mirror/naiveproxy
1
0
Fork 0
mirror of https://github.com/klzgrad/naiveproxy.git synced 2025-04-11 21:21:07 +00:00
Code Issues Projects Releases Wiki Activity
naiveproxy/src/net/base/features.cc
importer 2400c50aa5 Import chromium-114.0.5735.91
2023-06-03 08:01:16 +08:00

357 lines
12 KiB
C++
Raw Blame History

// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/base/features.h"
#include <vector>
#include "base/feature_list.h"
#include "build/build_config.h"
#include "net/net_buildflags.h"
namespace net::features {
BASE_FEATURE(kAlpsForHttp2, "AlpsForHttp2", base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kAvoidH2Reprioritization,
"AvoidH2Reprioritization",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kCapReferrerToOriginOnCrossOrigin,
"CapReferrerToOriginOnCrossOrigin",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kDnsTransactionDynamicTimeouts,
"DnsTransactionDynamicTimeouts",
base::FEATURE_DISABLED_BY_DEFAULT);
const base::FeatureParam<double> kDnsTransactionTimeoutMultiplier{
&kDnsTransactionDynamicTimeouts, "DnsTransactionTimeoutMultiplier", 7.5};
const base::FeatureParam<base::TimeDelta> kDnsMinTransactionTimeout{
&kDnsTransactionDynamicTimeouts, "DnsMinTransactionTimeout",
base::Seconds(12)};
BASE_FEATURE(kUseDnsHttpsSvcb,
"UseDnsHttpsSvcb",
base::FEATURE_ENABLED_BY_DEFAULT);
const base::FeatureParam<bool> kUseDnsHttpsSvcbEnforceSecureResponse{
&kUseDnsHttpsSvcb, "UseDnsHttpsSvcbEnforceSecureResponse", false};
const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbInsecureExtraTimeMax{
&kUseDnsHttpsSvcb, "UseDnsHttpsSvcbInsecureExtraTimeMax",
base::Milliseconds(50)};
const base::FeatureParam<int> kUseDnsHttpsSvcbInsecureExtraTimePercent{
&kUseDnsHttpsSvcb, "UseDnsHttpsSvcbInsecureExtraTimePercent", 20};
const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbInsecureExtraTimeMin{
&kUseDnsHttpsSvcb, "UseDnsHttpsSvcbInsecureExtraTimeMin",
base::Milliseconds(5)};
const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbSecureExtraTimeMax{
&kUseDnsHttpsSvcb, "UseDnsHttpsSvcbSecureExtraTimeMax",
base::Milliseconds(50)};
const base::FeatureParam<int> kUseDnsHttpsSvcbSecureExtraTimePercent{
&kUseDnsHttpsSvcb, "UseDnsHttpsSvcbSecureExtraTimePercent", 20};
const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbSecureExtraTimeMin{
&kUseDnsHttpsSvcb, "UseDnsHttpsSvcbSecureExtraTimeMin",
base::Milliseconds(5)};
BASE_FEATURE(kUseDnsHttpsSvcbAlpn,
"UseDnsHttpsSvcbAlpn",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSHA1ServerSignature,
"SHA1ServerSignature",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kEnableTLS13EarlyData,
"EnableTLS13EarlyData",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kEncryptedClientHello,
"EncryptedClientHello",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kEncryptedClientHelloQuic,
"EncryptedClientHelloQuic",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kNetworkQualityEstimator,
"NetworkQualityEstimator",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSplitCacheByIncludeCredentials,
"SplitCacheByIncludeCredentials",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSplitCacheByNetworkIsolationKey,
"SplitCacheByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSplitCodeCacheByNetworkIsolationKey,
"SplitCodeCacheByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSplitHostCacheByNetworkIsolationKey,
"SplitHostCacheByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kPartitionConnectionsByNetworkIsolationKey,
"PartitionConnectionsByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kPartitionHttpServerPropertiesByNetworkIsolationKey,
"PartitionHttpServerPropertiesByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kPartitionSSLSessionsByNetworkIsolationKey,
"PartitionSSLSessionsByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kPartitionNelAndReportingByNetworkIsolationKey,
"PartitionNelAndReportingByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kEnableCrossSiteFlagNetworkIsolationKey,
"EnableCrossSiteFlagNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kTLS13KeyUpdate,
"TLS13KeyUpdate",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kPermuteTLSExtensions,
"PermuteTLSExtensions",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kPostQuantumKyber,
"PostQuantumKyber",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kNetUnusedIdleSocketTimeout,
"NetUnusedIdleSocketTimeout",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kShortLaxAllowUnsafeThreshold,
"ShortLaxAllowUnsafeThreshold",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSameSiteDefaultChecksMethodRigorously,
"SameSiteDefaultChecksMethodRigorously",
base::FEATURE_DISABLED_BY_DEFAULT);
#if BUILDFLAG(TRIAL_COMPARISON_CERT_VERIFIER_SUPPORTED)
// Enables the dual certificate verification trial feature.
