[client hints] Send sec-ch-ua-mobile by default

This is basically Aaron Tagliaboschi's:
https://chromium-review.googlesource.com/c/chromium/src/+/2012902
just with a bit of additional updated of tests.

See https://github.com/WICG/ua-client-hints/issues/15 for rationale.

Change-Id: I6562cf1a78ceb4eff18baf793cb89143782f9b7b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2047410
Commit-Queue: Maksim Orlovich <morlovich@chromium.org>
Reviewed-by: Yoav Weiss <yoavweiss@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#741152}

chrome/browser/client_hints/client_hints_browsertest.cc

@@ -145,6 +145,7 @@ class ClientHintsBrowserTest : public InProcessBrowserTest,
         expect_client_hints_on_main_frame_(false),
         expect_client_hints_on_subresources_(false),
         count_user_agent_hint_headers_seen_(0),
+        count_ua_mobile_client_hints_headers_seen_(0),
         count_client_hints_headers_seen_(0),
         request_interceptor_(nullptr) {
     http_server_.ServeFilesFromSourceDirectory("chrome/test/data/client_hints");
@@ -408,6 +409,11 @@ class ClientHintsBrowserTest : public InProcessBrowserTest,
     return count_user_agent_hint_headers_seen_;
   }
 
+  size_t count_ua_mobile_client_hints_headers_seen() const {
+    base::AutoLock lock(count_headers_lock_);
+    return count_ua_mobile_client_hints_headers_seen_;
+  }
+
   size_t count_client_hints_headers_seen() const {
     base::AutoLock lock(count_headers_lock_);
     return count_client_hints_headers_seen_;
@@ -589,6 +595,9 @@ class ClientHintsBrowserTest : public InProcessBrowserTest,
         // The user agent hint is special:
         if (std::string(blink::kClientHintsHeaderMapping[i]) == "sec-ch-ua") {
           count_user_agent_hint_headers_seen_++;
+        } else if (std::string(blink::kClientHintsHeaderMapping[i]) ==
+                   "sec-ch-ua-mobile") {
+          count_ua_mobile_client_hints_headers_seen_++;
         } else {
           count_client_hints_headers_seen_++;
         }
@@ -606,8 +615,10 @@ class ClientHintsBrowserTest : public InProcessBrowserTest,
         continue;
       }
 
-      // `Sec-CH-UA` is attached on all requests.
-      if (std::string(blink::kClientHintsHeaderMapping[i]) == "sec-ch-ua") {
+      // `Sec-CH-UA` and `Sec-CH-UA-Mobile` is attached on all requests.
+      if (std::string(blink::kClientHintsHeaderMapping[i]) == "sec-ch-ua" ||
+          std::string(blink::kClientHintsHeaderMapping[i]) ==
+              "sec-ch-ua-mobile") {
         continue;
       }
 
@@ -714,6 +725,7 @@ class ClientHintsBrowserTest : public InProcessBrowserTest,
   bool expect_client_hints_on_subresources_;
 
   size_t count_user_agent_hint_headers_seen_;
+  size_t count_ua_mobile_client_hints_headers_seen_;
   size_t count_client_hints_headers_seen_;
 
   std::unique_ptr<ThirdPartyURLLoaderInterceptor> request_interceptor_;
@@ -831,12 +843,13 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   content::FetchHistogramsFromChildProcesses();
   SubprocessMetricsProvider::MergeHistogramDeltasForTesting();
 
-  // The user agent hint is attached to all three requests:
+  // The user agent hint is attached to all three requests, as is UA-mobile:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
-  // Eleven client hints are attached to the image request, and eleven to the
+  // Ten other client hints are attached to the image request, and ten to the
   // main frame request.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 
   // Navigating to without_accept_ch_without_lifetime_img_foo_com() should not
   // attach client hints to the image subresouce contained in that page since
@@ -849,15 +862,15 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The device-memory and dprheader is attached to the main frame request.
 #if defined(OS_ANDROID)
-  EXPECT_EQ(11u, count_client_hints_headers_seen());
+  EXPECT_EQ(10u, count_client_hints_headers_seen());
 #else
-  EXPECT_EQ(33u, count_client_hints_headers_seen());
+  EXPECT_EQ(30u, count_client_hints_headers_seen());
 #endif
 
   // Requests to third party servers should have only one client hint attached
   // (`Sec-CH-UA`).
   EXPECT_EQ(1u, third_party_request_count_seen());
-  EXPECT_EQ(1u, third_party_client_hints_count_seen());
+  EXPECT_EQ(2u, third_party_client_hints_count_seen());
 }
 
