Initial version of HTTPS-First Mode V2

This adds a rearchitected version of HTTPS-First Mode to address some
edge cases that occurred in the initial version, behind a new
kHttpsFirstModeV2 flag. The new version cancels the upgraded
inavigation when it fails (or times out) and initiates a new fallback
HTTP navigation. That fallback navigation is then replaced with the
HTTPS-First Mode interstitial warning. This addresses a number of
issues such as showing the HTTPS URL when the interstitial is showing
(crbug.com/1257272), sometimes losing history entries when going
back/forward from an HTTPS-First Mode interstitial
(crbug.com/crbug.com/1272781), and will allow follow-up work to better
handle interactions with network errors (crbug.com/1277211) among
others.

This rearchitecture will also allow us to more easily add the new
HTTPS Upgrades feature
(https://chromestatus.com/feature/6056181032812544).

Bug: 1394910,1257272,1272781,1277211
Change-Id: I787ecff185ab78099c04b458441c302cc254eb06
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4114422
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Commit-Queue: Chris Thompson <cthomp@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1084642}

chrome/browser/BUILD.gn

@@ -1709,6 +1709,10 @@ static_library("browser") {
     "ssl/https_only_mode_upgrade_interceptor.h",
     "ssl/https_only_mode_upgrade_url_loader.cc",
     "ssl/https_only_mode_upgrade_url_loader.h",
+    "ssl/https_upgrades_interceptor.cc",
+    "ssl/https_upgrades_interceptor.h",
+    "ssl/https_upgrades_navigation_throttle.cc",
+    "ssl/https_upgrades_navigation_throttle.h",
     "ssl/insecure_form/insecure_form_controller_client.cc",
     "ssl/insecure_form/insecure_form_controller_client.h",
     "ssl/known_interception_disclosure_infobar_delegate.cc",

chrome/browser/about_flags.cc

@@ -8367,6 +8367,10 @@ const FeatureEntry kFeatureEntries[] = {
      flag_descriptions::kHttpsOnlyModeDescription, kOsDesktop | kOsAndroid,
      FEATURE_VALUE_TYPE(features::kHttpsOnlyMode)},
 
+    {"https-first-mode-v2", flag_descriptions::kHttpsFirstModeV2Name,
+     flag_descriptions::kHttpsFirstModeV2Description, kOsDesktop | kOsAndroid,
+     FEATURE_VALUE_TYPE(features::kHttpsFirstModeV2)},
+
     {"https-upgrades", flag_descriptions::kHttpsUpgradesName,
      flag_descriptions::kHttpsUpgradesDescription, kOsDesktop | kOsAndroid,
      FEATURE_VALUE_TYPE(features::kHttpsUpgrades)},

chrome/browser/chrome_content_browser_client.cc

@@ -137,6 +137,8 @@
 #include "chrome/browser/ssl/https_defaulted_callbacks.h"
 #include "chrome/browser/ssl/https_only_mode_navigation_throttle.h"
 #include "chrome/browser/ssl/https_only_mode_upgrade_interceptor.h"
+#include "chrome/browser/ssl/https_upgrades_interceptor.h"
+#include "chrome/browser/ssl/https_upgrades_navigation_throttle.h"
 #include "chrome/browser/ssl/sct_reporting_service.h"
 #include "chrome/browser/ssl/ssl_client_auth_metrics.h"
 #include "chrome/browser/ssl/ssl_client_certificate_selector.h"
@@ -5059,11 +5061,19 @@ ChromeContentBrowserClient::CreateThrottlesForNavigation(
 #endif
 
   if (profile && profile->GetPrefs()) {
-    MaybeAddThrottle(
-        HttpsOnlyModeNavigationThrottle::MaybeCreateThrottleFor(
-            handle, std::make_unique<ChromeSecurityBlockingPageFactory>(),
-            profile->GetPrefs()),
-        &throttles);
+    if (base::FeatureList::IsEnabled(features::kHttpsFirstModeV2)) {
+      MaybeAddThrottle(
+          HttpsUpgradesNavigationThrottle::MaybeCreateThrottleFor(
+              handle, std::make_unique<ChromeSecurityBlockingPageFactory>(),
+              profile->GetPrefs()),
+          &throttles);
+    } else {
+      MaybeAddThrottle(
+          HttpsOnlyModeNavigationThrottle::MaybeCreateThrottleFor(
+              handle, std::make_unique<ChromeSecurityBlockingPageFactory>(),
+              profile->GetPrefs()),
+          &throttles);
+    }
   }
 
