Google Git
Sign in
chromium / chromium / src / 2b544cbc99edf9ca0c569de1a434e45b43bd93be / . / services / network / public / cpp / features.cc
blob: 14167933cb271c560a8b9ebcaaadf83aa6ed1317 [file] [log] [blame]
// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "services/network/public/cpp/features.h"
#include "base/feature_list.h"
#include "base/metrics/field_trial_params.h"
#include "base/numerics/safe_conversions.h"
#include "base/system/sys_info.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
#include "net/base/mime_sniffer.h"
namespace network::features {
BASE_FEATURE(kNetworkErrorLogging,
"NetworkErrorLogging",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kReporting, "Reporting", base::FEATURE_ENABLED_BY_DEFAULT);
// Based on the field trial parameters, this feature will override the value of
// the maximum number of delayable requests allowed in flight. The number of
// delayable requests allowed in flight will be based on the network's
// effective connection type ranges and the
// corresponding number of delayable requests in flight specified in the
// experiment configuration. Based on field trial parameters, this experiment
// may also throttle delayable requests based on the number of non-delayable
// requests in-flight times a weighting factor.
BASE_FEATURE(kThrottleDelayable,
"ThrottleDelayable",
base::FEATURE_ENABLED_BY_DEFAULT);
// When kPriorityRequestsDelayableOnSlowConnections is enabled, HTTP
// requests fetched from a SPDY/QUIC/H2 proxies can be delayed by the
// ResourceScheduler just as HTTP/1.1 resources are. However, requests from such
// servers are not subject to kMaxNumDelayableRequestsPerHostPerClient limit.
BASE_FEATURE(kDelayRequestsOnMultiplexedConnections,
"DelayRequestsOnMultiplexedConnections",
base::FEATURE_ENABLED_BY_DEFAULT);
// When kPauseBrowserInitiatedHeavyTrafficForP2P is enabled, then a subset of
// the browser initiated traffic may be paused if there is at least one active
// P2P connection and the network is estimated to be congested. This feature is
// intended to throttle only the browser initiated traffic that is expected to
// be heavy (has large request/response sizes) when real time content might be
// streaming over an active P2P connection.
BASE_FEATURE(kPauseBrowserInitiatedHeavyTrafficForP2P,
"PauseBrowserInitiatedHeavyTrafficForP2P",
base::FEATURE_ENABLED_BY_DEFAULT);
// When kCORBProtectionSniffing is enabled CORB sniffs additional same-origin
// resources if they look sensitive.
BASE_FEATURE(kCORBProtectionSniffing,
"CORBProtectionSniffing",
base::FEATURE_ENABLED_BY_DEFAULT);
// When kProactivelyThrottleLowPriorityRequests is enabled,
// resource scheduler proactively throttles low priority requests to avoid
// network contention with high priority requests that may arrive soon.
BASE_FEATURE(kProactivelyThrottleLowPriorityRequests,
"ProactivelyThrottleLowPriorityRequests",
base::FEATURE_DISABLED_BY_DEFAULT);
// Enables Cross-Origin Opener Policy (COOP).
// https://gist.github.com/annevk/6f2dd8c79c77123f39797f6bdac43f3e
// https://html.spec.whatwg.org/C/#cross-origin-opener-policy
// Currently this feature is enabled for all platforms except WebView.
BASE_FEATURE(kCrossOriginOpenerPolicy,
"CrossOriginOpenerPolicy",
base::FEATURE_ENABLED_BY_DEFAULT);
// Shift's COOP's default from `unsafe-none` to `same-origin-allow-popups`.
// https://github.com/mikewest/coop-by-default/
BASE_FEATURE(kCrossOriginOpenerPolicyByDefault,
"CrossOriginOpenerPolicyByDefault",
base::FEATURE_DISABLED_BY_DEFAULT);
// Introduce a new COOP value: restrict-properties. It restricts window
// properties that can be accessed by other pages. This also grants
// crossOriginIsolated if coupled with an appropriate COEP header.
