Add HTTPS upgrade checks

ios/BUILD.gn

@@ -21,6 +21,7 @@ import("//brave/ios/browser/api/debounce/headers.gni")
 import("//brave/ios/browser/api/developer_options_code/headers.gni")
 import("//brave/ios/browser/api/favicon/headers.gni")
 import("//brave/ios/browser/api/features/headers.gni")
+import("//brave/ios/browser/api/https_upgrade_exceptions/headers.gni")
 import("//brave/ios/browser/api/ipfs/headers.gni")
 import("//brave/ios/browser/api/ntp_background_images/headers.gni")
 import("//brave/ios/browser/api/opentabs/headers.gni")
@@ -92,6 +93,8 @@ brave_core_public_headers += browser_api_url_sanitizer_public_headers
 brave_core_public_headers += browser_url_sanitizer_public_headers
 brave_core_public_headers += browser_api_de_amp_public_headers
 brave_core_public_headers += browser_api_debounce_public_headers
+brave_core_public_headers +=
+    browser_api_https_upgrade_exceptions_service_public_headers
 brave_core_public_headers += browser_debounce_public_headers
 brave_core_public_headers += brave_stats_public_headers
 brave_core_public_headers += brave_wallet_public_headers

ios/app/BUILD.gn

@@ -49,6 +49,7 @@ source_set("app") {
     "//brave/ios/browser/api/brave_wallet:wallet_mojom_wrappers",
     "//brave/ios/browser/api/de_amp",
     "//brave/ios/browser/api/history",
+    "//brave/ios/browser/api/https_upgrade_exceptions",
     "//brave/ios/browser/api/ipfs",
     "//brave/ios/browser/api/ntp_background_images",
     "//brave/ios/browser/api/opentabs",

ios/app/brave_core_main.h

@@ -26,6 +26,7 @@
 @class NTPBackgroundImagesService;
 @class DeAmpPrefs;
 @class AIChat;
+@class HTTPSUpgradeExceptionsService;
 @protocol AIChatDelegate;
 @protocol IpfsAPI;
 
@@ -65,6 +66,9 @@ OBJC_EXPORT
 
 @property(nonatomic, readonly) WebImageDownloader* webImageDownloader;
 
+@property(nonatomic, readonly)
+    HTTPSUpgradeExceptionsService* httpsUpgradeExceptionsService;
+
 /// Sets the global log handler for Chromium & BraveCore logs.
 ///
 /// When a custom log handler is set, it is the responsibility of the client

ios/app/brave_core_main.mm

@@ -34,6 +34,7 @@
 #include "brave/ios/browser/api/brave_wallet/brave_wallet_api+private.h"
 #include "brave/ios/browser/api/de_amp/de_amp_prefs+private.h"
 #include "brave/ios/browser/api/history/brave_history_api+private.h"
+#include "brave/ios/browser/api/https_upgrade_exceptions/https_upgrade_exceptions_service+private.h"
 #include "brave/ios/browser/api/ipfs/ipfs_api+private.h"
 #include "brave/ios/browser/api/ntp_background_images/ntp_background_images_service_ios+private.h"
 #include "brave/ios/browser/api/opentabs/brave_opentabs_api+private.h"
@@ -126,6 +127,8 @@ @interface BraveCoreMain () {
 @property(nonatomic) BraveP3AUtils* p3aUtils;
 @property(nonatomic) DeAmpPrefs* deAmpPrefs;
 @property(nonatomic) NTPBackgroundImagesService* backgroundImagesService;
+@property(nonatomic)
+    HTTPSUpgradeExceptionsService* httpsUpgradeExceptionsService;
 @end
 
 @implementation BraveCoreMain
@@ -471,6 +474,14 @@ - (BraveWalletAPI*)braveWalletAPI {
   return _braveWalletAPI;
 }
 
