cef/patch/patches/services_network_2622.patch

diff --git chrome/browser/enterprise/connectors/analysis/content_analysis_delegate.cc chrome/browser/enterprise/connectors/analysis/content_analysis_delegate.cc
index 53383355d6646..d7a713017e16d 100644
--- chrome/browser/enterprise/connectors/analysis/content_analysis_delegate.cc
+++ chrome/browser/enterprise/connectors/analysis/content_analysis_delegate.cc
@@ -23,6 +23,7 @@
 #include "base/strings/utf_string_conversions.h"
 #include "base/time/time.h"
 #include "build/build_config.h"
+#include "cef/libcef/features/runtime.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/enterprise/connectors/analysis/analysis_settings.h"
 #include "chrome/browser/enterprise/connectors/analysis/content_analysis_dialog.h"
@@ -232,6 +233,9 @@ bool ContentAnalysisDelegate::IsEnabled(
     GURL url,
     Data* data,
     enterprise_connectors::AnalysisConnector connector) {
+  if (cef::IsAlloyRuntimeEnabled())
+    return false;
+
   auto* service =
       enterprise_connectors::ConnectorsServiceFactory::GetForBrowserContext(
           profile);
diff --git chrome/browser/net/profile_network_context_service.cc chrome/browser/net/profile_network_context_service.cc
index 99fb0211efd6b..5f4a4c2d7c977 100644
--- chrome/browser/net/profile_network_context_service.cc
+++ chrome/browser/net/profile_network_context_service.cc
@@ -22,6 +22,7 @@
 #include "base/trace_event/trace_event.h"
 #include "build/build_config.h"
 #include "build/chromeos_buildflags.h"
+#include "cef/libcef/features/runtime.h"
 #include "chrome/browser/browser_features.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chrome_content_browser_client.h"
@@ -283,8 +284,10 @@ ProfileNetworkContextService::ProfileNetworkContextService(Profile* profile)
                           base::Unretained(this)));
   cookie_settings_ = CookieSettingsFactory::GetForProfile(profile);
   cookie_settings_observation_.Observe(cookie_settings_.get());
-  privacy_sandbox_settings_observer_.Observe(
-      PrivacySandboxSettingsFactory::GetForProfile(profile));
+  if (!cef::IsAlloyRuntimeEnabled()) {
+    privacy_sandbox_settings_observer_.Observe(
+        PrivacySandboxSettingsFactory::GetForProfile(profile));
+  }
 
   DisableQuicIfNotAllowed();
 
@@ -324,7 +327,9 @@ ProfileNetworkContextService::ProfileNetworkContextService(Profile* profile)
                           base::Unretained(this)));
 
 #if BUILDFLAG(ENABLE_EXTENSIONS)
-  registry_observation_.Observe(extensions::ExtensionRegistry::Get(profile_));
+  if (auto extension_registry = extensions::ExtensionRegistry::Get(profile_)) {
+    registry_observation_.Observe(extension_registry);
+  }
 #endif
 }
 
@@ -828,7 +833,19 @@ void ProfileNetworkContextService::ConfigureNetworkContextParamsInternal(
 
   // Configure on-disk storage for non-OTR profiles. OTR profiles just use
   // default behavior (in memory storage, default sizes).
-  if (!in_memory) {
+  if (!in_memory && cef::IsAlloyRuntimeEnabled()) {
+    PrefService* prefs = profile_->GetPrefs();
+    // Configure the HTTP cache path and size.
+    const base::FilePath& base_cache_path =
+        prefs->GetFilePath(prefs::kDiskCacheDir);
+    DCHECK(!base_cache_path.empty());
+    network_context_params->http_cache_directory =
+        base_cache_path.Append(chrome::kCacheDirname);
+    network_context_params->http_cache_max_size =
+        prefs->GetInteger(prefs::kDiskCacheSize);
+  }
+
+  if (!in_memory && !cef::IsAlloyRuntimeEnabled()) {
     PrefService* local_state = g_browser_process->local_state();
     // Configure the HTTP cache path and size.
     base::FilePath base_cache_path;
@@ -841,7 +858,9 @@ void ProfileNetworkContextService::ConfigureNetworkContextParamsInternal(
         base_cache_path.Append(chrome::kCacheDirname);
     network_context_params->http_cache_max_size =
         local_state->GetInteger(prefs::kDiskCacheSize);
+  }
 
