fix: create system network context for global requests

Global requests currently includes DNS over HTTPS requests,
certain cert validation requests (OCSP, AIA, etc) on some platforms
and geolocation requests.

atom/browser/atom_browser_main_parts.cc

@@ -348,6 +348,9 @@ void AtomBrowserMainParts::PostEarlyInitialization() {
   // command-line changes.
   base::FeatureList::ClearInstanceForTesting();
   InitializeFeatureList();
+
+  // Initialize after user script environment creation.
+  fake_browser_process_->PostEarlyInitialization();
 }
 
 int AtomBrowserMainParts::PreCreateThreads() {
@@ -394,6 +397,7 @@ int AtomBrowserMainParts::PreCreateThreads() {
   // Initialize net log file exporter.
   net_log_->net_export_file_writer()->Initialize();
 
+  fake_browser_process_->PreCreateThreads(command_line);
   // Manage global state of net and other IO thread related.
   io_thread_ = std::make_unique<IOThread>(net_log_.get());
 
@@ -523,6 +527,8 @@ void AtomBrowserMainParts::PostMainMessageLoopRun() {
       std::move(callback).Run();
     ++iter;
   }
+
+  fake_browser_process_->PostMainMessageLoopRun();
 }
 
 #if !defined(OS_MACOSX)

atom/browser/browser_process_impl.cc

@@ -4,6 +4,23 @@
 
 #include "atom/browser/browser_process_impl.h"
 
+#include <utility>
+
+#include "chrome/browser/printing/print_job_manager.h"
+#include "chrome/common/chrome_switches.h"
+#include "components/prefs/in_memory_pref_store.h"
+#include "components/prefs/overlay_user_pref_store.h"
+#include "components/prefs/pref_registry.h"
+#include "components/prefs/pref_registry_simple.h"
+#include "components/prefs/pref_service_factory.h"
+#include "components/proxy_config/pref_proxy_config_tracker_impl.h"
+#include "components/proxy_config/proxy_config_dictionary.h"
+#include "components/proxy_config/proxy_config_pref_names.h"
+#include "content/public/common/content_switches.h"
+#include "net/proxy_resolution/proxy_config.h"
+#include "net/proxy_resolution/proxy_config_service.h"
+#include "net/proxy_resolution/proxy_config_with_annotation.h"
+#include "net/proxy_resolution/proxy_resolution_service.h"
 #include "ui/base/l10n/l10n_util.h"
 
 #if BUILDFLAG(ENABLE_PRINTING)
@@ -18,6 +35,68 @@ BrowserProcessImpl::~BrowserProcessImpl() {
   g_browser_process = nullptr;
 }
 
+// static
+void BrowserProcessImpl::ApplyProxyModeFromCommandLine(
+    ValueMapPrefStore* pref_store) {
+  if (!pref_store)
+    return;
+
+  auto* command_line = base::CommandLine::ForCurrentProcess();
+
+  if (command_line->HasSwitch(switches::kNoProxyServer)) {
+    pref_store->SetValue(proxy_config::prefs::kProxy,
+                         ProxyConfigDictionary::CreateDirect(),
+                         WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
+  } else if (command_line->HasSwitch(switches::kProxyPacUrl)) {
+    std::string pac_script_url =
+        command_line->GetSwitchValueASCII(switches::kProxyPacUrl);
+    pref_store->SetValue(proxy_config::prefs::kProxy,
+                         ProxyConfigDictionary::CreatePacScript(
+                             pac_script_url, false /* pac_mandatory */),
+                         WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
+  } else if (command_line->HasSwitch(switches::kProxyAutoDetect)) {
+    pref_store->SetValue(proxy_config::prefs::kProxy,
+                         ProxyConfigDictionary::CreateAutoDetect(),
+                         WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
+  } else if (command_line->HasSwitch(switches::kProxyServer)) {
+    std::string proxy_server =
+        command_line->GetSwitchValueASCII(switches::kProxyServer);
+    std::string bypass_list =
+        command_line->GetSwitchValueASCII(switches::kProxyBypassList);
+    pref_store->SetValue(
+        proxy_config::prefs::kProxy,
+        ProxyConfigDictionary::CreateFixedServers(proxy_server, bypass_list),
+        WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
+  }
+}
+
+void BrowserProcessImpl::PostEarlyInitialization() {
+  // Mock user prefs, as we only need to track changes for a
+  // in memory pref store. There are no persistent preferences
+  PrefServiceFactory prefs_factory;
+  auto pref_registry = base::MakeRefCounted<PrefRegistrySimple>();
+  PrefProxyConfigTrackerImpl::RegisterPrefs(pref_registry.get());
+  auto pref_store = base::MakeRefCounted<ValueMapPrefStore>();
+  ApplyProxyModeFromCommandLine(pref_store.get());
+  prefs_factory.set_command_line_prefs(std::move(pref_store));
+  prefs_factory.set_user_prefs(new OverlayUserPrefStore(new InMemoryPrefStore));
+  local_state_ = prefs_factory.Create(std::move(pref_registry));
+}
+
+void BrowserProcessImpl::PreCreateThreads(
+    const base::CommandLine& command_line) {
+  // Must be created before the IOThread.
+  // Once IOThread class is no longer needed,
+  // this can be created on first use.
+  system_network_context_manager_ =
+      std::make_unique<SystemNetworkContextManager>();
+}
+
+void BrowserProcessImpl::PostMainMessageLoopRun() {
+  // This expects to be destroyed before the task scheduler is torn down.
+  system_network_context_manager_.reset();
+}
+
 bool BrowserProcessImpl::IsShuttingDown() {
   return false;
 }
@@ -40,7 +119,8 @@ ProfileManager* BrowserProcessImpl::profile_manager() {
 }
 
