Merge branch 'release/5.236.0'

Author: github-actions[bot]

.maestro/ads_preview_flows/1-_design-system-components.yaml

@@ -11,6 +11,7 @@ tags:
 
         - runFlow: ../shared/skip_all_onboarding.yaml
 
+        - hideKeyboard
         - tapOn:
             id: "com.duckduckgo.mobile.android:id/browserMenuImageView"
         - tapOn:

.maestro/autofill/1_autofill_shown_in_overflow.yaml

@@ -11,4 +11,5 @@ tags:
       - launchApp:
             clearState: true
       - runFlow: ../shared/skip_all_onboarding.yaml
+      - hideKeyboard
       - runFlow: steps/access_passwords_screen.yaml

.maestro/autofill/2_autofill_add_search_update_delete_creds.yaml

@@ -10,6 +10,7 @@ tags:
       - launchApp:
           clearState: true
       - runFlow: ../shared/skip_all_onboarding.yaml
+      - hideKeyboard
       - runFlow: steps/access_passwords_screen.yaml
 
       - assertVisible:

.maestro/autofill/3_autofill_prompted_to_save_creds_on_form.yaml

@@ -10,6 +10,7 @@ tags:
         - launchApp:
               clearState: true
         - runFlow: ../shared/skip_all_onboarding.yaml
+        - hideKeyboard
 
         - tapOn:
             id: "omnibarTextInput"

.maestro/autofill/4_autofill_settings_creds.yaml

@@ -10,6 +10,7 @@ tags:
       - launchApp:
           clearState: true
       - runFlow: ../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       - tapOn:
           id: "com.duckduckgo.mobile.android:id/browserMenuImageView"

.maestro/autofill/backfillingUsername/multi_step_login_username_backfilled.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill form
       - tapOn:

.maestro/autofill/backfillingUsername/multi_step_login_username_backfilled_for_an_update.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # setup an existing credential
       - runFlow: ../steps/manually_add_existing_credential.yaml

.maestro/autofill/backfillingUsername/multi_step_login_username_not_backfilled_if_provided_explicitly.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill form
       - tapOn:

.maestro/autofill/backfillingUsername/multi_step_registration_username_backfilled_password_autogenerated.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill form
       - tapOn:
@@ -41,6 +42,8 @@ tags:
           text: "Register"
           index: 1
 
+      - hideKeyboard
+
       # access the passwords screen and assert username and password both saved
       - runFlow: ../steps/access_passwords_screen.yaml
       - tapOn: "usernameFromBackfill"

.maestro/autofill/backfillingUsername/multi_step_registration_username_backfilled_password_manually_entered.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill form
       - tapOn:

.maestro/autofill/backfillingUsername/password_reset_flow_autogenerated_password.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill login form
       - tapOn:
@@ -43,6 +44,8 @@ tags:
           text: "Change Password"
           index: 1
 
+      - hideKeyboard
+
       # access the passwords screen and assert username and password both saved
       - runFlow: ../steps/access_passwords_screen.yaml
       - tapOn: "usernameFromBackfill"

.maestro/autofill/backfillingUsername/password_reset_flow_for_existing_credential_generated_password.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill login form
       - tapOn:

.maestro/autofill/backfillingUsername/password_reset_flow_for_existing_credential_manual_password.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # manually add a credential
       - runFlow: ../steps/manually_add_existing_credential.yaml

.maestro/autofill/passwordGeneration/autosaves_credential_when_password_generated_with_username.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill form
       - tapOn:

.maestro/autofill/passwordGeneration/autosaves_credential_when_password_generated_without_username.yaml

@@ -12,6 +12,7 @@ tags:
           clearState: true
 
       - runFlow: ../../shared/skip_all_onboarding.yaml
+      - hideKeyboard
 
       # get to autofill form
       - tapOn:

.maestro/custom_tabs/custom_tabs_navigation.yaml

@@ -27,6 +27,7 @@ tags:
       - tapOn: "next"
       - assertVisible:
           text: ".*Try a search!.*"
+      - hideKeyboard
       - tapOn:
           id: "com.duckduckgo.mobile.android:id/browserMenuImageView"
       - tapOn:

