chore: bump chromium to 110.0.5415.0 (main) (#36186)

* chore: bump chromium in DEPS to 109.0.5386.0

* chore: bump chromium in DEPS to 109.0.5388.0

* chore: bump chromium in DEPS to 109.0.5390.0

* chore: bump chromium in DEPS to 109.0.5392.0

* chore: bump chromium in DEPS to 109.0.5394.0

* chore: bump chromium in DEPS to 109.0.5396.0

* chore: bump chromium in DEPS to 109.0.5398.0

* chore: bump chromium in DEPS to 109.0.5400.0

* chore: update galactus

* chore: bump chromium in DEPS to 109.0.5402.0

* chore: bump chromium in DEPS to 109.0.5403.0

* chore: bump chromium in DEPS to 109.0.5406.0

* chore: update patches

* 4004247: Delete unused DocumentWebContentsDelegate

Ref: 4004247

* chore: bump chromium in DEPS to 109.0.5408.1

* chore: update patches

* 3949284: Support pkey debug mode without pkey 0 access

Ref: 3949284

* chore: bump chromium in DEPS to 109.0.5410.0

* chore: update patches

* 4000944: [Extensions] Create an API directory in //chrome/renderer/extensions

Ref: 4000944

* 3988524: Remove DocumentOverlayWindowViews | 3988524

Co-authored-by: George Xu <33054982+georgexu99@users.noreply.github.com>

* chore: bump chromium in DEPS to 109.0.5412.0

* chore: update patches

* 3984022: Add AddChildWindowToBrowser to DisplayClient mojo interface

Ref: 3984022

* 3957079: Delete the CryptoToken component extension and internal API

Ref: 3957079

* 4004421: Migreate ScopedAllowIO to ScopedAllowBlocking

Ref: 4004421

Co-authored-by: George Xu <georgexu99@users.noreply.github.com>

* chore: bump chromium in DEPS to 109.0.5414.0

* chore: update patches

* 4016180: Split PPAPI Mojo interfaces out of RenderFrameHostImpl.

Ref: 4016180

* 3970838: [MPArch] Convert HostZoomMap and ZoomController off of RenderViewHost ids

Ref: 3970838

* 3997795: Don't add Chromium as a login item

Ref: 3997795

* 3993482: Remove RefCountedString::TakeString

Ref: 3993482

* 3990749: Allow forward-declared sources in base::ScopedObservation<>

Ref: 3990749

* fixup! 3957079: Delete the CryptoToken component extension and internal API

* chore: bump chromium in DEPS to 110.0.5415.0

* 3883790: Move devtools_frame_token to the RenderFrameHost, to preserve RFH identity across MPArch activations.

3883790

* 4022205: Move license tooling into //tools/licenses

4022205

* chore: fixup patch indices

* fixup! 3957079: Delete the CryptoToken component extension and internal API

* 4008687: Finish ScopedAllowIO migration

4008687

* 3991548: Move WindowButtonOrderObserver and WindowFrameAction to LinuxUi

3991548

* fixup! 3984022: Add AddChildWindowToBrowser to DisplayClient mojo interface

* 4016595: Migrate non-default ScopedObservation<> instantiations to ScopedObservationTraits<> in chrome/browser/

4016595

* 4000481: Rename :chromedriver to :chromedriver_server

Ref: 4000481

* 4008687: Finish ScopedAllowIO migration

4008687

* 3988524: Remove DocumentOverlayWindowViews

3988524

* fixup! 3997795: Don't add Chromium as a login item

* chore: fixup patches

* 3996872: Plumb input event task runner to EventFactoryEvdev

3996872

* 4014994: Enable SiteIsolationForGuests by default.

4014994

* chore: adopt new thread restrictions api for //electron (#36357)

chore: add thread blocking api

* fixup! 4014994: Enable SiteIsolationForGuests by default.

* pull parent HWND for dialogs on ui thread

* chore: set parent_window in MessageBoxSettings

* chore: remove redundant patch

* chore: revert accidental deletion

* chore: update patches

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Samuel Attard <sattard@salesforce.com>
Co-authored-by: Keeley Hammond <khammond@slack-corp.com>
Co-authored-by: VerteDinde <vertedinde@electronjs.org>
Co-authored-by: George Xu <33054982+georgexu99@users.noreply.github.com>
Co-authored-by: George Xu <georgexu99@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: Robo <hop2deep@gmail.com>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>

shell/browser/api/electron_api_app.cc

@@ -71,6 +71,7 @@
 #include "shell/common/node_includes.h"
 #include "shell/common/options_switches.h"
 #include "shell/common/platform_util.h"
+#include "shell/common/thread_restrictions.h"
 #include "shell/common/v8_value_serializer.h"
 #include "third_party/abseil-cpp/absl/types/optional.h"
 #include "ui/gfx/image/image.h"
@@ -978,7 +979,7 @@ void App::SetAppLogsPath(gin_helper::ErrorThrower thrower,
       return;
     }
     {
-      base::ThreadRestrictions::ScopedAllowIO allow_io;
+      ScopedAllowBlockingForElectron allow_blocking;
       base::PathService::Override(DIR_APP_LOGS, custom_path.value());
     }
   } else {
@@ -986,7 +987,7 @@ void App::SetAppLogsPath(gin_helper::ErrorThrower thrower,
     if (base::PathService::Get(chrome::DIR_USER_DATA, &path)) {
       path = path.Append(base::FilePath::FromUTF8Unsafe("logs"));
       {
-        base::ThreadRestrictions::ScopedAllowIO allow_io;
+        ScopedAllowBlockingForElectron allow_blocking;
         base::PathService::Override(DIR_APP_LOGS, path);
       }
     }

shell/browser/api/electron_api_app_mac.mm

@@ -9,6 +9,7 @@
 #include "shell/common/electron_paths.h"
 #include "shell/common/node_includes.h"
 #include "shell/common/process_util.h"
+#include "shell/common/thread_restrictions.h"
 
 #import <Cocoa/Cocoa.h>
 #import <sys/sysctl.h>
@@ -23,7 +24,7 @@ void App::SetAppLogsPath(gin_helper::ErrorThrower thrower,
       return;
     }
     {
-      base::ThreadRestrictions::ScopedAllowIO allow_io;
+      ScopedAllowBlockingForElectron allow_blocking;
       base::PathService::Override(DIR_APP_LOGS, custom_path.value());
     }
   } else {
@@ -34,7 +35,7 @@ void App::SetAppLogsPath(gin_helper::ErrorThrower thrower,
     NSString* library_path =
         [NSHomeDirectory() stringByAppendingPathComponent:logs_path];
     {
-      base::ThreadRestrictions::ScopedAllowIO allow_io;
+      ScopedAllowBlockingForElectron allow_blocking;
       base::PathService::Override(DIR_APP_LOGS,
                                   base::FilePath([library_path UTF8String]));
     }

shell/browser/api/electron_api_crash_reporter.cc

@@ -15,7 +15,6 @@
 #include "base/no_destructor.h"
 #include "base/path_service.h"
 #include "base/strings/utf_string_conversions.h"
-#include "base/threading/thread_restrictions.h"
 #include "base/trace_event/trace_event.h"
 #include "chrome/common/chrome_paths.h"
 #include "components/upload_list/crash_upload_list.h"
@@ -29,6 +28,7 @@
 #include "shell/common/gin_converters/time_converter.h"
 #include "shell/common/gin_helper/dictionary.h"
 #include "shell/common/node_includes.h"
+#include "shell/common/thread_restrictions.h"
 
 #if !IS_MAS_BUILD()
 #include "components/crash/core/app/crashpad.h"  // nogncheck
@@ -91,7 +91,7 @@ bool GetClientIdPath(base::FilePath* path) {
 }
 
 std::string ReadClientId() {
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  electron::ScopedAllowBlockingForElectron allow_blocking;
   std::string client_id;
   // "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".length == 36
   base::FilePath client_id_path;
@@ -104,7 +104,7 @@ std::string ReadClientId() {
 
 void WriteClientId(const std::string& client_id) {
   DCHECK_EQ(client_id.size(), 36u);
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  electron::ScopedAllowBlockingForElectron allow_blocking;
   base::FilePath client_id_path;
   if (GetClientIdPath(&client_id_path))
     base::WriteFile(client_id_path, client_id);
@@ -151,7 +151,7 @@ void Start(const std::string& submit_url,
   for (const auto& pair : extra)
     electron::crash_keys::SetCrashKey(pair.first, pair.second);
   {
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    electron::ScopedAllowBlockingForElectron allow_blocking;
     ::crash_reporter::InitializeCrashpad(process_type.empty(), process_type);
   }
   if (ignore_system_crash_handler) {
@@ -218,7 +218,7 @@ v8::Local<v8::Value> GetUploadedReports(v8::Isolate* isolate) {
   // synchronous version of getUploadedReports is deprecated so we can remove
   // our patch.
   {
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    electron::ScopedAllowBlockingForElectron allow_blocking;
     list->LoadSync();
   }
   std::vector<UploadList::UploadInfo> uploads;

shell/browser/api/electron_api_printing.cc

@@ -2,12 +2,12 @@
 // Use of this source code is governed by the MIT license that can be
 // found in the LICENSE file.
 
