Content-Length: 302674 | pFad | https://github.com/brave/brave-browser/issues/40634

54 HTTPS By Default feature doesn't have functional feature flags · Issue #40634 · brave/brave-browser · GitHub
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTPS By Default feature doesn't have functional feature flags #40634

Closed
2 of 5 tasks
ShivanKaul opened this issue Aug 23, 2024 · 3 comments · Fixed by brave/brave-core#25263
Closed
2 of 5 tasks

HTTPS By Default feature doesn't have functional feature flags #40634

ShivanKaul opened this issue Aug 23, 2024 · 3 comments · Fixed by brave/brave-core#25263
Labels
OS/iOS Fixes related to iOS browser functionality privacy/https-upgrades Issues related to HTTPS Upgrades feature QA Pass - iPad QA Pass - iPhone QA/Test-All-Platforms QA/Yes release-notes/include
Milestone
1.68.x - Release #8

Comments

@ShivanKaul
Copy link
Collaborator

ShivanKaul commented Aug 23, 2024
edited
Loading

Description

We shipped HTTPS By Default in 1.68 (PRs: main feature, strict mode and interstitial), but the feature flags don't actually wrap around the functionality, which means we can't roll the feature out or back via Griffin. Additionally, we want a flag around the non-default Strict mode, since that proved to be tricky from a state point-of-view.

These are the flags we want:

  1. One flag for the overall HTTPS By Default feature: if it’s ON then we try to upgrade all websites to HTTPS by default (and use the exception list to not try certain websites) with a silent fallback to HTTP, and an optional Strict mode to show the interstitial if there’s a fallback. If this flag is OFF, we go back to old WebKit-controlled HTTPS upgrades. Default: ON.
  2. Another flag that’s conditional on 1 being ON: only controls whether the user can select Strict mode or not. If this flag is OFF, the 3 way option (Standard, Strict, Disabled) becomes a boolean toggle i.e. no Strict mode possible. If a user enabled Strict mode, and then we disable it via Griffin, it should fall back to Standard mode but preserve the pref so when we enable it again they will automatically get Strict mode. Default: ON.

These should be accessible via brave://flags.

Steps to reproduce

  1. Go to brave://flags
  2. Check presence of flags above (exact names TBD)
  3. Check behaviour

Actual result

  1. Second flag doesn't exist
  2. First flag is incomplete i.e. doesn't disable the feature

Expected result

See issue description.

To check if first flag is functioning as expected, you should see a 3-way toggle for HTTPS Upgrades in Settings: Standard (default), Strict, and Disabled which should function as expected. See #36408 for QA steps. http://http.badssl.com/ is an example of a site that will get an interstitial in Strict mode but nothing will happen if not Strict mode.

To check if second flag is functioning, the HTTPS Upgrades setting should be a boolean. You shouldn't see a Strict mode interstitial when an HTTPS upgrade fails. Test site: http://http.badssl.com/ should not get an interstitial.

Reproduces how often

Easily reproduced

Brave version

1.68. This needs to be uplifted.

Device/iOS version

Any

Affected browser versions

  • latest AppStore
  • latest TestFlight
  • previous TestFlight

Reproducibility

  • with Brave Shields disabled
  • in the latest version of mobile Safari

Miscellaneous information

No response
@ShivanKaul ShivanKaul added the OS/iOS Fixes related to iOS browser functionality label Aug 23, 2024
@ShivanKaul ShivanKaul mentioned this issue Aug 23, 2024
Merged
24 tasks
@brave-builds brave-builds added this to the 1.71.x - Nightly milestone Aug 23, 2024
This was referenced Aug 23, 2024
Merged
Merged
@kylehickinson kylehickinson mentioned this issue Aug 23, 2024
Merged
7 tasks
@kjozwiak
Copy link
Member

The above requires 1.68.145 or higher for 1.68.x verification 👍

@Uni-verse
Copy link
Contributor

Uni-verse commented Aug 26, 2024
edited
Loading

Verification PASSED on iPhone 12 running iOS 17.5.1 using version 1.68.1 (145)

Case: brave://flags#https-only-mode enabled (default mode)

  • ensured that brave://flags#https-only-mode is set as enabled by default on a clean/new install
  • ensured Upgrade Connections to HTTPS is set as Standard as the default
Example Example
IMG_7121 IMG_7122

While both brave://flags#https-by-default & brave://flags#https-only-mode are enabled, went through the STR/Cases outlined via #36408 (comment) as per the following:

Test interstitial

Example Example Example
IMG_7123 IMG_7124 IMG_7125

Test Upgrading

Example Example Example
IMG_7124 IMG_7127 IMG_7128

Case - brave://flags#https-only-mode disabled

  • disabled brave://flags#https-only-mode via brave://flags after installing 1.71.29 Chromium: 128.0.6613.85
  • restart the browser once the brave://flag has been changed
  • once disabled, ensured that Upgrade Connections to HTTPS is set as a boolean toggle (enabled/disabled)
  • visited http://http.badssl.com and ensured that a interstitial page re: HTTP upgrade is NOT being displayed
Example Example Example Example
IMG_7129 IMG_7130 IMG_7131 IMG_7132

