| // Copyright 2018 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "net/base/features.h" |
| |
| #include <vector> |
| |
| #include "base/feature_list.h" |
| #include "build/build_config.h" |
| #include "net/base/cronet_buildflags.h" |
| #include "net/net_buildflags.h" |
| |
| namespace net::features { |
| |
| BASE_FEATURE(kAlpsForHttp2, "AlpsForHttp2", base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kAvoidH2Reprioritization, |
| "AvoidH2Reprioritization", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kCapReferrerToOriginOnCrossOrigin, |
| "CapReferrerToOriginOnCrossOrigin", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kDnsTransactionDynamicTimeouts, |
| "DnsTransactionDynamicTimeouts", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| const base::FeatureParam<double> kDnsTransactionTimeoutMultiplier{ |
| &kDnsTransactionDynamicTimeouts, "DnsTransactionTimeoutMultiplier", 7.5}; |
| |
| const base::FeatureParam<base::TimeDelta> kDnsMinTransactionTimeout{ |
| &kDnsTransactionDynamicTimeouts, "DnsMinTransactionTimeout", |
| base::Seconds(12)}; |
| |
| BASE_FEATURE(kUseDnsHttpsSvcb, |
| "UseDnsHttpsSvcb", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| const base::FeatureParam<bool> kUseDnsHttpsSvcbEnforceSecureResponse{ |
| &kUseDnsHttpsSvcb, "UseDnsHttpsSvcbEnforceSecureResponse", false}; |
| |
| const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbInsecureExtraTimeMax{ |
| &kUseDnsHttpsSvcb, "UseDnsHttpsSvcbInsecureExtraTimeMax", |
| base::Milliseconds(50)}; |
| |
| const base::FeatureParam<int> kUseDnsHttpsSvcbInsecureExtraTimePercent{ |
| &kUseDnsHttpsSvcb, "UseDnsHttpsSvcbInsecureExtraTimePercent", 20}; |
| |
| const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbInsecureExtraTimeMin{ |
| &kUseDnsHttpsSvcb, "UseDnsHttpsSvcbInsecureExtraTimeMin", |
| base::Milliseconds(5)}; |
| |
| const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbSecureExtraTimeMax{ |
| &kUseDnsHttpsSvcb, "UseDnsHttpsSvcbSecureExtraTimeMax", |
| base::Milliseconds(50)}; |
| |
| const base::FeatureParam<int> kUseDnsHttpsSvcbSecureExtraTimePercent{ |
| &kUseDnsHttpsSvcb, "UseDnsHttpsSvcbSecureExtraTimePercent", 20}; |
| |
| const base::FeatureParam<base::TimeDelta> kUseDnsHttpsSvcbSecureExtraTimeMin{ |
| &kUseDnsHttpsSvcb, "UseDnsHttpsSvcbSecureExtraTimeMin", |
| base::Milliseconds(5)}; |
| |
| BASE_FEATURE(kUseDnsHttpsSvcbAlpn, |
| "UseDnsHttpsSvcbAlpn", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| const base::FeatureParam<int> kAlternativePortForGloballyReachableCheck{ |
| &kUseAlternativePortForGloballyReachableCheck, |
| "AlternativePortForGloballyReachableCheck", 443}; |
| |
| BASE_FEATURE(kUseAlternativePortForGloballyReachableCheck, |
| "UseAlternativePortForGloballyReachableCheck", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEnableIPv6ReachabilityOverride, |
| "EnableIPv6ReachabilityOverride", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSHA1ServerSignature, |
| "SHA1ServerSignature", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEnableTLS13EarlyData, |
| "EnableTLS13EarlyData", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEncryptedClientHello, |
| "EncryptedClientHello", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEncryptedClientHelloQuic, |
| "EncryptedClientHelloQuic", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kRSAKeyUsageForLocalAnchors, |
| "RSAKeyUsageForLocalAnchors", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kNetworkQualityEstimator, |
| "NetworkQualityEstimator", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSplitCacheByIncludeCredentials, |
| "SplitCacheByIncludeCredentials", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSplitCacheByNetworkIsolationKey, |
| "SplitCacheByNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSplitCodeCacheByNetworkIsolationKey, |
| "SplitCodeCacheByNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSplitHostCacheByNetworkIsolationKey, |
| "SplitHostCacheByNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPartitionConnectionsByNetworkIsolationKey, |
| "PartitionConnectionsByNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPartitionHttpServerPropertiesByNetworkIsolationKey, |
| "PartitionHttpServerPropertiesByNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPartitionSSLSessionsByNetworkIsolationKey, |
| "PartitionSSLSessionsByNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPartitionNelAndReportingByNetworkIsolationKey, |
| "PartitionNelAndReportingByNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEnableCrossSiteFlagNetworkIsolationKey, |
| "EnableCrossSiteFlagNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| BASE_FEATURE(kEnableFrameSiteSharedOpaqueNetworkIsolationKey, |
| "EnableFrameSiteSharedOpaqueNetworkIsolationKey", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| BASE_FEATURE(kHttpCacheKeyingExperimentControlGroup, |
| "HttpCacheKeyingExperimentControlGroup", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kTLS13KeyUpdate, |
| "TLS13KeyUpdate", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPermuteTLSExtensions, |
| "PermuteTLSExtensions", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPostQuantumKyber, |
| "PostQuantumKyber", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kNetUnusedIdleSocketTimeout, |
| "NetUnusedIdleSocketTimeout", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kShortLaxAllowUnsafeThreshold, |
| "ShortLaxAllowUnsafeThreshold", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSameSiteDefaultChecksMethodRigorously, |
| "SameSiteDefaultChecksMethodRigorously", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| #if BUILDFLAG(CHROME_ROOT_STORE_OPTIONAL) |
| BASE_FEATURE(kChromeRootStoreUsed, |
| "ChromeRootStoreUsed", |
| #if BUILDFLAG(IS_ANDROID) |
| base::FEATURE_ENABLED_BY_DEFAULT |
| #else |
| base::FEATURE_DISABLED_BY_DEFAULT |
| #endif |
| ); |
| #endif // BUILDFLAG(CHROME_ROOT_STORE_OPTIONAL) |
| |
| #if BUILDFLAG(IS_MAC) || BUILDFLAG(USE_NSS_CERTS) || BUILDFLAG(IS_WIN) |
| BASE_FEATURE(kTrustStoreTrustedLeafSupport, |
| "TrustStoreTrustedLeafSupport", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| #endif |
| |
| BASE_FEATURE(kTurnOffStreamingMediaCachingOnBattery, |
| "TurnOffStreamingMediaCachingOnBattery", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kTurnOffStreamingMediaCachingAlways, |
| "TurnOffStreamingMediaCachingAlways", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSchemefulSameSite, |
| "SchemefulSameSite", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kLimitOpenUDPSockets, |
| "LimitOpenUDPSockets", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| extern const base::FeatureParam<int> kLimitOpenUDPSocketsMax( |
| &kLimitOpenUDPSockets, |
| "LimitOpenUDPSocketsMax", |
| 6000); |
| |
| BASE_FEATURE(kTimeoutTcpConnectAttempt, |
| "TimeoutTcpConnectAttempt", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| extern const base::FeatureParam<double> kTimeoutTcpConnectAttemptRTTMultiplier( |
| &kTimeoutTcpConnectAttempt, |
| "TimeoutTcpConnectAttemptRTTMultiplier", |
| 5.0); |
| |
| extern const base::FeatureParam<base::TimeDelta> kTimeoutTcpConnectAttemptMin( |
| &kTimeoutTcpConnectAttempt, |
| "TimeoutTcpConnectAttemptMin", |
| base::Seconds(8)); |
| |
| extern const base::FeatureParam<base::TimeDelta> kTimeoutTcpConnectAttemptMax( |
| &kTimeoutTcpConnectAttempt, |
| "TimeoutTcpConnectAttemptMax", |
| base::Seconds(30)); |
| |
| #if BUILDFLAG(ENABLE_REPORTING) |
| BASE_FEATURE(kDocumentReporting, |
| "DocumentReporting", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| #endif // BUILDFLAG(ENABLE_REPORTING) |
| |
| #if BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA) |
| BASE_FEATURE(kUdpSocketPosixAlwaysUpdateBytesReceived, |
| "UdpSocketPosixAlwaysUpdateBytesReceived", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| #endif // BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_FUCHSIA) |
| |
| BASE_FEATURE(kCookieSameSiteConsidersRedirectChain, |
| "CookieSameSiteConsidersRedirectChain", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kWaitForFirstPartySetsInit, |
| "WaitForFirstPartySetsInit", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPartitionedCookies, |
| "PartitionedCookies", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kBlockTruncatedCookies, |
| "BlockTruncatedCookies", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kStaticKeyPinningEnforcement, |
| "StaticKeyPinningEnforcement", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kCookieDomainRejectNonASCII, |
| "CookieDomainRejectNonASCII", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| // Enables partitioning of third party storage (IndexedDB, CacheStorage, etc.) |
