Roll out HttpsByDefault to 50% of Nightly desktop users

[arthuredelstein]

No description provided.

[kjozwiak]

Approving & Merging so this can checked/verified on staging before uplifting #523.

[kjozwiak]

Desktop verifications on Nightly

Win 11 x64 Test Cases

BraveHttpsByDefaultRolloutStudy:Enabled

Verification PASSED on Win 11 x64 using the following build(s):

Brave | 1.50.62 Chromium: 111.0.5563.33 (Official Build) nightly (64-bit)
-- | --
Revision | 19bd6d0186b7912604e18191826dab9d1df00e2e-refs/branch-heads/5563@{#557}
OS | Windows 11 Version 22H2 (Build 22621.1265)

• launched 1.50.62 Chromium: 111.0.5563.33 using the terminal/CLI switch
  • brave.exe --enable-logging=stderr --variations-server-url=https://variations.bravesoftware.com/seed
• ensured that BraveHttpsByDefaultRolloutStudy wasn't being displayed via brave://version
• restarted the browser and ensured that BraveHttpsByDefaultRolloutStudy:Enabled via brave://version
• ensured that the new HTTPS drop down context menu via the shields panel was added with the following choices
  • Only connect with HTTPS, Upgrade connections to HTTPS (Defualt) and Don't upgrade HTTP connections
• ensured that the new HTTPS settings are being added via brave://settings/shields with the following choices:
  • Strict, Standard and Disabled

Example	Example	Example	Example	Example	Example

BraveHttpsByDefaultRolloutStudy:Enabled - Shields Panel (Upgrade connections to HTTPS)

Using the STR/Cases mentioned via brave/brave-browser#27141 (comment), went through the following:

• using the STR/Cases mentioned above, ensure that you're part of BraveHttpsByDefaultRolloutStudy:Enabled
• ensured that Upgrade connections to HTTPS is selected as the default (if the user hasn't changed anything)
  • ensured that http://insecure.arthuredelstein.net loads without any issues
  • ensured that http://http.badssl.com loads without any issues
  • ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)

Example	Example	Example

BraveHttpsByDefaultRolloutStudy:Enabled - Shields Panel (Only connect with HTTPS)

• using the STR/Cases mentioned above, ensure that you're part of BraveHttpsByDefaultRolloutStudy:Enabled
• visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that Only connect with HTTPS is selected via the shields panel
  • ensure that http://insecure.arthuredelstein.net displays The connection to insecure.arthuredelstein.net is not secure
    • ensure that Continue to site loads http://insecure.arthuredelstein.net without any issues
    • ensured that http://insecure.arthuredelstein.net loads without any issues after several restarts once Continue is selected
    • ensured that you Turn on warnings works as expected via the Not Secure drop down
  • ensure that http://http.badssl.com displays The connection to http.badssl.com is not secure
    • ensure that Continue to site loads http://http.badssl.com without any issues
    • ensured that http://http.badssl.com loads without any issues after several restarts once Continue is selected
    • ensured that you Turn on warnings works as expected via the Not Secure drop down
  • ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)

Example	Example	Example	Example	Example	Example	Example

BraveHttpsByDefaultRolloutStudy:Enabled - Shields Panel (Don't upgrade HTTP connections)

• using the STR/Cases mentioned above, ensure that you're part of BraveHttpsByDefaultRolloutStudy:Enabled
• visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that Don't upgrade HTTP connections is selected via the shields panel
  • ensure that http://insecure.arthuredelstein.net loads without any issues
  • ensure that http://http.badssl.com loads without any issues
  • ensured that http://upgradable.arthuredelstein.net doesn't upgrade to HTTPS (make sure website loads without issues)
    • basically ensuring that https://upgradable.arthuredelstein.net doesn't load

Example	Example	Example

BraveHttpsByDefaultRolloutStudy:Enabled - brave://settings/shields (Standard)

Quick QA note: Standard -> Upgrade connections to HTTPS

Using the STR/Cases mentioned via brave/brave-browser#27141 (comment), went through the following:

Basically verified via the Shields Panel (Upgrade connections to HTTPS) section as that's the default case when installing Brave.