 // Verify that we send only major version information in the `Sec-CH-UA` header
@@ -901,14 +914,14 @@ IN_PROC_BROWSER_TEST_P(ClientHintsAllowThirdPartyBrowserTest,
   ui_test_utils::NavigateToURL(browser(), gurl);
   histogram_tester.ExpectTotalCount("ClientHints.UpdateEventCount", 0);
 
-  EXPECT_EQ(11u, count_client_hints_headers_seen());
+  EXPECT_EQ(10u, count_client_hints_headers_seen());
 
   // Requests to third party servers should not have client hints attached.
   EXPECT_EQ(1u, third_party_request_count_seen());
 
   // Device memory, viewport width, DRP, and UA client hints should be sent to
   // the third-party when feature "AllowClientHintsToThirdParty" is enabled.
-  EXPECT_EQ(4u, third_party_client_hints_count_seen());
+  EXPECT_EQ(5u, third_party_client_hints_count_seen());
 }
 
 // Test that client hints are not attached to third party subresources if
@@ -929,7 +942,8 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   histogram_tester.ExpectTotalCount("ClientHints.UpdateEventCount", 0);
 
   EXPECT_EQ(2u, count_user_agent_hint_headers_seen());
-  EXPECT_EQ(11u, count_client_hints_headers_seen());
+  EXPECT_EQ(2u, count_ua_mobile_client_hints_headers_seen());
+  EXPECT_EQ(10u, count_client_hints_headers_seen());
 
   // Requests to third party servers should not have client hints attached.
   EXPECT_EQ(1u, third_party_request_count_seen());
@@ -937,7 +951,7 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   // Client hints should not be sent to the third-party when feature
   // "AllowClientHintsToThirdParty" is not enabled, with the exception of the
   // `Sec-CH-UA` hint, which is sent with every request.
-  EXPECT_EQ(1u, third_party_client_hints_count_seen());
+  EXPECT_EQ(2u, third_party_client_hints_count_seen());
 }
 
 // Loads a HTTPS webpage that does not request persisting of client hints.
@@ -1119,10 +1133,11 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The user agent hint is attached to all three requests:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
-  // Eleven client hints are attached to the image request, and eleven to the
+  // Ten other client hints are attached to the image request, and ten to the
   // main frame request.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 }
 
 // Loads a webpage that does not request persisting of client hints.
@@ -1182,10 +1197,11 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The user agent hint is attached to all three requests:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
-  // Eleven client hints are attached to the image request, and eleven to the
+  // Ten other client hints are attached to the image request, and ten to the
   // main frame request.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 }
 
 // Verify that expired persistent client hint preferences are not used.
@@ -1235,6 +1251,7 @@ IN_PROC_BROWSER_TEST_F(ClientHintsBrowserTest,
 
   // The user agent hint is attached to all three requests:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
   // No client hints are attached to the requests since the persisted hints must
   // be expired.
@@ -1287,10 +1304,11 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The user agent hint is attached to all three requests:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
-  // Eleven client hints are attached to the image request, and eleven to the
+  // Ten other client hints are attached to the image request, and ten to the
   // main frame request.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 }
 
 // Ensure that even when cookies are blocked, client hint preferences are
@@ -1367,10 +1385,11 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The user agent hint is attached to all three requests:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
-  // Eleven client hints are attached to the image request, and eleven to the
+  // Ten other client hints are attached to the image request, and ten to the
   // main frame request.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 
   // Clear settings.
   HostContentSettingsMapFactory::GetForProfile(browser()->profile())
@@ -1442,6 +1461,7 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   content::FetchHistogramsFromChildProcesses();
   SubprocessMetricsProvider::MergeHistogramDeltasForTesting();
   EXPECT_EQ(1u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(1u, count_ua_mobile_client_hints_headers_seen());
 
   histogram_tester.ExpectUniqueSample("ClientHints.UpdateSize", 12u, 1);
   // accept_ch_with_lifetime_url() tries to set client hints persist duration to
@@ -1467,6 +1487,7 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   EXPECT_EQ(0u, count_client_hints_headers_seen());
   VerifyContentSettingsNotNotified();
   EXPECT_EQ(1u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(1u, count_ua_mobile_client_hints_headers_seen());
 
   SetJsEnabledForActiveView(true);
 
@@ -1480,6 +1501,7 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   EXPECT_EQ(0u, count_client_hints_headers_seen());
   VerifyContentSettingsNotNotified();
   EXPECT_EQ(1u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(1u, count_ua_mobile_client_hints_headers_seen());
 