+- (HTTPSUpgradeExceptionsService*)httpsUpgradeExceptionsService {
+  if (!_httpsUpgradeExceptionsService) {
+    _httpsUpgradeExceptionsService =
+        [[HTTPSUpgradeExceptionsService alloc] init];
+  }
+  return _httpsUpgradeExceptionsService;
+}
+
 - (BraveStats*)braveStats {
   return [[BraveStats alloc] initWithBrowserState:_mainBrowserState];
 }

ios/brave-ios/App/iOS/Delegates/AppState.swift

@@ -206,6 +206,7 @@ public class AppState {
       (IPFSSchemeHandler.path, IPFSSchemeHandler()),
       (Web3DomainHandler.path, Web3DomainHandler()),
       (BlockedDomainHandler.path, BlockedDomainHandler()),
+      (HTTPBlockedHandler.path, HTTPBlockedHandler()),
     ]
 
     responders.forEach { (path, responder) in

ios/brave-ios/Package.swift

@@ -469,6 +469,7 @@ var braveTarget: PackageDescription.Target = .target(
     .copy("Assets/Fonts/NewYorkMedium-Regular.otf"),
     .copy("Assets/Fonts/NewYorkMedium-RegularItalic.otf"),
     .copy("Assets/Interstitial Pages/Pages/BlockedDomain.html"),
+    .copy("Assets/Interstitial Pages/Pages/HTTPBlocked.html"),
     .copy("Assets/Interstitial Pages/Pages/CertificateError.html"),
     .copy("Assets/Interstitial Pages/Pages/GenericError.html"),
     .copy("Assets/Interstitial Pages/Pages/NetworkError.html"),

ios/brave-ios/Sources/Brave/Assets/Interstitial Pages/Pages/HTTPBlocked.html

@@ -0,0 +1,52 @@
+<!DOCTYPE html>
+<!-- Copyright 2024 The Brave Authors. All rights reserved.
+  -- This Source Code Form is subject to the terms of the Mozilla Public
+  -- License, v. 2.0. If a copy of the MPL was not distributed with this
+  -- file, You can obtain one at https://mozilla.org/MPL/2.0/.
+  -->
+
+<html lang="en">
+  <head>
+      <meta name='viewport' content='initial-scale=1, maximum-scale=1, viewport-fit=cover'>
+      <meta name="referrer" content="no-referrer">
+      <title>%page_title%</title>
+      <link rel="stylesheet" href="internal://local/interstitial-style/BlockedDomain.css">
+  </head>
+
+  <body dir="&locale.dir;" class="background content">
+    <div class="container post">
+      <img src="internal://local/interstitial-icon/warning-triangle-outline.svg" alt="Icon" class="icon">
+      </img>
+      <h1>%blocked_title%</h1>
+      <p class="description">
+        %blocked_description%
+        <a href="https://support.brave.com/hc/en-us/articles/15513090104717-Strict-HTTPS-Upgrade-Mode-in-Brave-Browser" target="_blank" rel="noopener">
+          %learn_more%
+        </a>
+      </p>
+      <div class="actions">
+        <button id="proceed-action" class="main-action">%proceed_action%</button>
+        <button id="go-back-action" class="secondary-action">%go_back_action%</button>
+      </div>
+    </div>
+
+    <script>
+      (() => {
+        const sendAction = (action) => {
+          webkit.messageHandlers["%message_handler%"].postMessage({
+            "securityToken": "%security_token%",
+            "action": action
+          })
+        }
+
+        document.getElementById('proceed-action').onclick = () => {
+          sendAction('didProceed')
+        }
+
+        document.getElementById('go-back-action').onclick = () => {
+          sendAction('didGoBack')
+        }
+      })()
+    </script>
+  </body>
+</html>

ios/brave-ios/Sources/Brave/Frontend/Browser/BrowserViewController/BVC+WKNavigationDelegate.swift

@@ -59,6 +59,8 @@ extension UTType {
 
 // MARK: WKNavigationDelegate
 extension BrowserViewController: WKNavigationDelegate {
+  private static let log = Logger(subsystem: Bundle.main.bundleIdentifier!, category: "navigation")
+
   public func webView(_ webView: WKWebView, didStartProvisionalNavigation navigation: WKNavigation!)
   {
     if tabManager.selectedTab?.webView !== webView {
@@ -314,8 +316,8 @@ extension BrowserViewController: WKNavigationDelegate {
         tab.loadRequest(modifiedRequest)
 
         if let url = modifiedRequest.url {
-          ContentBlockerManager.log.debug(
-            "Redirected user to `\(url.absoluteString, privacy: .private)`"
+          Self.log.debug(
+            "Redirected to `\(url.absoluteString, privacy: .private)`"
           )
         }
 
