notes: [WHATWG +proposal](http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2012-October/037711.html). + +Tickets: [crbug](http://code.google.com/p/chromium/issues/detail?id=159537), +[webkit meta bug](https://bugs.webkit.org/show_bug.cgi?id=100560) + +## DOM APIs + +[Element.matchesSelector](http://www.w3.org/TR/selectors-api2/#matchtesting) - +m4 + +Element.outerHTML - m1 + +Element.textContent (faster than innerHTML for plain text) - m1 + +[Element.classList](http://www.whatwg.org/specs/web-apps/current-work/multipage/elements.html#dom-classlist) +(classList.add/remove methods) - m8 + +[Element.dataset](http://www.whatwg.org/specs/web-apps/current-work/multipage/elements.html#embedding-custom-non-visible-data-with-the-data-*-attributes) +(Provides easy access to `data-*` attribute values) - m8 + +window.onerror event - [m10](http://trac.webkit.org/changeset/76216) + +crypto.getRandomValues() - m11 + +selectionchange event - [m11](http://trac.webkit.org/changeset/79208) + +## Chrome Extensions + +[View the changelog of features landing in Chrome +extensions.](http://code.google.com/chrome/extensions/trunk/whats_new.html) + +More resources for going deep with HTML5: + +* [HTML5 Rocks](http://html5rocks.com/) +* [Mozilla Developer + Network](https://developer.mozilla.org/en/HTML/HTML5) +* [StackOverflow: + html5](http://stackoverflow.com/questions/tagged/html5) +* [#html5](http://webchat.freenode.net/?channels=html5) on freenode \ No newline at end of file diff --git a/chromium/docs/website/site/developers/webkit-core-projects/index.md b/chromium/docs/website/site/developers/webkit-core-projects/index.md new file mode 100644 index 00000000000..c2aa1d86ca5 --- /dev/null +++ b/chromium/docs/website/site/developers/webkit-core-projects/index.md @@ -0,0 +1,108 @@ +--- +breadcrumbs: +- - /developers + - For Developers +page_name: webkit-core-projects +title: Blink Core Projects +--- + +**This list is for Blink work that is about improving performance, infrastructure and/or the maintainability of the codebase. This is a list of high-priority projects that have minimal dependence on web standards bodies.** +**If you decide to take on one of these projects put your name at the beginning like \[ ojan \]. Some of the bigger projects could use multiple people working on them.** +**Talk to Ojan if you have questions about any of these or want to add more things to this list. If you discover other new projects that would fit well here we should add them! + +## blink/core projects + +* **Please see the [Project Warden + list](https://code.google.com/p/chromium/issues/list?can=2&q=label%3AProject-Warden&colspec=ID+Pri+M+Iteration+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&cells=tiles) + for more maintainability tasks.** +* Identify and fix scrolling performance problems on this page: + +* Moving widget-loading (iframes/plugins) out of the rendering tree + [wkb.ug/45049](http://wkb.ug/45049) +* Add more invariants during layout to ensure proper behavior (see + and + ) + +## Performance + +* \[META\] RoboHornet (and RoboHornet Pro) related performance issues: + + * - tag-based collections are invalidated on every add/remove of + an element (25%+ win for RoboHornetPro) + [wkb.ug/98823](http://wkb.ug/98823) +* Improve performance of Dromaeo and dom_perf bencharks. For example, + <> makes JSC go + 40% faster on dom-traverse. Can we do something similar for V8? +* Should report private memory on the perf bots: + +* Improve memory usage of the following benchmarks: + * + * + * + * + * +* Create (and then optimize) benchmarks that accurately represent + memory usage in gmail, docs, etc. +* Improve performance test suites: + * first and second tabs of dromaeo benchmarks show the same data: + + * page cyclers should have subgraphs for each individual site: + + * add performance trybots: + * Linux lowmem perf bot exhibits bimodal behavior: + + * explore ways to reduce performance test variance: + + +## Infrastructure + +* rebaselining with virtual test suites involved gets confused: + [crbug.com/237701](http://crbug.com/237701) +* Switch chromium windows bots back to using Apache: + +* Improve garden-o-matic: + * let you minimize failures so they're not in your face:[ + https://bugs.webkit.org/show_bug.cgi?id=97949](https://bugs.webkit.org/show_bug.cgi?id=97949) + * show the last revision process by every layout test bot and the + last by every non-layout test bot:[ + https://bugs.webkit.org/show_bug.cgi?id=98088](https://bugs.webkit.org/show_bug.cgi?id=98088) + * garden-o-matic should run even if you don't have the server + running locally: [crbug.com/241506](http://crbug.com/241506) + +* **Add a tool to garden-o-matic/flakiness dashboard/code review tool + to make it possible to easily view the diff of an expected result to + another platform's expected file (e.g. diff between + platform/chromium/foo-expected.txt and + platform/mac/foo-expected.txt).** +* Rebaseline tests from the results.html page:[ + https://bugs.webkit.org/show_bug.cgi?id=86797](https://bugs.webkit.org/show_bug.cgi?id=86797) + +* ****Flakiness dashboard**** + * gtests should output the same JSON format as run-webkit-tests: + [crbug.com/247192](http://crbug.com/247192) + * flakiness dashboard links on the waterfall point to the wrong + data: [crbug.com/246849](http://crbug.com/246849) + * Annotate the failing test results shown in the flakiness + dashboard with the revision it last failed at. Something like: + r12345 + * Audio failures don't show up correctly on the flakiness + dashboard: + +## LayoutTests + +* Create infrastructure for red-green layout tests. They have no + expected result. If the bitmap has only green and white pixels, it + passes, otherwise it fails. +* Make the text caret not blink in tests:[ + https://bugs.webkit.org/show_bug.cgi?id=97558](https://bugs.webkit.org/show_bug.cgi?id=97558) +* using js-test-pre.js should only require a DOCTYPE and + js-test-pre.js:[ + https://bugs.webkit.org/show_bug.cgi?id=48344](https://bugs.webkit.org/show_bug.cgi?id=48344) +* Hundreds of mac failures are due to a slightly different color + repaint background: +* Hundreds of MountainLion-only reftest failures: + [crbug.com/238093](http://crbug.com/238093) +* checkLayout() should error out if no data-expected\* attributes were + found: [crbug.com/233956](http://crbug.com/233956) +* Inspector tests are crazy slow in debug: + [crbug.com/238095](http://crbug.com/238095) \ No newline at end of file diff --git a/chromium/docs/website/site/developers/webui/index.md b/chromium/docs/website/site/developers/webui/index.md new file mode 100644 index 00000000000..d7e85d9260b --- /dev/null +++ b/chromium/docs/website/site/developers/webui/index.md @@ -0,0 +1,453 @@ +--- +breadcrumbs: +- - /developers + - For Developers +page_name: webui +title: Creating Chrome WebUI Interfaces +--- + +If you are building a WebUI interface under components/ then see [Creating WebUI +Interfaces in +components/](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/webui_in_components.md) + +Creating a Chrome WebUI interface is simple yet involves changing a number of +files. This guide briefly steps over the process. For brevity, copyright notices +are not placed at the beginning of the new files but in practice do not forget +to add these. + +### Creating the WebUI page + +WebUI resources are located in the resources folder, +`src/chrome/browser/resources`. When creating WebUI resources, follow the [Web +Development Style Guide](/developers/web-development-style-guide). For a sample +WebUI page you could start with the following files: + +src/chrome/browser/resources/hello_world.html: + +```none + + + +   +   +   + + + +   +   + + +  

+  

+ + + +``` + +src/chrome/browser/resources/hello_world.css: + +```none +p { +  white-space: pre-wrap; +} +``` + +src/chrome/browser/resources/hello_world.js: + +```none +cr.define('hello_world', function() { +  'use strict'; +  /** +   * Be polite and insert translated hello world strings for the user on loading. +   */ +  function initialize() { +    $('welcome-message').textContent = loadTimeData.getStringF('welcomeMessage', +        loadTimeData.getString('userName')); +  } +  // Return an object with all of the exports. +  return { +    initialize: initialize, +  }; +}); +document.addEventListener('DOMContentLoaded', hello_world.initialize); +``` + +### Adding the resources to Chrome + +Resources files are added to Chrome using the +`src/chrome/browser/browser_resources.grd` file. The following additions add our +hello_world files: + +src/chrome/browser/browser_resources.grd: + +```none ++ ++ ++ +``` + +Adding URL constants for new chrome URL + +URL constants are stored in the files `src/chrome/common/webui_url_constants.*`. +This is where you will add the URL or URL's which will be directed to your new +resources. + +src/chrome/common/webui_url_constants.h: + +```none ++ extern const char kChromeUIHelloWorldURL[]; +... ++ extern const char kChromeUIHelloWorldHost[]; +``` + +src/chrome/common/webui_url_constants.cc: + +```none ++ const char kChromeUIHelloWorldURL[] = "chrome://hello-world/"; +... ++ const char kChromeUIHelloWorldHost[] = "hello-world"; +``` + +Adding localized strings + +We need a few string resources for translated strings to work on the new +resource. The welcome message contains a variable with a sample value so that it +can be accurately translated. + +src/chrome/app/generated_resources.grd: + +```none ++ ++   Hello World! ++ ++ ++   Welcome to this fancy Hello World page $1Chromium User! ++ +``` + +Adding a WebUI class for handling requests to the chrome://hello-world/ URL + +Next we need a class to handle requests to this new resource URL. Typically this +will subclass ChromeWebUI (but WebUI dialogs should subclass HtmlDialogUI +instead). + +src/chrome/browser/ui/webui/hello_world_ui.h: + +```none +#ifndef CHROME_BROWSER_UI_WEBUI_HELLO_WORLD_UI_H_ +#define CHROME_BROWSER_UI_WEBUI_HELLO_WORLD_UI_H_ +#pragma once +#include "base/macros.h" +#include "content/public/browser/web_ui_controller.h" +// The WebUI for chrome://hello-world +class HelloWorldUI : public content::WebUIController { + public: +  explicit HelloWorldUI(content::WebUI* web_ui); +  ~HelloWorldUI() override; + private:  +  DISALLOW_COPY_AND_ASSIGN(HelloWorldUI); +}; +#endif  // CHROME_BROWSER_UI_WEBUI_HELLO_WORLD_UI_H_ +``` + +src/chrome/browser/ui/webui/hello_world_ui.cc: + +```none +#include "chrome/browser/ui/webui/hello_world_ui.h" +#include "chrome/browser/profiles/profile.h" +#include "chrome/common/url_constants.h" +#include "chrome/grit/browser_resources.h" +#include "chrome/grit/generated_resources.h" +#include "content/public/browser/web_ui_data_source.h" +HelloWorldUI::HelloWorldUI(content::WebUI* web_ui) +    : content::WebUIController(web_ui) { +  // Set up the chrome://hello-world source. +  content::WebUIDataSource* html_source = +      content::WebUIDataSource::Create(chrome::kChromeUIHelloWorldHost); +  // Localized strings. +  html_source->AddLocalizedString("helloWorldTitle", IDS_HELLO_WORLD_TITLE); +  html_source->AddLocalizedString("welcomeMessage", IDS_HELLO_WORLD_WELCOME_TEXT); +  // As a demonstration of passing a variable for JS to use we pass in the name "Bob". +  html_source->AddString("userName", "Bob"); +  html_source->UseStringsJs(); +  // Add required resources. +  html_source->AddResourcePath("hello_world.css", IDR_HELLO_WORLD_CSS); +  html_source->AddResourcePath("hello_world.js", IDR_HELLO_WORLD_JS); +  html_source->SetDefaultResource(IDR_HELLO_WORLD_HTML); +  Profile* profile = Profile::FromWebUI(web_ui); +  content::WebUIDataSource::Add(profile, html_source); +} +HelloWorldUI::~HelloWorldUI() { +} +``` + +Adding new sources to Chrome + +In order for your new class to be built and linked in it needs to be added to +the project gypi file. + +src/chrome/browser/ui/BUILD.gn: + +```none +sources = [ +... ++   "webui/hello_world_ui.cc", ++   "webui/hello_world_ui.h", +``` + +Adding your WebUI request handler to the Chrome WebUI factory + +The Chrome WebUI factory is where you setup your new request handler. + +src/chrome/browser/ui/webui/chrome_web_ui_controller_factory.cc: + +```none ++ #include "chrome/browser/ui/webui/hello_world_ui.h" +... ++ if (url.host() == chrome::kChromeUIHelloWorldHost) ++   return &NewWebUI; +``` + +Testing + +You're done! Assuming no errors (because everyone gets their code perfect the +first time) you should be able to compile and run chrome and navigate to +chrome://hello-world/ and see your nifty welcome text! + +### Adding a callback handler + +You probably want your new WebUI page to be able to do something or get +information from the C++ world. For this, we use message callback handlers. +Let's say that we don't trust the Javascript engine to be able to add two +integers together (since we know that it uses floating point values internally). +We could add a callback handler to perform integer arithmetic for us. + +src/chrome/browser/ui/webui/hello_world_ui.h: + +```none +#include "chrome/browser/ui/webui/chrome_web_ui.h" ++ ++ namespace base { ++   class ListValue; ++ }  // namespace base +// The WebUI for chrome://hello-world +... +    // Set up the chrome://hello-world source. +    ChromeWebUIDataSource* html_source = +        new ChromeWebUIDataSource(chrome::kChromeUIHelloWorldHost); ++ ++   // Register callback handler. ++   RegisterMessageCallback("addNumbers", ++       base::Bind(&HelloWorldUI::AddNumbers, ++                  base::Unretained(this))); +    // Localized strings. +... +    virtual ~HelloWorldUI(); ++ ++  private: ++   // Add two numbers together using integer arithmetic. ++   void AddNumbers(const base::ListValue* args); +    DISALLOW_COPY_AND_ASSIGN(HelloWorldUI); +  }; +``` + +src/chrome/browser/ui/webui/hello_world_ui.cc: + +```none +  #include "chrome/browser/ui/webui/hello_world_ui.h" ++ ++ #include "base/values.h" +  #include "chrome/browser/profiles/profile.h" +... +  HelloWorldUI::~HelloWorldUI() { +  } ++ ++ void HelloWorldUI::AddNumbers(const base::ListValue* args) { ++   int term1, term2; ++   if (!args->GetInteger(0, &term1) || !args->GetInteger(1, &term2)) ++     return; ++   base::FundamentalValue result(term1 + term2); ++   CallJavascriptFunction("hello_world.addResult", result); ++ } +``` + +src/chrome/browser/resources/hello_world.js: + +```none +    function initialize() { ++     chrome.send('addNumbers', [2, 2]); +    } ++ ++   function addResult(result) { ++     alert('The result of our C++ arithmetic: 2 + 2 = ' + result); ++   } +    return { ++     addResult: addResult, +      initialize: initialize, +    }; +``` + +You'll notice that the call is asynchronous. We must wait for the C++ side to +call our Javascript function to get the result. + +## Creating a WebUI Dialog + +Once you've created a WebUI resource following the above instructions, there are +two changes necessary to make it a dialog. You must subclass the HtmlDialogUI +class instead of ChromeWebUI and create an HtmlDialogUIDelegate class which will +be responsible for running the dialog. + +1. Instead of subclassing the ChromeWebUI class as above you will need an +instance of HtmlDialogUI. + +src/chrome/browser/ui/webui/hello_world_ui.h: + +```none +- #include "#chrome/browser/ui/webui/chrome_web_ui.h" ++ #include "#chrome/browser/ui/webui/html_dialog_ui.h" +- class HelloWorldUI : public ChromeWebUI { ++ class HelloWorldUI : public HtmlDialogUI { +``` + +2. Create an HtmlDialogUIDelegate class which is used to instantiate the dialog. +For brevity each of these functions are stubbed out with the minimal code +possible. + +src/chrome/browser/ui/webui/hello_world.h + +```none +#ifndef CHROME_BROWSER_UI_WEBUI_HELLO_WORLD_H_ +#define CHROME_BROWSER_UI_WEBUI_HELLO_WORLD_H_ +#pragma once +#include "chrome/browser/ui/webui/html_dialog_ui.h" +class HelloWorldDialog : private HtmlDialogUIDelegate { + public: +  // Shows the Hello World dialog. +  static void ShowDialog(); +  virtual ~HelloWorldDialog(); + private: +  // Construct a Hello World dialog +  explicit HelloWorldDialog(); +  // Overridden from HtmlDialogUI::Delegate: +  virtual bool IsDialogModal() const OVERRIDE; +  virtual string16 GetDialogTitle() const OVERRIDE; +  virtual GURL GetDialogContentURL() const OVERRIDE; +  virtual void GetWebUIMessageHandlers( +      std::vector* handlers) const OVERRIDE; +  virtual void GetDialogSize(gfx::Size* size) const OVERRIDE; +  virtual std::string GetDialogArgs() const OVERRIDE; +  virtual void OnDialogClosed(const std::string& json_retval) OVERRIDE; +  virtual void OnCloseContents( +      TabContents* source, bool* out_close_dialog) OVERRIDE; +  virtual bool ShouldShowDialogTitle() const OVERRIDE; +  DISALLOW_COPY_AND_ASSIGN(HelloWorldDialog); +}; +#endif  // CHROME_BROWSER_UI_WEBUI_HELLO_WORLD_H_ +``` + +src/chrome/browser/ui/webui/hello_world.cc + +```none +#include "base/utf_string_conversions.h" +#include "chrome/browser/ui/browser.h" +#include "chrome/browser/ui/browser_list.h" +#include "chrome/browser/ui/webui/hello_world.h" +#include "chrome/common/url_constants.h" +void HelloWorldDialog::ShowDialog() { +  Browser* browser = BrowserList::GetLastActive(); +  DCHECK(browser); +  browser->BrowserShowHtmlDialog(new HelloWorldDialog(), NULL); +} +HelloWorldDialog::HelloWorldDialog() { +} +HelloWorldDialog::~HelloWorldDialog() { +} +bool HelloWorldDialog::IsDialogModal() { +  return false; +} +string16 HelloWorldDialog::GetDialogTitle() { +  return UTF8ToUTF16("Hello World"); +} +GURL HelloWorldDialog::GetDialogContentURL() const { +  return GURL(chrome::kChromeUIHelloWorldURL); +} +void HelloWorldDialog::GetWebUIMessageHandlers( +    std::vector* handlers) const { +} +void HelloWorldDialog::GetDialogSize(gfx::Size* size) const { +  size->SetSize(600, 400); +} +std::string HelloWorldDialog::GetDialogArgs() const { +  return std::string(); +} +void HelloWorldDialog::OnDialogClosed(const std::string& json_retval) { +  delete this; +} +void HelloWorldDialog::OnCloseContents(TabContents* source, +    bool* out_close_dialog) { +  if (out_close_dialog) +    *out_close_dialog = true; +} +bool HelloWorldDialog::ShouldShowDialogTitle() const { +  return true; +} +``` + +You can invoke this new dialog by calling HelloWorldDialog::ShowDialog(). + +### Passing arguments to the WebUI + +As you may have guessed, the HtmlDialogUIDelegate::GetDialogArgs() function call +is used for passing arguments to a dialog page. For example, if we wanted to +have a custom message displayed to the user depending on some argument known +only at dialog creation we could pass that argument in during construction, +return it from GetDialogArgs, and access it in Javascript from +chrome.dialogArguments as follows: + +src/chrome/browser/ui/webui/hello_world.h + +```none +-   static void ShowDialog(); ++   static void ShowDialog(std::string message); ++   // The message to be displayed to the user. ++   std::string message_; ++ +    DISALLOW_COPY_AND_ASSIGN(HelloWorldDialog); +  }; +``` + +src/chrome/browser/ui/webui/hello_world.cc + +```none +- HelloWorldDialog::HelloWorldDialog() { ++ HelloWorldDialog::HelloWorldDialog(std::string message) ++     : message_(message) { +  } +  std::string HelloWorldDialog::GetDialogArgs() const { +-   return std::string(); ++   return message_; +  } +``` + +src/chrome/browser/resources/hello_world.js: + +```none +    function initialize() { ++     document.getElementsByTagName('p')[0].textContent = chrome.dialogArguments; +    } +``` + +In practice you will probably be passing structured data to your WebUI for which +you can use the class base::JSONWriter to produce a JSON string which can be +parsed in javascript using JSON.parse(chrome.dialogArguments). TODO: Provide +example of this. + +### Adding dialog callback handlers + +Sometimes there are resources or objects that you have available at the time of +dialog creation which will not be available from the context of the HtmlDialogUI +class. You can add callbacks to your HtmlDialogUIDelegate class which Javascript +can then call directly. This is done from the overridden +HtmlDialogUIDelegate::GetWebUIMessageHandlers. The actual handlers are then +written the same as for regular WebUI. TODO: Provide example. \ No newline at end of file diff --git a/chromium/docs/website/site/developers/webview-changes/index.md b/chromium/docs/website/site/developers/webview-changes/index.md new file mode 100644 index 00000000000..8170cfc9f04 --- /dev/null +++ b/chromium/docs/website/site/developers/webview-changes/index.md @@ -0,0 +1,40 @@ +--- +breadcrumbs: +- - /developers + - For Developers +page_name: webview-changes +title: Shipping changes that are webview-friendly +--- + +Shipping changes to Android WebView requires some extra due-diligence. +Changing features on the web platform should always be done with care, but +here are a few ways WebView is special: + +* Native apps are often built on this technology, and are less likely to use the + WebView beta program. In general, they may pay less attention to the web + platform than they do to the Android platform, which has a less frequent and + different API update & deprecation mechanism. + +* Analytics are more difficult to get - UKM is not present, and UMA may be less + complete as some apps opt-out. + +* A/B experiments are less effective, for similar reasons. + +* There is less engineering effort on this platform, and it is often not top of + mind for Chromium developers. + +The kinds of changes that substantially affect WebView are usually the +same kinds that substantially affect other platforms, but in some cases there +may be more risk to WebView, especially if it involves places where the WebView +architecture [differs significantly](https://chromium.googlesource.com/chromium/src/+/HEAD/android_webview/docs/web-platform-compatibility.md) +from other platform. In addition, just as with +[enterprise changes](https://www.chromium.org/developers/enterprise-changes), +some APIs may be more prevalant on that platform than others. + +Removals of JavaScript APIs might be high-risk, because code that calls the API +will start throwing an exception. Similarly, big architectural changes risk +changing unspecified timing of callbacks which apps might inadvertently depend +on. On the other hand, changing behavior of(or removing) a CSS property that +may result in only cosmetic changes has lower risk for sites that depend on +it. + diff --git a/chromium/docs/website/site/developers/whistling.jpg.sha1 b/chromium/docs/website/site/developers/whistling.jpg.sha1 new file mode 100644 index 00000000000..b7839f56715 --- /dev/null +++ b/chromium/docs/website/site/developers/whistling.jpg.sha1 @@ -0,0 +1 @@ +7417811aca161e718a97a6198b3273dc1647df18 \ No newline at end of file diff --git a/chromium/docs/website/site/developers/windows-binary-sizes/index.md b/chromium/docs/website/site/developers/windows-binary-sizes/index.md new file mode 100644 index 00000000000..2110485b689 --- /dev/null +++ b/chromium/docs/website/site/developers/windows-binary-sizes/index.md @@ -0,0 +1,286 @@ +--- +breadcrumbs: +- - /developers + - For Developers +page_name: windows-binary-sizes +title: Windows Binary Sizes +--- + +Chrome binaries sometimes increase in size for unclear reasons and investigating +these regressions can be quite tricky. There are a a few tools that help with +investigating these regressions or just looking for wasted bytes in DLLs or +EXEs. The tools are: + +* New in 2021: + [SizeBench](https://devblogs.microsoft.com/performance-diagnostics/sizebench-a-new-tool-for-analyzing-windows-binary-size/) + is a Microsoft tool that does some sophisticated analysis of binary + size. [More information can be found + here.](https://devblogs.microsoft.com/performance-diagnostics/sizebench-a-new-tool-for-analyzing-windows-binary-size/) + If you can't download it from the store then you can clone + and then use "powershell + OSD\\Download-AppxFromStore.ps1 -storeurl + https://www.microsoft.com/en-us/p/sizebench/9ndf4n1wg7d6" to + download the files, and then run the SizeBench .appx file to install + SizeBench. Note that SizeBench is incompatible with lld-link so you + have to build chrome with "use_lld = false", and so far has not + worked at all. +* [tools\\win\\ShowGlobals](https://source.chromium.org/chromium/chromium/src/+/main:tools/win/ShowGlobals/) + - this executable (must be built from a VS solution) uses DIA2 (and + is based off of the dia2dump sample whose source comes with Visual + Studio) to print all ‘interesting’ global variables. Just pass the + path to a PDB file and details about any large or redundant global + variables will be printed. Large global variables are simple enough + to understand. Redundant or repeated global variables are when the + same global ends up in the binary multiple times - sometimes dozens + or hundreds of times. This happens when a non-integral global + variable (typically a struct, array, float, or double, or an + integral type with a non-trivial constructor) is defined as static + or const in a header file, causing it to be instantiated in multiple + translation units. The constants kWastageThreshold and + kBigSizeThreshold can be used to configure how much information + ShowGlobals reports. Making these command-line parameters is left as + an exercise for the reader. +* [tools\\win\\pdb_compare_globals.py](https://source.chromium.org/chromium/chromium/src/+/main:tools/win/pdb_compare_globals.py) + - this uses ShowGlobals.exe to get the interesting global variables + from two PE files and then print what has changed, either different + sizes or different interesting globals. This is designed for + understanding size regressions, since binary size regressions, even + when they are mostly due to code size, often have a correlated + effect on global variables +* [tools\\win\\pe_summarize.py](https://source.chromium.org/chromium/chromium/src/+/main:tools/win/pe_summarize.py) + - this displays a summary of the size of the sections in the DLLs or + EXEs whose paths are passed to it. If two copies of the same DLL/EXE + are passed to it then the size differences are printed as a summary, + to make regressions and improvements easier to see. This is most + often used for measuring progress or seeing what section has grown. +* [tools\\win\\linker_verbose_tracking.py](https://source.chromium.org/chromium/chromium/src/+/main:tools/win/linker_verbose_tracking.py) + - this scans the output of "link /verbose" in order to see why a + particular object file was linked in. This can either be because it + was listed on the command line (perhaps it was in a source set) or + because it was referenced (often indirectly) by an object file that + was listed on the command line. +* SymbolSort - this is a third party tool [available on + github](https://github.com/adrianstone55/SymbolSort/) that generates + various reports, including a sorted-by-size list of all symbols, + including functions. The -diff option to SymbolSort is particularly + useful for identifying where a change in size is coming from, + grouped in various ways. Usage: SymbolSort -in new\\chrome.dll.pdb + -diff old\\chrome.dll.pdb -out change.txt +* SymbolSort data can be visualized using webtreemap - see + for an example +* Static initializers waste code size and create process-private data. + The source to a static_initializers tool that will look for symbol + names associated with static initializers is in the Chromium repo in + tools\\win\\static_initializers. + +Details of how and when to use these tools are shown below. + +If looking for size saving opportunities then “ShowGlobals.exe file.pdb” can be +used to find duplicated or large global variables that may be unnecessary. +Typical (shortened for this document) results look like this - the first set of +entries are duplicated globals, the second set of entries are large globals: + +``` +#Dups DupSize Size Section Symbol-name + 805 805 std::piecewise_construct + 3 204 rgb_red + 3 204 rgb_green + 3 204 rgb_blue + 187 187 WTF::in_place + 4 160 extensions::api::g_factory + ... + 122784 2 kBrotliDictionary + 65536 2 jpeg_nbits_table + 57080 2 propsVectorsTrie_index + 53064 3 unigram_table + 50364 2 kNetworkingPrivate + 47152 3 device::UsbIds::vendors_ + ... +``` + +The actual output is tab separated and can be most easily visualized by pasting +into a spreadsheet to ensure that the columns line up. + +Some fixed issues include: + +* webrtc regression was analyzed to find a fix - see[ + https://bugs.chromium.org/p/chromium/issues/detail?id=734631#c14](https://bugs.chromium.org/p/chromium/issues/detail?id=734631#c14) + for the many steps, and + [crrev.com/c/567030](https://chromium-review.googlesource.com/c/567030/) +* We have 216 functions instances of color_xform_RGBA<T> + totaling 68,184 bytes, down from 300 instances totaling 146496 bytes + (crbug.com/677450 and crbug.com/680973). This waste was found by + using SymbolSort's -diff option to investigate a sizes regression. +* A regression in chrome_watcher.dll was methodically analyzed to + understand precisely where the size was coming from - see the steps + listed out starting at [this bug + comment](https://bugs.chromium.org/p/chromium/issues/detail?id=717103#c24). + +The most egregious problems shown by these reports have been fixed but some +remaining issues include: + +* Four copies of 68 byte rgb_red, rgb_green, rgb_blue, rgb_pixelsize + arrays in chrome.dll and chrome_child.dll - + https://github.com/libjpeg-turbo/libjpeg-turbo/issues/114 + (unfixable) +* ~800 copies of std::piecewise_construct - + + (next version of VC++?) + +The large kBrotliDictionary and jpeg_nbits_table arrays can be seen, but those +are used and are in the read-only section, so there is nothing to be done. + +When investigating a regression pdb_compare_globals.py can be used to find out +what large or duplicated global variables have showed up between two builds. +Just pass both PDBs and a summary of the changes will be printed. This uses +ShowGlobals.exe to generate the list of interesting global variables and then +prints a diff. + +When investigating a regression (or testing a fix) it can be useful to use +pe_summarize.py to print the size of all of the sections with a PE, or to +compare to PE files (two versions of chrome.dll, for instance). This is the +ultimate measure of success for a change - has it made the binary smaller or +larger, and if so where? + +If an unwanted global variable is being linked in then +linker_verbose_tracking.py can be used to help answer the question of “why?” +First you need to find out what object file defines the variable. For instance, +ff_cos_131072 and the other ff_\* globals are defined in rdft.c. When rdft.obj +is pulled in then Chrome gets significantly bigger. Some of this is discussed in +comments #25 to #27 here: + + +In order to get verbose linker output you need to modify the appropriate +BUILD.gn file to add the /verbose linker flag. For chrome.dll I make the +following modification: + +``` +diff --git a/chrome/BUILD.gn b/chrome/BUILD.gn +index 58586fc..c15d463 100644 +--- a/chrome/BUILD.gn ++++ b/chrome/BUILD.gn +@@ -354,6 +354,7 @@ if (is_win) { +"/DELAYLOAD:winspool.drv", +"/DELAYLOAD:ws2_32.dll", +"/DELAYLOAD:wsock32.dll", ++ "/verbose", +\] +if (!is_component_build) { +``` + +Then build chrome.dll, redirecting the verbose output to a text file: + +``` +> ninja -C out\release chrome.dll >verbose.txt +``` + +Alternately you can use the techniques discussed in the [The Chromium Chronicle: +Preprocessing +Source](https://developers.google.com/web/updates/2019/10/chromium-chronicle-7) +to get the linker command and then manually re-run that command with /verbose +appended, redirecting to a text file. + +Then linker_verbose_tracking.py is used to find why a particular object file is +being pulled in, in this case mime_util.obj: + +``` +> python linker_verbose_tracking.py verbose.txt mime_util.obj +``` + +Because there are multiple object files called mime_util.obj the script will be +searching for for all of them, as shown in the first line of output: + +``` +> python linker_verbose_tracking.py verbose.txt mime_util.obj + Searching for \[u'net.lib(mime_util.obj)', u'base.lib(mime_util.obj)'\] +``` + +You can specify which version you want to search for by including the .lib name +in your command-line search parameter, which is just used for sub-string +matching: + +``` +> python linker_verbose_tracking.py verbose.txt base.lib(mime_util.obj) +``` + +Typical output looks like this: + +``` +> python tools\win\linker_verbose_tracking.py verbose08.txt drop_data.obj + Database loaded - 3844 xrefs found + Searching for common_sources.lib(drop_data.obj) + common_sources.lib(drop_data.obj).obj pulled in for symbol Metadata::Metadata... + common.lib(content_message_generator.obj) + + common.lib(content_message_generator.obj).obj pulled in for symbol ... + Command-line obj file: url_loader.mojom.obj +``` + +In this case this tells us that drop_data.obj is being pulled in indirectly +through a chain of references that starts with url_loader.mojom.obj. +url_loader.mojom.obj is in a source_set which means that it is on the +command-line. I then change the source_set to a static_library and redo the +steps. If all goes well then the unwanted .obj file will eventually stop being +pulled in and I can use pe_summarize.py to measure the savings, and ShowGlobals +to look for the next large global variable. + +Sometimes this technique - of changing source_set to static_library - doesn’t +help. In those case it can be important to figure out follow the chain of +symbols and see if it can be broken. In one case +([crrev.com/2559063002](https://codereview.chromium.org/2559063002)) +SkGeometry.obj (skia) was pulling in PeriodicWave.obj (Blink) because of log2f. +Investigation showed that SkGeometry.obj referenced the math.h function log2f, +while PeriodicWave.obj defined it as an inline function. The chain was broken by +not defining log2f as an inline function (letting math.h do that) and a +significant amount of code size was saved. + +Note that some size regressions only happen with certain build configurations. +Ideally all testing would be done with PGO builds, but that is unwieldy, so +release (non-component?) builds are probably the best starting point. If a size +regression reproes on this configuration then investigate there and fix it. But, +it is advisable to verify the fix on a full official build - with both +is_official_build and full_wpo_on_official set to true. Failing to do this test +can lead to a fix that doesn’t actually help on the builds that we ship to +customers, and this can go unnoticed for months. + +See crrev.com/2556603002 for an example of using this technique. In this case it +was sufficient to change a single source_set to a static_library. The size +savings of 900 KB was verified using: + +``` +> python pe_summarize.py out\release\chrome.dll +Size of out\release\chrome.dll is 42.127872 MB + name: mem size , disk size + .text: 33.900375 MB + .rdata: 6.325718 MB + .data: 0.718696 MB, 0.274944 MB + .tls: 0.000025 MB + CPADinfo: 0.000036 MB + .rodata: 0.003216 MB + .crthunk: 0.000064 MB + .gfids: 0.001052 MB + _RDATA: 0.000288 MB + .rsrc: 0.175088 MB + .reloc: 1.443124 MB + +Size of size_reduction\chrome.dll is 41.211392 MB + name: mem size , disk size + .text: 33.188599 MB + .rdata: 6.164966 MB + .data: 0.707848 MB, 0.264704 MB + .tls: 0.000025 MB + CPADinfo: 0.000036 MB + .rodata: 0.003216 MB + .crthunk: 0.000064 MB + .gfids: 0.001052 MB + _RDATA: 0.000288 MB + .rsrc: 0.175088 MB + .reloc: 1.409388 MB + +Change from out\release\chrome.dll to size_reduction\chrome.dll + .text: -711776 bytes change + .rdata: -160752 bytes change + .data: -10848 bytes change + .reloc: -33736 bytes change +Total change: -917112 bytes +``` diff --git a/chromium/docs/website/site/devtools/announcements/index.md b/chromium/docs/website/site/devtools/announcements/index.md new file mode 100644 index 00000000000..f3a9ba9faac --- /dev/null +++ b/chromium/docs/website/site/devtools/announcements/index.md @@ -0,0 +1,8 @@ +--- +breadcrumbs: +- - /devtools + - Google Chrome Developer Tools +page_name: announcements +title: Announcements +--- + diff --git a/chromium/docs/website/site/devtools/breakpoints-tutorial/index.md b/chromium/docs/website/site/devtools/breakpoints-tutorial/index.md new file mode 100644 index 00000000000..fdc62ba3211 --- /dev/null +++ b/chromium/docs/website/site/devtools/breakpoints-tutorial/index.md @@ -0,0 +1,15 @@ +--- +breadcrumbs: +- - /devtools + - Google Chrome Developer Tools +page_name: breakpoints-tutorial +title: breakpoints-tutorial +--- + +This page has moved to . + +You will be automatically redirected there in 10 seconds. + +image \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/capturing-a-timeline-trace/index.md b/chromium/docs/website/site/devtools/capturing-a-timeline-trace/index.md new file mode 100644 index 00000000000..5d2a56bb38f --- /dev/null +++ b/chromium/docs/website/site/devtools/capturing-a-timeline-trace/index.md @@ -0,0 +1,29 @@ +--- +breadcrumbs: +- - /devtools + - Google Chrome Developer Tools +page_name: capturing-a-timeline-trace +title: Capturing a Timeline Trace +--- + +### Prereqs if recording from Android: + +* Use an up-to-date [Chrome Dev Channel on + android](https://play.google.com/store/apps/details?id=com.chrome.dev&hl=en). +* [Connect to the device with remote + debugging](https://developers.google.com/web/tools/chrome-devtools/debug/remote-debugging/remote-debugging) + +## Steps: + +1. Inspect the tab w/ devtools, open Timeline panel. +2. The only checkbox checked should be JS Profile. +3. Hit record. +4. Do whatever action is slow. (reload, tapping an icon, scrolling). +5. End the recording +6. If that looks like it captured the right stuff, right-click and save + it. + * [image](/devtools/capturing-a-timeline-trace/save%20timeline.png) +7. Zip the file if you can. It'll compress a 40MB file to about 4MB. +8. Now you can share it: attaching it to a bug, emailing it, or sharing + via dropbox/etc. \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/capturing-a-timeline-trace/save timeline.png.sha1 b/chromium/docs/website/site/devtools/capturing-a-timeline-trace/save timeline.png.sha1 new file mode 100644 index 00000000000..549de7a4079 --- /dev/null +++ b/chromium/docs/website/site/devtools/capturing-a-timeline-trace/save timeline.png.sha1 @@ -0,0 +1 @@ +8e0c50f4d3abf6b3d6cfdba3a00b8bb90602ef05 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/feed-icon16x16.png.sha1 b/chromium/docs/website/site/devtools/feed-icon16x16.png.sha1 new file mode 100644 index 00000000000..e79b2b606a4 --- /dev/null +++ b/chromium/docs/website/site/devtools/feed-icon16x16.png.sha1 @@ -0,0 +1 @@ +34be4a62b34fbf651ed4be850cd10e43dafc9327 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/arrow.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/arrow.png.sha1 new file mode 100644 index 00000000000..4f0f9d497e0 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/arrow.png.sha1 @@ -0,0 +1 @@ +de345d9460a457f455dbdb9bd61bf834879f5c48 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console.png.sha1 new file mode 100644 index 00000000000..332772b0077 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console.png.sha1 @@ -0,0 +1 @@ +777e48f032802409d4b46fd6491ec6e7068b94ab \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_1.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_1.png.sha1 new file mode 100644 index 00000000000..332772b0077 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_1.png.sha1 @@ -0,0 +1 @@ +777e48f032802409d4b46fd6491ec6e7068b94ab \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dir.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dir.png.sha1 new file mode 100644 index 00000000000..9e406c617f6 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dir.png.sha1 @@ -0,0 +1 @@ +48e6d13ed00a30d92ef83128ebb7804e551d4e87 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dirxml.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dirxml.png.sha1 new file mode 100644 index 00000000000..7397ed5824c --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dirxml.png.sha1 @@ -0,0 +1 @@ +584f12ed6e9df951184e2ebae172b29ee9bc8b0f \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_one.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_one.png.sha1 new file mode 100644 index 00000000000..4853a70de05 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_one.png.sha1 @@ -0,0 +1 @@ +d10fbc6b7dcedde556cf907b7309dd02a69fd088 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_zero.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_zero.png.sha1 new file mode 100644 index 00000000000..e7969bd81a9 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_dollar_zero.png.sha1 @@ -0,0 +1 @@ +879512c841b62ee71b5e0f5c8209f7732859cb12 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_id.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_id.png.sha1 new file mode 100644 index 00000000000..0f071c9feb3 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_id.png.sha1 @@ -0,0 +1 @@ +c4e2db037e09ed7b42ac0855559719f38578b698 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_inspect.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_inspect.png.sha1 new file mode 100644 index 00000000000..d58d9b372fb --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/console_inspect.png.sha1 @@ -0,0 +1 @@ +59e344dff4c365985df75f1d8aa4b00773af0507 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_bottom.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_bottom.png.sha1 new file mode 100644 index 00000000000..11c44f95b81 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_bottom.png.sha1 @@ -0,0 +1 @@ +e047b02a1118958570f6de5dceeb50b3cde02759 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_top.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_top.png.sha1 new file mode 100644 index 00000000000..ab64794dae1 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/dev_tools_window_top.png.sha1 @@ -0,0 +1 @@ +0822fd06c88271d35852dc2220e62c4f33efd1d0 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_css_syntax_highlighting.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_css_syntax_highlighting.png.sha1 new file mode 100644 index 00000000000..5b4873da24f --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_css_syntax_highlighting.png.sha1 @@ -0,0 +1 @@ +9dd08639e8906d691ede67fc432217e7815b4804 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_event_listeners_gear.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_event_listeners_gear.png.sha1 new file mode 100644 index 00000000000..0928f3f4ef4 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_event_listeners_gear.png.sha1 @@ -0,0 +1 @@ +d115489444abf062b610f62f658cc1d7c24d6424 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_hover.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_hover.png.sha1 new file mode 100644 index 00000000000..256c9beeaca --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_hover.png.sha1 @@ -0,0 +1 @@ +f24fec23d8887fecb0e3dc1ee9b1974f7c69f353 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_metrics.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_metrics.png.sha1 new file mode 100644 index 00000000000..30c51c82d17 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_metrics.png.sha1 @@ -0,0 +1 @@ +acf5205f6bd070cf26ef2daf345ef92beaf47328 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_p.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_p.png.sha1 new file mode 100644 index 00000000000..1ed851f09f8 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_p.png.sha1 @@ -0,0 +1 @@ +e03a1e55c45057d39c510c9cab891f6dcf80b5f7 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_panel.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_panel.png.sha1 new file mode 100644 index 00000000000..3f895da1a49 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_panel.png.sha1 @@ -0,0 +1 @@ +99d5a0d91b5ffbcd4274d1c1dd1075f7602f8e1b \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_properties_paner.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_properties_paner.png.sha1 new file mode 100644 index 00000000000..742025cf3bf --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_properties_paner.png.sha1 @@ -0,0 +1 @@ +6142eed7def5ff4243996256a77f470403c7a95a \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_search.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_search.png.sha1 new file mode 100644 index 00000000000..0a2a040c811 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_search.png.sha1 @@ -0,0 +1 @@ +6d0df4e3c5163b23727769012c52207a71136e42 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_checkboxes.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_checkboxes.png.sha1 new file mode 100644 index 00000000000..c1afacf13ec --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_checkboxes.png.sha1 @@ -0,0 +1 @@ +c7aade221ad5a09f7f3c7974a69c044b6930dcc9 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_edit.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_edit.png.sha1 new file mode 100644 index 00000000000..760304baa48 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/elements_style_edit.png.sha1 @@ -0,0 +1 @@ +ce8a6147ae495a03c4ce6fcf2954fd139a71b071 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/exclude_selected_function.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/exclude_selected_function.png.sha1 new file mode 100644 index 00000000000..eb3704471eb --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/exclude_selected_function.png.sha1 @@ -0,0 +1 @@ +92392a10f667a2340d6e2bdbfc3690f6cec07120 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/focus_selected_function.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/focus_selected_function.png.sha1 new file mode 100644 index 00000000000..2f7cfd578d7 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/focus_selected_function.png.sha1 @@ -0,0 +1 @@ +2ecf84a239e24527e7e924191c6a5e20a6cb3cda \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot.png.sha1 new file mode 100644 index 00000000000..b5374597eb4 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot.png.sha1 @@ -0,0 +1 @@ +95b27b9b12f02311947a1e852ad0b0bf3ad8f779 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_compare.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_compare.png.sha1 new file mode 100644 index 00000000000..d53412a0bd4 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_compare.png.sha1 @@ -0,0 +1 @@ +c68703382a63cfe105b2e7a7500e95d6fc2c0301 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_drill_down.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_drill_down.png.sha1 new file mode 100644 index 00000000000..abec490482b --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/heap_snapshot_drill_down.png.sha1 @@ -0,0 +1 @@ +2320c29ed794b368587efd1d6e93206f7ddd274f \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/index.md b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/index.md new file mode 100644 index 00000000000..d7d6f282516 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/index.md @@ -0,0 +1,9 @@ +--- +breadcrumbs: +- - /devtools + - Google Chrome Developer Tools +page_name: google-chrome-developer-tools-tutorial +title: Google Chrome Developer Tools Tutorial +--- + +This page has moved to \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/page_menu.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/page_menu.png.sha1 new file mode 100644 index 00000000000..7de197b3f6f --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/page_menu.png.sha1 @@ -0,0 +1 @@ +cee468eda220fc78a07eadbf80a98508b9e11fd7 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiles_panel_1.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiles_panel_1.png.sha1 new file mode 100644 index 00000000000..d0d038211a7 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiles_panel_1.png.sha1 @@ -0,0 +1 @@ +d7076b22521754d85da29e6badfb788253cc100a \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_cpu_1.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_cpu_1.png.sha1 new file mode 100644 index 00000000000..724a1cd8acb --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_cpu_1.png.sha1 @@ -0,0 +1 @@ +c0d9524fd337e8a22aea0da748179245b3a3b4ae \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_search.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_search.png.sha1 new file mode 100644 index 00000000000..eac59e3a0f6 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/profiling_search.png.sha1 @@ -0,0 +1 @@ +ce86d4b9bedfed38167e8f1684abb602f48bfb2b \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_click_sidebar.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_click_sidebar.png.sha1 new file mode 100644 index 00000000000..fcf0f493d84 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_click_sidebar.png.sha1 @@ -0,0 +1 @@ +2e9d0368f5444cf67112a3cb8781d910a667e755 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_drag_drop.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_drag_drop.png.sha1 new file mode 100644 index 00000000000..a4886ae3b28 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_drag_drop.png.sha1 @@ -0,0 +1 @@ +eba3416655381f6eb970f7d15c84843c12f9c01b \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_enable_window.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_enable_window.png.sha1 new file mode 100644 index 00000000000..f46d7c9e7f4 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_enable_window.png.sha1 @@ -0,0 +1 @@ +7b8f8f4e5c7f0beb71eaacfb52106ef47fd59039 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_panel.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_panel.png.sha1 new file mode 100644 index 00000000000..7d6ebecbe4d --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_panel.png.sha1 @@ -0,0 +1 @@ +356dfe67fed93fe7d206edcff3aecbf036f00027 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_size.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_size.png.sha1 new file mode 100644 index 00000000000..9f52fad1fef --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_size.png.sha1 @@ -0,0 +1 @@ +edd30c0ef76cc337ad115647f734b44a513312e3 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_sort_by.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_sort_by.png.sha1 new file mode 100644 index 00000000000..f706dcbda03 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/resources_sort_by.png.sha1 @@ -0,0 +1 @@ +4a01948e90754e3c8c6588c77b5488cd5a968101 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints.png.sha1 new file mode 100644 index 00000000000..e22df77781d --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints.png.sha1 @@ -0,0 +1 @@ +b0e94531beda874736311ebcebb2e987f89b8329 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints_2.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints_2.png.sha1 new file mode 100644 index 00000000000..12c324619ac --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_breakpoints_2.png.sha1 @@ -0,0 +1 @@ +17df97a1e5f76bfbd4ce0b13c1040fecfe3cde99 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel.png.sha1 new file mode 100644 index 00000000000..e5611b1c28a --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel.png.sha1 @@ -0,0 +1 @@ +70b0490785011f240393d66215fc6eb5dfe6aced \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel_2.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel_2.png.sha1 new file mode 100644 index 00000000000..ec3863aa7a0 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_panel_2.png.sha1 @@ -0,0 +1 @@ +a7a093029a06048c64cc64ed01508ed1e355c543 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_paused.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_paused.png.sha1 new file mode 100644 index 00000000000..169d4b459c1 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/scripts_paused.png.sha1 @@ -0,0 +1 @@ +5d9791ea949063d7e8b35c0a14109cac371eef7d \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_cookie.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_cookie.png.sha1 new file mode 100644 index 00000000000..b542b8f4572 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_cookie.png.sha1 @@ -0,0 +1 @@ +92e6bf0665134f9f02bffc47f157cc9cb38aa903 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel.png.sha1 new file mode 100644 index 00000000000..c41c7d86b9c --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel.png.sha1 @@ -0,0 +1 @@ +34f08b39b9460b52da40d9dea20d0536d959f9ba \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_database.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_database.png.sha1 new file mode 100644 index 00000000000..4a7e960872a --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_database.png.sha1 @@ -0,0 +1 @@ +42c8d49571fcee2d5ff91103a0e6d0d3ff845ac4 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_sql_query.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_sql_query.png.sha1 new file mode 100644 index 00000000000..198912871bf --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_panel_sql_query.png.sha1 @@ -0,0 +1 @@ +90fd60e4195595263a49a382c426d25868449644 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_sticky_note.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_sticky_note.png.sha1 new file mode 100644 index 00000000000..c7830d36710 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/storage_sticky_note.png.sha1 @@ -0,0 +1 @@ +c9318eca7e0bfe5aac751a87993fe663270170e1 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_panel.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_panel.png.sha1 new file mode 100644 index 00000000000..f2e232a4215 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_panel.png.sha1 @@ -0,0 +1 @@ +16acbc0d78d48ddcf62c4ed5f52ef4d90acccb00 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_records.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_records.png.sha1 new file mode 100644 index 00000000000..ccb0ce2b695 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_records.png.sha1 @@ -0,0 +1 @@ +05611570c68eb7a81654497a94c93f5c8b6b45ef \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_slider_right.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_slider_right.png.sha1 new file mode 100644 index 00000000000..188ff01239f --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/timeline_slider_right.png.sha1 @@ -0,0 +1 @@ +de3fd9981e97cee3ac984bf4a39bb497fc29d7b4 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/top_tool_bar_w_console.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/top_tool_bar_w_console.png.sha1 new file mode 100644 index 00000000000..08ec020712d --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/top_tool_bar_w_console.png.sha1 @@ -0,0 +1 @@ +ca717c5cae93946b8b97c1f932daba7cdd7f4c57 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/two_profiles.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/two_profiles.png.sha1 new file mode 100644 index 00000000000..a2c5fd73270 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/two_profiles.png.sha1 @@ -0,0 +1 @@ +903baebd66766b915814e4f0d27f40578b4cd052 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench-icon.jpg.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench-icon.jpg.sha1 new file mode 100644 index 00000000000..1a556721cde --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench-icon.jpg.sha1 @@ -0,0 +1 @@ +8a9310c4fb3ab7e16f28947a129dc7864d958a75 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench.png.sha1 b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench.png.sha1 new file mode 100644 index 00000000000..6d495f12f52 --- /dev/null +++ b/chromium/docs/website/site/devtools/google-chrome-developer-tools-tutorial/wrench.png.sha1 @@ -0,0 +1 @@ +fca7a974d8e6226db068ef030fa8ebb1e42cd93d \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/index.md b/chromium/docs/website/site/devtools/index.md new file mode 100644 index 00000000000..d561adcbcf4 --- /dev/null +++ b/chromium/docs/website/site/devtools/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: [] +page_name: devtools +title: Google Chrome Developer Tools +--- + +The docs for [Google Chrome Developer +Tools](https://developers.google.com/web/tools/chrome-devtools/) has moved. + +* [How to contribute to the + DevTools](https://goo.gle/devtools-contribution-guide) +* [Capturing a Timeline Trace](/devtools/capturing-a-timeline-trace) \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/page_menu.png.sha1 b/chromium/docs/website/site/devtools/page_menu.png.sha1 new file mode 100644 index 00000000000..7de197b3f6f --- /dev/null +++ b/chromium/docs/website/site/devtools/page_menu.png.sha1 @@ -0,0 +1 @@ +cee468eda220fc78a07eadbf80a98508b9e11fd7 \ No newline at end of file diff --git a/chromium/docs/website/site/devtools/wrench-icon.jpg.sha1 b/chromium/docs/website/site/devtools/wrench-icon.jpg.sha1 new file mode 100644 index 00000000000..cc8fe345010 --- /dev/null +++ b/chromium/docs/website/site/devtools/wrench-icon.jpg.sha1 @@ -0,0 +1 @@ +8938988d522c0ace623045166b47288309ab34f5 \ No newline at end of file diff --git a/chromium/docs/website/site/embeddedsearch/index.md b/chromium/docs/website/site/embeddedsearch/index.md new file mode 100644 index 00000000000..e1e44521a4e --- /dev/null +++ b/chromium/docs/website/site/embeddedsearch/index.md @@ -0,0 +1,208 @@ +--- +breadcrumbs: [] +page_name: embeddedsearch +title: Embedded Search API +--- + +**This document describes a replacement for the [SearchBox API](/searchbox) +designed for search providers included with Chromium to allow them to integrate +more tightly with Chrome’s Omnibox and New Tab Page. This document will be kept +up to date with the changes in trunk Chromium and is to be considered the +authoritative reference on this new API.