Add HTTPS upgrade checks

[cuba]

Resolves brave/brave-browser#36408

Security review: https://github.com/brave/reviews/issues/1593

Submitter Checklist:

• I confirm that no security/privacy review is needed and no other type of reviews are needed, or that I have requested them
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally:
  • npm run test -- brave_browser_tests, npm run test -- brave_unit_tests wiki
  • npm run presubmit wiki, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

1. Check that http://example.com upgrades correctly. Back and forth navigation buttons work as expected
2. Check that some made up website (ex: http://jfdskllfsjlks.com) does not upgrade. Back and forth buttons work as expected.
3. Check the links on the following page are upgraded: https://shivankaul.com/brave/https-upgrades/embedded_link.html

Note: I don't know of any sites that do exist in http but not in https. If you are able to come across one please test it.

[Brandon-T]

Are you sure about this >= 400 check? What happens if the response is a 000?

[cuba]

I think so:

brave-core/chromium_src/chrome/browser/ssl/https_upgrades_interceptor.cc

Line 44 in c4daecc

if (headers && headers->response_code() >= 400) { \

[Brandon-T]

Needs a manual sec review for secure icon state when upgrading from http to https: brave/brave-browser#36951 (comment).

[github-actions]

[puLL-Merge] - brave/brave-core@23029

Description

This PR adds support for the HTTPS Upgrades feature in Brave iOS. It allows upgrading HTTP connections to HTTPS and blocking HTTP connections that can't be upgraded, with a user-facing setting to control the behavior.

Changes

Changes

• ios/BUILD.gn, ios/app/BUILD.gn, ios/brave-ios/Package.swift: Added new files and targets related to HTTPS upgrades
• ios/app/brave_core_main.h, ios/app/brave_core_main.mm: Added HTTPSUpgradeExceptionsService to BraveCoreMain
• ios/brave-ios/App/iOS/Delegates/AppState.swift: Registered HTTPBlockedHandler to handle HTTP blocked interstitial page
• ios/brave-ios/Sources/Brave/Assets/Interstitial Pages/Pages/HTTPBlocked.html: Added interstitial page HTML for HTTP blocked connections
• ios/brave-ios/Sources/Brave/Frontend/Browser/BrowserViewController/*: Added logic to upgrade HTTP connections, handle exceptions, and show interstitial
• ios/brave-ios/Sources/BraveShared/Extensions/URLExtensions.swift, ios/brave-ios/Sources/Shared/Extensions/URLExtensions.swift: Added methods related to HTTP blocked page URLs
• ios/brave-ios/Sources/BraveShields/*: Added HTTPSUpgradeLevel enum and related strings/prefs for HTTPS upgrades setting
• ios/browser/api/https_upgrade_exceptions/*, ios/browser/application_context/*: Added HTTPSUpgradeExceptionsService to handle upgrade exceptions

Security Hotspots

1. Carefully review the logic for upgrading HTTP to HTTPS and allowing exceptions, to avoid bypassing the security benefits
2. Ensure the HTTP blocked interstitial page does not introduce any XSS or HTML injection vulnerabilities
3. Verify that the HTTPSUpgradeExceptionsService is storing exceptions securely and not leaking any cross-site information

Overall this is a security-enhancing feature, but the implementation should be audited to ensure it does not introduce any new vulnerabilities around SSL/HTTPS. The core logic around upgrading and allowing exceptions is the key area to focus on.