Case - brave://flags#https-by-default disabled

  • disabled brave://flags#https-by-default via brave://flags after installing 1.71.29 Chromium: 128.0.6613.85
  • restart the browser once the brave://flag has been changed
  • ensured that Upgrade Connections to HTTPS is set as a boolean toggle (enabled/disabled)
    • brave://flags#https-only-mode is also being disabled when brave://flags#https-by-default has been disabled
  • visited http://http.badssl.com and ensured that a interstitial page re: HTTP upgrade is NOT being displayed
  • ensured that http://brave.com --> https://brave.com
  • ensured that http://google.com --> https://google.com
  • ensured that http://facebook.com --> https://m.facebook.com
  • ensured that http://reddit.com --> https://reddit.com
Example Example
IMG_7134 IMG_7135

Case - brave://flags#https-only-mode being disabled but user has Strict selected

  • installed 1.71.29 Chromium: 128.0.6613.85
  • set Upgrade Connections to HTTPS as Strict via Settings
  • disabled brave://flags#https-only-mode via brave://flags and restarted the browser
  • ensured that the Upgrade Connections to HTTPS setting is now set as a boolean without Strict mode
  • visited http://http.badssl.com and ensured that the interstitial page re: HTTP upgrade is NOT being displayed
  • enabled brave://flags#https-only-mode via brave://flags and restarted the browser
  • ensured that Upgrade Connections to HTTPS is now a drop down and Strict is being selected (users previous choice)
  • visited http://http.badssl.com and ensured that the interstitial page is being used/displayed

@kjozwiak
Copy link
Member

Verification PASSED on iPad Air (3rd Gen) running iOS 17.6.1 via the following build(s):

Brave | 1.68.145 Chromium: 127.0.6533.120 (Official Build) stable (64-bit)
--- | ---
Revision | 86ed911e4b4765d7d8b5a700639d49cb5f1ecaa0
OS | iOS

Test Case #1 - brave://flags#https-only-mode enabled (default mode)

  • ensured that brave://flags#https-only-mode is set as enabled by default on a clean/new install
  • ensured Upgrade Connections to HTTPS is set as Standard as the default
Example Example
IMG_0443 IMG_0444

While both brave://flags#https-by-default & brave://flags#https-only-mode are enabled, went through the STR/Cases outlined via #36408 (comment) as per the following:

Test interstitial

Example Example Example Example Example
IMG_0445 IMG_0446 IMG_0447 IMG_0448 IMG_0449

Test upgrading

Example Example Example Example Example
IMG_0450 IMG_0451 IMG_0452 IMG_0453 IMG_0454

Test Case #2 - brave://flags#https-only-mode disabled

  • disabled brave://flags#https-only-mode via brave://flags after installing 1.68.145 Chromium: 127.0.6533.120
  • restart the browser once the brave://flag has been changed
  • once disabled, ensured that Upgrade Connections to HTTPS is set as a boolean toggle (enabled/disabled)
  • visited http://http.badssl.com and ensured that a interstitial page re: HTTP upgrade is NOT being displayed
Example Example Example
IMG_0455 IMG_0456 IMG_0457

Test Case #3 - brave://flags#https-by-default disabled

  • disabled brave://flags#https-by-default via brave://flags after installing 1.68.145 Chromium: 127.0.6533.120
  • restart the browser once the brave://flag has been changed
  • ensured that Upgrade Connections to HTTPS is set as a boolean toggle (enabled/disabled)
    • brave://flags#https-only-mode is also being disabled when brave://flags#https-by-default has been disabled
  • visited http://http.badssl.com and ensured that a interstitial page re: HTTP upgrade is NOT being displayed
  • ensured that http://brave.com --> https://brave.com
  • ensured that http://google.com --> https://google.com
  • ensured that http://facebook.com --> https://m.facebook.com
  • ensured that http://reddit.com --> https://reddit.com
Example Example Example
IMG_0458 IMG_0459 IMG_0460

Test Case #4 - brave://flags#https-only-mode being disabled but user has Strict selected

  • installed 1.68.145 Chromium: 127.0.6533.120
  • set Upgrade Connections to HTTPS as Strict via Settings
  • disabled brave://flags#https-only-mode via brave://flags and restarted the browser
  • ensured that the Upgrade Connections to HTTPS setting is now set as a boolean without Strict mode
  • visited http://http.badssl.com and ensured that the interstitial page re: HTTP upgrade is NOT being displayed
  • enabled brave://flags#https-only-mode via brave://flags and restarted the browser
  • ensured that Upgrade Connections to HTTPS is now a drop down and Strict is being selected (users previous choice)
  • visited http://http.badssl.com and ensured that the interstitial page is being used/displayed

Video of the above verification on iPad --> https://youtu.be/OpyddBk0zs8

@Uni-verse Uni-verse mentioned this issue Sep 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
OS/iOS Fixes related to iOS browser functionality privacy/https-upgrades Issues related to HTTPS Upgrades feature QA Pass - iPad QA Pass - iPhone QA/Test-All-Platforms QA/Yes release-notes/include
Projects
None yet
Milestone
1.68.x - Release #8
Development

Successfully merging a pull request may close this issue.

[iOS] Wrap HTTPS-by-default logic around feature flags brave/brave-core
4 participants
@kjozwiak @ShivanKaul @Uni-verse @brave-builds








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: https://github.com/brave/brave-browser/issues/40634

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy