commit ec33cc5db0dc6ec24350496e825f945ca529b2aa
author Aiden Chiavatti <chiav@chromium.org> Mon Apr 22 18:55:56 2024
committer Chromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com> Mon Apr 22 18:55:56 2024
tree 842e6456c75af4229ea0c6525764ae674297cf60
parent e83a2e3fee7acdd4ec3b193a38f124bfe38aa990

Add initial annotation blocklist policy handler

Add initial version of a policy handler to generate a set of network
annotations that are expected be blocklisted. This set is stored into
a newly created per-profile pref, which is consumed by Network
Annotation Monitor.

All functionality is behind a disabled-by-default feature and ChromeOS
build flag. Also updated existing Network Annotation Monitor to be
guarded by ChromeOS build flag for consistency, and disabled the monitor
for multi-profile. This means the monitor is only enabled for ChromeOS
Ash and Lacros single-profile. Multi-profile support can be added later.

Bug: 332725685
Test: out/Default/browser_tests --gtest_filter='All/NetworkAnnotationMonitor*'
Test: out/Default/unit_tests --gtest_filter='NetworkAnnotation*'
Change-Id: I1cb544eb15780e6bcd91f45c11b56fc8158a0703
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5393462
Reviewed-by: Yann Dago <ydago@chromium.org>
Reviewed-by: mmenke <mmenke@chromium.org>
Reviewed-by: Gabriel Charette <gab@chromium.org>
Commit-Queue: Aiden Chiavatti <chiav@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1290821}

chrome/browser/prefs/browser_prefs.cc

diff --git a/chrome/browser/prefs/browser_prefs.cc b/chrome/browser/prefs/browser_prefs.cc
index 74f968f8..4d3d0a7d2 100644
--- a/chrome/browser/prefs/browser_prefs.cc
+++ b/chrome/browser/prefs/browser_prefs.cc
@@ -319,6 +319,7 @@
 #include "chrome/browser/extensions/api/document_scan/document_scan_api_handler.h"
 #include "chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.h"
 #include "chrome/browser/memory/oom_kills_monitor.h"
+#include "chrome/browser/policy/annotations/blocklist_handler.h"
 #include "chrome/browser/policy/networking/policy_cert_service.h"
 #include "chrome/browser/policy/system_features_disable_list_policy_handler.h"
 #include "chrome/browser/ui/webui/certificates_handler.h"
@@ -2023,6 +2024,7 @@
   certificate_manager::CertificatesHandler::RegisterProfilePrefs(registry);
   chromeos::cloud_storage::RegisterProfilePrefs(registry);
   chromeos::cloud_upload::RegisterProfilePrefs(registry);
+  policy::NetworkAnnotationBlocklistHandler::RegisterPrefs(registry);
   policy::PolicyCertService::RegisterProfilePrefs(registry);
   quickoffice::RegisterProfilePrefs(registry);
   registry->RegisterBooleanPref(prefs::kDeskAPIThirdPartyAccessEnabled, false);