-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable Https by Default in Android Nightly #560
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Merging into main
so QA can run through the changes on staging
before merging #561 into production
.
|
Example |
Example |
Example |
Example |
Example |
Example |
---|---|---|---|---|---|
BraveHttpsByDefaultRolloutStudy:Enabled
- Shields Panel (Upgrade to HTTPS whenever possible (default)
)
- using the STR/Cases mentioned via
BraveHttpsByDefaultRolloutStudy:Enabled
, ensure that you're part ofBraveHttpsByDefaultRolloutStudy:Enabled
viabrave://version
- ensured that
Upgrade to HTTPS whenever possible (default)
is selected as the default (if the user hasn't changed anything)- ensured that http://insecure.arthuredelstein.net loads without any issues (shouldn't be upgrading)
- ensured that http://http.badssl.com loads without any issues (shouldn't be upgrading)
- ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)
Example |
Example |
Example |
Example |
---|---|---|---|
BraveHttpsByDefaultRolloutStudy:Enabled
- Shields Panel (Require all connections to use HTTPS (strict)
)
- using the STR/Cases mentioned via
BraveHttpsByDefaultRolloutStudy:Enabled
, ensure that you're part ofBraveHttpsByDefaultRolloutStudy:Enabled
viabrave://version
- visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that
Require all connections to use HTTPS (strict)
is selected via the shields panel- ensure that http://insecure.arthuredelstein.net displays
The connection to insecure.arthuredelstein.net is not secure
- ensure that
Continue to site
loads http://insecure.arthuredelstein.net without any issues - ensured that http://insecure.arthuredelstein.net loads without any issues after several restarts once
Continue
is selected - ensured that you
Turn on warnings
works as expected via theNot Secure
drop down
- ensure that
- ensure that http://http.badssl.com displays
The connection to http.badssl.com is not secure
- ensure that
Continue to site
loads http://http.badssl.com without any issues - ensured that http://http.badssl.com loads without any issues after several restarts once
Continue
is selected - ensured that you
Turn on warnings
works as expected via theNot Secure
drop down
- ensure that
- ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)
- ensure that http://insecure.arthuredelstein.net displays
Example |
Example |
Example |
Example |
Example |
---|---|---|---|---|
Example |
Example |
Example |
Example |
Example |
---|---|---|---|---|
BraveHttpsByDefaultRolloutStudy:Enabled
- Shields Panel (Don't upgrade connections to HTTPS (disabled)
)
- using the STR/Cases mentioned via
BraveHttpsByDefaultRolloutStudy:Enabled
, ensure that you're part ofBraveHttpsByDefaultRolloutStudy:Enabled
viabrave://version
- visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that
Don't upgrade connections to HTTPS (disabled)
is selected via the shields panel- ensure that http://insecure.arthuredelstein.net loads without any issues
- ensure that http://http.badssl.com loads without any issues
- ensured that http://upgradable.arthuredelstein.net doesn't upgrade to
HTTPS
(make sure website loads without issues)- basically ensuring that https://upgradable.arthuredelstein.net doesn't load
Example |
Example |
Example |
Example |
---|---|---|---|
BraveHttpsByDefaultRolloutStudy:Enabled
- Upgrade to HTTPS whenever possible (default)
selected via Settings
- using the STR/Cases mentioned via
BraveHttpsByDefaultRolloutStudy:Enabled
, ensure that you're part ofBraveHttpsByDefaultRolloutStudy:Enabled
viabrave://version
- went into
Settings
-> Brave Shields & privacyand ensured that
Upgrade to HTTPS whenever possible (default)` was selected- ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)
Example |
Example |
---|---|
BraveHttpsByDefaultRolloutStudy:Enabled