// https://crbug.com/649026
BASE_FEATURE(kCertDualVerificationTrialFeature,
"CertDualVerificationTrial",
base::FEATURE_DISABLED_BY_DEFAULT);
#endif
#if BUILDFLAG(CHROME_ROOT_STORE_OPTIONAL)
BASE_FEATURE(kChromeRootStoreUsed,
"ChromeRootStoreUsed",
base::FEATURE_DISABLED_BY_DEFAULT);
#endif // BUILDFLAG(CHROME_ROOT_STORE_OPTIONAL)
#if BUILDFLAG(IS_MAC) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_WIN)
BASE_FEATURE(kTrustStoreTrustedLeafSupport,
"TrustStoreTrustedLeafSupport",
base::FEATURE_ENABLED_BY_DEFAULT);
#endif
BASE_FEATURE(kTurnOffStreamingMediaCachingOnBattery,
"TurnOffStreamingMediaCachingOnBattery",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kTurnOffStreamingMediaCachingAlways,
"TurnOffStreamingMediaCachingAlways",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSchemefulSameSite,
"SchemefulSameSite",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kLimitOpenUDPSockets,
"LimitOpenUDPSockets",
base::FEATURE_ENABLED_BY_DEFAULT);
extern const base::FeatureParam<int> kLimitOpenUDPSocketsMax(
&kLimitOpenUDPSockets,
"LimitOpenUDPSocketsMax",
6000);
BASE_FEATURE(kTimeoutTcpConnectAttempt,
"TimeoutTcpConnectAttempt",
base::FEATURE_DISABLED_BY_DEFAULT);
extern const base::FeatureParam<double> kTimeoutTcpConnectAttemptRTTMultiplier(
&kTimeoutTcpConnectAttempt,
"TimeoutTcpConnectAttemptRTTMultiplier",
5.0);
extern const base::FeatureParam<base::TimeDelta> kTimeoutTcpConnectAttemptMin(
&kTimeoutTcpConnectAttempt,
"TimeoutTcpConnectAttemptMin",
base::Seconds(8));
extern const base::FeatureParam<base::TimeDelta> kTimeoutTcpConnectAttemptMax(
&kTimeoutTcpConnectAttempt,
"TimeoutTcpConnectAttemptMax",
base::Seconds(30));
#if BUILDFLAG(ENABLE_REPORTING)
BASE_FEATURE(kDocumentReporting,
"DocumentReporting",
base::FEATURE_ENABLED_BY_DEFAULT);
#endif // BUILDFLAG(ENABLE_REPORTING)
#if BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA)
BASE_FEATURE(kUdpSocketPosixAlwaysUpdateBytesReceived,
"UdpSocketPosixAlwaysUpdateBytesReceived",
base::FEATURE_ENABLED_BY_DEFAULT);
#endif // BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA)
BASE_FEATURE(kCookieSameSiteConsidersRedirectChain,
"CookieSameSiteConsidersRedirectChain",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kSamePartyAttributeEnabled,
"SamePartyAttributeEnabled",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kPartitionedCookies,
"PartitionedCookies",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kNoncedPartitionedCookies,
"NoncedPartitionedCookies",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kClampCookieExpiryTo400Days,
"ClampCookieExpiryTo400Days",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kStaticKeyPinningEnforcement,
"StaticKeyPinningEnforcement",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kCookieDomainRejectNonASCII,
"CookieDomainRejectNonASCII",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kBlockSetCookieHeader,
"BlockSetCookieHeader",
base::FEATURE_ENABLED_BY_DEFAULT);
// Enables partitioning of third party storage (IndexedDB, CacheStorage, etc.)