 PrefService* BrowserProcessImpl::local_state() {
-  return nullptr;
+  DCHECK(local_state_.get());
+  return local_state_.get();
 }
 
 net::URLRequestContextGetter* BrowserProcessImpl::system_request_context() {
@@ -79,7 +159,8 @@ IOThread* BrowserProcessImpl::io_thread() {
 
 SystemNetworkContextManager*
 BrowserProcessImpl::system_network_context_manager() {
-  return nullptr;
+  DCHECK(system_network_context_manager_.get());
+  return system_network_context_manager_.get();
 }
 
 network::NetworkQualityTracker* BrowserProcessImpl::network_quality_tracker() {

atom/browser/browser_process_impl.h

@@ -13,8 +13,12 @@
 #include <memory>
 #include <string>
 
+#include "atom/browser/net/system_network_context_manager.h"
+#include "base/command_line.h"
 #include "base/macros.h"
 #include "chrome/browser/browser_process.h"
+#include "components/prefs/pref_service.h"
+#include "components/prefs/value_map_pref_store.h"
 #include "printing/buildflags/buildflags.h"
 #include "services/network/public/cpp/shared_url_loader_factory.h"
 
@@ -32,6 +36,12 @@ class BrowserProcessImpl : public BrowserProcess {
   BrowserProcessImpl();
   ~BrowserProcessImpl() override;
 
+  static void ApplyProxyModeFromCommandLine(ValueMapPrefStore* pref_store);
+
+  void PostEarlyInitialization();
+  void PreCreateThreads(const base::CommandLine& command_line);
+  void PostMainMessageLoopRun();
+
   void ResourceDispatcherHostCreated() override {}
   void EndSession() override {}
   void FlushLocalStateAndReply(base::OnceClosure reply) override {}
@@ -102,6 +112,8 @@ class BrowserProcessImpl : public BrowserProcess {
 #if BUILDFLAG(ENABLE_PRINTING)
   std::unique_ptr<printing::PrintJobManager> print_job_manager_;
 #endif
+  std::unique_ptr<PrefService> local_state_;
+  std::unique_ptr<SystemNetworkContextManager> system_network_context_manager_;
   std::string locale_;
 
   DISALLOW_COPY_AND_ASSIGN(BrowserProcessImpl);

