[AUTO][FILECONTROL] - version 128.0.6613.40 (#1376)

[AUTO][FILECONTROL] - version 128.0.6613.40

tools/under-control/src/RELEASE

@@ -1 +1 @@
-127.0.6533.120
+128.0.6613.40

tools/under-control/src/android_webview/browser/aw_content_browser_client.cc

@@ -6,6 +6,7 @@
 
 #include <cstddef>
 #include <memory>
+#include <optional>
 #include <string>
 #include <string_view>
 #include <utility>
@@ -82,6 +83,7 @@
 #include "components/url_matcher/url_matcher.h"
 #include "components/url_matcher/url_util.h"
 #include "components/version_info/version_info.h"
+#include "content/public/browser/browser_context.h"
 #include "content/public/browser/browser_task_traits.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/child_process_security_policy.h"
@@ -462,6 +464,7 @@ void AwContentBrowserClient::AllowCertificateError(
 
 base::OnceClosure AwContentBrowserClient::SelectClientCertificate(
     content::BrowserContext* browser_context,
+    int process_id,
     content::WebContents* web_contents,
     net::SSLCertRequestInfo* cert_request_info,
     net::ClientCertIdentityList client_certs,
@@ -891,11 +894,17 @@ bool AwContentBrowserClient::HandleExternalProtocol(
 
   // We don't need to care for |security_options| as the factories constructed
   // below are used only for navigation.
+  // We also don't care about retrieving cookies in this case because these will
+  // be schemes unrelated to the regular network stack so it doesn't make sense
+  // to look for cookies. Providing a nullopt for the cookie manager lets
+  // the AwProxyingURLLoaderFactory know to skip that work.
   if (content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)) {
     // Manages its own lifetime.
     new android_webview::AwProxyingURLLoaderFactory(
-        frame_tree_node_id, std::move(receiver), mojo::NullRemote(),
-        true /* intercept_only */, std::nullopt /* security_options */,
+        std::nullopt /* cookie_manager */, nullptr /* cookie_access_policy */,
+        std::nullopt /* isolation_info*/, frame_tree_node_id,
+        std::move(receiver), mojo::NullRemote(), true /* intercept_only */,
+        std::nullopt /* security_options */,
         nullptr /* xrw_allowlist_matcher */, std::move(browser_context_handle),
         std::nullopt /* navigation_id */);
   } else {
@@ -908,7 +917,10 @@ bool AwContentBrowserClient::HandleExternalProtocol(
                    browser_context_handle) {
               // Manages its own lifetime.
               new android_webview::AwProxyingURLLoaderFactory(
-                  frame_tree_node_id, std::move(receiver), mojo::NullRemote(),
+                  std::nullopt /* cookie_manager */,
+                  nullptr /* cookie_access_policy */,
+                  std::nullopt /* isolation_info*/, frame_tree_node_id,
+                  std::move(receiver), mojo::NullRemote(),
                   true /* intercept_only */,
                   std::nullopt /* security_options */,
                   nullptr /* xrw_allowlist_matcher */,
@@ -1046,6 +1058,17 @@ void AwContentBrowserClient::WillCreateURLLoaderFactory(
   scoped_refptr<AwBrowserContextIoThreadHandle> browser_context_handle =
       base::MakeRefCounted<AwBrowserContextIoThreadHandle>(
           static_cast<AwBrowserContext*>(browser_context));
+
+  mojo::PendingRemote<network::mojom::CookieManager> cookie_manager;
+  browser_context->GetDefaultStoragePartition()
+      ->GetNetworkContext()
+      ->GetCookieManager(cookie_manager.InitWithNewPipeAndPassReceiver());
+
+  AwBrowserContext* aw_browser_context =
+      static_cast<AwBrowserContext*>(browser_context);
+  AwCookieAccessPolicy* cookie_access_policy =
+      aw_browser_context->GetCookieManager()->cookie_access_policy();
+
   if (frame) {
     auto security_options =
         std::make_optional<AwProxyingURLLoaderFactory::SecurityOptions>();
@@ -1075,21 +1098,21 @@ void AwContentBrowserClient::WillCreateURLLoaderFactory(
 
