brave · goodov · Sep 20, 2024
diff --git a/browser/brave_content_browser_client.cc b/browser/brave_content_browser_client.cc
@@ -692,8 +692,11 @@ BraveContentBrowserClient::WorkerGetBraveShieldSettings(
 
   PrefService* pref_service = user_prefs::UserPrefs::Get(browser_context);
 
+  base::Token farbling_token = brave_shields::GetFarblingToken(
+      HostContentSettingsMapFactory::GetForProfile(browser_context), url);
+
   return brave_shields::mojom::ShieldsSettings::New(
-      farbling_level, std::vector<std::string>(),
+      farbling_level, farbling_token, std::vector<std::string>(),
       brave_shields::IsReduceLanguageEnabledForProfile(pref_service));
 }
 

diff --git a/browser/brave_shields/brave_shields_web_contents_observer.cc b/browser/brave_shields/brave_shields_web_contents_observer.cc
@@ -21,6 +21,7 @@
 #include "chrome/browser/content_settings/host_content_settings_map_factory.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/common/renderer_configuration.mojom.h"
+#include "components/content_settings/core/browser/host_content_settings_map.h"
 #include "components/prefs/pref_registry_simple.h"
 #include "components/prefs/pref_service.h"
 #include "components/user_prefs/user_prefs.h"
@@ -294,19 +295,21 @@ void BraveShieldsWebContentsObserver::SendShieldsSettings(
                 ->GetLastCommittedURL()
           : navigation_handle->GetURL();
 
+  HostContentSettingsMap* host_content_settings_map =
+      HostContentSettingsMapFactory::GetForProfile(rfh->GetBrowserContext());
   const brave_shields::mojom::FarblingLevel farbling_level =
-      brave_shields::GetFarblingLevel(
-          HostContentSettingsMapFactory::GetForProfile(
-              rfh->GetBrowserContext()),
-          primary_url);
+      brave_shields::GetFarblingLevel(host_content_settings_map, primary_url);
+
+  base::Token farbling_token =
+      brave_shields::GetFarblingToken(host_content_settings_map, primary_url);
 
   PrefService* pref_service =
       user_prefs::UserPrefs::Get(rfh->GetBrowserContext());
 
   mojo::AssociatedRemote<brave_shields::mojom::BraveShields> agent;
   rfh->GetRemoteAssociatedInterfaces()->GetInterface(&agent);
   agent->SetShieldsSettings(brave_shields::mojom::ShieldsSettings::New(
-      farbling_level, allowed_scripts_,
+      farbling_level, farbling_token, allowed_scripts_,
       brave_shields::IsReduceLanguageEnabledForProfile(pref_service)));
 }
 

diff --git a/browser/browsing_data/brave_browsing_data_remover_delegate.cc b/browser/browsing_data/brave_browsing_data_remover_delegate.cc
@@ -17,6 +17,7 @@
 #include "chrome/browser/content_settings/host_content_settings_map_factory.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/common/buildflags.h"
+#include "components/browsing_data/content/browsing_data_helper.h"
 #include "components/content_settings/core/browser/host_content_settings_map.h"
 
 #if BUILDFLAG(ENABLE_AI_CHAT)
@@ -65,6 +66,17 @@ void BraveBrowsingDataRemoverDelegate::RemoveEmbedderData(
     ClearAiChatHistory(delete_begin, delete_end);
   }
 #endif  // BUILDFLAG(ENABLE_AI_CHAT)
+
+  if ((remove_mask & chrome_browsing_data_remover::DATA_TYPE_SITE_USAGE_DATA) ||
+      (remove_mask & chrome_browsing_data_remover::DATA_TYPE_HISTORY)) {
+    HostContentSettingsMap::PatternSourcePredicate website_settings_filter =
+        browsing_data::CreateWebsiteSettingsFilter(filter_builder);
+    HostContentSettingsMap* host_content_settings_map =
+        HostContentSettingsMapFactory::GetForProfile(profile_);
+    host_content_settings_map->ClearSettingsForOneTypeWithPredicate(
+        ContentSettingsType::BRAVE_SHIELDS_METADATA, delete_begin, delete_end,
+        website_settings_filter);
+  }
 }
 