-#include "base/threading/thread_restrictions.h"
 #include "chrome/browser/browser_process.h"
 #include "gin/converter.h"
 #include "printing/buildflags/buildflags.h"
 #include "shell/common/gin_helper/dictionary.h"
 #include "shell/common/node_includes.h"
+#include "shell/common/thread_restrictions.h"
 
 #if BUILDFLAG(ENABLE_PRINTING)
 #include "base/task/task_traits.h"
@@ -51,7 +51,7 @@ printing::PrinterList GetPrinterList(v8::Isolate* isolate) {
   auto print_backend = printing::PrintBackend::CreateInstance(
       g_browser_process->GetApplicationLocale());
   {
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    ScopedAllowBlockingForElectron allow_blocking;
     printing::mojom::ResultCode code =
         print_backend->EnumeratePrinters(printers);
     if (code != printing::mojom::ResultCode::kSuccess)

shell/browser/api/electron_api_web_contents.cc

@@ -21,7 +21,6 @@
 #include "base/task/thread_pool.h"
 #include "base/threading/scoped_blocking_call.h"
 #include "base/threading/sequenced_task_runner_handle.h"
-#include "base/threading/thread_restrictions.h"
 #include "base/threading/thread_task_runner_handle.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
@@ -123,6 +122,7 @@
 #include "shell/common/node_includes.h"
 #include "shell/common/options_switches.h"
 #include "shell/common/process_util.h"
+#include "shell/common/thread_restrictions.h"
 #include "shell/common/v8_value_serializer.h"
 #include "storage/browser/file_system/isolated_context.h"
 #include "third_party/abseil-cpp/absl/types/optional.h"
@@ -446,7 +446,7 @@ std::pair<std::string, std::u16string> GetDeviceNameToUse(
 #if BUILDFLAG(IS_WIN)
   // Blocking is needed here because Windows printer drivers are oftentimes
   // not thread-safe and have to be accessed on the UI thread.
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
 #endif
 
   if (!device_name.empty()) {
@@ -3546,7 +3546,7 @@ v8::Local<v8::Promise> WebContents::TakeHeapSnapshot(
   gin_helper::Promise<void> promise(isolate);
   v8::Local<v8::Promise> handle = promise.GetHandle();
 
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
   base::File file(file_path,
                   base::File::FLAG_CREATE_ALWAYS | base::File::FLAG_WRITE);
   if (!file.IsValid()) {

shell/browser/browser.cc

@@ -23,6 +23,7 @@
 #include "shell/common/application_info.h"
 #include "shell/common/electron_paths.h"
 #include "shell/common/gin_helper/arguments.h"
+#include "shell/common/thread_restrictions.h"
 
 namespace electron {
 
@@ -186,7 +187,7 @@ void Browser::WillFinishLaunching() {
 
 void Browser::DidFinishLaunching(base::Value::Dict launch_info) {
   // Make sure the userData directory is created.
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
   base::FilePath user_data;
   if (base::PathService::Get(chrome::DIR_USER_DATA, &user_data))
     base::CreateDirectoryAndGetError(user_data, nullptr);

shell/browser/browser_linux.cc

@@ -14,6 +14,7 @@
 #include "shell/browser/native_window.h"
 #include "shell/browser/window_list.h"
 #include "shell/common/application_info.h"
+#include "shell/common/thread_restrictions.h"
 
 #if BUILDFLAG(IS_LINUX)
 #include "shell/browser/linux/unity_service.h"
@@ -30,9 +31,6 @@ const char kXdgSettingsDefaultSchemeHandler[] = "default-url-scheme-handler";
 class LaunchXdgUtilityScopedAllowBaseSyncPrimitives
     : public base::ScopedAllowBaseSyncPrimitivesForTesting {};
 
-class GetXdgAppOutputScopedAllowBlocking
-    : public base::ScopedAllowBlockingForTesting {};
-
 bool LaunchXdgUtility(const std::vector<std::string>& argv, int* exit_code) {
   *exit_code = EXIT_FAILURE;
   int devnull = open("/dev/null", O_RDONLY);
@@ -55,7 +53,7 @@ absl::optional<std::string> GetXdgAppOutput(
     const std::vector<std::string>& argv) {
   std::string reply;
   int success_code;
-  GetXdgAppOutputScopedAllowBlocking allow_blocking;
+  ScopedAllowBlockingForElectron allow_blocking;
   bool ran_ok = base::GetAppOutputWithExitCode(base::CommandLine(argv), &reply,
                                                &success_code);
 

shell/browser/browser_mac.mm

@@ -11,6 +11,7 @@
 #include "base/mac/bundle_locations.h"
 #include "base/mac/foundation_util.h"
 #include "base/mac/mac_util.h"
+#include "base/mac/mac_util.mm"
 #include "base/mac/scoped_cftyperef.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/sys_string_conversions.h"
@@ -64,6 +65,24 @@ std::u16string GetAppDisplayNameForProtocol(NSString* app_path) {
   return base::SysNSStringToUTF16(app_display_name);
 }
 
+#if !IS_MAS_BUILD()
+bool CheckLoginItemStatus(bool* is_hidden) {
+  base::mac::LoginItemsFileList login_items;
+  if (!login_items.Initialize())
+    return false;
+
+  base::ScopedCFTypeRef<LSSharedFileListItemRef> item(
+      login_items.GetLoginItemForMainApp());
+  if (!item.get())
+    return false;
+
+  if (is_hidden)
+    *is_hidden = base::mac::IsHiddenLoginItem(item);
+
+  return true;
+}
+#endif
+
 }  // namespace
 
 v8::Local<v8::Promise> Browser::GetApplicationInfoForProtocol(
@@ -312,8 +331,7 @@ Browser::LoginItemSettings Browser::GetLoginItemSettings(
 #if IS_MAS_BUILD()
   settings.open_at_login = platform_util::GetLoginItemEnabled();
 #else
-  settings.open_at_login =
-      base::mac::CheckLoginItemStatus(&settings.open_as_hidden);
+  settings.open_at_login = CheckLoginItemStatus(&settings.open_as_hidden);
   settings.restore_state = base::mac::WasLaunchedAsLoginItemRestoreState();
   settings.opened_at_login = base::mac::WasLaunchedAsLoginOrResumeItem();
   settings.opened_as_hidden = base::mac::WasLaunchedAsHiddenLoginItem();
@@ -328,9 +346,10 @@ void Browser::SetLoginItemSettings(LoginItemSettings settings) {
   }
 #else
   if (settings.open_at_login) {
-    base::mac::AddToLoginItems(settings.open_as_hidden);
+    base::mac::AddToLoginItems(base::mac::MainBundlePath(),
+                               settings.open_as_hidden);
   } else {
-    base::mac::RemoveFromLoginItems();
+    base::mac::RemoveFromLoginItems(base::mac::MainBundlePath());
   }
 #endif
 }

shell/browser/browser_process_impl.cc

@@ -32,6 +32,7 @@
 #include "net/proxy_resolution/proxy_config_with_annotation.h"
 #include "services/network/public/cpp/network_switches.h"
 #include "shell/common/electron_paths.h"
+#include "shell/common/thread_restrictions.h"
 