.maestro/custom_tabs/custom_tabs_navigation_new_tab.yaml

@@ -27,6 +27,7 @@ tags:
       - tapOn: "next"
       - assertVisible:
           text: ".*Try a search!.*"
+      - hideKeyboard
       - tapOn:
           id: "com.duckduckgo.mobile.android:id/browserMenuImageView"
       - tapOn:

.maestro/shared/open_bookmarks.yaml

@@ -1,5 +1,6 @@
 appId: com.duckduckgo.mobile.android
 ---
+- hideKeyboard
 - tapOn:
       id: "com.duckduckgo.mobile.android:id/browserMenuImageView"
 - tapOn: "Bookmarks"

.maestro/shared/open_sync_dev_settings_screen.yaml

@@ -1,5 +1,6 @@
 appId: com.duckduckgo.mobile.android
 ---
+- hideKeyboard
 - tapOn:
     id: "com.duckduckgo.mobile.android:id/browserMenuImageView"
 - tapOn: "Settings"

.maestro/shared/open_sync_screen.yaml

@@ -1,5 +1,6 @@
 appId: com.duckduckgo.mobile.android
 ---
+- hideKeyboard
 - tapOn:
     id: "com.duckduckgo.mobile.android:id/browserMenuImageView"
 - tapOn: "Settings"

app-tracking-protection/vpn-impl/src/main/java/com/duckduckgo/mobile/android/vpn/service/TrackerBlockingVpnService.kt

@@ -85,8 +85,6 @@ import logcat.LogPriority.WARN
 import logcat.asLog
 import logcat.logcat
 
-private const val DDG_VPN_SESSION = "DuckDuckGo"
-
 @InjectWith(
     scope = VpnScope::class,
     delayGeneration = true,
@@ -449,7 +447,6 @@ class TrackerBlockingVpnService : VpnService(), CoroutineScope by MainScope(), V
                 // TODO should we protect all comms with our controller BE? other VPNs do that
                 safelyAddDisallowedApps(listOf(this@TrackerBlockingVpnService.packageName))
                 setBlocking(true)
-                setSession(DDG_VPN_SESSION)
                 setMtu(1280)
                 try {
                     prepare(this@TrackerBlockingVpnService)
@@ -530,9 +527,6 @@ class TrackerBlockingVpnService : VpnService(), CoroutineScope by MainScope(), V
             }
 
             setBlocking(true)
-            // optional in docs but apparently some OEMs may expect to have a session
-            setSession(DDG_VPN_SESSION)
-
             // Cap the max MTU value to avoid backpressure issues in the socket
             // This is effectively capping the max segment size too
             setMtu(tunnelConfig.mtu)

app/src/androidTest/java/com/duckduckgo/app/browser/WebViewRequestInterceptorTest.kt

@@ -34,6 +34,7 @@ import com.duckduckgo.app.fakes.FakeMaliciousSiteBlockerWebViewIntegration
 import com.duckduckgo.app.fakes.FeatureToggleFake
 import com.duckduckgo.app.fakes.UserAgentFake
 import com.duckduckgo.app.fakes.UserAllowListRepositoryFake
+import com.duckduckgo.app.pixels.remoteconfig.AndroidBrowserConfigFeature
 import com.duckduckgo.app.privacy.db.PrivacyProtectionCountDao
 import com.duckduckgo.app.statistics.model.Atb
 import com.duckduckgo.app.statistics.store.StatisticsDataStore
@@ -46,7 +47,9 @@ import com.duckduckgo.app.trackerdetection.model.TrackerType
 import com.duckduckgo.app.trackerdetection.model.TrackingEvent
 import com.duckduckgo.common.test.CoroutineTestRule
 import com.duckduckgo.duckplayer.api.DuckPlayer
+import com.duckduckgo.feature.toggles.api.FakeFeatureToggleFactory
 import com.duckduckgo.feature.toggles.api.FeatureToggle
+import com.duckduckgo.feature.toggles.api.Toggle.State
 import com.duckduckgo.httpsupgrade.api.HttpsUpgrader
 import com.duckduckgo.privacy.config.api.Gpc
 import com.duckduckgo.privacy.config.impl.features.gpc.RealGpc.Companion.GPC_HEADER
@@ -99,7 +102,8 @@ class WebViewRequestInterceptorTest {
         fakeToggle,
         fakeUserAllowListRepository,
     )
-    private val mockMaliciousSiteBlockerWebViewIntegration: MaliciousSiteBlockerWebViewIntegration = FakeMaliciousSiteBlockerWebViewIntegration()
+    private var fakeMaliciousSiteBlockerWebViewIntegration: MaliciousSiteBlockerWebViewIntegration = FakeMaliciousSiteBlockerWebViewIntegration(true)
+    private val fakeAndroidBrowserConfigFeature = FakeFeatureToggleFactory.create(AndroidBrowserConfigFeature::class.java)
 
