LeOSium_webview/LeOS/patches/00Disable-privacy-issues-in...

178 lines
9.0 KiB
Diff
Raw Permalink Normal View History

2023-11-18 11:46:19 +01:00
From: uazo <uazo@users.noreply.github.com>
Date: Tue, 14 Mar 2023 15:59:38 +0000
Subject: Disable privacy issues in password manager
License: GPL-2.0-or-later - https://spdx.org/licenses/GPL-2.0-or-later.html
---
chrome/android/java/AndroidManifest.xml | 9 --------
.../generated_password_leak_detection_pref.cc | 3 +--
.../affiliation/affiliation_backend.cc | 1 +
.../affiliation/affiliation_service_impl.cc | 4 ++++
.../core/browser/affiliation/facet_manager.cc | 23 +++----------------
.../browser/features/password_features.cc | 12 +++++-----
.../leak_detection_check_factory_impl.cc | 5 ++++
.../leak_detection_check_impl.cc | 4 +---
8 files changed, 21 insertions(+), 40 deletions(-)
diff --git a/chrome/android/java/AndroidManifest.xml b/chrome/android/java/AndroidManifest.xml
--- a/chrome/android/java/AndroidManifest.xml
+++ b/chrome/android/java/AndroidManifest.xml
@@ -446,15 +446,6 @@ by a child template that "extends" this file.
</intent-filter>
</receiver>
- <!-- Phishing Protection related -->
- <receiver android:name="org.chromium.chrome.browser.safe_browsing.PasswordProtectionBroadcastReceiver"
- android:exported="true"
- android:permission="com.google.android.gms.permission.INTERNAL_BROADCAST">
- <intent-filter>
- <action android:name="com.android.chrome.safe_browsing.LOGIN" />
- </intent-filter>
- </receiver>
-
<!-- Upgrade related -->
<receiver android:name="org.chromium.chrome.browser.upgrade.PackageReplacedBroadcastReceiver"
android:exported="false">
diff --git a/chrome/browser/password_manager/generated_password_leak_detection_pref.cc b/chrome/browser/password_manager/generated_password_leak_detection_pref.cc
--- a/chrome/browser/password_manager/generated_password_leak_detection_pref.cc
+++ b/chrome/browser/password_manager/generated_password_leak_detection_pref.cc
@@ -20,8 +20,7 @@ namespace {
// Returns whether the user can use the leak detection feature.
bool IsUserAllowedToUseLeakDetection(Profile* profile) {
- return !profile->IsGuestSession() &&
- IdentityManagerFactory::GetForProfileIfExists(profile);
+ return false;
}
// Returns whether the effective value of the Safe Browsing preferences for
diff --git a/components/password_manager/core/browser/affiliation/affiliation_backend.cc b/components/password_manager/core/browser/affiliation/affiliation_backend.cc
--- a/components/password_manager/core/browser/affiliation/affiliation_backend.cc
+++ b/components/password_manager/core/browser/affiliation/affiliation_backend.cc
@@ -404,6 +404,7 @@ void AffiliationBackend::OnMalformedResponse(
}
bool AffiliationBackend::OnCanSendNetworkRequest() {
+ if ((true)) return false;
DCHECK(!fetcher_);
std::vector<FacetURI> requested_facet_uris;
for (const auto& facet_manager_pair : facet_managers_) {
diff --git a/components/password_manager/core/browser/affiliation/affiliation_service_impl.cc b/components/password_manager/core/browser/affiliation/affiliation_service_impl.cc
--- a/components/password_manager/core/browser/affiliation/affiliation_service_impl.cc
+++ b/components/password_manager/core/browser/affiliation/affiliation_service_impl.cc
@@ -127,6 +127,10 @@ void AffiliationServiceImpl::Shutdown() {
void AffiliationServiceImpl::PrefetchChangePasswordURLs(
const std::vector<GURL>& urls,
base::OnceClosure callback) {
+ if ((true)) {
+ std::move(callback).Run();
+ return;
+ }
std::vector<FacetURI> facets;
std::vector<url::SchemeHostPort> tuple_origins;
for (const auto& url : urls) {
diff --git a/components/password_manager/core/browser/affiliation/facet_manager.cc b/components/password_manager/core/browser/affiliation/facet_manager.cc
--- a/components/password_manager/core/browser/affiliation/facet_manager.cc
+++ b/components/password_manager/core/browser/affiliation/facet_manager.cc
@@ -117,25 +117,7 @@ void FacetManager::GetAffiliationsAndBranding(
RequestInfo request_info;
request_info.callback = std::move(callback);
request_info.callback_task_runner = callback_task_runner;
- if (IsCachedDataFresh()) {
- AffiliatedFacetsWithUpdateTime affiliation;
- if (!backend_->ReadAffiliationsAndBrandingFromDatabase(facet_uri_,
- &affiliation)) {
- ServeRequestWithFailure(std::move(request_info));
- return;
- }