 #if BUILDFLAG(ENABLE_PRINTING)
 #include "chrome/browser/printing/print_job_manager.h"
@@ -108,7 +109,7 @@ void BrowserProcessImpl::PostEarlyInitialization() {
   base::FilePath prefs_path;
   CHECK(base::PathService::Get(electron::DIR_SESSION_DATA, &prefs_path));
   prefs_path = prefs_path.Append(FILE_PATH_LITERAL("Local State"));
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  electron::ScopedAllowBlockingForElectron allow_blocking;
   scoped_refptr<JsonPrefStore> user_pref_store =
       base::MakeRefCounted<JsonPrefStore>(prefs_path);
   user_pref_store->ReadPrefs();

shell/browser/browser_win.cc

@@ -21,7 +21,6 @@
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
-#include "base/threading/thread_restrictions.h"
 #include "base/win/registry.h"
 #include "base/win/win_util.h"
 #include "base/win/windows_version.h"
@@ -39,6 +38,7 @@
 #include "shell/common/gin_helper/arguments.h"
 #include "shell/common/gin_helper/dictionary.h"
 #include "shell/common/skia_util.h"
+#include "shell/common/thread_restrictions.h"
 #include "skia/ext/legacy_display_globals.h"
 #include "third_party/skia/include/core/SkCanvas.h"
 #include "third_party/skia/include/core/SkFont.h"
@@ -277,7 +277,7 @@ std::unique_ptr<FileVersionInfo> FetchFileVersionInfo() {
   base::FilePath path;
 
   if (base::PathService::Get(base::FILE_EXE, &path)) {
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    electron::ScopedAllowBlockingForElectron allow_blocking;
     return FileVersionInfo::CreateFileVersionInfo(path);
   }
   return std::unique_ptr<FileVersionInfo>();
@@ -779,7 +779,7 @@ PCWSTR Browser::GetAppUserModelID() {
 std::string Browser::GetExecutableFileVersion() const {
   base::FilePath path;
   if (base::PathService::Get(base::FILE_EXE, &path)) {
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    ScopedAllowBlockingForElectron allow_blocking;
     std::unique_ptr<FileVersionInfo> version_info = FetchFileVersionInfo();
     return base::UTF16ToUTF8(version_info->product_version());
   }

shell/browser/electron_browser_client.cc

@@ -111,6 +111,7 @@
 #include "shell/common/logging.h"
 #include "shell/common/options_switches.h"
 #include "shell/common/platform_util.h"
+#include "shell/common/thread_restrictions.h"
 #include "third_party/blink/public/common/loader/url_loader_throttle.h"
 #include "third_party/blink/public/common/tokens/tokens.h"
 #include "third_party/blink/public/common/web_preferences/web_preferences.h"
@@ -191,7 +192,6 @@
 #endif
 
 #if BUILDFLAG(ENABLE_PICTURE_IN_PICTURE) && BUILDFLAG(IS_WIN)
-#include "chrome/browser/ui/views/overlay/document_overlay_window_views.h"
 #include "chrome/browser/ui/views/overlay/video_overlay_window_views.h"
 #include "shell/browser/browser.h"
 #include "ui/aura/window.h"
@@ -465,7 +465,7 @@ void ElectronBrowserClient::AppendExtraCommandLineSwitches(
     int process_id) {
   // Make sure we're about to launch a known executable
   {
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    ScopedAllowBlockingForElectron allow_blocking;
     base::FilePath child_path;
     base::FilePath program =
         base::MakeAbsoluteFilePath(command_line->GetProgram());
@@ -702,24 +702,6 @@ ElectronBrowserClient::CreateWindowForVideoPictureInPicture(
 #endif
   return overlay_window;
 }
-
-std::unique_ptr<content::DocumentOverlayWindow>
-ElectronBrowserClient::CreateWindowForDocumentPictureInPicture(
-    content::DocumentPictureInPictureWindowController* controller) {
-  auto overlay_window = content::DocumentOverlayWindow::Create(controller);
-#if BUILDFLAG(IS_WIN)
-  std::wstring app_user_model_id = Browser::Get()->GetAppUserModelID();
-  if (!app_user_model_id.empty()) {
-    auto* overlay_window_view =
-        static_cast<DocumentOverlayWindowViews*>(overlay_window.get());
-    ui::win::SetAppIdForWindow(app_user_model_id,
-                               overlay_window_view->GetNativeWindow()
-                                   ->GetHost()
-                                   ->GetAcceleratedWidget());
-  }
-#endif
-  return overlay_window;
-}
 #endif
 
 void ElectronBrowserClient::GetAdditionalAllowedSchemesForFileSystem(

shell/browser/electron_browser_client.h

@@ -160,9 +160,6 @@ class ElectronBrowserClient : public content::ContentBrowserClient,
   std::unique_ptr<content::VideoOverlayWindow>
   CreateWindowForVideoPictureInPicture(
       content::VideoPictureInPictureWindowController* controller) override;
-  std::unique_ptr<content::DocumentOverlayWindow>
-  CreateWindowForDocumentPictureInPicture(
-      content::DocumentPictureInPictureWindowController* controller) override;
 #endif
   void GetAdditionalAllowedSchemesForFileSystem(
       std::vector<std::string>* additional_schemes) override;

shell/browser/electron_browser_context.cc

@@ -17,7 +17,6 @@
 #include "base/strings/escape.h"
 #include "base/strings/string_util.h"
 #include "base/threading/sequenced_task_runner_handle.h"
-#include "base/threading/thread_restrictions.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/pref_names.h"
 #include "components/keyed_service/content/browser_context_dependency_manager.h"
@@ -56,6 +55,7 @@
 #include "shell/common/gin_converters/frame_converter.h"
 #include "shell/common/gin_helper/error_thrower.h"
 #include "shell/common/options_switches.h"
+#include "shell/common/thread_restrictions.h"
 #include "third_party/blink/public/mojom/mediastream/media_stream.mojom.h"
 
 #if BUILDFLAG(ENABLE_ELECTRON_EXTENSIONS)
@@ -164,7 +164,7 @@ ElectronBrowserContext::~ElectronBrowserContext() {
 
 void ElectronBrowserContext::InitPrefs() {
   auto prefs_path = GetPath().Append(FILE_PATH_LITERAL("Preferences"));
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
   PrefServiceFactory prefs_factory;
   scoped_refptr<JsonPrefStore> pref_store =
       base::MakeRefCounted<JsonPrefStore>(prefs_path);

shell/browser/electron_browser_main_parts.cc

@@ -542,7 +542,8 @@ void ElectronBrowserMainParts::PostCreateMainMessageLoop() {
   auto shutdown_cb =
       base::BindOnce(base::RunLoop::QuitCurrentWhenIdleClosureDeprecated());
   ui::OzonePlatform::GetInstance()->PostCreateMainMessageLoop(
-      std::move(shutdown_cb));
+      std::move(shutdown_cb),
+      content::GetUIThreadTaskRunner({content::BrowserTaskType::kUserInput}));
   bluez::DBusBluezManagerWrapperLinux::Initialize();
 
   // Set up crypt config. This needs to be done before anything starts the

shell/browser/electron_browser_main_parts_linux.cc

@@ -12,7 +12,7 @@
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/nix/xdg_util.h"
-#include "base/threading/thread_restrictions.h"
+#include "shell/common/thread_restrictions.h"
 #endif
 
 #if BUILDFLAG(OZONE_PLATFORM_WAYLAND)
@@ -36,7 +36,7 @@ bool HasWaylandDisplay(base::Environment* env) {
         base::FilePath(xdg_runtime_dir).Append("wayland-0");
     // Normally, this should happen exactly once, at the startup of the main
     // process.
-    base::ScopedAllowBlocking allow_blocking;
+    electron::ScopedAllowBlockingForElectron allow_blocking;
     return base::PathExists(wayland_server_pipe);
   }
 

shell/browser/electron_download_manager_delegate.cc

@@ -29,6 +29,7 @@
 #include "shell/common/gin_converters/callback_converter.h"
 #include "shell/common/gin_converters/file_path_converter.h"
 #include "shell/common/options_switches.h"
+#include "shell/common/thread_restrictions.h"
 