     private var webView: WebView = mock()
 
@@ -120,7 +124,11 @@ class WebViewRequestInterceptorTest {
             cloakedCnameDetector = mockCloakedCnameDetector,
             requestFilterer = mockRequestFilterer,
             duckPlayer = mockDuckPlayer,
-            maliciousSiteBlockerWebViewIntegration = mockMaliciousSiteBlockerWebViewIntegration,
+            maliciousSiteBlockerWebViewIntegration = fakeMaliciousSiteBlockerWebViewIntegration,
+            dispatchers = coroutinesTestRule.testDispatcherProvider,
+            appCoroutineScope = coroutinesTestRule.testScope,
+            androidBrowserConfigFeature = fakeAndroidBrowserConfigFeature,
+            isMainProcess = true,
         )
     }
 
@@ -151,6 +159,53 @@ class WebViewRequestInterceptorTest {
         verify(mockHttpsUpgrader).upgrade(any())
     }
 
+    @Test
+    fun whenUrlShouldBeUpgradedSiteIsMaliciousAndUpgradeBeforeMaliciousEnabledThenUpgrade() = runTest {
+        configureShouldUpgrade()
+        fakeMaliciousSiteBlockerWebViewIntegration = FakeMaliciousSiteBlockerWebViewIntegration(false)
+        fakeAndroidBrowserConfigFeature.checkMaliciousAfterHttpsUpgrade().setRawStoredState(State(true))
+        testee.shouldIntercept(
+            request = mockRequest,
+            documentUri = null,
+            webView = webView,
+            webViewClientListener = null,
+        )
+
+        verify(mockHttpsUpgrader).upgrade(any())
+    }
+
+    @Test
+    fun whenUrlShouldBeUpgradedSiteIsMaliciousAndUpgradeBeforeMaliciousDisabledThenDontUpgrade() = runTest {
+        configureShouldUpgrade()
+        fakeMaliciousSiteBlockerWebViewIntegration = FakeMaliciousSiteBlockerWebViewIntegration(false)
+        fakeAndroidBrowserConfigFeature.checkMaliciousAfterHttpsUpgrade().setRawStoredState(State(false))
+        testee = WebViewRequestInterceptor(
+            trackerDetector = mockTrackerDetector,
+            httpsUpgrader = mockHttpsUpgrader,
+            resourceSurrogates = mockResourceSurrogates,
+            privacyProtectionCountDao = mockPrivacyProtectionCountDao,
+            gpc = mockGpc,
+            userAgentProvider = userAgentProvider,
+            adClickManager = mockAdClickManager,
+            cloakedCnameDetector = mockCloakedCnameDetector,
+            requestFilterer = mockRequestFilterer,
+            duckPlayer = mockDuckPlayer,
+            maliciousSiteBlockerWebViewIntegration = fakeMaliciousSiteBlockerWebViewIntegration,
+            dispatchers = coroutinesTestRule.testDispatcherProvider,
+            appCoroutineScope = coroutinesTestRule.testScope,
+            androidBrowserConfigFeature = fakeAndroidBrowserConfigFeature,
+            isMainProcess = true,
+        )
+        testee.shouldIntercept(
+            request = mockRequest,
+            documentUri = null,
+            webView = webView,
+            webViewClientListener = null,
+        )
+
+        verify(mockHttpsUpgrader, never()).upgrade(any())
+    }
+
     @Test
     fun whenUrlShouldBeUpgradedThenCancelledResponseReturned() = runTest {
         configureShouldUpgrade()

app/src/androidTest/java/com/duckduckgo/app/fakes/FakeMaliciousSiteBlockerWebViewIntegration.kt

