From fee06d794733302bca32ff598a007f736c0d2efa Mon Sep 17 00:00:00 2001 From: Kyle Hickinson Date: Tue, 23 Jan 2024 11:38:32 -0500 Subject: [PATCH] Fix #8664: Add content blocker to upgrade passive mixed content (#8680) Also hides the 'Not Secure' title when viewing mixed content Due to a WebKit bug we will still be showing the page as insecure even when all http links are promoted, so this will help with that until the bug is fixed by Apple --- Package.swift | 1 + .../Browser/Toolbars/UrlBar/TabLocationView.swift | 5 ++++- .../ContentBlocker/ContentBlockerManager.swift | 7 ++++++- .../ContentBlocker/Lists/mixed-content-upgrade.json | 12 ++++++++++++ 4 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 Sources/Brave/WebFilters/ContentBlocker/Lists/mixed-content-upgrade.json diff --git a/Package.swift b/Package.swift index a08eb1e2e24..4395f88d963 100644 --- a/Package.swift +++ b/Package.swift @@ -430,6 +430,7 @@ var braveTarget: PackageDescription.Target = .target( .copy("WebFilters/ContentBlocker/Lists/block-ads.json"), .copy("WebFilters/ContentBlocker/Lists/block-cookies.json"), .copy("WebFilters/ContentBlocker/Lists/block-trackers.json"), + .copy("WebFilters/ContentBlocker/Lists/mixed-content-upgrade.json"), .copy("WebFilters/ShieldStats/Adblock/Resources/ABPFilterParserData.dat"), ], plugins: ["LoggerPlugin"] diff --git a/Sources/Brave/Frontend/Browser/Toolbars/UrlBar/TabLocationView.swift b/Sources/Brave/Frontend/Browser/Toolbars/UrlBar/TabLocationView.swift index d14012d2012..d1b8bde2d0e 100644 --- a/Sources/Brave/Frontend/Browser/Toolbars/UrlBar/TabLocationView.swift +++ b/Sources/Brave/Frontend/Browser/Toolbars/UrlBar/TabLocationView.swift @@ -79,7 +79,10 @@ class TabLocationView: UIView { var title = AttributedString(Strings.tabToolbarNotSecureTitle) title.font = .preferredFont(forTextStyle: .subheadline, compatibleWith: clampedTraitCollection) - let isTitleVisible = !traitCollection.preferredContentSizeCategory.isAccessibilityCategory && bounds.width > 200 + // Hide the title with mixed content due to a WebKit bug (https://bugs.webkit.org/show_bug.cgi?id=258711) + // which fails to update `hasOnlySecureContent` even when promoting all http content. + let isTitleVisible = !traitCollection.preferredContentSizeCategory.isAccessibilityCategory && + bounds.width > 200 && secureContentState != .mixedContent switch secureContentState { case .localhost, .secure: diff --git a/Sources/Brave/WebFilters/ContentBlocker/ContentBlockerManager.swift b/Sources/Brave/WebFilters/ContentBlocker/ContentBlockerManager.swift index c47e2a38259..d8af074b38f 100644 --- a/Sources/Brave/WebFilters/ContentBlocker/ContentBlockerManager.swift +++ b/Sources/Brave/WebFilters/ContentBlocker/ContentBlockerManager.swift @@ -51,6 +51,7 @@ actor ContentBlockerManager { case blockAds case blockCookies case blockTrackers + case upgradeMixedContent func mode(isAggressiveMode: Bool) -> BlockingMode { switch self { @@ -60,7 +61,7 @@ actor ContentBlockerManager { } else { return .standard } - case .blockCookies, .blockTrackers: + case .blockCookies, .blockTrackers, .upgradeMixedContent: return .general } } @@ -70,6 +71,7 @@ actor ContentBlockerManager { case .blockAds: return "block-ads" case .blockCookies: return "block-cookies" case .blockTrackers: return "block-trackers" + case .upgradeMixedContent: return "mixed-content-upgrade" } } } @@ -356,6 +358,9 @@ actor ContentBlockerManager { results.insert(.blockCookies) } + // Always upgrade mixed content + results.insert(.upgradeMixedContent) + return results } diff --git a/Sources/Brave/WebFilters/ContentBlocker/Lists/mixed-content-upgrade.json b/Sources/Brave/WebFilters/ContentBlocker/Lists/mixed-content-upgrade.json new file mode 100644 index 00000000000..c5fc1dd9ee5 --- /dev/null +++ b/Sources/Brave/WebFilters/ContentBlocker/Lists/mixed-content-upgrade.json @@ -0,0 +1,12 @@ +[ + { + "trigger": { + "url-filter": "http://.*", + "if-top-url": ["https://.*"], + "resource-type": ["image", "media"] + }, + "action": { + "type": "make-https" + } + } +]