 #if BUILDFLAG(IS_WIN)
 #include <vector>
@@ -218,7 +219,7 @@ void ElectronDownloadManagerDelegate::OnDownloadPathGenerated(
     content::DownloadTargetCallback callback,
     const base::FilePath& default_path) {
   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
 
   auto* item = download_manager_->GetDownload(download_id);
   if (!item)

shell/browser/extensions/api/BUILD.gn

@@ -10,7 +10,6 @@ assert(enable_extensions,
 
 function_registration("api_registration") {
   sources = [
-    "//electron/shell/common/extensions/api/cryptotoken_private.idl",
     "//electron/shell/common/extensions/api/extension.json",
     "//electron/shell/common/extensions/api/resources_private.idl",
     "//electron/shell/common/extensions/api/tabs.json",

shell/browser/extensions/api/cryptotoken_private/cryptotoken_private_api.cc

@@ -1,308 +0,0 @@
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "shell/browser/extensions/api/cryptotoken_private/cryptotoken_private_api.h"
-
-#include <stddef.h>
-#include <memory>
-#include <string>
-#include <vector>
-
-#include "base/bind.h"
-#include "base/callback.h"
-#include "base/metrics/histogram_macros.h"
-#include "base/strings/utf_string_conversions.h"
-#include "build/build_config.h"
-// #include "chrome/browser/extensions/extension_tab_util.h"
-// #include "chrome/browser/permissions/attestation_permission_request.h"
-// #include "chrome/browser/profiles/profile.h"
-#include "chrome/common/chrome_features.h"
-#include "chrome/common/pref_names.h"
-// #include
-// "components/page_load_metrics/browser/metrics_web_contents_observer.h"
-// #include "components/permissions/permission_request_manager.h"
-#include "components/pref_registry/pref_registry_syncable.h"
-#include "components/prefs/pref_service.h"
-#include "content/public/browser/render_frame_host.h"
-#include "content/public/browser/web_contents.h"
-#include "crypto/sha2.h"
-#include "device/fido/filter.h"
-#include "extensions/browser/extension_api_frame_id_map.h"
-#include "extensions/common/error_utils.h"
-#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
-#include "shell/browser/api/electron_api_web_contents.h"
-#include "url/origin.h"
-
-#if BUILDFLAG(IS_WIN)
-#include "device/fido/features.h"
-#include "device/fido/win/webauthn_api.h"
-#endif  // BUILDFLAG(IS_WIN)
-
-namespace extensions::api {
-
-namespace {
-
-const char kGoogleDotCom[] = "google.com";
-constexpr const char* kGoogleGstaticAppIds[] = {
-    "https://www.gstatic.com/securitykey/origins.json",
-    "https://www.gstatic.com/securitykey/a/google.com/origins.json"};
-
-// ContainsAppIdByHash returns true iff the SHA-256 hash of one of the
-// elements of |list| equals |hash|.
-bool ContainsAppIdByHash(const base::ListValue& list,
-                         const std::vector<uint8_t>& hash) {
-  if (hash.size() != crypto::kSHA256Length) {
-    return false;
-  }
-
-  for (const auto& i : list.GetListDeprecated()) {
-    const std::string& s = i.GetString();
-    if (s.find('/') == std::string::npos) {
-      // No slashes mean that this is a webauthn RP ID, not a U2F AppID.
-      continue;
-    }
-
-    if (crypto::SHA256HashString(s).compare(
-            0, crypto::kSHA256Length,
-            reinterpret_cast<const char*>(hash.data()),
-            crypto::kSHA256Length) == 0) {
-      return true;
-    }
-  }
-
-  return false;
-}
-
-content::RenderFrameHost* RenderFrameHostForTabAndFrameId(
-    content::BrowserContext* const browser_context,
-    const int tab_id,
-    const int frame_id) {
-  auto* contents = electron::api::WebContents::FromID(tab_id);
-  if (!contents || !contents->web_contents()) {
-    return nullptr;
-  }
-  return ExtensionApiFrameIdMap::GetRenderFrameHostById(
-      contents->web_contents(), frame_id);
-}
-
-}  // namespace
-
-// void CryptotokenRegisterProfilePrefs(
-//     user_prefs::PrefRegistrySyncable* registry) {
-//   registry->RegisterListPref(prefs::kSecurityKeyPermitAttestation);
-// }
-
-CryptotokenPrivateCanOriginAssertAppIdFunction::
-    CryptotokenPrivateCanOriginAssertAppIdFunction() = default;
-
-ExtensionFunction::ResponseAction
-CryptotokenPrivateCanOriginAssertAppIdFunction::Run() {
-  std::unique_ptr<cryptotoken_private::CanOriginAssertAppId::Params> params =
-      cryptotoken_private::CanOriginAssertAppId::Params::Create(args());
-  EXTENSION_FUNCTION_VALIDATE(params);
-
-  const GURL origin_url(params->security_origin);
-  if (!origin_url.is_valid()) {
-    return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
-        "Security origin * is not a valid URL", params->security_origin)));
-  }
-  const GURL app_id_url(params->app_id_url);
-  if (!app_id_url.is_valid()) {
-    return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
-        "appId * is not a valid URL", params->app_id_url)));
-  }
-
-  if (origin_url == app_id_url) {
-    return RespondNow(OneArgument(base::Value(true)));
-  }
-
-  // Fetch the eTLD+1 of both.
-  const std::string origin_etldp1 =
-      net::registry_controlled_domains::GetDomainAndRegistry(
-          origin_url,
-          net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
-  if (origin_etldp1.empty()) {
-    return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
-        "Could not find an eTLD for origin *", params->security_origin)));
-  }
-  const std::string app_id_etldp1 =
-      net::registry_controlled_domains::GetDomainAndRegistry(
-          app_id_url,
-          net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
-  if (app_id_etldp1.empty()) {
-    return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
-        "Could not find an eTLD for appId *", params->app_id_url)));
-  }
-  if (origin_etldp1 == app_id_etldp1) {
-    return RespondNow(OneArgument(base::Value(true)));
-  }
-  // For legacy purposes, allow google.com origins to assert certain
-  // gstatic.com appIds.
-  // TODO(juanlang): remove when legacy constraints are removed.
-  if (origin_etldp1 == kGoogleDotCom) {
-    for (const char* id : kGoogleGstaticAppIds) {
-      if (params->app_id_url == id)
-        return RespondNow(OneArgument(base::Value(true)));
-    }
-  }
-  return RespondNow(OneArgument(base::Value(false)));
-}
-
-CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction::
-    CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction() {}
-
-ExtensionFunction::ResponseAction
-CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction::Run() {
-  std::unique_ptr<cryptotoken_private::IsAppIdHashInEnterpriseContext::Params>
-      params(
-          cryptotoken_private::IsAppIdHashInEnterpriseContext::Params::Create(
-              args()));
-  EXTENSION_FUNCTION_VALIDATE(params);
-
-#if 0
-  Profile* const profile = Profile::FromBrowserContext(browser_context());
-  const PrefService* const prefs = profile->GetPrefs();
-  const base::ListValue* const permit_attestation =
-      prefs->GetList(prefs::kSecurityKeyPermitAttestation);
-#endif
-  const base::ListValue permit_attestation;
-
-  return RespondNow(ArgumentList(
-      cryptotoken_private::IsAppIdHashInEnterpriseContext::Results::Create(
-          ContainsAppIdByHash(permit_attestation, params->app_id_hash))));
-}
-
-CryptotokenPrivateCanAppIdGetAttestationFunction::
-    CryptotokenPrivateCanAppIdGetAttestationFunction() {}
-
-ExtensionFunction::ResponseAction
-CryptotokenPrivateCanAppIdGetAttestationFunction::Run() {
-  std::unique_ptr<cryptotoken_private::CanAppIdGetAttestation::Params> params =
-      cryptotoken_private::CanAppIdGetAttestation::Params::Create(args());
-  EXTENSION_FUNCTION_VALIDATE(params);
-
-  return RespondNow(Error("API not supported in Electron"));
-#if 0
-  const GURL origin_url(params->options.origin);
-  if (!origin_url.is_valid()) {
-    return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
-        "Security origin * is not a valid URL", params->options.origin)));
-  }
-  const url::Origin origin(url::Origin::Create(origin_url));
-
-  const std::string& app_id = params->options.app_id;
-
-  // If the appId is permitted by the enterprise policy then no permission
-  // prompt is shown.
-  // Profile* const profile = Profile::FromBrowserContext(browser_context());
-  // const PrefService* const prefs = profile->GetPrefs();
-  // const base::ListValue* const permit_attestation =
-  //     prefs->GetList(prefs::kSecurityKeyPermitAttestation);
-
-  // for (const auto& entry : permit_attestation->GetList()) {
-  //   if (entry.GetString() == app_id)
-  //     return RespondNow(OneArgument(base::Value(true)));
-  // }
-
-  // If the origin is blocked, reject attestation.
-  if (device::fido_filter::Evaluate(
-          device::fido_filter::Operation::MAKE_CREDENTIAL, origin.Serialize(),
-          /*device=*/absl::nullopt, /*id=*/absl::nullopt) ==
-      device::fido_filter::Action::NO_ATTESTATION) {
-    return RespondNow(OneArgument(base::Value(false)));
-  }
-
-  // If prompting is disabled, allow attestation because that is the historical
-  // behavior.
-  if (!base::FeatureList::IsEnabled(
-          ::features::kSecurityKeyAttestationPrompt)) {
-    return RespondNow(OneArgument(base::Value(true)));
-  }
-
-#if BUILDFLAG(IS_WIN)
-  // If the request was handled by the Windows WebAuthn API on a version of
-  // Windows that shows an attestation permission prompt, don't show another
-  // one.
-  //
-  // Note that this does not account for the possibility of the
-  // WinWebAuthnApi having been disabled by a FidoDiscoveryFactory override,
-  // which may be done in tests or via the Virtual Authenticator WebDriver
-  // API.
-  if (base::FeatureList::IsEnabled(device::kWebAuthUseNativeWinApi) &&
-      device::WinWebAuthnApi::GetDefault()->IsAvailable() &&
-      device::WinWebAuthnApi::GetDefault()->Version() >=
-          WEBAUTHN_API_VERSION_2) {
-    return RespondNow(OneArgument(base::Value(true)));
-  }
-#endif  // BUILDFLAG(IS_WIN)
-
-  // Otherwise, show a permission prompt and pass the user's decision back.
-  const GURL app_id_url(app_id);
-  EXTENSION_FUNCTION_VALIDATE(app_id_url.is_valid());
-
-  auto* contents = electron::api::WebContents::FromID(params->options.tab_id);
-  if (!contents || !contents->web_contents()) {
-    return RespondNow(Error("cannot find specified tab"));
-  }
-
-  // permissions::PermissionRequestManager* permission_request_manager =
-  //     permissions::PermissionRequestManager::FromWebContents(web_contents);
-  //     nullptr;
-  // if (!permission_request_manager) {
-  return RespondNow(Error("no PermissionRequestManager"));
-  // }
-
-#if 0  // TODO(MarshallOfSound): why is this commented out?
-  // The created AttestationPermissionRequest deletes itself once complete.
-  permission_request_manager->AddRequest(
-      web_contents->GetPrimaryMainFrame(),
-      tab,
-      NewAttestationPermissionRequest(
-          origin,
-          base::BindOnce(
-              &CryptotokenPrivateCanAppIdGetAttestationFunction::Complete,
-              this)));
-  return RespondLater();
-#endif
-#endif
-}
-
-void CryptotokenPrivateCanAppIdGetAttestationFunction::Complete(bool result) {
-  Respond(OneArgument(base::Value(result)));
-}
-
-ExtensionFunction::ResponseAction
-CryptotokenPrivateRecordRegisterRequestFunction::Run() {
-  auto params =
-      cryptotoken_private::RecordRegisterRequest::Params::Create(args());
-  EXTENSION_FUNCTION_VALIDATE(params);
-
-  content::RenderFrameHost* frame = RenderFrameHostForTabAndFrameId(
-      browser_context(), params->tab_id, params->frame_id);
-  if (!frame) {
-    return RespondNow(Error("cannot find specified tab or frame"));
-  }
-
-  // page_load_metrics::MetricsWebContentsObserver::RecordFeatureUsage(
-  //     frame, blink::mojom::WebFeature::kU2FCryptotokenRegister);
-  return RespondNow(NoArguments());
-}
-
-ExtensionFunction::ResponseAction
-CryptotokenPrivateRecordSignRequestFunction::Run() {
-  auto params = cryptotoken_private::RecordSignRequest::Params::Create(args());
-  EXTENSION_FUNCTION_VALIDATE(params);
-
-  content::RenderFrameHost* frame = RenderFrameHostForTabAndFrameId(
-      browser_context(), params->tab_id, params->frame_id);
-  if (!frame) {
-    return RespondNow(Error("cannot find specified tab or frame"));
-  }
-
-  // page_load_metrics::MetricsWebContentsObserver::RecordFeatureUsage(
-  //     frame, blink::mojom::WebFeature::kU2FCryptotokenSign);
-  return RespondNow(NoArguments());
-}
-
-}  // namespace extensions::api