 void BraveBrowsingDataRemoverDelegate::ClearShieldsSettings(

@@ -49,7 +49,8 @@
   {ContentSettingsType::BRAVE_WEBCOMPAT_WEBGL, nullptr}, \
   {ContentSettingsType::BRAVE_WEBCOMPAT_WEBGL2, nullptr}, \
   {ContentSettingsType::BRAVE_WEBCOMPAT_WEB_SOCKETS_POOL, nullptr}, \
-  {ContentSettingsType::BRAVE_WEBCOMPAT_ALL, nullptr},
+  {ContentSettingsType::BRAVE_WEBCOMPAT_ALL, nullptr}, \
+  {ContentSettingsType::BRAVE_SHIELDS_METADATA, nullptr},
 // clang-format on
 
 #define BRAVE_SITE_SETTINGS_HELPER_CONTENT_SETTINGS_TYPE_FROM_GROUP_NAME \

@@ -96,7 +96,7 @@ WorkerContentSettingsClient_BraveImpl::GetBraveShieldsSettings(
   } else {
     DCHECK(!HasContentSettingsRules());
     return brave_shields::mojom::ShieldsSettings::New(
-        farbling_level, std::vector<std::string>(), false);
+        farbling_level, base::Token(), std::vector<std::string>(), false);
   }
 }
 

@@ -320,6 +320,15 @@ void ContentSettingsRegistry::BraveInit() {
                ContentSettingsInfo::EXCEPTIONS_ON_SECURE_AND_INSECURE_ORIGINS);
     }
   }
+
+  website_settings_registry_->Register(
+      ContentSettingsType::BRAVE_SHIELDS_METADATA,
+      brave_shields::kBraveShieldsMetadata, base::Value(),
+      WebsiteSettingsInfo::UNSYNCABLE, WebsiteSettingsInfo::NOT_LOSSY,
+      WebsiteSettingsInfo::REQUESTING_SCHEMEFUL_SITE_ONLY_SCOPE,
+      WebsiteSettingsRegistry::DESKTOP |
+          WebsiteSettingsRegistry::PLATFORM_ANDROID,
+      WebsiteSettingsInfo::DONT_INHERIT_IN_INCOGNITO);
 }
 
 }  // namespace content_settings
@@ -63,7 +63,8 @@ static_assert(static_cast<int>(ContentSettingsType::kMaxValue) <
   {ContentSettingsType::BRAVE_WEBCOMPAT_WEBGL, brave_value(65)}, \
   {ContentSettingsType::BRAVE_WEBCOMPAT_WEBGL2, brave_value(66)}, \
   {ContentSettingsType::BRAVE_WEBCOMPAT_WEB_SOCKETS_POOL, brave_value(67)}, \
-  {ContentSettingsType::BRAVE_WEBCOMPAT_ALL, brave_value(68)},
+  {ContentSettingsType::BRAVE_WEBCOMPAT_ALL, brave_value(68)}, \
+  {ContentSettingsType::BRAVE_SHIELDS_METADATA, brave_value(69)},
 // clang-format on
 
 #define kDefaultProvider       \

@@ -44,4 +44,6 @@ enum ContentSettingsType {
   BRAVE_WEBCOMPAT_WEBGL2,
   BRAVE_WEBCOMPAT_WEB_SOCKETS_POOL,
   BRAVE_WEBCOMPAT_ALL,
+
+  BRAVE_SHIELDS_METADATA,
 };
diff --git a/components/brave_shields/content/browser/brave_shields_util.cc b/components/brave_shields/content/browser/brave_shields_util.cc
@@ -5,7 +5,7 @@
 
 #include "brave/components/brave_shields/content/browser/brave_shields_util.h"
 
-#include <memory>
+#include <utility>
 
 #include "base/feature_list.h"
 #include "base/logging.h"
@@ -914,4 +914,30 @@ mojom::FarblingLevel GetFarblingLevel(HostContentSettingsMap* map,
   }
 }
 