   // Allow JavaScript: Client hints should now be attached.
   HostContentSettingsMapFactory::GetForProfile(browser()->profile())
@@ -1494,10 +1516,11 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The user agent hint is attached to all three requests:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
-  // Eleven client hints are attached to the image request, and eleven to the
+  // Ten other client hints are attached to the image request, and ten to the
   // main frame request.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 
   // Clear settings.
   HostContentSettingsMapFactory::GetForProfile(browser()->profile())
@@ -1563,6 +1586,7 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   ui_test_utils::NavigateToURL(browser(),
                                accept_ch_without_lifetime_img_localhost());
   EXPECT_EQ(0u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(0u, count_ua_mobile_client_hints_headers_seen());
   EXPECT_EQ(0u, count_client_hints_headers_seen());
   EXPECT_EQ(1u, third_party_request_count_seen());
   EXPECT_EQ(0u, third_party_client_hints_count_seen());
@@ -1579,9 +1603,10 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
                                accept_ch_without_lifetime_img_localhost());
 
   EXPECT_EQ(2u, count_user_agent_hint_headers_seen());
-  EXPECT_EQ(11u, count_client_hints_headers_seen());
+  EXPECT_EQ(2u, count_ua_mobile_client_hints_headers_seen());
+  EXPECT_EQ(10u, count_client_hints_headers_seen());
   EXPECT_EQ(2u, third_party_request_count_seen());
-  EXPECT_EQ(1u, third_party_client_hints_count_seen());
+  EXPECT_EQ(2u, third_party_client_hints_count_seen());
   VerifyContentSettingsNotNotified();
 
   // Clear settings.
@@ -1598,9 +1623,10 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   ui_test_utils::NavigateToURL(browser(),
                                accept_ch_without_lifetime_img_localhost());
   EXPECT_EQ(2u, count_user_agent_hint_headers_seen());
-  EXPECT_EQ(11u, count_client_hints_headers_seen());
+  EXPECT_EQ(2u, count_ua_mobile_client_hints_headers_seen());
+  EXPECT_EQ(10u, count_client_hints_headers_seen());
   EXPECT_EQ(3u, third_party_request_count_seen());
-  EXPECT_EQ(1u, third_party_client_hints_count_seen());
+  EXPECT_EQ(2u, third_party_client_hints_count_seen());
 
   // Clear settings.
   HostContentSettingsMapFactory::GetForProfile(browser()->profile())
@@ -1635,9 +1661,10 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
   SetClientHintExpectationsOnSubresources(true);
   ui_test_utils::NavigateToURL(browser(), gurl);
   EXPECT_EQ(2u, count_user_agent_hint_headers_seen());
-  EXPECT_EQ(11u, count_client_hints_headers_seen());
+  EXPECT_EQ(2u, count_ua_mobile_client_hints_headers_seen());
+  EXPECT_EQ(10u, count_client_hints_headers_seen());
   EXPECT_EQ(1u, third_party_request_count_seen());
-  EXPECT_EQ(1u, third_party_client_hints_count_seen());
+  EXPECT_EQ(2u, third_party_client_hints_count_seen());
 
   // Clear settings.
   HostContentSettingsMapFactory::GetForProfile(browser()->profile())
@@ -1688,10 +1715,11 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The user agent hint is attached to all three requests:
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
 
-  // Eleven client hints are attached to the image request, and eleven to the
+  // Ten other client hints are attached to the image request, and ten to the
   // main frame request.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 
   // Navigate using regular profile. Client hints should not be send.
   SetClientHintExpectationsOnMainFrame(false);
@@ -1701,9 +1729,10 @@ IN_PROC_BROWSER_TEST_P(ClientHintsBrowserTest,
 
   // The user agent hint is attached to the two new requests.
   EXPECT_EQ(5u, count_user_agent_hint_headers_seen());
+  EXPECT_EQ(5u, count_ua_mobile_client_hints_headers_seen());
 
   // No additional hints are sent.
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
 }
 
 class ClientHintsWebHoldbackBrowserTest : public ClientHintsBrowserTest {
@@ -1775,7 +1804,8 @@ IN_PROC_BROWSER_TEST_F(ClientHintsWebHoldbackBrowserTest,
   SubprocessMetricsProvider::MergeHistogramDeltasForTesting();
 