+  if (!in_memory) {
     network_context_params->file_paths =
         ::network::mojom::NetworkContextFilePaths::New();
 
@@ -1039,6 +1058,7 @@ void ProfileNetworkContextService::ConfigureNetworkContextParamsInternal(
   network_context_params->require_network_isolation_key = true;
 
   network_context_params->block_trust_tokens =
+      cef::IsAlloyRuntimeEnabled() ||
       !PrivacySandboxSettingsFactory::GetForProfile(profile_)
            ->IsTrustTokensAllowed();
 
diff --git chrome/browser/signin/identity_manager_factory.cc chrome/browser/signin/identity_manager_factory.cc
index 0f92e4682eee9..ea6e6ed6f1e05 100644
--- chrome/browser/signin/identity_manager_factory.cc
+++ chrome/browser/signin/identity_manager_factory.cc
@@ -11,6 +11,7 @@
 #include "base/observer_list.h"
 #include "build/build_config.h"
 #include "build/chromeos_buildflags.h"
+#include "cef/libcef/features/runtime.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/image_fetcher/image_decoder_impl.h"
 #include "chrome/browser/profiles/profile.h"
@@ -82,6 +83,7 @@ IdentityManagerFactory::~IdentityManagerFactory() {
 // static
 signin::IdentityManager* IdentityManagerFactory::GetForProfile(
     Profile* profile) {
+  DCHECK(!cef::IsAlloyRuntimeEnabled());
   return static_cast<signin::IdentityManager*>(
       GetInstance()->GetServiceForBrowserContext(profile, true));
 }
diff --git net/cookies/cookie_monster.cc net/cookies/cookie_monster.cc
index 44f52e0c14355..6b380a5bfe3c8 100644
--- net/cookies/cookie_monster.cc
+++ net/cookies/cookie_monster.cc
@@ -554,6 +554,25 @@ void CookieMonster::SetCookieableSchemes(
   MaybeRunCookieCallback(std::move(callback), true);
 }
 
+void CookieMonster::AddCookieableSchemes(
+    const std::vector<std::string>& schemes,
+    SetCookieableSchemesCallback callback) {
+  DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
+
+  // Calls to this method will have no effect if made after a WebView or
+  // CookieManager instance has been created.
+  if (initialized_) {
+    MaybeRunCookieCallback(std::move(callback), false);
+    return;
+  }
+
+  if (!schemes.empty()) {
+    cookieable_schemes_.insert(cookieable_schemes_.begin(), schemes.begin(),
+                               schemes.end());
+  }
+  MaybeRunCookieCallback(std::move(callback), true);
+}
+
 // This function must be called before the CookieMonster is used.
 void CookieMonster::SetPersistSessionCookies(bool persist_session_cookies) {
   DCHECK_CALLED_ON_VALID_THREAD(thread_checker_);
diff --git net/cookies/cookie_monster.h net/cookies/cookie_monster.h
index 8a896a86b58b0..08077ffeebc3e 100644
--- net/cookies/cookie_monster.h
+++ net/cookies/cookie_monster.h
@@ -208,6 +208,8 @@ class NET_EXPORT CookieMonster : public CookieStore {
   CookieChangeDispatcher& GetChangeDispatcher() override;
   void SetCookieableSchemes(const std::vector<std::string>& schemes,
                             SetCookieableSchemesCallback callback) override;
+  void AddCookieableSchemes(const std::vector<std::string>& schemes,
+                            SetCookieableSchemesCallback callback) override;
   absl::optional<bool> SiteHasCookieInOtherPartition(
       const net::SchemefulSite& site,
       const absl::optional<CookiePartitionKey>& partition_key) const override;
diff --git net/cookies/cookie_store.h net/cookies/cookie_store.h
index 61fd008fc067e..73909be088278 100644
--- net/cookies/cookie_store.h
+++ net/cookies/cookie_store.h
@@ -163,6 +163,11 @@ class NET_EXPORT CookieStore {
   // Transfer ownership of a CookieAccessDelegate.
   void SetCookieAccessDelegate(std::unique_ptr<CookieAccessDelegate> delegate);
 