@@ -606,6 +608,26 @@ extension BrowserViewController: WKNavigationDelegate {
     let response = navigationResponse.response
     let responseURL = response.url
     let tab = tab(for: webView)
+    let isInvalid: Bool
+    if let httpResponse = response as? HTTPURLResponse {
+      isInvalid = httpResponse.statusCode >= 400
+    } else {
+      isInvalid = true
+    }
+
+    // Handle invalid upgrade to https
+    if isInvalid,
+      navigationResponse.isForMainFrame,
+      let responseURL = responseURL,
+      let tab = tab,
+      let originalResponse = handleInvalidHTTPSUpgrade(
+        tab: tab,
+        responseURL: responseURL
+      )
+    {
+      tab.loadRequest(originalResponse)
+      return .cancel
+    }
 
     // Store the response in the tab
     if let responseURL = responseURL {
@@ -1001,6 +1023,17 @@ extension BrowserViewController: WKNavigationDelegate {
   ) {
     guard let tab = tab(for: webView) else { return }
 
+    // Handle invalid upgrade to https
+    if let responseURL = webView.url,
+      let response = handleInvalidHTTPSUpgrade(
+        tab: tab,
+        responseURL: responseURL
+      )
+    {
+      tab.loadRequest(response)
+      return
+    }
+
     // Ignore the "Frame load interrupted" error that is triggered when we cancel a request
     // to open an external application and hand it over to UIApplication.openURL(). The result
     // will be that we switch to the external app, for example the app store, while keeping the
@@ -1708,16 +1741,74 @@ extension BrowserViewController: WKUIDelegate {
           modifiedRequest.setValue(headerValue, forHTTPHeaderField: headerKey)
         }
 
+        Self.log.debug(
+          "Debouncing `\(requestURL.absoluteString)`"
+        )
+
         return modifiedRequest
       }
     }
 
     // Handle query param stripping
-    return navigationAction.request.stripQueryParams(
+    if let request = navigationAction.request.stripQueryParams(
       initiatorURL: tab.committedURL,
       redirectSourceURL: tab.redirectSourceURL,
       isInternalRedirect: tab.isInternalRedirect
-    )
+    ) {
+      Self.log.debug(
+        "Stripping query params for `\(requestURL.absoluteString)`"
+      )
+      return request
+    }
+
+    // Attempt to upgrade to HTTPS
+    if ShieldPreferences.httpsUpgradeLevel.isEnabled,
+      let upgradedURL = braveCore.httpsUpgradeExceptionsService.upgradeToHTTPS(for: requestURL)
+    {
+      Self.log.debug(
+        "Upgrading `\(requestURL.absoluteString)` to HTTPS"
+      )
+
+      tab.upgradedHTTPSRequest = navigationAction.request
+      var request = navigationAction.request
+      request.url = upgradedURL
+      return request
+    }
+
+    return nil
+  }
+
+  /// Upon an invalid response, check that we need to roll back any HTTPS upgrade
+  /// or show the interstitial page
+  private func handleInvalidHTTPSUpgrade(tab: Tab, responseURL: URL) -> URLRequest? {
+    // Handle invalid upgrade to https
+    guard responseURL.scheme == "https",
+      let originalRequest = tab.upgradedHTTPSRequest,
+      let originalURL = originalRequest.url,
+      responseURL.baseDomain == originalURL.baseDomain
+    else {
+      braveCore.httpsUpgradeExceptionsService.addException(for: responseURL)
+      return nil
+    }
+
+    if ShieldPreferences.httpsUpgradeLevel.isStrict,
+      let url = originalURL.encodeEmbeddedInternalURL(for: .httpBlocked)
+    {
+      Self.log.debug(
+        "Show http blocked interstitial for `\(originalURL.absoluteString)`"
+      )
+
+      let request = PrivilegedRequest(url: url) as URLRequest
+      return request
+    } else {
+      Self.log.debug(
+        "Revert HTTPS upgrade for `\(originalURL.absoluteString)`"
+      )
+
+      tab.upgradedHTTPSRequest = nil
+      braveCore.httpsUpgradeExceptionsService.addException(for: originalURL)
+      return originalRequest
+    }
   }
 }
 

ios/brave-ios/Sources/Brave/Frontend/Browser/BrowserViewController/BrowserViewController.swift