+base::Token GetFarblingToken(HostContentSettingsMap* map, const GURL& url) {
+  if (!url.SchemeIsHTTPOrHTTPS()) {
+    return base::Token();
+  }
+  auto shields_metadata_value = map->GetWebsiteSetting(
+      url, url, ContentSettingsType::BRAVE_SHIELDS_METADATA);
+  auto* shields_metadata_dict = shields_metadata_value.GetIfDict();
+  if (!shields_metadata_dict) {
+    shields_metadata_value = base::Value(base::Value::Type::DICT);
+    shields_metadata_dict = &shields_metadata_value.GetDict();
+  }
+  base::Token token;
+  if (auto* farbling_token =
+          shields_metadata_dict->FindString("farbling_token")) {
+    token = base::Token::FromString(*farbling_token).value_or(base::Token());
+  } else {
+    token = base::Token::CreateRandom();
+    shields_metadata_dict->Set("farbling_token", token.ToString());
+    map->SetWebsiteSettingDefaultScope(
+        url, url, ContentSettingsType::BRAVE_SHIELDS_METADATA,
+        std::move(shields_metadata_value));
+  }
+  // LOG(ERROR) << token.ToString();
+  return token;
+}
+
 }  // namespace brave_shields
diff --git a/components/brave_shields/content/browser/brave_shields_util.h b/components/brave_shields/content/browser/brave_shields_util.h
@@ -167,6 +167,8 @@ ShieldsSettingCounts GetAdsSettingCount(HostContentSettingsMap* map);
 mojom::FarblingLevel GetFarblingLevel(HostContentSettingsMap* map,
                                       const GURL& primary_url);
 
+base::Token GetFarblingToken(HostContentSettingsMap* map, const GURL& url);
+
 }  // namespace brave_shields
 
 #endif  // BRAVE_COMPONENTS_BRAVE_SHIELDS_CONTENT_BROWSER_BRAVE_SHIELDS_UTIL_H_
diff --git a/components/brave_shields/core/common/brave_shield_constants.h b/components/brave_shields/core/common/brave_shield_constants.h
@@ -18,6 +18,7 @@ inline constexpr char kHTTPSUpgrades[] = "httpsUpgrades";
 inline constexpr char kJavaScript[] = "javascript";
 inline constexpr char kFingerprintingV2[] = "fingerprintingV2";
 inline constexpr char kBraveShields[] = "braveShields";
+inline constexpr char kBraveShieldsMetadata[] = "braveShieldsMetadata";
 inline constexpr char kReferrers[] = "referrers";
 inline constexpr char kCookies[] = "shieldsCookiesV3";
 inline constexpr char kFacebookEmbeds[] = "fb-embeds";

diff --git a/components/brave_shields/core/common/shields_settings.mojom b/components/brave_shields/core/common/shields_settings.mojom
@@ -15,6 +15,7 @@ enum FarblingLevel {
 
 struct ShieldsSettings {
   FarblingLevel farbling_level;
+  mojo_base.mojom.Token farbling_token;
   array<string> origins_to_allow_scripts;
   bool reduce_language;
 };
@@ -44,24 +44,19 @@ bool IsFrameWithOpaqueOrigin(blink::WebFrame* frame) {
          frame->Top()->GetSecurityOrigin().IsOpaque();
 }
 
-GURL GetOriginOrURL(const blink::WebFrame* frame) {
-  url::Origin top_origin = url::Origin(frame->Top()->GetSecurityOrigin());
-  // The |top_origin| is unique ("null") e.g., for file:// URLs. Use the
-  // document URL as the primary URL in those cases.
-  // TODO(alexmos): This is broken for --site-per-process, since top() can be a
-  // WebRemoteFrame which does not have a document(), and the WebRemoteFrame's
-  // URL is not replicated.  See https://crbug.com/628759.
-  if (top_origin.opaque() && frame->Top()->IsWebLocalFrame()) {
-    return frame->Top()->ToWebLocalFrame()->GetDocument().Url();
-  }
-  return top_origin.GetURL();
+GURL GetTopFrameOriginAsURL(const blink::WebFrame* frame) {
+  DCHECK(frame);
+  url::Origin top_origin(frame->Top()->GetSecurityOrigin());
+  return top_origin.opaque()
+             ? top_origin.GetTupleOrPrecursorTupleIfOpaque().GetURL()
+             : top_origin.GetURL();
 }
 