- DCHECK_EQ(affiliation.last_update_time, last_update_time_) << facet_uri_;
- ServeRequestWithSuccess(std::move(request_info), affiliation.facets);
- } else if (cache_miss_strategy == StrategyOnCacheMiss::FETCH_OVER_NETWORK) {
- pending_requests_.push_back(std::move(request_info));
- backend_->SignalNeedNetworkRequest();
- } else if (cache_miss_strategy ==
- StrategyOnCacheMiss::TRY_ONCE_OVER_NETWORK) {
- pending_one_time_requests_.push_back(std::move(request_info));
- backend_->SignalNeedNetworkRequest();
- } else {
- ServeRequestWithFailure(std::move(request_info));
- }
+ ServeRequestWithFailure(std::move(request_info));
}
void FacetManager::Prefetch(const base::Time& keep_fresh_until) {
@@ -254,7 +236,8 @@ void FacetManager::ServeRequestWithSuccess(
const AffiliatedFacets& affiliation) {
request_info.callback_task_runner->PostTask(
FROM_HERE,
- base::BindOnce(std::move(request_info.callback), affiliation, true));
+ base::BindOnce(std::move(request_info.callback),
+ AffiliatedFacets(), false));
}
// static
diff --git a/components/password_manager/core/browser/features/password_features.cc b/components/password_manager/core/browser/features/password_features.cc
--- a/components/password_manager/core/browser/features/password_features.cc
+++ b/components/password_manager/core/browser/features/password_features.cc
@@ -61,8 +61,8 @@ BASE_FEATURE(kFillingAcrossGroupedSites,
// Enables the experiment for the password manager to only fill on account
// selection, rather than autofilling on page load, with highlighting of fields.
BASE_FEATURE(kFillOnAccountSelect,
- "fill-on-account-select",
- base::FEATURE_DISABLED_BY_DEFAULT);
+ "fill-on-account-select", // always enabled
+ base::FEATURE_ENABLED_BY_DEFAULT); // by default
#if !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_IOS)
// Enables new confirmation bubble flow if generated password was used in a
@@ -88,14 +88,14 @@ BASE_FEATURE(kSharedPasswordNotificationUI,
// Enables password receiving service including incoming password sharing
// invitation sync data type.
BASE_FEATURE(kPasswordManagerEnableReceiverService,
- "PasswordManagerEnableReceiverService",
- base::FEATURE_DISABLED_BY_DEFAULT);
+ "PasswordManagerEnableReceiverService", // must disable
+ base::FEATURE_DISABLED_BY_DEFAULT); // by default
// Enables password sender service including outgoing password sharing
// invitation sync data type.
BASE_FEATURE(kPasswordManagerEnableSenderService,
- "PasswordManagerEnableSenderService",
- base::FEATURE_DISABLED_BY_DEFAULT);
+ "PasswordManagerEnableSenderService", // must disable
+ base::FEATURE_DISABLED_BY_DEFAULT); // by default
// Enables logging the content of chrome://password-manager-internals to the
// terminal.
diff --git a/components/password_manager/core/browser/leak_detection/leak_detection_check_factory_impl.cc b/components/password_manager/core/browser/leak_detection/leak_detection_check_factory_impl.cc
--- a/components/password_manager/core/browser/leak_detection/leak_detection_check_factory_impl.cc
+++ b/components/password_manager/core/browser/leak_detection/leak_detection_check_factory_impl.cc
@@ -46,6 +46,11 @@ LeakDetectionCheckFactoryImpl::TryCreateLeakCheck(
version_info::Channel channel) const {
CHECK(identity_manager);
+ if ((true)) {
+ delegate->OnError(LeakDetectionError::kNotSignIn);
+ return nullptr;
+ }
+
return std::make_unique<LeakDetectionCheckImpl>(
delegate, identity_manager, std::move(url_loader_factory),
GetAPIKey(LeakDetectionCheckImpl::HasAccountForRequest(identity_manager),
diff --git a/components/password_manager/core/browser/leak_detection/leak_detection_check_impl.cc b/components/password_manager/core/browser/leak_detection/leak_detection_check_impl.cc
--- a/components/password_manager/core/browser/leak_detection/leak_detection_check_impl.cc
+++ b/components/password_manager/core/browser/leak_detection/leak_detection_check_impl.cc
@@ -190,9 +190,7 @@ bool LeakDetectionCheckImpl::HasAccountForRequest(
// always return something if the user is signed in.
// On Android it will be empty if the user isn't syncing. Thus,
// GetAccountsWithRefreshTokens() check is necessary.
- return identity_manager &&
- (identity_manager->HasPrimaryAccount(signin::ConsentLevel::kSignin) ||
- !identity_manager->GetAccountsWithRefreshTokens().empty());
+ return false;
}
void LeakDetectionCheckImpl::Start(LeakDetectionInitiator initiator,
--
2.25.1