// This used solely for testing the process model and should not be enabled in
// any production code. See https://crbug.com/1221127.
BASE_FEATURE(kCoopRestrictProperties,
"CoopRestrictProperties",
base::FEATURE_DISABLED_BY_DEFAULT);
// Enables or defaults splittup up server (not proxy) entries in the
// HttpAuthCache.
BASE_FEATURE(kSplitAuthCacheByNetworkIsolationKey,
"SplitAuthCacheByNetworkIsolationKey",
base::FEATURE_DISABLED_BY_DEFAULT);
// Enable usage of hardcoded DoH upgrade mapping for use in automatic mode.
BASE_FEATURE(kDnsOverHttpsUpgrade,
"DnsOverHttpsUpgrade",
#if BUILDFLAG(IS_WIN) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_MAC) || \
BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_LINUX)
base::FEATURE_ENABLED_BY_DEFAULT
#else
base::FEATURE_DISABLED_BY_DEFAULT
#endif
);
// If this feature is enabled, the mDNS responder service responds to queries
// for TXT records associated with
// "Generated-Names._mdns_name_generator._udp.local" with a list of generated
// mDNS names (random UUIDs) in the TXT record data.
BASE_FEATURE(kMdnsResponderGeneratedNameListing,
"MdnsResponderGeneratedNameListing",
base::FEATURE_DISABLED_BY_DEFAULT);
// Switches Cross-Origin Read Blocking (CORB) to use an early implementation of
// Opaque Response Blocking (ORB, aka CORB++) behind the scenes.
//
// This is ORB v0.1 - it doesn't implement the full spec from
// https://github.com/annevk/orb:
// - No Javascript sniffing is done. Instead the implementation uses all
// of CORB's confirmation sniffers (for HTML, XML and JSON).
// - Blocking is still done by injecting an empty response rather than erroring
// out the network request
// - Other differences and more details can be found in
// //services/network/public/cpp/corb/README.md
//
// Implementing ORB in Chromium is tracked in https://crbug.com/1178928
BASE_FEATURE(kOpaqueResponseBlockingV01,
"OpaqueResponseBlockingV01",
base::FEATURE_DISABLED_BY_DEFAULT);
// Enables ORB blocked responses being treated as errors (according to the spec)
// rather than the current, CORB-style handling of injecting an empty response.
// This is ORB v0.2.
// This should only be enabled when ORB v0.1 is, too.
BASE_FEATURE(kOpaqueResponseBlockingV02,
"OpaqueResponseBlockingV02",
base::FEATURE_DISABLED_BY_DEFAULT);
// Enables preprocessing requests with the Private State Tokens API Fetch flags
// set, and handling their responses, according to the protocol.
// (See https://github.com/WICG/trust-token-api.)
BASE_FEATURE(kPrivateStateTokens,
"TrustTokens",
base::FEATURE_DISABLED_BY_DEFAULT);
// Determines which Trust Tokens operations require the TrustTokens origin trial
// active in order to be used. This is runtime-configurable so that the Trust
// Tokens operations of issuance, redemption, and signing are compatible with
// both standard origin trials and third-party origin trials:
//
// - For standard origin trials, set kOnlyIssuanceRequiresOriginTrial. In Blink,
// all of the interface will be enabled (so long as the base::Feature is!), and
// issuance operations will check at runtime if the origin trial is enabled,
// returning an error if it is not.
// - For third-party origin trials, set kAllOperationsRequireOriginTrial. In
// Blink, the interface will be enabled exactly when the origin trial is present
// in the executing context (so long as the base::Feature is present).
//
// For testing, set kOriginTrialNotRequired. With this option, although all
// operations will still only be available if the base::Feature is enabled, none
// will additionally require that the origin trial be active.
const base::FeatureParam<TrustTokenOriginTrialSpec>::Option
kTrustTokenOriginTrialParamOptions[] = {
{TrustTokenOriginTrialSpec::kOriginTrialNotRequired,
"origin-trial-not-required"},
{TrustTokenOriginTrialSpec::kAllOperationsRequireOriginTrial,
"all-operations-require-origin-trial"},
{TrustTokenOriginTrialSpec::kOnlyIssuanceRequiresOriginTrial,
"only-issuance-requires-origin-trial"}};
const base::FeatureParam<TrustTokenOriginTrialSpec>
kTrustTokenOperationsRequiringOriginTrial{
&kPrivateStateTokens, "TrustTokenOperationsRequiringOriginTrial",
TrustTokenOriginTrialSpec::kOriginTrialNotRequired,
&kTrustTokenOriginTrialParamOptions};
BASE_FEATURE(kWebSocketReassembleShortMessages,
"WebSocketReassembleShortMessages",
base::FEATURE_ENABLED_BY_DEFAULT);
// Enable support for ACCEPT_CH H2/3 frame as part of Client Hint Reliability.
// See:
// https://tools.ietf.org/html/draft-davidben-http-client-hint-reliability-02#section-4.3
BASE_FEATURE(kAcceptCHFrame, "AcceptCHFrame", base::FEATURE_ENABLED_BY_DEFAULT);
namespace {
// The default Mojo ring buffer size, used to send the content body.
static constexpr uint32_t kDefaultDataPipeAllocationSize = 512 * 1024;
// The larger ring buffer size, used primarily for network::URLLoader loads.
// This value was optimized via Finch: see crbug.com/1041006.
static constexpr uint32_t kLargerDataPipeAllocationSize = 2 * 1024 * 1024;
// The maximal number of bytes consumed in a loading task. When there are more
// bytes in the data pipe, they will be consumed in following tasks. Setting too
// small of a number will generate many tasks but setting a too large of a
// number will lead to thread janks. This value was optimized via Finch:
// see crbug.com/1041006.
static constexpr uint32_t kMaxNumConsumedBytesInTask = 1024 * 1024;
// The smallest buffer size must be larger than the maximum MIME sniffing
// chunk size. This is assumed several places in content/browser/loader.
static_assert(kDefaultDataPipeAllocationSize < kLargerDataPipeAllocationSize);
static_assert(kDefaultDataPipeAllocationSize >= net::kMaxBytesToSniff,
"Smallest data pipe size must be at least as large as a "
"MIME-type sniffing buffer.");
} // namespace
// static
uint32_t GetDataPipeDefaultAllocationSize(DataPipeAllocationSize option) {
#if BUILDFLAG(IS_CHROMEOS)
// TODO(crbug.com/1306998): ChromeOS experiences a much higher OOM crash
// rate if the larger data pipe size is used.
return kDefaultDataPipeAllocationSize;
#else
// For low-memory devices, always use the (smaller) default buffer size.
if (base::SysInfo::AmountOfPhysicalMemoryMB() <= 512)
return kDefaultDataPipeAllocationSize;
switch (option) {
case DataPipeAllocationSize::kDefaultSizeOnly:
return kDefaultDataPipeAllocationSize;
case DataPipeAllocationSize::kLargerSizeIfPossible:
return kLargerDataPipeAllocationSize;
}
#endif
}
// static
uint32_t GetLoaderChunkSize() {
return kMaxNumConsumedBytesInTask;
}
// https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name
BASE_FEATURE(kCorsNonWildcardRequestHeadersSupport,
"CorsNonWildcardRequestHeadersSupport",
base::FEATURE_DISABLED_BY_DEFAULT);
// Allow batching SimpleURLLoaders when the underlying network state is
// inactive.
BASE_FEATURE(kBatchSimpleURLLoader,
"BatchSimpleURLLoader",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kNetworkServiceMemoryCache,
"NetworkServiceMemoryCache",
base::FEATURE_DISABLED_BY_DEFAULT);
// Do not send TLS client certificates in CORS preflight. Omit all client certs
// and continue the handshake without sending one if requested.