- Require all connections to use HTTPS (strict)
selected via Settings
- using the STR/Cases mentioned via
BraveHttpsByDefaultRolloutStudy:Enabled
, ensure that you're part ofBraveHttpsByDefaultRolloutStudy:Enabled
viabrave://version
- went into
Settings
-> Brave Shields & privacyand selected
Require all connections to use HTTPS (strict)` - visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that
Require all connections to use HTTPS (strict)
is selected via the shields panel- ensure that http://insecure.arthuredelstein.net displays
The connection to insecure.arthuredelstein.net is not secure
- ensure that
Continue to site
loads http://insecure.arthuredelstein.net without any issues - ensured that http://insecure.arthuredelstein.net loads without any issues after several restarts once
Continue
is selected - ensured that you
Turn on warnings
works as expected via theNot Secure
drop down
- ensure that
- ensure that http://http.badssl.com displays
The connection to http.badssl.com is not secure
- ensure that
Continue to site
loads http://http.badssl.com without any issues - ensured that http://http.badssl.com loads without any issues after several restarts once
Continue
is selected - ensured that you
Turn on warnings
works as expected via theNot Secure
drop down
- ensure that
- ensured that http://upgradable.arthuredelstein.net -> https://upgradable.arthuredelstein.net (should be upgraded)
- ensure that http://insecure.arthuredelstein.net displays
Example |
Example |
Example |
Example |
Example |
Example |
---|---|---|---|---|---|
Example |
Example |
Example |
Example |
Example |
Example |
---|---|---|---|---|---|
Example |
Example |
---|---|
BraveHttpsByDefaultRolloutStudy:Enabled
- Don't upgrade connections to HTTPS (disabled)
selected via Settings
- using the STR/Cases mentioned via
BraveHttpsByDefaultRolloutStudy:Enabled
, ensure that you're part ofBraveHttpsByDefaultRolloutStudy:Enabled
viabrave://version
- went into
Settings
-> Brave Shields & privacyand selected
Don't upgrade connections to HTTPS (disabled)` - visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that
Don't upgrade connections to HTTPS (disabled)
is selected via the shields panel- ensure that http://insecure.arthuredelstein.net loads without any issues
- ensure that http://http.badssl.com loads without any issues
- ensured that http://upgradable.arthuredelstein.net doesn't upgrade to
HTTPS
(make sure website loads without issues)- basically ensuring that https://upgradable.arthuredelstein.net doesn't load
Example |
Example |
Example |
Example |
Example |
---|---|---|---|---|
BraveHttpsByDefaultRolloutStudy:Enabled
- Disable Upgrade connections to HTTPS
before join Griffin study
- visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that
Upgrade connections to HTTPS
has been disabled - using the STR/Cases mentioned via
BraveHttpsByDefaultRolloutStudy:Enabled
, ensure that you're part ofBraveHttpsByDefaultRolloutStudy:Enabled
viabrave://version
- visit http://insecure.arthuredelstein.net, http://http.badssl.com and http://upgradable.arthuredelstein.net and ensure that
Upgrade to HTTPS whenever possible (default)
has been selected for the above websites
Example |
Example |
Example |
Example |
Example |
Example |
---|---|---|---|---|---|
Prevent permissive HTTPS Upgrade settings from leaking from Normal
to Private
windows
Basically used the STR/Cases outlined via brave/brave-core#17421 (comment) and went through the following:
Test Case #1
- Upgrade to HTTPS whenever possible (default)
- launched/restarted
1.52.2 Chromium: 112.0.5615.39
soBraveHttpsByDefaultRolloutStudy:Enabled
- visited http://upgradable.arthuredelstein.net in a
Normal
window and ensured thatUpgrade to HTTPS whenever possible (default)
- ensured that
http://upgradable.arthuredelstein.net
->https://upgradable.arthuredelstein.net
- ensured that
- opened a
Private