shell/browser/extensions/api/cryptotoken_private/cryptotoken_private_api.h

@@ -1,84 +0,0 @@
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef ELECTRON_SHELL_BROWSER_EXTENSIONS_API_CRYPTOTOKEN_PRIVATE_CRYPTOTOKEN_PRIVATE_API_H_
-#define ELECTRON_SHELL_BROWSER_EXTENSIONS_API_CRYPTOTOKEN_PRIVATE_CRYPTOTOKEN_PRIVATE_API_H_
-
-#include "chrome/common/extensions/api/cryptotoken_private.h"
-#include "extensions/browser/extension_function.h"
-
-namespace user_prefs {
-class PrefRegistrySyncable;
-}
-
-// Implementations for chrome.cryptotokenPrivate API functions.
-
-namespace extensions::api {
-
-// void CryptotokenRegisterProfilePrefs(
-//     user_prefs::PrefRegistrySyncable* registry);
-
-class CryptotokenPrivateCanOriginAssertAppIdFunction
-    : public ExtensionFunction {
- public:
-  CryptotokenPrivateCanOriginAssertAppIdFunction();
-  DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.canOriginAssertAppId",
-                             CRYPTOTOKENPRIVATE_CANORIGINASSERTAPPID)
- protected:
-  ~CryptotokenPrivateCanOriginAssertAppIdFunction() override {}
-  ResponseAction Run() override;
-};
-
-class CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction
-    : public ExtensionFunction {
- public:
-  CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction();
-  DECLARE_EXTENSION_FUNCTION(
-      "cryptotokenPrivate.isAppIdHashInEnterpriseContext",
-      CRYPTOTOKENPRIVATE_ISAPPIDHASHINENTERPRISECONTEXT)
-
- protected:
-  ~CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction() override {}
-  ResponseAction Run() override;
-};
-
-class CryptotokenPrivateCanAppIdGetAttestationFunction
-    : public ExtensionFunction {
- public:
-  CryptotokenPrivateCanAppIdGetAttestationFunction();
-  DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.canAppIdGetAttestation",
-                             CRYPTOTOKENPRIVATE_CANAPPIDGETATTESTATION)
-
- protected:
-  ~CryptotokenPrivateCanAppIdGetAttestationFunction() override {}
-  ResponseAction Run() override;
-  void Complete(bool result);
-};
-
-class CryptotokenPrivateRecordRegisterRequestFunction
-    : public ExtensionFunction {
- public:
-  CryptotokenPrivateRecordRegisterRequestFunction() = default;
-  DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.recordRegisterRequest",
-                             CRYPTOTOKENPRIVATE_RECORDREGISTERREQUEST)
-
- protected:
-  ~CryptotokenPrivateRecordRegisterRequestFunction() override = default;
-  ResponseAction Run() override;
-};
-
-class CryptotokenPrivateRecordSignRequestFunction : public ExtensionFunction {
- public:
-  CryptotokenPrivateRecordSignRequestFunction() = default;
-  DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.recordSignRequest",
-                             CRYPTOTOKENPRIVATE_RECORDSIGNREQUEST)
-
- protected:
-  ~CryptotokenPrivateRecordSignRequestFunction() override = default;
-  ResponseAction Run() override;
-};
-
-}  // namespace extensions::api
-
-#endif  // ELECTRON_SHELL_BROWSER_EXTENSIONS_API_CRYPTOTOKEN_PRIVATE_CRYPTOTOKEN_PRIVATE_API_H_

shell/browser/extensions/electron_extension_system.cc

@@ -35,7 +35,6 @@
 #include "extensions/common/constants.h"
 #include "extensions/common/file_util.h"
 #include "shell/browser/extensions/electron_extension_loader.h"
-#include "ui/base/resource/resource_bundle.h"
 