     content::GetIOThreadTaskRunner({})->PostTask(
         FROM_HERE,
-        base::BindOnce(&AwProxyingURLLoaderFactory::CreateProxy,
-                       frame->GetFrameTreeNodeId(), std::move(proxied_receiver),
-                       std::move(target_factory_remote), security_options,
-                       std::move(xrw_allowlist_matcher),
-                       std::move(browser_context_handle), navigation_id));
+        base::BindOnce(
+            &AwProxyingURLLoaderFactory::CreateProxy, std::move(cookie_manager),
+            cookie_access_policy, isolation_info, frame->GetFrameTreeNodeId(),
+            std::move(proxied_receiver), std::move(target_factory_remote),
+            security_options, std::move(xrw_allowlist_matcher),
+            std::move(browser_context_handle), navigation_id));
   } else {
     // A service worker and worker subresources set nullptr to |frame|, and
     // work without seeing the AllowUniversalAccessFromFileURLs setting. So,
     // we don't pass a valid |security_options| here.
-    AwBrowserContext* aw_browser_context =
-        static_cast<AwBrowserContext*>(browser_context);
     content::GetIOThreadTaskRunner({})->PostTask(
         FROM_HERE,
         base::BindOnce(
-            &AwProxyingURLLoaderFactory::CreateProxy,
+            &AwProxyingURLLoaderFactory::CreateProxy, std::move(cookie_manager),
+            cookie_access_policy, isolation_info,
             content::RenderFrameHost::kNoFrameTreeNodeId,
             std::move(proxied_receiver), std::move(target_factory_remote),
             std::nullopt /* security_options */,
@@ -1191,6 +1214,14 @@ void AwContentBrowserClient::LogWebFeatureForCurrentPage(
       render_frame_host, feature);
 }
 
+void AwContentBrowserClient::LogWebDXFeatureForCurrentPage(
+    content::RenderFrameHost* render_frame_host,
+    blink::mojom::WebDXFeature feature) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  page_load_metrics::MetricsWebContentsObserver::RecordFeatureUsage(
+      render_frame_host, feature);
+}
+
 content::ContentBrowserClient::PrivateNetworkRequestPolicyOverride
 AwContentBrowserClient::ShouldOverridePrivateNetworkRequestPolicy(
     content::BrowserContext* browser_context,

tools/under-control/src/android_webview/browser/aw_field_trials.cc

@@ -6,8 +6,11 @@
 
 #include "android_webview/common/aw_switches.h"
 #include "base/base_paths_android.h"
+#include "base/check.h"
 #include "base/feature_list.h"
 #include "base/memory/raw_ref.h"
+#include "base/metrics/field_trial.h"
+#include "base/metrics/field_trial_params.h"
 #include "base/metrics/persistent_histogram_allocator.h"
 #include "base/path_service.h"
 #include "components/history/core/browser/features.h"
@@ -37,6 +40,12 @@ class AwFeatureOverrides {
   AwFeatureOverrides& operator=(const AwFeatureOverrides& other) = delete;
 
   ~AwFeatureOverrides() {
+    for (const auto& field_trial_override : field_trial_overrides_) {
+      feature_list_->RegisterFieldTrialOverride(
+          field_trial_override.feature->name,
+          field_trial_override.override_state,
+          field_trial_override.field_trial);
+    }
     feature_list_->RegisterExtraFeatureOverrides(std::move(overrides_));
   }
 
@@ -54,9 +63,29 @@ class AwFeatureOverrides {
         base::FeatureList::OverrideState::OVERRIDE_DISABLE_FEATURE);
   }
 
+  // Enable or disable a feature with a field trial. This can be used for
+  // setting feature parameters.
+  void OverrideFeatureWithFieldTrial(
+      const base::Feature& feature,
+      base::FeatureList::OverrideState override_state,
+      base::FieldTrial* field_trial) {
+    field_trial_overrides_.emplace_back(FieldTrialOverride{
+        .feature = raw_ref(feature),
+        .override_state = override_state,
+        .field_trial = field_trial,
+    });
+  }
+
  private:
+  struct FieldTrialOverride {
+    raw_ref<const base::Feature> feature;
+    base::FeatureList::OverrideState override_state;
+    raw_ptr<base::FieldTrial> field_trial;
+  };
+
   base::raw_ref<base::FeatureList> feature_list_;
   std::vector<base::FeatureList::FeatureOverrideInfo> overrides_;
+  std::vector<FieldTrialOverride> field_trial_overrides_;
 };
 