| // by the top level site to reduce fingerprinting. |
| BASE_FEATURE(kThirdPartyStoragePartitioning, |
| "ThirdPartyStoragePartitioning", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| // Whether to use the new code paths needed to support partitioning Blob URLs. |
| // This exists as a kill-switch in case an issue is identified with the Blob |
| // URL implementation that causes breakage. |
| BASE_FEATURE(kSupportPartitionedBlobUrl, |
| "SupportPartitionedBlobUrl", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kTpcdSupportSettings, |
| "TpcdSupportSettings", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kTpcdMetadataGrants, |
| "TpcdMetadataGrants", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kAlpsParsing, "AlpsParsing", base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kAlpsClientHintParsing, |
| "AlpsClientHintParsing", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kShouldKillSessionOnAcceptChMalformed, |
| "ShouldKillSessionOnAcceptChMalformed", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kCaseInsensitiveCookiePrefix, |
| "CaseInsensitiveCookiePrefix", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEnableWebsocketsOverHttp3, |
| "EnableWebsocketsOverHttp3", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kUseNAT64ForIPv4Literal, |
| "UseNAT64ForIPv4Literal", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kBlockNewForbiddenHeaders, |
| "BlockNewForbiddenHeaders", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| #if BUILDFLAG(IS_WIN) |
| BASE_FEATURE(kPlatformKeyProbeSHA256, |
| "PlatformKeyProbeSHA256", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| // Disabled because of https://crbug.com/1489696. |
| BASE_FEATURE(kEnableGetNetworkConnectivityHintAPI, |
| "EnableGetNetworkConnectivityHintAPI", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| #endif |
| |
| // Prefetch to follow normal semantics instead of 5-minute rule |
| // https://crbug.com/1345207 |
| BASE_FEATURE(kPrefetchFollowsNormalCacheSemantics, |
| "PrefetchFollowsNormalCacheSemantics", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| // A flag for new Kerberos feature, that suggests new UI |
| // when Kerberos authentication in browser fails on ChromeOS. |
| // b/260522530 |
| #if BUILDFLAG(IS_CHROMEOS) |
| BASE_FEATURE(kKerberosInBrowserRedirect, |
| "KerberosInBrowserRedirect", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| #endif |
| |
| // A flag to use asynchronous session creation for new QUIC sessions. |
| BASE_FEATURE(kAsyncQuicSession, |
| "AsyncQuicSession", |
| #if BUILDFLAG(IS_WIN) |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| #else |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| #endif |
| |
| // A flag to make multiport context creation asynchronous. |
| BASE_FEATURE(kAsyncMultiPortPath, |
| "AsyncMultiPortPath", |
| #if !BUILDFLAG(CRONET_BUILD) && (BUILDFLAG(IS_WIN) || BUILDFLAG(IS_ANDROID)) |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| #else |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| #endif |
| |
| // IP protection experiment configuration settings |
| BASE_FEATURE(kEnableIpProtectionProxy, |
| "EnableIpPrivacyProxy", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| const base::FeatureParam<std::string> kIpPrivacyTokenServer{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyTokenServer", |
| /*default_value=*/"https://phosphor-pa.googleapis.com"}; |
| |
| const base::FeatureParam<std::string> kIpPrivacyTokenServerGetInitialDataPath{ |
| &kEnableIpProtectionProxy, |
| /*name=*/"IpPrivacyTokenServerGetInitialDataPath", |
| /*default_value=*/"/v1/ipblinding/getInitialData"}; |
| |
| const base::FeatureParam<std::string> kIpPrivacyTokenServerGetTokensPath{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyTokenServerGetTokensPath", |
| /*default_value=*/"/v1/ipblinding/auth"}; |
| |
| const base::FeatureParam<std::string> kIpPrivacyTokenServerGetProxyConfigPath{ |
| &kEnableIpProtectionProxy, |
| /*name=*/"IpPrivacyTokenServerGetProxyConfigPath", |
| /*default_value=*/"/v1/ipblinding/getProxyConfig"}; |
| |
| const base::FeatureParam<int> kIpPrivacyAuthTokenCacheBatchSize{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyAuthTokenCacheBatchSize", |
| /*default_value=*/64}; |
| |
| const base::FeatureParam<int> kIpPrivacyAuthTokenCacheLowWaterMark{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyAuthTokenCacheLowWaterMark", |
| /*default_value=*/16}; |
| |
| const base::FeatureParam<base::TimeDelta> kIpPrivacyProxyListFetchInterval{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyProxyListFetchInterval", |
| /*default_value=*/base::Hours(1)}; |
| |
| const base::FeatureParam<base::TimeDelta> kIpPrivacyProxyListMinFetchInterval{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyProxyMinListFetchInterval", |
| /*default_value=*/base::Minutes(1)}; |
| |
| const base::FeatureParam<bool> kIpPrivacyDirectOnly{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyDirectOnly", |
| /*default_value=*/false}; |
| |
| const base::FeatureParam<bool> kIpPrivacyBsaEnablePrivacyPass{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyBsaEnablePrivacyPass", |
| /*default_value=*/false}; |
| |
| const base::FeatureParam<std::string> kIpPrivacyProxyBPsk{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyProxyBPsk", |
| /*default_value=*/""}; |
| |
| const base::FeatureParam<bool> kIpPrivacyUseProxyChains{ |
| &kEnableIpProtectionProxy, /*name=*/"IpPrivacyUseProxyChains", |
| /*default_value=*/false}; |
| |
| // Network-change migration requires NetworkHandle support, which are currently |
| // only supported on Android (see |
| // NetworkChangeNotifier::AreNetworkHandlesSupported). |
| #if BUILDFLAG(IS_ANDROID) |
| inline constexpr auto kMigrateSessionsOnNetworkChangeV2Default = |
| base::FEATURE_DISABLED_BY_DEFAULT; |
| #else // !BUILDFLAG(IS_ANDROID) |
| inline constexpr auto kMigrateSessionsOnNetworkChangeV2Default = |
| base::FEATURE_DISABLED_BY_DEFAULT; |
| #endif // BUILDFLAG(IS_ANDROID) |
| BASE_FEATURE(kMigrateSessionsOnNetworkChangeV2, |
| "MigrateSessionsOnNetworkChangeV2", |
| kMigrateSessionsOnNetworkChangeV2Default); |
| |
| BASE_FEATURE(kDisableBlackholeOnNoNewNetwork, |
| "DisableBlackHoleOnNoNewNetwork", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| #if BUILDFLAG(IS_LINUX) |
| BASE_FEATURE(kAddressTrackerLinuxIsProxied, |
| "AddressTrackerLinuxIsProxied", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| #endif // BUILDFLAG(IS_LINUX) |
| |
| // Enables binding of cookies to the port that originally set them by default. |
| BASE_FEATURE(kEnablePortBoundCookies, |
| "EnablePortBoundCookies", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| // Enables binding of cookies to the scheme that originally set them. |
| NET_EXPORT BASE_DECLARE_FEATURE(kEnableSchemeBoundCookies); |
| BASE_FEATURE(kEnableSchemeBoundCookies, |
| "EnableSchemeBoundCookies", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| // Enable third-party cookie blocking from the command line. |
| BASE_FEATURE(kForceThirdPartyCookieBlocking, |
| "ForceThirdPartyCookieBlockingEnabled", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEnableEarlyHintsOnHttp11, |
| "EnableEarlyHintsOnHttp11", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kEnableWebTransportDraft07, |
| "EnableWebTransportDraft07", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kZstdContentEncoding, |
| "ZstdContentEncoding", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| // When enabled, partitioned storage will be allowed even if third-party cookies |
| // are disabled by default. Partitioned storage will not be allowed if |
| // third-party cookies are disabled due to a specific rule. |
| BASE_FEATURE(kThirdPartyPartitionedStorageAllowedByDefault, |
| "ThirdPartyPartitionedStorageAllowedByDefault", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kPriorityHeader, |
| "PriorityHeader", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kSpdyHeadersToHttpResponseUseBuilder, |
| "SpdyHeadersToHttpResponseUseBuilder", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kReceiveEcn, "ReceiveEcn", base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| // TODO(crbug.com/634470): Remove this feature flag in January 2024 if the new |
| // limit sticks. |
| BASE_FEATURE(kNewCertPathBuilderIterationLimit, |
| "NewCertPathBuilderIterationLimit", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kUseAlpsNewCodepoint, |
| "UseAlpsNewCodepoint", |
| base::FEATURE_DISABLED_BY_DEFAULT); |
| |
| BASE_FEATURE(kTreatHTTPExpiresHeaderValueZeroAsExpired, |
| "TreatHTTPExpiresHeaderValueZeroAsExpired", |
| base::FEATURE_ENABLED_BY_DEFAULT); |
| |
| } // namespace net::features |
