0001-safe_browsing-disable-cookie-transmission.patch

From 97a19179ac22df94a0273a1511749b6137e9bce5 Mon Sep 17 00:00:00 2001
From: Joachim Bauch <jojo@struktur.de>
Date: Wed, 22 Jul 2015 12:24:15 +0200
Subject: [PATCH] safe_browsing: disable cookie transmission

Disables sending/setting cookies for Safebrowsing requests. This
prevents the long-living tracking cookie from being set.

References: https://github.com/iridium-browser/iridium-browser/issues/37
---
 .../chrome_cleaner/chrome_cleaner_fetcher_win.cc         |  6 +++---
 .../safe_browsing/client_side_detection_service.cc       |  7 ++++++-
 .../download_protection/check_client_download_request.cc |  2 +-
 .../download_protection/ppapi_download_request.cc        |  2 +-
 chrome/browser/safe_browsing/protocol_manager.cc         | 16 ++++++++++++----
 components/safe_browsing/browser/threat_details_cache.cc |  2 +-
 6 files changed, 24 insertions(+), 11 deletions(-)

diff --git a/chrome/browser/safe_browsing/chrome_cleaner/chrome_cleaner_fetcher_win.cc b/chrome/browser/safe_browsing/chrome_cleaner/chrome_cleaner_fetcher_win.cc
index 4f7d2279096b..fe3ed1a2e2c2 100644
--- a/chrome/browser/safe_browsing/chrome_cleaner/chrome_cleaner_fetcher_win.cc
+++ b/chrome/browser/safe_browsing/chrome_cleaner/chrome_cleaner_fetcher_win.cc
@@ -205,9 +205,9 @@ void ChromeCleanerFetcher::OnTemporaryDirectoryCreated(bool success) {
 
   data_use_measurement::DataUseUserData::AttachToFetcher(
       url_fetcher_.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING);
-  url_fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE |
-                             net::LOAD_DO_NOT_SEND_COOKIES |
-                             net::LOAD_DO_NOT_SAVE_COOKIES);
+  
+url_fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE | net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_COOKIES);
+
   url_fetcher_->SetMaxRetriesOn5xx(3);
   url_fetcher_->SaveResponseToFileAtPath(temp_file_, blocking_task_runner_);
   url_fetcher_->SetRequestContext(g_browser_process->system_request_context());
diff --git a/chrome/browser/safe_browsing/client_side_detection_service.cc b/chrome/browser/safe_browsing/client_side_detection_service.cc
index caa24bb5de38..734c1cf5300a 100644
--- a/chrome/browser/safe_browsing/client_side_detection_service.cc
+++ b/chrome/browser/safe_browsing/client_side_detection_service.cc
@@ -345,7 +345,9 @@ void ClientSideDetectionService::StartClientReportPhishingRequest(
   info->phishing_url = GURL(request->url());
   client_phishing_reports_[fetcher_ptr] = std::move(info);
 
-  fetcher_ptr->SetLoadFlags(net::LOAD_DISABLE_CACHE);
+  fetcher_ptr->SetLoadFlags(net::LOAD_DO_NOT_SAVE_COOKIES |
+                            net::LOAD_DO_NOT_SEND_COOKIES |
+                            net::LOAD_DISABLE_CACHE);
   fetcher_ptr->SetRequestContext(request_context_getter_.get());
   fetcher_ptr->SetUploadData("application/octet-stream", request_data);
   fetcher_ptr->Start();
@@ -426,6 +428,9 @@ void ClientSideDetectionService::StartClientReportMalwareRequest(
   info->original_url = GURL(request->url());
   client_malware_reports_[fetcher_ptr] = std::move(info);
 
