# Disables file download quarantining

Index: chromium-128.0.6613.119/components/download/internal/common/base_file.cc
===================================================================
--- chromium-128.0.6613.119.orig/components/download/internal/common/base_file.cc
+++ chromium-128.0.6613.119/components/download/internal/common/base_file.cc
@@ -23,7 +23,6 @@
 #include "components/download/public/common/download_interrupt_reasons_utils.h"
 #include "components/download/public/common/download_item.h"
 #include "components/download/public/common/download_stats.h"
-#include "components/services/quarantine/quarantine.h"
 #include "crypto/secure_hash.h"
 
 #if BUILDFLAG(IS_ANDROID)
@@ -526,94 +525,10 @@ DownloadInterruptReason BaseFile::Publis
 }
 #endif  // BUILDFLAG(IS_ANDROID)
 
-namespace {
-
-DownloadInterruptReason QuarantineFileResultToReason(
-    quarantine::mojom::QuarantineFileResult result) {
-  switch (result) {
-    case quarantine::mojom::QuarantineFileResult::OK:
-      return DOWNLOAD_INTERRUPT_REASON_NONE;
-    case quarantine::mojom::QuarantineFileResult::VIRUS_INFECTED:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_VIRUS_INFECTED;
-    case quarantine::mojom::QuarantineFileResult::SECURITY_CHECK_FAILED:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_SECURITY_CHECK_FAILED;
-    case quarantine::mojom::QuarantineFileResult::BLOCKED_BY_POLICY:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_BLOCKED;
-    case quarantine::mojom::QuarantineFileResult::ACCESS_DENIED:
-      return DOWNLOAD_INTERRUPT_REASON_FILE_ACCESS_DENIED;
-
-    case quarantine::mojom::QuarantineFileResult::FILE_MISSING:
-      // Don't have a good interrupt reason here. This return code means that
-      // the file at |full_path_| went missing before QuarantineFile got to
-      // look at it. Not expected to happen, but we've seen instances where a
-      // file goes missing immediately after BaseFile closes the handle.
-      //
-      // Intentionally using a different error message than
-      // SECURITY_CHECK_FAILED in order to distinguish the two.
-      return DOWNLOAD_INTERRUPT_REASON_FILE_FAILED;
-
-    case quarantine::mojom::QuarantineFileResult::ANNOTATION_FAILED:
-      // This means that the mark-of-the-web couldn't be applied. The file is
-      // already on the file system under its final target name.
-      //
-      // Causes of failed annotations typically aren't transient. E.g. the
-      // target file system may not support extended attributes or alternate
-      // streams. We are going to allow these downloads to progress on the
-      // assumption that failures to apply MOTW can't reliably be introduced
-      // remotely.
-      return DOWNLOAD_INTERRUPT_REASON_NONE;
-  }
-  return DOWNLOAD_INTERRUPT_REASON_FILE_FAILED;
-}
-
-}  // namespace
-
 // static
 GURL BaseFile::GetEffectiveAuthorityURL(const GURL& source_url,
                                         const GURL& referrer_url) {
-  if (source_url.is_valid()) {
-    // http{,s} has an authority and are supported.
-    if (source_url.SchemeIsHTTPOrHTTPS())
-      return source_url;
-
-    // If the download source is file:// ideally we should copy the MOTW from
-    // the original file, but given that Chrome/Chromium places strict
-    // restrictions on which schemes can reference file:// URLs, this code is
-    // going to assume that at this point it's okay to treat this download as
-    // being from the local system.
-    if (source_url.SchemeIsFile())
       return source_url;
-
-    // ftp:// has an authority.
-    if (source_url.SchemeIs(url::kFtpScheme))
-      return source_url;
-
-    if (source_url.SchemeIs(url::kBlobScheme))
-      return url::Origin::Create(source_url).GetURL();
-  }
-
-  if (referrer_url.is_valid() && referrer_url.SchemeIsHTTPOrHTTPS())
-    return referrer_url;
-
-  return GURL();
-}
-
-void BaseFile::OnFileQuarantined(
-    quarantine::mojom::QuarantineFileResult result) {
-  DCHECK(on_annotation_done_callback_);
-  quarantine_service_.reset();
-  std::move(on_annotation_done_callback_)
-      .Run(QuarantineFileResultToReason(result));
-}
-
-void BaseFile::OnQuarantineServiceError(const GURL& source_url,
-                                        const GURL& referrer_url) {
-#if BUILDFLAG(IS_WIN)
-  OnFileQuarantined(quarantine::SetInternetZoneIdentifierDirectly(
-      full_path_, source_url, referrer_url));
-#else   // !BUILDFLAG(IS_WIN)
-  CHECK(false) << "In-process quarantine service should not have failed.";
-#endif  // !BUILDFLAG(IS_WIN)
 }
 