** + +**Overview** +**The Embedded Search API provides a point of integration for a default search +provider:** The provider is responsible for rendering the New Tab Page (NTP). + +**Search providers who wish to try EmbeddedSearch NewTabPage API can do so by +modifying the TemplateURL data for their provider (in +[src/components/search_engines/prepopulated_engines.json](https://code.google.com/p/chromium/codesearch#chromium/src/components/search_engines/prepopulated_engines.json)) +to add a "new_tab_url" field pointing to an URL that will render the NTP. +Implementers can find an example in the chromium sources at +[src/chrome/browser/resources/local_ntp/local_ntp.js](https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/resources/local_ntp/local_ntp.js).** + +**Reference** + +**// This interface is exposed as window.chrome.embeddedSearch to the embedded search page.** +**interface EmbeddedSearch {** + +**// Interface to allow the embedded search page to interact with and control the** +**// navigator searchbox. Exposed as window.chrome.embeddedSearch.searchBox.** +**interface SearchBox {** + +// Indicates whether the browser is rendering its UI in rigth-to-left mode. + +readonly attribute unsigned boolean rtl; + +// Requests the searchbox to enter (or exit) a mode where it is not visibly +focused + +**// but if the user presses a key will capture it and focus itself. Conceptually** +**// similar to an invisible focus() call.** +**void startCapturingKeyStrokes();** +**void stopCapturingKeyStrokes();** + +**// Attribute and listener to detect if the searchbox is currently capturing user key** +**// strokes.** +readonly attribute boolean isFocused; +**readonly attribute boolean isKeyCaptureEnabled;** +attribute Function onfocuschange; +**attribute Function onkeycapturechange;** +**}; // interface Searchbox** +**// Interface to allow the embedded search page to interact with and control +the** + +**// New Tab Page. Exposed as window.chrome.embeddedSearch.newTabPage.** +**interface NewTabPage {** + +// Attribute and listeners that indicate to the new tab page whether user input + +// is in progress in the omnibox. + +readonly attribute boolean **isInputInProgress**; + +attribute Function **oninputstart**; + +attribute Function **oninputcancel**; + +// List of user's most visited items. + +readonly attribute Array<MostVisitedItem> **mostVisited**; + +attribute Function **onmostvisitedchange**; + +// Deletes the most visited item corresponding to |restrictedID|. + +function **deleteMostVisitedItem(**restrictedID**)**; + +// Undoes the deletion of the item for |restrictedID|. + +function **undoMostVisitedDeletion(**restrictedID**)**; + +// Undoes the deletion of all most visited items. + +function **undoAllMostVisitedDeletions()**; + +// Information necessary to render the user's theme background on the NTP. + +**readonly attribute ThemeBackgroundInfo themeBackgroundInfo;** + +attribute Function **onthemechange**; + +**}; // interface NewTabPage** +**};** +// Format for a most visited object supplied by the browser. + +// + +// Most visited items are represented by an opaque identifier, the "rid". After +M72, Chrome + +// provides one special URL that the page can render as <iframe>s to +display + +// most visited data: + +// + +// chrome-search://most-visited/title.html?rid=<RID> + +// + +// Prior to M72, Chrome also provided a second URL which has now been +deprecated: + +// + +// \[deprecated\] chrome-search://most-visited/thumbnail.html?rid=<RID> + +// + +// The URL also accepts the following query parameters to modify the style of +the + +// content inside the iframe: + +// + +// 'c' : Color of the text in the iframe. + +// 'f' : Font family for the text in the iframe. + +// 'fs' : Font size for the text in the iframe. + +// 'pos' : The position of the iframe in the UI. + +// + +// For example, the page could create the following iframe + +// + +// <iframe +src="chrome-search://most-visited/title.html?rid=5&c=777777&f=arial%2C%20sans-serif&fs=11&pos=0"> + +// + +// to render the title for the first most visited item. + +MostVisitedItem { + +// The restricted ID (an opaque identifier) to refer to this item. + +readonly attribute unsigned long rid; + +// URL to load the favicon for the most visited item as an image. + +// + +// NOTE: the URL is particular to the current instance of the New Tab page and + +// cannot be reused. + +readonly attribute string faviconUrl; + +} + +**// Format of the ThemeBackgroundInfo object which indicates information about the user's** +**// chosen custom UI theme necessary for correct rendering of the new tab page.** +**ThemeBackgroundInfo {** + +// NOTE: The following fields are always present. + +// True if the default theme is selected. + +readonly attribute boolean **usingDefaultTheme**; + +// Theme background color in RGBA format. + +readonly attribute Array backgroundColorRgba; + +// Theme text color in RGBA format. + +readonly attribute Array **textColorRgba**; + +// Theme text color light in RGBA format. + +readonly attribute Array **textColorLightRgba**; + +// True if the theme has an alternate logo. + +readonly attribute boolean **logoAlternate**; + +**// NOTE: The following fields are all optional.** + +**// Theme background-position x component.** +**readonly attribute String imageHorizontalAlignment;** +**// Theme background-position y component.** +**readonly attribute String imageVerticalAlignment;** +**// Theme background-repeat.** +**readonly attribute String imageTiling;** + +// True if the theme has an attribution logo. + +readonly attribute boolean **hasAttribution**; + +**};** + +Last edited: Wednesday, November 12, 2018, 10:45 PM PST \ No newline at end of file diff --git a/chromium/docs/website/site/events/blinkon-14/index.md b/chromium/docs/website/site/events/blinkon-14/index.md new file mode 100644 index 00000000000..a3fedd17d22 --- /dev/null +++ b/chromium/docs/website/site/events/blinkon-14/index.md @@ -0,0 +1,213 @@ +--- +breadcrumbs: +- - /events + - Chromium project related events +page_name: blinkon-14 +title: BlinkOn 14 +--- + +**Schedule:** [bit.ly/blinkon-14-schedule](http://bit.ly/blinkon-14-schedule) + +**Slack:** + + +[TOC] + +## **Introduction & Registration** + +Welcome to BlinkOn 14 - we're looking forward to hosting you soon! + +If you haven't already done so, please [register +now](https://docs.google.com/forms/d/e/1FAIpQLSc1r9roNnTNDygOYptafgEIc1QkNyV65I0ZW5ySImfwpyVg_w/viewform?usp=sf_link). +Registration will remain open until May 12th JST / May 11th PST, but we +encourage you to register ASAP so that you can stay up to date with the latest +information. + +## **Logistics** + +* Date: May 12-14, 2021 JST / May 11-13, 2021 PST +* Time: 7:30am-11am JST / 3:30pm-7pm PST +* Location: Virtual +* How: Combination of live and recorded sessions, including keynotes, + lightning talks, breakout talks, and social events + +We acknowledge and apologize that APAC time zones are not convenient for +everyone, especially in the context of additional responsibilities brought on by +COVID-19. To make this event as accessible as possible, we'll record and +immediately publish all publicly available talks. We'll also continue to shift +future BlinkOns to more fairly distribute the burden of meeting at challenging +times. + +## **Call for Content (Breakout Talks)** + +The breakout talk sign up closed on May 11th JST / May 10th PST. If you signed +up to host a breakout talk, please your add a link to your slides or +pre-recorded talk to Column F in [this +sheet](https://docs.google.com/spreadsheets/d/1XkgjTXOPVQd8GzJJafG2QSCUm9c-FZvIztgpygAsFvs/edit?usp=sharing). + +## **Call for Content (Lightning Talks)** + +The lightning talk sign up closed on April 13th JST / April 12th PST. + +## **Schedule** + +View the full schedule of events at +[bit.ly/blinkon-14-schedule](http://bit.ly/blinkon-14-schedule). + +## Sessions + +All sessions will be conducted over Google Meet. To join a session, click the +"Join by GVC" links in the schedule. You can also add the sessions that you're +interested in attending directly to your Google Calendar by clicking the "Add to +Calendar" links. + +## **Virtual Breakout Talk Best Practices - Google Meet** + +We understand that there's a lot to consider when presenting and attending +virtual breakout talks. That's why we've curated the following best practices +for Google Meet. + +### *Presenter Steps* + +Before your breakout talk, please: + +* Ensure your backup presenter is available + + [Present your slides or pre-recorded + talk](https://support.google.com/a/users/answer/9848723?hl=en&ref_topic=9545472) + + On the bottom, select Present now + + Select "Your entire screen," "A window," or "A tab" + + "A tab" is best for video and animation + + Select "Share" + + You (or your backup presenter) are responsible for presenting your + slides or pre-recorded talk + + If applicable, [remove + participants](https://support.google.com/meet/answer/7501121?hl=en&ref_topic=7290350#) + + \[External Attendees\] ask a Google participant to remove participants + + \[Internal Attendees\] select "Remove from meeting" in a participant's + thumbnail image + +During your breakout talk, you can moderate questions using any of the following +features + +* [Chat](https://support.google.com/meet/answer/9308979?hl=en&co=GENIE.Platform=Desktop) + - ask participants to: + * On the top right, select "Chat" + * Enter their question and then select "Send" +* [Raise + hand](https://support.google.com/meet/answer/10159750?hl=en&ref_topic=7290350) + - ask participants to: + * On the bottom right, select "Raise Hand" +* [Q&A](https://support.google.com/meet/answer/10146000?hl=en&ref_topic=7290350) + - ask participants to: + * On the top right, select "Activities" and then "Q&A" + * Select "Ask a question" + * Enter their question and then click "Post" + +### *Technical Considerations* + + [Turn on + captions](https://support.google.com/meet/answer/9300310?hl=en&ref_topic=7290350) + + On the bottom, select "Turn on captions" + + [Change the number of participants you see on your + screen](https://support.google.com/meet/answer/9292748?hl=en) + + On the bottom, select "More options" and then "Change layout" + + [Mute or pin + participants](https://support.google.com/meet/answer/7501121?hl=en&ref_topic=7290350#) + + Select "Mute" or "Pin" in a participant's thumbnail image + + \[Internal Attendees\] [Toggle noise cancellation + on](https://support.google.com/meet/answer/9919960?hl=en) + + On the bottom, select "More options" + + Select "Settings" and then "Audio" + + If you experience quality issues, [change your send and receive resolutions + to + 360p](https://support.google.com/a/users/answer/9848870?hl=en&co=GENIE.Platform=Desktop) + + On the bottom, select "More options" + + Select "Settings" and then "Video" + + If you experience any other troubleshoot issues, visit [troubleshoot issues + with Google Meet](https://support.google.com/meet/answer/7380413?hl=en) + +## Chromium on Slack + +We'll be using Slack to communicate throughout this event. Please join Chromium +on Slack +[here](https://join.slack.com/t/chromium/shared_invite/zt-7760queu-bzAFvtstmnQxpYAgpYFIsg), +and add the following channels: + +* #blinkon +* #blinkon-room-1 +* #blinkon-room-2 +* #blinkon-room-3 +* #blinkon-helpdesk + +## Ad-hoc Discussions + +If the above channels become too busy (which we hope they do!), we invite you to +create your own channels in Slack or calls in Google Meet. + +### *Slack* + +* Select the + icon next to "Channels" +* Select "Create a channel" +* In the dialog box, type your channel name starting with + "blinkon-discuss-" (e.g., blinkon-discuss-foobar), and then Select + "Create" +* After the channel is created, you will be able to invite + participants to it, and it will be discoverable from the channel + list in Slack + +### *Google Meet* + +* Go to + [meet.google.com](https://www.google.com/url?q=http://meet.google.com&sa=D&source=editors&ust=1620403221523000&usg=AOvVaw05AjwDCdLqExMuippU1zNV) +* Select "New meeting" and then "Start an instant meeting" +* After you join the meeting, you will be given a URL to share with + participants + +## **Code of Conduct** + +All attendees, speakers, sponsors, and volunteers at BlinkOn 14 are required to +agree with the following Code of Conduct. Organizers will enforce this code +throughout BlinkOn 14 to help ensure a safe environment for all attendees. As +developers and community organizers, we all pledge to respect everyone who +attends BlinkOn 14. We do not tolerate harassment of conference participants in +any form. Sexual language and imagery is not appropriate for any conference +venue, including talks, workshops, parties, Twitter, and other online media. +Communication must be constructive and never resort to personal attacks, +harassment, insults, or other unprofessional conduct. We promise to extend +courtesy and respect to all attendees regardless of gender, gender identity, +sexual orientation, disability, age, race, ethnicity, religion, or level of +experience. We expect all attendees to do the same. If any member of the +community violates this code of conduct, they may be sanctioned or expelled from +BlinkOn 14. If you are subject to or witness unacceptable behavior, or have any +other concerns, please contact an organizer asap. + +## **Organizer Contact Information** + +* Planning committee: (e) blinkon@chromium.org +* Penny McLachlan: (e) pjmclachlan@google.com +* Ashley Haman: (Slack) ashleyhaman@chromium.org (e) + ashleyhaman@google.com +* Shauna Mendelow: (Slack) smendelow@chromium.org (e) + smendelow@google.com +* Rick Byers: (Slack) rbyers@chromium.org \ No newline at end of file diff --git a/chromium/docs/website/site/events/blinkon-15/index.md b/chromium/docs/website/site/events/blinkon-15/index.md new file mode 100644 index 00000000000..44f9834f3dd --- /dev/null +++ b/chromium/docs/website/site/events/blinkon-15/index.md @@ -0,0 +1,112 @@ +--- +breadcrumbs: +- - /events + - Chromium project related events +page_name: blinkon-15 +title: BlinkOn 15 +--- + +**Save the (NEW) Dates!** + +**Welcome to BlinkOn 15!** We have received a lot of feedback that after 1.6 +years of working from home due to the pandemic, folks are feeling screen fatigue +from online meetings and events. Given this, we have adjusted our event down to +two days, Nov 16 & 17th. We are changing things up a bit and will host our event +on hopin, you can register [**here**](https://hopin.com/events/blinkon-15). We +will have the same format, however we will not have our Slack channels as all +networking can be done on the platform. You can also [download the hopin mobile +app](https://hopin.zendesk.com/hc/en-us/sections/360012637371--Mobile-App) on +your device. + +## **Logistics** + +* **To enter the BlinkOn event, starting at 8a PT Nov 16th, click + [HERE](https://app.hopin.com/events/blinkon-15/reception)** +* **\[NEW\]** Dates: Nov 16-17, 2021 PST 9a - 12p PST + * Programming will start @ 9am PST each day, however you are + welcome to join up to an hour earlier to find folks in chat, 1:1 + meetings and join our networking on the platform. +* Location: Virtual + +**Before & During the event** + +To ensure you can access the hopin platform, please check your [Networking +Connectivity +Settings](https://hopin.zendesk.com/hc/en-us/articles/360056528911-Network-Connectivity-Settings) +& [Browser Compatibility +](https://hopin.zendesk.com/hc/en-us/articles/360056078872-Browser-Compatibility-for-online-events-on-Hopin). +Please see helpful links below. + +## [Hopin Resources](https://docs.google.com/document/d/1SNTmngdbfc1OuxCOaw231guH53p8ks4-YnjecB6CtGk/edit#) + +* [How to access an event as an + attendee](https://assets-global.website-files.com/5fb2950be125da5aa25af58e/60b95a6bcaf8722b6b83752c_How%20to%20Access%20an%20Event%20as%20an%20Attendee%20(1).pdf) +* [Being a speaker at a Hopin + Event](https://assets-global.website-files.com/5fb2950be125da5aa25af58e/60b95bbb779c0790ddf0ae27_Best%20Practices%20for%20Speakers.pdf) +* [How to use the Backstage as a + speaker](https://hopin.zendesk.com/hc/en-us/articles/360056078472-How-to-use-the-Backstage-as-a-speaker) +* [Screensharing on + backstage](https://hopin.zendesk.com/hc/en-us/articles/360056078412-How-to-present-slides-on-the-Hopin-Backstage) +* [Sharing your + PowerPoint](https://hopin.zendesk.com/hc/en-us/articles/360056527631-Sharing-your-Powerpoint) +* [Speaker + instructions](https://hopin.zendesk.com/hc/en-us/articles/360056078432-Speaker-Instructions) +* [Tips for Speaking in and Moderating + Sessions](https://hopin.zendesk.com/hc/en-us/articles/4402442259220-Tips-for-Speaking-in-and-Moderating-Sessions) + +**BlinkOn Future-looking** + +We continue to shift our BlinkOn events to more fairly distribute the burden of +meeting at challenging times. Next time we will prioritize the EMEA region. We +apologize this timing is not convenient for everyone, and to make this event as +accessible as possible, we'll publish all publicly available talks on our +[BlinkOn YouTube channel](https://www.youtube.com/user/blinkontalks) and within +the event under "Recordings" as soon as we are able. We hope that you understand +our decision and will join us live, or enjoy recordings on our BlinkOn Channel +when they become available. + +## **Registration** + +Save the **\[NEW\]** dates and [REGISTER +NOW](https://hopin.com/events/blinkon-15) for BlinkOn 15! We'll confirm all +registrants and communicate more information about the agenda. + +## Lightning Talks + +We have reached our limit and no longer accepting talks. + +For our lightning talk speakers, thank you very much for signing up for our +BlinkOn 15 lightning talks and loading your talks into our sheet! + +## Breakout Talks + +## We have reached our limit and no longer accepting talks. Thank you to everyone who will be doing a breakout talk. Please add your public accessible link [to this sheet](https://docs.google.com/spreadsheets/d/1x2MXoLaYENQg7WKHWspzwAuttDB38T5pc74ZHRYEKgo/edit#gid=0) prior to your session. + +## Schedule + +## **image** + +## **Code of Conduct** + +All attendees, speakers, sponsors, and volunteers at BlinkOn 15 are required to +agree with the following Code of Conduct. Organizers will enforce this code +throughout BlinkOn 15 to help ensure a safe environment for all attendees. + +**As developers and community organizers, we all pledge to respect everyone who +attends BlinkOn 15. We do not tolerate harassment of conference participants in +any form. Sexual language and imagery is not appropriate for any conference +venue, including talks, workshops, parties, Twitter, and other online media. +Communication must be constructive and never resort to personal attacks, +harassment, insults, or other unprofessional conduct. We promise to extend +courtesy and respect to all attendees regardless of gender, gender identity, +sexual orientation, disability, age, race, ethnicity, religion, or level of +experience. We expect all attendees to do the same. If any member of the +community violates this code of conduct, they may be sanctioned or expelled from +BlinkOn 15 and future BlinkOn events. If you are subject to or witness +unacceptable behavior, or have any other concerns, please email us at +[blinkon@chromium.org](mailto:blinkon@chromium.org) asap.** + +## **Organizer Information** + +* Planning committee: + [blinkon@chromium.org](mailto:blinkon@chromium.org) \ No newline at end of file diff --git a/chromium/docs/website/site/events/blinkon-16/index.md b/chromium/docs/website/site/events/blinkon-16/index.md new file mode 100644 index 00000000000..6b4df3b5c33 --- /dev/null +++ b/chromium/docs/website/site/events/blinkon-16/index.md @@ -0,0 +1,74 @@ +--- +breadcrumbs: +- - /events + - Chromium project related events +page_name: blinkon-16 +title: blinkon-16 +--- + +**Welcome to BlinkOn 16!** + +## **Logistics** + +* Dates: \[TBD\] +* Location: \[TBD\] +* [download the hopin mobile + app](https://hopin.zendesk.com/hc/en-us/sections/360012637371--Mobile-App) + on your device + +**Before & During the event** + +[Hopin +Resources](https://docs.google.com/document/d/1SNTmngdbfc1OuxCOaw231guH53p8ks4-YnjecB6CtGk/edit#) + +* Please check your [Networking Connectivity + Settings](https://hopin.zendesk.com/hc/en-us/articles/360056528911-Network-Connectivity-Settings) + & [Browser Compatibility + ](https://hopin.zendesk.com/hc/en-us/articles/360056078872-Browser-Compatibility-for-online-events-on-Hopin). +* [How to access an event as an + attendee](https://assets-global.website-files.com/5fb2950be125da5aa25af58e/60b95a6bcaf8722b6b83752c_How%20to%20Access%20an%20Event%20as%20an%20Attendee%20(1).pdf) +* [Being a speaker at a Hopin + Event](https://assets-global.website-files.com/5fb2950be125da5aa25af58e/60b95bbb779c0790ddf0ae27_Best%20Practices%20for%20Speakers.pdf) +* [How to use the Backstage as a + speaker](https://hopin.zendesk.com/hc/en-us/articles/360056078472-How-to-use-the-Backstage-as-a-speaker) +* [Screensharing on + backstage](https://hopin.zendesk.com/hc/en-us/articles/360056078412-How-to-present-slides-on-the-Hopin-Backstage) +* [Sharing your + PowerPoint](https://hopin.zendesk.com/hc/en-us/articles/360056527631-Sharing-your-Powerpoint) +* [Speaker + instructions](https://hopin.zendesk.com/hc/en-us/articles/360056078432-Speaker-Instructions) +* [Tips for Speaking in and Moderating + Sessions](https://hopin.zendesk.com/hc/en-us/articles/4402442259220-Tips-for-Speaking-in-and-Moderating-Sessions) + +## Registration + +## Lightning Talks + +## Breakout Talks + +## Schedule + +## **Code of Conduct** + +All attendees, speakers, sponsors, and volunteers at BlinkOn 16 are required to +agree with the following Code of Conduct. Organizers will enforce this code +throughout BlinkOn 16 to help ensure a safe environment for all attendees. + +As developers and community organizers, we all pledge to respect everyone who +attends BlinkOn 16. We do not tolerate harassment of conference participants in +any form. Sexual language and imagery is not appropriate for any conference +venue, including talks, workshops, parties, Twitter, and other online media. +Communication must be constructive and never resort to personal attacks, +harassment, insults, or other unprofessional conduct. We promise to extend +courtesy and respect to all attendees regardless of gender, gender identity, +sexual orientation, disability, age, race, ethnicity, religion, or level of +experience. We expect all attendees to do the same. If any member of the +community violates this code of conduct, they may be sanctioned or expelled from +BlinkOn 16 and future BlinkOn events. If you are subject to or witness +unacceptable behavior, or have any other concerns, please email us at +[blinkon@chromium.org](mailto:blinkon@chromium.org) asap. + +## **Organizer Information** + +* Planning committee: + [blinkon@chromium.org](mailto:blinkon@chromium.org) \ No newline at end of file diff --git a/chromium/docs/website/site/events/blinkon-resources/index.md b/chromium/docs/website/site/events/blinkon-resources/index.md new file mode 100644 index 00000000000..dba0689e2b3 --- /dev/null +++ b/chromium/docs/website/site/events/blinkon-resources/index.md @@ -0,0 +1,15 @@ +--- +breadcrumbs: +- - /events + - Chromium project related events. +page_name: blinkon-resources +title: BlinkOn resources +--- + +This page contains public resources to help plan future BlinkOns. If you're +looking for pages about current or past BlnkOns, see [here](/events). + +Scripts to analyze recent commits. These were used for BlinkOn 14 and 15. + +Output from those scripts for BlinkOn 15: commits since May 21 2021, +commits per year by org. diff --git a/chromium/docs/website/site/events/index.md b/chromium/docs/website/site/events/index.md new file mode 100644 index 00000000000..1281c5454e3 --- /dev/null +++ b/chromium/docs/website/site/events/index.md @@ -0,0 +1,14 @@ +--- +breadcrumbs: [] +page_name: events +title: Chromium project related events. +--- + +* [BlinkOn 15](/events/blinkon-15) (Nov 16-17, 2021 PST) + +Past events + +* [BlinkOn 14](/events/blinkon-14) (May 12-14, 2021 JST / May 11-13, + 2021 PST) + +[Resources for future BlinkOns](/events/blinkon-resources) \ No newline at end of file diff --git a/chromium/docs/website/site/favicon.ico.sha1 b/chromium/docs/website/site/favicon.ico.sha1 new file mode 100644 index 00000000000..4bc198644cd --- /dev/null +++ b/chromium/docs/website/site/favicon.ico.sha1 @@ -0,0 +1 @@ +61ef0ad39a93d9693ed29a0a00d311ac59e5245d \ No newline at end of file diff --git a/chromium/docs/website/site/flag-ownership/index.md b/chromium/docs/website/site/flag-ownership/index.md new file mode 100644 index 00000000000..24c7dcefdf3 --- /dev/null +++ b/chromium/docs/website/site/flag-ownership/index.md @@ -0,0 +1,8 @@ +--- +breadcrumbs: [] +page_name: flag-ownership +title: flag-ownership +--- + +Moved to +/developers/contributing/[flag-ownership](/developers/contributing-code/flag-ownership)! \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/deprecating-wildcards/index.md b/chromium/docs/website/site/flash-roadmap/deprecating-wildcards/index.md new file mode 100644 index 00000000000..10b31601058 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/deprecating-wildcards/index.md @@ -0,0 +1,289 @@ +--- +breadcrumbs: +- - /flash-roadmap + - Flash Roadmap +page_name: deprecating-wildcards +title: Deprecating wildcards +--- + +### Wildcard base and edge cases + +Through enterprise policies: + +Notes: + +Currently, a wildcard port is +[serialized](https://source.chromium.org/chromium/chromium/src/+/HEAD:components/content_settings/core/common/content_settings_pattern_parser.cc;l=234-237;drc=456596a0b27623349d38e49d0e9812b24d47d5d8?originalUrl=https:%2F%2Fcs.chromium.org%2F) +as an empty port into prefs. Changing the semantics would require migration. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
PatternExpectedbehaviorImplemented behaviorReason for implemented behavior
http://foo.com:80/https://bar.com:443/https://bar.com:8081/AllowedAllowedEverything specified.
http://foo.com/https://bar.com/AllowedAllowedConcrete scheme, concrete host, empty path, unspecified port (implicit wildcard). Matches origins with any port.
http://www.foo.com:\*https://www.foo.com:\*AllowedAllowedConcrete scheme, concrete host, empty path, explicit wildcard port. Matches origins with any port.
www.foo.com:80\*:www.foo.com:80AllowedAllowedWildcard or unspecified (=implicit wildcard) schemes are permitted
\*://www.foo.comwww.foo.com:\*AllowedAllowedUnspecified/wildcarded ports and schemes are permitted.
https://www.foo.com:443/\*AllowedAllowedPath wildcards are allowed. They are meaningless, as the pattern is always matched against an origin.
https://\[\*.\]foo.com:443\[\*.\]foo.comDisallowedDisallowedDisallowed because of subdomain wildcard in host.
https://\*:443DisallowedDisallowedDisallowed because of a full wildcard in host.
\*\*:\*DisallowedDisallowedScheme host port path all wildcard. Disallowed because of the host wildcard. Scheme/path/port wildcard would be fine.
https://\*https://\*:\*DisallowedDisallowedConcrete scheme, but host port path all wildcard. Disallowed because of the host wildcard.
+ +Through extensions +([format](https://developer.chrome.com/extensions/match_patterns), note that +port cannot be specified, but path must be specified): + +Notes: + + The omitted port maps to the default port (80 and 443), not the wildcard. + + The port can be optionally specified, and can be specified as “\*”, which + then maps to the wildcard. + + The only allowed path for http/https is “/\*”, and that maps to the empty + path, not a wildcard. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
PatternExpectedbehaviorImplemented behaviorReason for implemented behavior
http://foo.com/\*https://bar.com/\*http://foo.com:80/\*https://foo.com:80/\*AllowedAllowed.The omitted port is assumed to be the default port, and /\* maps to the empty path.
https://foo.com:\*/\*AllowedAllowed.Concrete scheme, host, empty path, wildcard port.
\*://www.foo.com/\*AllowedAllowedWildcard scheme is permitted.
<all_urls>DisallowedDisallowedAll-wildcard.
https://\*.foo.com/\*DisallowedDisallowedSubdomain wildcard.
https://\*/\*\*://\*/\*DisallowedDisallowedDomain wildcard.
www.foo.com/\*\*.foo.com/\*InvalidInvalid (The scheme must be present)
http://foo.com/path\*www.foo.com/index.htmlhttp://www.google.com/http://www.google.comInvalidThe only allowed path for http/https is “/\*”, and that maps to the empty path, not a wildcard.
http://\*foo/bar/\*http://foo.\*.bar/baz/\*https://\[\*.\]foo.com:443/\*InvalidInvalid ('\*' in the host can only be the first character and must be followed by ‘.’, and subdomain wildcards are not supported)
diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 15.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 15.png.sha1 new file mode 100644 index 00000000000..3665c0dab21 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 15.png.sha1 @@ -0,0 +1 @@ +107db83decdf6e9a375317d668d5bab6b039b1b3 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 27.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 27.png.sha1 new file mode 100644 index 00000000000..15ea05b9efe --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Apr 27.png.sha1 @@ -0,0 +1 @@ +40580fc2721b8a4708bcaeeb6b5c00498610ef0f \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Aug 10.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Aug 10.png.sha1 new file mode 100644 index 00000000000..1256f8ffb73 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update Aug 10.png.sha1 @@ -0,0 +1 @@ +34fbec39470b7dff1de9fece9e5b32254b3fce76 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 6.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 6.png.sha1 new file mode 100644 index 00000000000..da52fe4815c --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 6.png.sha1 @@ -0,0 +1 @@ +9ace518e2428a2c8ac7c000cbf3a21ed0b5691b5 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 9.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 9.png.sha1 new file mode 100644 index 00000000000..fc1475855f9 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update July 9.png.sha1 @@ -0,0 +1 @@ +9d18d68401015ebe12f3f97c846f1e53087d8a6a \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update May 24.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update May 24.png.sha1 new file mode 100644 index 00000000000..57379f7cab6 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Daily Actives - Update May 24.png.sha1 @@ -0,0 +1 @@ +a74f4bac0dbea89d905f03eb92fe1e7aa0d0a770 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Daily Actives - Oct 13, 2017.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Daily Actives - Oct 13, 2017.png.sha1 new file mode 100644 index 00000000000..a0a3a281805 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Daily Actives - Oct 13, 2017.png.sha1 @@ -0,0 +1 @@ +7f7946a0faf051ec18ef1b31714522998bd09d1d \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact - Usage.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact - Usage.png.sha1 new file mode 100644 index 00000000000..48e7e5ca540 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact - Usage.png.sha1 @@ -0,0 +1 @@ +95c790ccae34eadcc57bbe9c3b03f56225df1c87 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact.png.sha1 new file mode 100644 index 00000000000..b47c368d3e3 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impact.png.sha1 @@ -0,0 +1 @@ +c4915d5ca3f09f9a03fd8ccf9f7ae2f921844e2a \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impressions - Oct 13, 2017.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impressions - Oct 13, 2017.png.sha1 new file mode 100644 index 00000000000..97369c2bf96 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Impressions - Oct 13, 2017.png.sha1 @@ -0,0 +1 @@ +79842f1e033bc266f361388d30633bb175b6ab42 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Usage Trend - Jan 25th, 2017.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Usage Trend - Jan 25th, 2017.png.sha1 new file mode 100644 index 00000000000..a1d7705998b --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Usage Trend - Jan 25th, 2017.png.sha1 @@ -0,0 +1 @@ +08340d45c0695ba747c1420030652cffd6e0f239 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 15.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 15.png.sha1 new file mode 100644 index 00000000000..03686864765 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 15.png.sha1 @@ -0,0 +1 @@ +ca1bbe467f2f4492214b92ea38bf72c7a651f73c \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 27.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 27.png.sha1 new file mode 100644 index 00000000000..627d37779f3 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Apr 27.png.sha1 @@ -0,0 +1 @@ +6928b1f6fbfc0c7c3a111507e7a60c14fec3ed75 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Aug 10.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Aug 10.png.sha1 new file mode 100644 index 00000000000..834bca6482a --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update Aug 10.png.sha1 @@ -0,0 +1 @@ +188c7ada5809e856c77f692499832a4c1527812c \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 6.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 6.png.sha1 new file mode 100644 index 00000000000..836d7aafae9 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 6.png.sha1 @@ -0,0 +1 @@ +e3a4de44db607e032fe43429c66f9c3865ab857c \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 9.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 9.png.sha1 new file mode 100644 index 00000000000..7e4ef356a21 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update July 9.png.sha1 @@ -0,0 +1 @@ +a96bf07fd6174437dcf71c409bf61c3aa5be69b6 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update May 24.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update May 24.png.sha1 new file mode 100644 index 00000000000..dbdf8180be2 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/Flash Volume - Update May 24.png.sha1 @@ -0,0 +1 @@ +9fd1dd245c49c8f80bb9242b1f8e832efc6ee880 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after (Updated).png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after (Updated).png.sha1 new file mode 100644 index 00000000000..a6b19dd49a1 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after (Updated).png.sha1 @@ -0,0 +1 @@ +b1d1c1b2fc96802b04fbc28b766a7dba44837052 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after.jpg.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after.jpg.sha1 new file mode 100644 index 00000000000..020b28f88d7 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 after.jpg.sha1 @@ -0,0 +1 @@ +a425b51c60b24b2b71caf5cbcd960726b13bc074 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 before.png.sha1 b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 before.png.sha1 new file mode 100644 index 00000000000..ffc27fe8705 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/PPS Tiny - 0x0 before.png.sha1 @@ -0,0 +1 @@ +00d9e8b2bef2a7fa5bf9787772544bf67bb20127 \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/flash-usage-trends/index.md b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/index.md new file mode 100644 index 00000000000..37e943965d5 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/flash-usage-trends/index.md @@ -0,0 +1,33 @@ +--- +breadcrumbs: +- - /flash-roadmap + - Flash Roadmap +page_name: flash-usage-trends +title: Flash Usage Trends +--- + +[TOC] + +## Volume + +## [image](/flash-roadmap/flash-usage-trends/Flash%20Volume%20-%20Update%20July%209.png) + +Absolute volume of Flash Impressions (on Chrome Stable for Windows and MacOS) + +## Percent of Daily Actives + +Percent of users who have encountered at least one page w/ Flash Player content +in a day (on Chrome Stable for Windows and MacOS) + +[image](/flash-roadmap/flash-usage-trends/Daily%20Actives%20-%20Update%20July%209.png) + +## External Sites + +* [w3techs.com](https://w3techs.com/) - Flash Trends + [Yearly](https://w3techs.com/technologies/history_overview/client_side_language/all/y) + | + [Quarterly](https://w3techs.com/technologies/history_overview/client_side_language/all/q) + | + [Monthly](https://w3techs.com/technologies/history_overview/client_side_language/all) \ No newline at end of file diff --git a/chromium/docs/website/site/flash-roadmap/index.md b/chromium/docs/website/site/flash-roadmap/index.md new file mode 100644 index 00000000000..f065bf530d7 --- /dev/null +++ b/chromium/docs/website/site/flash-roadmap/index.md @@ -0,0 +1,607 @@ +--- +breadcrumbs: [] +page_name: flash-roadmap +title: Flash Roadmap +--- + +[TOC] + +## Upcoming Changes + +### Flash Support Removed from Chromium (Target: Chrome 88+ - Jan 2021) + +#### Summary + +Flash support/ capability will be complete removed from Chromium. It will no +longer be possible to enable Flash Player with Enterprise policy in Chrome 88+. + +#### **Rationale** + +Align with Adobe's [announced +plan](https://blog.adobe.com/en/publish/2017/07/25/adobe-flash-update.html#gs.mglfvc) +to end support. + +#### Announcements/ Artifacts + +* Tracking [issue](http://crbug.com/1064647) for the removal of Flash + Player support. + +#### **Notes for Administrators** + +* [How to audit existing Flash + usage](https://cloud.google.com/blog/products/chrome-enterprise/preparing-your-enterprise-for-flash-deprecation) +* HARMAN offers a number of commercial [support + options](https://services.harman.com/partners/adobe) for Flash + Player beyond 2020. These can be used in complement with Chrome's + [Legacy Browser Support + (LBS)](https://support.google.com/chrome/a/answer/9270076?hl=en), + allowing for both to remain secure and up to date. + +### Support for AllowOutdatedPlugins disabled (Target: All Chrome versions - Sept 2021) + +#### Summary + +It will no longer be possible to enable Flash Player, via Enterprise policy +([AllowOutdatedPlugins](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=AllowOutdatedPlugins)), +in versions of Chrome before Chrome 88 on Windows, Mac, and Linux. ChromeOS will +continue to allow the use of the +[AllowOutdatedPlugins](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=AllowOutdatedPlugins) +policy. + +#### Rationale + +We strongly encourage Enterprises to migrate away from Flash Player or explore +solutions that leverage LBS to remain on a modern, updated, and secure version +of Chrome. + +#### Announcements/ Artifacts + +* [1064657](https://bugs.chromium.org/p/chromium/issues/detail?id=1064657) + : Update Plugin Meta Data to block Flash Player + +#### Notes for Administrators + +* [How to audit existing Flash + usage](https://cloud.google.com/blog/products/chrome-enterprise/preparing-your-enterprise-for-flash-deprecation) +* HARMAN offers a number of commercial [support + options](https://services.harman.com/partners/adobe) for Flash + Player beyond 2020. These can be used in complement with Chrome's + [Legacy Browser Support + (LBS)](https://support.google.com/chrome/a/answer/9270076?hl=en), + allowing for both to remain secure and up to date. + +--- + +## Shipped Changes + +### Plugin Power Savings Mode (Shipped: Chrome 42 - Sept 2015) + +#### Summary + +Chrome pauses non-essential(1) Flash Content, by replacing the plugin content +with a static image preview and a play button overlayed. Users can re-enable +this content by clicking play. + +(1) - Non-essential content being smaller than 300x400 pixels or smaller than +5x5 pixels. + +#### Rationale + +Limit Flash Playbacks to visible main body content (e.g. video, games, etc...) +and still permit streaming audio services to function. + +#### Announcements/ Artifacts + +* [Design + Doc](https://docs.google.com/document/d/1r4xFSsR4gtjBf1gOP4zHGWIFBV7WWZMgCiAHeepoHVw/edit#%5C) + +### Plugin Power Savings Mode - Tiny (Shipped: Chrome 53 - Sept 2016) + +#### Summary + +A further restriction to Plugin Power Savings Mode that removes the ability to +run 5x5 or smaller content, from a different origin. + +#### Rationale + +Much of this content (5x5 below) was used for viewability detection (i.e. to see +if an ad was on that page), requiring Chrome to spin up a relatively expensive +(in terms of performance) Flash process in order for the site to infer +viewability. + +With the introduction of Intersection Observer in Chrome 51, which added +platform support for this use case, there was no longer a need to continue +granting this exception. + +We left an exception for "same origin" 5x5 Flash content, to give smaller sites +(e.g. using things like clipboard access) time to migrate. + +#### Announcement/ Artifacts + +* [Intent to + Implement](https://groups.google.com/a/chromium.org/forum/#!topic/chromium-dev/QL2K4yFVg_U) + +### YouTube Embed Re-Writer (Shipped: Chrome 54 - Oct 2016) + +#### Summary + +Chrome to automatically use the HTML5 content of a YouTube embed when the Flash +one is used. + +#### Rationale + +This will allow the long tail of websites that never updated to the HTML5 embeds +to no longer require Flash for Chrome users, thus reducing overall usage of +Flash in Chrome. + +#### Announcement/ Artifacts + +* [Intent to + Implement](https://groups.google.com/a/chromium.org/forum/#!msg/chromium-dev/BW8g1iB0jLs/OeWeRCTuBAAJ) +* [Design + Doc](https://docs.google.com/document/d/1xHBaX2WhfZVmfeWyLNOX76l9cPiXrQNXqRrUMtlvfks/edit) + +### De-couple Flash Player (Shipped: Chrome 54 - Oct 2016) + +#### Summary + +Chrome to exclusively use the component updater to distribute Flash Player, and +separating it from Chrome's default distribution bundle. + +#### Rationale + +Enable Chrome to rapidly distribute Flash Player updates, without re-building +the core product, making it easier to match Adobe's monthly release cadence. + +This feature was fundamentally technology gated, requiring development of +in-line on-demand Flash component installs, differential component updates, and +building out special serving infrastructure. + +#### Announcement/ Artifacts + +N/A + +### HTML5 By Default (Target: Chrome 55+ - Dec 2016) + +#### Summary + +Navigator.Plugins() and Navigator.MimeTypes() will only report the presence of +Flash Player if the user has indicated that the domain should execute Flash. If +a site offers an HTML5 experience, this change will make that the primary +experience. We will continue to ship Flash Player with Chrome, and if a site +truly requires Flash, a prompt will appear at the top of the page when the user +first visits that site, giving them the option of allowing it to run for that +site (see the +[proposal](https://docs.google.com/presentation/d/106_KLNJfwb9L-1hVVa4i29aw1YXUy9qFX-Ye4kvJj-4/edit#slide=id.p) +for the mock-ups). + +#### Announcements/ Artifacts + +* [Proposal](https://docs.google.com/presentation/d/106_KLNJfwb9L-1hVVa4i29aw1YXUy9qFX-Ye4kvJj-4/edit#slide=id.p) +* [Design + Doc](https://docs.google.com/a/chromium.org/document/d/1QD3HQdkBgJea_92f5rars06Bd_SJz5IXjuNHhBuWCcg/edit?usp=sharing) +* [Intent to + Implement](https://groups.google.com/a/chromium.org/forum/#!searchin/chromium-dev/HTML5$20by$20default/chromium-dev/0wWoRRhTA_E/__E3jf40OAAJ) +* [Site Engagement + Scoring](/developers/design-documents/site-engagement) +* [Updated Intent to Implement (using Site Engagement + scoring)](https://groups.google.com/a/chromium.org/d/msg/chromium-dev/ad7Posd6cdI/5EEOduWiCwAJ) + +#### Status + +HTML5 by default has shipped and we are currently in the process of ramping up +the SEI threshold, per the schedule below. + +Currently 87.5% of population have an SEI threshold score of 4 and 12.5% has a +threshold score of 8 (we do this to measure the impact of the threshold change). +By the end of the month we will progress on to the next phase on the ramp and +everyone will be at least at 8. + +#### Shipping Schedule + +HTML5 by Default was initially rolled out to 1% of Chrome 55 Stable users +(December), followed by a full deployment (i.e. to 100% of users) in Chrome 56 +Stable (February). + +Flash prompting will only be enabled for sites whose [Site Engagement +Index](/developers/design-documents/site-engagement) (SEI) is below a certain +threshold. For Chrome 55, starting in January 2017 prompts will only appear for +sites where the user’s SEI is less than 1. That threshold will increase to 100 +through October 2017, when all Flash sites will require an initial prompt. As a +reminder, users will only be prompted once per site. + +Here’s a summary of thresholds and % of users: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Site Engagement ThresholdUser % Enabled
January 20171 (Stable 55)1% (Stable 55), 50% (Beta 56)
February 20172100% (Stable 56)
March 20174100%
April 20178100%
May 201716100%
June 201732100%
July 201732100%
August 201732100%
September 201764100%
October 2017100100%
+ +#### Developer Recommendations + +Ultimately we recommend migrating towards HTML5 content, however for sites that +still require Flash Player in the interim we recommend presenting users with a +link/ image to "Enable" Flash Player that points to +"." When users click on that link Chrome +will present the necessary UI to enable Flash Player for the site. It will look +something like +[this](https://docs.google.com/presentation/d/106_KLNJfwb9L-1hVVa4i29aw1YXUy9qFX-Ye4kvJj-4/edit#slide=id.g1270f83468_0_12). + +> `Enable Flash` + +> `Enable +> Flash` + +### PPS Tiny - Remove Un-sized (0x0 or hidden) content Exceptions (Target: Chrome 59 - June 2017) + +#### Summary + +We are removing the exception for 0x0 (unsized/hidden) content from Plugin Power +Savings Mode. + +#### Rationale + +We originally intended on blocking this type of content in the PPS Tiny launch, +however due to a technical oversight we unintentionally left the exception in. +This change brings the implementation in line with what we originally +communicated and intended. + +#### Announcements/ Artifacts + +N/A + +### PPS Tiny - No Same Origin Exceptions (Target: Chrome 60 - Aug 2017) + +#### Summary + +We are removing the final exception for Plugin Power Savings Mode, which +permitted small (5x5) content, hosted on the same origin, to run. + +#### Rationale + +The exception was meant to be a temporary relief for smaller developers, for +features that are well now very supported by the web platform (e.g. clipboard +access, audio streams, etc...). + +#### Announcements/ Artifacts + +* [Intent to + Implement](https://groups.google.com/a/chromium.org/d/msg/chromium-dev/Elg7Vhpeb38/zQCvXQ_vAAAJ) + +### Remove "Prefer HTML over Flash" from chrome://flags (Target: Chrome 61 - Sept 2017) + +#### Summary + +Remove the unsupported experimental flag "Prefer HTML over Flash." + +#### Rationale + +We typically remove feature flags once a feature has launched. However, for this +case, given the impact of the change, we left the flag in for an extended period +to assist developers with debugging the change in behavior. This change will +also help remove the number of similar (but somewhat distinct) control points +for Flash Player and reduce the overall complexity of configuration, leading up +to the settings simplification in the following release. + +#### Announcements/ Artifacts + +* Tracking + [issue](https://bugs.chromium.org/p/chromium/issues/detail?id=709550) + +### Unify Flash Settings (Target: Chrome 62 - Oct 2017) + +#### Summary + +Transition the current Flash settings to a single On/Off toggle. If On, Chrome +run consistently with HTML5 by Default (i.e. prompting users to enable Flash +Player on a per site basis), if Off Flash Player will be blocked. In effect, +this change is removing a UI option to always allow Flash Player to run without +prompting. Users will still be able to manually add wildcard exceptions, which +afford similar capabilities as always allow (albeit in a way that's less obvious +to configure). + +Existing users who have set "Always Allow" and Ask (HTML5 by Default) will get +migrated to On. Chrome will not automatically create any wildcard exceptions in +the transition. + +#### Rationale + +The intent is to simplify the user choice down to a single option, enable Flash +Player (default == enabled), that is easier for users to understand. Power users +will be able to add exceptions (including those with wildcards) explicitly Allow +Flash to run. + +#### Announcements/ Artifacts + +* TBD + +### Non-Persisted HTML5 by Default (Target: Chrome 69 - September 2018) + +#### Summary + +Sites using Flash will require explicit permission to run, every time the user +restarts the browser. + +#### Rationale + +Require affirmative user choice to run Flash Player content, without that choice +persisting across multiple sessions. + +#### Announcements/ Artifacts + +TBD + +### Flash Disabled by Default (Target: Chrome 76+ - July 2019) + +#### Summary + +Flash will be disabled by default, but can be enabled in Settings at which point +explicit permission is still required for each site when the browser is +restarted. +**Rationale** + +Require affirmative user choice to run Flash Player. + +#### Announcements/ Artifacts + +* [Flash Deprecation Infobar + Warning](https://docs.google.com/document/d/1AmICiNrG2Cp2vCuu80Sqqz1EDKlKGgn2m2PUGzdZ6i0/edit) + - [918428](https://crbug.com/918428) + +### Additional warning on Flash Player activation prompt (Target: Chrome 83 - May 2020) + +#### Summary + +When users go to active Flash Player for an origin/ session we will show an +additional line of text "Flash Player will no longer be supported after December +2020." in the activation prompt. The dialog will also include a (?) icon that +links to blog post, giving additional background and context. + +#### Rationale + +This change will make the deprecation timing more prominent, particularly in +settings where the Infobar on startup warning might not appear (i.e., policy +configurations that enable Flash Player). + +#### Announcements/ Artifacts + +* TBD + +### Remove Support for Hostname Wildcards for PluginsAllowedForUrls (Target: Chrome 85 - Aug 2020) + +#### Summary + +Remove the ability to define Flash Player content settings that use wildcards in +the hostname (e.g., “https://\*” or “https://\[\*.\]mysite.foo”). + +#### Rationale + +The change requires that administrators to audit their Flash usage and +explicitly add urls that they want to automatically enable Flash Player support +for. + +#### Announcements/ Artifacts + +TBD + +### Remove the Ability for Extensions to Inject Flash Content Settings (Target: Chrome 86 - Oct 2020) + +#### Summary + +Remove the ability for extensions to inject Flash Player content settings. + +#### Rationale + +Ensure that all non-policy enabled Flash content requires per session +activation, which coupled with the warning in the activation prompt should help +to increase awareness of the impending change in support. + +#### Announcements/ Artifacts + +TBD + +### Flash Player blocked as "out of date" (Target: All Chrome versions - Jan 2021) + +#### Summary + +Flash Player will be marked as out of date and will be blocked from loading. + +#### Rationale + +Align with Adobe's [announced +plan](https://blog.adobe.com/en/publish/2017/07/25/adobe-flash-update.html#gs.mglfvc) +to end support. + +#### Announcements/ Artifacts + +TBD + +### --- + +## Relevant Links + +### Adobe + +* [Update for Enterprise Customers using Adobe Flash + Player](https://theblog.adobe.com/update-for-enterprise-adobe-flash-player/) + (Apr 2020) +* [Adobe Flash Player EOL General Information + Page](https://www.adobe.com/products/flashplayer/end-of-life.html) + (Apr 2020) +* [Adobe Flash Player EOL Enterprise Information + Page](https://www.adobe.com/products/flashplayer/enterprise-end-of-life.html) + (Apr 2020) +* [Adobe Flash + Update](https://blog.adobe.com/en/publish/2017/07/25/adobe-flash-update.html#gs.mglfvc) + (July 2017) +* [Flash, HTML5 and Open Web + Standards](https://blogs.adobe.com/conversations/2015/11/flash-html5-and-open-web-standards.html) + (November 2015) + +### Apple + +* [Adobe Announces Flash Distribution and Updates to + End](https://webkit.org/blog/7839/adobe-announces-flash-distribution-and-updates-to-end/) + (July 2017) +* [Next Steps for Legacy + Plug-ins](https://webkit.org/blog/6589/next-steps-for-legacy-plug-ins/) + (June 2016) + +### Facebook + +* [Flash End of Life Approaching - Options for + Developers](https://www.facebook.com/fbgaminghome/blog/flash-end-of-life-approaching-options-for-developers) + (June 2020) +* [Important Changes to Gameroom and Web Games on + Facebook](https://www.theverge.com/2020/9/28/21459607/original-farmville-facebook-shut-down-flash-zynga) + (July 2020) +* [Migrating Games from Flash to Open Web Standards on + Facebook](https://developers.facebook.com/blog/post/2017/07/25/Games-Migration-to-Open-Web-Standards/) + (July 2017) + +### Google + +* [Saying goodbye to Flash in + Chrome](https://www.blog.google/products/chrome/saying-goodbye-flash-chrome/) + (July 2017) +* [So long, and thanks for all the + Flash](https://blog.chromium.org/2017/07/so-long-and-thanks-for-all-flash.html) + (July 2017) +* [Admin Essentials: Preparing your enterprise for Flash + deprecation](https://cloud.google.com/blog/products/chrome-enterprise/preparing-your-enterprise-for-flash-deprecation) + (May 2020) + +### Microsoft + +* [Update on Adobe Flash Player End of + Support](https://blogs.windows.com/msedgedev/2020/09/04/update-adobe-flash-end-support/) + (September 4, 2020) +* [Flash on Windows + Timeline](https://blogs.windows.com/msedgedev/2017/07/25/flash-on-windows-timeline/) + (July 2017) +* [Putting Users in Control of + Flash](https://blogs.windows.com/msedgedev/2016/04/07/putting-users-in-control-of-flash/) + (April 2016) +* [Extending User Control of Flash with + Click-to-Run](https://blogs.windows.com/msedgedev/2016/12/14/edge-flash-click-run/) + (December 2016) + +### Mozilla + +* [Firefox Roadmap for Flash End of + Life](https://blog.mozilla.org/futurereleases/2017/07/25/firefox-roadmap-for-flash-end-of-life/) + (July 2017) +* [Mozilla Flash + Roadmap](https://developer.mozilla.org/en-US/docs/Plugins/Roadmap) +* [NPAPI Plugins in + Firefox](https://blog.mozilla.org/futurereleases/2015/10/08/npapi-plugins-in-firefox/) + (October 2015) +* [Reducing Adobe Flash Usage in + Firefox](https://blog.mozilla.org/futurereleases/2016/07/20/reducing-adobe-flash-usage-in-firefox/) + (July 2016) + +**NCSC** + +* [Enterprise patching in a post-Flash + world](https://www.ncsc.gov.uk/blog-post/enterprise-patching-in-a-post-flash-world) + (Sept 2020) + +**Unity** + +* [Unity and creating content in a Post-Flash + World](https://blogs.unity3d.com/?p=52557) (July 2017) \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/chromium-bug-labels/index.md b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/chromium-bug-labels/index.md new file mode 100644 index 00000000000..5e3a2a307e9 --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/chromium-bug-labels/index.md @@ -0,0 +1,119 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/bug-reporting-guidelines + - Bug Life Cycle and Reporting Guidelines +page_name: chromium-bug-labels +title: Chromium Bug Labels +--- + + + +Label Allowed values Description + + + +* +* +* +* +* +* + + + + + + + +* + + + + + + +* +* +* +* +* + + + + + + +* + + + + + + + +* +* +* +* +* +* +* +* + + + + + + + + + +
Type-*value*`Bug``Bug-Regression``Bug-Security``Compat``Feature``Launch`The issue type. An issue can only have one type.