@@ -502,6 +502,7 @@ public class BrowserViewController: UIViewController {
     Preferences.Playlist.syncSharedFoldersAutomatically.observe(from: self)
     Preferences.NewTabPage.backgroundSponsoredImages.observe(from: self)
     ShieldPreferences.blockAdsAndTrackingLevelRaw.observe(from: self)
+    ShieldPreferences.httpsUpgradeLevelRaw.observe(from: self)
     Preferences.Privacy.screenTimeEnabled.observe(from: self)
 
     pageZoomListener = NotificationCenter.default.addObserver(
@@ -2658,6 +2659,7 @@ extension BrowserViewController: TabDelegate {
       ErrorPageHelper(certStore: profile.certStore),
       SessionRestoreScriptHandler(tab: tab),
       BlockedDomainScriptHandler(tab: tab),
+      HTTPBlockedScriptHandler(tab: tab, exceptionService: braveCore.httpsUpgradeExceptionsService),
       PrintScriptHandler(browserController: self, tab: tab),
       CustomSearchScriptHandler(tab: tab),
       NightModeScriptHandler(tab: tab),
@@ -3313,7 +3315,7 @@ extension BrowserViewController: PreferencesObserver {
             ?? Preferences.General.defaultPageZoomLevel.value
         $0.webView?.setValue(zoomLevel, forKey: PageZoomHandler.propertyName)
       })
-    case Preferences.Shields.httpsEverywhere.key:
+    case ShieldPreferences.httpsUpgradeLevelRaw.key:
       tabManager.reset()
       tabManager.reloadSelectedTab()
     case Preferences.Privacy.blockAllCookies.key,

ios/brave-ios/Sources/Brave/Frontend/Browser/Handlers/HTTPBlockedHandler.swift

@@ -0,0 +1,72 @@
+// Copyright 2024 The Brave Authors. All rights reserved.
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+import BraveShared
+import BraveShields
+import Foundation
+import Shared
+import WebKit
+
+public class HTTPBlockedHandler: InternalSchemeResponse {
+  public static let path = InternalURL.Path.httpBlocked.rawValue
+
+  public init() {}
+
+  public func response(forRequest request: URLRequest) -> (URLResponse, Data)? {
+    guard let url = request.url, let internalURL = InternalURL(url),
+      let originalURL = internalURL.extractedUrlParam
+    else { return nil }
+    let response = InternalSchemeHandler.response(forUrl: internalURL.url)
+
+    guard let asset = Bundle.module.path(forResource: "HTTPBlocked", ofType: "html") else {
+      assert(false)
+      return nil
+    }
+
+    var html = try? String(contentsOfFile: asset)
+      .replacingOccurrences(
+        of: "%page_title%",
+        with: Strings.Shields.siteIsNotSecure
+      )
+      .replacingOccurrences(
+        of: "%blocked_title%",
+        with: String.localizedStringWithFormat(
+          Strings.Shields.theConnectionIsNotSecure,
+          "<tt>\(originalURL.domainURL.absoluteDisplayString)</tt>"
+        )
+      )
+      .replacingOccurrences(
+        of: "%blocked_description%",
+        with: Strings.Shields.httpBlockedDescription
+      )
+      .replacingOccurrences(
+        of: "%learn_more%",
+        with: Strings.learnMore
+      )
+      .replacingOccurrences(
+        of: "%proceed_action%",
+        with: Strings.Shields.domainBlockedProceedAction
+      )
+      .replacingOccurrences(of: "%go_back_action%", with: Strings.Shields.domainBlockedGoBackAction)
+      .replacingOccurrences(
+        of: "%message_handler%",
+        with: HTTPBlockedScriptHandler.messageHandlerName
+      )
+      .replacingOccurrences(of: "%security_token%", with: UserScriptManager.securityToken)
+
+    if #available(iOS 16.0, *) {
+      html = html?.replacingOccurrences(
+        of: "<html lang=\"en\">",
+        with: "<html lang=\"\(Locale.current.language.minimalIdentifier)\">"
+      )
+    }
+
+    guard let data = html?.data(using: .utf8) else {
+      return nil
+    }
+
+    return (response, data)
+  }
+}