 void BaseFile::AnnotateWithSourceInformation(
@@ -622,32 +537,8 @@ void BaseFile::AnnotateWithSourceInforma
     const GURL& referrer_url,
     mojo::PendingRemote<quarantine::mojom::Quarantine> remote_quarantine,
     OnAnnotationDoneCallback on_annotation_done_callback) {
-  GURL authority_url = GetEffectiveAuthorityURL(source_url, referrer_url);
-  if (!remote_quarantine) {
-#if BUILDFLAG(IS_WIN)
-    quarantine::mojom::QuarantineFileResult result =
-        quarantine::SetInternetZoneIdentifierDirectly(full_path_, authority_url,
-                                                      referrer_url);
-#else
-    quarantine::mojom::QuarantineFileResult result =
-        quarantine::mojom::QuarantineFileResult::ANNOTATION_FAILED;
-#endif
-    std::move(on_annotation_done_callback)
-        .Run(QuarantineFileResultToReason(result));
-  } else {
-    quarantine_service_.Bind(std::move(remote_quarantine));
-
-    on_annotation_done_callback_ = std::move(on_annotation_done_callback);
-
-    quarantine_service_.set_disconnect_handler(base::BindOnce(
-        &BaseFile::OnQuarantineServiceError, weak_factory_.GetWeakPtr(),
-        authority_url, referrer_url));
-
-    quarantine_service_->QuarantineFile(
-        full_path_, authority_url, referrer_url, client_guid,
-        base::BindOnce(&BaseFile::OnFileQuarantined,
-                       weak_factory_.GetWeakPtr()));
-  }
+  std::move(on_annotation_done_callback)
+      .Run(DOWNLOAD_INTERRUPT_REASON_NONE);
 }
 
 }  // namespace download
Index: chromium-128.0.6613.119/content/browser/BUILD.gn
===================================================================
--- chromium-128.0.6613.119.orig/content/browser/BUILD.gn
+++ chromium-128.0.6613.119/content/browser/BUILD.gn
@@ -114,7 +114,6 @@ source_set("browser") {
     "//components/payments/mojom",
     "//components/power_monitor",
     "//components/services/filesystem:lib",
-    "//components/services/quarantine:quarantine",
     "//components/services/storage",
     "//components/services/storage:filesystem_proxy_factory",
     "//components/services/storage/dom_storage:local_storage_proto",
Index: chromium-128.0.6613.119/content/browser/file_system_access/file_system_access_safe_move_helper.cc
===================================================================
--- chromium-128.0.6613.119.orig/content/browser/file_system_access/file_system_access_safe_move_helper.cc
+++ chromium-128.0.6613.119/content/browser/file_system_access/file_system_access_safe_move_helper.cc
@@ -14,7 +14,6 @@
 #include "base/thread_annotations.h"
 #include "build/build_config.h"
 #include "build/chromeos_buildflags.h"
-#include "components/services/quarantine/quarantine.h"
 #include "content/browser/file_system_access/features.h"
 #include "content/browser/file_system_access/file_system_access_error.h"
 #include "content/public/browser/content_browser_client.h"
@@ -230,22 +229,9 @@ void FileSystemAccessSafeMoveHelper::Did
   // not exist anymore. In case of error, the source file URL will point to a
   // valid filesystem location.
   base::OnceCallback<void(base::File::Error)> result_callback;
-  if (RequireQuarantine()) {
-    GURL referrer_url = manager_->is_off_the_record() ? GURL() : context_.url;
-    mojo::Remote<quarantine::mojom::Quarantine> quarantine_remote;
-    if (quarantine_connection_callback_) {
-      quarantine_connection_callback_.Run(
-          quarantine_remote.BindNewPipeAndPassReceiver());
-    }
-    result_callback =
-        base::BindOnce(&FileSystemAccessSafeMoveHelper::DidFileDoQuarantine,
-                       weak_factory_.GetWeakPtr(), dest_url(), referrer_url,
-                       std::move(quarantine_remote));
-  } else {
     result_callback =
         base::BindOnce(&FileSystemAccessSafeMoveHelper::DidFileSkipQuarantine,
                        weak_factory_.GetWeakPtr());
-  }
   manager_->DoFileSystemOperation(
       FROM_HERE, &storage::FileSystemOperationRunner::Move,
       std::move(result_callback), source_url(), dest_url(), options_,
@@ -262,7 +248,6 @@ void FileSystemAccessSafeMoveHelper::Did
 void FileSystemAccessSafeMoveHelper::DidFileDoQuarantine(
     const storage::FileSystemURL& target_url,
     const GURL& referrer_url,
-    mojo::Remote<quarantine::mojom::Quarantine> quarantine_remote,
     base::File::Error result) {
   DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
 