Pri-*value*`0 to 3`The priority. An issue can only have one priority value. `0` is most urgent; `3` is least urgent.
OS-*value*`All``Chrome``Linux``Mac``Windows`The operating system(s) on which the bug occurs.
M-*value*`27, 28, 29`A release milestone before which we want to resolve the issue. An issue can only be assigned to one milestone† . `Mstone-X` is 'no milestone' (doesn't apply or not blocking any milestone).† Except for security bugs. For those, the additional milestones denote branches that the bug should be merged to once fixed. See the severity guidelines.
Cr-*value*BlinkInternalsPlatformUI-ShellUI-Browser == BrowserCr-OS-HardwareCr-OS-KernelCr-OS-SystemsThe product category to which an issue belongs. A bug can belong to multiple categories. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Cr-Blink HTML, CSS, Javascript, and HTML5 features
Cr-Internals Ugly guts, networking, IPC, storage backend, installer, etc
Cr-Platform Developer Platform and Tools (Ext, AppsV2, NaCl, DevTools)
Cr-UI-Shell Chrome OS Shell & Window Manager
Cr-UI-Browser Browser related features (e.g. bookmarks, omnibox, etc...)
Cr-OS-Hardware Chrome OS hardware related issues
Cr-OS-Kernel Chrome OS kernel level issues
Cr-OS-Systems Chrome OS system level issues
Restrict-View-EditIssue-Used for security bugs to make a bug visible only to project members and the reporter.
+ +Some other labels include: + +* Needs-Reduction: this bug requires a reduced test case. See + . +* Cr-UI-Internationalization: Internationalization issues (font + selection and fallback, right-to-left display issues, IME, etc.) +* Cr-UI-Localization: Translation issues +* Type-Bug-Regression: Features that worked in prior releases and are + now broken. These should be Pri-1. + +Component and Labels are created in the system via + \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/crash-with-gdb b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/crash-with-gdb new file mode 100644 index 00000000000..4b3f4713002 --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/crash-with-gdb @@ -0,0 +1,9 @@ +#!/bin/sh + +if [[ $# -ne 1 ]]; then + echo "Usage:" `basename $0` "pid" + echo "Kill pid, provoking a crash dump." + exit 0 +fi + +echo 'p (int)printf(NULL)' | gdb --pid=$1 diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/index.md b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/index.md new file mode 100644 index 00000000000..6b9131aab90 --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/hanging-tabs/index.md @@ -0,0 +1,72 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/bug-reporting-guidelines + - Bug Life Cycle and Reporting Guidelines +page_name: hanging-tabs +title: Reporting a Hang Bug +--- + +To investigate problems when Chrome is frozen/locked-up/unresponsive, we +generally need a dump of the affected processes. + +Exactly how to do this depends on your operating system: + +## Windows + +1. [Download Process Explorer from + Microsoft](http://technet.microsoft.com/en-us/sysinternals/bb896653). + (This tool is like a more advanced version of the Task Manager; we + will use it to create minidumps). +2. Extract and launch Process Explorer +3. Right click on the hung Chrome process, and choose "Create Dump" + --> "Create Minidump..." (If you aren't sure which one is + misbehaving, repeat this step for each Chrome process) +4. Attach the minidump file(s) to your bug report + +Please note that minidump files can contain some information about your +computer, including the path to where Chrome is installed. + +## Mac + +1. Verify you've turned crash reporting on. Go to the page + chrome://settings/advanced using the address bar. Then verify that + **Automatically send usage statistics and crash reports to Google** + is checked. +2. Open the Task Manager under the **Wrench menu > Tools > Task + Manager**. +3. If the columns at the top of the Task Manager window do not include + "Process ID", then right-click on the table header and check the + "Process ID" box. +4. Note the process ID of the hung tab. +5. Kill the process in a way that causes it to print a crash dump: + +* Open a terminal window and `kill -ABRT **` where + `**` is the one you noted above. Copy and paste the crash + ID dumped to the console into your bug: + * You can additionally find the crash dump in + ~/Library/Application Support/Google/Chrome/Crash Reports/ + +## Linux + +1. Depending on your sandboxing configuration and Chrome version, you + may need to pass "--allow-sandbox-debugging" when starting Chrome + (see [this bug](http://crbug.com/169369)). +2. Verify you've turned crash reporting on. Go to the page + chrome://settings/advanced using the address bar. Then verify that + **Automatically send usage statistics and crash reports to Google** + is checked. +3. Open the Task Manager under the **Wrench menu > Tools > Task + Manager**. +4. If the columns at the top of the Task Manager window do not include + "Process ID", then right-click on the window and check the "Process + ID" box. +5. Note the process ID of the hung tab. +6. Kill the process in a way that causes it to print a crash dump: + +* Open a terminal window and `kill -SEGV **` where + `**` is the one you noted above. Copy and paste the crash + ID dumped to the console into your bug: + * You can find the crash dump in your `~/.xsession-errors` file + (assuming you didn't launch Chromium from a terminal yourself) \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/index.md b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/index.md new file mode 100644 index 00000000000..edc0ae96581 --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/index.md @@ -0,0 +1,180 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: bug-reporting-guidelines +title: Bug Life Cycle and Reporting Guidelines +--- + +[TOC] + +## Important links + +### Chromium (the web browser) + +* Report bugs at +* Specifically: + * [Bug Reporting Guidelines for the Mac & Linux + builds](/for-testers/bug-reporting-guidlines-for-the-mac-linux-builds) + (with links to known issues pages) + * [Instructions for reporting + crashes](/for-testers/bug-reporting-guidelines/reporting-crash-bug). +* View existing bugs at + + +### Chromium OS (the operating system) + +* Report bugs at + +* View existing bugs at [Chromium OS + issues](https://code.google.com/p/chromium/issues/list?can=2&q=os%3Dchrome) + +You need a [Google Account](https://www.google.com/accounts/NewAccount) +associated with your email address in order to use the bug system. + +## Bug reporting guidelines + +* If you're a web developer, see [How to file a good + bug](https://developers.google.com/web/feedback/file-a-bug) +* Make sure the bug is verified with the latest Chromium (or Chrome + canary) build. +* If it's one of the following bug types, please provide some further + information: + * **Web site compatibility problem:** Please provide a URL to + replicate the issue. + * **Hanging tab: See [Reporting hanging tab + bugs](/for-testers/bug-reporting-guidelines/hanging-tabs).** + * **Crash: See [Reporting crash + bugs](/for-testers/bug-reporting-guidelines/reporting-crash-bug).** +* Provide a high-level problem description. +* Mention detailed steps to replicate the issue. +* Include the expected behavior. +* Verify the bug in other browsers and provide the information. +* Include screenshots, if they might help. +* If a bug can be [reduced to a simplified + test](/system/errors/NodeNotFound), then create a simplified test + and attach it to the bug. +* Additional [Bug Reporting Guidlines for the Mac & Linux + builds](/for-testers/bug-reporting-guidlines-for-the-mac-linux-builds). +* Additional Guidelines for [Reporting Security + Bugs](/Home/chromium-security/reporting-security-bugs). + +## Release block guidelines + +* [Release Block Guidelines](/issue-tracking/release-block-guidelines) + +## Triage guidelines + +* [Triage Best + Practices](/for-testers/bug-reporting-guidelines/triage-best-practices) + +## Labels + +Labels are used to help the engineering team categorize and prioritize the bug +reports that are coming in. Each report can (and should) have multiple labels. + +For details on labels used by the Chromium project, see [Chromium Bug +Labels](/for-testers/bug-reporting-guidelines/chromium-bug-labels). + +## Status + +### Open bugs + + + +Status value Description + + + + + + + + + + + + + + + + + + + + +
UnconfirmedThe default for public bugs. Waiting for someone to validate, reproduce, or otherwise confirm that this is a bug.
UntriagedA confirmed bug that has not been reviewed for priority or assignment. This is the default for project members' new bugs.
AvailableConfirmed and triaged, but not assigned. Feel free to take these bugs!
AssignedIn someone's work queue.
StartedActively being worked on.
+ +### Closed bugs + + + +Status value Description + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FixedFixed.
VerifiedThe fix has been verified by test or by the original reporter.
DuplicateThis issue has been reported in another bug, or shares the same root cause as another bug. When Duplicate is selected, a field will appear for the ID of the other bug --- be sure to fill this in.Mark the bug with less information/discussion in it as the Duplicate.
WontFixCovers all the reasons we chose to close the bug without taking action (can't repro, working as intended, obsolete).
ExternalDependencyBugs that turn out to be in another project's code and that we've filed with that other project. Useful for tracking known issues that manifest themselves in our product, but that need to be fixed elsewhere (such as WebKit and V8 issues).
FixUnreleasedA special state for security hotfixes to mark bugs that are fixed, but not yet delivered to users. Bugs with this status will be visible only to project members and the original reporter.
InvalidIllegible, spam, etc.
+ +## Bug life cycle + +* When a bug is first logged, it is given **Unconfirmed** status. +* The status is changed from unconfirmed to Untriaged once it has been + verified as a Chromium bug. +* Once a bug has been picked up by a developer, it is marked as + Assigned. +* A status of **Started** means a fix is being worked on. +* A status of **Fixed** means that the bug has been fixed, and + **Verified** means that the fix has been tested and confirmed. + Please note that it will take some time for the "fix" to make it + into the various channels (canary, beta, release) - pay attention to + the milestone attached to the bug, and compare it to + chrome://version. + +## Deciding where to submit your bug + +Usually, Chromium-related bugs should be filed under one of the following +projects: + +* [chromium](http://code.google.com/p/chromium/issues/entry) +* [blink](http://crbug.com/) and add component "Blink" + +## Helping with bug triage + +Read if you're interested +in helping with bug triage. + +Infrastructure and build tools + +If you find an issue with our infrastructure or build tools, please file the +ticket using the Build Infrastructure template: + +* \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/reporting-crash-bug/index.md b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/reporting-crash-bug/index.md new file mode 100644 index 00000000000..514108c2d01 --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/reporting-crash-bug/index.md @@ -0,0 +1,107 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/bug-reporting-guidelines + - Bug Life Cycle and Reporting Guidelines +page_name: reporting-crash-bug +title: Reporting a Crash Bug +--- + +If you are planning to report a crash bug, please make sure you include enough +information for debugging purpose. + +* Make sure you have the latest Chrome version (on Windows go to + Chrome Options->About Google Chrome) +* Make sure you have [crash reporting + enabled](https://support.google.com/chrome/answer/96817). +* Try to get exact reproducible steps for the crash, if possible. +* Try to also provide more debugging info by either: . + * **Reporting the crash directly**: If possible, and you are using + Google Chrome, enable crash reporting in Google Chrome's + settings: go to chrome://chrome/settings, click "Show advanced + settings..." and in the Privacy section select select + "Automatically send usage statistics and crash reports to + Google", then see the instructions below for getting a crash ID. + (Note that if this setting was not already enabled, you'll need + to reproduce the crash first.) + * **Collecting crash data**: Otherwise, see the instructions for + collecting crash data. + +### Getting a Crash ID + +If crash reporting is enabled, you should provide the crash ID in your bug +report, or your client ID if the crash ID isn't available. **Go to +`chrome://crashes` and see if your crash is listed**. If so, copy and paste the +crash ID into your bug report. + +Otherwise, copy and paste the line containing "client_id" in your `Local State` +file from your profile into the bug report. The location of the profile depends +on your platform: + +* #### Windows: + * #### Vista and higher: `%LOCALAPPDATA%\Google\Chrome\User Data` + * #### `XP: %USERPROFILE%\Local Settings\Application + Data\Google\Chrome\User Data` on Windows XP +* #### Linux: `~/.config/google-chrome` +* #### Mac: `~/Library/Application Support/Google/Chrome` + +### Collecting Crash Data + +If crash reporting is not enabled, or no crash ID is available, you can collect +raw crash data. + +#### Windows + +* Windows can be configured to log crash reports to + %localappdata%\\crashdumps, by using *regedit* to create the key + (registry folder) + "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\Windows Error + Reporting\\LocalDumps". For details see this [Microsoft + article](https://msdn.microsoft.com/en-us/library/windows/desktop/bb787181(v=vs.85).aspx). + You can see the recorded crash dumps by pasting + %localappdata%\\crashdumps into Windows Explorer or the search area + in the start menu. Look for a chrome.exe.123.dmp file from the time + of your crash, and if there is one, attach it to your bug. +* You can capture a minidump file using windbg.exe: + * If you do not already have `windbg.exe`, download it from + Microsoft + [website](http://www.microsoft.com/whdc/DevTools/Debugging/default.mspx) + * Run WinDbg with this command - `windbg.exe -o ` + * Keep hitting F5 until you hit an exception (Access violation or + some other error) or until Chrome window comes up + * If Chrome Window opens successfully, try to reproduce the crash. + When crash happens you should see an exception reported in + WinDbg (Access violation or some other error) + * After the exception has been reported save the dump file by + typing this exact command in WinDbg command: `.dump + C:\chrome.dmp` (do not forget '`.`' at the beginning) + * Once the dump file has been successfully saved, compress this + dump file, upload it somewhere and post the link to the file + along with the bug description. + +#### Linux + +* If you are using Chromium follow + [these](https://wiki.ubuntu.com/Chromium/Debugging) instructions on + how to get additional details about the Chromium crash on Ubuntu. + +#### Mac + +* System crash reports are logged to `~/Library/Logs/CrashReporter`, + so check there for a crash file from the time of your crash, and if + there is one, attach it to your bug. + +**Android** + +* System crash reports are logged to `/data/data/$PACKAGE/cache/Crash\ + Reports/`, where `$PACKAGE` depends on which app (chrome, content + test shell, etc..), as defined + [here](https://cs.chromium.org/chromium/src/third_party/catapult/devil/devil/android/constants/chrome.py?l=11). +* Sometimes the crash will also be printed to the "logcat" and/or as a + tombstone file. More info + [here](/developers/how-tos/debugging-on-android#TOC-Symbolizing-Crashstacks-Tombstones) + on how to obtain and symbolize it. +* Alternatively, use "`adb shell bugreport`" to collect system-wide + information. \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/triage-best-practices/index.md b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/triage-best-practices/index.md new file mode 100644 index 00000000000..eec704a08f1 --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/triage-best-practices/index.md @@ -0,0 +1,120 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/bug-reporting-guidelines + - Bug Life Cycle and Reporting Guidelines +page_name: triage-best-practices +title: Triage Best Practices +--- + +## [TOC] + +## **What is Triage?** + +* A process (often taking the form of a regular meeting) for *making + decisions about the need, priority, timing, and assignment of work + requests*. + +* ### Triage boils down to Three Questions: + + 1. Do we want to do this work? + * **Pro Tip:** Be definitive. If the work isn't something that + we intend on doing (or isn't something we're able to confirm + is a real issue), then close the issue out and provide + honest and ***courteous*** feedback. It's always best to + keep your backlog reflective of the work that you intend on + doing. + 2. How important is it to us (Priority) and when do we want it done + (Schedule/Milestone)? + * **Note:** In the standard Chromium.org workflow Priority and + Schedule are very closely related concepts (please see the + background on priority below). + 3. Who should own it? + * **Pro Tip:** People can only do a finite amount of work, + adding more work to someone's pile won't get it done faster. + * **Pro Tip:** It's perfectly fine to mark something as + Status:Available (i.e. no Owner), if the work doesn't need + to be scheduled immediately, but please make sure that the + work has a specific categorization label (e.g. + Component=UI>Browser>Foo), so that it's clear which + team(s) are accountable for it's priority. + +## How to Think about Priorities + +* P0 - **Emergency** + * Requires immediate resolution +* P1 - **Needed** for current milestone + * Teams should use best discretion here, but this bucket should + generally represent high user impact issues and quality issues + (e.g. regressions, crashers, security issues, feature + completeness, etc...). + * The test: "Would someone notice (in a bad way) if this issue + were present in the release?" +* P2 - **Wanted** for current milestone + * Low/ No user impact, can safely be punted from a release. + * Most in-development work should have this priority. +* P3 - **Not time sensitive** + * Can be completed at any time, no release targeting required. + +## **Recommended Processing Order for Triage Practice** + +* Start by checking your team's load balance. + * Using your standard triage query, pull up the + "[Grid](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=&colspec=ID+Pri+M+Stars+ReleaseBlock+Cr+Status+Owner+Summary+OS+Modified&groupby=&sort=&x=m&y=releaseblock&cells=tiles&mode=grid)" + view. Set ***Rows*** to be "Owner," ***Columns*** to be "None," + and ***Cells*** to be "Counts" + * Get a rough sense for everyone's issue distribution. + * **Pro Tip:** Keep that page opened in the background, as a + reference for when you are assigning issues. +* Assign unassigned (-has:owner) Release Blockers + P0 & P1 issues. + * These are important to start with first, since these issues are + likely time sensitive (notice Blockers, which actively hold back + releases, are prioritized first). + * **Pro Tip:** It's OK to change the Blocking status or Priority, + but please be clear about why (e.g. "this isn't a release block + stable because ....") +* Untriaged (status=untriaged and status=unconfirmed) issues next, + ordering by age (i.e. try and process the requests that have been in + the queue longest) + * The point here is really to answer the 3 questions (i.e. "Is + this something we want to do?," "How important is it?," "Who + should do it?") + * Please ensure that all P1+ issues are assigned an owner. + * **Pro Tip:** Ideally you'll budget enough time to get through + everything, but if your list is too large to process in a single + triage session, ==prioritize looking at Type-Bug-Regression== + (i.e. they are the most likely to be P1+ issues). +* Once you've triaged the most important issues, sanity check your + team's load balance (to make sure that you haven't overloaded + anyone). +* Review / Assign unassigned P2 & P3 issue, as well as any open + Available issues. + +## More Pro Tips + +* Set aside a regular time (and place) to Triage. +* Give yourself enough time to handle your incoming stream of issues + and make progress on (or at least review) your backlog. +* Setup a rotation w/ your team members, to share the load. Though + they are a little more burdensome to administer, they tend to be the + most sustainable triage efforts, help prevent people from burning + out, and ensure that the process doesn't break when people take a + vacation. +* Wade into and clean-up your backlog. New team members will often + start from this pool of issues, please be kind and make sure that + they start by working on valid/ relevant issues. +* Make sure that things are properly categorized, especially as + Available issues, so that they are discoverable. + +* **Spend most of your time on issues opened in the last year.** + * **Most issues have a half-life.** Issue reports are a static + reflection of what was... not necessarily what is. That is... + due to a variety of factors (e.g. code churn, environment + changes, etc...) as issues age it becomes increasingly likely + that they will become less reflective of the current state of + the product. + * **People will re-file (and often duplicate) important issues.** + Many of the old issues that linger often have not been properly + duped, because the person who fixed the issue wasn't aware of + the other issue's existence. \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/blockthirdpartycookies.png.sha1 b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/blockthirdpartycookies.png.sha1 new file mode 100644 index 00000000000..320406633aa --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/blockthirdpartycookies.png.sha1 @@ -0,0 +1 @@ +ccb2cca772ee142669afd59c97b9debeb849a3b1 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/index.md b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/index.md new file mode 100644 index 00000000000..63d5958002c --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/index.md @@ -0,0 +1,23 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/bug-reporting-guidelines + - Bug Life Cycle and Reporting Guidelines +page_name: uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document +title: 'Uncaught SecurityError: Failed to read the ''localStorage'' property from + ''Window'': Access is denied for this document.' +--- + +This exception is thrown when the "Block third-party cookies and site data" +checkbox is set in Content Settings. + +To find the setting, open Chrome settings, type "third" in the search box, click +the Content Settings button, and view the fourth item under Cookies. + +[image](/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document/blockthirdpartycookies.png) + +If this setting is checked, third-party scripts cookies are disallowed and +access to localStorage may result in thrown SecurityError exceptions. \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/bug-reporting-guidlines-for-the-mac-linux-builds/index.md b/chromium/docs/website/site/for-testers/bug-reporting-guidlines-for-the-mac-linux-builds/index.md new file mode 100644 index 00000000000..bd69c85f33d --- /dev/null +++ b/chromium/docs/website/site/for-testers/bug-reporting-guidlines-for-the-mac-linux-builds/index.md @@ -0,0 +1,122 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: bug-reporting-guidlines-for-the-mac-linux-builds +title: Bug Reporting Guidlines for the Mac & Linux builds +--- + +**IMPORTANT:** + +In order for the bug reports we receive to be most effective, we need to be able +to go through them in a timely manner. That means keeping the number manageable. +The primary enemy of this effort is duplicate bugs which waste everyone's time +and clog up the system. Unlike some other public bug systems, we do not consider +the number of duplicates as an indicator of priority, demand, or seriousness. As +a result, there is little to be gained from filing a duplicate bug besides +slowing down our ability to produce a great piece of software. + +Before you file any bug, search the bug tracker to see if your problem is a +known issues ([Mac +query](http://code.google.com/p/chromium/issues/list?can=2&q=os:mac&sort=-stars), +[Linux +query](http://code.google.com/p/chromium/issues/list?can=2&q=os:linux&sort=-stars)). +You can safely assume that huge holes in functionality (such as fullscreen not +working) are well known and there's no need to file a bug. If you find the bug +is already there, feel free to star it so you can find it later and indicate to +us another person is interested in its resolution. If and only if you can't find +the bug in the database should you consider filing a new one. + +If you have any questions about whether or not you should file your bug, feel +free to visit #chromium on irc.freenode.net and ask the community. We'll be more +than willing to help you out. + +**Steps to take before filing a bug:** + +1. Try searching for the bug on the [Chromium bug tracker](http://crbug.com), +someone may already have reported it. + +2. Try to formulate a reduction, i.e. the minimal set of steps to reproduce the +problem. + +**Example of a good bug report:** + +Chrome Version : 2.180.0.0 URLs : http://www.someurl.com Other browsers tested: +Safari 4: OK Firefox 3.x: OK IE 7: OK IE 8: OK + +Chromium : FAIL What steps will reproduce the problem? 1. Launch Chrome 2. Load +http://www.someurl.com 3. Click on the picture of the elephant in the top right +corner. + +4. All buttons in the Chrome UI turn pink. What is the expected result? + +Color of Chrome UI shouldn't change. What happens instead? + +My UI Turns Pink. Please provide any additional information below. Attach a +screenshot if possible. + +System Configuration: Mac OS X 10.5.6 on a PowerMac with 4 gigs of RAM; I use +the Swedish-language UI. + +Console Output: + +5/22/09 2:13:02 PM \[0x0-0x12c92c8\].com.google.Chrome\[67080\] LEAK: 27 +CachedResource + +5/22/09 2:13:02 PM \[0x0-0x12c92c8\].com.google.Chrome\[67080\] LEAK: 287 +WebCoreNode + +5/22/09 2:13:02 PM \[0x0-0x12c92c8\].com.google.Chrome\[67080\] Leak 1 JS +wrappers. + +5/22/09 2:13:03 PM \[0x0-0x12c92c8\].com.google.Chrome\[67080\] +\[67080:19971:1315528366186335:ERROR: +/Users/Shared/foo/chrome/src/chrome/src/chrome/plugin/plugin_thread.cc(166)\] +Not implemented reached in bool + +Screenshot attached. + +**Walkthrough - What's good about the above bug report:** + +1. It contains a clear detailed description of the steps needed to reproduce the +bug from scratch, including URLs where appropriate. Be as specific as you can. +Saying to "click the link in the page" when there are fifty links is unhelpful. +When filing bugs about non-English sites, don't assume the developer understands +the language of the webpage. + +2. Results in other browsers are noted. + +3. It explains what you saw happen and what you where expecting to see. + +4. Console output and system configuration are included, Console output in +particular can be extremely helpful diagnosing an issue! (on OS X you can see +the console output by opening /Applications/Utilities/Console.app). + +5. A screenshot is attached showing the bug. + +**Other Important stuff:** + +On OSX, If you've opted into stats reporting Crash dumps will be saved in +`~/Library/Application Support/Chromium/Crash Reports/` please attach the files +in this directory when filing reports for crashing bugs they can really help us +in tracking down issues. + +I can't write code, how can I help?: + +One of the best ways people can contribute to an open source project is not by +writing code but by helping manage bugs in the bug database. There are many +activities that help immensely: + +* Finding and marking duplicate bugs that have already been filed. +* Providing reduced test-cases (HTML, JavaScript, etc) for web site + bugs on complex pages +* Confirming or denying that a bug has been fixed. (Though if a bug + has previously been reported and not yet marked fixed, saying "STILL + NOT FIXED" doesn't add anything except some irritation for the poor + people CCed on the bug. If it had been fixed, the fixer probably + would have marked it as such, no? Don't add useless comments.) +* Confirming or denying that a bug is valid or has enough information + to be reproducible. + +You don't need a PhD in computer science to do any of these, and they make a +huge difference to both engineering and QAs ability to effectively triage bugs. \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/command-line-flags/index.md b/chromium/docs/website/site/for-testers/command-line-flags/index.md new file mode 100644 index 00000000000..0f3ca9617fe --- /dev/null +++ b/chromium/docs/website/site/for-testers/command-line-flags/index.md @@ -0,0 +1,11 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: command-line-flags +title: How to specify command line flags +--- + +This page has been merged into the more complete: + + \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/enable-logging/configure providers.png.sha1 b/chromium/docs/website/site/for-testers/enable-logging/configure providers.png.sha1 new file mode 100644 index 00000000000..6cd81164a81 --- /dev/null +++ b/chromium/docs/website/site/for-testers/enable-logging/configure providers.png.sha1 @@ -0,0 +1 @@ +0c7a2c4161ce29fb5ee15d98938819c79e9d21ba \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/enable-logging/index.md b/chromium/docs/website/site/for-testers/enable-logging/index.md new file mode 100644 index 00000000000..a335d26bd0b --- /dev/null +++ b/chromium/docs/website/site/for-testers/enable-logging/index.md @@ -0,0 +1,122 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: enable-logging +title: How to enable logging +--- + +To enable logging, launch Chrome with these command line flags: + +`--enable-logging=stderr --v=1 # Output will be printed to standard error (eg. +printed in the console) and to the debugger` + +--enable-logging=stderr --v=1 > log.txt 2>&1 # Capture stderr and stdout +to a log file + +* This will turn on full logging support (INFO, WARNING, ERROR, and + VERBOSE0 for >=M9). +* --enable-logging=stderr enables both logging to stderr and using + OutputDebugStringA on Windows. Note that the sandbox prevents either + form of this logging from renderers being visible unless you attach + a debugger to the renderer to see the OutputDebugStringA output. +* See newer instructions for Linux [at + docs/linux/debugging.md](https://chromium.googlesource.com/chromium/src/+/lkgr/docs/linux/debugging.md#logging) +* If you are debugging renderer startup on Windows, we recommend you + enable histogram logging for additional debugging by using the extra + command line --vmodule=metrics=2 +* Verbose logging shows up with their own VERBOSEn label. + * `--vmodule` enables verbose logging on a per module basis. + Details in + [base/logging.h](https://chromium.googlesource.com/chromium/src/+/HEAD/base/logging.h). + Add --v=-3 at the end to suppress all other logging. +* Any page load (even the new tab page) will print messages tagged + with VERBOSE1; for example: +* \[28304:28320:265508881314:VERBOSE1:chrome/browser/renderer_host/resource_dispatcher_host.cc(1098)\] + OnResponseStarted: chrome://newtab/ +* The output will be saved to the file `chrome_debug.log` in [Chrome's + user data directory](/user-experience/user-data-directory) + * Release builds: The parent directory of Default/. + * Debug builds: The binary build folder (e.g. out\\Debug). + * Chrome OS + * Open file:///var/log/messages + * `/var/log/chrome` at the login screen. + * Files within the `log` subdirectory under the logged-in + user's encrypted home directory, which resides under + `/home/chronos`. +* Logs are overwritten each time you restart chrome. +* To enable logging from the render processes on Windows you also need + the `--no-sandbox `command line flag. + +* To see WTF_LOG, use `--blink-platform-log-channels` + +Note that: + +* If the environment variable CHROME_LOG_FILE is set, Chrome will + write its debug log to its specified location. Example: Setting + CHROME_LOG_FILE to "chrome_debug.log" will cause the log file to be + written to the Chrome process's current working directory while + setting it to "D:\\chrome_debug.log" will write the log to the root + of your computer's D: drive. +* To override the log file path in a test harness that runs Chrome, + use this pattern: + + ```none + #include "chrome/common/env_vars.h" + ... + // Set the log file path in the environment for the test browser. + std::wstring log_file_path = ...; + SetEnvironmentVariable(env_vars::kLogFileName, log_file_path.c_str()); + ``` + +### How do I specify the command line flags? + +See [command line flags](/developers/how-tos/run-chromium-with-flags) page. + +### What personal information does the log file contain? + +Before attaching your chrome_debug.log to a bug report, be aware that it can +contain some personal information, such as URLs opened during that session of +chrome. + +Since the debug log is a human-readable text file, you can open it up with a +text editor (notepad, vim, etc..) and review the information it contains, and +erase anything you don't want the bug investigators to see. + +The boilerplate values enclosed by brackets on each line are in the format: + +\[process_id:thread_id:ticks_in_microseconds:log_level:file_name(line_number)\] + +### Sawbuck + +Alternatively to the above, you can use the Sawbuck utility (for Windows) to +view, filter and search the logs in realtime, in a handy-dandy GUI. + +[image](https://sawbuck.googlecode.com/files/Sawbuck_screenshot.png) + +First download and install the latest version of +[Sawbuck](https://github.com/google/sawbuck/releases/latest), launch it, then +select "Configure Providers.." form the "Log" menu. + +This will bring up a dialog that looks something like this: + +[image +](/for-testers/enable-logging/configure%20providers.png) + +Set the log level for Chrome, Chrome Frame, and/or the Setup program to whatever +suits you, and click "OK". You can revisit this dialog at any time to increase +or decrease the log verbosity. + +Now select "Capture" from the "Log" menu, and you should start seeing Chrome's +log messages. + +Note that Sawbuck has a feature that allows you to view the call trace for each +log message, which can come in handy when you're trying to home in on a +particular problem. + +**Note for 64-bit Chrome:** Reporting of callstacks, source file, and line info +does not currently work when originating from 64-bit Chrome, and log messages +will be garbage by default (). Change the "Enable +Mask" for the Chrome and Chrome Setup providers so that "Text Only" is the only +option selected to have non-garbaled log messages. \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/FAFT (1).jpg.sha1 b/chromium/docs/website/site/for-testers/faft/FAFT (1).jpg.sha1 new file mode 100644 index 00000000000..93b81c90be7 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/FAFT (1).jpg.sha1 @@ -0,0 +1 @@ +c8fe6865fc340387bb5d76ba05730857ae22754c \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/FAFT Hardware Setup Layout.png.sha1 b/chromium/docs/website/site/for-testers/faft/FAFT Hardware Setup Layout.png.sha1 new file mode 100644 index 00000000000..1a21c32ab11 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/FAFT Hardware Setup Layout.png.sha1 @@ -0,0 +1 @@ +7bebdfb2570336d670a297d441a3c782db5d9989 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/Servo2_with_labels.jpg.sha1 b/chromium/docs/website/site/for-testers/faft/Servo2_with_labels.jpg.sha1 new file mode 100644 index 00000000000..148a4dc20e8 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/Servo2_with_labels.jpg.sha1 @@ -0,0 +1 @@ +31e36fbdaa628641c4e773437043276db09ea271 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/ServoV4-typeC-micro.png.sha1 b/chromium/docs/website/site/for-testers/faft/ServoV4-typeC-micro.png.sha1 new file mode 100644 index 00000000000..156bc3975a9 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/ServoV4-typeC-micro.png.sha1 @@ -0,0 +1 @@ +529654b20e9a4e8b4999779b7e78e8bf7594b121 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/ServoV4.png.sha1 b/chromium/docs/website/site/for-testers/faft/ServoV4.png.sha1 new file mode 100644 index 00000000000..f24f9151c61 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/ServoV4.png.sha1 @@ -0,0 +1 @@ +32a9a4c5fc8b2aa68ebe585aebcaf0c0cbc4cd3b \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/index.md b/chromium/docs/website/site/for-testers/faft/index.md new file mode 100644 index 00000000000..b0d2a095e8d --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/index.md @@ -0,0 +1,10 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: faft +title: FAFT +--- + +Migrated to + \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/pd_typeC.png.sha1 b/chromium/docs/website/site/for-testers/faft/pd_typeC.png.sha1 new file mode 100644 index 00000000000..c3ba8be6cf5 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/pd_typeC.png.sha1 @@ -0,0 +1 @@ +8ab9bc4abc920d0a8ae6efd7f102b587b88a3a6a \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/rc_typeA.png.sha1 b/chromium/docs/website/site/for-testers/faft/rc_typeA.png.sha1 new file mode 100644 index 00000000000..eef52135aea --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/rc_typeA.png.sha1 @@ -0,0 +1 @@ +3766b9b67c01e22a1247fa5dfc07a9b62bc89eab \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/rc_typec.png.sha1 b/chromium/docs/website/site/for-testers/faft/rc_typec.png.sha1 new file mode 100644 index 00000000000..1f9be924baf --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/rc_typec.png.sha1 @@ -0,0 +1 @@ +5582da41271b2cc6e9acfd4756be6bfba7bd3008 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/rc_typec_official.png.sha1 b/chromium/docs/website/site/for-testers/faft/rc_typec_official.png.sha1 new file mode 100644 index 00000000000..12c54110477 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/rc_typec_official.png.sha1 @@ -0,0 +1 @@ +d8a60ae80b668a9d85f63cff2a40abf82e0e3d6a \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/faft/servo_v4.png.sha1 b/chromium/docs/website/site/for-testers/faft/servo_v4.png.sha1 new file mode 100644 index 00000000000..9598a70b787 --- /dev/null +++ b/chromium/docs/website/site/for-testers/faft/servo_v4.png.sha1 @@ -0,0 +1 @@ +388f4dd483aaee4419de0609b64d45f9fd853720 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/constrained-windows--basic-testing/index.md b/chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/constrained-windows--basic-testing/index.md new file mode 100644 index 00000000000..14eb8788617 --- /dev/null +++ b/chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/constrained-windows--basic-testing/index.md @@ -0,0 +1,56 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/frontend-testing + - Frontend testing +- - /for-testers/frontend-testing/constrained-windows + - Constrained Windows (test plan) +page_name: constrained-windows--basic-testing +title: 'Constrained Windows: Basic Testing' +--- + +## Testcases + + + +Test case Steps Expected Result + + + +1. +2. +3. + + + + + + +1. + + + + + + + +1. + + + + + + +1. +2. +3. + + + + +
Simple test: constrained windowLog in to http://mail.google.com.Google Talk in Gmail will load on left side. Click on any + contact to open a chat window Pop-out the chat window.Chat window will open as a constrained window on the left side of the page ; title bar : default icon and title "name - chat - Google Chrome"
Pop-up displayed in constrained windowVisit any website which opens a pop-upIf your settings are checked for : Options> Under the hood> Web Content : Notify me when a pop-up is blocked then blocked pop-up will be notified at bottom right side of the page with title bar : "Blocked pop-up"On clicking blocked pop-up, title bar will change to "default icon and title - Google Chrome". If no title then "default icon and Google Chrome"
Play video in constrained windowVisit any website which plays video in constrained windowA constrained window will launch for the video link ; title bar : "default icon and title - google chrome"
Constrained window - launch with window.open() and close with window.close()Visit http://html.tests.googlepages.com/example1.html + Click Open window.Click Close window. After Step 2: A constrained window with height=200px and width=300px will be launched. After Step 3: The constrained window will be closed.
\ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/index.md b/chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/index.md new file mode 100644 index 00000000000..4c0bb159e10 --- /dev/null +++ b/chromium/docs/website/site/for-testers/frontend-testing/constrained-windows/index.md @@ -0,0 +1,45 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/frontend-testing + - Frontend testing +page_name: constrained-windows +title: Constrained Windows (test plan) +--- + +[TOC] + +## Testing strategy + +The Primary Focus will be on verifying whether constrained windows are working +as per the design on different operating systems (Windows XP and Vista). More +information about constrained windows is available from the [design +doc](/developers/design-documents/constrained-popup-windows). + +## What needs to be tested + +* [Basic + testing](/for-testers/frontend-testing/constrained-windows/constrained-windows--basic-testing) + +## Testing environment + +* **Operating systems**: Windows Vista SP1, Windows XP SP2 and SP3 +* **Above configurations with antivirus/antispyware**: Norton 2008, + McAfee, Symantec, Sophos AV, TrendMicro, PC Tools Spyware Doctor, + Lavasoft Ad-ware, Webroot Spy Sweeper, Zone Alarm Internet Security + Suite, Windows Live one Care, Kaspersky Internet Security 7.0, + BitDefender Total Security 2008, Panda: Internet Security +* **Operating system languages**: Arabic, Bulgarian, Catalan, Chinese + (Simplified), Chinese (Traditional), Croatian, Czech, Danish, Dutch, + English-UK, English-US, Estonian, Filipino, Finnish, French, German, + Greek, Hebrew, Hindi, Hungarian, Indonesian, Italian, Japanese, + Korean, Latvian, Lithuanian, Norwegian, Polish, Portuguese + (Portugal), Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, + Slovenian, Spanish, Spanish (Latin America), Swedish, Thai, Turkish, + Ukrainian, Vietnamese + +## Report a bug + +* [Chromium bug + system](http://code.google.com/p/chromium/issues/entry) \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/frontend-testing/index.md b/chromium/docs/website/site/for-testers/frontend-testing/index.md new file mode 100644 index 00000000000..fc017a73b8d --- /dev/null +++ b/chromium/docs/website/site/for-testers/frontend-testing/index.md @@ -0,0 +1,17 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: frontend-testing +title: Frontend testing +--- + +Note: these pages describe the testing plan for Google Chrome. Some of it only +applies to Google Chrome, but much of it also applies to Chromium, which is why +it's included here. + +* [Spell Check](/for-testers/frontend-testing/spell-check) +* [Constrained + Windows](/for-testers/frontend-testing/constrained-windows) +* [Windows-specific interoperability + issues](/for-testers/frontend-testing/windows-specific-interoperability-issues) \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/frontend-testing/spell-check/index.md b/chromium/docs/website/site/for-testers/frontend-testing/spell-check/index.md new file mode 100644 index 00000000000..05e0c8c0059 --- /dev/null +++ b/chromium/docs/website/site/for-testers/frontend-testing/spell-check/index.md @@ -0,0 +1,42 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/frontend-testing + - Frontend testing +page_name: spell-check +title: Spell Check (test plan) +--- + +[TOC] + +## Testing strategy + +The Primary Focus will be on verifying spell check behavior in Chromium. + +## What needs to be tested + +* [Basic + testing](/for-testers/frontend-testing/spell-check/spell-check--basic-testing) + +## Testing environment + +* **Operating systems**: Windows Vista SP1, Windows XP SP2 and SP3 +* **Above configurations with antivirus/antispyware**: Norton 2008, + McAfee, Symantec, Sophos AV, TrendMicro, PC Tools Spyware Doctor, + Lavasoft Ad-ware, Webroot Spy Sweeper, Zone Alarm Internet Security + Suite, Windows Live one Care, Kaspersky Internet Security 7.0, + BitDefender Total Security 2008, Panda: Internet Security +* **Operating system languages**: Arabic, Bulgarian, Catalan, Chinese + (Simplified), Chinese (Traditional), Croatian, Czech, Danish, Dutch, + English-UK, English-US, Estonian, Filipino, Finnish, French, German, + Greek, Hebrew, Hindi, Hungarian, Indonesian, Italian, Japanese, + Korean, Latvian, Lithuanian, Norwegian, Polish, Portuguese + (Portugal), Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, + Slovenian, Spanish, Spanish (Latin America), Swedish, Thai, Turkish, + Ukrainian, Vietnamese + +## Report a bug + +* [Chromium bug + system](http://code.google.com/p/chromium/issues/entry) \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/frontend-testing/spell-check/spell-check--basic-testing/index.md b/chromium/docs/website/site/for-testers/frontend-testing/spell-check/spell-check--basic-testing/index.md new file mode 100644 index 00000000000..4fe49dd1a86 --- /dev/null +++ b/chromium/docs/website/site/for-testers/frontend-testing/spell-check/spell-check--basic-testing/index.md @@ -0,0 +1,54 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/frontend-testing + - Frontend testing +- - /for-testers/frontend-testing/spell-check + - Spell Check (test plan) +page_name: spell-check--basic-testing +title: 'Spell Check: Basic Testing' +--- + +## Testcases + + + +Test case Steps Expected Result + + + +1. +2. +3. +4. +5. + + + + + + +1. +2. +3. + + + + + + + +1. +2. +3. +4. +5. + + + +
Red underline for spelling errorsLaunch Chromium.Navigate to http://mail.google.com.Sign in to your account.Click Compose Mail.Enter gogl plus a space in the message field.gogle will be underlined in red.
Login form: username will not be red underlinedLaunch Chromium.Visit http://mail.google.com (if signed + in, sign out to see the login page)Enter any text in the Username field.Username will not be underlined in red.
Mis-spelled text that is copied and pasted will be underlined in redLaunch Chromium.Navigate to http://mail.google.com.Sign in to your account.Click Compose MailCopy and paste any mis-spelled text into the message field.Mis-spelled text will be underlined in red.
\ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/index.md b/chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/index.md new file mode 100644 index 00000000000..50155a420db --- /dev/null +++ b/chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/index.md @@ -0,0 +1,16 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/frontend-testing + - Frontend testing +page_name: windows-specific-interoperability-issues +title: Windows-specific interoperability issues +--- + +When users face crash on start or other odd behavior, one helpful thing to do is +to gather the list of dlls currently loaded in the chrome.exe processes whenever +possible. You can execute the script in +[list_chrome.zip](/for-testers/frontend-testing/windows-specific-interoperability-issues/list_chrome.zip) +which will generate a file named results.txt. The user can then send the content +of this file by email for further analysis. \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/list_chrome.zip.sha1 b/chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/list_chrome.zip.sha1 new file mode 100644 index 00000000000..ed16f65c1c6 --- /dev/null +++ b/chromium/docs/website/site/for-testers/frontend-testing/windows-specific-interoperability-issues/list_chrome.zip.sha1 @@ -0,0 +1 @@ +8960eb43c938f289dbfb6908437a8ac6e5395d31 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/index.md b/chromium/docs/website/site/for-testers/index.md new file mode 100644 index 00000000000..0cb242fc0f5 --- /dev/null +++ b/chromium/docs/website/site/for-testers/index.md @@ -0,0 +1,31 @@ +--- +breadcrumbs: [] +page_name: for-testers +title: For Testers +--- + +## Reporting Bugs + +* [Bug reporting guidelines and how to report + bugs](/for-testers/bug-reporting-guidelines) +* [Glossary](/glossary) +* [Enable logging](/for-testers/enable-logging) +* [Recording + traces](/developers/how-tos/trace-event-profiling-tool/recording-tracing-runs) + +## Contributing + +* [Find duplicate bugs](http://code.google.com/p/chromium/issues/list) +* [Confirm unconfirmed + bugs](http://code.google.com/p/chromium/issues/list?q=status:Unconfirmed) +* [Confirm unconfirmed Mac + bugs](http://code.google.com/p/chromium/issues/list?can=2&q=+os:mac+status:unconfirmed&colspec=ID+Stars+Pri+Area+Type+Status+Summary+Modified+Owner+Mstone+OS&cells=tiles) +* [Confirm unconfirmed Linux + bugs](http://code.google.com/p/chromium/issues/list?can=2&q=os:Linux+status:unconfirmed&colspec=ID+Stars+Pri+Area+Type+Status+Summary+Modified+Owner+Mstone+OS&x=mstone&y=area&cells=tiles) +* [Verify Mac fixed + bugs](http://code.google.com/p/chromium/issues/list?can=1&q=os:mac+status:fixed&colspec=ID+Stars+Pri+Area+Type+Status+Summary+Modified+Owner+Mstone+OS&x=mstone&y=area&cells=tiles) +* [Verify Linux fixed + bugs](http://code.google.com/p/chromium/issues/list?can=1&q=os:Linux+status:fixed&colspec=ID+Stars+Pri+Area+Type+Status+Summary+Modified+Owner+Mstone+OS&x=mstone&y=area&cells=tiles) +* [Frontend testing](/for-testers/frontend-testing) +* [Firmware testing](/for-testers/faft) +* [Installer](/for-testers/installer) diff --git a/chromium/docs/website/site/for-testers/installer/index.md b/chromium/docs/website/site/for-testers/installer/index.md new file mode 100644 index 00000000000..a61ba9b6a95 --- /dev/null +++ b/chromium/docs/website/site/for-testers/installer/index.md @@ -0,0 +1,41 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: installer +title: Installer (test plan) +--- + +[TOC] + +## Testing strategy + +The Primary Focus will be on testing the installer for fresh installs and +upgrades on various operating systems, with different anti-virus and language +configurations. + +## Test scenarios + +* [Basic testing](/for-testers/installer/installer--basic-testing) + +## Testing environment + +* **Operating systems**: Windows Vista SP1, Windows XP SP2 and SP3 +* **Above configurations with antivirus/antispyware**: Norton 2008, + McAfee, Symantec, Sophos AV, TrendMicro, PC Tools Spyware Doctor, + Lavasoft Ad-ware, Webroot Spy Sweeper, Zone Alarm Internet Security + Suite, Windows Live one Care, Kaspersky Internet Security 7.0, + BitDefender Total Security 2008, Panda: Internet Security +* **Operating system languages**: Arabic, Bulgarian, Catalan, Chinese + (Simplified), Chinese (Traditional), Croatian, Czech, Danish, Dutch, + English-UK, English-US, Estonian, Filipino, Finnish, French, German, + Greek, Hebrew, Hindi, Hungarian, Indonesian, Italian, Japanese, + Korean, Latvian, Lithuanian, Norwegian, Polish, Portuguese + (Portugal), Portuguese (Brazil), Romanian, Russian, Serbian, Slovak, + Slovenian, Spanish, Spanish (Latin America), Swedish, Thai, Turkish, + Ukrainian, Vietnamese + +## Report a bug + +* [Chromium bug + system](http://code.google.com/p/chromium/issues/entry) \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/installer/installer--basic-testing/index.md b/chromium/docs/website/site/for-testers/installer/installer--basic-testing/index.md new file mode 100644 index 00000000000..baf44cb0b90 --- /dev/null +++ b/chromium/docs/website/site/for-testers/installer/installer--basic-testing/index.md @@ -0,0 +1,135 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +- - /for-testers/installer + - Installer (test plan) +page_name: installer--basic-testing +title: 'Installer: Basic Testing' +--- + +[TOC] + +## Test cases + +### Install + + + +Test case Steps Expected Result + + + + +* +* +* + + +* + + + + + + + +* + + +
Fresh InstallInstall latest build of Google Chrome.On completion of installation, First Run UI dialog will be + launched with no other alert prompts First Run UI dialog: Shortcuts will be created according to the + user's choice. Bookmarks, passwords, and other settings will be + imported/not imported from IE/FF as per user's choice. A new folder will be created:XP: C:\\Documents and Settings\\username\\Local + Settings\\Application Data\\Google\\Google Chrome\\ApplicationVista: C:\\Users\\username\\AppData\\Local\\Google\\Google + Chrome\\ApplicationGoogle Chrome can be launched from shortcuts and the Add/Remove + panel (XP) / Programs and Features (Vista)
Recovery If Google Chrome files are accidentally deleted and Google Chrome cannot be launched, run the installer again.On completion of installation, Google Chrome can be launched + from shortcuts, Add/Remove panel (XP) / Programs and Features + (Vista)
+ +### Overinstall + + + +Test case Steps Expected Result + + + + +* +* + + +
OverinstallOverinstall latest build of Google Chrome On launching Google Chrome, about:version should show the + latest build number.Google Chrome can be launched from shortcuts, Add/Remove panel + (XP) / Programs and Features (Vista)
+ +### First Run UI + + + +Test case Steps Expected Result + + + + +* +* + + + + + + + + +* + + +
First Run UI dialog launchDo a fresh install of Google Chrome. (Note: First Run UI will not be launched if it is not a fresh install)On completion of installation, First Run UI dialog will be + launched giving the user choice to customize the settings.A file called First Run will be created under:XP: C:\\Documents and Settings\\username\\Local + Settings\\Application Data\\Google\\Google Chrome\\ApplicationVista: C:\\Users\\username\\AppData\\Local\\Google\\Google + Chrome\\Application
First Run UI file not found Delete First Run file.On Google Chrome launch, First Run UI dialog will be launched +
+ +### Uninstall + + + +Test case Steps Expected Result + + + + + + + + + +* +* + + +* +* + + + + + +1. +2. + + + + + + + + + + +
Uninstall Google Chrome Click Start > All Programs > Google Chrome and select UninstallorWindows XP: From the Add/Remove Programs dialog, uninstall Google Chrome.Windows Vista: From the Programs and Features window, uninstall Google Chrome.Verify the following on your local machine:Google Chrome is uninstalled with no issues. The Google Chrome folder is removed from:XP: C:\\Documents and Settings\\user\\Local Settings\\Application + Data\\Google\\Google Chrome\\Application\\Vista: C:\\Users\\username\\AppData\\Local\\Google\\Google + Chrome\\ApplicationGoogle Chrome will not appear in the Add/Remove panel on + XP, or the Programs and Features window in Vista.Shortcuts are deleted.
Uninstall Google Chrome while Google Chrome is running Launch Google Chrome. Try to uninstall Google Chrome. The following message will appear:Please close all Google Chrome windows and try againGoogle Chrome will not be uninstalled. On closing Google Chrome and uninstalling, Google Chrome will uninstall with no issues.
\ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-memory-details/index.md b/chromium/docs/website/site/for-testers/providing-memory-details/index.md new file mode 100644 index 00000000000..d85e8355057 --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-memory-details/index.md @@ -0,0 +1,29 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: providing-memory-details +title: Reporting memory bloat/leak issues +--- + + + + + + + + + + + + +* + + +
## How to file a bug for memory bloat/leak issues:Use this + template when filing a bug for memory bloat/leak issues.See instructions + here.## How to take a snapshot of memory usage:See instructions + here
\ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/Screen Shot 2017-04-26 at 11.18.49 AM.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/Screen Shot 2017-04-26 at 11.18.49 AM.png.sha1 new file mode 100644 index 00000000000..87543b79298 --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/Screen Shot 2017-04-26 at 11.18.49 AM.png.sha1 @@ -0,0 +1 @@ +46cd09362008f05ffe41c0792f9aac9c69dcf97e \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/capture-bytes.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/capture-bytes.png.sha1 new file mode 100644 index 00000000000..2735015a6fe --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/capture-bytes.png.sha1 @@ -0,0 +1 @@ +58ebb3fefef00bfc2fb41c4c75812503c34349da \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/inclue-bytes-mobile.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/inclue-bytes-mobile.png.sha1 new file mode 100644 index 00000000000..04b55bd6537 --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/inclue-bytes-mobile.png.sha1 @@ -0,0 +1 @@ +feb7a1766cd0a07f6bb8d97da7f1787de063caa9 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/index.md b/chromium/docs/website/site/for-testers/providing-network-details/index.md new file mode 100644 index 00000000000..aff6dc7beba --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/index.md @@ -0,0 +1,84 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: providing-network-details +title: How to capture a NetLog dump +--- + +A *NetLog dump* is a log file of the browser's network-level events and state. +You may be asked to provide this log when experiencing page load or performance +problems. + +***Note:** if you want to take a netlog for **Android WebView**, [read this +guide](https://chromium.googlesource.com/chromium/src/+/HEAD/android_webview/docs/net-debugging.md) +instead.* + +To create a *NetLog dump*, open a new tab and navigate to: + +> chrome://net-export/ + +[image](/for-testers/providing-network-details/net-export-61.png) + +You can then follow the instructions on that page. + +**Step-by-step guide** + +1. Open a new tab and go to chrome://net-export/ +2. Click the **Start Logging To Disk** button. +3. Reproduce the network problem **in a different tab** (the + chrome://net-export/ tab needs to stay open or logging will + automatically stop.) +4. Click **Stop Logging** button. +5. Provide the resulting log file to the bug investigator. + * Either attach the file to your existing or [new bug + report](https://crbug.com/new), or send email to the bug + investigator. + * Provide the **entire** log file. Snippets are rarely sufficient + to diagnose problems. + * **Include any relevant URLs or details to focus on.** + +> **PRIVACY**: When attaching log files to bug reports, note that Chrome bug +> reports are **publicly visible** by default. If you would prefer it be only +> visible to Google employees, mention this on the bug and wait for a Google +> engineer to restrict visibility of the bug before you attach the file. + +**Advanced: Byte-level captures** + +By default, NetLog dumps do not include all of the raw bytes (encrypted or +otherwise) that were transmitted over the network. + +To include this data in the log file, select the **Include raw bytes** option at +the bottom of the chrome://net-export/ page: + +> **PRIVACY:** Captures with this level of detail may include personal +> information and should generally be emailed rather than posted on public +> forums or public bugs. + +[image](/for-testers/providing-network-details/net-export-raw-bytes-61.png) + +**Advanced: Logging on startup** + +If the problem that you want to log happens very early and you cannot start +chrome://net-export in time, you can add a command line argument to Chrome that +will start logging to a file from startup: + +> --log-net-log=C:\\some_path\\some_file_name.json + +If a granularity for capture other than the default of "Strip private +information" is needed, one of the following flags can be used: + +* --net-log-capture-mode=IncludeSensitive +* --net-log-capture-mode=Everything + +For info about adding command line options, see +[command-line-flags](/developers/how-tos/run-chromium-with-flags). + +**Advanced: Viewing the NetLog dump file** + +The log file can be loaded using the +[netlog_viewer](https://chromium.googlesource.com/catapult/+/HEAD/netlog_viewer/). \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/net-export-61.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/net-export-61.png.sha1 new file mode 100644 index 00000000000..360dcf1e4fc --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/net-export-61.png.sha1 @@ -0,0 +1 @@ +e7f9761d778f19e8d3c66858c4c4d00d1155015b \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/net-export-raw-bytes-61.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/net-export-raw-bytes-61.png.sha1 new file mode 100644 index 00000000000..e2bcbb6aaaa --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/net-export-raw-bytes-61.png.sha1 @@ -0,0 +1 @@ +8d8e6f8b17b36974974b33d022cd2d8e62da99ff \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/net-internals.PNG.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/net-internals.PNG.sha1 new file mode 100644 index 00000000000..10d3ed8bd46 --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/net-internals.PNG.sha1 @@ -0,0 +1 @@ +0ca83a9824d1ff5471cf41435d11bb3fcf60c4b4 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/netexport.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/netexport.png.sha1 new file mode 100644 index 00000000000..d921e1e26d5 --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/netexport.png.sha1 @@ -0,0 +1 @@ +ce3bf30b0954d19e8cd1e844202a7380d7ecbe96 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/netinternals_export.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/netinternals_export.png.sha1 new file mode 100644 index 00000000000..322b7cc46ec --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/netinternals_export.png.sha1 @@ -0,0 +1 @@ +69108bb89586728956c5038244eb565e56dffea8 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/save-to-file.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/save-to-file.png.sha1 new file mode 100644 index 00000000000..6e3a2000139 --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/save-to-file.png.sha1 @@ -0,0 +1 @@ +a70c14978cdba6cdd8c2199b5f637daa85a08d37 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/providing-network-details/start-logging-to-disk.png.sha1 b/chromium/docs/website/site/for-testers/providing-network-details/start-logging-to-disk.png.sha1 new file mode 100644 index 00000000000..bbd4220615e --- /dev/null +++ b/chromium/docs/website/site/for-testers/providing-network-details/start-logging-to-disk.png.sha1 @@ -0,0 +1 @@ +e9dfb1661a3f5a5b845aded116cfc3180c74e3f9 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/saft/index.md b/chromium/docs/website/site/for-testers/saft/index.md new file mode 100644 index 00000000000..4108ab63b66 --- /dev/null +++ b/chromium/docs/website/site/for-testers/saft/index.md @@ -0,0 +1,222 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: saft +title: SAFT +--- + +[TOC] + +### Theory of operation + +SAFT stands for Semi Automated Firmware Test. It is a Python and BASH based +Linux application enabled in the [ChromeOS](/chromium-os) test distribution. On +the target system SAFT code is placed in `/usr/sbin/firmware/saft. The source +code is controlled by a separate [git](goog_880557684)` +`[repository](http://gerrit.chromium.org/gerrit/gitweb?p=chromiumos%2Fplatform%2Fsaft.git;a=shortlog;h=HEAD). +` + +SAFT is designed to verify BIOS functionality, including different aspects of +[Verified Boot](/chromium-os/chromiumos-design-docs/verified-boot) and [Google +Chrome OS Firmware - High Level +Specification](https://docs.google.com/a/google.com/Doc?docid=0AbUTgMyqR_XeZGRuaDd4OXdfODJkbTRjZzJjdA&hl=en). +To test this thoroughly multiple system restarts are needed, some including +booting in recovery mode. This is why **SAFT requires the flash drive to be +present on the system under test**, both to keep state between reboots and to +provide recovery mode boot medium. Recovery mode boot requires operator +involvement (unplugging and plugging in the flash drive), which makes SAFT a +'semi automated' test. SAFT is meant to be run by the firmware vendors, and is +required to be easy to set up and run. This is why it is not using the autotest +framework, all what's needed is a target netbook and a flash memory stick. + +The Chrome OS root file system is immutable, so there is a need to enable or +disable SAFT execution without modifying the root fs contents. The SAFT +[upstart](http://upstart.ubuntu.com/getting-started.html) script +`/etc/init/saft.conf` is executed on every reboot. It checks if the flash drive +is present, and a "follow up" script `/var/saft.sh` exists on it. If the follow +up script does not exist, SAFT execution terminates, if it does exist, the +follow up script is invoked. This allows to enable/disable SAFT execution +without modifying the root file system. + +When SAFT is not running, the upstart script terminates after logging the state +in `/tmp/saft.conf`: + +```none +localhost ~ # cat /tmp/saft.log +Found sdc after 0 seconds +No SAFT in progress +``` + +To enable SAFT execution on a system, the 'follow up' script is created and the +system is reset. On the next and all following startups until the 'follow up' +script is deleted, SAFT application is invoked. + +SAFT needs some means of representing the target boot state (what firmware and +kernel were used, what was the reason for reboot, where the root file system is +hosted, etc.). A so called boot state vector is used for that, which is a string +described as follows in the source code: + +```none +The string has a form of x:x:x::, where x' represent contents of the appropriate BINF files as reported by ACPI, is set to 1 or 0 depending if the root device is removable or not, and is the last element of the root device name, designating the partition where the root fs is mounted.  +This vector fully describes the way the system came up. +``` + +When executed on start up, the 'follow up' script creates the necessary +environment and starts the actual SAFT Python application located in` /usr/sbin/firmware/saft/saft_utility.py`. This application is +a state machine, where each state introduces a unique defect in the system +(corrupted firmware or kernel, different CGPT attributes, etc., etc.). + +In each step the application checks if the current boot state vector matches the +expected state, and if so corrects the previously introduced defect, introduces +the next one and reboots again. This continues until all steps are passed, +provided every state is processed properly. If SAFT application detects that the +target state vector does not match the expected state, it terminates +immediately. The sequence of defect introducing actions is stored in the +`saft_utility.py:TEST_STATE_SEQUENCE` table. + +On termination the SAFT application removes the 'follow up' script and copies +the SAFT log into the `/var/fw_test_log.txt`, which allows the operator to +examine the test results. + +### Running SAFT + +Two important conditions have to be met before SAFT can run properly: + +* both kernels/root fs pairs need to be populated on the main storage + device +* the flash device needs to be configured not to use verified root fs, + because it gets mounted in course of SAFT execution, which causes + verified root fs control structures to go out of sync. + +Neither of these conditions are met by default in the recent ChromeOS +distributions, so before SAFT can run, they need to be taken care of. The SAFT +wrapper script` /usr/sbin/firmware/saft/runtests.sh` does that. The wrapper +script checks if both partiton pairs exist, and if not - it duplicates the firs +pair on the second pair's devices (`/dev/sda2` gets copied to `/dev/sda4` and +`/dev/sda3` gets copied to `/dev/sda5`) and checks the command line of the flash +device hosted recovery kernel. If it is configured to run with verified root fs, +the kernel command line is edited to bring the recovery image up without +verified root fs protection. + +So, a typical procedure to invoke SAFT is as follows: + +* download ChromeOS test distribution and put it on the flash drive +* install ChromeOS on the target using the flash drive +* reboot the target, enter the shell dialog and type + +```none +sudo /usr/sbin/firmware/saft/runtests.sh [] +``` + +If `runtests.sh` is invoked without any parameters, it just verifies the +environment (modifies it as described above, if required), copies SAFT code into +the removable device (into` /usr/sbin/firmware/saft)` +and runs SAFT unit tests. The actual SAFT starts if `runtests.sh` is invoked +with a command line parameter, the name of the file containing the firmware +image to test. + +It is presumed that the flash device (carrying the recovery image from which the +system has been installed) is plugged in into the target and gets instantiated +as `/dev/sdb`. If the flash device is plugged in into a USB hub or is +instantiated as a different device for some other reason, the environment +variable `FLASH_DEVICE `can be used to communicate it to the script, for +instance: + +```none +FLASH_DEVICE=sdc /usr/sbin/firmware/saft/runtests.sh [] +``` + +When invoked with the BIOS image file name, it is verified that the image has +proper keys in it and would be able to bring up the existing kernels. If +verification succeeds, SAFT gets under way, rebooting the target a few times (as +many times as there are steps in `saft_utility.py:TEST_STATE_SEQUENCE).` + +Certain steps take a long time between restarts (for instance, when a step +involves reprogramming of the flashrom). It is easy to tell if SAFT is completed +or not by examining the SAFT temp file in `/tmp/saft.log`. When SAFT completes, +this file would have either an error message or the phrase 'we are done' in the +end. This file includes only messages generated since the most recent startup. +The full SAFT log can be found in `/var/fw_test.log.txt **after** the test +completes.` + +### `Tests implemented so` far + +The following tests are implemented as of commit `6cabd80 Introduce gpt tests in +SAFT`. (make sure to update this string when editing this section). + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Test System state after reboot
Firmware Kernel GPT attributes
Set 'try FW B' in NV ram B A
Corrupt FW A B A
Restore FW A A A
Corrupt both FW A and B RecoveryRecovery
Restore FW A and BA A
Corrupt kernel A A B
Corrupt kernel B RecoveryRecovery
Restore kernels A and B A A
Set GPT A\[S:0 T:15 P:10\] B\[S:0 T=15 P=9\] A AA\[S:0 T:14 P:10\] B\[S:0 T=15 P=9\]
+ +### Enhancing SAFT + +It is easy to add new steps to SAFT by extending +`saft_utility.py:TEST_STATE_SEQUENCE` table with new steps. The format of the +table is simple, each line is a tri-tuple of + +```none +(, , ), +``` + +where `boot_state_vector` is the expected boot state after the previous step, +and `function` with argument `argument` will implement the new step of SAFT. + +### Interpreting SAFT errors + +One of the common SAFT errors is 'wrong boot vector' \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/test-cases/index.md b/chromium/docs/website/site/for-testers/test-cases/index.md new file mode 100644 index 00000000000..87daf6e6adf --- /dev/null +++ b/chromium/docs/website/site/for-testers/test-cases/index.md @@ -0,0 +1,180 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: test-cases +title: Test Cases +--- + +
+
+ +### Guidelines + +1. Please make sure that you are on the dev channel. We have recently + refreshed the dev channel, so you will have to sign up for the dev + channel once again. Instructions for joining the dev channel are + here: . +2. Make sure you are running the latest version. You can find + information about Google Chrome versions here: + . +3. IMPORTANT: Before you begin testing, please [set up a new + profile](/developers/creating-and-using-profiles). We strongly + suggest that you use a separate profile folder for testing purposes + so that the testing does not tamper with your existing profile and + also to ensure all the volunteers are starting with a similar setup. + 1. You can clear the profile between tests, as described in the + [profile page](/developers/creating-and-using-profiles). + 2. When you are done testing, you can edit the shortcut again to go + back to your original profile. +4. Please go through as many test cases as possible. Detailed + description about the test cases is provided in the column on the + left. Each test case should be answered with a 'Pass' or 'Fail' +5. Please try and associate a failing test case with a bug. It could be + an existing bug or a new issue. Please refer to bug reporting + guidelines here: + . Use + the 'Other' response field in the test cases to include the bug + numbers. +6. Please do not use this form to send us feature requests or + information about unrelated crashes or bugs. Please file them + directly on where they will be looked at along + with other bugs. + +### Test cases + +### Test case: Default Browser (admin user) + +* Pre-conditions/setup: Make sure you are logged in with + administrative privileges and Google Chrome is not your default + browser. +* Go to Chrome Menu -> Options -> Basic and click on 'Make + Google Chrome my default browser'. +* Verification: Go to Start -> Run and type and valid URL like + 'http://www.google.com' in the run dialog. When you hit enter, it + should be opened in a new Google Chrome window. + +#### Test case: Default Browser (non-admin user) + +* Pre-conditions/setup: Make sure you are logged in without + administrative privileges (limited user) and Google Chrome is not + your default browser. +* Go to Chrome Menu -> Options -> Basic and click on 'Make + Google Chrome my default browser'. +* Verification: Go to Start -> Run and type and valid URL like + 'http://www.google.com' in the run dialog. When you hit enter, it + should be opened in a new Google Chrome window. + +#### Test case: Clear Browsing Data (time range 1-day) + +* Pre-conditons/setup: Start with a fresh Chrome profile. Browse to a + few websites. Log on to your email account and choose to save + passwords. Download a few files. This will help populate your cache, + cookies, download history, etc. +* Go to Chrome Menu -> Options -> Clear browsing data. Select + all check boxes on the dialog, leave the time period as 'Last day' + and click on 'Clear browsing data'. +* Verification: All your recent browsing history should be cleared. + Your history (Ctrl + H) and downloads (Ctrl + J) pages should not + show up any entries for the current day. Your saved passwords under + Chrome Menu -> Options -> Minor Tweaks -> Show saved + passwords should be empty. There should be no cookies present under + Chrome Menu -> Options -> Under the Hood -> Show cookies. + +#### Test case: Clear Browsing Data (specific data types - cookies) + +* Pre-conditions/setup: Start with a fresh Chrome profile. Visit some + websites such as http://www.nytimes.com, http://www.cnn.com, etc. + Log on to an email account (e.g. your GMail account). Go to Chrome + Menu -> Options -> Under the Hood -> Show cookies and + verify that cookies have been stored. +* Go to Chrome Menu -> Options -> Clear browsing data. Select + only the checkbox labeled cookies and click on 'Clear browsing + data'. +* Verification: There should be no cookies present under Chrome Menu + -> Options -> Under the Hood -> Show cookies. + +#### Test case: Find in Page (matches inside html pages, edit boxes, unicode text) + +* Pre-conditions/setup: None. +* Navigate to a simple page such as . Hit + 'Ctrl + F' Search for the word 'chromium'. +* Next, go to a website that has a text edit boxes (e.g. compose a + message in GMail). Type the following text in that box: 'the quick + brown fox quickly jumps over the lazy dog'. Hit Ctrl + F and enter + the search text 'QUICK'. +* Finally go to http://news.sina.com. Bring up the find in page dialog + and search for: 北美首頁. +* Verification: In each of the cases mentioned above, the search + should highlight every single occurrence of the search term in + Yellow. The search box should show a count of the occurrences as + well as the the occurrence it has currently focused on which is + highlighted in Orange. You should be able to toggle between each of + the highlighted search terms by clicking on the arrow icons in the + find dialog or by using the keyboard (F3 and Shift+F3). + +#### Test case: Tab dragging (screen edges) + +* Pre-conditions/setup: None. +* When you drag a tab to certain positions on the monitor, a docking + icon will appear. Release the mouse over the docking icon to have + the tab snap to the docking position instead of being dropped at the + same size as the original window. +* Verification: + * Monitor top: make the dropped tab maximized. + * Monitor left/right: make the dropped tab full-height and + half-width, aligned with the monitor edge. + * Monitor bottom: make the dropped tab full-width and half-height, + aligned with the bottom of the monitor. + * Browser-window left/right: fit the browser window and the + dropped tab side-by-side across the screen. + * Browser-window bottom: fit the browser window and the dropped + tab top-to-bottom across the screen. + +#### Test case: Profiles (open a tab in new profile, create a new profile) + +* Pre-conditions/setup: Start with a clean profile. Browse to a few + websites. Log on to your email account and choose to save passwords. + Download a few files. This will help populate your cache, cookies, + download history, etc in your current profile. +* Go to Chrome Menu -> Options -> New window in profile -> + <New Profile>. Create a new profile and name it (e.g. 'work'). + Leave the 'Create desktop shortcut...' box checked. +* Verification: There should be a new shortcut on your desktop called + 'Google Chrome for work' (or whatever profile name you choose). If + you double click on that shortcut, it should launch a new instance + of Google Chrome. This new instance should have an empty new tab + page. The history should be empty and there should be no cookies + present. + +#### Test case: Auto scroll + +* Pre-conditions/setup: None. +* Verification: On pages that have vertical and/or horizontal scroll + bars, if you press the mouse scroll wheel (middle-click) auto-scroll + should be enabled and the webpage should scroll as you move your + mouse. + +#### Test case: Downloads (download various types of file) + +* Pre-condition/setup: Start with a clean profile. +* Download different types of files (various types of file formats and + sizes). Note: please download files only from sources you trust. +* Verification: The files should get successfully downloaded to the + download location, which by default should be My + Documents\\Downloads. The download history page (Ctrl + J) should + list all the downloads. + +#### Test case: Downloads (change download location) + +* Pre-condition/setup: Start with a clean profile. +* Go to Chrome Menu -> Options -> Minor Tweaks and change the + download location to some other folder on your computer. +* Verification: All subsequent downloads should get downloaded to the + new download location. + +
+
+ +
+
\ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/touch-firmware-tests/TouchFWTests.png.sha1 b/chromium/docs/website/site/for-testers/touch-firmware-tests/TouchFWTests.png.sha1 new file mode 100644 index 00000000000..384629b566d --- /dev/null +++ b/chromium/docs/website/site/for-testers/touch-firmware-tests/TouchFWTests.png.sha1 @@ -0,0 +1 @@ +984d016397e0850f640082607769485e3056e092 \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/touch-firmware-tests/index.md b/chromium/docs/website/site/for-testers/touch-firmware-tests/index.md new file mode 100644 index 00000000000..86016d8a723 --- /dev/null +++ b/chromium/docs/website/site/for-testers/touch-firmware-tests/index.md @@ -0,0 +1,108 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: touch-firmware-tests +title: Touch Firmware Tests +--- + +[[TOC]](/for-testers/touch-firmware-tests/TouchFWTests.png) + +[ image](/for-testers/touch-firmware-tests/TouchFWTests.png) + +## Preparing the Testing Host + +These instructions describe how to set up the code and its dependencies on the +host, the workstation you will actually be running the tests *from*. Usually the +host is a normal development machine. It is not the device under test (DUT). + +### Initial setup + +The first time you configure the host to run touch firmware tests, the following +steps are required: + +1. Clone the git repo that contains the test scripts. It is possible to + clone the repo without a full Chrome OS checkout, by running the + following: `git clone + ` + This command creates a new `touch_firmware_test` directory in your + working directory, containing a number of Python scripts. +2. Install the [PyQtGraph](http://www.pyqtgraph.org/) plotting library, + which is a dependency for the touch firmware tests. Use the provided + installers for Ubuntu and Windows and follow the instructions on + [www.pyqtgraph.org](http://www.pyqtgraph.org) to install this + library. + +### Updating to the Latest Version + +If you have previously checked out the test source code, simply pull the latest +patches from the git server by navigating to the `touch_firmware_test` directory +and running the `git pull` command. + +## Preparing the DUT + +The firmware test works for both Android and Chrome devices. However, +configuration steps vary according to the type of DUT you are testing. + +### Android Devices + +1. Verify `adb` is installed on the testing host. You can follow the + steps [described on this + page](https://docs.google.com/document/d/1nRsKr6wZi5sWmdgzCy9Cx7yPykcuxu9gFccXroRLxBI) + or use a different procedure that works for your environment. +2. Connect your Android device to the testing host.On the host, you + must be able to connect to the DUT via `adb`. In the simple case the + DUT is physically connected to the host via USB. Other + configurations, such as adb-over-wifi, are also possible, as long as + `adb` can communicate with the DUT. +3. Enable USB Debugging on the DUT. Using [these + instructions](http://www.greenbot.com/article/2457986/how-to-enable-developer-options-on-your-android-phone-or-tablet.html) + or similar steps, enable Developer options on the Android device. In + the Developer options panel, select USB debugging. The exact + procedure depends on the device. If you cannot locate these features + on your device, search the Internet for “USB debugging + <*your-device-type*>”. +4. Verify the configuration of your DUT and testing host by running + `adb shell` in a terminal window on the host. It should open a + terminal connection to the DUT with a command prompt. + +### Chrome Devices + +1. Install a Chrome OS test image on the DUT. A test image is required + (versus a normal Chrome OS image) to allow the firmware test to use + ssh, evtest, and other testing utilities not included in release + images. To get a test image, from within your chroot run the + following: + +> `cd ~/trunk/scripts ./build_packages --board=$BOARD ./buildimage --board=$BOARD --noenable_rootfs_verification test ` +> where `BOARD` is the board name used in the Chrome device (also the name of +> the private overlay). Install the resulting image on the DUT. + +1. Connect the DUT to a network the testing host can access. A + USB-Ethernet adapter connected to a LAN is recommended, to minimize + lag and dropped connections. It is also feasible to use a wireless + connection. +2. Verify the configuration of your DUT and testing host by running the + command `ssh root@$DUT_IP` to connect to the DUT via SSH. If + prompted for a password, use `test0000`. A connection to the DUT + should be established. + +## Running the Test + +1. On the testing host, navigate to the `touch_firmware_test` directory + and run either: + +> `python main.py -t chromeos -a $IP_ADDRESS ` + +> for Chrome devices, or: + +> `python main.py -t android [-a $DEVICE_STRING] ` + +> for Android devices. To display additional command line parameters that +> configure the way the test runs, run `python main.py --help` . + +1. Follow the screen prompts and perform the gestures indicated on the + touchpad or touchscreen of the DUT. +2. When all the tests have run, a file named `report.html` is + generated. Open this file in a browser to view the results. \ No newline at end of file diff --git a/chromium/docs/website/site/for-testers/unhealthy-tests-report/index.md b/chromium/docs/website/site/for-testers/unhealthy-tests-report/index.md new file mode 100644 index 00000000000..58298c4eacf --- /dev/null +++ b/chromium/docs/website/site/for-testers/unhealthy-tests-report/index.md @@ -0,0 +1,8 @@ +--- +breadcrumbs: +- - /for-testers + - For Testers +page_name: unhealthy-tests-report +title: Unhealthy tests report +--- + diff --git a/chromium/docs/website/site/geforce-now-on-chromebooks/index.md b/chromium/docs/website/site/geforce-now-on-chromebooks/index.md new file mode 100644 index 00000000000..603ecfc4914 --- /dev/null +++ b/chromium/docs/website/site/geforce-now-on-chromebooks/index.md @@ -0,0 +1,297 @@ +--- +breadcrumbs: [] +page_name: geforce-now-on-chromebooks +title: NVIDIA GeForce NOW on Chromebooks +--- + +Chromebooks launched after June 2017 are eligible for 3 additional months of the +NVIDIA GeForce NOW founders membership. Here is a list of Chromebooks launched +before June 2017. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Devices released before June 2017
Acer Chromebook 15 (CB3-531)
Acer Chromebook 15 (CB3-532)
Acer Chromebook 13 (CB5-311, C810)
Acer Chromebook R11 (CB5-132T, C738T)
Acer Chromebook 14 (CB3-431)
Acer Chromebook 11 (C730E)
Acer Chromebook 14 for Work (CP5-471)
Acer Chromebook 11 (C740)
Acer C7 Chromebook
Acer Chromebook 11 (C720, C720P)
Acer Chromebook 15 (CB5-571, C910)
ASUS Chromebook Flip C302
ASUS Chromebook C300
ASUS Chromebook C200
ASUS Chromebook C202SA
Dell Chromebook 13 (3380)
Dell Chromebook 11 (3120)
Dell Chromebook 11 (3180)
Dell Chromebook 13 (7310)
Dell Chromebook 11
Google Chromebook Pixel
HP Chromebook 14 G3
HP Pavilion Chromebook 14
Haier Chromebook 11 G2
CTL J5 Chromebook
HP Chromebook 14
HP Chromebook 11 2100-2199
HP Chromebook 11 G3
HP Chromebook 13 G1
HP Chromebook 11 G2
HP Chromebook 11 G1
HP Chromebook 11 G5
HP Chromebook x360 11 G1 EE
ASI Chromebook
Bobicus Chromebook 11
Lenovo Chromebook N23 Yoga
Lenovo ThinkPad 11e 4th Gen Chromebook
Lenovo N20 Chromebook
Lenovo ThinkPad 11e Chromebook
Lenovo 100S Chromebook
Lenovo Chromebook N23
Lenovo ThinkPad 13 Chromebook
Lenovo Thinkpad X131e Chromebook
Samsung Chromebook Plus
Lenovo ThinkPad 11e 3rd Gen Chromebook
CTL NL61 Chromebook
Samsung Chromebook Pro
Samsung Chromebook 3
Samsung Chromebook Series 5 550
Samsung Chromebook 2 13"
Samsung Chromebook 2 11"
Samsung Chromebook - XE303
Samsung Chromebook 2 11" - XE500C12
Toshiba Chromebook 2 (2015 Edition)
Toshiba Chromebook
Toshiba Chromebook 2
\ No newline at end of file diff --git a/chromium/docs/website/site/getting-involved/become-a-committer/index.md b/chromium/docs/website/site/getting-involved/become-a-committer/index.md new file mode 100644 index 00000000000..a7f07ea4cdf --- /dev/null +++ b/chromium/docs/website/site/getting-involved/become-a-committer/index.md @@ -0,0 +1,199 @@ +--- +breadcrumbs: +- - /getting-involved + - Getting Involved +page_name: become-a-committer +title: Become a Committer +--- + +## [TOC] + +## What is a committer? + +Technically, a committer is someone who has write access to the Chromium src Git +repository. A committer can submit their own patches or patches from others. + +This privilege is granted with some expectation of responsibility: committers +are people who care about the Chromium projects and want to help them meet their +goals. A committer is not just someone who can make changes, but someone who has +demonstrated their ability to collaborate with the team, get the most +knowledgeable people to review code, contribute high-quality code, and follow +through to fix issues (in code or tests). + +A committer is a contributor to the Chromium projects' success and a citizen +helping the projects succeed. See [Committer's +responsibility](/developers/committers-responsibility). + +What is written below applies to the main Chromium source repos; see the note at +the bottom for ChromiumOS, which has different policies. For some other Chromium +repos (e.g., the infra repos), we follow the same policies as the main Chromium +repos, but have different lists of actual committers. Certain other repos may +have different policies altogether. When in doubt, ask one of the OWNERS of the +repo in question. + +## Becoming a committer + +In a nutshell, contribute 10-20 non-trivial patches in the [Chromium +src](https://chromium.googlesource.com/chromium/src/) Git repository, and get at +least three different people to review them (you'll need three people to support +you). Then ask someone to nominate you. You're basically demonstrating your + +* commitment to the project (10+ good patches requires a lot of your + valuable time), +* ability to collaborate with the team, +* understanding of how the team works (policies, processes for testing + and code review, + [OWNERS](http://www.chromium.org/developers/owners-files) files, + etc), +* understanding of the projects' code base and coding style, and +* ability to write good code (last but certainly not least) + +A current committer nominates you by sending email to committers@chromium.org +containing the following information. Please do not CC the nominee on the +nomination email. + +* your first and last name +* your email address. You can also ask to get an @chromium.org email + address at this time, if you don't already have one (see below). +* an explanation of why you should be a committer, +* embedded list of links to revisions (about top 10) containing your + patches + +Two other committers need to second your nomination. If no one objects in 5 +working days (U.S.), you're a committer. If anyone objects or wants more +information, the committers discuss and usually come to a consensus (within the +5 working days). If issues can't be resolved, there's a vote among current +committers. + +That's it! There is no further action you need to take on your part. The +committers will get back to you once they make a decision. + +In the worst case, this can drag out for two weeks. Keep writing patches! Even +in the rare cases where a nomination fails, the objection is usually something +easy to address like "more patches" or "not enough people are familiar with this +person's work." + +Once you get approval from the existing committers, we'll send you instructions +for write access to Git. You'll also be added to committers@chromium.org. If you +work for Google, you are expected to [become a +sheriff](/developers/tree-sheriffs) at this point as well (see the internal +instructions for how to add yourself to the rotations). + +Historically, most committers have worked at least partially on the Chromium +core product and thus demonstrated C++ coding ability in their CLs, but this is +not required. It is possible to be a committer if you only work on other parts +of the code base (e.g., build and test scripts in Python), but you still have to +demonstrate that you understand the processes of the project with a list of CLs +that you've landed. Committership is primarily a mark of trust, and we expect +committers to only submit or approve changes that they are qualified to review. +Failure to do so may result in your committership being revoked (also see below +for other reasons that you might get your committership revoked). + +## Other statuses + +If you just want to edit bugs, see: [Get Bug-Editing +Privileges](/getting-involved/get-bug-editing-privileges). + +### Getting a @chromium.org email address + +Many contributors to chromium have @chromium.org email addresses. These days, we +tend to discourage people from getting them, as creating them creates some +additional administrative overhead for the project and have some minor security +implications, but they are available for folks who want or need them. + +At this time there are only a few fairly rare cases where you really need one: + +* If you are an employee of a company that will not let you create + public Google Docs, and you wish to do so (e.g., to share public + design specs). Often you can work around this by having someone with + an account create the document for you and give you editing + privileges on it. +* If you need to do Chromium/ChromiumOS-related work on mailing lists + that for some reason tend to mark email addresses from your normal + email address as spam and you can't fix that (some mail servers are + known to have problems with DMARC, for example). + +It is also fine to get a @chromium.org address if you simply don't want your +primary email addresses to be public. Be aware, however, that if you're being +paid to contribute to Chromium your employer may wish you to use a specific +email address to reflect that. + +You can get a @chromium.org email address by getting an existing contributor to +ask for one for you; normally it's a good idea to do this as part of being +nominated to be a committer. Include in your request what account name you'd +like and what secondary email we can use to associate it with (and what company +you are affiliated with, if you wish to make that clear; we track this +affiliating internally but it isn't publicly visible). People tend to match +usernames (for example, someone who usually uses email@example.com would ask for +email@chromium.org) to minimize confusion, but you are not required to do so and +some people do not. + +### Try job access + +If you are contributing patches but not (yet) a committer, you may wish to be +able to run jobs on the [try servers](/developers/testing/try-server-usage) +directly rather than asking a committer or reviewer to do so for you. There are +two potential scenarios: + +You have an @chromium.org email address and wish to use it for your account: + +* If you have an @chromium.org email address, you most likely already + have try job access. If for some reason you do not, please send an + email to accounts@chromium.org with a brief explanation of why you'd + like access. + +You do not have an @chromium.org email address, or wish to use a different email +address. If this is your situation, the process to obtain try job access is the +following: + +* Ask someone you're working with (a frequent reviewer, for example) + to send email to accounts@chromium.org nominating you for try job + access. +* You must provide an email address and at least a brief explanation + of why you'd like access. +* It is helpful to provide a name and company affiliation (if any) as + well. +* It is very helpful to have already had some patches landed, but is + not absolutely necessary. + +If no one objects within two (U.S.) working days, you will be approved for +access. It may take an additional few days for the grant to propagate to all of +the systems (e.g., Rietveld) and for you to be notified that you're all set. + +Googlers can look up the committers list +[here](https://goto.google.com/chromium-committers). + +## Maintaining committer status + +A community of committers working together to move the Chromium projects forward +is essential to creating successful projects that are rewarding to work on. If +there are problems or disagreements within the community, they can usually be +solved through open discussion and debate. + +In the unhappy event that a committer continues to disregard good citizenship +(or actively disrupts the project), we may need to revoke that person's status. +The process is the same as for nominating a new committer: someone suggests the +revocation with a good reason, two people second the motion, and a vote may be +called if consensus cannot be reached. I hope that's simple enough, and that we +never have to test it in practice. + +In addition, as a security measure, if you are inactive on Gerrit for more than +a year, we may revoke your committer privileges and remove your email +address(es) from any OWNERS files. This is not meant as a punishment, so if you +wish to resume contributing after that, contact accounts@ to ask that it be +restored, and we will normally do so. This does not mean that we will shut off +your @chromium.org address, if you have one; that should continue to work. + +If you have questions about your committer status, overall, please contact +accounts@chromium.org. + +\[Props: Much of this was inspired by/copied from the committer policies of +[WebKit](http://www.google.com/url?q=http%3A%2F%2Fwebkit.org%2Fcoding%2Fcommit-review-policy.html&sa=D&sntz=1&usg=AFrqEze4W4Lvbhue4Bywqgbv-N5J66kQgA) +and +[Mozilla](http://www.google.com/url?q=http%3A%2F%2Fwww.mozilla.org%2Fhacking%2Fcommitter%2F&sa=D&sntz=1&usg=AFrqEzecK7iiXqV30jKibNmmMtzHwtYRTg).