+  // Adds to the list of cookieable schemes. Does nothing if called after first
+  // use of the instance (i.e. after the instance initialization process).
+  virtual void AddCookieableSchemes(const std::vector<std::string>& schemes,
+                                    SetCookieableSchemesCallback callback) = 0;
+
   // This may be null if no delegate has been set yet, or the delegate has been
   // reset to null.
   const CookieAccessDelegate* cookie_access_delegate() const {
diff --git services/network/cookie_manager.cc services/network/cookie_manager.cc
index 5b4fe64a4374a..780c9726a03d3 100644
--- services/network/cookie_manager.cc
+++ services/network/cookie_manager.cc
@@ -283,14 +283,9 @@ void CookieManager::FlushCookieStore(FlushCookieStoreCallback callback) {
 void CookieManager::AllowFileSchemeCookies(
     bool allow,
     AllowFileSchemeCookiesCallback callback) {
-  std::vector<std::string> cookieable_schemes(
-      net::CookieMonster::kDefaultCookieableSchemes,
-      net::CookieMonster::kDefaultCookieableSchemes +
-          net::CookieMonster::kDefaultCookieableSchemesCount);
-  if (allow) {
-    cookieable_schemes.push_back(url::kFileScheme);
-  }
-  cookie_store_->SetCookieableSchemes(cookieable_schemes, std::move(callback));
+  if (!allow)
+    return;
+  cookie_store_->AddCookieableSchemes({url::kFileScheme}, std::move(callback));
 }
 
 void CookieManager::SetForceKeepSessionState() {
diff --git services/network/network_context.cc services/network/network_context.cc
index 47bba434b56d8..92060d40e0a84 100644
--- services/network/network_context.cc
+++ services/network/network_context.cc
@@ -2252,16 +2252,20 @@ URLRequestContextOwner NetworkContext::MakeURLRequestContext(
         network_service_->network_quality_estimator());
   }
 
-  if (session_cleanup_cookie_store) {
-    std::unique_ptr<net::CookieMonster> cookie_store =
-        std::make_unique<net::CookieMonster>(session_cleanup_cookie_store.get(),
-                                             net_log);
-    if (params_->persist_session_cookies)
-      cookie_store->SetPersistSessionCookies(true);
+  std::unique_ptr<net::CookieMonster> cookie_store =
+      std::make_unique<net::CookieMonster>(session_cleanup_cookie_store.get(),
+                                           net_log);
+  if (session_cleanup_cookie_store && params_->persist_session_cookies)
+    cookie_store->SetPersistSessionCookies(true);
 
-    builder.SetCookieStore(std::move(cookie_store));
+  if (params_->cookieable_schemes.has_value()) {
+    cookie_store->SetCookieableSchemes(
+        *params_->cookieable_schemes,
+        net::CookieStore::SetCookieableSchemesCallback());
   }
 
+  builder.SetCookieStore(std::move(cookie_store));
+
   if (base::FeatureList::IsEnabled(features::kPrivateStateTokens)) {
     trust_token_store_ = std::make_unique<PendingTrustTokenStore>();
 
diff --git services/network/public/mojom/network_context.mojom services/network/public/mojom/network_context.mojom
index b2254b765c313..9d7da9a963f40 100644
--- services/network/public/mojom/network_context.mojom
+++ services/network/public/mojom/network_context.mojom
@@ -347,6 +347,9 @@ struct NetworkContextParams {
   // cookies. Otherwise it should be false.
   bool persist_session_cookies = false;
 
+  // Schemes that will be passed to CookieMonster::SetCookieableSchemes.
+  array<string>? cookieable_schemes;
+
   // True if an HTTP cache should be used.
   bool http_cache_enabled = true;
   // Maximum size of the HTTP cache. 0 means to use the default size.