Implement Global Privacy Control

[antonok-edm]

Resolves brave/brave-browser#11917

Submitter Checklist:

• Submitted a ticket for my issue if one did not already exist.
• Used Github auto-closing keywords in the commit message.
• Added/updated tests for this change (for new code or code which already has tests).
• Verified that these changes build without errors on
  • Android
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that these changes pass automated tests (unit, browser, security tests) on
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that all lint errors/warnings are resolved (npm run lint, npm run gn_check)
• Ran git rebase master (if needed).
• Ran git rebase -i to squash commits (if needed).
• Tagged reviewers and labelled the pull request as needed.
• Request a security/privacy review as needed.
• Add appropriate QA labels (QA/Yes or QA/No) to include the closed issue in milestone
• Public documentation has been updated as necessary. For instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Custom-Headers
  • https://github.com/brave/brave-browser/wiki/Web-compatibility-issues-with-tracking-protection
  • https://github.com/brave/brave-browser/wiki/QA-Guide

Test Plan:

This feature is gated in Nightly, so these tests will not work in Release or Beta.

Sec-GPC header

With the Network tab of the Developer Tools open, navigate to an HTTPS webpage of your choice. Choose a few requests at random and verify that the "Sec-GPC" header is set and has a value of "1".

globalPrivacyControl API

Open the Console in the Developer Tools, and verify that the following Javascript evaluates to true:

navigator.globalPrivacyControl

Reviewer Checklist:

• New files have MPL-2.0 license header.
• Request a security/privacy review as needed.
• Adequate test coverage exists to prevent regressions
• Verify test plan is specified in PR before merging to source

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on.
• All relevant documentation has been updated.

[bridiver]

avoid inline methods

[bridiver]

it's better to encapsulate feature checks inside the relevant code, so rather than conditionally including the helper, you should always include it and conditionally add the header inside it

[bridiver]

we want this enabled by default in nightly, right? You can check the release channel in BraveMainDelegate::BasicStartupComplete and conditionally add it to the list of enabled features

[bridiver]

we should have tests for the api and also for the header

[iefremov]

do we need it for all requests, or just for navigations/downloads?

[antonok-edm]

Talked to @pes10k about this as it's not currently described anywhere - he will try to get that clarified in the spec but there shouldn't be any harm in doing it this way.

[pes10k]

just heard back, its intended to be on every request

[iefremov]

clang-format

[iefremov]

can we add a comment, link to the spec?

[antonok-edm]

Spec is currently not public, so there isn't a stable URL for it at the moment unfortunately

[bbondy]

Perhaps just a comment or link to a wiki on brave-browser

[antonok-edm]

I added a comment from the spec

[iefremov]

just curious - why this is NOLINT

[antonok-edm]

Lint asks for const Navigator& but then it doesn't match the IDL generated header.

[iefremov]

I don't think you really need to craft responses, the same can be achieved with RegisterRequestMonitor - e.g. see BraveContentSettingsAgentImplBrowserTest. Also this callback is called on IO thread, so acess to header_result_ should be guarded

[iefremov]

no need for observers, just ui_test_utils::NavigateToURL

[iefremov]

AFAIK this is deprecated in favor of EvalJs

[iefremov]

EXPECT_TRUE

[antonok-edm]

Can't use EXPECT_TRUE with EvalJs, so I'm leaving EXPECT_EQ here

[iefremov]

mb just disable feature in the test itself?

[iefremov]

not needed now

[iefremov]

we probably should use kSecGpcHeader from network_constants.h

[iefremov]

super small nit:

auto it = request.headers.find("Sec-GPC");
if (it == request.headers.end()) { 
... }
else if (it->second != "1") {
... }
else {
... }

[iefremov]

enum class, also I think preferable naming for constants is kOk, kNoRequest, etc

[bbondy]

I believe we want to check base::FeatureList::IsEnabled here

[antonok-edm]

@bbondy I discussed this with @iefremov and @bridiver in DMs - there isn't a way to gate the presence of the IDL-generated API by a feature flag. We've decided it's fine since this is purely a new API and shouldn't break webcompat anywhere. And if it has to exist, better to just always return true rather than false.

[bbondy]

ok

[pes10k]

lgtm