BraveHttpsByDefaultRolloutStudy:Enabled - brave://settings/shields (Strict)

Quick QA note: Strict -> Only connect with HTTPS

• using the STR/Cases mentioned above, ensure that you're part of BraveHttpsByDefaultRolloutStudy:Enabled
• Update Upgrade connections to HTTPS via brave://settings/shields from Standard -> Strict
• visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that Only connect with HTTPS is selected via the shields panel
  • ensure that http://insecure.arthuredelstein.net displays The connection to insecure.arthuredelstein.net is not secure
    • ensure that Continue to site loads http://insecure.arthuredelstein.net without any issues
    • ensured that http://insecure.arthuredelstein.net loads without any issues after several restarts once Continue is selected
    • ensured that you Turn on warnings works as expected via the Not Secure drop down
  • ensure that http://http.badssl.com displays The connection to http.badssl.com is not secure
    • ensure that Continue to site loads http://http.badssl.com without any issues
    • ensured that http://http.badssl.com loads without any issues after several restarts once Continue is selected
    • ensured that you Turn on warnings works as expected via the Not Secure drop down
  • ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)

Example	Example	Example	Example	Example	Example

BraveHttpsByDefaultRolloutStudy:Enabled - brave://settings/shields (Strict)

Quick QA note: Disabled -> Don't upgrade HTTP connections

• using the STR/Cases mentioned above, ensure that you're part of BraveHttpsByDefaultRolloutStudy:Enabled
• Update Upgrade connections to HTTPS via brave://settings/shields from Standard -> Disabled
• visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that Don't upgrade HTTP connections is selected via the shields panel
  • ensure that http://insecure.arthuredelstein.net loads without any issues
  • ensure that http://http.badssl.com loads without any issues
  • ensured that http://upgradable.arthuredelstein.net doesn't upgrade to HTTPS (make sure website loads without issues)
    • basically ensuring that https://upgradable.arthuredelstein.net doesn't load

Example	Example	Example

BraveHttpsByDefaultRolloutStudy:Enabled - Disable Upgrade connections to HTTPS before join Griffin study

• visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that Upgrade connections to HTTPS has been disabled
• using the STR/Cases mentioned above, ensure that you're part of BraveHttpsByDefaultRolloutStudy:Enabled after restarting
• visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that Don't upgrade connections to HTTPS has been selected for the above websites

CCing @pes10k @arthuredelstein what's the expected result/behavior's in this case? If a user has previously disabled HTTPS upgrades on a particular website and then gets added into BraveHttpsByDefaultRolloutStudy, should the site-specific setting be set as Upgrade connections to HTTPS or Don't upgrade connections to HTTPS? Currently it's selecting Standard/Upgrade connections to HTTPS which isn't respecting the users previous choice.

Update: Sounds like this is expected as the new feature is different enough from the old feature that it will make it difficult to preserve users previous per-site settings when it comes to HTTPS upgrades.

BraveHttpsByDefaultRolloutStudy:Enabled - Tor Windows

As per brave/brave-browser#27141 (comment), brave://settings are isolated on Tor windows and Strict should always be used.

• using the STR/Cases mentioned above, ensure that you're part of BraveHttpsByDefaultRolloutStudy:Enabled
• change Upgrade connections to HTTPS via brave://settings from Standard -> Disabled
• open a Tor window and wait till it connects to the Tor network and you receive the Tor connected successfully message
• ensure that http://insecure.arthuredelstein.net displays The connection to insecure.arthuredelstein.net is not secure
  • ensured that Upgrade connections to HTTPS settings are not being displayed via the shields panel
  • ensure that Continue to site loads http://insecure.arthuredelstein.net without any issues
  • ensured that http://insecure.arthuredelstein.net loads without any issues after several restarts once Continue is selected
  • ensured that you Turn on warnings works as expected via the Not Secure drop down
• ensure that http://http.badssl.com displays The connection to http.badssl.com is not secure
  • ensured that Upgrade connections to HTTPS settings are not being displayed via the shields panel
  • ensure that Continue to site loads http://http.badssl.com without any issues
  • ensured that http://http.badssl.com loads without any issues after several restarts once Continue is selected
  • ensured that you Turn on warnings works as expected via the Not Secure drop down
• ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)
  • ensured that Upgrade connections to HTTPS settings are not being displayed via the shields panel

Example	Example	Example

BraveHttpsByDefaultRolloutStudy:Defualt (Disabled)

Verification PASSED on Win 11 x64 using the following build(s):

Brave | 1.50.62 Chromium: 111.0.5563.33 (Official Build) nightly (64-bit)
-- | --
Revision | 19bd6d0186b7912604e18191826dab9d1df00e2e-refs/branch-heads/5563@{#557}
OS | Windows 11 Version 22H2 (Build 22621.1265)

• launched 1.50.62 Chromium: 111.0.5563.33 using the terminal/CLI switch
  • brave.exe --enable-logging=stderr --variations-server-url=https://variations.bravesoftware.com/seed
• ensured that BraveHttpsByDefaultRolloutStudy wasn't being displayed via brave://version
• restarted the browser and ensured that BraveHttpsByDefaultRolloutStudy:Default via brave://version
• ensured that Upgrade connections to HTTPS is still being used via the shields panel
• ensured that Upgrade connections to HTTPS is NOT being displayed under brave://settings/shields

Example	Example	Example