 #if BUILDFLAG(ENABLE_PDF_VIEWER)
 #include "chrome/browser/pdf/pdf_extension_util.h"  // nogncheck
@@ -46,18 +45,6 @@ using content::BrowserThread;
 
 namespace extensions {
 
-namespace {
-
-std::string GetCryptoTokenManifest() {
-  std::string manifest_contents(
-      ui::ResourceBundle::GetSharedInstance().GetRawDataResource(
-          IDR_CRYPTOTOKEN_MANIFEST));
-
-  return manifest_contents;
-}
-
-}  // namespace
-
 ElectronExtensionSystem::ElectronExtensionSystem(
     BrowserContext* browser_context)
     : browser_context_(browser_context),
@@ -135,22 +122,6 @@ void ElectronExtensionSystem::LoadComponentExtensions() {
     extension_loader_->registrar()->AddExtension(pdf_extension);
   }
 #endif
-
-  std::string cryptotoken_manifest_string = GetCryptoTokenManifest();
-  std::unique_ptr<base::DictionaryValue> cryptotoken_manifest =
-      ParseManifest(cryptotoken_manifest_string);
-  DCHECK(cryptotoken_manifest);
-  if (cryptotoken_manifest) {
-    base::FilePath root_directory;
-    CHECK(base::PathService::Get(chrome::DIR_RESOURCES, &root_directory));
-    root_directory = root_directory.Append(FILE_PATH_LITERAL("cryptotoken"));
-    scoped_refptr<const Extension> cryptotoken_extension =
-        extensions::Extension::Create(
-            root_directory, extensions::mojom::ManifestLocation::kComponent,
-            *cryptotoken_manifest, extensions::Extension::REQUIRE_KEY,
-            &utf8_error);
-    extension_loader_->registrar()->AddExtension(cryptotoken_extension);
-  }
 }
 
 ExtensionService* ElectronExtensionSystem::extension_service() {

shell/browser/hid/electron_hid_delegate.h

@@ -74,10 +74,7 @@ class ElectronHidDelegate : public content::HidDelegate,
       std::vector<blink::mojom::HidDeviceFilterPtr> exclusion_filters,
       content::HidChooser::Callback callback);
 
-  base::ScopedObservation<HidChooserContext,
-                          HidChooserContext::DeviceObserver,
-                          &HidChooserContext::AddDeviceObserver,
-                          &HidChooserContext::RemoveDeviceObserver>
+  base::ScopedObservation<HidChooserContext, HidChooserContext::DeviceObserver>
       device_observation_{this};
   base::ObserverList<content::HidDelegate::Observer> observer_list_;
 
@@ -90,4 +87,24 @@ class ElectronHidDelegate : public content::HidDelegate,
 
 }  // namespace electron
 
+namespace base {
+
+template <>
+struct base::ScopedObservationTraits<
+    electron::HidChooserContext,
+    electron::HidChooserContext::DeviceObserver> {
+  static void AddObserver(
+      electron::HidChooserContext* source,
+      electron::HidChooserContext::DeviceObserver* observer) {
+    source->AddDeviceObserver(observer);
+  }
+  static void RemoveObserver(
+      electron::HidChooserContext* source,
+      electron::HidChooserContext::DeviceObserver* observer) {
+    source->RemoveDeviceObserver(observer);
+  }
+};
+
+}  // namespace base
+
 #endif  // ELECTRON_SHELL_BROWSER_HID_ELECTRON_HID_DELEGATE_H_

shell/browser/hid/hid_chooser_controller.h

@@ -115,10 +115,7 @@ class HidChooserController
   // in the chooser.
   std::vector<std::string> items_;
 
-  base::ScopedObservation<HidChooserContext,
-                          HidChooserContext::DeviceObserver,
-                          &HidChooserContext::AddDeviceObserver,
-                          &HidChooserContext::RemoveDeviceObserver>
+  base::ScopedObservation<HidChooserContext, HidChooserContext::DeviceObserver>
       observation_{this};
 
   base::WeakPtr<ElectronHidDelegate> hid_delegate_;

shell/browser/notifications/win/notification_presenter_win.cc

@@ -15,11 +15,11 @@
 #include "base/hash/md5.h"
 #include "base/logging.h"
 #include "base/strings/utf_string_conversions.h"
-#include "base/threading/thread_restrictions.h"
 #include "base/time/time.h"
 #include "base/win/windows_version.h"
 #include "shell/browser/notifications/win/notification_presenter_win7.h"
 #include "shell/browser/notifications/win/windows_toast_notification.h"
+#include "shell/common/thread_restrictions.h"
 #include "third_party/skia/include/core/SkBitmap.h"
 #include "ui/gfx/codec/png_codec.h"
 
@@ -67,7 +67,7 @@ NotificationPresenterWin::NotificationPresenterWin() = default;
 NotificationPresenterWin::~NotificationPresenterWin() = default;
 
 bool NotificationPresenterWin::Init() {
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
   return temp_dir_.CreateUniqueTempDir();
 }
 
@@ -83,7 +83,7 @@ std::wstring NotificationPresenterWin::SaveIconToFilesystem(
     filename = std::to_string(now.ToInternalValue()) + ".png";
   }
 
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
   base::FilePath path = temp_dir_.GetPath().Append(base::UTF8ToWide(filename));
   if (base::PathExists(path))
     return path.value();

shell/browser/serial/electron_serial_delegate.h

@@ -67,9 +67,7 @@ class ElectronSerialDelegate : public content::SerialDelegate,
       content::SerialChooser::Callback callback);
 
   base::ScopedObservation<SerialChooserContext,
-                          SerialChooserContext::PortObserver,
-                          &SerialChooserContext::AddPortObserver,
-                          &SerialChooserContext::RemovePortObserver>
+                          SerialChooserContext::PortObserver>
       port_observation_{this};
   base::ObserverList<content::SerialDelegate::Observer> observer_list_;
 
@@ -82,4 +80,24 @@ class ElectronSerialDelegate : public content::SerialDelegate,
 
 }  // namespace electron
 
+namespace base {
+
+template <>
+struct base::ScopedObservationTraits<
+    electron::SerialChooserContext,
+    electron::SerialChooserContext::PortObserver> {
+  static void AddObserver(
+      electron::SerialChooserContext* source,
+      electron::SerialChooserContext::PortObserver* observer) {
+    source->AddPortObserver(observer);
+  }
+  static void RemoveObserver(
+      electron::SerialChooserContext* source,
+      electron::SerialChooserContext::PortObserver* observer) {
+    source->RemovePortObserver(observer);
+  }
+};
+
+}  // namespace base
+
 #endif  // ELECTRON_SHELL_BROWSER_SERIAL_ELECTRON_SERIAL_DELEGATE_H_

shell/browser/serial/serial_chooser_controller.h

@@ -64,9 +64,7 @@ class SerialChooserController final : public SerialChooserContext::PortObserver,
   base::WeakPtr<SerialChooserContext> chooser_context_;
 
   base::ScopedObservation<SerialChooserContext,
-                          SerialChooserContext::PortObserver,
-                          &SerialChooserContext::AddPortObserver,
-                          &SerialChooserContext::RemovePortObserver>
+                          SerialChooserContext::PortObserver>
       observation_{this};
 
   std::vector<device::mojom::SerialPortInfoPtr> ports_;

shell/browser/ui/electron_desktop_window_tree_host_linux.h

@@ -63,10 +63,7 @@ class ElectronDesktopWindowTreeHostLinux
 
   base::ScopedObservation<ui::NativeTheme, ui::NativeThemeObserver>
       theme_observation_{this};
-  base::ScopedObservation<ui::LinuxUi,
-                          ui::DeviceScaleFactorObserver,
-                          &ui::LinuxUi::AddDeviceScaleFactorObserver,
-                          &ui::LinuxUi::RemoveDeviceScaleFactorObserver>
+  base::ScopedObservation<ui::LinuxUi, ui::DeviceScaleFactorObserver>
       scale_observation_{this};
   ui::PlatformWindowState window_state_ = ui::PlatformWindowState::kUnknown;
 };

shell/browser/ui/file_dialog_gtk.cc

@@ -8,13 +8,13 @@
 #include "base/callback.h"
 #include "base/files/file_util.h"
 #include "base/strings/string_util.h"
-#include "base/threading/thread_restrictions.h"
 #include "electron/electron_gtk_stubs.h"
 #include "shell/browser/javascript_environment.h"
 #include "shell/browser/native_window_views.h"
 #include "shell/browser/ui/file_dialog.h"
 #include "shell/browser/ui/gtk_util.h"
 #include "shell/common/gin_converters/file_path_converter.h"
+#include "shell/common/thread_restrictions.h"
 #include "ui/base/glib/glib_signal.h"
 #include "ui/gtk/gtk_ui.h"    // nogncheck
 #include "ui/gtk/gtk_util.h"  // nogncheck
@@ -95,7 +95,7 @@ class FileChooserDialog {
       gtk_file_chooser_set_create_folders(dialog_, TRUE);
 
     if (!settings.default_path.empty()) {
-      base::ThreadRestrictions::ScopedAllowIO allow_io;
+      electron::ScopedAllowBlockingForElectron allow_blocking;
       if (base::DirectoryExists(settings.default_path)) {
         gtk_file_chooser_set_current_folder(
             dialog_, settings.default_path.value().c_str());

shell/browser/ui/file_dialog_mac.mm

@@ -16,11 +16,11 @@
 #include "base/mac/mac_util.h"
 #include "base/mac/scoped_cftyperef.h"
 #include "base/strings/sys_string_conversions.h"
-#include "base/threading/thread_restrictions.h"
 #include "content/public/browser/browser_task_traits.h"
 #include "content/public/browser/browser_thread.h"
 #include "shell/browser/native_window.h"
 #include "shell/common/gin_converters/file_path_converter.h"
+#include "shell/common/thread_restrictions.h"
 
 @interface PopUpButtonHandler : NSObject
 
@@ -173,7 +173,7 @@ void SetupDialog(NSSavePanel* dialog, const DialogSettings& settings) {
   NSString* default_dir = nil;
   NSString* default_filename = nil;
   if (!settings.default_path.empty()) {
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
+    electron::ScopedAllowBlockingForElectron allow_blocking;
     if (base::DirectoryExists(settings.default_path)) {
       default_dir = base::SysUTF8ToNSString(settings.default_path.value());
     } else {

shell/browser/ui/message_box_win.cc

@@ -137,7 +137,7 @@ TaskDialogCallback(HWND hwnd, UINT msg, WPARAM, LPARAM, LONG_PTR data) {
   return S_OK;
 }
 
-DialogResult ShowTaskDialogWstr(NativeWindow* parent,
+DialogResult ShowTaskDialogWstr(gfx::AcceleratedWidget parent,
                                 MessageBoxType type,
                                 const std::vector<std::wstring>& buttons,
                                 int default_id,
@@ -160,8 +160,7 @@ DialogResult ShowTaskDialogWstr(NativeWindow* parent,
   config.dwFlags = flags;
 
   if (parent) {
-    config.hwndParent = static_cast<electron::NativeWindowViews*>(parent)
-                            ->GetAcceleratedWidget();
+    config.hwndParent = parent;
   }
 
   if (default_id > 0)
@@ -254,6 +253,7 @@ DialogResult ShowTaskDialogWstr(NativeWindow* parent,
 }
 
 DialogResult ShowTaskDialogUTF8(const MessageBoxSettings& settings,
+                                gfx::AcceleratedWidget parent_widget,
                                 HWND* hwnd) {
   std::vector<std::wstring> buttons;
   for (const auto& button : settings.buttons)
@@ -266,7 +266,7 @@ DialogResult ShowTaskDialogUTF8(const MessageBoxSettings& settings,
       base::UTF8ToUTF16(settings.checkbox_label);
 
   return ShowTaskDialogWstr(
-      settings.parent_window, settings.type, buttons, settings.default_id,
+      parent_widget, settings.type, buttons, settings.default_id,
       settings.cancel_id, settings.no_link, title, message, detail,
       checkbox_label, settings.checkbox_checked, settings.icon, hwnd);
 }
@@ -274,7 +274,12 @@ DialogResult ShowTaskDialogUTF8(const MessageBoxSettings& settings,
 }  // namespace
 
 int ShowMessageBoxSync(const MessageBoxSettings& settings) {
-  DialogResult result = ShowTaskDialogUTF8(settings, nullptr);
+  gfx::AcceleratedWidget parent_widget =
+      settings.parent_window
+          ? static_cast<electron::NativeWindowViews*>(settings.parent_window)
+                ->GetAcceleratedWidget()
+          : nullptr;
+  DialogResult result = ShowTaskDialogUTF8(settings, parent_widget, nullptr);
   return result.button_id;
 }
 
@@ -291,17 +296,23 @@ void ShowMessageBox(const MessageBoxSettings& settings,
     hwnd = it.first->second.get();
   }
 
-  dialog_thread::Run(
-      base::BindOnce(&ShowTaskDialogUTF8, settings, base::Unretained(hwnd)),
-      base::BindOnce(
-          [](MessageBoxCallback callback, absl::optional<int> id,
-             DialogResult result) {
-            if (id)
-              GetDialogsMap().erase(*id);
-            std::move(callback).Run(result.button_id,
-                                    result.verification_flag_checked);
-          },
-          std::move(callback), settings.id));
+  gfx::AcceleratedWidget parent_widget =
+      settings.parent_window
+          ? static_cast<electron::NativeWindowViews*>(settings.parent_window)
+                ->GetAcceleratedWidget()
+          : nullptr;
+  dialog_thread::Run(base::BindOnce(&ShowTaskDialogUTF8, settings,
+                                    parent_widget, base::Unretained(hwnd)),
+                     base::BindOnce(
+                         [](MessageBoxCallback callback, absl::optional<int> id,
+                            DialogResult result) {
+                           if (id)
+                             GetDialogsMap().erase(*id);
+                           std::move(callback).Run(
+                               result.button_id,
+                               result.verification_flag_checked);
+                         },
+                         std::move(callback), settings.id));
 }
 
 void CloseMessageBox(int id) {

shell/browser/ui/views/client_frame_view_linux.cc

@@ -104,14 +104,14 @@ ClientFrameViewLinux::ClientFrameViewLinux()
 
   native_theme_observer_.Observe(theme_);
 
-  if (ui::LinuxUiTheme* ui = ui::LinuxUiTheme::GetForProfile(nullptr)) {
+  if (auto* ui = ui::LinuxUi::instance()) {
     ui->AddWindowButtonOrderObserver(this);
     OnWindowButtonOrderingChange();
   }
 }
 
 ClientFrameViewLinux::~ClientFrameViewLinux() {
-  if (ui::LinuxUiTheme* ui = ui::LinuxUiTheme::GetForProfile(nullptr))
+  if (auto* ui = ui::LinuxUi::instance())
     ui->RemoveWindowButtonOrderObserver(this);
   theme_->RemoveObserver(this);
 }

shell/browser/ui/views/client_frame_view_linux.h

@@ -136,10 +136,7 @@ class ClientFrameViewLinux : public FramelessView,
 
   base::ScopedObservation<ui::NativeTheme, ui::NativeThemeObserver>
       native_theme_observer_{this};
-  base::ScopedObservation<ui::LinuxUiTheme,
-                          ui::WindowButtonOrderObserver,
-                          &ui::LinuxUiTheme::AddWindowButtonOrderObserver,
-                          &ui::LinuxUiTheme::RemoveWindowButtonOrderObserver>
+  base::ScopedObservation<ui::LinuxUi, ui::WindowButtonOrderObserver>
       window_button_order_observer_{this};
 
   base::CallbackListSubscription paint_as_active_changed_subscription_;

shell/browser/ui/webui/accessibility_ui.cc

@@ -297,7 +297,8 @@ void HandleAccessibilityRequestCallback(
   std::string json_string;
   base::JSONWriter::Write(base::Value(std::move(data)), &json_string);
 
-  std::move(callback).Run(base::RefCountedString::TakeString(&json_string));
+  std::move(callback).Run(
+      base::MakeRefCounted<base::RefCountedString>(std::move(json_string)));
 }
 
 }  // namespace

shell/browser/ui/x/x_window_utils.cc

@@ -8,10 +8,10 @@
 
 #include "base/environment.h"
 #include "base/strings/string_util.h"
-#include "base/threading/thread_restrictions.h"
 #include "dbus/bus.h"
 #include "dbus/message.h"
 #include "dbus/object_proxy.h"
+#include "shell/common/thread_restrictions.h"
 #include "ui/base/x/x11_util.h"
 #include "ui/gfx/x/x11_atom_cache.h"
 #include "ui/gfx/x/xproto.h"
@@ -34,7 +34,7 @@ void SetWindowType(x11::Window window, const std::string& type) {
 }
 
 bool ShouldUseGlobalMenuBar() {
-  base::ThreadRestrictions::ScopedAllowIO allow_io;
+  ScopedAllowBlockingForElectron allow_blocking;
   auto env = base::Environment::Create();
   if (env->HasVar("ELECTRON_FORCE_WINDOW_MENU_BAR"))
     return false;

shell/browser/web_contents_zoom_controller.cc

@@ -51,9 +51,8 @@ void WebContentsZoomController::SetZoomLevel(double level) {
       zoom_mode_ == ZoomMode::kDisabled)
     return;
 