 bool IsBraveShieldsDown(const blink::WebFrame* frame,
                         const GURL& secondary_url,
                         const ContentSettingsForOneType& rules) {
   ContentSetting setting = CONTENT_SETTING_DEFAULT;
-  const GURL& primary_url = GetOriginOrURL(frame);
+  const GURL& primary_url = GetTopFrameOriginAsURL(frame);
 
   for (const auto& rule : rules) {
     if (rule.primary_pattern.Matches(primary_url) &&
@@ -291,7 +286,7 @@ bool BraveContentSettingsAgentImpl::IsCosmeticFilteringEnabled(
 
   ContentSetting setting = CONTENT_SETTING_DEFAULT;
   if (content_setting_rules_) {
-    const GURL& primary_url = GetOriginOrURL(frame);
+    const GURL& primary_url = GetTopFrameOriginAsURL(frame);
 
     for (const auto& rule : content_setting_rules_->cosmetic_filtering_rules) {
       if (rule.primary_pattern.Matches(primary_url) &&
@@ -315,7 +310,7 @@ bool BraveContentSettingsAgentImpl::IsFirstPartyCosmeticFilteringEnabled(
 
   ContentSetting setting = CONTENT_SETTING_DEFAULT;
   if (content_setting_rules_) {
-    const GURL& primary_url = GetOriginOrURL(frame);
+    const GURL& primary_url = GetTopFrameOriginAsURL(frame);
 
     for (const auto& rule : content_setting_rules_->cosmetic_filtering_rules) {
       if (rule.primary_pattern.Matches(primary_url) &&
@@ -351,13 +346,14 @@ BraveContentSettingsAgentImpl::GetBraveShieldsSettings(
       setting = CONTENT_SETTING_ALLOW;
     } else {
       setting = brave_shields::GetBraveFPContentSettingFromRules(
-          content_setting_rules_->fingerprinting_rules, GetOriginOrURL(frame));
+          content_setting_rules_->fingerprinting_rules,
+          GetTopFrameOriginAsURL(frame));
     }
     if (setting != CONTENT_SETTING_ALLOW) {
       auto webcompat_setting =
           brave_shields::GetBraveWebcompatContentSettingFromRules(
-              content_setting_rules_->webcompat_rules, GetOriginOrURL(frame),
-              webcompat_settings_type);
+              content_setting_rules_->webcompat_rules,
+              GetTopFrameOriginAsURL(frame), webcompat_settings_type);
       if (webcompat_setting == CONTENT_SETTING_ALLOW) {
         setting = CONTENT_SETTING_ALLOW;
       }
@@ -384,7 +380,7 @@ BraveContentSettingsAgentImpl::GetBraveShieldsSettings(
     // TODO(goodov): Parent or Incumbent frame should be used in this case.
     DCHECK(!HasContentSettingsRules());
     return brave_shields::mojom::ShieldsSettings::New(
-        farbling_level, std::vector<std::string>(), false);
+        farbling_level, base::Token(), std::vector<std::string>(), false);
   }
 }
 

@@ -0,0 +1,13 @@
+diff --git a/components/browsing_data/content/browsing_data_helper.cc b/components/browsing_data/content/browsing_data_helper.cc
+index 7d9f7945a59b302a5eab7d0e1fb4d0855ba2eab1..ab064f3b8e129d59e4956545c7928c3854aa8836 100644
+--- a/components/browsing_data/content/browsing_data_helper.cc
++++ b/components/browsing_data/content/browsing_data_helper.cc
+@@ -39,7 +39,7 @@ bool WebsiteSettingsFilterAdapter(
+   // Website settings only use origin-scoped patterns. The only content setting
+   // this filter is used for is DURABLE_STORAGE, which also only uses
+   // origin-scoped patterns. Such patterns can be directly translated to a GURL.
+-  GURL url(primary_pattern.ToString());
++  GURL url(primary_pattern.ToRepresentativeUrl());
+   DCHECK(url.is_valid()) << "url: '" << url.possibly_invalid_spec() << "' "
+                          << "pattern: '" << primary_pattern.ToString() << "'";
+   return predicate.Run(url);
@@ -47,7 +47,7 @@ inline uint64_t lfsr_next(uint64_t v) {
 
