feat: add experimental cookie encryption support (#27524)

* feat: add experimental cookie encryption support on macOS

* chore: fix TODO

* update patches

* feat: make cookie encryption work on windows

* chore: update cookie encryption support comments

* fix: only call OSCrypt::Init on windows

* chore: make cookie encryption work on linux

* Update shell/browser/net/system_network_context_manager.cc

Co-authored-by: Jeremy Rose <jeremya@chromium.org>

* chore: fix lint

* chore: update patches

* chore: update patches to upstreamed variants

* chore: use chrome ::switches constants

* chore: remove bad patch

* build: disable cookie encryption by default

* chore: update patches

* fix: provide std::string to NoDestructor

* chore: fix macos, nodestructor syntax

* build: fix macOS build due to mismatch in DEFINE

Co-authored-by: Electron Bot <electron@github.com>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
This commit is contained in:
Samuel Attard 2021-05-26 12:16:55 -07:00 committed by GitHub
parent f01e35f4ea
commit 7984933e9c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 389 additions and 11 deletions

View file

@ -9,6 +9,7 @@
#include "chrome/common/chrome_constants.h"
#include "content/public/browser/network_service_instance.h"
#include "content/public/browser/shared_cors_origin_access_list.h"
#include "electron/fuses.h"
#include "net/net_buildflags.h"
#include "services/network/network_service.h"
#include "services/network/public/cpp/cors/origin_access_list.h"
@ -77,9 +78,8 @@ void NetworkContextService::ConfigureNetworkContextParams(
network_context_params->restore_old_session_cookies = false;
network_context_params->persist_session_cookies = false;
// TODO(deepak1556): Matches the existing behavior https://git.io/fxHMl,
// enable encryption as a followup.
network_context_params->enable_encrypted_cookies = false;
network_context_params->enable_encrypted_cookies =
electron::fuses::IsCookieEncryptionEnabled();
network_context_params->transport_security_persister_path = path;
}