From 530ab6af8279f1916fbd686e715afdcf1e3906d1 Mon Sep 17 00:00:00 2001
From: John Kleinschmidt <kleinschmidtorama@gmail.com>
Date: Thu, 4 Dec 2025 09:01:09 -0500
Subject: [PATCH] chore: Revert "Enable network sandbox by default on Windows"

see if this fixes the Windows sandbox issue
---
 patches/chromium/.patches                     |  1 +
 ...etwork_sandbox_by_default_on_windows.patch | 52 +++++++++++++++++++
 2 files changed, 53 insertions(+)
 create mode 100644 patches/chromium/revert_enable_network_sandbox_by_default_on_windows.patch

diff --git a/patches/chromium/.patches b/patches/chromium/.patches
index 5881ab1840..40228b1e7d 100644
--- a/patches/chromium/.patches
+++ b/patches/chromium/.patches
@@ -142,3 +142,4 @@ expose_referrerscriptinfo_hostdefinedoptionsindex.patch
 chore_disable_protocol_handler_dcheck.patch
 fix_check_for_file_existence_before_setting_mtime.patch
 fix_linux_tray_id.patch
+revert_enable_network_sandbox_by_default_on_windows.patch
diff --git a/patches/chromium/revert_enable_network_sandbox_by_default_on_windows.patch b/patches/chromium/revert_enable_network_sandbox_by_default_on_windows.patch
new file mode 100644
index 0000000000..ff49f92a81
--- /dev/null
+++ b/patches/chromium/revert_enable_network_sandbox_by_default_on_windows.patch
@@ -0,0 +1,52 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: John Kleinschmidt <kleinschmidtorama@gmail.com>
+Date: Thu, 4 Dec 2025 08:55:45 -0500
+Subject: Revert "Enable network sandbox by default on Windows"
+
+This reverts commit c6bd7f09744da20cbba08c7ffe86537885f4353d.
+
+diff --git a/sandbox/policy/features.cc b/sandbox/policy/features.cc
+index bd1e82c4116ed9550205752ba6f2735c36822f24..93b814e8e44f2dc62c18e248f9984097ee539350 100644
+--- a/sandbox/policy/features.cc
++++ b/sandbox/policy/features.cc
+@@ -17,13 +17,7 @@ namespace sandbox::policy::features {
+ #if !BUILDFLAG(IS_MAC) && !BUILDFLAG(IS_FUCHSIA)
+ // Enables network service sandbox.
+ // (Only causes an effect when feature kNetworkServiceInProcess is disabled.)
+-BASE_FEATURE(kNetworkServiceSandbox,
+-#if BUILDFLAG(IS_WIN)
+-             base::FEATURE_ENABLED_BY_DEFAULT
+-#else
+-             base::FEATURE_DISABLED_BY_DEFAULT
+-#endif  // BUILDFLAG(IS_WIN)
+-);
++BASE_FEATURE(kNetworkServiceSandbox, base::FEATURE_DISABLED_BY_DEFAULT);
+ 
+ #if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+ // Enables a fine-grained seccomp-BPF syscall filter for the network service.
+diff --git a/testing/variations/fieldtrial_testing_config.json b/testing/variations/fieldtrial_testing_config.json
+index f1fffffa9ea746dc6a403ce5e2e429de57dc1a8a..59d8c855a0984db2f6c20cf406405695f9fdce3b 100644
+--- a/testing/variations/fieldtrial_testing_config.json
++++ b/testing/variations/fieldtrial_testing_config.json
+@@ -16431,6 +16431,21 @@
+             ]
+         }
+     ],
++    "NetworkServiceSandboxWindows": [
++        {
++            "platforms": [
++                "windows"
++            ],
++            "experiments": [
++                {
++                    "name": "Enabled_20231025",
++                    "enable_features": [
++                        "NetworkServiceSandbox"
++                    ]
++                }
++            ]
++        }
++    ],
+     "NetworkServiceTaskScheduler2": [
+         {
+             "platforms": [