atom/browser/net/system_network_context_manager.cc

@@ -0,0 +1,199 @@
+// Copyright (c) 2018 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#include "atom/browser/net/system_network_context_manager.h"
+
+#include <string>
+#include <utility>
+
+#include "atom/browser/io_thread.h"
+#include "base/lazy_instance.h"
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/net/chrome_mojo_proxy_resolver_factory.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/network_service_instance.h"
+#include "content/public/common/content_features.h"
+#include "content/public/common/service_names.mojom.h"
+#include "mojo/public/cpp/bindings/associated_interface_ptr.h"
+#include "net/net_buildflags.h"
+#include "services/network/network_service.h"
+#include "services/network/public/cpp/cross_thread_shared_url_loader_factory_info.h"
+#include "services/network/public/cpp/features.h"
+#include "services/network/public/cpp/shared_url_loader_factory.h"
+#include "url/gurl.h"
+
+base::LazyInstance<SystemNetworkContextManager>::Leaky
+    g_system_network_context_manager = LAZY_INSTANCE_INITIALIZER;
+
+// SharedURLLoaderFactory backed by a SystemNetworkContextManager and its
+// network context. Transparently handles crashes.
+class SystemNetworkContextManager::URLLoaderFactoryForSystem
+    : public network::SharedURLLoaderFactory {
+ public:
+  explicit URLLoaderFactoryForSystem(SystemNetworkContextManager* manager)
+      : manager_(manager) {}
+
+  // mojom::URLLoaderFactory implementation:
+
+  void CreateLoaderAndStart(network::mojom::URLLoaderRequest request,
+                            int32_t routing_id,
+                            int32_t request_id,
+                            uint32_t options,
+                            const network::ResourceRequest& url_request,
+                            network::mojom::URLLoaderClientPtr client,
+                            const net::MutableNetworkTrafficAnnotationTag&
+                                traffic_annotation) override {
+    DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+    if (!manager_)
+      return;
+    manager_->GetURLLoaderFactory()->CreateLoaderAndStart(
+        std::move(request), routing_id, request_id, options, url_request,
+        std::move(client), traffic_annotation);
+  }
+
+  void Clone(network::mojom::URLLoaderFactoryRequest request) override {
+    if (!manager_)
+      return;
+    manager_->GetURLLoaderFactory()->Clone(std::move(request));
+  }
+
+  // SharedURLLoaderFactory implementation:
+  std::unique_ptr<network::SharedURLLoaderFactoryInfo> Clone() override {
+    DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+    return std::make_unique<network::CrossThreadSharedURLLoaderFactoryInfo>(
+        this);
+  }
+
+  void Shutdown() { manager_ = nullptr; }
+
+ private:
+  friend class base::RefCounted<URLLoaderFactoryForSystem>;
+  ~URLLoaderFactoryForSystem() override {}
+
+  SystemNetworkContextManager* manager_;
+
+  DISALLOW_COPY_AND_ASSIGN(URLLoaderFactoryForSystem);
+};
+
+network::mojom::NetworkContext* SystemNetworkContextManager::GetContext() {
+  if (!base::FeatureList::IsEnabled(network::features::kNetworkService)) {
+    // SetUp should already have been called.
+    DCHECK(io_thread_network_context_);
+    return io_thread_network_context_.get();
+  }
+
+  if (!network_service_network_context_ ||
+      network_service_network_context_.encountered_error()) {
+    // This should call into OnNetworkServiceCreated(), which will re-create
+    // the network service, if needed. There's a chance that it won't be
+    // invoked, if the NetworkContext has encountered an error but the
+    // NetworkService has not yet noticed its pipe was closed. In that case,
+    // trying to create a new NetworkContext would fail, anyways, and hopefully
+    // a new NetworkContext will be created on the next GetContext() call.
+    content::GetNetworkService();
+    DCHECK(network_service_network_context_);
+  }