-  int render_process_id =
-      web_contents()->GetRenderViewHost()->GetProcess()->GetID();
-  int render_view_id = web_contents()->GetRenderViewHost()->GetRoutingID();
+  content::GlobalRenderFrameHostId rfh_id =
+      web_contents()->GetPrimaryMainFrame()->GetGlobalId();
 
   if (zoom_mode_ == ZoomMode::kManual) {
     zoom_level_ = level;
@@ -67,8 +66,8 @@ void WebContentsZoomController::SetZoomLevel(double level) {
   content::HostZoomMap* zoom_map =
       content::HostZoomMap::GetForWebContents(web_contents());
   if (zoom_mode_ == ZoomMode::kIsolated ||
-      zoom_map->UsesTemporaryZoomLevel(render_process_id, render_view_id)) {
-    zoom_map->SetTemporaryZoomLevel(render_process_id, render_view_id, level);
+      zoom_map->UsesTemporaryZoomLevel(rfh_id)) {
+    zoom_map->SetTemporaryZoomLevel(rfh_id, level);
     // Notify observers of zoom level changes.
     for (Observer& observer : observers_)
       observer.OnZoomLevelChanged(web_contents(), level, true);
@@ -96,20 +95,18 @@ double WebContentsZoomController::GetDefaultZoomFactor() {
 }
 
 void WebContentsZoomController::SetTemporaryZoomLevel(double level) {
-  old_process_id_ = web_contents()->GetRenderViewHost()->GetProcess()->GetID();
-  old_view_id_ = web_contents()->GetRenderViewHost()->GetRoutingID();
-  host_zoom_map_->SetTemporaryZoomLevel(old_process_id_, old_view_id_, level);
+  content::GlobalRenderFrameHostId old_rfh_id_ =
+      web_contents()->GetPrimaryMainFrame()->GetGlobalId();
+  host_zoom_map_->SetTemporaryZoomLevel(old_rfh_id_, level);
   // Notify observers of zoom level changes.
   for (Observer& observer : observers_)
     observer.OnZoomLevelChanged(web_contents(), level, true);
 }
 
 bool WebContentsZoomController::UsesTemporaryZoomLevel() {
-  int render_process_id =
-      web_contents()->GetRenderViewHost()->GetProcess()->GetID();
-  int render_view_id = web_contents()->GetRenderViewHost()->GetRoutingID();
-  return host_zoom_map_->UsesTemporaryZoomLevel(render_process_id,
-                                                render_view_id);
+  content::GlobalRenderFrameHostId rfh_id =
+      web_contents()->GetPrimaryMainFrame()->GetGlobalId();
+  return host_zoom_map_->UsesTemporaryZoomLevel(rfh_id);
 }
 
 void WebContentsZoomController::SetZoomMode(ZoomMode new_mode) {
@@ -118,9 +115,8 @@ void WebContentsZoomController::SetZoomMode(ZoomMode new_mode) {
 
   content::HostZoomMap* zoom_map =
       content::HostZoomMap::GetForWebContents(web_contents());
-  int render_process_id =
-      web_contents()->GetRenderViewHost()->GetProcess()->GetID();
-  int render_view_id = web_contents()->GetRenderViewHost()->GetRoutingID();
+  content::GlobalRenderFrameHostId rfh_id =
+      web_contents()->GetPrimaryMainFrame()->GetGlobalId();
   double original_zoom_level = GetZoomLevel();
 
   switch (new_mode) {
@@ -139,8 +135,7 @@ void WebContentsZoomController::SetZoomMode(ZoomMode new_mode) {
           // the correct zoom level.
           double origin_zoom_level =
               zoom_map->GetZoomLevelForHostAndScheme(url.scheme(), host);
-          zoom_map->SetTemporaryZoomLevel(render_process_id, render_view_id,
-                                          origin_zoom_level);
+          zoom_map->SetTemporaryZoomLevel(rfh_id, origin_zoom_level);
         } else {
           // The host will need a level prior to removing the temporary level.
           // We don't want the zoom level to change just because we entered
@@ -149,7 +144,7 @@ void WebContentsZoomController::SetZoomMode(ZoomMode new_mode) {
         }
       }
       // Remove per-tab zoom data for this tab. No event callback expected.
-      zoom_map->ClearTemporaryZoomLevel(render_process_id, render_view_id);
+      zoom_map->ClearTemporaryZoomLevel(rfh_id);
       break;
     }
     case ZoomMode::kIsolated: {
@@ -157,8 +152,7 @@ void WebContentsZoomController::SetZoomMode(ZoomMode new_mode) {
       // page needs an initial isolated zoom back to the same level it was at
       // in the other mode.
       if (zoom_mode_ != ZoomMode::kDisabled) {
-        zoom_map->SetTemporaryZoomLevel(render_process_id, render_view_id,
-                                        original_zoom_level);
+        zoom_map->SetTemporaryZoomLevel(rfh_id, original_zoom_level);
       } else {
         // When we don't call any HostZoomMap set functions, we send the event
         // manually.
@@ -173,8 +167,7 @@ void WebContentsZoomController::SetZoomMode(ZoomMode new_mode) {
       // page needs to be resized to the default zoom. While in manual mode,
       // the zoom level is handled independently.
       if (zoom_mode_ != ZoomMode::kDisabled) {
-        zoom_map->SetTemporaryZoomLevel(render_process_id, render_view_id,
-                                        GetDefaultZoomLevel());
+        zoom_map->SetTemporaryZoomLevel(rfh_id, GetDefaultZoomLevel());
         zoom_level_ = original_zoom_level;
       } else {
         // When we don't call any HostZoomMap set functions, we send the event
@@ -187,8 +180,7 @@ void WebContentsZoomController::SetZoomMode(ZoomMode new_mode) {
     }
     case ZoomMode::kDisabled: {
       // The page needs to be zoomed back to default before disabling the zoom
-      zoom_map->SetTemporaryZoomLevel(render_process_id, render_view_id,
-                                      GetDefaultZoomLevel());
+      zoom_map->SetTemporaryZoomLevel(rfh_id, GetDefaultZoomLevel());
       break;
     }
   }
@@ -201,9 +193,8 @@ void WebContentsZoomController::ResetZoomModeOnNavigationIfNeeded(
   if (zoom_mode_ != ZoomMode::kIsolated && zoom_mode_ != ZoomMode::kManual)
     return;
 
-  int render_process_id =
-      web_contents()->GetRenderViewHost()->GetProcess()->GetID();
-  int render_view_id = web_contents()->GetRenderViewHost()->GetRoutingID();
+  content::GlobalRenderFrameHostId rfh_id =
+      web_contents()->GetPrimaryMainFrame()->GetGlobalId();
   content::HostZoomMap* zoom_map =
       content::HostZoomMap::GetForWebContents(web_contents());
   zoom_level_ = zoom_map->GetDefaultZoomLevel();
@@ -211,7 +202,7 @@ void WebContentsZoomController::ResetZoomModeOnNavigationIfNeeded(
       url.scheme(), net::GetHostOrSpecFromURL(url));
   for (Observer& observer : observers_)
     observer.OnZoomLevelChanged(web_contents(), new_zoom_level, false);
-  zoom_map->ClearTemporaryZoomLevel(render_process_id, render_view_id);
+  zoom_map->ClearTemporaryZoomLevel(rfh_id);
   zoom_mode_ = ZoomMode::kDefault;
 }
 
@@ -254,8 +245,11 @@ void WebContentsZoomController::SetZoomFactorOnNavigationIfNeeded(
   if (blink::PageZoomValuesEqual(GetDefaultZoomFactor(), kPageZoomEpsilon))
     return;
 
-  if (host_zoom_map_->UsesTemporaryZoomLevel(old_process_id_, old_view_id_)) {
-    host_zoom_map_->ClearTemporaryZoomLevel(old_process_id_, old_view_id_);
+  content::GlobalRenderFrameHostId old_rfh_id_ =
+      content::GlobalRenderFrameHostId(old_process_id_, old_view_id_);
+
+  if (host_zoom_map_->UsesTemporaryZoomLevel(old_rfh_id_)) {
+    host_zoom_map_->ClearTemporaryZoomLevel(old_rfh_id_);
   }
 
   if (embedder_zoom_controller_ &&