Search engine collection still sends requests

[Devocub]

OS/Platform

Windows

Installed

https://ungoogled-software.github.io/ungoogled-chromium-binaries/

Version

120.0.6099.129

Have you tested that this is not an upstream issue or an issue with your configuration?

• I have tried reproducing this issue in Chrome and it could not be reproduced there
• I have tried reproducing this issue in vanilla Chromium and it could not be reproduced there
• I have tried reproducing this issue in ungoogled-chromium with a new and empty profile using --user-data-dir command line argument and it could not be reproduced there

Description

Request to collect search engine is made when collection is disabled

How to Reproduce?

1. Enable this chrome://flags/#disable-search-engine-collection
2. chrome://settings/security Enable "Always use secure connections"
3. Turn on Wireshark (or alternative)
4. Go to https://php.net and you should see in Wireshark http request (details below) been made. This request is not visible in browsers DevTools.

Actual behaviour

I believe this line in source code of php.net page is for search engine collection
<link rel="search" type="application/opensearchdescription+xml" href="http://php.net/phpnetimprovedsearch.src" title="Add PHP.net search">
Even though "Always use secure connections" and search engine collection is disabled request still made, and over http (so some security risk).
It is not a bug to be precise because disabling collection doesn't mean disabling requests to this link (and not doing this request = more fingerprinting). And request over http is Chromium bug. But since that was surprising behaviour for me I decided to leave this feedback.

Expected behaviour

No requests.

Relevant log output

No response

Additional context

You can add "Disable serach engine collection requests" flag.
You can report issue about security stuff to Chromium.
You can close this issue immediately.

[PF4Public]

@Devocub Have you attempted to reproduce this issue in the latest available version? Is this still an issue?

[Devocub]

@PF4Public just tried, still reporducible 124.0.6367.201

[PF4Public]

@Ahrotahn IIRC you did test ungoogled-chromium with wireshark and found no suspicious activity. Could this be something you missed?

[networkException]

Can reproduce

[networkException]

I'm actually not sure what codepath the request is taking. Only https://source.chromium.org/chromium/chromium/src/+/main:chrome/renderer/chrome_render_frame_observer.cc;l=259;drc=2246014e44711f62566fcbb784a6926b1ba5b980;bpv=1;bpt=1 looks relevant (which we already disable with the "disable-search-engine-collection" flag)

[rany2]

@networkException https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/ui/search_engines/search_engine_tab_helper.cc;l=156;drc=317f05fb6ad55aae99ecbf909b233b07198eda3f

[networkException]

yes but I don't see that being called (over IPC) by anyone else. Oh well, perhaps better to also patch that out

[Ahrotahn]

Yup, y'all are on the right track. The search engine helper shouldn't be loaded at all with the disable-search-engine-collection flag set. I've pushed an update to the PR for 125 to fix this.

Normally I'm checking for connections at startup and for external connections to Google when visiting pages. I wouldn't have thought to check for something like this before since it only makes sense that php.net would connect to php.net.