+  return network_service_network_context_.get();
+}
+
+network::mojom::URLLoaderFactory*
+SystemNetworkContextManager::GetURLLoaderFactory() {
+  // Create the URLLoaderFactory as needed.
+  if (url_loader_factory_ && !url_loader_factory_.encountered_error()) {
+    return url_loader_factory_.get();
+  }
+
+  network::mojom::URLLoaderFactoryParamsPtr params =
+      network::mojom::URLLoaderFactoryParams::New();
+  params->process_id = network::mojom::kBrowserProcessId;
+  params->is_corb_enabled = false;
+  GetContext()->CreateURLLoaderFactory(mojo::MakeRequest(&url_loader_factory_),
+                                       std::move(params));
+  return url_loader_factory_.get();
+}
+
+scoped_refptr<network::SharedURLLoaderFactory>
+SystemNetworkContextManager::GetSharedURLLoaderFactory() {
+  return shared_url_loader_factory_;
+}
+
+// static
+network::mojom::NetworkContextParamsPtr
+SystemNetworkContextManager::CreateDefaultNetworkContextParams() {
+  network::mojom::NetworkContextParamsPtr network_context_params =
+      network::mojom::NetworkContextParams::New();
+
+  network_context_params->enable_brotli =
+      base::FeatureList::IsEnabled(features::kBrotliEncoding);
+
+  network_context_params->enable_referrers = true;
+
+  network_context_params->proxy_resolver_factory =
+      ChromeMojoProxyResolverFactory::CreateWithStrongBinding().PassInterface();
+
+  return network_context_params;
+}
+
+void SystemNetworkContextManager::SetUp(
+    network::mojom::NetworkContextRequest* network_context_request,
+    network::mojom::NetworkContextParamsPtr* network_context_params) {
+  if (!base::FeatureList::IsEnabled(network::features::kNetworkService)) {
+    *network_context_request = mojo::MakeRequest(&io_thread_network_context_);
+    *network_context_params = CreateNetworkContextParams();
+  } else {
+    // Just use defaults if the network service is enabled, since
+    // CreateNetworkContextParams() can only be called once.
+    *network_context_params = CreateDefaultNetworkContextParams();
+  }
+}
+
+SystemNetworkContextManager::SystemNetworkContextManager()
+    : proxy_config_monitor_(g_browser_process->local_state()) {
+  shared_url_loader_factory_ = new URLLoaderFactoryForSystem(this);
+}
+
+SystemNetworkContextManager::~SystemNetworkContextManager() {
+  shared_url_loader_factory_->Shutdown();
+}
+
+void SystemNetworkContextManager::OnNetworkServiceCreated(
+    network::mojom::NetworkService* network_service) {
+  if (!base::FeatureList::IsEnabled(network::features::kNetworkService))
+    return;
+
+  // network_service->SetUpHttpAuth(CreateHttpAuthStaticParams());
+  // network_service->ConfigureHttpAuthPrefs(CreateHttpAuthDynamicParams());
+
+  // The system NetworkContext must be created first, since it sets
+  // |primary_network_context| to true.
+  network_service->CreateNetworkContext(
+      MakeRequest(&network_service_network_context_),
+      CreateNetworkContextParams());
+}
+
+network::mojom::NetworkContextParamsPtr
+SystemNetworkContextManager::CreateNetworkContextParams() {
+  // TODO(mmenke): Set up parameters here (in memory cookie store, etc).
+  network::mojom::NetworkContextParamsPtr network_context_params =
+      CreateDefaultNetworkContextParams();
+
+  network_context_params->context_name = std::string("system");
+
+  network_context_params->http_cache_enabled = false;
+
+  // These are needed for PAC scripts that use file or data URLs (Or FTP URLs?).
+  // TODO(crbug.com/839566): remove file support for all cases.
+  network_context_params->enable_data_url_support = true;
+  if (!base::FeatureList::IsEnabled(network::features::kNetworkService))
+    network_context_params->enable_file_url_support = true;
+#if !BUILDFLAG(DISABLE_FTP_SUPPORT)
+  network_context_params->enable_ftp_url_support = true;
+#endif
+
+  network_context_params->primary_network_context = true;
+
+  proxy_config_monitor_.AddToNetworkContextParams(network_context_params.get());
+
+  return network_context_params;
+}