   EXPECT_EQ(3u, count_user_agent_hint_headers_seen());
-  EXPECT_EQ(22u, count_client_hints_headers_seen());
+  EXPECT_EQ(3u, count_ua_mobile_client_hints_headers_seen());
+  EXPECT_EQ(20u, count_client_hints_headers_seen());
   EXPECT_EQ(0u, third_party_request_count_seen());
   EXPECT_EQ(0u, third_party_client_hints_count_seen());
 }

content/browser/client_hints/client_hints.cc

@@ -498,6 +498,10 @@ void AddNavigationRequestClientHintsHeaders(
                 version.empty() ? ua.brand
                                 : base::StringPrintf("%s %s", ua.brand.c_str(),
                                                      version.c_str()));
+    // The `Sec-CH-UA-Mobile client hint was also deemed "low entropy" and can
+    // safely be sent with every request.
+    AddUAHeader(headers, blink::mojom::WebClientHintsType::kUAMobile,
+                ua.mobile ? "?1" : "?0");
 
     if (ShouldAddClientHint(
             web_client_hints, feature_policy, resource_origin,
@@ -522,14 +526,6 @@ void AddNavigationRequestClientHintsHeaders(
       AddUAHeader(headers, blink::mojom::WebClientHintsType::kUAModel,
                   ua.model);
     }
-
-    if (ShouldAddClientHint(
-            web_client_hints, feature_policy, resource_origin,
-            blink::mojom::WebClientHintsType::kUAMobile,
-            blink::mojom::FeaturePolicyFeature::kClientHintUAMobile)) {
-      AddUAHeader(headers, blink::mojom::WebClientHintsType::kUAMobile,
-                  ua.mobile ? "?1" : "?0");
-    }
   }
 
   // Static assert that triggers if a new client hint header is added. If a

third_party/blink/renderer/core/loader/frame_fetch_context.cc

@@ -554,6 +554,15 @@ void FrameFetchContext::AddClientHintsIfNecessary(
         blink::kClientHintsHeaderMapping[static_cast<size_t>(
             mojom::WebClientHintsType::kUA)],
         AddQuotes(result.ToString().Ascii()));
+
+    // We also send Sec-CH-UA-Mobile to all hints. It is a one-bit header
+    // identifying if the browser has opted for a "mobile" experience
+    // Formatted using the "sh-boolean" format from:
+    // https://httpwg.org/http-extensions/draft-ietf-httpbis-header-structure.html#boolean
+    request.SetHttpHeaderField(
+        blink::kClientHintsHeaderMapping[static_cast<size_t>(
+            mojom::WebClientHintsType::kUAMobile)],
+        ua.mobile ? "?1" : "?0");
   }
 
   // If the frame is detached, then don't send any hints other than UA.
@@ -755,19 +764,6 @@ void FrameFetchContext::AddClientHintsIfNecessary(
             mojom::WebClientHintsType::kUAModel)],
         AddQuotes(ua.model));
   }
-
-  if ((can_always_send_hints ||
-       (RuntimeEnabledFeatures::FeaturePolicyForClientHintsEnabled() &&
-        policy->IsFeatureEnabledForOrigin(
-            mojom::blink::FeaturePolicyFeature::kClientHintUAMobile,
-            resource_origin))) &&
-      ShouldSendClientHint(mojom::WebClientHintsType::kUAMobile,
-                           hints_preferences, enabled_hints)) {
-    request.SetHttpHeaderField(
-        blink::kClientHintsHeaderMapping[static_cast<size_t>(
-            mojom::WebClientHintsType::kUAMobile)],
-        ua.mobile ? "?1" : "?0");
-  }
 }
 
 void FrameFetchContext::PopulateResourceRequest(

third_party/blink/web_tests/external/wpt/client-hints/accept-ch-feature-policy.sub.https.html

@@ -56,7 +56,6 @@ promise_test(t => {
     assert_false(r.headers.has("rtt-received"), "rtt-received");
     assert_false(r.headers.has("downlink-received"), "downlink-received");
     assert_false(r.headers.has("ect-received"), "ect-received");
-    assert_false(r.headers.has("mobile-received"), "mobile-received");
   });
 }, "Cross-Origin Accept-CH header test");
 

third_party/blink/web_tests/external/wpt/service-workers/service-worker/fetch-request-xhr.https-expected.txt