// by the top level site to reduce fingerprinting.
BASE_FEATURE(kThirdPartyStoragePartitioning,
"ThirdPartyStoragePartitioning",
base::FEATURE_DISABLED_BY_DEFAULT);
// Whether to use the new code paths needed to support partitioning Blob URLs.
// This exists as a kill-switch in case an issue is identified with the Blob
// URL implementation that causes breakage.
// TODO(https://crbug.com/1407944): Kill-switch activated - investigate cause of
// increased renderer hangs.
BASE_FEATURE(kSupportPartitionedBlobUrl,
"SupportPartitionedBlobUrl",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kAlpsParsing, "AlpsParsing", base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kAlpsClientHintParsing,
"AlpsClientHintParsing",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kShouldKillSessionOnAcceptChMalformed,
"ShouldKillSessionOnAcceptChMalformed",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kCaseInsensitiveCookiePrefix,
"CaseInsensitiveCookiePrefix",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kEnableWebsocketsOverHttp3,
"EnableWebsocketsOverHttp3",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kUseNAT64ForIPv4Literal,
"UseNAT64ForIPv4Literal",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kBlockNewForbiddenHeaders,
"BlockNewForbiddenHeaders",
base::FEATURE_ENABLED_BY_DEFAULT);
#if BUILDFLAG(IS_WIN)
BASE_FEATURE(kPlatformKeyProbeSHA256,
"PlatformKeyProbeSHA256",
base::FEATURE_ENABLED_BY_DEFAULT);
#endif
// Enable support for HTTP extensible priorities (RFC 9218)
BASE_FEATURE(kPriorityIncremental,
"PriorityIncremental",
base::FEATURE_ENABLED_BY_DEFAULT);
// Prefetch to follow normal semantics instead of 5-minute rule
// https://crbug.com/1345207
BASE_FEATURE(kPrefetchFollowsNormalCacheSemantics,
"PrefetchFollowsNormalCacheSemantics",
base::FEATURE_DISABLED_BY_DEFAULT);
// A flag for new Kerberos feature, that suggests new UI
// when Kerberos authentication in browser fails on ChromeOS.
// b/260522530
#if BUILDFLAG(IS_CHROMEOS)
BASE_FEATURE(kKerberosInBrowserRedirect,
"KerberosInBrowserRedirect",
base::FEATURE_DISABLED_BY_DEFAULT);
#endif
// A flag to use asynchronous session creation for new QUIC sessions.
BASE_FEATURE(kAsyncQuicSession,
"AsyncQuicSession",
base::FEATURE_DISABLED_BY_DEFAULT);
// IP protection experiment configuration settings
BASE_FEATURE(kEnableIpProtectionProxy,
"EnableIpPrivacyProxy",
base::FEATURE_DISABLED_BY_DEFAULT);
const base::FeatureParam<std::string> kIpPrivacyProxyServer{
&kEnableIpProtectionProxy, /*name=*/"IpPrivacyProxyServer",
/*default_value=*/""};
const base::FeatureParam<std::string> kIpPrivacyProxyAllowlist{
&kEnableIpProtectionProxy, /*name=*/"IpPrivacyProxyAllowlist",
/*default_value=*/""};
// Network-change migration requires NetworkHandle support, which are currently
// only supported on Android (see
// NetworkChangeNotifier::AreNetworkHandlesSupported).
#if BUILDFLAG(IS_ANDROID)
inline constexpr auto kMigrateSessionsOnNetworkChangeV2Default =
base::FEATURE_ENABLED_BY_DEFAULT;
#else // !BUILDFLAG(IS_ANDROID)
inline constexpr auto kMigrateSessionsOnNetworkChangeV2Default =
base::FEATURE_DISABLED_BY_DEFAULT;
#endif // BUILDFLAG(IS_ANDROID)
BASE_FEATURE(kMigrateSessionsOnNetworkChangeV2,
"MigrateSessionsOnNetworkChangeV2",
kMigrateSessionsOnNetworkChangeV2Default);
#if BUILDFLAG(IS_LINUX)
BASE_FEATURE(kAddressTrackerLinuxIsProxied,
"AddressTrackerLinuxIsProxied",
base::FEATURE_ENABLED_BY_DEFAULT);
#endif // BUILDFLAG(IS_LINUX)
} // namespace net::features
Reference in a new issue View git blame Copy permalink