 namespace brave {
 
-const char kBraveSessionToken[] = "brave_session_token";
+// const char kBraveSessionToken[] = "brave_session_token";
 const char BraveSessionCache::kSupplementName[] = "BraveSessionCache";
 const int kFarbledUserAgentMaxExtraSpaces = 5;
 
@@ -202,31 +202,37 @@ BraveSessionCache::BraveSessionCache(ExecutionContext& context)
   if (domain.empty())
     return;
 
-  base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess();
-  base::StringToUint64(
-      cmd_line->HasSwitch(kBraveSessionToken)
-          ? cmd_line->GetSwitchValueASCII(kBraveSessionToken)
-          // https://github.com/brave/brave-browser/issues/22021
-          : "23456",  // this is intentionally different from the test default
-                      // of 12345 so we can still detect any switch issues in
-                      // our farbling tests
-      &session_key_);
-
-  crypto::HMAC h(crypto::HMAC::SHA256);
-  CHECK(h.Init(reinterpret_cast<const unsigned char*>(&session_key_),
-               sizeof session_key_));
-  CHECK(h.Sign(domain, domain_key_, sizeof domain_key_));
+  // base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess();
+  // base::StringToUint64(
+  //     cmd_line->HasSwitch(kBraveSessionToken)
+  //         ? cmd_line->GetSwitchValueASCII(kBraveSessionToken)
+  //         // https://github.com/brave/brave-browser/issues/22021
+  //         : "23456",  // this is intentionally different from the test
+  //         default
+  //                     // of 12345 so we can still detect any switch issues in
+  //                     // our farbling tests
+  //     &session_key_);
+
+  // crypto::HMAC h(crypto::HMAC::SHA256);
+  // CHECK(h.Init(reinterpret_cast<const unsigned char*>(&session_key_),
+  //              sizeof session_key_));
+  // CHECK(h.Sign(domain, domain_key_, sizeof domain_key_));
   settings_client_ = GetContentSettingsClientFor(&context, true);
   if (settings_client_ != nullptr) {
-    auto shields_settings = settings_client_->GetBraveShieldsSettings(
+    default_shields_settings_ = settings_client_->GetBraveShieldsSettings(
         ContentSettingsType::BRAVE_WEBCOMPAT_NONE);
     farbling_level_ =
         base::FeatureList::IsEnabled(
             brave_shields::features::kBraveShowStrictFingerprintingMode)
-            ? shields_settings->farbling_level
-            : (shields_settings->farbling_level == BraveFarblingLevel::OFF
+            ? default_shields_settings_->farbling_level
+            : (default_shields_settings_->farbling_level ==
+                       BraveFarblingLevel::OFF
                    ? BraveFarblingLevel::OFF
                    : BraveFarblingLevel::BALANCED);
+    base::ranges::copy(default_shields_settings_->farbling_token.AsBytes(),
+                       domain_key_);
+    base::ranges::copy(default_shields_settings_->farbling_token.AsBytes(),
+                       domain_key_ + 16);
   }
 }
 

@@ -102,6 +102,7 @@ class CORE_EXPORT BraveSessionCache final
   uint8_t domain_key_[32];
   WTF::HashMap<FarbleKey, int> farbled_integers_;
   BraveFarblingLevel farbling_level_;
+  brave_shields::mojom::ShieldsSettingsPtr default_shields_settings_;
   std::optional<blink::BraveAudioFarblingHelper> audio_farbling_helper_;
   WTF::HashMap<ContentSettingsType, BraveFarblingLevel> farbling_levels_;
   blink::WebContentSettingsClient* settings_client_ = nullptr;