atom/browser/net/system_network_context_manager.h

@@ -0,0 +1,101 @@
+// Copyright (c) 2018 GitHub, Inc.
+// Use of this source code is governed by the MIT license that can be
+// found in the LICENSE file.
+
+#ifndef ATOM_BROWSER_NET_SYSTEM_NETWORK_CONTEXT_MANAGER_H_
+#define ATOM_BROWSER_NET_SYSTEM_NETWORK_CONTEXT_MANAGER_H_
+
+#include <memory>
+#include <string>
+#include <vector>
+
+#include "base/macros.h"
+#include "base/memory/ref_counted.h"
+#include "base/optional.h"
+#include "chrome/browser/net/proxy_config_monitor.h"
+#include "services/network/public/mojom/network_context.mojom.h"
+#include "services/network/public/mojom/network_service.mojom.h"
+
+namespace network {
+namespace mojom {
+class URLLoaderFactory;
+}
+class SharedURLLoaderFactory;
+}  // namespace network
+
+// Responsible for creating and managing access to the system NetworkContext.
+// Lives on the UI thread. The NetworkContext this owns is intended for requests
+// not associated with a session. It stores no data on disk, and has no HTTP
+// cache, but it does have ephemeral cookie and channel ID stores.
+//
+// This class is also responsible for configuring global NetworkService state.
+//
+// The "system" NetworkContext will either share a URLRequestContext with
+// IOThread's SystemURLRequestContext and be part of IOThread's NetworkService
+// (If the network service is disabled) or be an independent NetworkContext
+// using the actual network service.
+class SystemNetworkContextManager {
+ public:
+  SystemNetworkContextManager();
+  ~SystemNetworkContextManager();
+
+  // Returns default set of parameters for configuring the network service.
+  static network::mojom::NetworkContextParamsPtr
+  CreateDefaultNetworkContextParams();
+
+  // Initializes |network_context_params| as needed to set up a system
+  // NetworkContext. If the network service is disabled,
+  // |network_context_request| will be for the NetworkContext used by the
+  // SystemNetworkContextManager. Otherwise, this method can still be used to
+  // help set up the IOThread's in-process URLRequestContext.
+  //
+  // Must be called before the system NetworkContext is first used.
+  void SetUp(network::mojom::NetworkContextRequest* network_context_request,
+             network::mojom::NetworkContextParamsPtr* network_context_params);
+
+  // Returns the System NetworkContext. May only be called after SetUp(). Does
+  // any initialization of the NetworkService that may be needed when first
+  // called.
+  network::mojom::NetworkContext* GetContext();
+
+  // Returns a URLLoaderFactory owned by the SystemNetworkContextManager that is
+  // backed by the SystemNetworkContext. Allows sharing of the URLLoaderFactory.
+  // Prefer this to creating a new one.  Call Clone() on the value returned by
+  // this method to get a URLLoaderFactory that can be used on other threads.
+  network::mojom::URLLoaderFactory* GetURLLoaderFactory();
+
+  // Returns a SharedURLLoaderFactory owned by the SystemNetworkContextManager
+  // that is backed by the SystemNetworkContext.
+  scoped_refptr<network::SharedURLLoaderFactory> GetSharedURLLoaderFactory();
+
+  // Called when content creates a NetworkService. Creates the
+  // SystemNetworkContext, if the network service is enabled.
+  void OnNetworkServiceCreated(network::mojom::NetworkService* network_service);
+
+ private:
+  class URLLoaderFactoryForSystem;
+
+  // Creates parameters for the NetworkContext. May only be called once, since
+  // it initializes some class members.
+  network::mojom::NetworkContextParamsPtr CreateNetworkContextParams();
+
+  ProxyConfigMonitor proxy_config_monitor_;
+
+  // NetworkContext using the network service, if the network service is
+  // enabled. nullptr, otherwise.
+  network::mojom::NetworkContextPtr network_service_network_context_;
+
+  // This is a NetworkContext that wraps the IOThread's SystemURLRequestContext.
+  // Always initialized in SetUp, but it's only returned by Context() when the
+  // network service is disabled.
+  network::mojom::NetworkContextPtr io_thread_network_context_;
+
+  // URLLoaderFactory backed by the NetworkContext returned by GetContext(), so
+  // consumers don't all need to create their own factory.
+  scoped_refptr<URLLoaderFactoryForSystem> shared_url_loader_factory_;
+  network::mojom::URLLoaderFactoryPtr url_loader_factory_;
+
+  DISALLOW_COPY_AND_ASSIGN(SystemNetworkContextManager);
+};
+
+#endif  // ATOM_BROWSER_NET_SYSTEM_NETWORK_CONTEXT_MANAGER_H_