+  fetcher_ptr->SetLoadFlags(net::LOAD_DO_NOT_SAVE_COOKIES |
+                            net::LOAD_DO_NOT_SEND_COOKIES |
+                            net::LOAD_DISABLE_CACHE);
   fetcher_ptr->SetLoadFlags(net::LOAD_DISABLE_CACHE);
   fetcher_ptr->SetRequestContext(request_context_getter_.get());
   fetcher_ptr->SetUploadData("application/octet-stream", request_data);
diff --git a/chrome/browser/safe_browsing/download_protection/check_client_download_request.cc b/chrome/browser/safe_browsing/download_protection/check_client_download_request.cc
index 1c5ba8d985b2..55533f262280 100644
--- a/chrome/browser/safe_browsing/download_protection/check_client_download_request.cc
+++ b/chrome/browser/safe_browsing/download_protection/check_client_download_request.cc
@@ -971,7 +971,7 @@ void CheckClientDownloadRequest::SendRequest() {
                               net::URLFetcher::POST, this, traffic_annotation);
   data_use_measurement::DataUseUserData::AttachToFetcher(
       fetcher_.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING);
-  fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE);
+  fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE | net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_COOKIES);
   fetcher_->SetAutomaticallyRetryOn5xx(false);  // Don't retry on error.
   fetcher_->SetRequestContext(service_->request_context_getter_.get());
   fetcher_->SetUploadData("application/octet-stream",
diff --git a/chrome/browser/safe_browsing/download_protection/ppapi_download_request.cc b/chrome/browser/safe_browsing/download_protection/ppapi_download_request.cc
index 5e87d3bea9fc..cb40665d2445 100644
--- a/chrome/browser/safe_browsing/download_protection/ppapi_download_request.cc
+++ b/chrome/browser/safe_browsing/download_protection/ppapi_download_request.cc
@@ -241,7 +241,7 @@ void PPAPIDownloadRequest::SendRequest() {
                               this, traffic_annotation);
   data_use_measurement::DataUseUserData::AttachToFetcher(
       fetcher_.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING);
-  fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE);
+  fetcher_->SetLoadFlags(net::LOAD_DISABLE_CACHE | net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SAVE_COOKIES);
   fetcher_->SetAutomaticallyRetryOn5xx(false);
   fetcher_->SetRequestContext(service_->request_context_getter_.get());
   fetcher_->SetUploadData("application/octet-stream",
diff --git a/chrome/browser/safe_browsing/protocol_manager.cc b/chrome/browser/safe_browsing/protocol_manager.cc
index 9ef0471453ea..e80b19a599c4 100644
--- a/chrome/browser/safe_browsing/protocol_manager.cc
+++ b/chrome/browser/safe_browsing/protocol_manager.cc
@@ -293,7 +293,9 @@ void SafeBrowsingProtocolManager::GetFullHash(
 
   const std::string get_hash = FormatGetHash(prefixes);
 
-  fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE);
+  fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE |
+                        net::LOAD_DO_NOT_SAVE_COOKIES |
+                        net::LOAD_DO_NOT_SEND_COOKIES);
   fetcher->SetRequestContext(request_context_getter_.get());
   fetcher->SetUploadData("text/plain", get_hash);
   fetcher->Start();
@@ -685,7 +687,9 @@ bool SafeBrowsingProtocolManager::IssueBackupUpdateRequest(
                               net::URLFetcher::POST, this, traffic_annotation);
   data_use_measurement::DataUseUserData::AttachToFetcher(
       request_.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING);
-  request_->SetLoadFlags(net::LOAD_DISABLE_CACHE);
+  request_->SetLoadFlags(net::LOAD_DISABLE_CACHE |
+                         net::LOAD_DO_NOT_SAVE_COOKIES |
+                         net::LOAD_DO_NOT_SEND_COOKIES);
   request_->SetRequestContext(request_context_getter_.get());
   request_->SetUploadData("text/plain", update_list_data_);
   request_->Start();
@@ -714,7 +718,9 @@ void SafeBrowsingProtocolManager::IssueChunkRequest() {
                                      kChunkBackupRequestTrafficAnnotation);
   data_use_measurement::DataUseUserData::AttachToFetcher(
       request_.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING);
-  request_->SetLoadFlags(net::LOAD_DISABLE_CACHE);
+  request_->SetLoadFlags(net::LOAD_DISABLE_CACHE |
+                         net::LOAD_DO_NOT_SAVE_COOKIES |
+                         net::LOAD_DO_NOT_SEND_COOKIES);
   request_->SetRequestContext(request_context_getter_.get());
   chunk_request_start_ = base::Time::Now();
   request_->Start();
@@ -768,7 +774,9 @@ void SafeBrowsingProtocolManager::OnGetChunksComplete(
                                      kChunkBackupRequestTrafficAnnotation);
   data_use_measurement::DataUseUserData::AttachToFetcher(
       request_.get(), data_use_measurement::DataUseUserData::SAFE_BROWSING);
-  request_->SetLoadFlags(net::LOAD_DISABLE_CACHE);
+  request_->SetLoadFlags(net::LOAD_DISABLE_CACHE |
+                         net::LOAD_DO_NOT_SAVE_COOKIES |
+                         net::LOAD_DO_NOT_SEND_COOKIES);
   request_->SetRequestContext(request_context_getter_.get());
   request_->SetUploadData("text/plain", update_list_data_);
   request_->Start();
diff --git a/components/safe_browsing/browser/threat_details_cache.cc b/components/safe_browsing/browser/threat_details_cache.cc
index 8b5ed066b609..7caef515bf6b 100644
--- a/components/safe_browsing/browser/threat_details_cache.cc
+++ b/components/safe_browsing/browser/threat_details_cache.cc
@@ -119,7 +119,7 @@ void ThreatDetailsCacheCollector::OpenEntry() {
   // Only from cache, and don't save cookies.
   current_fetch_->SetLoadFlags(net::LOAD_ONLY_FROM_CACHE |
                                net::LOAD_SKIP_CACHE_VALIDATION |
-                               net::LOAD_DO_NOT_SAVE_COOKIES);
+                               net::LOAD_DO_NOT_SAVE_COOKIES | net::LOAD_DO_NOT_SEND_COOKIES);
   current_fetch_->SetAutomaticallyRetryOn5xx(false);  // No retries.
   current_fetch_->Start();  // OnURLFetchComplete will be called when done.
 }
-- 
2.14.3