\] + +## Chromium OS Commit Access (Code-Review +2) + +Note that any registered user can do Code-Review +1. Only access to Code-Review ++2 in Chromium OS repos is restricted to Googlers and managed by team lead +[nominations](http://go/new-cros-committer-nomination). \ No newline at end of file diff --git a/chromium/docs/website/site/getting-involved/bug-triage/index.md b/chromium/docs/website/site/getting-involved/bug-triage/index.md new file mode 100644 index 00000000000..e56566e075d --- /dev/null +++ b/chromium/docs/website/site/getting-involved/bug-triage/index.md @@ -0,0 +1,183 @@ +--- +breadcrumbs: +- - /getting-involved + - Getting Involved +page_name: bug-triage +title: Triaging Bugs +--- + +You don’t have to be a programmer to contribute to the Chromium project. There +are always new bugs coming in, and those bugs need to be clarified, confirmed, +and routed to the right people before process of getting them fixed can even +begin. +If you are interested in helping with this important part of the project, here +are a few ways you can get started. Everything listed here except the parts in +italics and the "Categorizing bugs" section is something anyone can jump in and +start doing. Once you have been triaging for a while, you may want to consider +[getting permissions to edit bugs](/getting-involved/get-bug-editing-privileges) +so that you can do even more. + +[TOC] + +## Finding duplicates + +Many of the bugs that are filed are duplicates of existing bugs. Look through +the [unconfirmed +bugs](http://code.google.com/p/chromium/issues/list?can=2&q=status:unconfirmed&sort=-id&colspec=ID%20Stars%20Area%20Feature%20Status%20Summary%20Modified%20OS) +for any that are already filed. + +* If you can edit bugs: Close the new bug as a duplicate of the + existing bug. If there are several new duplicates of each other with + no established bug, use the one with the most information. +* If you can’t edit bugs, leave a comment with the number of the bug + it’s a duplicate of. Be sure to say “bug 12345” or “issue 12345” + instead of just the number, so the bug system will make it a link. + +The more you triage bugs, the more duplicates you will recognize immediately. If +you suspect something might be a duplicate but aren’t sure (such as with a +feature request that seems likely to have been made before), search for as many +of the variants of the key words in the bug as you can think of. Be sure to +search “All issues”, not the default of “Open issues” so that you can find +WontFixed bugs and other duplicates. + +## Clarifying and/or reproducing bugs + +Knowing how to reproduce a bug is the first step toward fixing it. The bug +template encourages people to provide steps to reproduce a bug, but sometimes +the steps are missing, unclear, or just don’t work for everyone. Note that if +something is clearly a feature request, rather than a bug report, you should +skip this step. + +Look through the [unconfirmed +bugs](http://code.google.com/p/chromium/issues/list?can=2&q=status:unconfirmed&sort=-id&colspec=ID%20Stars%20Area%20Feature%20Status%20Summary%20Modified%20OS) +for reports that nobody has tried to reproduce. + +* If you can reproduce the bug: + * Leave a comment saying so, and include your Chromium version and + OS. + * If the steps were unclear, it’s helpful to leave more detailed + steps. + * If you weren’t testing with the latest version of Chromium, try + there, and see if it’s still reproducible, and add that + information to your comment as well. + * If the bug is with web content, and you have access to browsers + that the reporter didn’t test, try with those browsers and + report your results. + * If you can edit bugs, and have tried to make sure that it’s not + a duplicate, change it from Unconfirmed to Untriaged. +* If you feel that the steps were clear but you couldn’t reproduce the + bug: + * Leave a comment saying that you couldn’t reproduce it, including + your Chromium version and OS. + * **Note:** If you are using an older version of Chromium than + the reporter, you should do this only if you **can** + reproduce it with a newer version (indicating a regression). + * If you were using a different version of Chromium, and have + access to the version it was reported with, try with that + version. + * If the reporter doesn’t say what version they are using, ask for + that information. If the bug is related to OS-specific code + (browser chrome, plugins, etc.), ask for their OS if it’s not in + the report. + * If there is any other clarifying information that you think + would help, ask for that. +* If the steps and/or results are missing or unclear, so that you + can’t tell either what the bug is, or how to reproduce it: + * Ask for details. Be specific about what you need to know, as + people often leave out steps without realizing it because + something is obvious to them. + * If it would be helpful, ask for a screenshot of the bug. + * If you can edit bugs: Add the Needs-Feedback label. + +## Cleaning up old bugs + +While it’s most important to get new bugs triaged, as they are most likely to be +relevant, there are also a number of old bugs that nobody has had time to follow +up on. It can be helpful to go through old unconfirmed bugs to weed out the ones +that aren’t relevant any more. All the advice above applies, but there are a few +extra things to consider with old bugs: + +* If you can’t reproduce the bug, ask the user if they can still + reproduce the bug with a current version of Chromium. +* For feature requests, if the request is about feature that has + changed enough that the request no longer applies, add a comment + saying so. + * If you can edit bugs: Close the bug as WontFix (which we use for + obsolete bugs) +* If the bug doesn’t contain enough information to be confirmed and + someone has asked for clarifying information that was never + provided, politely ask again for that information. + * If you can edit bugs: + * If the bug has been waiting for information for over a + month, and there has already been at least one reminder, add + a comment saying that the bug is being closed due to lack of + response and that a new bug should be filed with the + requested information if it’s still reproducible, then close + the bug as WontFix. + * Otherwise, add the Needs-Feedback label if it’s not already + there. + +## Creating reduced test cases + +For bugs that are about compatibility with specific sites, creating a reduced +test case is extremely helpful. If you are familiar with HTML, CSS, and/or +Javascript, this is a great way to use your skills to help improve Chromium. + +Look through the +[Compat](http://code.google.com/p/chromium/issues/list?can=2&q=area:compat&sort=-id&colspec=ID%20Stars%20Pri%20Area%20Feature%20Type%20Status%20Summary%20Modified%20Owner%20Mstone%20OS) +bugs for issues that haven’t already been tracked down to a specific problem—the +Needs-Reduction label is helpful in finding these, but it doesn’t always get +added. Once you can reproduce a problem, [try to +isolate](/system/errors/NodeNotFound) exactly what in the +HTML/CSS/JavaScript/etc. is responsible for the failure. + +* If the problem is that the site is doing something wrong: + * Explain in detail what is causing the problem. + * Suggest that the bug reporter contact the site to let them know + about the problem. + * If you can edit bugs: Add the **Needs-**Evangelism label. +* If the problem is due to a bug in Chromium: + * Explain in detail what is isn’t working right. + * If possible, attach a minimal test case that demonstrates the + underlying bug. + * If possible, test with Safari as well to see if the bug happens + there, and report your results + * If you can edit bugs: change the component field to Blink. If + its status is Unconfirmed, change it to Untriaged. + +## Categorizing bugs + +Once you can [edit bugs](/getting-involved/get-bug-editing-privileges), giving +bugs the correct labels helps them move through the triage process faster. There +are a lot of labels, here are the most important for incoming bugs: + +* If the bug has no Components, please assign it to a bucket: + * Blink == Web Content + * Internals == Internals (Network stack, plugins, etc...) + * Platform == Chrome's Developer Platform and Tools (Ext, AppsV2, + NaCl, DevTools) + * UI>Shell == ChromeOS Shell/ Window Manager + * UI>Browser == Browser + * OS>Hardware + * OS>Kernel + * OS>Systems + * If the bug/feature is about specific web technology, add the + appropriate Blink>\* sub component instead. + * If the bug is about a web site not working correctly, and hasn’t + been narrowed down to a specific cause, use Type-Compat, and add + **Needs-Reduction**. + * Try to find the best match; if it’s borderline, use your best + guess. +* If the bug is about a crash or hang, add the **Stability-**Crash or + **Stability-Hang** label. +* If the bug is about a language translation, add the + **UI>Localization** component. +* If the bug is in an area that tends to be OS-specific (browser + chrome, plugins), and the report includes the OS (or you can tell + from a screenshot), add the appropriate OS-\* label. If there’s no + reason to believe the bug is OS-specific, or if it’s a feature + request, it’s best not to add an OS label. + +Most of the remaining labels are very specialized, and it’s best not to use them +unless you know otherwise. Never add or change ReleaseBlock-\* or Milestone-\* +labels. \ No newline at end of file diff --git a/chromium/docs/website/site/getting-involved/dev-channel/index.md b/chromium/docs/website/site/getting-involved/dev-channel/index.md new file mode 100644 index 00000000000..abbb49878a8 --- /dev/null +++ b/chromium/docs/website/site/getting-involved/dev-channel/index.md @@ -0,0 +1,208 @@ +--- +breadcrumbs: +- - /getting-involved + - Getting Involved +page_name: dev-channel +title: Chrome Release Channels +--- + +[TOC] + +Chrome supports a number of different release channels. We use these channels to +slowly roll out updates to users, starting with our close to daily Canary +channel builds, all the way up to our Stable channel releases that happen every +6 weeks roughly. + +### Channels + +#### Windows 64-bit + +All channels may be run in parallel -- they install into distinct directories +and use dedicated User Data directories. + +* [Stable channel for Windows + (64-bit)](https://www.google.com/chrome/browser/?platform=win64) +* [Beta channel for Windows + (64-bit)](https://www.google.com/chrome/browser/beta.html?platform=win64) +* [Dev channel for Windows + (64-bit)](https://www.google.com/chrome/browser/index.html?extra=devchannel&platform=win64) +* [Canary build for Windows + (64-bit)](https://www.google.com/chrome/browser/canary.html?platform=win64) + +#### Windows 32-bit + +All channels may be run in parallel -- they install into distinct directories +and use dedicated User Data directories. + +* [Stable channel for Windows + (32-bit)](https://www.google.com/chrome/browser/?platform=win) +* [Beta channel for Windows + (32-bit)](https://www.google.com/chrome/browser/beta.html?platform=win) +* [Dev channel for Windows + (32-bit)](https://www.google.com/chrome/browser/index.html?extra=devchannel&platform=win) +* [Canary build for Windows + (32-bit)](https://www.google.com/chrome/browser/canary.html?platform=win) + +#### Mac + +All channels may be run in parallel -- they install into distinct directories +and use dedicated User Data directories. + +* [Stable channel for + Mac](https://www.google.com/chrome/browser/?platform=mac) +* [Beta channel for + Mac](https://www.google.com/chrome/browser/beta.html?platform=mac&extra=betachannel) +* [Dev channel for + Mac](https://www.google.com/chrome/browser/?platform=mac&extra=devchannel) +* [Canary build for + Mac](https://www.google.com/chrome/browser/canary.html?platform=mac) + +#### Android + +* [Stable channel for + Android](https://play.google.com/store/apps/details?id=com.android.chrome) +* [Beta channel for + Android](https://play.google.com/store/apps/details?id=com.chrome.beta) +* [Dev channel for + Android](https://play.google.com/store/apps/details?id=com.chrome.dev) +* [Canary channel for + Android](https://play.google.com/store/apps/details?id=com.chrome.canary) + +#### iOS + +* [Stable channel for + iOS](https://itunes.apple.com/us/app/chrome-web-browser-by-google/id535886823?mt=8) +* [Beta channel for iOS](https://testflight.apple.com/join/LPQmtkUs) + +#### Linux + +* [Stable + channel](https://www.google.com/chrome/browser/?platform=linux) +* [Beta + channel](https://www.google.com/chrome/browser/beta.html?platform=linux) +* [Dev + channel](https://www.google.com/chrome/browser/?platform=linux&extra=devchannel) + +### How do I choose which channel to use? + +The release channels for chrome range from the most stable and tested (Stable +channel) to completely untested and likely least stable (Canary channel). You +can run all channels alongside all others, as they do not share profiles with +one another. This allows you to play with our latest code, while still keeping a +tested version of Chrome around. + +* **Stable channel:** This channel has gotten the full testing and + blessing of the Chrome test team, and is the best bet to avoid + crashes and other issues. It's updated roughly every two-three weeks + for minor releases, and every 6 weeks for major releases. +* **Beta channel:** If you are interested in seeing what's next, with + minimal risk, Beta channel is the place to be. It's updated every + week roughly, with major updates coming every six weeks, more than a + month before the Stable channel will get them. +* **Dev channel:** If you want to see what's happening quickly, then + you want the Dev channel. The Dev channel gets updated once or twice + weekly, and it shows what we're working on right now. There's no lag + between major versions, whatever code we've got, you will get. While + this build does get tested, it is still subject to bugs, as we want + people to see what's new as soon as possible. +* **Canary build:** Canary builds are the bleeding edge. Released + daily, this build has not been tested or used, it's released as soon + as it's built. +* **Other builds:** If you're extra brave, you can download the latest + working (and that's a very loose definition of working) build from + [download-chromium.appspot.com](https://download-chromium.appspot.com/). + You can also look for a more specific recent build by going to [the + Chromium continuous build waterfall](http://build.chromium.org), + looking at the number near the top under "LKGR", and then going to + [this Google Storage + bucket](http://commondatastorage.googleapis.com/chromium-browser-continuous/index.html) + and downloading the corresponding build. + +**Note**: Early access releases (Canary builds and Dev and Beta channels) will +be only partly translated into languages other than English. Text related to new +features may not get translated into all languages until the feature is released +in the Stable channel. + +### What should I do before I change my channel? + +#### Back up your data! + +Before you switch, you should make a backup of your profile (bookmarks, most +visited pages, history, cookies, etc). If you ever want to switch back to a more +stable channel, your updated profile data might not be compatible with the older +version. +Make a copy of the User Data\\Default directory (for example, copy it to +'Default Backup' in the same location). The location depends on your operating +system: +> Windows XP: + +> * Stable, beta, and dev channels: \\Documents and + Settings\\%USERNAME%\\Local Settings\\Application + Data\\Google\\Chrome\\User Data\\Default +> * Canary builds: \\Documents and Settings\\%USERNAME%\\Local + Settings\\Application Data\\Google\\Chrome SxS\\User Data\\Default + +> Windows Vista, 7, 8 or 10: + +> * Stable channel: + \\Users\\%USERNAME%\\AppData\\Local\\Google\\Chrome\\User + Data\\Default +> * Beta channel: \\Users\\%USERNAME%\\AppData\\Local\\Google\\Chrome + Beta\\User Data\\Default +> * Dev channel: \\Users\\%USERNAME%\\AppData\\Local\\Google\\Chrome + Dev\\User Data\\Default +> * Canary builds: \\Users\\%USERNAME%\\AppData\\Local\\Google\\Chrome + SxS\\User Data\\Default + +> Mac OS X: + +> * Stable channels, as well as older beta and dev channels: + ~/Library/Application Support/Google/Chrome/Default +> * Beta channel: ~/Library/Application Support/Google/Chrome + Beta/Default +> * Dev channel: ~/Library/Application Support/Google/Chrome + Dev/Default +> * Canary builds: ~/Library/Application Support/Google/Chrome + Canary/Default + +> Linux: + +> * ~/.config/google-chrome/Default + +Note:If you're using Explorer to find the folder, you might need to set **Show +hidden files and folders** in **Tools > Folder Options... > View**. + +### Reporting Dev channel and Canary build problems + +Remember, Dev channel browsers and Canary builds may still crash frequently. +Before reporting bugs, consult the following pages: + +* [Bug Life Cycle and Reporting + Guidelines](/for-testers/bug-reporting-guidelines) +* See [ + bug-reporting-guidlines-for-the-mac-linux-builds](/for-testers/bug-reporting-guidlines-for-the-mac-linux-builds) + before reporting problems in Mac or Linux Dev channel builds + + If after reading the above, you think you have a real bug, file it - + +### Going back to a more stable channel + +* If you decide to switch from Dev to Beta or from Beta to Stable, the + new channel will be on an earlier version of Google Chrome. You + won't get automatic updates on that channel until it reaches a + version later than what you're already running. +* You can uninstall Google Chrome and re-install from + to go back to an earlier version. +* If you re-install an older version, you might find that your profile + is not compatible (because the data formats changed in the newer + version you had been running). You'll have to delete your profile + data. Delete the User Data\\Default folder (see the Before You + Change Channels section above for the location). If you made a back + up of your Default directory, you can then rename it to Default so + that you at least restore some of your previous bookmarks, most + visited pages, etc. +* If the installer fails when you attempt to install an older version + with a message indicating that your computer already has a more + recent version of Chrome or Chrome Frame, you must also uninstall + Chrome Frame. After doing so, the newer version of Chrome should + install without difficulty. \ No newline at end of file diff --git a/chromium/docs/website/site/getting-involved/dev-channel/wrench.png.sha1 b/chromium/docs/website/site/getting-involved/dev-channel/wrench.png.sha1 new file mode 100644 index 00000000000..77108455354 --- /dev/null +++ b/chromium/docs/website/site/getting-involved/dev-channel/wrench.png.sha1 @@ -0,0 +1 @@ +f942169edbc2fa5b5ad0ac0893195ae74c81ca48 \ No newline at end of file diff --git a/chromium/docs/website/site/getting-involved/download-chromium/index.md b/chromium/docs/website/site/getting-involved/download-chromium/index.md new file mode 100644 index 00000000000..9106230bee3 --- /dev/null +++ b/chromium/docs/website/site/getting-involved/download-chromium/index.md @@ -0,0 +1,74 @@ +--- +breadcrumbs: +- - /getting-involved + - Getting Involved +page_name: download-chromium +title: Download Chromium +--- + +You can test Chrome builds or Chromium builds. Chrome builds have the most +infrastructure for analyzing crashes and reporting bugs. They also auto-update +as new releases occur, which makes them a good choice for most uses. [Chrome +Canary](https://tools.google.com/dlpage/chromesxs) is available for Windows and +Mac and autoupdates daily. [Other channels](/getting-involved/dev-channel/) (dev +and beta) are available. + +Chromium builds do not auto-update, and do not have symbols. This makes them +most useful for checking whether a claimed fix actually works. Use the following +instructions to find builds: + +### Easy Point and Click for latest build: + +> Open up + +### Easy Script to download and run latest Linux build: + +* + +### Not-as-easy steps: + +1. Head to + +2. Choose your platform: Mac, Win, Linux, ChromiumOS +3. Pick the Chromium build number you'd like to use + 1. The latest one is mentioned in the `LAST_CHANGE` file +4. Download the zip file containing Chromium +5. There is a binary executable within to run + +### Please [file bugs](https://crbug.com/new) as appropriate. + +## Downloading old builds of Chrome / Chromium + +Let's say you want a build of Chrome 44 for debugging purposes. Google does not +offer old builds as they do not have up-to-date security fixes. + +However, you can get a build of Chromium 44.x which should mostly match the +stable release. + +Here's how you find it: + +1. Look in + + for the last time "44." was mentioned. +2. Loop up that version history ("44.0.2403.157") in the [Position + Lookup](https://omahaproxy.appspot.com/) +3. In this case it returns a base position of "330231". This is the + commit of where the 44 release was branched, back in May 2015.\* +4. Open the [continuous builds + archive](https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html) +5. Click through on your platform (Linux/Mac/Win) +6. Paste "330231" into the filter field at the top and wait for all the + results to XHR in. +7. Eventually I get a perfect hit: + + 1. Sometimes you may have to decrement the commit number until you + find one. +8. Download and run! + +\* As this build was made at 44 branch point, it does not have any commits +merged in while in beta. + +Typically that's OK, but if you need a true build of "44.0.*2403*.x" then you'll +need to build Chromium from the *2403* branch. Some +PortableApps/PortableChromium sites offer binaries like this, due to security +concerns, the Chrome team does not recommend running them. \ No newline at end of file diff --git a/chromium/docs/website/site/getting-involved/get-bug-editing-privileges/index.md b/chromium/docs/website/site/getting-involved/get-bug-editing-privileges/index.md new file mode 100644 index 00000000000..57e79a34bbf --- /dev/null +++ b/chromium/docs/website/site/getting-involved/get-bug-editing-privileges/index.md @@ -0,0 +1,60 @@ +--- +breadcrumbs: +- - /getting-involved + - Getting Involved +page_name: get-bug-editing-privileges +title: Get Bug-Editing Privileges +--- + +#### [TOC] + +## What are bug-editing privileges? + +Anyone can file bugs and add comments to bugs, but some things—adding labels, +marking duplicates, changes status—require extra permissions. +There’s [plenty you can do to help with triage](/getting-involved/bug-triage) +without any extra permissions, but if you are doing a lot of triage you can be +even more effective if you can edit bugs. Just as with [becoming a +committer](/getting-involved/become-a-committer), however, these extra +permissions comes with an expectation of responsibility. + +## How do I get bug-editing privileges? + +***Note:** The instructions below are for someone who is getting involved +specifically through triage. If you need bug editing permissions for some other +reason, and someone on the Chromium team can vouch for you, that person should +nominate you directly via the committers@chromium.org list.* + +First, spend at least a few weeks triaging bugs as described in the [triage +guidelines](/getting-involved/bug-triage), doing the parts that don't require +extra permissions and aiming to make significant contributions to at least 20-30 +bugs. This is to demonstrate that you are committed to helping triage bugs, that +you understand the triage process, and that you can work with the rest of the +Chromium community. +Once you’ve done that, email a Chromium contributor who is familiar with your +triage work (for instance, a developer who has worked with some of the bugs you +have triaged) and ask them to review your triage contributions; include a +reference to this page since they may not be familiar with the process. They +should either provide feedback, or start the formal nomination process with the +committers list (if they aren't sure how to evaluate, or nominate, they can +email accounts@ to ask for help). As with becoming a committer, the final +decision will be made by the committers@chromium.org list. +A few things to keep in mind while you are getting started with triage, which +will help ensure that the nomination process goes smoothly: + +* Be polite in bugs. When you triage bugs, your comments will often be + seen by bug reporters as representing the Chromium project. +* Be professional. Again, your comments will be viewed in a different + light when you have more privileges in the bug system. Don’t make + disparaging comments about specific sites, browsers, people, etc. +* Keep triaging separate from opinion. You may not agree with a + feature request or a claim that a certain behavior is a bug, but as + a triager your job is to get that bug routed to the right people to + evaluate it, not to make a decision about whether it should be + implemented. + +Once your nomination is approved, you will receive a follow-up email with +instructions for enabling your new permissions. + +**Googler?** You can request a Chromium account or join the +*chromium-bug-access* group. \ No newline at end of file diff --git a/chromium/docs/website/site/getting-involved/index.md b/chromium/docs/website/site/getting-involved/index.md new file mode 100644 index 00000000000..3ca39bfd299 --- /dev/null +++ b/chromium/docs/website/site/getting-involved/index.md @@ -0,0 +1,38 @@ +--- +breadcrumbs: [] +page_name: getting-involved +title: Getting Involved +--- + +Here are some ways you can get involved with Chromium: + +* Join some of our [developer discussion groups](/developers/discussion-groups) +* Visit the [Help + Center](https://productforums.google.com/forum/#!forum/chrome) and + answer users' questions +* Help with [Testing](/for-testers) + * Provide [reduced test cases](/system/errors/NodeNotFound) to + help improve web compatibility + * Get on the [Beta or Dev channel](/getting-involved/dev-channel) + or grab the [latest trunk build of + Chromium](/getting-involved/download-chromium) + * [File bugs](http://code.google.com/p/chromium/issues/entry) + * [Triage bugs](/getting-involved/bug-triage) to make existing bug + reports more useful + * [Report + translation](http://code.google.com/p/chromium/issues/entry?template=Translation%20Issue) + issues +* Develop Chromium + * See the pages for [Developers](/developers) + * Read the [Life of a Chromium + Developer](https://docs.google.com/presentation/d/1abnqM9j6zFodPHA38JG1061rG2iGj_GABxEDgZsdbJg) + introduction and the [Contributing](/developers/contributing-code) page + * Adopt a bug that's marked + [GoodFirstBug](http://code.google.com/p/chromium/issues/list?q=Hotlist:GoodFirstBug&can=2) + * Submit [patches](/developers/contributing-code) (submit enough + and you can [become a committer](/getting-involved/become-a-committer)!) + * Optionally apply for a Chromium account by emailing + [accounts@chromium.org](mailto:accounts@chromium.org) (Note: you + must already be approved as a committer) (if you're a Googler, + click [here](https://docs.google.com/forms/d/e/1FAIpQLSfihgUcSmNz3g1iGIyHX-n9NWUi2oCuMh8JtKJGR2gPZiQnKw/viewform) + instead) diff --git a/chromium/docs/website/site/getting-involved/summerofcode2013/index.md b/chromium/docs/website/site/getting-involved/summerofcode2013/index.md new file mode 100644 index 00000000000..0992175dce6 --- /dev/null +++ b/chromium/docs/website/site/getting-involved/summerofcode2013/index.md @@ -0,0 +1,79 @@ +--- +breadcrumbs: +- - /getting-involved + - Getting Involved +page_name: summerofcode2013 +title: SummerOfCode2013 +--- + +**Mentors** + +Add your ideas below with your name as a possible mentor. [Register with GSOC as +a +mentor](https://google-melange.appspot.com/gsoc/profile/mentor/google/gsoc2013?org=chromium) +using your chromium.org account. + +**Students** + +Since Chromium is a huge project and Summer of Code is in just a few months, you +will be a lot more successful tackling these projects if you contributed patches +to Chromium before. + +The [For Developers page](/developers) contains information on how to check out +the source code and build Chromium. + +Here are a few project ideas you might want to work on: + +**Improvements to flakiness dashboard** + +Possible mentors: Ojan Vafai + +Chromium has a dashboard for flaky tests. If many tests fail in one run, +appengine times out during results upload. This should be fixed. + + + +**De-flake Instant Extended browser tests, write unit tests** + +Possible mentors: ? + +The new Instant Extended feature has some browser tests that are flaky, and +could also use unit tests. + +**Debug disabled tests** + +Possible mentors: ? + +Many of our tests are marked as DISABLED_. Debug the ones that fail reliably, +fix whatever bugs you uncover, and enable the test again. + +**Improvements to the Dr. Memory memory debugging tool** + +Possible mentors: Derek Bruening, Qin Zhao + +Dr. Memory finds memory-based errors (buffer overflows, use-after-free, etc.) in +Chromium code on Windows. The tool needs additional work in order to find +uninitialized reads on graphical Chromium tests and running the full browser +without false positives. See [further information and a list of Dr. +Memory-specific projects](http://code.google.com/p/drmemory/wiki/Projects). + +**SPDY compliance tests** + +Possible mentors: Fred Akalin + +It would be really useful to have a suite of tests to validate that a SPDY +client or server conforms to the spec. httpbis (the next version of HTTP) will +be based on SPDY, so this work could dovetail into compliance tests for httpbis +also. The best language for the tests is probably Python. + +**Your own idea!** + +If you have an idea you would like to propose, email +[chromium-dev](https://groups.google.com/a/chromium.org/group/chromium-dev/topics?pli=1) +with the following: + +* Your name +* What school you go to / what year of school / what degree +* One/two line proposal summary +* Details +* Possible mentors, if any \ No newline at end of file diff --git a/chromium/docs/website/site/glossary/index.md b/chromium/docs/website/site/glossary/index.md new file mode 100644 index 00000000000..636c556dedd --- /dev/null +++ b/chromium/docs/website/site/glossary/index.md @@ -0,0 +1,8 @@ +--- +breadcrumbs: [] +page_name: glossary +title: GLOSSARY +--- + +Moved to + \ No newline at end of file diff --git a/chromium/docs/website/site/hsts/email.png.sha1 b/chromium/docs/website/site/hsts/email.png.sha1 new file mode 100644 index 00000000000..0afcb7647ad --- /dev/null +++ b/chromium/docs/website/site/hsts/email.png.sha1 @@ -0,0 +1 @@ +fbebb4217fd2484826df2459aa83583a4b77a598 \ No newline at end of file diff --git a/chromium/docs/website/site/hsts/index.md b/chromium/docs/website/site/hsts/index.md new file mode 100644 index 00000000000..3a3511fd8ba --- /dev/null +++ b/chromium/docs/website/site/hsts/index.md @@ -0,0 +1,60 @@ +--- +breadcrumbs: [] +page_name: hsts +title: HTTP Strict Transport Security +--- + +[HTTP Strict Transport Security](https://tools.ietf.org/html/rfc6797) allows a +site to request that it always be contacted over HTTPS. HSTS is supported in +Google Chrome, +[Firefox](https://blog.mozilla.org/security/2012/11/01/preloading-hsts/), +Safari, Opera, Edge and +[IE](https://web.archive.org/web/20150217020413/https://blogs.msdn.com/b/ie/archive/2015/02/16/http-strict-transport-security-comes-to-internet-explorer.aspx) +(caniuse.com has a [compatibility +matrix](https://caniuse.com/#feat=stricttransportsecurity)). + +The issue that HSTS addresses is that users tend to type `http://` at best, and +omit the scheme entirely most of the time. In the latter case, browsers will +insert `http://` for them. + +However, HTTP is insecure. An attacker can grab that connection, manipulate it +and only the most eagle eyed users might notice that it redirected to +`https://www.bank0famerica.com` or some such. From then on, the user is under the +control of the attacker, who can intercept passwords, etc at will. + +An HSTS enabled server can include the following header in an HTTPS reply: + +``` +Strict-Transport-Security: max-age=16070400; includeSubDomains +``` + +When the browser sees this, it will remember, for the given number of seconds, +that the current domain should only be contacted over HTTPS. In the future, if +the user types `http://` or omits the scheme, HTTPS is the default. In fact, all +requests for URLs in the current domain will be redirected to HTTPS. (So you +have to make sure that you can serve them all!). + +For more details, see the [specification](https://tools.ietf.org/html/rfc6797). + +Preloaded HSTS sites + +There is still a window where a user who has a fresh install, or who wipes out +their local state, is vulnerable. Because of that, Chrome maintains an "HSTS +Preload List" (and other browsers maintain lists based on the Chrome list). +These domains will be configured with HSTS out of the box. + +If you own a site that you would like to see included in the preloaded HSTS list +you can submit it at . + +Examining the HSTS list within the browser + +You can see the current HSTS Rules -- both dynamic (set by a response header) +and static (preloaded) using a tool on the `about://net-internals#hsts` page. + +Check the source for the [full +list](https://cs.chromium.org/chromium/src/net/http/transport_security_state_static.json). + +(To see the version of the list in a particular version of Chrome, visit [this +URL](https://chromium.googlesource.com/chromium/src/+/__branch_commit__/net/http/transport_security_state_static.json) +with `__branch_commit__` replaced by the hash of the relevant build from +[here](https://omahaproxy.appspot.com/).) \ No newline at end of file diff --git a/chromium/docs/website/site/index.md b/chromium/docs/website/site/index.md new file mode 100644 index 00000000000..32cf5f75405 --- /dev/null +++ b/chromium/docs/website/site/index.md @@ -0,0 +1,3 @@ +--- +redirect: /chromium-projects +--- diff --git a/chromium/docs/website/site/infra/index.md b/chromium/docs/website/site/infra/index.md new file mode 100644 index 00000000000..018842ee45d --- /dev/null +++ b/chromium/docs/website/site/infra/index.md @@ -0,0 +1,27 @@ +--- +breadcrumbs: [] +page_name: infra +title: Infra +--- + +Infrastructure ('infra') refers to all of the servers and tools which the +Chromium project depends on for development. + +Most of these are maintained at Google by a dedicated team, but (almost) all of +these are modifiable by anyone in the Chromium project. + +To check out (most) of the Chromium Infra code use: + +```none +fetch infra +``` + +Join [infra-dev@chromium.org](mailto:infra-dev@chromium.org) for discussion of +Chromium infrastructure related issues. + +Most of the documentation is now at: +. + +Google employees can also find more information at the [internal Chrome +Infrastructure](https://sites.google.com/a/google.com/chrome-infrastructure/) +site. \ No newline at end of file diff --git a/chromium/docs/website/site/irc-support-faq/index.md b/chromium/docs/website/site/irc-support-faq/index.md new file mode 100644 index 00000000000..cf137f057f9 --- /dev/null +++ b/chromium/docs/website/site/irc-support-faq/index.md @@ -0,0 +1,27 @@ +--- +breadcrumbs: [] +page_name: irc-support-faq +title: IRC Support FAQ +--- + +## What's the latest version? + +You can find out from , which displays +the latest versions of each channel for each platform directly from the +autoupdate service. + +## Where can I find old Chrome binaries? + +Chrome binaries are only available through the installer (available from +) and the autoupdate system. There is no official +source of Chrome binaries older than the current stable channel, because: + +1. There are frequently unpatched security bugs in older versions, + since patches are only backported to current stable/beta/dev at the + time of patching. +2. The support burden of supporting older channels, which often have + bugs that are fixed in later channels, is very heavy. + +If you are a developer looking to build an old version to bisect a bug of check +for a regression, please see the [developers +page](http://www.chromium.org/developers). \ No newline at end of file diff --git a/chromium/docs/website/site/irc/index.md b/chromium/docs/website/site/irc/index.md new file mode 100644 index 00000000000..d4cc947f925 --- /dev/null +++ b/chromium/docs/website/site/irc/index.md @@ -0,0 +1,12 @@ +--- +breadcrumbs: [] +page_name: irc +title: irc +--- + +As of 2021-06-16, the Chromium project has [formally moved off +IRC](https://groups.google.com/a/chromium.org/g/chromium-dev/c/y9i16lBQ5bY) and +will no longer maintain official IRC channels on Freenode or any other network. +Developer conversations have moved to [Slack](/developers/slack); user +conversations have moved to mailing lists; issue reports should go to the bug +tracker. \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/autotriage/index.md b/chromium/docs/website/site/issue-tracking/autotriage/index.md new file mode 100644 index 00000000000..a80cc68f8d8 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/autotriage/index.md @@ -0,0 +1,176 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: autotriage +title: 'Sheriffbot: Auto-triage Rules for Bugs' +--- + +[TOC] + +Bug reporting, triage and fixing are essential parts of the software development +process. In large software projects such as Chromium, the bug tracking system is +the central hub for coordination that collects informal comments about bug +reports and development issues. Hundreds of bug reports are submitted every day, +and the triage process is often error prone, tedious, and time consuming. In +order to make triage more efficient, we automate certain tasks. + +Googlers can view sheriffbot's source at +[go/sheriffbot-source](https://goto.google.com/sheriffbot-source). Please file +issues with Sheriffbot +[here](https://bugs.chromium.org/p/chromium/issues/entry?components=Tools%3EStability%3ESheriffbot). + +### Unconfirmed bugs which are not updated for a year + +* Purpose: Bugs often slip through the cracks. If they've gone + unconfirmed for over a year, it is unlikely that any progress + will be made. +* Action: Set the status to **Archived**. + +### Available bugs which have no associated component and have not been modified for a year + +* Purpose: Clear out bug backlog by archiving bugs which are + unlikely to receive attention and let reporters know that they + should re-file if they still care about the issue. +* Action: Add a comment and change the status to **Archived**. + +### Available bugs with an associated component and are not modified for a year + +* Purpose: Recirculate stale bugs in case they were mistriaged + initially. +* Action: Add a comment, apply the tracking label + **Hotlist-Recharge-Cold** and change the status to + **Untriaged**. The **Hotlist-Recharge-Cold** label is applied + for tracking purposes, and should not be removed after + re-triaging the issue. + +### Launch bug for experimental features - update and clean up + +* Launch bugs that are at least 3 milestones older than current + stable: + * Purpose: In this case, we assume that the launch bug has + been forgotten and that the feature has already shipped. + * Action: Add a warning message asking for review. If no + action is taken after 30 days, set the status to + **Archived**. +* Launch bugs with no milestone and are not modified in the last + 90 days: + * Purpose: Launch bugs should always be targeted for a + specific milestone, so something has gone wrong if a bug is + in this state. + * Action: Add a comment requesting that an appropriate + milestone is applied to the issue. + +### Needs-Feedback bugs, which received feedback. + +* Purpose: Developers often request feedback, but don't + follow-up after it is received. +* Action: If a reporter has provided feedback, remove the + **Needs-Feedback** label, and add the feedback requester to the + bug cc'list. + +### Needs-Feedback bugs where feedback is not received for more than 30 days + +* Purpose: If required feedback is not received, it is unlikely + that any progress can be made on the issue. +* Action: Add a comment and set the status to **Archived**. + +### P0 bug reminders + +* Purpose: P0 bugs are critical bugs which require immediate + action. +* Action: If the bug is open for more than 3 days, we leave a + comment as a reminder. Note that a maximum of 2 nags will be + applied to the issue. + +### TE-Verified bugs which are not modified for 90 days *(This rule has been removed as of 08/04/16. Reference bug: 630626)* + +* Purpose: Developers often forget to close bugs out after they've + been verified. +* Action: Set the status to **Archived**. + +### Medium+ severity security bug nags on issues not updated by their owners in the last 14 days + +* Purpose: Security vulnerabilities are serious threats to our + users that require developer attention. +* Action: Leave a comment asking for a status update. Note that a + maximum of 2 nags will be applied to the issue. + +### Merge-Approval clean up + +* Purpose: Developers often forget to remove **Merge-Approved-MX** + label after merging change to specific branch. +* Action: If the bug is not updated in specific milestone branch + cycle (42 days), remove all label that starts with + **Merge-Approved-MX** label and add a comment asking developers + to re-request a merge if needed. + +### Milestone punting + +* Purpose: Update issues with latest milestone after branch point. +* Action: Replace milestone label with latest milestone for + milestones that have passed their branch point. Certain issues, + such as Launch bugs, Pri-0 issues, Release blockers, and issues + where merges have been requested or approved are excluded. + +### Open bugs with CL landed which are not modified for 6 months *(This rule has been disabled as of 07/22/16, pending furthur discussion. Reference bug: 629092)* + +* Purpose: Developers often forget to close the bugs after landing + CLs. +* Action: + * Send a reminder by adding **Hotlist-OpenBugWithCL** label asking Developers to either: + * Close bug if all neccessary CLs have landed and no furthur work is needed OR + * Remove **Hotlist-OpenBugWithCL** label if more changes are needed. + * If no action is taken in 30 days, set the status to **Archived**. + +### Bugs with no stars, no owners and not modified for an year *(This rule has been disabled as of 08/12/16. Reference bug: 637278)* + +* Purpose: Issues with no owners, no stars are unlikely to receive + any attention, so clear-out these issues and let reporters know + that they should re-file if they still care about the issue. +* Action: Add a comment and change the status to **Archived.** + +### Set for re-triage, the issues with bouncing owners. + +* Purpose: Issues with owners who cannot be contacted (bouncing + owners) is unlikely to get resolved by the owner, so clear out + these issues by sending for re-triaging again. +* Action: Remove the bounced owner, add comment, apply the + tracking label **Hotlist-Recharge-BouncingOwner** and change the + status to **Untriaged**. + +### Cleanup any auto-generated issues with no owners and are inactive for more than 90 days. + +* Purpose: Auto-generated issues with no owners and more than 90 + days of inactivity is unlikely to be viewed and resolved, so + clean up these issues by archiving them. +* Action: Add comment and set the status to **Archived**. + +### Reminder for release blocking issues with no milestone and OS labels. + +* Purpose: All release blocking bugs should have milestone and OS + label associated with it in order to release the fixes promptly. +* Action: Leave a comment asking to add milestone and OS + labels and cc the release block label adder to the issue. Note + that a maximum of 2 nags will be applied to the issue. + +### Add label (Merge-TBD) to track any blocking issues where a merge may be required + +* Purpose: We need to ensure all blockers that are fixed + post-branch have the relevant CLs merged back to the release + branch; otherwise, regressions will escape to stable. +* Action: Add the label "Merge-TBD" when issues marked as + blocking (ReleaseBlock=Dev,Beta,Stable) targeting a milestone + (via M-XX or Target-XX) that is past branch point (via + [schedule](https://chromiumdash.appspot.com/schedule)) are + marked as fixed. + +### Increase priority of issues tagged with ReleaseBlock labels + +* Release Blockers will be escalated to P0 if they + * are tagged to block Beta or Stable releases within 10 days + of the target milestone's promotion date. + * are tagged to block a Dev release for any milestone. +* Release Blockers will be escalated to P1 if they + * are tagged to block Beta or Stable releases prior to 10 days + of the target milestone's promotion date. \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/creating-a-bug-template-url/index.md b/chromium/docs/website/site/issue-tracking/creating-a-bug-template-url/index.md new file mode 100644 index 00000000000..26ed61ab330 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/creating-a-bug-template-url/index.md @@ -0,0 +1,78 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: creating-a-bug-template-url +title: Creating a Bug Template Url +--- + +The following fields can be pre-populated with a value supplied in the URL. +Using links with these query parameters present allows you to guide end-users to +enter an issue that is tailored to a specific need. Usually defining a template +and specifying just a template value is better than specifying other values in a +URL. The user must still review, edit, and submit the form. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Form field URL query parameter Values
Template template Name of a defined template in this project
Summary summary Initial summary string
Description comment Prompt text to show in issue description area
Status status Initial status value
Owner owner Username of initial issue owner
CC cc List of users to CC
Components components Comma-separated list of initial component values
Labels labels Comma-separated list of initial label values