window and visited http://upgradable.arthuredelstein.net and ensuredUpgrade to HTTPS whenever possible (default)
- ensured that
http://upgradable.arthuredelstein.net
->https://upgradable.arthuredelstein.net
- ensured that
Test Case #2
- Require all connections to use HTTPS (strict)
- launched/restarted
1.52.2 Chromium: 112.0.5615.39
soBraveHttpsByDefaultRolloutStudy:Enabled
- visited http://upgradable.arthuredelstein.net and switched HTTPS upgrades to
Require all connections to use HTTPS (strict)
- ensured that
http://upgradable.arthuredelstein.net
->https://upgradable.arthuredelstein.net
- ensured that
- opened a
Private
window and visited http://upgradable.arthuredelstein.net and ensuredRequire all connections to use HTTPS (strict)
- ensured that
http://upgradable.arthuredelstein.net
->https://upgradable.arthuredelstein.net
- ensured that
Test Case #3
- Don't upgrade connections to HTTPS (disabled)
- launched/restarted
1.52.2 Chromium: 112.0.5615.39
soBraveHttpsByDefaultRolloutStudy:Enabled
- visited http://upgradable.arthuredelstein.net switched HTTPS upgrades to
Don't upgrade connections to HTTPS (disabled)
- reloaded http://upgradable.arthuredelstein.net and ensured that the website was not being upgraded to HTTPS
- opened a
Private
window and visited http://upgradable.arthuredelstein.net and ensuredUpgrade to HTTPS whenever possible (default)
- ensured that
http://upgradable.arthuredelstein.net
->https://upgradable.arthuredelstein.net
- ensured that
Ensure that Don't upgrade connections to HTTPS (disabled)
is NOT being used
Test Case #4
- Don't upgrade HTTPS connections
(Private Window Only)
- launched/restarted
1.52.2 Chromium: 112.0.5615.39
soBraveHttpsByDefaultRolloutStudy:Enabled
- opened a
Private
window and visited http://upgradable.arthuredelstein.net and ensuredUpgrade to HTTPS whenever possible (default)
- ensured that
http://upgradable.arthuredelstein.net
->https://upgradable.arthuredelstein.net
- ensured that
- change the HTTPS upgrade setting to
Don't upgrade connections to HTTPS (disabled)
and loadhttp://upgradable.arthuredelstein.net
Ensure that http://upgradable.arthuredelstein.net
is not upgrade. With this case, we're basically ensuring that you can still use Don't upgrade HTTPS connections
if changed within the Private
window.
BraveHttpsByDefaultRolloutStudy
NOT being used (BETA
)
Verification PASSED on Pixel 6
running Android 13
using the following build(s):
Brave | 1.51.71 Chromium: 112.0.5615.39 (Official Build) beta (32-bit)
--- | ---
Revision | a0e7b9718a92bcd1cf33b7c95316caff3fc20714-refs/branch-heads/5615@{#753}
OS | Android 13; Build/TQ2A.230305.008.E1
- launched
1.50.62 Chromium: 111.0.5563.33
and ensure thatBraveHttpsByDefaultRolloutStudy
is not visible - restarted the browser and ensured that
BraveHttpsByDefaultRolloutStudy
is not visible viabrave://version
- ensured that
Upgrade connections to HTTPS
is still being used via the shields panel - ensured that the new
HTTPS
settings are not being displayed viaSettings
->Brave Shields & privacy
Example |
Example |
Example |
---|---|---|
BraveHttpsByDefaultRolloutStudy
NOT being used (Release
)
Verification PASSED on Pixel 6
running Android 13
using the following build(s):
Brave | 1.49.132 Chromium: 111.0.5563.147 (Official Build) (32-bit)
--- | ---
Revision | 029fd65a4dd711d1078468ed2206999cec86066b-refs/branch-heads/5563@{#1239}
OS | Android 13; Build/TQ2A.230305.008.E1
- launched
1.49.132 Chromium: 111.0.5563.147
and ensure thatBraveHttpsByDefaultRolloutStudy
is not visible - restarted the browser and ensured that
BraveHttpsByDefaultRolloutStudy
is not visible viabrave://version
- ensured that
Upgrade connections to HTTPS
is still being used via the shields panel - ensured that the new
HTTPS
settings are not being displayed viaSettings
->Brave Shields & privacy
Example |
Example |
Example |
---|---|---|
See #559