   MaybeAddThrottle(MaybeCreateNavigationAblationThrottle(handle), &throttles);
@@ -5892,7 +5902,10 @@ ChromeContentBrowserClient::WillCreateURLLoaderRequestInterceptors(
   interceptors.push_back(
       std::make_unique<SearchPrefetchURLLoaderInterceptor>(frame_tree_node_id));
 
-  if (base::FeatureList::IsEnabled(features::kHttpsOnlyMode)) {
+  if (base::FeatureList::IsEnabled(features::kHttpsFirstModeV2)) {
+    interceptors.push_back(
+        std::make_unique<HttpsUpgradesInterceptor>(frame_tree_node_id));
+  } else {
     interceptors.push_back(
         std::make_unique<HttpsOnlyModeUpgradeInterceptor>(frame_tree_node_id));
   }

chrome/browser/flag-metadata.json

@@ -4120,6 +4120,14 @@
     "owners": [ "shivanisha" ],
     "expiry_milestone": 95
   },
+  {
+    "name": "https-first-mode-v2",
+    "owners": [
+      "cthomp",
+      "trusty-transport@chromium.org"
+    ],
+    "expiry_milestone": 118
+  },
   {
     "name": "https-only-mode",
     "owners": [ "meacer", "trusty-transport@chromium.org" ],

chrome/browser/flag_descriptions.cc

@@ -1666,6 +1666,10 @@ const char kHttpsOnlyModeDescription[] =
     "Adds a setting under chrome://settings/security to opt-in to HTTPS-First "
     "Mode.";
 
+const char kHttpsFirstModeV2Name[] = "HTTPS-First Mode V2";
+const char kHttpsFirstModeV2Description[] =
+    "Enable rearchitected version of HTTPS-First Mode.";
+
 const char kHttpsUpgradesName[] = "HTTPS Upgrades";
 const char kHttpsUpgradesDescription[] =
     "Enable automatically upgrading all top-level navigations to HTTPS with "

chrome/browser/flag_descriptions.h

@@ -928,6 +928,9 @@ extern const char kHideShelfControlsInTabletModeDescription[];
 extern const char kHttpsOnlyModeName[];
 extern const char kHttpsOnlyModeDescription[];
 
+extern const char kHttpsFirstModeV2Name[];
+extern const char kHttpsFirstModeV2Description[];
+
 extern const char kHttpsUpgradesName[];
 extern const char kHttpsUpgradesDescription[];
 

chrome/browser/ssl/https_only_mode_browsertest.cc

@@ -44,6 +44,8 @@
 using security_interstitials::https_only_mode::Event;
 using security_interstitials::https_only_mode::kEventHistogram;
 
+// Tests for the v1 implementation of HTTPS-First Mode. See
+// https_upgrade_browsertest.cc for the tests for v2.
 class HttpsOnlyModeBrowserTest : public InProcessBrowserTest {
  public:
   HttpsOnlyModeBrowserTest() = default;

chrome/browser/ssl/https_only_mode_controller_client.cc

@@ -9,6 +9,7 @@
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ssl/https_only_mode_tab_helper.h"
 #include "chrome/browser/ssl/stateful_ssl_host_state_delegate_factory.h"
+#include "chrome/common/chrome_features.h"
 #include "chrome/common/webui_url_constants.h"
 #include "components/security_interstitials/content/settings_page_helper.h"
 #include "components/security_interstitials/content/stateful_ssl_host_state_delegate.h"
@@ -57,7 +58,16 @@ void HttpsOnlyModeControllerClient::Proceed() {
   }
   auto* tab_helper = HttpsOnlyModeTabHelper::FromWebContents(web_contents_);
   tab_helper->set_is_navigation_upgraded(false);
-  tab_helper->set_is_navigation_fallback(true);
+
+  // Proceeding through the interstitial triggers the fallback navigation for
+  // the initial version of HTTPS-First Mode, but in the new version the
+  // interstitial is the result of the fallback navigation. Update state
+  // accordingly.
+  if (base::FeatureList::IsEnabled(features::kHttpsFirstModeV2)) {
+    tab_helper->set_is_navigation_fallback(false);
+  } else {
+    tab_helper->set_is_navigation_fallback(true);
+  }
   web_contents_->GetController().Reload(content::ReloadType::NORMAL, false);
   // The failed https navigation will remain as a forward entry, so it needs to
   // be removed.