+ +**Constructing your URL:** + +* Start w/ the base url - + https://bugs.chromium.org/p/**<project_name>**/issues/entry + * Example: https://bugs.chromium.org/p/chromium/issues/entry +* Add your query parameters + * Example (using the "Defect from user" template) - + https://bugs.chromium.org/p/chromium/issues/entry***?template=Defect%20report%20from%20user*** + * [Wiki](https://en.wikipedia.org/wiki/Query_string#Web_forms) - + How url parameters work. +* Publish as a quick link ( works well). + +**Tips and Tricks:** + +* For descriptions you'll need to url encode the text. Here's a + [site](http://meyerweb.com/eric/tools/dencoder/) to help you. \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/editing-components/Component Edit View.png.sha1 b/chromium/docs/website/site/issue-tracking/editing-components/Component Edit View.png.sha1 new file mode 100644 index 00000000000..c1abb68e506 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/editing-components/Component Edit View.png.sha1 @@ -0,0 +1 @@ +b970d31f19c498dbfe06201387e0c0f762bd8456 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/editing-components/Component List.png.sha1 b/chromium/docs/website/site/issue-tracking/editing-components/Component List.png.sha1 new file mode 100644 index 00000000000..5fb66d2942d --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/editing-components/Component List.png.sha1 @@ -0,0 +1 @@ +1031f6449086ec47974004f4966b59c089ff5c8e \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/editing-components/Components.png.sha1 b/chromium/docs/website/site/issue-tracking/editing-components/Components.png.sha1 new file mode 100644 index 00000000000..acfe9f2d776 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/editing-components/Components.png.sha1 @@ -0,0 +1 @@ +864aa2a2bf8f898735539b8684473b3b06213ec6 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/editing-components/Development Process.png.sha1 b/chromium/docs/website/site/issue-tracking/editing-components/Development Process.png.sha1 new file mode 100644 index 00000000000..031791f6fad --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/editing-components/Development Process.png.sha1 @@ -0,0 +1 @@ +45f7a0cce05fe032dc5dbf8447f601947cd33e6d \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/editing-components/index.md b/chromium/docs/website/site/issue-tracking/editing-components/index.md new file mode 100644 index 00000000000..51c402e0518 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/editing-components/index.md @@ -0,0 +1,40 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: editing-components +title: Editing Components +--- + +Have you ever wanted to edit a component's description, add cc-es, automatically +set labels, or even retire (deprecate) them? It's actually pretty simple, if you +know where to look. + +1. Once you load up the issue tracker, click on the "Development process" link +on the top most menu. + +[image](/issue-tracking/editing-components/Development%20Process.png) + +2. Select "Components" from the sub-menu that appears. + +[image](/issue-tracking/editing-components/Components.png) + +3. Find your component from the current set of "Active components" (Pro tip: +There are a lot, so Ctrl+F is helpful). + +[image](/issue-tracking/editing-components/Component%20List.png) + +4. Edit the component. + +**Pro Tip:** "Deprecated" versus "Delete component". Both will remove the +component from auto-complete, however Delete will remove all references to the +component from any existing issues that might have it (e.g. if one were to +forget to query for "All issues" to migrate over fixed issues). Delete basically +has no "undo," in case a mistake is made. Given that errors happen, it's best +practice to use "Deprecated" over delete to afford a measure of recovery. + +[image](/issue-tracking/editing-components/Component%20Edit%20View.png) \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Confirm.png.sha1 b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Confirm.png.sha1 new file mode 100644 index 00000000000..60b76529c36 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Confirm.png.sha1 @@ -0,0 +1 @@ +d120390351b348f61dfb71e0046cdb8ed0a0109b \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Worked.png.sha1 b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Worked.png.sha1 new file mode 100644 index 00000000000..0bdd265b42b --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit - Worked.png.sha1 @@ -0,0 +1 @@ +dc50f6b2b7788a938c90a86361453e0801e98898 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit.png.sha1 b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit.png.sha1 new file mode 100644 index 00000000000..8ccf05d9e50 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/Bulk Edit.png.sha1 @@ -0,0 +1 @@ +e6a91941d893f482a329438df05dbe7f38624112 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/index.md b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/index.md new file mode 100644 index 00000000000..86d2eaf064d --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/how-to-bulk-edit/index.md @@ -0,0 +1,46 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: how-to-bulk-edit +title: How to Bulk Edit +--- + +Did you know that Monorail has a super powerful bulk editor built-in? If not, +then let me tell you more... or better yet show you demo (I promise, it's really +straight forward). + +1. **Search for the issues that you want to bulk edit**, using the correct +"bucket" (e.g. "Open Issues", "All Issues", etc...). + +* *Pro Tip*: Depending on what you are doing (e.g. moving issues between +components), it may be advisable to change the default search from "Open Issues" +to "All Issues" to ensure that future queries continue to work. + +2. **Pick the issues that you want to bulk edit** or click on the (Select) All" +issues link. + +3. **From the "Actions..." drop down, select "Bulk edit..."** + +[image](/issue-tracking/how-to-bulk-edit/Bulk%20Edit.png) + +4. **Edit away.** To remove values (e.g. Components, Owners, Labels, etc...) you +simply have to select either ("Append +=" or "Remove -="). Click on the "Update Issues," and watch it work...magic. + +* *Pro Tip 0:* It's good practice, when making a bulk edit to add a comment! +* *Pro Tip 1:* To move a component or label w/ a single edit... use the "Append ++=" mode, start w/ the component that you want to add, and then starting with as +dash "-" add the second component that you want to remove (e.g. +"Blink>GetUserMedia, -Blink>Webrtc>GetUserMedia" would add the +Blink>GetUserMedia and remove Blink>Webrtc>GetUserMedia"* +* *Pro Tip 2:* If you are moving a lot of things, it maybe worthwhile to +uncheck "Send email"* + +[image](/issue-tracking/how-to-bulk-edit/Bulk%20Edit%20-%20Confirm.png) + +5. **You're done.** + +[image](/issue-tracking/how-to-bulk-edit/Bulk%20Edit%20-%20Worked.png) \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/index.md b/chromium/docs/website/site/issue-tracking/index.md new file mode 100644 index 00000000000..deef229354c --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/index.md @@ -0,0 +1,29 @@ +--- +breadcrumbs: [] +page_name: issue-tracking +title: Issue Tracking +--- + +Building this section back out, pulling in and re-writing all the existing bug +related documentation under here. + +Topics + +* [Auto-triage Rules for Bugs](/issue-tracking/autotriage) +* [Creating a Bug Template + URL](/issue-tracking/creating-a-bug-template-url) +* [Requesting a Component or + Label](/issue-tracking/requesting-a-component-or-label) +* [Triage Best + Practices](/for-testers/bug-reporting-guidelines/triage-best-practices) +* [How to Bulk Edit](/issue-tracking/how-to-bulk-edit) +* [Editing Components](/issue-tracking/editing-components) +* [Migrating Issue + Components](/issue-tracking/migrating-issue-components) +* [Monorail (Issue Tracker) + API](https://chromium.googlesource.com/infra/infra/+/HEAD/appengine/monorail/doc/api.md) +* [Tips and Tricks](/issue-tracking/tips-and-tricks) + +Process + +* [Release Block Guidelines](/issue-tracking/release-block-guidelines) \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/Conceptual Model.png.sha1 b/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/Conceptual Model.png.sha1 new file mode 100644 index 00000000000..4ed02d36076 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/Conceptual Model.png.sha1 @@ -0,0 +1 @@ +c8b2a48efece3d83d2dc178352979fcf06ec15be \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/State Diagram.jpg.sha1 b/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/State Diagram.jpg.sha1 new file mode 100644 index 00000000000..00d84d8b666 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/State Diagram.jpg.sha1 @@ -0,0 +1 @@ +00d782d24fc9733789ef31d217590817c852f2f7 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/index.md b/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/index.md new file mode 100644 index 00000000000..605bdcdbdb5 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/issue-tracking-lifecycle/index.md @@ -0,0 +1,17 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: issue-tracking-lifecycle +title: Issue Tracking Lifecycle +--- + +[TOC] + +## The Four Phases + +![](/issue-tracking/issue-tracking-lifecycle/Conceptual%20Model.png) + +## Status + +![](/issue-tracking/issue-tracking-lifecycle/State%20Diagram.jpg) \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit - Confirm.png.sha1 b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit - Confirm.png.sha1 new file mode 100644 index 00000000000..60b76529c36 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit - Confirm.png.sha1 @@ -0,0 +1 @@ +d120390351b348f61dfb71e0046cdb8ed0a0109b \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit.png.sha1 b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit.png.sha1 new file mode 100644 index 00000000000..8ccf05d9e50 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Bulk Edit.png.sha1 @@ -0,0 +1 @@ +e6a91941d893f482a329438df05dbe7f38624112 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/migrating-issue-components/Component List.png.sha1 b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Component List.png.sha1 new file mode 100644 index 00000000000..5fb66d2942d --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Component List.png.sha1 @@ -0,0 +1 @@ +1031f6449086ec47974004f4966b59c089ff5c8e \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/migrating-issue-components/Components.png.sha1 b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Components.png.sha1 new file mode 100644 index 00000000000..acfe9f2d776 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Components.png.sha1 @@ -0,0 +1 @@ +864aa2a2bf8f898735539b8684473b3b06213ec6 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/migrating-issue-components/Depercate Component.png.sha1 b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Depercate Component.png.sha1 new file mode 100644 index 00000000000..bf3d8211b6f --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Depercate Component.png.sha1 @@ -0,0 +1 @@ +ec8bf4062da8483c5bdfa98505c4f846d62093d9 \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/migrating-issue-components/Development Process.png.sha1 b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Development Process.png.sha1 new file mode 100644 index 00000000000..031791f6fad --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/migrating-issue-components/Development Process.png.sha1 @@ -0,0 +1 @@ +45f7a0cce05fe032dc5dbf8447f601947cd33e6d \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/migrating-issue-components/index.md b/chromium/docs/website/site/issue-tracking/migrating-issue-components/index.md new file mode 100644 index 00000000000..e35abac462f --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/migrating-issue-components/index.md @@ -0,0 +1,66 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: migrating-issue-components +title: Migrating Issue Components +--- + +Basically it's a two step process 1.) [Bulk +edit](/issue-tracking/how-to-bulk-edit) 2.) [Edit the +component](/issue-tracking/editing-components), marking it as "Deprecated". + +Let's go through an example, migrating issues from +"Blink>Webrtc>GetUserMedia" to "Blink>GetUserMedia". + +## Step 1 - Bulk Edit + +1. Search "All issues" for the component that you want to deprecate (e.g. +Blink>>Webrtc>GetUserMedia). Once the results list appears, Select +"All," go to the "Actions..." drop down and select "Bulk edit...". + +[image](/issue-tracking/migrating-issue-components/Bulk%20Edit.png) + +​ + +2. In the Components field (w/ Append += set), add the replacement component +(e.g. Blink>GetUserMedia), followed by the component that you want to remove/ +deprecate starting with a minus ("-"). In this example +("-Blink>Webrtc>GetUserMedia). Click the "Update ## Issues" button. + +**Pro tip:** Uncheck the Send email box. + +[image](/issue-tracking/migrating-issue-components/Bulk%20Edit%20-%20Confirm.png) + +## Step 2 - Deprecate the component (to keep it out of Auto-complete) + +1. Once you load up the issue tracker, click on the "Development process" link +on the top most menu. + +[image](/issue-tracking/migrating-issue-components/Development%20Process.png) + +2. Select "Components" from the sub-menu that appears. + +[image](/issue-tracking/migrating-issue-components/Components.png) + +3. Find your component from the current set of "Active components" (Pro tip: +There are a lot, so ctrl+F is helpful). + +[image](/issue-tracking/migrating-issue-components/Component%20List.png) + +4. Check "Deprecated" and click on "Submit changes." + +**Pro Tip:** "Deprecated" versus "Delete component". Both will remove the +component from auto-complete, however Delete will remove all references to the +component from any existing issues that might have it (e.g. if one were to +forget to query for "All issues" to migrate over fixed issues). Delete basically +has no "undo," in case a mistake is made. Given that errors happen, it's best +practice to use "Deprecated" over delete to afford a measure of recovery. + +[image](/issue-tracking/migrating-issue-components/Depercate%20Component.png) \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/release-block-guidelines/index.md b/chromium/docs/website/site/issue-tracking/release-block-guidelines/index.md new file mode 100644 index 00000000000..fd95cff76e4 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/release-block-guidelines/index.md @@ -0,0 +1,63 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: release-block-guidelines +title: Release Block Guidelines +--- + +**See also [this more recent document](https://chromium.googlesource.com/chromium/src/+/HEAD/docs/process/release_blockers.md).** + +**What are the intents of ReleaseBlock?** + +ReleaseBlock issues are immediately gating the release of the branch (Dev, Beta, +Stable). These issues require the highest priority of attention from the +engineers assigned (since they are directly on the critical path). They are +meant to be used as a tool for program managers to focus engineers to get a +Chrome release launched with high standard of quality (e.g. absent critical +regressions, stability, build issues, etc...). + +**What aren’t the intents?** + +ReleaseBlock issues **are not** meant to be a scoping or prioritization tool (we +have specific labels and normal processes for each of those, respectively +mstone- and pri-). If an issue isn’t getting sufficient attention, it should be +escalated to a TPM and/or the priority adjusted accordingly. Making arbitrary +issues ReleaseBlockers, when mstone and proper prioritization would otherwise +suffice, makes it very hard to see the true critical path of our release cycle. + +**Best Practices:** + +* Nominate blockers liberally, it’s better to catch someone’s + attention than to ignore an issue. + * That said, expect TPMs to say no sometimes. +* Ask yourself if you would really block a release for this issue, if + the answer if no, the next best option is to make sure the priority + is set correctly, the issue is assigned, and an mstone label is set. +* All ReleaseBlock bugs should have owners +* If you have a request for an out of band (i.e. non-releaseblock) + merge, add a Merge-Requested flag and the TPM responsible for the + branch will take a look. + +**Signals of Poor Practices:** + +* Assigned a P2/P3 issue as a ReleaseBlocker + * ***Explanation:*** + * P2/P3 are generally considered nice to have merges +* Setting a ReleaseBlock label 6 weeks in advance of a branch point. + * ***Explanation:*** + * It suggests that normal processes for prioritization/ + scoping aren’t being followed. In cases where issues are not + imminently blocking a release (i.e. 3-6 weeks in advance), + such practices dilute the intent of a releaseblock, which + literally means, drop what you are doing and work on nothing + else. Such calls may be overly disruptive to engineers, and + may not be the correct priority call if the issue in + question does not need immediate attention. +* Setting a ReleaseBlock issue w/ out an owner or marking it as + Available + * ***Explanation:*** + * If an issue is really critically urgent it should be + assigned right away, we should not wait around for normal + triage to determine an owner (i.e. we should not be sitting + on these issues). \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/requesting-a-component-or-label/index.md b/chromium/docs/website/site/issue-tracking/requesting-a-component-or-label/index.md new file mode 100644 index 00000000000..bf488ef88ad --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/requesting-a-component-or-label/index.md @@ -0,0 +1,66 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: requesting-a-component-or-label +title: Requesting a Component or Label +--- + +[TOC] + +## Requesting a Component or Label + +Project members can request the creation of new components or labels by simply +filing an issue: + +* [Component + Request](https://bugs.chromium.org/p/chromium/issues/entry?template=Component%20Request) + (Template) +* [Label + Request](https://bugs.chromium.org/p/chromium/issues/entry?template=Label%20Request) + (Template) + +## Component versus Label + +* Components are meant to track work on a specific feature/ function. +* Labels generally are meant to track effort that cuts across multiple + components (e.g. Proj(ects), Hotlist(s), etc...) + +## Component Guidelines + +* Guideline 1 (Clarity): Component name should be descriptive beyond + the core project team (i.e. please avoid using non-industry standard + abbreviations, code words,project names, etc...) +* Guideline 2 (Permanence): Component names should describe + features/functions and not team names, code locations, etc..., which + are more subject to change and make the hierarchy less predictable + for people triaging issues. +* Guideline 3 (Specific): Components are meant to explicitly track + functional work areas. If you are trying to track a Proj(ect) or an + on-going effort (e.g. Hotlist-Conops), please instead request a + label for a (Proj- or Hotlist-) +* Guideline 4 (Discoverable/ Predictable): Components should be + parented where people would logically expect to find them (i.e. + follow product decomposition when naming versus team decomposition). + +## Label Guidelines + +* Guideline 1: Unless a hierarchy of labels is needed, please avoid + creating new root parents. +* Guideline 2: Proj(ects) labels should be used for efforts that have + a clear start/ end +* Guideline 3: Hotlist labels should be used for tracking on-going + efforts across multiple components (e.g. Hotlist-GoodFirstBug) + +### Description Best Practices (for components and labels): + +* Monorail supports scanning the descriptions of components and labels + during auto-complete. This has some important implications. + * (Best practice) Adding abbreviations (e.g. JS, GC, I18N, L10N, + WASM, etc...) into the description of your components will give + you and your users a nice shorthand. + * (Best practice) If there are synonyms not currently in your + description, please consider adding them. + * (Best practice) Avoid using negative descriptions (e.g. "Not + foo") as they will appear in auto-complete for the subject being + avoided (e.g. "foo"). \ No newline at end of file diff --git a/chromium/docs/website/site/issue-tracking/tips-and-tricks/index.md b/chromium/docs/website/site/issue-tracking/tips-and-tricks/index.md new file mode 100644 index 00000000000..5b0c4b90006 --- /dev/null +++ b/chromium/docs/website/site/issue-tracking/tips-and-tricks/index.md @@ -0,0 +1,44 @@ +--- +breadcrumbs: +- - /issue-tracking + - Issue Tracking +page_name: tips-and-tricks +title: Tips and Tricks +--- + +[TOC] + +## Tip 1: It's important to learn your query operators ":" and "=" + +Components and labels can both be searched for using either ":" or "=" +operators. The "=" operator looks for exact matches. The ":" operator for +components looks for the specified component or any subcomponent. The ":" for +labels (and most of fields) looks for words anywhere in the string. + +Mastering these queries will allow you to find all issues under a parent +component. + +Example 1.1: Querying all Blink issues +([component:Blink](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=component%3ABlink)), +from Blink to Blink>WebRTC>Audio etc... + +Example 1.1: Querying only issues explicitly w/ the Blink label +([component=Blink](https://bugs.chromium.org/p/chromium/issues/list?can=2&q=component%3DBlink)) + +## Tip 2: Hit the "?" key to see a list of keyboard shortcuts. + +Spoiler alert: + +Issue list: J and K for previous and next issue, X to check a checkbox. + +Issue detail page: J and K for previous and next issue, U to go up to list, R to select the comment field on the issue detail page. + +Anywhere: / to select the search box. + +## Tip 3: To get a clean link to an issue, click on the issue number in the header. + +That gives you a simple URL that you can share with others. + +## Tip 4: Add monorail issue search as a Search Engine in the Chrome Omnibar. + +Just pop up a menu on your chrome browsers location bar and choose "Edit Search Engines...". E.g., I have the shortcut "mm" search for issues in /p/monorail. Typing "mm 12345" takes me directly to that issue. You can also treat the issue entry page as a search engine, e.g., I have "mnew" mapped to "https://bugs.chromium.org/p/monorail/issues/entry?summary=%s" \ No newline at end of file diff --git a/chromium/docs/website/site/july-2021---new-features-fixit-stability-security-fixes-interop-fixes-and-more/index.md b/chromium/docs/website/site/july-2021---new-features-fixit-stability-security-fixes-interop-fixes-and-more/index.md new file mode 100644 index 00000000000..5da33782b76 --- /dev/null +++ b/chromium/docs/website/site/july-2021---new-features-fixit-stability-security-fixes-interop-fixes-and-more/index.md @@ -0,0 +1,268 @@ +--- +breadcrumbs: [] +page_name: july-2021---new-features-fixit-stability-security-fixes-interop-fixes-and-more +title: July 2021 - New features, fixit, stability/security fixes, interop fixes and + more! +--- + + + + + + + + + + + +
July 2021Chrome Interactions HighlightsArchives: go/interactions-team-highlights
+ + + + + + + + + + + + + + + + + + + + + + + +
+ + + + + +
Chapter I: New features
 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Composite multiple transformationsimagekevers@ landed a CL to composite multiple transformations.BackgroundCSS has 4 transformation properties: translate, scale, rotate and + transform.Previously, we could only composite a single + transformation.ChallengesCompositor only know about transform, and the others were + converted.Ordering is importantWorkletAnimations tick later than the rest to allow time for worklet + code to run.SolutionExpand set of target properties in CCScopedCompoundTransformResolverCapability Delegationmustaq@ finalized Q3-Q4 shipping plan:origin trial at M94ship at M96 without PaymentRequest changes, andship PaymentRequest changes after holidays.We considered possible TAG delays, + no-breakage during holiday shopping, and motivating Stripe changes. Thanks + to smcgruer@ and jyasskin@.Android Elastic Overscrollimage imageflackr@ has landed all patches for elastic overscroll, which includes:Transform overscroll stretchPixel shader stretchDisable glow when stretch is enabledDisable stretch on webview when native stretch is usedDisable stretch in non-scrollable directionsOnly enable stretch on Android 12 or laterimageimageMemory.GPU.PrivateMemoryFootprint and Memory.GPU.PeakMemoryUsage2.ScrollThe preliminary finch result for “Android Elastic Overscroll” is shown above. The only substantial difference seemed to be GPU memory usage:Roughly 10% increase in Memory.GPU.PeakMemoryUsage2.ScrollSlightly increase in Memory.Gpu.PrivateMemoryFootprint
 + + + + + +
Chapter II: Fixit
 + + + + + + + + + + + + + + + + + + + + + + + + + +
Fix a float-cast-overflowimagexidachen@ fixed a float-cast-overflow bug. There is no local repro, and a speculative fix actually fixed the problem.Fix a float-cast-overflowimagexidachen@ added more documentation in the csspaint/ folder to explain the workflow of the paint worklet.Fix a flaky animations layout testThis layout test is one of the top flakes under the Blink>Animation category. The root cause seems to be a precision issue with animation time comparison, which is addressed in this CL.Fix a few PointerLock crashesmustaq@ fixed a 9-year-old exit instruction bug between fullscreen and repeated lock-unlock requests, by untangling exit instruction confusion between browser-vs-content fullscreen exit instructions to keep the “nested fullscreening” case clear to users.Also fixed a crash with repeated locks around a removed element.
 + + + + + + + +
Chapter III: Stability/security fixes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Chrome_Android: Crash reportimageflackr@ fixed a crash on chrome android. The fix is that the overscroll stretch effect node needed an output clip set (CL). Prevent script execution during lifecycle updateflackr@ landed a fix that prevents further security bugs resulting from accidentally running script during the lifecycle. Specific exceptions made for cases where script execution is known to be safe or handled:ResizeObserverIntersectionObserverPaintWorklet::PaintLayoutWorkletPlugin::Dispose\*Crashed hittesting with “uneditable” editable elementsimagemustaq@ fixed a crash bug. The root cause is simply that hittest code is unaware that the contenteditable element is not editable (CL).Binary size increaseimageflackr@ investigated a binary size increase bug on Android, where Android stretch shader adds a large (~6KB) shader string (shown above).Short term, only include shader string on Android (CL).Long term, find a way to compress + string.
Chapter IV: Interop fixes + + + + + + + + + + + + + + + + + +
Simplify pointer-events spec tracking of changed targetsimageflackr@ simplifies pointer-events spec. Previously the spec had a dirty flag which lazily updated the targets of coalesced/predicted events.Leaks implementation details into the specUpdated this to immediately update the dependent listsRemove dirty flagWell-known when targets change.
 + + + + + + + +
Chapter V: à la carte + + + + + + + + + + + + + +
Refactor native paintworkletxidachen@ proposed a refactor to the native paintworklet code. Detailed doc is here, the first CL has landed. Scroll Unification - Google Docs jumpy scrollbar dragsimageskobes@ landed a CL that fixes a jumpy scrollbar bug.
 + + + + + + + + + +
Chapter VI: Bug Updatesimage imageThe increase in P1 bugs appears to be linked to influx of fixit-2021-testing-flaky bugs. Some efforts is required to properly triage them.
+ + + + + + + + + +
Chrome Interactions Highlights | July 2021go/interactions-team
\ No newline at end of file diff --git a/chromium/docs/website/site/layout-test-contest/index.md b/chromium/docs/website/site/layout-test-contest/index.md new file mode 100644 index 00000000000..fb725586a1e --- /dev/null +++ b/chromium/docs/website/site/layout-test-contest/index.md @@ -0,0 +1,293 @@ +--- +breadcrumbs: [] +page_name: layout-test-contest +title: Layout Test Contest +--- + +## Why? Fix all test ordering issues so we can enable --order=random-seeded by default. Drive number of lines in test_expectations to 0 so it is easier to maintain. Win fame and prizes! + +### Who? Everyone! Yes, you can participate even if you've never contributed to Blink before! In fact, this is the perfect way to get some Blink commits under your belt! You don't need to be a Google employee either. + +### Dates: The contest will begin on 9/30 ~~and end on 10/20 at 11:59pm PST~~ extended to 10/27 at 11:59pm PST!!! All code must be submitted for review during these dates to be eligible. + +### Scoring: Points will be awarded based on the tasks completed. Point values for each task are explained below. Each participant's score will be the sum of his or her points. See the [leaderboard](/layout-test-contest/layout-test-contest-leaderboard)! + +### Winners & Prizes: + +There are many chances to win! In addition to standard 1st, 2nd, 3rd Place, +there are additional prizes: + +* Cheetah: First person to 250 points. Start off the contest with a + bang! +* Top Reviewer: Awarded to the participant with the highest number of + points from code reviews only. Show off your code review skillz! +* Best Yak Shave: Awarded to the participant with the most ridiculous + patch, or series of patches, required to solve a "simple" problem. + Show your perseverance! +* Top Slacker: Awarded to the participant with the highest number of + points gained, who starts AFTER October 14, 11:59pm PST. + +Winners will select a prize from a prize category. Any prize can be exchanged +for a **"Get out of gardening free pass!" - Priceless!** + +#### 1st Prize: Awarded to the participant with the highest number of points. + +**Your choice of:** + +Indoor Sky Diving Party +for 12 +Vegas Indoor Skydiving Elvis + +[Kitchit Dinner +Party](http://www.kitchit.com/listings/late-summer-farmers-market-dinner) +for 8 + +[image](https://kitchit-static01.insnw.net/images/4453/Large/6215_1160623569817_1054627764_484055_6067109_n.jpg) + +Sennheiser HD 650 Headphones +image + +iRobot Roomba or Scooba +image + +LG Electronics 50LN5400 50-Inch 1080p 120Hz LED-LCD HDTV with Smart Share +image + +1982 Port Ellen 30yr Scotch +1982 Port Ellen 30 Year Old + +#### 2nd Prize: Awarded to the participant with the second highest number of points. + +**Your choice of:** + +Indoor Sky Diving Party +for 5 +Vegas Indoor Skydiving Elvis + +[Kitchit Dinner +Party](http://www.kitchit.com/listings/late-summer-farmers-market-dinner) +for 4 +image + +Nexus 7 32G +image + +Sonos Play 3 +image + +Breville Smart Oven Convection Toaster Oven with Element IQ +image + +1996 Opus One Napa Valley Proprietary Red +1996 Opus One Napa Valley Proprietary Red + +#### 3rd Prize: Awarded to the participant with the third highest number of points. + +#### Cheetah: First person to 250 points. Start off the contest with a bang! + +#### Top Reviewer: Awarded to the participant with the highest number of points from code reviews only. Show off your code review skillz! + +**Top Slacker: Awarded to the participant with the highest number of points +gained, who starts AFTER October 14, 11:59pm PST.** + +**Your choice of:** + +[Kitchit Dinner +Party](http://www.google.com/url?q=http%3A%2F%2Fwww.kitchit.com%2Flistings%2Flate-summer-farmers-market-dinner&sa=D&sntz=1&usg=AFrqEzeeon2ePMRBRFaHc6luP02HSn0e3w) +for 2 +image + +SodaStream Pure w/ Soda Starter Kit + + + + +
Pure - Soda Starter Kit
+ +Sennheiser HD 558 Headphones +image + +Kindle Paperwhite, 3G +image + +Breville Compact Smart Oven Toaster Oven with Element IQ +image + +Macallan 18 year old Single Malt +Macallan 18 year old Single Malt Whisky 750ml + +#### Best [Yak Shave](http://en.wiktionary.org/wiki/yak_shaving): Awarded to the participant with the most ridiculous patch, or series of patches, required to solve a "simple" problem. + +**Your very own Shaving Yak Action Figure!** + +image + + +#### **Your choice of:** + +**Indoor Sky Diving** +**for 2** +**Vegas Indoor Skydiving Elvis** + +**SodaStream Genesis w/ Soda Starter Kit** +**** +**** + +**** + +**** +**
Genesis - Soda Starter Kit
** + +**Sennheiser HD-280 PRO Headphones** +**image** + +**Kindle Paperwhite, Wi-Fi** +**image** + +**AeroGarden Classic 7-Pod with Gourmet Herb Seed Kit** +**image** + +**2003 Dom Perignon** +**2003 Moet & Chandon ** + +#### \*For non-MTV based winners, suitable equivalent prizes will be awarded if necessary. + +### How to Participate + +1. Complete any of the tasks below. +2. For each task, submit your participation info using [this + form](https://docs.google.com/a/chromium.org/forms/d/1MHJ_WC-niQkhvnyofWkEl-zaRUZpz7fxrLkllDKR-p8/viewform). + Sorry, any task completed, but not submitted in this manner, will + not be eligible. +3. Profit! + +## Points + +Points are not additive. Each patch can only apply to one category. + +#### C++ or Python change fix to endemic test flakiness + +* Points: 50 +* Examples: reset some state between test runs or fix a race condition + in run-webkit-tests. + +#### Fix a line or flaky test in TestExpectations that crashes + +* Points: 5/line +* Includes \[ Pass Crash \] lines. + +**Fix a line or flaky test in TestExpectations that doesn't crash** + +* Points: 3/line + +#### Remove a line from TestExpectations (with no other changes, whitespace and comment lines do \*not\* count) + +* Points: 1/line +* This is for TestExpectations-only changes. If you made a + non-TestExpectations-only change that fixed more tests than you + realized, you can still submit a TestExpectations-only change for 3 + points per line. + +#### Code review a C++/Python change + +* Points: 3 +* Again, pure TestExpectations-only changes don't count. +* It's the reviewer's responsibility to fill out the form above. + +## How To + +Here are some ideas for ways to identify test flakiness/ordering issues. + +### 1. Fix filed test ordering bugs (good way to find C++ endemic flakiness issues!!) + + + +### 2. Run tests in a random order and diagnose failures + +1. Run "run-webkit-tests --order=random --no-retry". +2. Run "./Tools/Scripts/print-test-ordering" and save the output to a + file. This outputs the tests run in the order they were run on each + content_shell instance. +3. For each test that fails: + 1. Find which worker it ran on. + 2. Create a file that contains only the tests run on that worker in + the same order as in your saved output file. + 3. run-webkit-tests --child-processes=1 --order=none + --test-list=path/to/file/from/previous/step + 4. If the test doesn't fail here, then the test itself is probably + just flaky. If it does, remove some lines from the file created + in step 2.2 and repeat step 3. Continue repeating until you've + found the dependency. If the test fails when run by itself, but + passes on the bots, that means that it depends on another test + to pass. In this case, you need to generate the list of tests + run by "run-webkit-tests --order=natural" and repeat this + process to find which test causes the test in question to + \*pass\* (e.g. [crbug.com/262793](http://crbug.com/262793)). + 5. File a bug and give it the LayoutTestOrdering label, e.g. + [crbug.com/262787](http://crbug.com/262787) or + [crbug.com/262791](http://crbug.com/262791) + +### 3. Run tests in isolation + +Run "run-webkit-tests --batch-size 1 --no-retry". This starts up a new +content_shell instance for each test. Tests that fail when run in isolation but +pass when run as part of the full test suite represent some state that we're not +properly resetting between test runs or some state that we're not properly +setting when starting up content_shell. You might want to run with +--time-out-ms=60000 to weed out tests that timeout due to waiting on +content_shell startup time. + +### 4. Diagnose especially flaky tests + +1. Load the[ flakiness + dashboard](http://test-results.appspot.com/dashboards/overview.html#group=%40ToT%20Blink&flipCount=12) +2. Tweak the flakiness threshold to the desired level of flakiness. +3. Click on "layout-tests" to get that list of flaky tests. +4. Diagnose the source of flakiness for that test. + +### 5. Fix any line in TestExpectations \ No newline at end of file diff --git a/chromium/docs/website/site/layout-test-contest/layout-test-contest-leaderboard/index.md b/chromium/docs/website/site/layout-test-contest/layout-test-contest-leaderboard/index.md new file mode 100644 index 00000000000..2598ea3324a --- /dev/null +++ b/chromium/docs/website/site/layout-test-contest/layout-test-contest-leaderboard/index.md @@ -0,0 +1,8 @@ +--- +breadcrumbs: +- - /layout-test-contest + - Layout Test Contest +page_name: layout-test-contest-leaderboard +title: layout-test-contest-leaderboard +--- + diff --git a/chromium/docs/website/site/nativeclient/day-to-day/codereview/index.md b/chromium/docs/website/site/nativeclient/day-to-day/codereview/index.md new file mode 100644 index 00000000000..265b8703cd4 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/day-to-day/codereview/index.md @@ -0,0 +1,76 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/day-to-day + - '6: Day-to-Day Engineering' +page_name: codereview +title: Native Client Code Review and Check-in Process +--- + +# Subteams + +1) Designate owners for that subteam. +2) Set policies for who can give LGTM for the modules owned by that subteam. +3) Once OWNERS is implemented, there may be an approval step required in +addition to (2). + +## Authors + +0) Read the [coding style document](/nativeclient/styleguide). +1) Run cpplint.py, pylint, tidy, etc., as appropriate. +2) The change list comment should describe the change and whether it is a +cosmetic change, a bug fix, or a new feature. +3) Make sure the CL is passing trybots before sending out for review. +4) Pick reviewers that are familiar with the code in question. + +a) Pick more than one reviewer if the CL spans more than one module. + +b) One LGTM per module touched is required. + +c) (Multiple reviewer details to be worked out.) + +5) All review requests should be sent to native-client-reviews@googlegroups.com. +6) All “significant” CLs have a BUG= line and an entry in the issue tracker. + +e.g., CLs that fix misspellings in comments or improve coding convention +conformance are not bug-worthy, while fixing a crasher or adding a new PPAPI +interface is. + +7) All new code CLs have a TEST= line and one or more tests that exercise the +new code. +e.g., Changing comments does not require a test, while adding a new system call +does. +The test should be specific enough that the reviewer can reproduce it. +8) Don’t re-upload the CL until addressing all of the reviewers’ comments from +an iteration. +Explicitly reply to comments in Rietveld. + +(Rietveld makes it difficult to ensure all the comments were addressed.) + +## Code reviewers + +Ensure +1) The CL conforms to the [NaCl coding +conventions](http://www.chromium.org/nativeclient/styleguide). +2) The CL passed the trybots. +3) The CL follows the designated author tasks above. +4) You understand what the CL is doing and believe it is doing it correctly. +5) Review iterations are completed within one business day or referred to +another reviewer. + +a) Repeated issues may be elided and another iteration required. + +b) Large CLs may be broken into sub-reviews. + +c) We encourage sending comments or feedback early so as to pipeline the fixes. + +The reviewer may summarily reject the CL if it doesn’t follow (2-3). +If you LGTM a CL that breaks the build, you share responsibility for the break. + +## Sheriffs + +1) The first responsibility at all times is to keep the tree open. Even if that +means going back to the last known good revision. +2) Can summarily revoke CLs, and ask author or a reviewer(s) to do revocation. +3) For more details, see \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/day-to-day/index.md b/chromium/docs/website/site/nativeclient/day-to-day/index.md new file mode 100644 index 00000000000..34df14eac1b --- /dev/null +++ b/chromium/docs/website/site/nativeclient/day-to-day/index.md @@ -0,0 +1,9 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +page_name: day-to-day +title: '6: Day-to-Day Engineering' +--- + +{% subpages collections.all %} diff --git a/chromium/docs/website/site/nativeclient/day-to-day/infrastructure-faq/index.md b/chromium/docs/website/site/nativeclient/day-to-day/infrastructure-faq/index.md new file mode 100644 index 00000000000..053b539117a --- /dev/null +++ b/chromium/docs/website/site/nativeclient/day-to-day/infrastructure-faq/index.md @@ -0,0 +1,219 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/day-to-day + - '6: Day-to-Day Engineering' +page_name: infrastructure-faq +title: Infrastructure FAQ +--- + +**[TOC]** + +### **Why do some DEPS / .gclient URLs use http://, https://, svn:// ?** + +We would like .gclient files to function correctly for users both inside and +outside Google. + +In order to facilitate this, whenever a DEPS file lists repositories, read-only +publicly accessible URLs are preferred. + +These typically being with http:// + +For example: + +http://src.chromium.org/chrome/trunk/base - *read-only URL for base from +chromium.* + +http://nativeclient.googlecode.com/svn/trunk/src/native_client - read-only nacl +main repo + +Sometimes svn:// and https:// URLs are used. + +There are two main reasons: + +* To specify checking out a writable svn client ==inside a .gclient + file== +* To pull in an internal only writable repository inside a DEPS file + (since it's internal you can assume it can always be checked out + writable). + +Google Code (nativeclient, naclport, etc) only supports http:// and https://. + +Chromium's primary svn mirror (src.chromium.org) does http:// only. + +Chromium's svn servers (svn.chromium.org, chrome-svn) support only svn://. + +### **How do I make changes outside src/native_client?** + +If the repository is internal only, make changes as usual, use gcl in each +repository. + +You can use ==svn info== to get information about the repository you're +currently in. + +For public repositories, you may need to make sure you've got a writable client. + +(gclient can use svn switch to switch from read-only to writable in most cases +preserving patches). + +To make a particular repository checkout writable, add a section like the +following to you .gclient file: + +"custom_deps" : { + +"native_client/third_party/foo": +"https://nativeclient.googlecode.com/svn/trunk/deps/third_party/foo", + +}, + +This overrides the URL specified for foo in native_client/DEPS + +### **How can I make gclient not check everything out?** + +Modify your .gclient file to add a custom_deps section, listing None for the +paths to exclude: + +"custom_deps" : { + +"src/data/esctf": None, + +"src/data/mozilla_js_tests": None, + +"src/data/page_cycler": None, + +"src/data/tab_switching": None, + +"src/data/saved_caches": None, + +"src/data/selenium_core": None, + +"src/tools/grit/grit/test/data": None, + +} + +**Note:** the above instruction is not useful because most of the checkout time +is consumed by downloading all the necessary toolchains and unpacking them. To +manually disable one of the toolchains from downloading, first download all of +them in the initial checkout. + +```none +shell$ ls native_client/toolchain +linux_arm-trusted +linux_x86 +linux_x86_newlib +pnacl_linux_x86_64 +pnacl_linux_x86_64_glibc +pnacl_linux_x86_64_newlib +pnacl_translator +``` + +To disable updating one of them, for example, pnacl_linux_x86_64, change the +test in file: + +```none +shell$ echo manual > native_client/toolchain/pnacl_linux_x86_64/SOURCE_URL +``` + +All subsequent gclient syncs would (hopefully) assume that this toolchain is +up-to-date. + +### **I keep getting patch failure on the trybots, what do I do?** + +Patches typically fail on the trybots because of version mismatch between what +is in the patch and the revision that the trybot wants to patch against. + +If your client is really old, do a gclient update before submitting try jobs to +bring it in sync. + +The trybot uses http://nativeclient-status.appspot.com/lkgr (last known good +revision), to decide what to patch against. + +This is intended to allow you to submit try jobs, even when the tree is red. + +If you ever need to apply a patch which does not work against the default on the +try bot, you can add various flags to gcl try: + +* -r REV# -- patch against a specific revision +* -r HEAD -- patch against tip of trunk +* -c -- clobber the build before applying the patch (of limited use + for nacl, but useful for chromium) + +### **I get strange error messages when compiling on Windows, what do I do?** + +Be sure to install all the service packs listed for chromium: + +http://dev.chromium.org/developers/how-tos/build-instructions-windows + +### **The toolchain in native_client appears to be out of date. How do I safely update it?** + +If you make changes to the untrusted or shared code, you need to update the +toolchain revision(s) after your change is committed and the toolchain build is +green. (If the toolchain build is red, you will need to check in a fix right +away or simply rollback your change). +For example, we updated the ppapi revision in DEPS, which required updates to +the code under src/shared. This needs a toolchain revision update. So we have: +PPAPI DEPS revision: + +Follow-up fix revision: + +There are two families of toolchains that generally need to be updated in +nactive_client/DEPS: `arm_toolchain_version` and `x86_toolchain_version`. It is +recommended to update them both to the same revision at a time. +To perform this straightforward toolchain revision update: + +* go to + (linked under "Toolchain" header on + ): +* find the latest green row and let `$REV` to be the corresponding SVN + revision to that row +* check for toolchain tarballs availability: + + ```none + shell> cd native_client/ + shell> python build/find_toolchain_revisions.py -s $REV + ``` + +* if all tarballs are available, you will get the output: + + ```none + Searching for available toolchains... + checking r$REV: x86: OK, arm: OK + ``` + +* The script will go and check the older revisions, interrupt it as + soon as you do not need more results +* This revision `$REV` can now be used in `native_client/DEPS` for + both toolchain versions. +* If some tarballs are not available, the output would be something + like: + + ```none + checking r$REV: x86: missing win_x86, arm: missing pnacl_linux_x86_64_newlib + ``` + +* When found a revision with all toolchains available, do not forget + to check that all builds in the "Toolchain" builder console are + green for that row. Sometimes they can be red for reasons irrelevant + to toolchain correctness, you may try those if you are brave. + +To perform toolchain revision update for only one family (i.e. +`arm_toolchain_version` or `x86_toolchain_version`) you will need only the 'OK' +for that family in toolchain tarballs availability and buildber green status +only of a subset of the rows (subject to frequent change): + +* arm_toolchain_version + * linux-pnacl-x86_64 + * linux-armtools-x86_32 + * linux-pnacl-x86_32 + * mac-pnacl-x86_32 +* x86_toolchain_version + * win7-toolchain_x86 + * mac-toolchain_x86 + * lucid64-toolchain_x86 + * win7-glibc + * mac-glibc + * lucid64-glibc + +TODO: describe the update procedure for NaCl SDK (requires updating toolchain +DEPS in the Chrome tree, pushing the new manifest). \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/index.md b/chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/index.md new file mode 100644 index 00000000000..72c03b80134 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/index.md @@ -0,0 +1,245 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/getting-started + - '1: Getting Started' +page_name: getting-started-background-and-basics +title: 'Getting Started: Background and Basics' +--- + +This document gives a broad high-level overview of what Native Client is and how +it fits into the world of web browsers and plugins (Chrome in particular). It is +intended for anybody who wants to learn about the background and concepts behind +Native Client, from browser technology fans, to pontential project contributors, +to NaCl module developers. + +### [TOC] + +### Chrome + +Chrome is a +[multi-process](http://www.chromium.org/developers/design-documents/multi-process-architecture) +browser. It uses multiple processes to provide increased security comparing to +other single-process browsers like Firefox. +The main process is called "browser". It runs the UI (including the +[Omnibox](/user-experience/omnibox)) and manages tabs and plugin processes. It +has full permissions of the current user for accessing resources (files, +network, etc) and can fork-exec other processes. +Tabs are allocated into separate processes, typically shared per domain. These +are called “renderer” processes. Renderer interprets the HTML layout and handles +the bitmap for displaying the page. It runs in a sandbox (known as Chrome or +outer sandbox) and has limited access permissions. It cannot open files or +network connections and can only respond to communication requests by the +browser. Communication is done via a combination of +[IPC](http://www.chromium.org/developers/design-documents/inter-process-communication) +techniques. Using sandboxed renderers ensures that if one tab misbehaves or +crashes, the rest of the tabs and the browser are isolated. It also limits the +ability of malicious software running in one tab from accessing activity in +another tab or interacting with the rest of the system. + +### Plugins + +[Plugins](http://en.wikipedia.org/wiki/Plug-in_%28computing%29) are external +binaries that add new capabilities to a web browser and are loaded when content +of the type they declare is embedded into a page. They either come bundled with +the browser or get downloaded and installed by the user. The most common plugins +are [Adobe Flash](http://en.wikipedia.org/wiki/Adobe_flash), [Adobe +Reader](http://en.wikipedia.org/wiki/Acrobat_reader) and +[Java](http://en.wikipedia.org/wiki/Java_plugin). +In general, existing plugins cannot be sandboxed like the render process because +they rely on file system and network access as well as use of native fonts. +Therefore, Chrome supports [out of process +plugins](http://www.chromium.org/developers/design-documents/plugin-architecture) +that run in a separate process with full privileges (i.e. no sandbox) and +communicate with the renderer and browser via +[IPC](http://www.chromium.org/developers/design-documents/inter-process-communication). +Chrome also supports [in process +plugins](http://www.chromium.org/developers/design-documents/plugin-architecture). +They run within a render process and can use faster direct access for +communication. They have also been used as an integration mechanism for adding +new statically linked functionality to the browser. + +### Netscape Plugin API (NPAPI) (No longer used by Native Client) + +[NPAPI](https://wiki.mozilla.org/NPAPI) is a common cross-browser plugin +framework used by plugins for exchanging data with the browser. It is +implemented by Chrome, Firefox and most other web browsers, excluding MS +Internet Explorer, which stopped supporting it in favor of +[ActiveX](http://en.wikipedia.org/wiki/ActiveX_control). +Contrary to other single-process browsers, Chrome +[supports](http://code.google.com/chrome/extensions/npapi.html) NPAPI plugins +out of process. +While this improves stability, security is still an issue - even in Chrome, +NPAPI plugins have full permissions of the current user to access resources and +fork-exec new processes. +Although NPAPI is intended to be platform independent, in reality it is not +fully so. NPAPI is a weak "standard", and every browser implements it somewhat +differently. Moreover, NPAPI plugins end up relying on OS and browser specifics +for certain capabilities, such as 2D or 3D graphics events. Even keyboard and +mouse events typically use the native OS implementation. It can also be +difficult to achieve similar rendering of the plugin area within a page across +different systems. + +### Pepper Plugin API (PPAPI) + +[Pepper](https://wiki.mozilla.org/NPAPI:Pepper) started at Google as a way to +address portability and performance issues with NPAPI, particularly for out of +process plugins. The initial focused efforts eventually expanded to include +capabilities such as generic 2D and 3D graphics and audio. +The first Pepper API designs were created to minimize the changes from legacy +NPAPI, hoping to ease adoption by browser vendors and plugin developers. This +design was implemented and is available to NaCl modules in Chrome 5. The Pepper +APIs were redesigned subsequent to the initial design, deviating more +substantially from legacy NPAPI while, hopefully, also improving the interfaces. +The [revised interfaces](http://code.google.com/p/ppapi/w/list) are sometimes +referred to as “PPAPI” or “Pepper2” and should be available in Chrome 6. + +Although traditional NPAPI plugins in Chrome run only out of process, Chrome 5 +supports Pepper plugins only in process. Being a somewhat experimental feature, +the only way to load trusted Pepper plugins is through the browser command-line +options. In the future, Pepper plugins will only be supported within Native +Client. + +### Native Client (NaCl) + +[Native Client ](http://code.google.com/p/nativeclient/)is a sandboxing +technology for safe execution of platform-independent untrusted native code in a +web browser. It allows real-time web applications that are compute-intensive +and/or interactive (e.g. games, media, large data analysis, visualizations) to +leverage the resources of a client's machine and avoid costly network access +while running in a secure environment with restricted access to the host. +[Native Client SDK](http://gonacl.com) is a software development kit for +creating Native Client executables (abbreviated as nexe) from scratch or from +the existing platform-specific web-based native applications. It consists of a +[GNU](http://en.wikipedia.org/wiki/GNU_Project)-based toolchain with customized +versions of [gcc](http://en.wikipedia.org/wiki/GNU_Compiler_Collection), +[binutils](http://en.wikipedia.org/wiki/Binutils) and +[gdb](http://en.wikipedia.org/wiki/Gdb) (32-bit x86 only), precompiled API +libraries and various examples and how-tos. The two usage models include porting +desktop apps and extending web apps with fast native code. +[Naclports](http://code.google.com/p/naclports/) is a collection of ports of +various open-sourced projects (like [zlib](http://en.wikipedia.org/wiki/zlib)) +to Native Client for gradual up-streaming. It is still in early stages of +development and is intended to be modeled after +[Macports](http://www.macports.org/). +NaCl started as a downloadable NPAPI plugin for multiple browsers, including +Firefox, Safari, Opera and Chrome and was designed to transparently load and run +other NPAPI plugins compiled as nexes and embedded into the page as a source +file of an [plugin +element](https://developer.mozilla.org/en/Gecko_Plugin_API_Reference/Plug-in_Basics#Using_HTML_to_Display_Plug-ins) +with “application/x-nacl-srpc” type. +NaCl includes a "service runtime" subsystem that provides a reduced system call +interface and resource abstractions to isolate nexes from the host. It provides +a [POSIX](http://en.wikipedia.org/wiki/Posix)-like environment for nexe +execution and is used by nexes to communicate with each other and the browser. +The nexes are run using a loader program, sel_ldr (secure +[ELF](http://en.wikipedia.org/wiki/Executable_and_Linkable_Format) loader), +which is launched as a separate process. The sel_ldr process communicates with +the NaCl plugin via [SRPC](/system/errors/NodeNotFound) over IMC \[citation +needed\]. +NaCl was [integrated](/system/errors/NodeNotFound) into Chrome 5 as an +in-process Pepper plugin. The NaCl modules that it runs can utilize the Pepper +API for browser interaction. Part of the integration was to add special support +to Chrome to allow sandboxed plugins to launch the sel_ldr process. NaCl can be +enabled in Chrome 5 and later with the --enable-nacl command-line flag at +browser start-up by developers who want to develop Native Client modules. From +Chrome 14 and onwards Native Client is on by default and can be used in [Chrome +Web Store](https://chrome.google.com/webstore) apps. For development purposes +Native Client is also available to [unpacked +extensions](http://code.google.com/chrome/extensions/getstarted.html). Once we +launch Portable Native Client (PNaCl) +([PDF](http://nativeclient.googlecode.com/svn/data/site/pnacl.pdf)), we plan to +enable Native Client for web pages in general (i.e., not limited to Chrome Web +Store apps). + +### Trusted vs Untrusted + +In the presence of a sandbox environment, trusted code runs outside of the +sandbox and can perform privileged operations while untrusted code is prohibited +from doing so by the enclosing sandbox, which isolates potentially misbehaving +or malicious software from the rest of the system. +Within the scope of Native Client, whether code is untrusted or trusted depends +on whether it will run inside of a NaCl sandbox (regardless of any outer +sandbox). The code that implements the sandbox abstraction is trusted. The code +that the sandbox hosts is untrusted. Untrusted code is built using NaCl SDK or +any other compiler that outputs binaries that honor alignment and instruction +restrictions and can be validated by NaCl. NaCl will statically verify that +nexes do not attempt privileged operations and therefore do not need to be +trusted. +To summarize, the traditional NPAPI plugins running out of process and outside +of any sandbox are considered trusted. The in process Pepper plugins running +within the Chrome sandbox are trusted with respect to NaCl. And the out of +process plugins (that must run inside Native Client) are untrusted. NaCl's +sel_ldr process is trusted and can do Chrome sandbox system calls on behalf of +the untrusted nexes running within it. + +### Diagram + +[image](/nativeclient/getting-started/getting-started-background-and-basics/nacl_diagram.png) + +### Related Documentation + +Chrome + + + + + + + + + +Plugins + + + + + + + + + + + +NaCl + + + + + +==== + + + + + +[Native Client integration with Chrome](/system/errors/NodeNotFound) + +### Articles and Blog Posts + +*Important: this section is kept for historic purposes, but is no longer being +updated. For news and announcements see the SDK site at +[GoNaCl.com](http://GoNaCl.com) and the [announcements +list](https://groups.google.com/group/native-client-announce).* + +Google + +12/08 + + +12/08 + + +Other + +01/09 + + +06/09 + +03/10 + + +04/10 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/nacl_diagram.png.sha1 b/chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/nacl_diagram.png.sha1 new file mode 100644 index 00000000000..b409eb820e2 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/getting-started/getting-started-background-and-basics/nacl_diagram.png.sha1 @@ -0,0 +1 @@ +cc1475da9fe8056c163026823faac9eb9ab8a991 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/getting-started/index.md b/chromium/docs/website/site/nativeclient/getting-started/index.md new file mode 100644 index 00000000000..da9b24edd60 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/getting-started/index.md @@ -0,0 +1,9 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +page_name: getting-started +title: '1: Getting Started' +--- + +{% subpages collections.all %} diff --git a/chromium/docs/website/site/nativeclient/how-tos/3d-tips-and-best-practices/index.md b/chromium/docs/website/site/nativeclient/how-tos/3d-tips-and-best-practices/index.md new file mode 100644 index 00000000000..8e3ae771ead --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/3d-tips-and-best-practices/index.md @@ -0,0 +1,146 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: 3d-tips-and-best-practices +title: 3D Tips and Best Practices +--- + +# Pepper 3D on Chrome provides a secure implementation of OpenGL ES 2.0. Here are some tips for getting maximum performance. + +## Don’t update indices + +For security all indices must be validated. If you change them we have to +validate them again. Therefore structure your code so indices are not updated +often. + +## Don’t use client side buffers + +In OpenGL ES 2.0 you can use client side data with glVertexAttribPointer and +glDrawElements. It’s REALLY SLOW! Don’t use them. Instead, whenever possible use +VBOs (Vertex Buffer Objects). Side-note: Client side buffers have been removed +from OpenGL 4.0. + +## Don’t mix vertex data with index data. + +Actually this is off by default. In real OpenGL ES 2.0 you can create a single +buffer and bind it to both GL_ARRAY_BUFFER and GL_ELEMENT_ARRAY_BUFFER. In +Pepper 3D, by default, you can only bind buffers to 1 bind point. There is the +option to enable binding buffers to both points. Doing so requires expensive +work so don’t do it. + +## For dynamic textures (ie, video) or dynamic vertex data (skinning / particles) consider using CHROMIUM_map_sub + + + +## Don’t call glGetXXX or glCheckXXX during rendering. + +Calling either of those stalls our multi-process pipeline. This is normal advice +for OpenGL programs but is particularly important for 3D on Chrome. This +includes glGetError – avoid calling it in release builds. + +## Make sure to enable Attrib 0. + +In OpenGL you MUST enable Attrib 0. In OpenGL ES 2.0 you don’t have to enable +Attrib 0. What that means is that in order to emulate OpenGL ES 2.0 on top of +OpenGL we have to do some expensive work. +In practice most programs don’t have an issue here but just in case, the most +obvious way this might bite you is if you bind your own locations and don’t +start with 0. Example: Imagine you have a vertex shader with 2 attributes +“positions” and “normals” + +> glBindAttribLocation(program, “positions”, 1); + +> glBindAttribLocation(program, “normals”, 2); + +Those 2 functions would make make your shader NOT use attrib 0 in which case +we’d have to do some expensive work internally + +## Minimize the use of glFlush and avoid using glFinish + +It is generally good practice to minimize explicit calls to glFlush and avoid +using glFinish. Particularly so on Native Client where they incur additional +overhead. + +## Avoid reading back output from the GPU to the client + +In other words, don't call glReadPixels. This is slow. + +**When benchmarking, avoid comparing results where one system is limited by +vsync and another is not.