 }  // namespace
@@ -83,14 +112,6 @@ void AwFieldTrials::RegisterFeatureOverrides(base::FeatureList* feature_list) {
   aw_feature_overrides.DisableFeature(
       net::features::kThirdPartyStoragePartitioning);
 
-  if (!base::FeatureList::IsEnabled(
-          mojo::features::kMojoFixAssociatedHandleLeak)) {
-    // Disable support for partitioning blob URLs if the bug fix that prevents
-    // blob URL creation from hanging under certain conditions isn't enabled.
-    aw_feature_overrides.DisableFeature(
-        net::features::kSupportPartitionedBlobUrl);
-  }
-
   // Disable the passthrough on WebView.
   aw_feature_overrides.DisableFeature(
       ::features::kDefaultPassthroughCommandDecoder);
@@ -105,6 +126,10 @@ void AwFieldTrials::RegisterFeatureOverrides(base::FeatureList* feature_list) {
   // Disable fenced frames on WebView.
   aw_feature_overrides.DisableFeature(blink::features::kFencedFrames);
 
+  // Disable FLEDGE on WebView.
+  aw_feature_overrides.DisableFeature(blink::features::kAdInterestGroupAPI);
+  aw_feature_overrides.DisableFeature(blink::features::kFledge);
+
   // Disable low latency overlay for WebView. There is currently no plan to
   // enable these optimizations in WebView though they are not fundamentally
   // impossible.
@@ -205,14 +230,44 @@ void AwFieldTrials::RegisterFeatureOverrides(base::FeatureList* feature_list) {
   aw_feature_overrides.DisableFeature(
       safe_browsing::kSafeBrowsingNewGmsApiForBrowseUrlDatabaseCheck);
 
-  if (base::CommandLine::ForCurrentProcess()->HasSwitch(
-          switches::kDebugBlindauth)) {
-    aw_feature_overrides.EnableFeature(net::features::kEnableIpProtectionProxy);
+  // PaintHolding for OOPIFs. This should be a no-op since WebView doesn't use
+  // site isolation but field trial testing doesn't indicate that. Revisit when
+  // enabling site isolation. See crbug.com/356170748.
+  aw_feature_overrides.DisableFeature(blink::features::kPaintHoldingForIframes);
+
+  if (base::CommandLine::ForCurrentProcess()->HasSwitch(switches::kDebugBsa)) {
+    // Feature parameters can only be set via a field trial.
+    const char kTrialName[] = "StudyDebugBsa";
+    const char kGroupName[] = "GroupDebugBsa";
+    base::FieldTrial* field_trial =
+        base::FieldTrialList::CreateFieldTrial(kTrialName, kGroupName);
+    // If field_trial is null, there was some unexpected name conflict.
+    CHECK(field_trial);
+    base::FieldTrialParams params;
+    params.emplace(net::features::kIpPrivacyTokenServer.name,
+                   "https://staging-phosphor-pa.sandbox.googleapis.com");
+    base::AssociateFieldTrialParams(kTrialName, kGroupName, params);
+    aw_feature_overrides.OverrideFeatureWithFieldTrial(
+        net::features::kEnableIpProtectionProxy,
+        base::FeatureList::OverrideState::OVERRIDE_ENABLE_FEATURE, field_trial);
     aw_feature_overrides.EnableFeature(network::features::kMaskedDomainList);
   }
 
   // Delete Incidental Party State (DIPS) feature is not yet supported on
   // WebView.
   // TODO(b/344852824): Enable the feature for WebView
   aw_feature_overrides.DisableFeature(::features::kDIPS);
+
+  // Async Safe Browsing check will be rolled out together with
+  // kHashPrefixRealTimeLookups on WebView.
+  aw_feature_overrides.DisableFeature(
+      safe_browsing::kSafeBrowsingAsyncRealTimeCheck);
+
+  // WebView does not currently support the Permissions API (crbug.com/490120)
+  aw_feature_overrides.DisableFeature(::features::kWebPermissionsApi);
+
+  // TODO(crbug.com/356827071): Enable the feature for WebView.
+  // Disable PlzDedicatedWorker as a workaround for crbug.com/356827071.
+  // Otherwise, importScripts fails on WebView.
+  aw_feature_overrides.DisableFeature(blink::features::kPlzDedicatedWorker);
 }