HSTS fingerprinting should not be tied to shield settings.

brave · Feb 28, 2019 · 80eaac6 · 80eaac6
1 parent f83d939
commit 80eaac6
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 47 deletions.
diff --git a/browser/net/brave_network_delegate_base.cc b/browser/net/brave_network_delegate_base.cc
@@ -70,22 +70,6 @@ void RemoveTrackableSecurityHeadersForThirdParty(
     return;
   }
 
-  bool allow_brave_shields = brave_shields::IsAllowContentSettingFromIO(
-      request, top_frame_origin.GetURL(), request_url,
-      CONTENT_SETTINGS_TYPE_PLUGINS, brave_shields::kBraveShields);
-
-  if (!allow_brave_shields) {
-    return;
-  }
-
-  bool allow_fingerprinting = brave_shields::IsAllowContentSettingFromIO(
-      request, top_frame_origin.GetURL(), request_url,
-      CONTENT_SETTINGS_TYPE_PLUGINS, brave_shields::kFingerprinting);
-
-  if (allow_fingerprinting) {
-    return;
-  }
-
   if (!override_response_headers->get()) {
     *override_response_headers =
         new net::HttpResponseHeaders(original_response_headers->raw_headers());

diff --git a/browser/net/brave_network_delegate_hsts_fingerprinting_browsertest.cc b/browser/net/brave_network_delegate_hsts_fingerprinting_browsertest.cc
@@ -71,20 +71,6 @@ class BraveNetworkDelegateBaseBrowserTest : public InProcessBrowserTest {
     return browser()->tab_strip_model()->GetActiveWebContents();
   }
 
-  void AllowFingerprinting() {
-    content_settings()->SetContentSettingCustomScope(
-        first_party_pattern_, ContentSettingsPattern::Wildcard(),
-        CONTENT_SETTINGS_TYPE_PLUGINS, brave_shields::kFingerprinting,
-        CONTENT_SETTING_ALLOW);
-  }
-
-  void BlockFingerprinting() {
-    content_settings()->SetContentSettingCustomScope(
-        first_party_pattern_, ContentSettingsPattern::Wildcard(),
-        CONTENT_SETTINGS_TYPE_PLUGINS, brave_shields::kFingerprinting,
-        CONTENT_SETTING_BLOCK);
-  }
-
   HostContentSettingsMap* content_settings() {
     return HostContentSettingsMapFactory::GetForProfile(browser()->profile());
   }
@@ -105,8 +91,6 @@ IN_PROC_BROWSER_TEST_F(BraveNetworkDelegateBaseBrowserTest, FirstPartySTS) {
 }
 
 IN_PROC_BROWSER_TEST_F(BraveNetworkDelegateBaseBrowserTest, ThirdPartySTS) {
-  BlockFingerprinting();
-
   const GURL third_party =
       embedded_test_server()->GetURL("c.com", "/iframe_hsts.html");
   const GURL first_party =
@@ -117,18 +101,3 @@ IN_PROC_BROWSER_TEST_F(BraveNetworkDelegateBaseBrowserTest, ThirdPartySTS) {
 
   EXPECT_FALSE(redirect_observer.has_sts_header(third_party));
 }
-
-IN_PROC_BROWSER_TEST_F(BraveNetworkDelegateBaseBrowserTest,
-                       ThirdPartySTS_AllowFingerprinting) {
-  AllowFingerprinting();
-
-  const GURL third_party =
-      embedded_test_server()->GetURL("c.com", "/iframe_hsts.html");
-  const GURL first_party =
-      embedded_test_server()->GetURL("a.com", "/hsts.html");
-
-  RedirectObserver redirect_observer(active_contents());
-  ui_test_utils::NavigateToURL(browser(), first_party);
-
-  EXPECT_TRUE(redirect_observer.has_sts_header(third_party));
-}