atom/browser/net/url_request_context_getter.cc

@@ -11,6 +11,7 @@
 #include "atom/browser/api/atom_api_protocol.h"
 #include "atom/browser/atom_browser_client.h"
 #include "atom/browser/atom_browser_context.h"
+#include "atom/browser/browser_process_impl.h"
 #include "atom/browser/net/about_protocol_handler.h"
 #include "atom/browser/net/asar/asar_protocol_handler.h"
 #include "atom/browser/net/atom_cert_verifier.h"
@@ -18,22 +19,18 @@
 #include "atom/browser/net/atom_url_request_job_factory.h"
 #include "atom/browser/net/http_protocol_handler.h"
 #include "atom/browser/net/require_ct_delegate.h"
+#include "atom/browser/net/system_network_context_manager.h"
 #include "base/command_line.h"
 #include "base/strings/string_util.h"
 #include "base/task_scheduler/post_task.h"
-#include "chrome/browser/net/chrome_mojo_proxy_resolver_factory.h"
 #include "chrome/common/chrome_constants.h"
-#include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "components/network_session_configurator/common/network_switches.h"
 #include "components/prefs/value_map_pref_store.h"
-#include "components/proxy_config/proxy_config_dictionary.h"
-#include "components/proxy_config/proxy_config_pref_names.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/devtools_network_transaction_factory.h"
 #include "content/public/browser/network_service_instance.h"
 #include "content/public/browser/resource_context.h"
-#include "content/public/common/content_switches.h"
 #include "net/base/host_mapping_rules.h"
 #include "net/cert/multi_log_ct_verifier.h"
 #include "net/cookies/cookie_monster.h"
@@ -43,10 +40,6 @@
 #include "net/http/http_auth_scheme.h"
 #include "net/http/http_transaction_factory.h"
 #include "net/log/net_log.h"
-#include "net/proxy_resolution/proxy_config.h"
-#include "net/proxy_resolution/proxy_config_service.h"
-#include "net/proxy_resolution/proxy_config_with_annotation.h"
-#include "net/proxy_resolution/proxy_resolution_service.h"
 #include "net/traffic_annotation/network_traffic_annotation.h"
 #include "net/url_request/data_protocol_handler.h"
 #include "net/url_request/static_http_user_agent_settings.h"
@@ -68,43 +61,6 @@ namespace atom {
 
 namespace {
 
-network::mojom::NetworkContextParamsPtr CreateDefaultNetworkContextParams(
-    const base::FilePath& base_path,
-    const std::string& user_agent,
-    bool in_memory,
-    bool use_cache,
-    int max_cache_size) {
-  network::mojom::NetworkContextParamsPtr network_context_params =
-      network::mojom::NetworkContextParams::New();
-  network_context_params->enable_brotli = true;
-  network_context_params->user_agent = user_agent;
-  network_context_params->http_cache_enabled = use_cache;
-  network_context_params->accept_language =
-      net::HttpUtil::GenerateAcceptLanguageHeader(
-          AtomBrowserClient::Get()->GetApplicationLocale());
-  network_context_params->enable_data_url_support = false;
-  network_context_params->proxy_resolver_factory =
-      ChromeMojoProxyResolverFactory::CreateWithStrongBinding().PassInterface();
-  if (!in_memory) {
-    network_context_params->http_cache_path =
-        base_path.Append(chrome::kCacheDirname);
-    network_context_params->http_cache_max_size = max_cache_size;
-    network_context_params->http_server_properties_path =
-        base_path.Append(chrome::kNetworkPersistentStateFilename);
-    network_context_params->cookie_path =
-        base_path.Append(chrome::kCookieFilename);
-    network_context_params->channel_id_path =
-        base_path.Append(chrome::kChannelIDFilename);
-    network_context_params->restore_old_session_cookies = false;
-    network_context_params->persist_session_cookies = false;
-  }
-  // TODO(deepak1556): Decide the stand on chrome ct policy and
-  // enable it.
-  // See //net/docs/certificate-transparency.md
-  // network_context_params->enforce_chrome_ct_policy = true;
-  return network_context_params;
-}
-
 void SetupAtomURLRequestJobFactory(
     content::ProtocolHandlerMap* protocol_handlers,
     net::URLRequestContext* url_request_context,
@@ -143,39 +99,6 @@ void SetupAtomURLRequestJobFactory(
 #endif
 }
 
-void ApplyProxyModeFromCommandLine(ValueMapPrefStore* pref_store) {
-  if (!pref_store)
-    return;
-
-  auto* command_line = base::CommandLine::ForCurrentProcess();
-
-  if (command_line->HasSwitch(::switches::kNoProxyServer)) {
-    pref_store->SetValue(proxy_config::prefs::kProxy,
-                         ProxyConfigDictionary::CreateDirect(),
-                         WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
-  } else if (command_line->HasSwitch(::switches::kProxyPacUrl)) {
-    std::string pac_script_url =
-        command_line->GetSwitchValueASCII(::switches::kProxyPacUrl);
-    pref_store->SetValue(proxy_config::prefs::kProxy,
-                         ProxyConfigDictionary::CreatePacScript(
-                             pac_script_url, false /* pac_mandatory */),
-                         WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
-  } else if (command_line->HasSwitch(::switches::kProxyAutoDetect)) {
-    pref_store->SetValue(proxy_config::prefs::kProxy,
-                         ProxyConfigDictionary::CreateAutoDetect(),
-                         WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
-  } else if (command_line->HasSwitch(::switches::kProxyServer)) {
-    std::string proxy_server =
-        command_line->GetSwitchValueASCII(::switches::kProxyServer);
-    std::string bypass_list =
-        command_line->GetSwitchValueASCII(::switches::kProxyBypassList);
-    pref_store->SetValue(
-        proxy_config::prefs::kProxy,
-        ProxyConfigDictionary::CreateFixedServers(proxy_server, bypass_list),
-        WriteablePrefStore::DEFAULT_PREF_WRITE_FLAGS);
-  }
-}
-
 }  // namespace
 