@@ -293,37 +278,9 @@ void FileSystemAccessSafeMoveHelper::Did
       referrer_url.is_valid() && referrer_url.SchemeIsHTTPOrHTTPS()
           ? referrer_url
           : GURL();
-
-  if (quarantine_remote) {
-    quarantine::mojom::Quarantine* raw_quarantine = quarantine_remote.get();
-    raw_quarantine->QuarantineFile(
-        target_url.path(), authority_url, referrer_url,
-        GetContentClient()
-            ->browser()
-            ->GetApplicationClientGUIDForQuarantineCheck(),
-        mojo::WrapCallbackWithDefaultInvokeIfNotRun(
-            base::BindOnce(&FileSystemAccessSafeMoveHelper::DidAnnotateFile,
-                           weak_factory_.GetWeakPtr(),
-                           std::move(quarantine_remote)),
-            quarantine::mojom::QuarantineFileResult::ANNOTATION_FAILED));
-  } else {
-#if BUILDFLAG(IS_WIN)
-    base::ThreadPool::PostTaskAndReplyWithResult(
-        FROM_HERE, {base::MayBlock()},
-        base::BindOnce(&quarantine::SetInternetZoneIdentifierDirectly,
-                       target_url.path(), authority_url, referrer_url),
-        base::BindOnce(&FileSystemAccessSafeMoveHelper::DidAnnotateFile,
-                       weak_factory_.GetWeakPtr(),
-                       std::move(quarantine_remote)));
-#else
-    DidAnnotateFile(std::move(quarantine_remote),
-                    quarantine::mojom::QuarantineFileResult::ANNOTATION_FAILED);
-#endif
-  }
 }
 
 void FileSystemAccessSafeMoveHelper::DidAnnotateFile(
-    mojo::Remote<quarantine::mojom::Quarantine> quarantine_remote,
     quarantine::mojom::QuarantineFileResult result) {
   DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
 
Index: chromium-128.0.6613.119/content/browser/file_system_access/file_system_access_safe_move_helper.h
===================================================================
--- chromium-128.0.6613.119.orig/content/browser/file_system_access/file_system_access_safe_move_helper.h
+++ chromium-128.0.6613.119/content/browser/file_system_access/file_system_access_safe_move_helper.h
@@ -66,10 +66,8 @@ class CONTENT_EXPORT FileSystemAccessSaf
   void DidFileDoQuarantine(
       const storage::FileSystemURL& target_url,
       const GURL& referrer_url,
-      mojo::Remote<quarantine::mojom::Quarantine> quarantine_remote,
       base::File::Error result);
   void DidAnnotateFile(
-      mojo::Remote<quarantine::mojom::Quarantine> quarantine_remote,
       quarantine::mojom::QuarantineFileResult result);
 
   void ComputeHashForSourceFile(HashCallback callback);
Index: chromium-128.0.6613.119/content/browser/renderer_host/pepper/pepper_file_io_host.cc
===================================================================
--- chromium-128.0.6613.119.orig/content/browser/renderer_host/pepper/pepper_file_io_host.cc
+++ chromium-128.0.6613.119/content/browser/renderer_host/pepper/pepper_file_io_host.cc
@@ -462,7 +462,7 @@ void PepperFileIOHost::OnLocalFileOpened
     ppapi::host::ReplyMessageContext reply_context,
     const base::FilePath& path,
     base::File::Error error_code) {
-#if BUILDFLAG(IS_WIN) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if 0
   // Quarantining a file before its contents are available is only supported on
   // Windows and Linux.
   if (!FileOpenForWrite(open_flags_) || error_code != base::File::FILE_OK) {
@@ -496,7 +496,7 @@ void PepperFileIOHost::OnLocalFileOpened
 #endif
 }
 
-#if BUILDFLAG(IS_WIN) || BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if 0
 void PepperFileIOHost::OnLocalFileQuarantined(
     ppapi::host::ReplyMessageContext reply_context,
     const base::FilePath& path,
Index: chromium-128.0.6613.119/content/browser/renderer_host/pepper/pepper_file_io_host.h
===================================================================
--- chromium-128.0.6613.119.orig/content/browser/renderer_host/pepper/pepper_file_io_host.h
+++ chromium-128.0.6613.119/content/browser/renderer_host/pepper/pepper_file_io_host.h
@@ -14,7 +14,6 @@
 #include "base/memory/raw_ptr.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/weak_ptr.h"
-#include "components/services/quarantine/public/mojom/quarantine.mojom.h"
 #include "content/browser/renderer_host/pepper/browser_ppapi_host_impl.h"
 #include "ipc/ipc_listener.h"
 #include "ipc/ipc_platform_file.h"
@@ -93,12 +92,6 @@ class PepperFileIOHost final : public pp
                          const base::FilePath& path,
                          base::File::Error error_code);
 
-  void OnLocalFileQuarantined(
-      ppapi::host::ReplyMessageContext reply_context,
-      const base::FilePath& path,
-      mojo::Remote<quarantine::mojom::Quarantine> quarantine_remote,
-      quarantine::mojom::QuarantineFileResult quarantine_result);
-
   void SendFileOpenReply(ppapi::host::ReplyMessageContext reply_context,
                          base::File::Error error_code);