** + +## Don’t use GL_FIXED + +It’s not supported in OpenGL and so emulation for OpenGL ES 2.0 is slow. By +default GL_FIXED support is turned off Pepper 3D. There is the option to turn it +on. Don’t do it. + +## Use a smaller plugin and let CSS scale it. + +The size your plugin renders and the size it displays in the page are set +separately. CSS controls the size your plugin displays where as the width and +height attribute of your <embed> element control the size your plugin +renders. + +## Use HTML where approriate + +If you’re used to making native games you’re probably used to rendering +everything yourself. The browser though can already render text and UI very well +and it will composite that HTML with your plugin using all the standard HTML5 +and CSS methods available. + +**Avoid updating a small portion of a large buffer** + +This is especially an issue in Windows where we emulate OpenGL ES 2.0 on top of +DirectX. In the current implementation, updating a portion of a buffer requires +re-processing the entire buffer. In other words if you make a buffer +(glBufferData) of 10000 bytes and then later call glSubBufferData to update just +3 of those bytes, all 10000 bytes will have to be re-converted. (Yea, I know, +lame) + +2 suggestions: + +1. Separate static vertex data from dynamic. In other words, put your + static data in 1 buffer and dynamic data in a different buffer. That + way your static data won't have to be re-converted. +2. Volunteer to fix the perf issues + + +# General OpenGL advice + +## Interleaved data is faster to render than non-interleaved + +3 buffers of \[position,position,position\], \[normal,normal,normal\], +\[texcoord,texcoord,texcoord\] is slower than 1 buffer of +\[position,normal,texcoord,position,normal,texcoord,position,normal,texcoord\]. + +## Separate dynamic data from static + +Assume you have positions, normals and texcoords. Further assume you update +positions every frame. It would be best to put positions in 1 buffer and normals ++ texcoords in a separate buffer. That way, you can call glBufferData or +glBufferSubData on a smaller range of data. + +## glBindBuffer is expensive + +Consider putting multiple meshes in a single buffer and using offsets (as long +as the buffers are static, see above) + +## Check your extensions and max GL features + +Not every GPU supports every extension nor has the same amount of textures +units, vertex attributes, etc. Make sure you check for the features you need. +For example, if you are using non power of 2 texture with mips make sure +GL_OES_texture_npot exists. If you are using floating point textures make sure +GL_OES_texture_float exists. If you are using DXT1, DXT3 or DXT5 texture make +sure GL_ETC_texture_compression_dxt1, GL_CHROMIUM_texture_compression_dxt3 and +GL_CHROMIUM_texture_compression_dxt5 exist. +If you are using textures in vertex shaders make sure +glGetIntegerv(GL_MAX_VERTEX_TEXTURE_IMAGE_UNITS, …) returns a value greater than +0. +If you are using more than 8 textures in a single shader make sure +glGetIntegerv(GL_MAX_TEXTURE_IMAGE_UNITS, …) returns a value greater than or +equal to the number of simulatious textures you need. +etc... \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/build-tcb/index.md b/chromium/docs/website/site/nativeclient/how-tos/build-tcb/index.md new file mode 100644 index 00000000000..3c3096382d7 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/build-tcb/index.md @@ -0,0 +1,287 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: build-tcb +title: Building and Testing the Native Client Trusted Code Base +--- + +[TOC] + +## What build system(s) is Native Client using? + +The primary build system used by Native Client is [SCons](http://www.scons.org). +For historical reasons we are not using plain [SCons](http://www.scons.org/) but +an extension call Hammer. + +The parts of the system shared with Chrome are also built using Chrome's build +system, GN. + +We also have some Makefiles and some shell scripts for certain build tasks. + +## Why is this such a complex mess? + +The usual excuses: + +* Inherent complexity. +* Historical reasons. +* Entropy requires no maintenance. +* ... + +## Which files contain build system information? + +For [SCons](http://www.scons.org/) it is: SConstruct, \*\*/build.scons, +\*\*/nacl.scons There are also relevant configuration files in +site_scons/site_tools/\*, and random Python scripts located here and there. + +For GN it is: \*\*/BUILD.gn and \*\*/config.gni + +## What is the difference between trusted and untrusted code? + +"Trusted code" encompasses components like: + +* the browser plugin +* service runtime (sel_ldr) + +It is compiled using regular compilers. Bugs in trusted code can compromise +system security, hence the name. As far as the build system is concerned trusted +code is described in \*\*/build.scons files. Trusted code lives in +src/trusted/\*\* + +"Untrusted code" encompasses components like: + +* quake and other examples of Native Client executables +* libraries necessary to build those executables +* The IRT + +It is compiled using special sandboxing compilers. As far as the build system is +concerned, untrusted code is described in \*\*/nacl.scons files. Untrusted code +lives in src/untrusted/\*\* and also in tests/\*\* + +Some code can be compiled either as trusted or shared code, e.g. libraries that +facilitate communication between trusted and untrusted code. Such code typically +lives in src/shared/\*\* and has both build.scons and nacl.scons files. + +## How do you use the MODE= setting when invoking SCons? + +The MODE= setting or its equivalent --mode is used to select whether you want to +compile trusted or untrusted code or both and how. Examples: + +MODE=nacl + +* just build untrusted code +* note that this doesn't build all of the untrusted code. If you don't + specify a trusted platform (e.g. MODE=opt-linux,nacl) most of the + tests will not be built. + +MODE=opt-linux + +* just build (optimized) trusted code - you must be on a Linux system + +MODE=nacl,dbg-win + +* build both (trusted code will be unoptimized) - you must be on a + Windows system + +NOTE: if you do not specify MODE, "opt-*<your-system-os>"* will be +assumed. + +NOTE: if you want to run integration tests, you need to build both trusted and +untrusted code simultaneously, because those tests involve running untrusted +code under the control of trusted code. + +What is the meaning of BUILD_ARCH, TARGET_ARCH, etc. ? + +Just like any cross compilation environment, there are some hairy configuration +issues which are controlled by BUILD_ARCH, TARGET_ARCH, etc. to force +conditional compilation and linkage. + +It helps to revisit the +[terminology](http://www.airs.com/ian/configure/configure_5.html) used by cross +compilers to better understand Native Client: + +> BUILD_SYSTEM: The system on which the tools will be built (initially) is +> called the build system. + +> HOST_SYSTEM: The system on which the tools will run is called the host system. + +> TARGET_SYSTEM: The system for which the tools generate code is called the +> target system. + +For [NaCl](/p/nativeclient/wiki/NaCl) we only have **two** of these, sadly they +have confusing names: + +> BUILD_PLATFORM: The system on which the trusted code runs. + +> TARGET_PLATFORM: The sandbox system that is being enforced by the trusted +> code. + +The BUILD_PLATFORM is closest in nature to the HOST_SYSTEM, the TARGET_PLATFORM +is closest to the TARGET_SYSTEM. We do not have an equivalent to BUILD_SYSTEM +since we just assume the build system is x86 (either a 32- or 64-bit system). + +## What kind of BUILD_PLATFORM/TARGET_PLATFORM configurations are supported? + +Conceptually we have + +> BUILD_PLATFORM = (BUILD_ARCH, BUILD_SUBARCH, BUILD_OS) + +and + +> TARGET_PLATFORM = (TARGET_ARCH. TARGET_SUBARCH) + +NOTE: + +There is no TARGET_OS, since Native Client executables are OS independent. + +The BUILD_OS is usually tested for using [SCons](http://www.scons.org/) +expressions like "env.Bit('windows')". You cannot really control it as it is +inherited from the system you are building on, the BUILD_SYSTEM in cross +compiler speak. + +Enumeration of all BUILD_PLATFORMs: + +(x86, 32, linux) (x86, 32, windows) (x86, 32, mac) (arm, 32, linux) // the 32 is +implicit as there is no 64bit arm + +(x86, 64, linux) (x86, 64, windows) + +***Special note for Windows users:** The Windows command-line build currently +relies on vcvarsXX.bat being called to set up the environment. The compiler's +target subarchitecture (32,64) is selected by the version of vcvars that you +called (vcvars32/vcvars64). If you call vcvars32 and then build with +platform=x86-64, you will get "target mismatch" errors.* + +Enumeration of all TARGET_PLATFORMs: (x86, 32) (x86, 64) (arm, 32) // the 32 is +implicit as there is no 64bit arm + +Usually BUILD_ARCH == TARGET_ARCH and BUILD_SUBARCH == TARGET_SUBARCH + +There is ONLY ONE exception, you can build the ARM validator like so: + +> BUILD_ARCH = x86, BUILD_SUBARCH=**, TARGET_ARCH=arm TARGET_SUBARCH=32** + +**In particular it is NOT possible to use different SUBARCHs for BUILD and +TARGET.** + +## What is the relationship between TARGET_PLATFORM and untrusted code? + +The flavor of the untrusted code is derived from the TARGET_PLATFORM + +## Why are *BUILD and ARCH* used inconsistently? + +Usually BUILD_ARCH == TARGET_ARCH and BUILD_SUBARCH == TARGET_SUBARCH so +mistakes have no consequences. + +## So how do I build something? (Finally!) + +\[Note: scons --download has been deprecated as of Aug 17, 2010\] + +The first time you build, you will need to get the latest toolchain build. Do +this using gclient hooks: + +```none +fetch nacl +gclient sync +cd native_client +``` + +~~The first time you build something, you use the --download switch to download +the platform's toolchain.~~ + + ~~./scons --download MODE=opt-linux,nacl~~ + + ~~./scons --download MODE=opt-mac,nacl~~ + + ~~.\\scons --download MODE=opt-win,nacl~~ + +~~Subsequent builds can omit the --download option. You should use --download +anytime you want to update your toolchain.~~ + +The default value for MODE is dbg-*<your-system-os>* so these two commands +are identical + +* ./scons MODE=dbg-*<your-system-os>* +* ./scons + +## How do I run the unittests after the build completes? + +To run all unittests: + + ./scons MODE=opt-*<your-system-os>*,nacl run_all_tests + +To run specific sets of tests: + + ./scons MODE=opt-*<your-system-os>*,nacl small_tests + + ./scons MODE=opt-*<your-system-os>*,nacl medium_tests + + ./scons MODE=opt-*<your-system-os>*,nacl large_tests + + ./scons MODE=opt-*<your-system-os>*,nacl browser_tests + +To run a single test: + +* A trusted test + * ./scons MODE=opt-*<your-system-os>* run_format_string_test + * run_format_string_test is defined in + src/trusted/service-runtime/build.scons + * Other trusted unittest targets exist in other build.scons + files + * Note that you do not need to specify nacl as a mode for a + trusted test +* An untrusted test + * ./scons MODE=opt-*<your-system-os>*,nacl run_thread_test + * run_thread_test is defined in tests/threads/nacl.scons + * Other untrusted unittest targets exist in other nacl.scons + files + +## Are there any other cool Scons options? + +There are some other scons options which are useful. Note the confusing syntax +differences for option words (platform=), single minus options (-c), and double +minus options (--clang). Sorry. + +* --clang + * Use the Clang toolchain downloaded by the DEPS hooks instead of + gcc on Linux. Probably should be the default. +* -c + * clean before building +* -jN + * Split the build into N processes. A good choice for N is often + the number of processors on the machine doing the build +* MODE=*<build-mode-list>* (or its equivalent + --mode=*<build-mode-list>*) + * choices are opt-linux, dbg-linux, opt-mac, dbg-mac, opt-win, and + dbg-win (for the type of trusted code to build) and nacl (to + build untrusted code) + * Usually the *<build-mode-list>* will contain one trusted + code choice and the untrusted code name, like: opt-linux,nacl +* platform=TARGET_ARCH + * Cross-compile for TARGET_ARCH + * platform=x86-64 is required in order to build for 64-bit +* sdl=none + * Do not use SDL + +## What about 64-bit? + +The build defaults to a 32-bit build even if the machine running the build is a +64-bit machine. To build for 64-bit: + +* add: platform=x86-64 + +*Also see the **Special note for Windows users** in the **What kind of +BUILD_PLATFORM/TARGET_PLATFORM configurations are supported?** section above.* + +## Where is the source code? + +The source code is divided into these main areas: + +* src/trusted: Code that runs only as part of the trusted portion of + Native Client +* src/untrusted: Code that runs only as part of a user-created Native + Client program +* src/shared: Code that can be used in both the trusted portion and + the user-created portion of Native Client \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/building-and-testing-gcc-and-gnu-binutils/index.md b/chromium/docs/website/site/nativeclient/how-tos/building-and-testing-gcc-and-gnu-binutils/index.md new file mode 100644 index 00000000000..05924246f18 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/building-and-testing-gcc-and-gnu-binutils/index.md @@ -0,0 +1,155 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: building-and-testing-gcc-and-gnu-binutils +title: Building and Testing GCC and GNU binutils +--- + +[TOC] + +## Introduction + +This page describes the structure of source code of the GCC-based Native Client +toolchain. The sources are based on stable releases of external packages: +[Binutils](http://git.chromium.org/gitweb/?p=nacl-binutils.git;a=summary), +[GCC](http://git.chromium.org/gitweb/?p=nacl-gcc.git;a=summary), +[Newlib](http://git.chromium.org/gitweb/?p=nacl-newlib.git;a=summary), +[GDB](http://git.chromium.org/gitweb/?p=nacl-gdb.git;a=summary), +[GlibC](http://git.chromium.org/gitweb/?p=nacl-glibc.git;a=summary) plus a +subset of [linux kernel +headers](http://git.chromium.org/gitweb/?p=linux-headers-for-nacl.git;a=summary). +The rest of the page addresses the structure of the source repositories, the +ways to synchronize patches across them and the build script. + +## Prerequisites + +We recommend hacking the toolchain on Linux. After each commit the toolchain +tarballs are built on [builders](https://ci.chromium.org/p/nacl/g/main/console). +Using Windows is difficult since Chromium no longer supports Cygwin, and it's +too slow to be practical anyway (mostly due to the poor performance of fork()). + +### Installing packages on your system + +* Refer to + [HowToBuildPorts](http://code.google.com/p/nativeclient/wiki/HowToBuildPorts) + for setting up the build environment. +* optional: Git and Subversion (useful for development) + + ```none + sudo apt-get install gitk subversion + ``` + +Native Client Source is also required to build the toolchain (specifically, +libraries). Follow the instructions on the [Native Client +Source](http://code.google.com/p/nativeclient/wiki/Source) page to fetch the +sources. + +### Setting up environment variables for Git + +If you are going to contribute to the toolchain, you will need to use the Git +repository. Add similar lines to your .bashrc or a shell login script: + +```none +export GIT_COMMITTER_NAME="John Doe" +export GIT_COMMITTER_EMAIL="doe@example.com" +export GIT_AUTHOR_NAME="Mary Major" +export GIT_AUTHOR_EMAIL="mary@example.com" +``` + +In the most common case author and committer strings should be equal. + +## Obtaining the toolchain sources + +```none +cd native_client/tools +make sync  # For more options about syncing and building read the topmost comment in the Makefile. +``` + +### Building the toolchain + +Option 1: Build a *newlib*-based toolchain + +```none +make clean build-with-newlib -j16 +``` + +Option2:Build a *GlibC*-based toolchain. + +```none +make clean build-with-glibc -j16 +``` + +The toolchain binaries get installed to native_client/tools/out by default, you +bay override it by providing *TOOLCHAINLOC=<path> in make invocation.* + +*note:* Although the build script is written as a Makefile, it does not support +incremental rebuilds (though it supports parallel builds). + +*note*: To build in a 100% clean way, the TOOLCHAINLOC directory must be empty. + +## Structure of the Git repositories + +The Git repositories are hosted at [chromium git +repositories](http://git.chromium.org/). NaCl development happens in branch +master in each repository. + +### Branches + +The branch vendor-src keeps the sources from the original tarball unchanged. +From time to time the master branch should be **rebased** on top of newer +revisions of the vendor-src branch. Once the **master** branch is rebased, the +old branch should be kept from garbage collection so that old commits can be +found by hashes (required to be able to reproduce old builds). + +## Code reviews + +Follow the [Git Cookbook](http://code.google.com/p/chromium/wiki/GitCookbook) +for sending your commit for review. Recommendations: Method #1 is the easiest. +Instead of "git cl" you can use git-cl from **depot_tools**. In the simplest +case you may: + +```none +git checkout -b my_hack origin/master # make your branch +# hack hack hack +git add your/file1 your/file2 +git commit -m "do my hack with GCC" +git-cl upload --send-mail -r reviewer@chromium.org +# fix stuff during review +git commit --amend your/fixed/file1 +git-cl upload +# you've got an LGTM +git-cl push +``` + +## Testing the toolchain (the GCC testsuite) + +#### Currently it is only easy to run the tests in x86-64 mode, x86-32 testing is broken. To run all tests: + +```none +make -j4 check SDKLOC=/path/to/your/location +``` + +To run one of the three testsuites (c++ testsuite in this case): + +```none +make DEJAGNU=/your/native_client/tools/dejagnu/site.exp check-c++ RUNTESTFLAGS="SIM=/your/sel_ldr --target_board=nacl --outdir=your-directory-for-reports" +``` + +To run a subset of a testsuite governed by some '.exp' config file just add the +name of the file (without path to it) as additional parameter to runtest: + +

+cd your-native-client/native_client/tools/BUILD/build-gcc-nacl64/gcc
+DEJAGNU=your-dejagnu/site.exp runtest --tool gcc --target_board=nacl --outdir=/tmp/your-temp-dir SIM=/your/sel_ldr builtins.exp
+
+ +You may limit running tests to a single file. Again, the file name should omit +the path part: + +

+cd your-native-client/native_client/tools/BUILD/build-gcc-nacl64/gcc
+DEJAGNU=your-dejagnu/site.exp runtest --tool gcc --target_board=nacl --outdir=/tmp/your-temp-dir SIM=/your/sel_ldr builtins.exp=strncat-chk.c
+
\ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-a-trusted-plugin-on-linux/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-a-trusted-plugin-on-linux/index.md new file mode 100644 index 00000000000..8605f2222e7 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-a-trusted-plugin-on-linux/index.md @@ -0,0 +1,52 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +- - /nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin + - Debugging a Trusted Plugin +page_name: debugging-a-trusted-plugin-on-linux +title: Debugging a Trusted Plugin on Linux +--- + +1. Get a Chromium check-out. You can usually use the revision from the + nacl-sdk DEPS file. +2. You don’t need to build all of chromium, just pepper. + 1. Go to the src/ directory in your check-out + 2. type: ‘make ppapi_tests’ to build the pepper tests as well as + any libraries they depend on. You’ll end up with libppapi_cpp.a + and libppapi_cpp_object.a. +3. Build trusted version of the code + 1. For a C plugin you don’t have to link against anything. ppapi C + is all headers. + 2. For C++, you need libppapi_cpp.a and libppapi_cpp_objects.a. + Link against ppapi_cpp_objects and ppapi_cpp from chrome. + 1. link order matters: ppapi_cpp_objects has to come before + ppapi_cpp + 3. Be sure to specify -fno-rtti and -fPIC since chrome does not + build run-time type information by default, and you’ll be + generating a shared library as your plugin. + 4. For the linking step, be sure to specify -shared +4. To load your plugin, your application will need an embed tag. For + trusted plugins this should not have a “nacl” but a regular “type” + attribute, for example: type="application/x-hello-world" +5. Unlike with an untrusted plugin, instead of handling a onload event + in the EMBED tag, you have to call moduleDidLoad() directly after + the EMBED tag. +6. To debug, you have to use Chromium - best is to get a waterfall for + your platform build from + http://build.chromium.org/f/chromium/snapshots/ You can also finish + the chromium build you checked out but be prepared to wait a while. + This style of debugging is not supported with Google Chrome Dev + Channel +7. In a shell, launch chrome with the following arguments: + 1. --user-data-dir=/tmp/nacl_debugging_chrome_profile + 2. --register-pepper-plugins="location/of/your/plugin.so;application/x-hello-world" + 3. --single-process + 4. file://location/of/your/web_page.html +8. In Chrome, create a new tab and visit about:memory, this will list + the pid of the plugin tab. +9. You can now use gdb to attach to the pid and debug your plugin \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-trusted-plugin-on-windows/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-trusted-plugin-on-windows/index.md new file mode 100644 index 00000000000..7c6ecdab808 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/debugging-trusted-plugin-on-windows/index.md @@ -0,0 +1,81 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +- - /nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin + - Debugging a Trusted Plugin +page_name: debugging-trusted-plugin-on-windows +title: Debugging a Trusted Plugin on Windows +--- + +1. Get VS2008 +2. Set up the project/Solution using the wizard: make a Win32 Console + app, and then click through the wizard to modify the project to be a + Win32 DLL, that exports symbols. Visit here for more info: + +3. In the project properties, turn off precompiled headers. Do this so + you can use the same #include stack in your sources to build both + untrusted and trusted. +4. Note: I ran into problems using the ppapi headers that come with + NaCl: + 1. 1>d:\\native_client_sdk\\toolchain\\win_x86\\nacl64\\include\\machine\\_types.h(19) + : fatal error C1083: Cannot open include file: + 'native_client/src/include/portability.h': No such file or + directory + 2. I tried -D__native_client__, but this produced even more errors. + 3. To resolve this, I copied toolchain/win_x86/nacl64/include/ppapi + to sit at the same level as examples +5. In the project properties, add <native_client_sdk> to the + header search paths. +6. After copying the ppapi headers, the project still won't build + because I need to copy in the ppapi C++ sources and build them too. + I DEPSed in the ppapi sources from nacl/ppapi and added all the + files in ppapi/cpp/\*.cc to the VS project. +7. I had to change some source files. When you build under nacl-gcc, + things like inttypes.h (and stdint.h) are automagically part of the + #include chain. This is not so when building trusted. In this case, + I added #include <ppapi/c/pp_stdtype.h> to the files that + needed it. (Note that on Windows, there does not seem to be a + <stdint.h> or <inttypes.h>). +8. Edit hello_world/hello_world.html so that the embed tag has + type="application/x-hello-world" and no nacl= attribute. +9. Instead of handling a onload event in the EMBED tag, you have to + call moduleDidLoad() directly after the EMBED tag. +10. Run the local HTTP server in examples. +11. Once the DLL is built, run chrome + --register-pepper-plugins="d:\\native_client_sdk\\examples\\NaClExamples\\HelloWorld\\Debug\\HelloWorld.dll;application/x-hello-world" + --user-data-dir=d:\\trusted-debug-profile + --wait-for-debugger-children +12. Visit localhost:5103 and run the hello_world example. +13. To debug the DLL you have to attach to the right process. It isn't + clear how you find this, other than by guessing. I had limited + success in pulling up the Debug -> Attach... panel, then + launching chrome and visiting + localhost:5103/hello_world/hello_world.html, then hitting Refresh on + the Attach panel and attaching the the new "chrome.exe" process. I + have not been able to figure out how to debug startup issues. There + are some extra debugging hints here: + + +Implications: + +1. The SDK will have to DEPS in and bundle src/ppapi from the chromium + project. +2. When building a trusted plugin, you have to use the chromium ppapi + headers and build the .cc files, then switch over to different + headers and link with libppapi_cpp.a to build a .nexe. We could + automate some of this by adding a build step in the SDK to build + libppapi_cpp.a and bundling that library. +3. **Potential show-stopper**: on Windows, there is no built-in + pthreads library. This means the pi_generator example will not + build, nor will any other app that uses pthread, unless we can find + a pthreads lib that we can re-distribute. +4. **Potential show-stopper**: None of this work allows for .dso's, + which are ELF. These will not load on Windows. Not sure if it's + possible to make .dso's into DLLs and mimic the dynamic loading + process. dlopen() will not work for the same reason that pthreads + don't work (no Windows support). \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/index.md new file mode 100644 index 00000000000..36f6cfd7c34 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/index.md @@ -0,0 +1,33 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +page_name: debugging-a-trusted-plugin +title: Debugging a Trusted Plugin +--- + +In some cases it can be useful to develop/port your Native Client module using a +two-step process, first as a non-portable trusted Pepper plugin for Windows, +Mac, or Linux, then porting to Native Client. In particular this approach allows +you to use the standard debuggers and tools from your preferred desktop +operating system during trusted plugin development. + +Developers should be mindful of the following potential issues when planning +this course of development: + +* Some libraries commonly used with Native Client will not build + easily on all operating systems. +* Threading models differ between trusted Pepper and untrusted Pepper + implementations. +* Extra effort may be required to get source to compile with multiple + different compilers, for example GCC vs. MS Visual Studio. +* Certain operations such as platform-specific library calls and + system calls may succeed during trusted development but fail in + Native Client. + +With this in mind, these sub-pages provide some tips on working with trusted +Pepper plugins on Windows, Mac and Linux. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/trusted-debugging-on-mac/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/trusted-debugging-on-mac/index.md new file mode 100644 index 00000000000..a6508f76533 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin/trusted-debugging-on-mac/index.md @@ -0,0 +1,63 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +- - /nativeclient/how-tos/debugging-documentation/debugging-a-trusted-plugin + - Debugging a Trusted Plugin +page_name: trusted-debugging-on-mac +title: Debugging a Trusted Plugin on Mac +--- + + + + +1. +2. +3. +4. +5. +6. +7. +8. +9. +10. + 1. + 2. + 3. + 4. + 1. + 2. + 3. + 4. +11. + 1. + 2. + 3. + 1. + + +
Make an new Xcode project, use the GUI to make a Bundle project + that uses Core Foundation.Add existing NaCl sourcesDEPS in ppapi from chromium, add the C++ sources - create a + Group and add the ppapi files directly. Adding ppapi as a folder + reference doesn't work.Set "Header search paths" to point to the chromium ppapi headers + (|SDK_root|/third_party), NOT the built-in NaCl headers.Add the SDK root to "Header Search Paths"Build the plugin.Edit hello_world/hello_world.html so that the embed tag has + type="application/x-hello-world" and no nacl= attribute.Instead of handling a onload event in the EMBED tag, you have to + call moduleDidLoad() directly after the EMBED tag.Make sure to uncheck "Load Symbols Lazily" in the Debugging + panel of Xcode preferences.To debug, you have to use Chromium - best is to get a waterfall + build from http://build.chromium.org/f/chromium/snapshots/Mac/. This + style of debugging is not supported with Google Chrome Dev + ChannelIn Xcode, ctrl-click on "Executables" and select "Add Custom + Executable…".Call the new custom exec, say, "Chromium Dev"Point it at the .app wrapper for Chromium that you got from + the waterfall, e.g. ~/Downloads/chrome-mac/Chromium.app.Add these arguments in the Arguments tab:--user-data-dir=/tmp/nacl-debug-profile--register-pepper-plugins="$HOME/Source/nacl-sdk/src/examples/hello_world/HelloWorld/build/Debug/HelloWorld.bundle;application/x-hello-world"--single-processfile://$HOME/Source/nacl-sdk/src/examples/hello_world/hello_world.htmlIt is possible to debug a plugin using Chrome Dev channel, but + it's a little more raw:In a shell, run Chrome like this: Google\\ + Chrome.app/Contents/MacOS/Google\\ Chrome + --user-data-dir=/tmp/nacl-debug-profile + --register-pepper-plugins="$HOME/Source/nacl-sdk/src/examples/hello_world/HelloWorld/build/Debug/HelloWorld.bundle;application/x-hello-world" + file://$HOME/Source/nacl-sdk/src/examples/hello_world/hello_world.htmlIn Chrome, create a new tab and visit about:memory, this + will list the PID of the plugin tab.In Xcode, Run -> Attach To Process, then pick the + appropriate PID.Note: if you get various errors about formatting, just + click "Continue"
\ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-chrome-os/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-chrome-os/index.md new file mode 100644 index 00000000000..8c7afa9da77 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-chrome-os/index.md @@ -0,0 +1,51 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +- - /nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended + - Debugging with debug stub (recommended) +page_name: debugging-nacl-apps-in-chrome-os +title: Debugging NaCl apps in Chrome OS +--- + +It is not possible to run debugger on Chrome OS without using dev mode. Luckily, +debugger uses network connection to communicate with the NaCl debug stub. This +makes remote debugging possible with debugger running on a remote machine and +NaCl application running on Chrome OS machine. + +## Prepare Chrome OS for NaCl debugging + +On chrome://flags page there are two flags related to NaCl debugging. We need to +enable "Native Client GDB-based debugging" flag and switch "Restrict Native +Client GDB-based debugging by pattern" to "Debug everything except secure shell" +or "Debug only if URL manifest ends with debug.nmf" value. Changes on +chrome://flags page require browser restart to take effect. Log out, close and +open the lid to restart the browser. If they are set properly, secure shell +extension should work, but NaCl application we are trying to debug should hang +waiting for debugger to connect. + +## Tunneling debugger connection + +Once you launch your NaCl application now, the NaCl debug stub opens 4014 port +on Chrome OS machine. This port is not accessible from outside, so we need to +tunnel it through ssh connection to remote machine. There are two ways to do +this. + +The first way is to open new secure shell tab or window and add "-R +port-number:localhost:4014" to "SSH Arguments" field before connecting to remote +computer. Then you can use secure shell to launch NaCl debugger on that machine +where you should use "target remote :port-number" command to connect to debug +stub running on Chrome OS. + +The second way is to use an existing secure shell tab or window. Press enter, ~, +shift+c. This combination opens ssh-prompt where you can enter "-R +port-number:localhost:4014" command. Pressing enter returns control to normal +shell where you can launch NaCl debugger and use "target remote :port-number" +command to connect to debug stub running on Chrome OS. + +In both cases the port number can be any free port number on the remote machine +above 1024 including 4014. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 1.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 1.png.sha1 new file mode 100644 index 00000000000..10b369ee135 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 1.png.sha1 @@ -0,0 +1 @@ +ca64943da2b5ad39c4b082ce05ef6bc5d50f6ba3 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 2.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 2.png.sha1 new file mode 100644 index 00000000000..688b4cf55de --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse add directory path 2.png.sha1 @@ -0,0 +1 @@ +b65fdac12539c396a69eb5a8bcac50b08d977508 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build behaviour tab.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build behaviour tab.png.sha1 new file mode 100644 index 00000000000..e05359bfe83 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build behaviour tab.png.sha1 @@ -0,0 +1 @@ +0217e502261b5990339938cf0e151cc6475d041a \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build variables.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build variables.png.sha1 new file mode 100644 index 00000000000..5934dc4f52d --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build variables.png.sha1 @@ -0,0 +1 @@ +7ec46055e3a1f1d8f67e0523e8680d114cb4ca88 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build.png.sha1 new file mode 100644 index 00000000000..8b2b25aa248 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse build.png.sha1 @@ -0,0 +1 @@ +7055e7c625e190952b97e8f8af0b40dba722cb16 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse consoles.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse consoles.png.sha1 new file mode 100644 index 00000000000..d107fc5d32e --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse consoles.png.sha1 @@ -0,0 +1 @@ +9066bfef70126de352541877343b8bf0a891143b \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Gdbserver Settings.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Gdbserver Settings.png.sha1 new file mode 100644 index 00000000000..d931d716598 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Gdbserver Settings.png.sha1 @@ -0,0 +1 @@ +bec5808b06a22da25deff8483263b7cec981d28a \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Main.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Main.png.sha1 new file mode 100644 index 00000000000..cf82235a046 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration Debugger Main.png.sha1 @@ -0,0 +1 @@ +e78f102d96325e58310fac701e30f94c55f44810 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc Debugger Main.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc Debugger Main.png.sha1 new file mode 100644 index 00000000000..17d7d7c0301 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc Debugger Main.png.sha1 @@ -0,0 +1 @@ +0e046c14ee92b0f939ff9b0ea62977dd00e03813 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc main.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc main.png.sha1 new file mode 100644 index 00000000000..e3c1788a897 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration glibc main.png.sha1 @@ -0,0 +1 @@ +f1c519aa044c7c7ae4bdb59031bd51b635fb8d26 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration main.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration main.png.sha1 new file mode 100644 index 00000000000..c92c53401a0 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug configuration main.png.sha1 @@ -0,0 +1 @@ +c120f1938f8513eaa852f63ede2126c777938081 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug icon.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug icon.png.sha1 new file mode 100644 index 00000000000..8584eafa229 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse debug icon.png.sha1 @@ -0,0 +1 @@ +0d9788d92532b0ee7fba7ce0b93f4d0ad6c778cd \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse gdb_init file.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse gdb_init file.png.sha1 new file mode 100644 index 00000000000..3f888727957 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse gdb_init file.png.sha1 @@ -0,0 +1 @@ +79f88416480f41213ce2b4ac87710d2efbd47fff \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse glibc hit breakpoint.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse glibc hit breakpoint.png.sha1 new file mode 100644 index 00000000000..72068aeb700 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse glibc hit breakpoint.png.sha1 @@ -0,0 +1 @@ +0c98492e6c4bed40599fc61dbfe44711eb7b0576 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hammer icon.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hammer icon.png.sha1 new file mode 100644 index 00000000000..9c2c4345d88 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hammer icon.png.sha1 @@ -0,0 +1 @@ +ea173ca1523505dbe55d04b37411809a23766643 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hit breakpoint.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hit breakpoint.png.sha1 new file mode 100644 index 00000000000..8d578dd84db --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse hit breakpoint.png.sha1 @@ -0,0 +1 @@ +5ff7261a75a702d6ee9606570c16565c57520b75 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse last debug configurations.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse last debug configurations.png.sha1 new file mode 100644 index 00000000000..49a9695a226 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse last debug configurations.png.sha1 @@ -0,0 +1 @@ +f565b31f9413db44cbba83a9a8685cf05fe56109 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new build variable.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new build variable.png.sha1 new file mode 100644 index 00000000000..97a4d9d2353 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new build variable.png.sha1 @@ -0,0 +1 @@ +9d14e3854ff56820abbdc18f0bd10b880fa6d1a0 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new debug configuration icon.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new debug configuration icon.png.sha1 new file mode 100644 index 00000000000..6ca1151e012 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new debug configuration icon.png.sha1 @@ -0,0 +1 @@ +e186a744d20b1ef135dff670ad94f6870c93aa05 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new project.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new project.png.sha1 new file mode 100644 index 00000000000..5f6a8b60c64 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse new project.png.sha1 @@ -0,0 +1 @@ +03a39fa04ee83dcc4d323a70df939a1cdddd9c27 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse output location.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse output location.png.sha1 new file mode 100644 index 00000000000..66ada924981 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse output location.png.sha1 @@ -0,0 +1 @@ +599c895aebaec53f8775d0ba12af5385101b7dea \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse project view.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse project view.png.sha1 new file mode 100644 index 00000000000..50c5c875e6d --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse project view.png.sha1 @@ -0,0 +1 @@ +f288a4e038d156f78555c26ea6703f67b5ff582e \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse select preferred launcher.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse select preferred launcher.png.sha1 new file mode 100644 index 00000000000..77e740b7734 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse select preferred launcher.png.sha1 @@ -0,0 +1 @@ +8c91e6461916b23f0478ecd94f15a6a12d9573f4 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse source location.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse source location.png.sha1 new file mode 100644 index 00000000000..76191ae9887 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse source location.png.sha1 @@ -0,0 +1 @@ +f539c3ce5f461bad6b652e8efd05f18e13ce85e9 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse with indexer enabled.png.sha1 b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse with indexer enabled.png.sha1 new file mode 100644 index 00000000000..ba080511cfc --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse with indexer enabled.png.sha1 @@ -0,0 +1 @@ +1424cd15ac7fdaee490cd965e023001a17a729bb \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/index.md new file mode 100644 index 00000000000..6014b39c661 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/index.md @@ -0,0 +1,222 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +- - /nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended + - Debugging with debug stub (recommended) +page_name: debugging-nacl-apps-in-eclipse-cdt +title: Debugging NaCl apps in Eclipse CDT +--- + +Eclipse CDT plugin is designed for development with GNU tools. Its flexibility +allows to configure it for developing NaCl applications without using any +additional plugins. The cost of this flexibility is that a lot of advanced +features are not available. The following instructions are written for Windows +but they can be used on any OS if you replace Windows paths to paths on your OS. + +## Creating NaCl project + +Create NaCl Project directory inside Eclipse workspace +(C:\\Users\\username\\workspace by default). Copy all files from +nacl_sdk\\pepper_22\\examples\\hello_world except hello_world.c to this +directory. Create src subdirectory and copy hello_world.c file there. Placing +source files in the src directory makes cleaner project structure. Now go to +File->New->Makefile Project with Existing Code menu in Eclipse. Choose +project name, enter project folder location and select Cross GCC toolchain. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20new%20project.png) + +Your new project will look like this. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20project%20view.png) + +## Building NaCl project + +Open Makefile in the editor. Comment out lines +ALL_TARGETS+=win/Debug/hello_world.nmf and +ALL_TARGETS+=win/Release/hello_world.nmf and replace hello_world.c with +src/hello_world.c (Edit->Find/Replace... in the menu or Ctrl+F with default +key bindings). Then right click on the project and choose Preferences in the +popup menu. Go to C/C++ Build->Build Variables page and add NACL_SDK_ROOT +variable. Point the variable to the pepper version you want to build with. If +you downloaded NaCl SDK to c:\\nacl_sdk directory and want to use 22 pepper, set +it to c:\\nacl_sdk\\pepper_22. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20new%20build%20variable.png) + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20build%20variables.png) + +Now we can use this variable to set build command on C/C++ Build page to +${NACL_SDK_ROOT}/tools/make NACL_SDK_ROOT=${NACL_SDK_ROOT}. On Linux and Mac use +make NACL_SDK_ROOT=${NACL_SDK_ROOT}. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20build.png) + +Enable parallel build on Behaviour tab. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20build%20behaviour%20tab.png) + +Press OK in properties window. You can now build the project by right clicking +on it and selecting Build Project in the popup menu or by pressing hammer icon +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20hammer%20icon.png) +in the toolbar. Make build log will be shown in console view. + +## Set up eclipse indexer + +Eclipse indexer doesn't use external compiler and so it should be configured +separately. Open project properties and go to C/C++ General->Paths and +Symbols page. Open Source Location tab, add src folder using Add Folder... +button and remove root of the project using Delete button. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20source%20location.png) + +Then go to Output Location path, add glibc and newlib folders there and remove +root of the project. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20output%20location.png) + +Now let us setup include paths. Go to Includes tab and press Add... button. +Enter ${NACL_SDK_ROOT}/include in the directory field and select Add to all +configurations and Add to all languages checkboxes. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20add%20directory%20path%201.png) + +Then press Add... button again and add +${NACL_SDK_ROOT}/toolchain/win_x86_glibc/x86_64-nacl/include directory (replace +win_x86_glibc with linux_x86_glibc or mac_x86_glibc if you use Linux or Mac OS X +accordingly). + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20add%20directory%20path%202.png) + +Press OK button in properties window and open hello_world.c. There should not be +any compile errors now. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20with%20indexer%20enabled.png) + +## Debug NaCl newlib application + +Launching and debugging applications in Eclipse is done via running and +debugging configurations. Usually they are created automatically. Unfortunately, +NaCl debugging is done using remote debugging protocol. Setting up remote +connection requires parameters that can't be determined automatically. So we +have to create debugging configuration by hand. Go to Run->Debug +Configurations... menu or press on debug icon arrow [image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20debug%20icon.png) +in toolbar and choose Debug Configurations... in the popup menu. Select C/C++ +Remote Application in Debug Configurations windows and press new button [](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20new%20debug%20configuration%20icon.png) +above filter text field or choose New in the popup menu. + +Change configuration name to NaCl Project newlib and fill C/C++ Application +field with ${workspace_loc}\\NaCl +Project\\newlib\\Debug\\hello_world_x86_64.nexe. We use ${workspace_loc} instead +of ${project_loc} since the later depends on currently selected project. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20debug%20configuration%20main.png) + +Now press Select other link at the bottom of the window. If you don't see the +link, skip this step. Select Use configuration specific settings checkbox and +choose GDB (DSF) Manual Remote Debugging Launcher in the list. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20select%20preferred%20launcher.png) + +Press OK and go to the debugger tab. Change Stop on startup at field to +Instance_DidCreate or deselect the Stop on startup checkbox. On Main tab in +Debugger Options set GDB debugger field to +c:\\nacl_sdk\\pepper_canary\\toolchain\\win_x86_glibc\\bin\\x86_64-nacl-gdb.exe. +Ensure that Non-stop mode checkbox is not selected since nacl-gdb doesn't +support this mode. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20debug%20configuration%20Debugger%20Main.png) + +Set port number to 4014 in Gdbserver Settings tab. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20debug%20configuration%20Debugger%20Gdbserver%20Settings.png) + +Save debug configuration by clicking Apply button. + +Now you need to launch chrome with --no-sandbox and --enable-nacl-debug flags +and run your NaCl application. NaCl debug stub will stop application at first +instruction. Then you need to open Debug Configuration window, select our debug +configuration and press Debug button. Next time, you can launch it by pressing +debug icon arrow that shows 10 last debug configurations. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20last%20debug%20configurations.png) + +When program will stop on the start breakpoint or breakpoint you set in project, +Eclipse will switch to debug perspective. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20hit%20breakpoint.png) + +## Debugging NaCl glibc application + +Create gdb_init.txt file and add line nacl-manifest +"c:\\\\Users\\\\username\\\\workspace\\\\NaCl +Project\\\\glibc\\\\Debug\\\\hello_world.nmf". If you use debugger from +pepper_29+, you don't need to double slashes. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20gdb_init%20file.png) + +Go to Run->Debug configuration... menu and duplicate newlib debug +configuration using Duplicate item in popup menu. Change new configuration name +to NaCl Project glibc and C/C++ Application field to ${workspace_loc}\\NaCl +Project\\glibc\\Debug\\lib64\\runnable-ld.so. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20debug%20configuration%20glibc%20main.png) + +Then go to Debugger tab and change GDB command file on Main subtab to +c:\\Users\\username\\workspace\\NaCl Project\\gdb_init.txt. Ensure that Non-stop +mode checkbox is not selected. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20debug%20configuration%20glibc%20Debugger%20Main.png) + +Press Apply button and close the window. Now you need to run your NaCl +application in chrome with --enable-nacl-debug and --no-sandbox flags, select +this debug configuration in Debug Configurations window and press Debug button. +You may see some error messages like + +```none +No source file named hello_world.c. +warning: Could not load shared library symbols for runnable-ld.so. +Do you need "set solib-search-path" or "set sysroot"? +``` + +You should ignore them. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20glibc%20hit%20breakpoint.png) + +## Troubleshooting + +If something goes wrong, you can look on gdb input and output. Press on the +arrow of console icon in Console view to show "NaCl Project glibc \[C/C++ Remote +Application\] gdb traces" console. + +[image](/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/debugging-nacl-apps-in-eclipse-cdt/eclipse%20consoles.png) \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/getting-started-with-debug-stub/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/getting-started-with-debug-stub/index.md new file mode 100644 index 00000000000..5ceee4ee604 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/getting-started-with-debug-stub/index.md @@ -0,0 +1,121 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +- - /nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended + - Debugging with debug stub (recommended) +page_name: getting-started-with-debug-stub +title: Getting started with debug stub +--- + +### Introduction + +New versions of chrome include NaCl with debug stub support. If +--enable-nacl-debug switch is passed to chrome or -g switch is passed to +sel_ldr, all NaCl applications start with the debug stub enabled. The debug stub +stops untrusted code at the first instruction inside the IRT and listens on a +TCP port of localhost network interface (4014 currently) for incoming connection +from nacl-gdb. When nacl-gdb connects to the debug stub, they talk with each +other using RSP protocol. Since remote debugging does not need to use +OS-specific debugging functions, we need only one version of nacl-gdb for both +32 and 64-bit debugging. Moreover, if one forwards port to a remote machine, it +is possible to use nacl-gdb for one OS to debug NaCl application on a different +OS. All the differences between OSes are abstracted away by debug stub. + +## Get the debugger + +The debugger is included in the latest version of NaCl SDK. It is located in +nacl_sdk/pepper_canary/toolchain/linux_x86_glibc/bin/x86_64-nacl-gdb on Linux, +nacl_sdk/pepper_canary/toolchain/win_x86_glibc/bin/x86_64-nacl-gdb.exe on +Windows, etc. Debuggers in \*_x86_glibc and \*_x86_newlib directories are +exactly the same. You can use either one on them. Moreover, unlike the rest of +SDK, you can copy debugger to a different folder. + +Regarding the pepper and chrome versions, the latest debugger should work with +the previous versions of chrome/sel_ldr but new functionality may be missing. + +## Debugging NaCl applications in Chrome + +NaCl applications can be launched using two ways in Chrome. You can load +unpacked extension on [chrome://chrome/extensions/](javascript:void(0);) page +(switch on developers mode) and open it. Alternative way is to launch a web +server and either launch chrome with --enable-nacl switch or enable NaCl +applications outside of Chrome Web Store or +[chrome://flags/](javascript:void(0);) page (you need to relaunch chrome after +that). In order to switch on debug stub support, you need to pass +--enable-nacl-debug and --no-sandbox switches to chrome. Create a shell script +that launches chrome with these flags. You can also add +--user-data-dir=some-path to use a separate profile. + +### Debugging newlib applications + +In order to debug NaCl application, you need to launch Chrome and open NaCl +application there first. Then run x86_64-nacl-gdb. Enter following commands +there. If you have spaces in paths, use quotes and double all slashes (or use +backslashes). For pepper29+ debugger you should use quotes without doubling +slashes. + +```none +(gdb) file c:\nacl_sdk\pepper_canary\examples\hello_world\newlib\Debug\hello_world_x86_64.nexe +(gdb) target remote :4014 +``` + +Point file command to 64-bit nexe on 64-bit platforms and to 32-bit nexe on +32-bit platforms. Then you can use all normal gdb commands. + +### Debugging glibc applications + +Debugging glibc applications is harder. You need to use following commands. + +```none +(gdb) nacl-manifest c:\nacl_sdk\pepper_canary\examples\hello_world\glibc\Debug\hello_world.nmf +(gdb) target remote :4014 +``` + +If you launched NaCl as unpacked chrome extension or from local http server, you +already have the NaCl manifest file which you should use here. If you launched +NaCl from an external http server, you need to download \*.nmf, \*.nexe and +\*.so files of the NaCl application and place them in the same directory +structure that is used on the server (\*.nmf file uses relative paths to +reference main executable and libraries). Then point nacl-manifest command to +the downloaded \*.nmf file. + +### Debugging with IRT symbols + +You can additionally load IRT symbols. This helps to understand what application +is doing when it is stopped inside NaCl syscall. + +```none +nacl-irt c:\Users\username\AppData\Local\Google\Chrome SxS\Application\23.0.x.x\nacl_irt_x86_64.nexe +``` + +### Automatic debugger launching + +Chrome can be configured to launch debugger automatically. Use additional +command-line option --nacl-gdb="path-to-nacl-gdb" on Windows or +--nacl-gdb="command line to launch nacl-gdb in the new shell" on Linux. You can +use --nacl-gdb-script="path-to-gdb-script" to execute your gdb script at start +up. Chrome will autodetect its IRT location and execute nacl-irt command. +Additionally, if NaCl application is in a chrome extension, nacl-manifest +command is executed automatically. Example chrome command lines are shown below. + +```none +chrome.exe --enable-nacl-debug --no-sandbox "--nacl-gdb=c:\nacl_sdk\pepper_canary\toolchain\win_x86_glibc\bin\x86_64-nacl-gdb" "--nacl-gdb-script=c:\Users\User Name\Documents\script.gdb" +``` + +```none +./chrome --enable-nacl-debug --no-sandbox "--nacl-gdb=xterm /home/user_name/nacl_sdk/pepper_canary/toolchain/linux_x86_glibc/bin/x86_64-nacl-gdb" --nacl-gdb-script=/home/user_name/script.gdb +``` + +## Debugging NaCl applications in sel_ldr + +Debugging command line NaCl applications is enabled by passing -g switch to +sel_ldr. Newlib debugging is the same, glibc debugging requires creating an +artificial manifest. You need to reference runnable-ld.so, main executable and +all \*.so libraries using relative paths from manifest file. If you want to load +IRT symbols, use nacl-irt command with the same IRT that is passed to sel_ldr +using -B switch. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/index.md new file mode 100644 index 00000000000..9a836944c1a --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/debugging-with-debug-stub-recommended/index.md @@ -0,0 +1,19 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +- - /nativeclient/how-tos/debugging-documentation + - Debugging Documentation +page_name: debugging-with-debug-stub-recommended +title: Debugging with debug stub (recommended) +--- + +Debug stub is a new way to debug NaCl applications. If --enable-nacl-debug and +--no-sandbox switches are passed to chrome or -g switch is passed to sel_ldr, a +local TCP port is opened that accepts incoming TCP connections from a debugger +via RSP protocol. This port is opened on localhost network interface, so one +need to forward this port to debug NaCl application from remote computer. This +method of debugging is preferred since debug stub inside NaCl process have an +intimate knowledge about NaCl application. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/index.md b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/index.md new file mode 100644 index 00000000000..041a7914015 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/debugging-documentation/index.md @@ -0,0 +1,72 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: debugging-documentation +title: Debugging Documentation +--- + +**The Basics** + +The NaCl team is hard at work developing an integrated debugging solution(1). +But before this feature is available, developers must resort to alternative +debugging techniques. These techniques are described here (with reservation!) +First, Native Client applications can be debugged the old school way: with +printf() and logging. Second, to a limited degree, Native Client can be debugged +with the host's GDB, but using normal GDB will have problems resolving addresses +-- some manual tweaking needs to be done to map NaCl addresses into the global +address space GDB is using. Third, there are some experimental patches to +customize GDB which enable various degrees of debugging untrusted code. + +First, we recommend debugging as much as possible compiled as a normal trusted +plugin/executable outside of Native Client, which of course will allow full use +of debuggers such as GDB, MSVC, and WinDebug. Native Client most resembles +Linux, so using GCC and POSIX will be the closest match to the NaCl runtime +environment. + +For untrusted Native Client applications, we again recommend debugging on a +Linux based host, and launching a debug build of Chrome from a terminal window. +A Native Client application can use printf() which will output messages to the +terminal window from which Chrome was launched. + +Native Client's Service Runtime can output debug messages to the terminal +window. The level of detail in these logging messages can be controlled via the +environment variable NACLVERBOSITY + +For example: + +developer@host:/home/developer/chrome/src/out/Debug$ export NACLVERBOSITY=3 + +developer@host:/home/developer/chrome/src/out/Debug$ ./chrome –enable-nacl + +Additional messages from the plug-in can be separately enabled via +NACL_SRPC_DEBUG environment variable. + +To capture log output to file “outfile” use: + +developer@host:/home/developer/chrome/src/out/Debug$ ./chrome –enable-nacl +&>outfile + +To get logs in Windows, you must instead run chrome with the environment +variable NACLLOG=<absolute path to log file / path relative to +chrome.exe>. This requires running Chrome with the --no-sandbox flag. + +**Getting the output from the Native Client Program on Windows:** + +On Linux and OSX, the Native Cilent application inherits standard output and +standard error from Chrome, so though cumbersome, printf-style debugging is +feasible. On Windows, like any non-console application, standard output and +standard error outputs are thrown into the bit bucket. To get the Native Client +application's output on Windows, set the NACL_EXE_STDOUT and NACL_EXE_STDERR +environment variables to be the absolute path to files, and then start Chrome +with the --no-sandbox flag. Output written to standard output and standard error +will then be written to the specified files. + +**Getting the Process ID (PID) of the Native Client Program from Chrome:** + +Chrome -> Developer->Task Manager, right-click process table header, +toggle on "Process ID". The PID can be used to attach GDB to running Native +Client processes. Or click on a new tab and type "about:memory" into the URL +address bar. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/exception-handling-interface/index.md b/chromium/docs/website/site/nativeclient/how-tos/exception-handling-interface/index.md new file mode 100644 index 00000000000..a0d49016546 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/exception-handling-interface/index.md @@ -0,0 +1,93 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: exception-handling-interface +title: Exception Handling Interface +--- + +## Introduction + +Hardware exceptions (invalid memory accesses, division by zero and etc) can not +be caught in the standard C/C++. Different OS provide different mechanisms to +catch hardware exception. POSIX standardizes hardware exception handling via +signals. Native Client doesn't support signals but it provides somewhat similar +interface. The main difference is that Native Client doesn't allow to resume +execution from the failed instruction. Note, that exception handling is disabled +for PNaCl because exception handling interface uses platform-dependent register +context. + +## Retrieving Hardware Exception Handling Interface + +#include <irt.h> + +struct nacl_irt_exception_handling exception_handling_interface; + +size_t interface_size = nacl_interface_query( + +NACL_IRT_EXCEPTION_HANDLING_v0_1, + +&exception_handling_interface, + +sizeof(exception_handling_interface)); + +if (interface_size != sizeof(exception_handling_interface)) { + +/\* error \*/ + +} + +## Using nacl_exception Library + +An alternative way to access hardware exception handling interface is via +nacl_exception library (it is part of libc). Add -lnacl_exception flag and use +functions from `nacl/nacl_exception.h` header. They have the same parameters and +their names are just prefixed with `nacl_exception`. + +## Handling Hardware Exceptions + +Hardware exception handlers are declared as + +`typedef void (*NaClExceptionHandler)(struct NaClExceptionContext *context);` + +in irt.h. They receive platform-dependent hardware exception context which +contains the register state. This function should not return since there is +nowhere to return to. Once exception handler is called, the exception handling +is disabled on this thread. You must call + +`int exception_clear_flag(void);` + +if you need to reenable it (you want to handle hardware exceptions inside +hardware exception handler for example). This function returns 0 on success and +error code on error (exception handling is disabled). If hardware exception +happens on a thread where exception handling is disabled, the whole NaCl process +is terminated. + +The definition of `NaClExceptionContext` can be found in `nacl/nacl_exception.h` +header. + +NaCl supports only one exception handler per process. The exception handler is +set with + +`int exception_handler(NaClExceptionHandler handler,` + +` NaClExceptionHandler *old_handler);` + +This function returns 0 on success, or error code on error (exception handling +is disabled, handler is not aligned to the bundle size or outside of code +region, exception handler thread is failed to start). Old exception handler is +returned via old_handler parameter. In order to disable exception handling, pass +`NULL` exception handler. + +Exception handler is called on current thread stack by default. If you want to +set alternative stack (to handle stack overflows for example) for exception +handler, use + +`int exception_stack(void *stack, size_t size);` + +The alternative stack is set per thread. The function returns 0 on success and +error code on error (stack location is outside of NaCl address space). If you +want to disable alternative stack, call this function with `NULL` stack pointer +and zero size. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/how-to-use-git-svn-with-native-client/index.md b/chromium/docs/website/site/nativeclient/how-tos/how-to-use-git-svn-with-native-client/index.md new file mode 100644 index 00000000000..071caa29eea --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/how-to-use-git-svn-with-native-client/index.md @@ -0,0 +1,194 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: how-to-use-git-svn-with-native-client +title: Developing Native Client +--- + +**Setup from scratch** + +Native Client code depends on some external code that is not present in its own +repository. These dependencies (aka DEPS) are managed by a tool called gclient +that is part of Chromium's depot_tools package. Get depot_tools +[here](/developers/how-tos/install-depot-tools) and put the directory (we'll +call it $DEPOT_TOOLS) in your PATH. + +Then create a directory to hold Native Client and all its deps (We'll call it +$NACL_DIR) and cd into it. + +```none +cd $NACL_DIR +``` + +Then fetch the source code. + +```none +fetch nacl +``` + +This command sets up a .gclient config file, fetches the Native Client sources +from git, then reads the DEPS file checked into native client's git repository, +and fetches the dependencies from their git repos. +If you will be committing, you will also want to set up 'git cl', the +depot_tools code review and commit tool. + +```none +cd $DEPOT_TOOLS +git cl config # just hit return at all the prompts +``` + +If you want to build 32 bit nacl on a x86_64 system, you also need to: + +```none +cd $NACL_DIR +sudo native_client/tools/linux.x86_64.prep.sh +``` + +Your workflow might be like the following: + +**Update your master branch** + +```none +cd $NACL_DIR +cd native_client +git checkout master +git pull +gclient sync +``` + +The the 'git pull' command updates your origin/master branch to match the server +and merges it into your local checked-out master branch. The 'gclient sync' +command will pull down the dependencies specified in the DEPS file. If you use a +local master branch in this way, you should not make local commits to it, or +'git pull' will complain about non-fast-forward merges. + +**Create a new branch for a new CL** + +```none +git checkout -b my_feature origin/master +``` + +(This is equivalent to git branch my_feature origin/master; git checkout +my_feature) + +**Hack away, committing to git whenever you like** + +```none +emacs $file +git commit -a (roughly equivalent to git add $file; git commit) +emacs $file +git commit -a +./scons $tests +``` + +I like to at least have a commit for every time I run a test (or try job) that +takes sufficiently long that I won't sit and wait for it. That way when I come +back and look at the results, I'm sure to have a snapshot of my code that was +tested, even if I make new edits while the test is running. + +**Send a try job** + +```none +git try +``` + +The 'git try' command will try whatever state you have committed in your local +git repo (it will complain if you have uncommitted changes). + +If you use 'git cl try' it will try whatever patchset you have currently +uploaded to Rietveld (see 'git cl upload' below). + +**Send out for code review** + +```none +  git cl upload +``` + +This creates a new CL and associates it with the current branch (all commits on +this branch are now assumed to be part of this CL). It then uploads it to the +code review server. git cl upload also supports the -m option for the patch +message, -r for reviewers, --cc for extra people to CC in the email, and a few +others. If you commit a new change and run 'git cl upload' again, it will upload +a new patchset to the existing CL. + +**Wait for the review to come back.** + +In the meantime, you can switch to another branch and work on something else. + +```none +git fetch origin +git checkout -b my_next_feature origin/master +``` + +The above sequence will base your next CL off of the current master. +Alternatively you can base your new CL on your first one by omitting the last +argument to 'git checkout'. + +**That mean reviewer wanted changes!** + +Edit based on results of review, then re-upload for more review + +```none +git checkout my_feature +emacs $file +git commit -a +git cl upload +``` + +**Got LGTM!** + +We are almost ready to commit to the server. However, while you were waiting, +there were other commits to the master, so we need to rebase my_feature against +the new HEAD and make sure everything still works. First, update the local +master: + +```none +git checkout master +git pull +gclient sync +``` + +Then, rebase your local changes off the new master: + +```none +git checkout my_feature +git rebase origin/master +``` + +Test, try and update as needed: + +```none +./scons +git try +``` + +Everything works! Commit it: + +```none +git cl land +``` + +'git cl land' squashes all the changes you made on your branch into a single +diff and commits them to the master branch in a single commit. + +Now you can update your local master again (to include the change you just +committed) and start a new branch for your next CL. + +```none +git checkout master +git pull +gclient sync +git checkout -b my_even_newer_feature origin/master +``` + +If you have a CL already in flight (especially one that was branched off of your +previous feature branch rather than master), you will probably want to rebase it +against master now. After you have updated your master branch as above, + +```none +git checkout my_next_feature +git rebase origin/master +``` \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/how-to-write-assembler-for-x86-nacl-platform/index.md b/chromium/docs/website/site/nativeclient/how-tos/how-to-write-assembler-for-x86-nacl-platform/index.md new file mode 100644 index 00000000000..b3f35c86131 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/how-to-write-assembler-for-x86-nacl-platform/index.md @@ -0,0 +1,339 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: how-to-write-assembler-for-x86-nacl-platform +title: How to write assembler for x86 NaCl platform. +--- + +Before we'll go any further let me remid you that NaCl is OS-independent but +CPU-dependent technology while pNaCl is both OS-independent and CPU-independent +technology. Assembler is, of course, CPU-dependent and as such is not suitable +for pNaCl. + +Ok. So we are dealing with NaCl and want to write some kind of assembler +program. + +First of all, I don't plan to explain here how to write your program entirley in +assembler languge. + +It's doable, but quite hard and rarely needed. I'll concentrate on a case of +C/C++ program “with some assebler on the side”. + +Ok, so we want to call some assembler instruction not available via intrinsic. +Let's use cpuid for our simple example. + +$ cat cpuid.c + +#include <stdint.h> + +#include <stdio.h> + +int main() { + +volatile uint32_t reg\[4\]; + +__asm__ __volatile__( + +"cpuid" + +: "=a"(reg\[3\]), "=b"(reg\[0\]), "=c"(reg\[2\]), "=d"(reg\[1\]) + +: "a"(0) + +: "cc"); + +printf("%s\\n", (char \*)reg); + +} + +$ pepper_33/toolchain/linux_x86_newlib/bin/i686-nacl-gcc cpuid.c -o +cpuid-32.nexe + +$ pepper_33/toolchain/linux_x86_newlib/bin/x86_64-nacl-gcc cpuid.c -o +cpuid-64.nexe + +$ pepper_33/tools/sel_ldr.py cpuid-32.nexe + +DEBUG MODE ENABLED (bypass acl) + +GenuineIntel + +$ pepper_33/tools/sel_ldr.py cpuid-64.nexe + +DEBUG MODE ENABLED (bypass acl) + +GenuineIntel + +Looks like we can easily call cpuid from our NaCl program. How cool is that? +Well, cool enough to write some simple program. In 32 bit mode. If you are +lucky. In 64 bit mode. If you **very** lucky. + +Why? It's easy: only provably safe code can be executed on NaCl platform. And +sooner or later you'll write code which will be declared UNSAFE by NaCl and +it'll refuse to run it. In particular NaCl does not allow you to use arbitrary +instructions in your code. Only “safe” instructions are allowed. + +Where is the list of safe instructions? [Here it +is.](https://codereview.chromium.org/49183002/patch/2530001/2540004) This file +is created automatically and lists all single instructions allowed in x86 32 bit +NaCl mode. If you use instructions from it - you are golden, if you use +instructions not mentioned there then validator will reject your code. + +There are a lot of instructions in this list and you can do a lot of things +using them, but couple of instructions are suspiciously missing: call and ret. +Well, call is there but only as call %eip (which basically means “call with any +32bit offset” since script used to generate said list always uses offset equal +to zero for the simplification), but ret is not present at all—and this **not** +an error in script! + +Why would you need a call without ret? How could you return from function? And +can you ever call function indirecly? Contemporary technologies use function +pointers (in different forms) quite extensively. The answer to this question +brings us to a *superinstruction* notion. + +In 32 bit case there are exactly two *superinstructions*: naclcall and nacljmp. +They can be used with any 32 bit general purpose register (and only register, +never memory!) to do an indirect jump. And i686-nacl-as also gives you the +naclret macro which simply calls pop %ecx and then nacljmp %ecx (%ecx is picked +because it's neither caller-saved register not callee-saved register in x86 ELF +ABI). + +There are nothing magical in naclret, but naclcall and nacljmp **are** magical. +How come? Let's see: + +$ cat nacljmp.s + +nacljmp %eax + +$ pepper_33/toolchain/linux_x86_newlib/bin/i686-nacl-as nacljmp.s -o nacljmp.o + +$ pepper_33/toolchain/linux_x86_newlib/bin/i686-nacl-objdump -d nacljmp.o + +nacljmp.o: file format elf32-i386-nacl + +Disassembly of section .text: + +00000000 <.text>: + +0: 83 e0 e0 and $0xffffffe0,%eax + +3: ff e0 jmp \*%eax + +As you can see this *superinstruction* actually combines two different +instructions: and and jmp. This combination guarantees that target address for +nacljmp is always aligned: you can not use nacljmp (or naclcall) to jump in the +middle of 32-byte *bundle*. And i686-nacl-as guarantees that instructions in +your code will never straggle boundary of such *bundle*. These two facts +combined mean that code can be **statically** disassebled and verified. Which in +turn means that NaCl validator does not effect performance of your code at all: +it does it's work once, and then your code is executed by CPU directly without +additional overhead (bundles and lack of ret will create some small overhead, of +course, but it's very small). That's really, really cool. There is one tiny +problem though: what happens if address which you are using as a target is not +actually aligned? IOW: how can call work in this scheme. The answer is simple: +call is magical in i686-nacl-as, too (and naclcall is doubly magical): +i686-nacl-as always moves it to the end of bundle which means that address in +stack is properly aligned. + +And now our description of 32 bit nacl assembler is essentially complete. You +have the list of safe instructions, you use naclcall, nacljmp and naclret where +needed and that's it. + +Now we are switching to 64 bit case. Before we'll discuss it we need to think a +bit. All our manipulations work if **all** the code in your process adheres to +the NaCl rules… but not all code in NaCl process image are like that! NaCl +loaders include bunch of code compiled with a normal (non-NaCl) compiler and, +more importantly, it's linked with system libraries which most definitely can +not be recompiled with NaCl compiler (well… under Linux they could, but this +approach will not work with MacOS or Windows). One jump to stray aligned ret—and +the whole system is compromised. How **that** problem is solved? In 32 bit case +the answer is simple: ***segment registers***! *Segment registers* are used to +limit the reach of your code and that means that *untrusted code*, indeed, can +not call *trusted code* (at least directly). There are some tiny pieces of +*trusted code* injected in *untrusted zone* (*trampolines* and *springboards*) +which are used to manage communication between trusted code and untrusted code +but you never deal with these directly. + +But in 64 bit case this plan will not work! There are no segments in 64 bit +mode! + +Right - and this is why 64 bit mode is significantly more involved and +complicated. [Here is the list of safe +instructions](https://codereview.chromium.org/49183002/patch/2530001/2540005). +Let's take a look on a simple mov instruction. In 32 bit mode it was described +as + +Instruction: 89 XX mov \[%eax..%edi\],\[%eax..%edi or memory\] + +Very simple instruction straight from Intel's (or AMD) manual. Any 32 bit +general-purpose register can be moved to general-purpose register or memory. In +64 bit case the same instruction is described quite differently: + +Instruction: \[REX:40..47\]? 89 XX mov \[%eax..%r15d\],\[%eax..%ebx|%esi..%r14d +or memory\] + +That is: any 32 bit register can be moved to any 32bit register… except for +%rbp, %rsp and %r15. Uhm... Why? What makes these registers special? Answer: +they point to the *untrusted zone*. %r15 always points to the beginning of the +untrusted zone (and can not be changed) while %rbp and %rsp can point to +arbitrary point in the *untrusted zone*—but can only be changed by a limited set +of instructions. + +Why do we do that? How can it limit memory accesses and make sure they never +reach out of the *unstrusted zone*? Does at mean that you can only access memory +placed on a fixed distance from %r15, %rbp, or %rsp? It'll be quite inefficient! + +Yes, it'll be inefficiant and that's why we introduce yet another concept: +concept of restricted register. Conceptually restricted register is just a +register which is guaranteed to be in the interval from 0 to 4'294'967'295. But, +again, we don't try to create complex data models at the validation time. +Instead we have a very simple rule: one instruction can produce restricted +register while another one can consume restricted register—and these two +instructions must be *immediately adjacent in the same bundle*. Here we use the +interesting property of x86-64 ISA: any instruction which stores to 32bit +register automatically cleans up top half of the corresponding 64bit register. +That's what notes input_rr=… and output_rr=… mean in the safe list. They show +which instruction produce restricted register and which instructions consume +restricted register. Note that while many instructions can produce %rbp and/or +%rsp as restricted register only few instruction accept %rbp and/or %rsp as +restricted register. Which means that most %rbp and/or %rsp modifications are +done as two-step operation: first you are doing something with %**e**bp or +%**e**sp, then you immediatery add %**r**15 to %**r**bp or %**r**sp using lea or +add. + +This is all well and good, but here we have a complication: validator knows that +such tightly tied instructions must reside in a single bundle, but +x86_64-nacl-as does not know that! It will happily place these two instructions +into a different bundles and then code will be rejected by validator. + +How can we solve that problem? This is done with human's assistance. If you want +to “glue two instruction together” you need to use the following construct: + +.bundle_lock + +lea (%rax,%rbx),%ecx + +mov (%rbp,%rcx),%edx + +mov (%r15,%rdx),%rax + +.bundle_unlock + +There are couple of interesting things to note here: + +* lea with 32 bit address registers is forbidden, use 64 bit version + with 32 bit register as destination—it's shorter and is just as + effective. +* you can chain more than two instructions together—but you can not + reuse restricted register again. This sequence will be rejected: + + .bundle_lock + + lea (%rax,%rbx),%ecx + + mov (%rbp,%rcx),%edx + + mov (%r15,%rcx),%rax + + .bundle_unlock + +This is all well and good but how can you do that in the inline assembler when +you refer the arguments? When you use %0 will give you either 32 bit register or +64 bit register (depending on what size argument was supplied to asm directive) +and here we often need to deal with 32 bit registers and their 64 bit siblings! + +Actually GCC always had the appropriate mechanism, it's not NaCl-specific at +all, it's just such mix of sizes is not common in “normal” programs. Consider: + +$ cat sizes_test.c + +int foo() { + +int i; + +long long ll; + +asm("mov %q0,%0"::"r"(i)); + +asm("mov %q0,%0"::"r"(ll)); + +asm("mov %k0,%0"::"r"(i)); + +asm("mov %k0,%0"::"r"(ll)); + +} + +$ gcc -S -O2 sizes_test.c -o- + +… + +foo: + +.LFB0: + +.cfi_startproc + +movl $1, %eax + +#APP + +# 4 "sizes_test.c" 1 + +mov %rax,%eax + +# 0 "" 2 + +#NO_APP + +movl $1, %eax + +#APP + +# 5 "sizes_test.c" 1 + +mov %rax,%rax + +# 0 "" 2 + +# 6 "sizes_test.c" 1 + +mov %eax,%eax + +# 0 "" 2 + +#NO_APP + +movl $1, %eax + +#APP + +# 7 "sizes_test.c" 1 + +mov %eax,%rax + +# 0 "" 2 + +#NO_APP + +ret + +.cfi_endproc + +… + +As you can see it's not hard to ask assembler to produce 32 bit or 64 bit +registers on demand. Just keep in mind that NaCl used ILP32 model which means +that by default it'll produce 32 bit registers there! Which probably means that +you'll use q modifier significanly more often then k modifier. + +Note that .bundle_lock/.bundle_unlock machinery is only available in NaCl SDK +starting from PPAPI 33. Before that you were forced to use %nacl pseudo-prefix +and and bunch of special instructions to produce validateable code [as explaines +in the SFI +document](http://www.chromium.org/nativeclient/design-documents/nacl-sfi-model-on-x86-64-systems). +This approach was slower (because it was impossible to combine address +calculation with register restriction) and more cryptic, but if you need to deal +with PPAPI 32 or below then it's your only choice. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/how-tos/index.md b/chromium/docs/website/site/nativeclient/how-tos/index.md new file mode 100644 index 00000000000..68fe1e61c73 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/index.md @@ -0,0 +1,9 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +page_name: how-tos +title: '2: How Tos' +--- + +{% subpages collections.all %} diff --git a/chromium/docs/website/site/nativeclient/how-tos/working-on-the-git-toolchain-repos/index.md b/chromium/docs/website/site/nativeclient/how-tos/working-on-the-git-toolchain-repos/index.md new file mode 100644 index 00000000000..5b381209dde --- /dev/null +++ b/chromium/docs/website/site/nativeclient/how-tos/working-on-the-git-toolchain-repos/index.md @@ -0,0 +1,105 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/how-tos + - '2: How Tos' +page_name: working-on-the-git-toolchain-repos +title: Working on the git toolchain repos +--- + +Everybody who might ever need to touch the repositories that were formerly + +at git.chromium.org should start by doing the account setup that Anush + +posted about: http://www.chromium.org/chromium-os/developer-guide/gerrit-guide + +You can use your existing SSH key you were using with git.chromium.org + +(that's what I did) or generate a fresh one if you prefer. Then you + +should put this bit into your ~/.ssh/config: + +Host gerrit.chromium.org + +Port 29418 + +User <your-gerrit-username> + +IdentityFile %d/.ssh/chromium + +For sanity's sake, your gerrit username will be the same as your + +chromium.org username which will be the same as your google.com username. + +I did it that way even though I don't like my google.com username much + +(and even though I am insane). + +This config assumes that you are using your SSH key from before and/or that + +you generated it with "ssh-keygen -f ~/.ssh/chromium". Adjust file names + +to taste if you are nonconformist. Make sure that the bit you paste into + +the account setup web form for your SSH key is instead the contents of + +~/.ssh/chromium.pub (your public key, not your private key). + +Once you have done the account setup, then you can ask someone to add you + +to the nacl-toolchain-committers group. For the moment, you can ask me. + +When other more adminy people get their gerrit accounts set up so I can + +add them to the nacl-admin group, you should ask them instead of me. + +The content for our repos has been migrated over from the + +gitrw.chromium.org server, and nobody can push there anymore. Note that + +the read-only http://git.chromium.org mirrors are still stale (lacking + +two commits I pushed yesterday), and will probably never be updated again. + +But that's OK! + +The new repos are live. The read-only URLs are: + +http://gerrit.chromium.org/gerrit/p/native_client/nacl-glibc.git + +http://gerrit.chromium.org/gerrit/p/native_client/nacl-binutils.git + +http://gerrit.chromium.org/gerrit/p/native_client/nacl-gcc.git + +http://gerrit.chromium.org/gerrit/p/native_client/nacl-newlib.git + +I will look into changing the toolchain builder crapola to pull from those. + +The URLs for writing are: + +ssh://gerrit.chromium.org/native_client/nacl-glibc.git + +ssh://gerrit.chromium.org/native_client/nacl-binutils.git + +ssh://gerrit.chromium.org/native_client/nacl-gcc.git + +ssh://gerrit.chromium.org/native_client/nacl-newlib.git + +To keep life simple, you can just do a fresh 'git clone' from one of the + +ssh URLs. (You only need a gerrit account and not committer privs to be + +able to clone that way.) It's also possible to set things up to pull from + +http:// urls but push to ssh:// urls, but that is stranger and I don't + +really know why you'd bother with it. + +If you have an existing git checkout, you can fix the URLs just by changing + +them in the .git/config file in each checkout. There is a way to do this + +with the 'git config' command, but really I'd just edit the file. It ain't + +rocket science. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/index.md b/chromium/docs/website/site/nativeclient/index.md new file mode 100644 index 00000000000..bfdb7b7f1c7 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/index.md @@ -0,0 +1,24 @@ +--- +breadcrumbs: [] +page_name: nativeclient +title: Native Client +--- + +If you want to write Native Client modules (because you want to put C or C++ +code in your web app), get the SDK: + +> [**Native Client Developer Site**](http://gonacl.com) + +If you're interested in the implementation of Native Client, you're in the right +place. We're moving our implementation information to subpages of this one, but +some information exists in other websites (such as the [nativeclient +project](http://code.google.com/p/nativeclient/), which has a +[wiki](http://code.google.com/p/nativeclient/wiki/) that was used for some +documentation previously). The following search field covers all these websites +plus groups. + +image + +{% subpages collections.all %} diff --git a/chromium/docs/website/site/nativeclient/life-of-sel_ldr/index.md b/chromium/docs/website/site/nativeclient/life-of-sel_ldr/index.md new file mode 100644 index 00000000000..75ee69c8916 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/life-of-sel_ldr/index.md @@ -0,0 +1,256 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +page_name: life-of-sel_ldr +title: The life of sel_ldr +--- + +sel_ldr stands for Secure ELF Loader and is the heart of Native Client. The +plugin (or other supervisor) starts sel_ldr, loads nacl module, opens SRPC +channels, communicates and terminates sel_ldr at the end. + +**Starting sel_ldr** + +In order to start sel_ldr, we need to create a socketpair(AF_UNIX, SOCK_DGRAM, +0, fds) and pass the one side of it to sel_ldr. + +The minimal set of sel_ldr arguments is: + +sel_ldr -i D:5 -X 5 -- nacl_module <nacl_module_args> + +where D=fds\[0\] is the file descriptor of the above socketpair half. This +socketpair is the service socket which will be used to obtain some descriptors +from sel_ldr. + +**Receiving a bound socket** + +The first action we need to do is to receive a bound socket that will be used to +open SRPC channels. It's very simple, we need just to call recvmsg on the +plugin's half of the above socketpair. The simplification of +src/nonnacl_util/sel_ldr_launcher.cc::GetSockAddr method: + +int\* control = (int\*)calloc(100, sizeof(int)); + +struct iovec iov; + +iov.iov_base = calloc(100, 1); + +iov.iov_len = 100; + +struct msghdr msg; + +msg.msg_name = NULL; + +msg.msg_namelen = 0; + +msg.msg_iov = &iov; + +msg.msg_iovlen = 1; + +msg.msg_control = control; + +msg.msg_controllen = 100 \* sizeof(int); + +msg.msg_flags = 0; + +recvmsg(fds\[1\], &msg, 0) + +int bound_socket = control\[4\]; // This is the socket we wanted to receive + +// NOTE: this is a hacky code, it does not check for errors, so it should not be +used in production. + +See man recvmsg for more details. + +Also, you can look into [fuse +tutorial](http://ptspts.blogspot.com/2009/11/fuse-protocol-tutorial-for-linux-26.html). +They also start fusermount with a socketpair like above and receive the file +descriptor to communicate with the kernel. That documentation could be a good +explanation why does it work this way. + +**Opening SRPC channels** + +The plugin opens 2 SRPC channels: trusted_command, and untrusted. The first one +is used to pass commands to the trusted part of sel_ldr. It is opened first and +we need to do the following: + +1. Create a DGRAM socket pair like we did in the first paragraph + +2. Send a half of the socket pair to bound_socket via sendmsg (see below for a +code snippet) + +3. Use the other half of the socket pair as the descriptor for SRPC channel + +Sending a file descriptor is very similar to receiving: + +int srpc_fds\[2\]; + +socketpair(AF_UNIX, SOCK_DGRAM, 0, srpc_fds) + +int\* control = (int\*)calloc(100, sizeof(int)); + +control\[0\] = 20; + +control\[1\] = 0; + +control\[2\] = 1; + +control\[3\] = 1; + +control\[4\] = srpc_fds\[0\]; // Sending the half of the socket pair + +struct iovec iov; + +char\* base = (char\*) calloc(100, 1); + +base\[0\] = 'c'; + +iov.iov_base = base + +iov.iov_len = 1; + +struct msghdr msg; + +msg.msg_name = NULL; + +msg.msg_namelen = 0; + +msg.msg_iov = &iov; + +msg.msg_iovlen = 1; + +msg.msg_control = control; + +msg.msg_controllen = 20; + +msg.msg_flags = 0; + +sendmsg(bound_socket, &msg, 0) + +// srpc_fds\[1\] is the fd to use for SRPC communication + +So, the first SRPC channel is opened and we will call it trusted_command +channel. The first what we should do with it is to call SRPC method +service_discovery::C to get the list of available SRPC methods for this channel. +service_discovery method always has index 0, so we can do it w/o the knowledge +of the available methods. + +To read about SRPC, go to [Using Simple RPC to Implement Native Client +Services](/system/errors/NodeNotFound), the +[reference](http://nativeclient.googlecode.com/svn/data/docs_tarball/nacl/googleclient/native_client/scons-out/doc/html/group___s_r_p_c.html) +or native_client/src/shared/srpc in the Native Client sources. Take a look into +native_client/src/shared/srpc/rpc_serialize.c to get understanding of SRPC +marshalling. + +To call SRPC method we need to sendmsg with the serialized SRPC call and after +that recvmsg to get the answer. In the simplest case of service_discovery::C we +need to send the following: + +iov = \[{"\\1\\336\\300\\323\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0", 16}, +{"\\2\\0\\332\\300\\0\\0\\0\\0\\0\\0\\0\\0\\1\\0\\0\\0\\0\\0\\0\\0\\0\\1\\0\\0\\0C\\240\\17\\0\\0", +30}\] + +The first string is an SRPC banner that is constant. + +The second string has the following format (according to +native_client/src/shared/srpc/rpc_serialize.c): + +/\* + +\* Message formats: + +\* SRPC communicates using two main message types, requests and responses. + +\* Both are communicated with an rpc (header) prepended. + +\* + +\* rpc: + +\* protocol - (uint32_t) 4 bytes + +\* message id - (uint64_t) 8 bytes + +\* request/response - (uint8_t) 1 byte + +\* rpc method index - (uint32_t) 4 bytes + +\* return code - (uint32_t) 4 bytes (only sent for responses) + +\* + +\* request: + +\* #args - (uint32_t) 4 bytes + +\* #args \* (arg value) - varying size defined by interface below + +\* #rets - (uint32_t) 4 bytes + +\* #rets \* (arg template) - varying size defined by interface below + +\* + +\* response: + +\* #rets - (uint32_t) 4 bytes + +\* #rets \* (arg value) - varying size defined by interface below + +\* + +\*/ + +When we sent service_discover::C message, sel_ldr will reply with something +like: + +msg_iov(2)=\[ + +{"\\1\\336\\300\\323\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0", 16}, + +{"\\2\\0\\332\\300\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\1\\0\\0\\1\\0\\0\\0CM\\0\\0\\0service_discovery::C\\nhard_shutdown::\\nstart_module::i\\nlog:is:\\nload_module:h:\\n\\0", +107} + +\] + +As we can see, the first 16 bytes are still the SRPC banner. The second string +contains the list of methods: + +service_discovery::C + +hard_shutdown:: + +start_module::i + +log:is: + +load_module:h: + +Before we can open the untrusted SRPC channel, we need to start a NaCl module. +Currently, sel_ldr has been validated and initialized nacl_module but not +started it. + +As we can see, start_module has the index 2, so the corresponding message +(omitting the banner) is: +"\\2\\0\\332\\300\\0\\0\\0\\0\\0\\0\\0\\0\\1\\2\\0\\0\\0\\0\\0\\0\\0\\1\\0\\0\\0i" + +Sel_ldr will reply with: + +"\\2\\0\\332\\300\\0\\0\\0\\0\\0\\0\\0\\0\\0\\2\\0\\0\\0\\0\\1\\0\\0\\1\\0\\0\\0i\\0\\0\\0\\0" + +Now we can open the untrusted SRPC channel. It's completely the same procedure +as opening the trusted_command channel: make a socket pair, sent it to the bound +socket, obtain the list of methods via service_discovery::C. When it's done, +everything is initialized. NaCl module has been started to work and sel_ldr will +be alive until the termination of untrusted program (represented by a NaCl +module) or until the supervisor (e.g. the plugin) tells to sel_ldr that it needs +to shutdown. + +Hopefully, this information will be needed to just a few developers which are +working on implementing alternative plugins for Native Client or other +sandboxing libraries (for example, for server-side NaCl). + +Note, that this is a low level information which were obtained with strace. All +the process could be changed over time and there were the changes last three +months. So, it's more likely an overview of what's happening, nothing more. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/nameservice/index.md b/chromium/docs/website/site/nativeclient/nameservice/index.md new file mode 100644 index 00000000000..c8f74e777b1 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/nameservice/index.md @@ -0,0 +1,170 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +page_name: nameservice +title: nameservice +--- + +**NAME** + +> NaClNameServiceGetRoot, NaClNameServiceChannel, NaClNameServiceResolve -- look +> up names in namespaces + +**SYNOPSIS** + +> #include <stdint.h> + +> #include <fcntl.h> + +> #include <nacl/nameservice.h> + +> int32_t NaClNameServiceGetRoot(void); + +> void NaClNameServiceClose(int32_t service); + +> int32_t NaClNameServiceChannel(int32_t service); + +> void NaClNameServiceChannelClose(int32_t channel); + +> int32_t NaClNameServiceResolve(int32_t channel, char const \*name, int32_t +> flags, int32_t mode); + +> size_t NaClNameServiceEnumerate(int32_t channel, char \*buffer, size_t +> nbytes); + +> void NaClNameServiceChannelAsyncThread(int32_t channel); + +> int32_t NaClNameServiceResolveAsync(int32_t channel, char const \*name, +> int32_t flags, int32_t mode, void (\*callback)(void \*state, int32_t desc, +> int32_t errno), void \*state); + +> int32_t NaClNameServiceEnumerateAsync(int32_t channel, char \*buffer, size_t +> nbytes, void (\*callback)(void \*state, size_t written), void \*state); + +**DESCRIPTION** + +> The name service interface provides a general mechanism to resolve names, +> mapping a NUL-terminated character string to an I/O descriptor. Resolution may +> result in descriptors that represent files, name resolvers for lower-level +> namespaces, and, in the future, device interfaces such as video cameras or +> joysticks. Initial namespaces that can be reached from the "root" namespaces +> are manifest files, WebFS persistent files, WebFS temporary files, and files +> included with the standard Native Client runtime. + +> NaClNameServiceGetRoot() returns a "root" name service which every Native +> Client module is created with. This name service identity is used to create +> name service channels using which name resolution can occur, using +> NaClNameServiceChannel(). Each Native Client module may create multiple name +> service channels, e.g., one per thread or to form a channel pool that grows as +> needed. Each channel may be used for only one synchronous resolution operation +> at a time, and it is up to the Native Client module to ensure that this holds. + +> As an alternative to using the synchronous API, NaClNameServiceResolveAsync +> may be used instead. Before NaClNameServiceResolveAsync is used, the caller +> must spawn a thread and invoke NaClNameServiceChannelAsyncThread, which will +> only return when the channel is closed. Here, the name service will invoke +> callback with the result desc -- which, on an error, will be -1, so the +> callback is guaranteed to be called exactly once -- once a result is +> available. The callback/state functor will be invoked on a separate thread, +> and it is the responsibility of the NaCl module provided callback functor to +> process the result in a thread-safe manner. Multiple +> NaClNameServiceResolveAsync may be invoked on the same channel. However, the +> maximum number of NaClNameServiceResolveAsync operations actually allowed in +> flight is not specified, and the order of callbacks may occur in any order. If +> the callback is invoked with the desc argument equal to -1, the errno argument +> will have a meaningful value. If the maximum number of in-flight asynchronous +> name resolutions is exceeded, NaClNameServiceResolveAsync returns -1, and the +> caller may retry later, e.g., when a callback is invoked; otherwise +> NaClNameServiceResolveAsync returns 0 to indicate that the callback will fire, +> or may have fired. + +> The name, flags, and mode arguments for NaClNameServiceResolve and +> NaClNameServiceResolveAsync are essentially that of the familiar POSIX open(2) +> call, with the following differences: flags may contain, instead of the usual +> O_RDONLY, O_RDWR, etc, values defined in fcntl.h, O_NAMESERVICE. When +> resolving a name with O_NAMESERVICE, the mode argument is ignored. If the +> resolution succeeds, the return value is a name service, which may in turn be +> used with NaClNameServiceChannel. If the resolution fails, +> NaClNameServiceResolve returns -1 and the thread-local variable errno is set +> to indicate the reason for failure. + +> To enumerate all names at a name service, use NaClNameServiceEnumerate or +> NaClNameServiceEnumerateAsync. The supplied buffer is overwritten with at most +> nbytes of NUL-terminate string names, and the actual number of bytes written +> is returned, in the case of NaClNameServiceEnumerate; or is supplied as the +> written input argument of the completion callback functor callback/state, in +> the case of NaClNameServiceEnumerateAsync. NB: If written < nbytes, then +> all names in the namespace were returned. Some name services, e.g., those +> associated with file systems, may permit the opening of directories as name +> services. + +> All I/O operations using I/O descriptors returned by name services will cause +> the caller to block until the operation succeeds, unless the NaCl thread +> synchronous I/O restriction is in force; in this case, the I/O restricted +> thread(s) will not be able to perform I/O operations unless explicitly +> enabled: such operations will result in EWOULDBLOCK. + +> Do not use both the asynchronous and synchronous resolution interfaces, even +> in a temporally disjoint manner. + +**EXAMPLES** + +> int32_t root_nameservice = NaClNameServiceGetRoot(); + +> int32_t root_ns_channel = NaClNameServiceChannel(root_nameservice); + +> int32_t web_fs_nameservice = NaClNameServiceResolve(root_ns_channel, +> "WebFsPersistentStore", O_NAMESERVICE, 0); + +> int32_t manifest_nameservice = NaClNameServiceResolve(root_ns_channel, +> "ManifestFiles", O_NAMESERVICE, 0); + +> int32_t fd = NaClNameServiceResolve(manifest_nameservice, "libsdl.so", +> O_RDONLY, 0); + +> void \*ResolverThread(void \*state) { + +> NaClNameServiceAsyncThread((int32_t) (intptr_t) state); + +> return NULL; + +> } + +> void ResolverCallback(void \*state, int32_t desc, int32_t errno) { + +> /\* grab a lock, save desc somewhere, and signal a condvar \*/ + +> struct ResolverCallbackState \*info = (struct ResolverCallbackState \*) state; + +> pthread_mutex_lock(&info->mu); + +> info->desc = desc; info->errno = errno; + +> pthread_cond_broadcast(&info->cv); + +> pthread_mutex_unlock(&info->mu); + +> } + +> pthread_t tid; + +> struct ResolverCallbackState \*info = ...; + +> pthread_create(&tid, (pthread_attr_t) NULL, ResolverThread, +> web_fs_nameservice); + +> if (0 != NaClNameServiceResolveAsync(web_fs_nameservice, "/Nexuiz/SavedGame", +> O_RDWR, 0, ResolverCallback, info)) { + +> /\* failed \*/ + +> } + +**SEE ALSO** + +> open, close, read, write, fstat, iorestrict + +**BUGS** + +> stat-like call is missing; TBD. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/nameservice/naming-issues----rationale/index.md b/chromium/docs/website/site/nativeclient/nameservice/naming-issues----rationale/index.md new file mode 100644 index 00000000000..c2c954ed225 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/nameservice/naming-issues----rationale/index.md @@ -0,0 +1,93 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/nameservice + - nameservice +page_name: naming-issues----rationale +title: 'naming: issues and use cases' +--- + +Naming is important for many reasons, among which are being able to precisely +and unambiguously refer to an object, being able to flexibly add new objects to +name spaces without causing problems, etc. This document enumerates a few +scenarios from DSO support that should be supported for NaCl application +authors. + +First, let us specify what (sub-) namespaces exist. "Shared object names" or +sonames are used by ld.so to refer to shared objects to be loaded, and the +manifest file provides a mapping from short sonames to longer, less ambiguous +names. But what might application authors want to be able to refer to? One class +of file-like objects are web-hosted data. The long name might be an URL or URI +that resolves -- via HTTP -- to a sequence of bytes that happen to be a NaCl +shared object. Another class of file-like objects are pre-supplied shared +libraries that are shipped with the NaCl distribution, e.g. libc.so. A third +class are files in WebFS -- perhaps the application downloaded and installed +into WebFS persistent storage shared libraries that represent code used for +certain game levels, say. + +Suppose an application needs to use libpng.so, which depends on libc.so. +Initially, the NaCl distribution may not provide a libpng.so and only libc.so, +and libpng.so might be mapped to a web-hosted file that would be handled by the +app cache. The following scenarios may occur: + +1. The NaCl distribution add commonly-used libraries to reduce startup + time. Since a bundled version of libpng.so showed up in a new Chrome + NaCl runtime release, the application author may decide to switch to + the bundled version. There should be a way to fall back, in case the + application is running on an as-yet not updated version of Chrome + NaCl runtime where the new bundled version of libpng is not + available. +2. The application author finds a bug or performance issue in the + bundled version of libc, and substitutes a different version, so + both libc.so and libpng.so are provided by a web-based resource or + by WebFS persistent store. +3. The application author provides his/her own version of libc, but + decides to use the bundled version of libpng. +4. The application also depends on and supplies as a web-hosted + resource libpng_basics, and relies on the bundled version of libpng. + Later the NaCl distribution splits the bundled version of libpng + into libpng and libpng_basics, where libpng depends on + libpng_basics. The two identically named libpng_basics.so are + completely different libraries and are not compatible. (This may be + insoluble since the same soname is used.) +5. The application relies on the bundled version of libc.so, which + (transparently) depends on libnacl.so. The application author builds + a new, web-hosted library also named libnacl.so, creating a name + conflct with the bundled library. This is likely to be discovered in + testing, unlike the libpng_basics scenario above; this is here for + completeness: there might not be a way to transparently load + internal libraries, since the sonames form a global name space. + +These use cases should be supported. They might be automatic, or might require a +manifest file change. For the scenario of bundling commonly-used libraries, it +is probably safe to assume that new versions can be safely added, and old +version might either never be removed or be retired only after a long grace +period. + +Some goals: + +1. Adding bundled libraries should not break existing code. +2. Application authors should be able to precisely name the libraries + to use, so that there is a precise testing target. +3. Application authors should be able to optionally allow their + applications to use newer, ABI-compatible releases of a (bundled) + library. + +Some non-goals: + +* Provide a per-library soname resolution order. + +Potential solutions / solution components: + +* Extend URL syntax so that a private protospec can be used to refer + to bundled files, webfs files, etc. This does not solve the + sonames-are-a-global-namespace issue (4, 5). +* Provide a library search path, so that the versioning fallback issue + from (1) is avoided. This should be done with care, since as noted + in + + improper use of this can result in excess network traffic / + roundtrips. +* Encode in sonames whether an object is bundled version of a library, + a WebFS-persistent store copy, or a manifest-mapped version. \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/Fragment padding.png.1355408184699.png.sha1 b/chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/Fragment padding.png.1355408184699.png.sha1 new file mode 100644 index 00000000000..d71d76e8357 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/Fragment padding.png.1355408184699.png.sha1 @@ -0,0 +1 @@ +b123761edcd6e9e33c0dce1ec34e943437b73404 \ No newline at end of file diff --git a/chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/index.md b/chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/index.md new file mode 100644 index 00000000000..4c5c8e6c258 --- /dev/null +++ b/chromium/docs/website/site/nativeclient/pnacl/aligned-bundling-support-in-llvm/index.md @@ -0,0 +1,303 @@ +--- +breadcrumbs: +- - /nativeclient + - Native Client +- - /nativeclient/pnacl + - PNaCl +page_name: aligned-bundling-support-in-llvm +title: Aligned bundling support in LLVM +--- + +This document describes the proposal to add aligned instruction bundle support +(in short - "bundling") in LLVM and its implementation in the MC module. + +[TOC] + +## Specification + +For the purpose of supporting the Software Fault Isolation (SFI) mechanisms +required by Native Client, the following directives are added to the LLVM +assembler: + +```none +.bundle_align_mode +``` + +```none +.bundle_lock