 class ResourceContext : public content::ResourceContext {
@@ -235,21 +158,58 @@ URLRequestContextGetter::Handle::GetNetworkContext() {
   return std::move(main_network_context_);
 }
 
+network::mojom::NetworkContextParamsPtr
+URLRequestContextGetter::Handle::CreateNetworkContextParams() {
+  network::mojom::NetworkContextParamsPtr network_context_params =
+      SystemNetworkContextManager::CreateDefaultNetworkContextParams();
+
+  network_context_params->user_agent = browser_context_->GetUserAgent();
+
+  network_context_params->http_cache_enabled =
+      browser_context_->CanUseHttpCache();
+
+  network_context_params->accept_language =
+      net::HttpUtil::GenerateAcceptLanguageHeader(
+          AtomBrowserClient::Get()->GetApplicationLocale());
+
+  network_context_params->enable_data_url_support = false;
+
+  if (!browser_context_->IsOffTheRecord()) {
+    auto base_path = browser_context_->GetPath();
+    network_context_params->http_cache_path =
+        base_path.Append(chrome::kCacheDirname);
+    network_context_params->http_cache_max_size =
+        browser_context_->GetMaxCacheSize();
+    network_context_params->http_server_properties_path =
+        base_path.Append(chrome::kNetworkPersistentStateFilename);
+    network_context_params->cookie_path =
+        base_path.Append(chrome::kCookieFilename);
+    network_context_params->channel_id_path =
+        base_path.Append(chrome::kChannelIDFilename);
+    network_context_params->restore_old_session_cookies = false;
+    network_context_params->persist_session_cookies = false;
+  }
+
+  // TODO(deepak1556): Decide the stand on chrome ct policy and
+  // enable it.
+  // See //net/docs/certificate-transparency.md
+  // network_context_params->enforce_chrome_ct_policy = true;
+  return network_context_params;
+}
+
 void URLRequestContextGetter::Handle::LazyInitialize() {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);
   if (initialized_)
     return;
 
   initialized_ = true;
-  main_network_context_params_ = CreateDefaultNetworkContextParams(
-      browser_context_->GetPath(), browser_context_->GetUserAgent(),
-      browser_context_->IsOffTheRecord(), browser_context_->CanUseHttpCache(),
-      browser_context_->GetMaxCacheSize());
+  main_network_context_params_ = CreateNetworkContextParams();
 
   browser_context_->proxy_config_monitor()->AddToNetworkContextParams(
       main_network_context_params_.get());
 
-  ApplyProxyModeFromCommandLine(browser_context_->in_memory_pref_store());
+  BrowserProcessImpl::ApplyProxyModeFromCommandLine(
+      browser_context_->in_memory_pref_store());
 
   if (!main_network_context_request_.is_pending()) {
     main_network_context_request_ = mojo::MakeRequest(&main_network_context_);

atom/browser/net/url_request_context_getter.h

@@ -60,6 +60,7 @@ class URLRequestContextGetter : public net::URLRequestContextGetter {
     content::ResourceContext* GetResourceContext();
     scoped_refptr<URLRequestContextGetter> GetMainRequestContextGetter();
     network::mojom::NetworkContextPtr GetNetworkContext();
+    network::mojom::NetworkContextParamsPtr CreateNetworkContextParams();
 
     void ShutdownOnUIThread();
 

filenames.gni

@@ -320,6 +320,8 @@ filenames = {
     "atom/browser/net/require_ct_delegate.h",
     "atom/browser/net/resolve_proxy_helper.cc",
     "atom/browser/net/resolve_proxy_helper.h",
+    "atom/browser/net/system_network_context_manager.cc",
+    "atom/browser/net/system_network_context_manager.h",
     "atom/browser/net/url_request_about_job.cc",
     "atom/browser/net/url_request_about_job.h",
     "atom/browser/net/url_request_async_asar_job.cc",