 This is a testharness.js-based test.
 PASS initialize global state
-FAIL event.request has the expected headers for same-origin GET. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for same-origin GET. lengths differ, expected array ["accept"] length 1, got ["accept", "sec-ch-ua", "user-agent"] length 3"
-FAIL event.request has the expected headers for same-origin POST. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for same-origin POST. lengths differ, expected array ["accept", "content-type"] length 2, got ["accept", "content-type", "sec-ch-ua", "user-agent"] length 4"
-FAIL event.request has the expected headers for cross-origin GET. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for cross-origin GET. lengths differ, expected array ["accept"] length 1, got ["accept", "sec-ch-ua", "user-agent"] length 3"
-FAIL event.request has the expected headers for cross-origin POST. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for cross-origin POST. lengths differ, expected array ["accept", "content-type"] length 2, got ["accept", "content-type", "sec-ch-ua", "user-agent"] length 4"
+FAIL event.request has the expected headers for same-origin GET. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for same-origin GET. lengths differ, expected array ["accept"] length 1, got ["accept", "sec-ch-ua", "sec-ch-ua-mobile", "user-agent"] length 4"
+FAIL event.request has the expected headers for same-origin POST. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for same-origin POST. lengths differ, expected array ["accept", "content-type"] length 2, got ["accept", "content-type", "sec-ch-ua", "sec-ch-ua-mobile", "user-agent"] length 5"
+FAIL event.request has the expected headers for cross-origin GET. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for cross-origin GET. lengths differ, expected array ["accept"] length 1, got ["accept", "sec-ch-ua", "sec-ch-ua-mobile", "user-agent"] length 4"
+FAIL event.request has the expected headers for cross-origin POST. promise_test: Unhandled rejection with value: object "Error: assert_array_equals: event.request has the expected headers for cross-origin POST. lengths differ, expected array ["accept", "content-type"] length 2, got ["accept", "content-type", "sec-ch-ua", "sec-ch-ua-mobile", "user-agent"] length 5"
 PASS FetchEvent#request.body contains XHR request data (string)
 PASS FetchEvent#request.body contains XHR request data (blob)
 PASS FetchEvent#request.method is set to XHR method

third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt

@@ -15,6 +15,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-targets-cross-site-frame-get.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = iframe
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site

third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt

@@ -16,6 +16,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = localhost:8080
 HTTP_ORIGIN = null
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = iframe
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site

third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt

@@ -17,6 +17,7 @@ HTTP_HOST = localhost:8080
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-targets-cross-site-frame-post.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = iframe
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site

third_party/blink/web_tests/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt

@@ -17,6 +17,7 @@ HTTP_HOST = localhost:8080
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/form-with-enctype-targets-cross-site-frame.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = iframe
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = cross-site

third_party/blink/web_tests/http/tests/navigation/post-basic-expected.txt

@@ -13,6 +13,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/navigation/post-frames-expected.txt

@@ -18,6 +18,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = iframe
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/navigation/post-frames-goback1-expected.txt

@@ -17,6 +17,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/post-frames-goback1.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = iframe
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/navigation/post-goback1-expected.txt

@@ -13,6 +13,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/navigation/rename-subframe-goback-expected.txt

@@ -21,6 +21,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/navigation/resources/page-that-posts.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = iframe
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-leak-path-on-redirect-expected.txt

@@ -9,6 +9,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/form-action-leak-path-on-redirect.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-expected.txt

@@ -12,6 +12,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/form-action-src-allowed.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect-expected.txt

@@ -9,6 +9,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-expected.txt

@@ -12,6 +12,7 @@ HTTP_HOST = 127.0.0.1:8000
 HTTP_ORIGIN = http://127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/form-action-src-default-ignored.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect-expected.txt

@@ -9,6 +9,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-expected.txt

@@ -10,6 +10,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/form-action-src-get-allowed.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect-expected.txt

@@ -9,6 +9,7 @@ HTTP_CONNECTION = keep-alive
 HTTP_HOST = 127.0.0.1:8000
 HTTP_REFERER = http://127.0.0.1:8000/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect.html
 HTTP_SEC_CH_UA = content_shell 99
+HTTP_SEC_CH_UA_MOBILE = ?0
 HTTP_SEC_FETCH_DEST = document
 HTTP_SEC_FETCH_MODE = navigate
 HTTP_SEC_FETCH_SITE = same-origin

third_party/blink/web_tests/http/tests/serviceworker/fetch-event-headers.html

@@ -31,7 +31,8 @@ promise_test(function(t) {
           header_names.sort();
           assert_array_equals(
             header_names,
-            ["accept", "sec-ch-ua", "upgrade-insecure-requests", "user-agent"],
+            ["accept", "sec-ch-ua", "sec-ch-ua-mobile",
+             "upgrade-insecure-requests", "user-agent"],
             'event.request has the expected headers.');
 
           return service_worker_unregister_and_done(t, scope);