BASE_FEATURE(kOmitCorsClientCert,
"OmitCorsClientCert",
base::FEATURE_DISABLED_BY_DEFAULT);
// Allow pervasive payloads to use a single-keyed cache.
BASE_FEATURE(kCacheTransparency,
"CacheTransparency",
base::FEATURE_DISABLED_BY_DEFAULT);
// Load Pervasive Payloads List for Cache Transparency.
BASE_FEATURE(kPervasivePayloadsList,
"PervasivePayloadsList",
base::FEATURE_DISABLED_BY_DEFAULT);
// The list of pervasive payloads. A comma separated list starting with a
// version number, followed one or more pairs of URL and checksum. The version
// number is an integer. The URL is the canonical URL as returned by
// GURL::spec(). The checksum is the SHA-256 of the payload and selected headers
// converted to uppercase hexadecimal.
constexpr base::FeatureParam<std::string> kCacheTransparencyPervasivePayloads{
&kPervasivePayloadsList, "pervasive-payloads", ""};
// Enables support for the `Variants` response header and reduce
// accept-language. https://github.com/Tanych/accept-language
BASE_FEATURE(kReduceAcceptLanguage,
"ReduceAcceptLanguage",
base::FEATURE_DISABLED_BY_DEFAULT);
// Gate access to ReduceAcceptLanguage origin trial major code. Currently, All
// ReduceAcceptLanguage feature codes are guarded by the feature flag
// kReduceAcceptLanguage. This feature flag is useful on control major code
// which required to do origin trial. It allows Chrome developers to mitigate
// issues when exposed codes cause impacts.
BASE_FEATURE(kReduceAcceptLanguageOriginTrial,
"ReduceAcceptLanguageOriginTrial",
base::FEATURE_ENABLED_BY_DEFAULT);
// Disable ResourceScheduler.
BASE_FEATURE(kDisableResourceScheduler,
"DisableResourceScheduler",
base::FEATURE_DISABLED_BY_DEFAULT);
// Reduce PNA preflight response waiting time to 200ms.
// See: https://wicg.github.io/private-network-access/#cors-preflight
BASE_FEATURE(kPrivateNetworkAccessPreflightShortTimeout,
"PrivateNetworkAccessPreflightReduceTimeout",
base::FEATURE_ENABLED_BY_DEFAULT);
// Handle the Link header DNS prefetches and preconnects in the network
// service instead of through the renderer process.
BASE_FEATURE(kPreconnectInNetworkService,
"PreconnectInNetworkService",
base::FEATURE_DISABLED_BY_DEFAULT);
// When prefetching a DNS record ensures that the scheme and port are taken
// into account so that the cache (which is keyed by scheme and port) works
// for subsequent queries.
BASE_FEATURE(kPrefetchDNSWithURL,
"PrefetchDNSWithURL",
base::FEATURE_DISABLED_BY_DEFAULT);
// Preconnect to a new origin right when a redirect starts.
BASE_FEATURE(kPreconnectOnRedirect,
"PreconnectOnRedirect",
base::FEATURE_DISABLED_BY_DEFAULT);
// Enables out-of-process system DNS resolution so getaddrinfo() never runs in
// the network service sandbox. System DNS resolution will instead be brokered
// out over Mojo, likely to run in the browser process.
BASE_FEATURE(kOutOfProcessSystemDnsResolution,
"OutOfProcessSystemDnsResolution",
base::FEATURE_DISABLED_BY_DEFAULT);
BASE_FEATURE(kAccessControlAllowMethodsInCORSPreflightSpecConformant,
"AccessControlAllowMethodsInCORSPreflightSpecConformant",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kPrefetchNoVarySearch,
"PrefetchNoVarySearch",
base::FEATURE_ENABLED_BY_DEFAULT);
BASE_FEATURE(kPrerender2ContentSecurityPolicyExtensions,
"Prerender2ContentSecurityPolicyExtensions",
base::FEATURE_ENABLED_BY_DEFAULT);
} // namespace network::features