@@ -18,27 +18,31 @@ package com.duckduckgo.app.fakes
 
 import android.net.Uri
 import android.webkit.WebResourceRequest
+import androidx.core.net.toUri
 import com.duckduckgo.app.browser.webview.MaliciousSiteBlockerWebViewIntegration
 import com.duckduckgo.app.browser.webview.RealMaliciousSiteBlockerWebViewIntegration.IsMaliciousViewData
+import com.duckduckgo.app.browser.webview.RealMaliciousSiteBlockerWebViewIntegration.IsMaliciousViewData.MaliciousSite
 import com.duckduckgo.app.browser.webview.RealMaliciousSiteBlockerWebViewIntegration.IsMaliciousViewData.Safe
 import com.duckduckgo.malicioussiteprotection.api.MaliciousSiteProtection.Feed
 import com.duckduckgo.malicioussiteprotection.api.MaliciousSiteProtection.MaliciousStatus
 
-class FakeMaliciousSiteBlockerWebViewIntegration : MaliciousSiteBlockerWebViewIntegration {
+class FakeMaliciousSiteBlockerWebViewIntegration(
+    private val isSafe: Boolean = true,
+) : MaliciousSiteBlockerWebViewIntegration {
     override suspend fun shouldIntercept(
         request: WebResourceRequest,
         documentUri: Uri?,
         confirmationCallback: (maliciousStatus: MaliciousStatus) -> Unit,
     ): IsMaliciousViewData {
-        return Safe(request.isForMainFrame)
+        return if (isSafe) Safe(request.isForMainFrame) else MaliciousSite("foo.com".toUri(), Feed.MALWARE, false, true)
     }
 
     override fun shouldOverrideUrlLoading(
         url: Uri,
         isForMainFrame: Boolean,
         confirmationCallback: (maliciousStatus: MaliciousStatus) -> Unit,
     ): IsMaliciousViewData {
-        return Safe(isForMainFrame)
+        return if (isSafe) Safe(isForMainFrame) else MaliciousSite("foo.com".toUri(), Feed.MALWARE, false, true)
     }
 
     override fun onPageLoadStarted(url: String) {

app/src/androidTest/java/com/duckduckgo/app/referencetests/DomainsReferenceTest.kt

@@ -34,6 +34,7 @@ import com.duckduckgo.app.fakes.FeatureToggleFake
 import com.duckduckgo.app.fakes.UserAgentFake
 import com.duckduckgo.app.fakes.UserAllowListRepositoryFake
 import com.duckduckgo.app.global.db.AppDatabase
+import com.duckduckgo.app.pixels.remoteconfig.AndroidBrowserConfigFeature
 import com.duckduckgo.app.privacy.db.PrivacyProtectionCountDao
 import com.duckduckgo.app.privacy.db.UserAllowListDao
 import com.duckduckgo.app.privacy.db.UserAllowListRepository
@@ -57,6 +58,7 @@ import com.duckduckgo.app.trackerdetection.db.WebTrackersBlockedDao
 import com.duckduckgo.common.test.CoroutineTestRule
 import com.duckduckgo.common.test.FileUtilities
 import com.duckduckgo.duckplayer.api.DuckPlayer
+import com.duckduckgo.feature.toggles.api.FakeFeatureToggleFactory
 import com.duckduckgo.feature.toggles.api.FeatureToggle
 import com.duckduckgo.httpsupgrade.api.HttpsUpgrader
 import com.duckduckgo.privacy.config.api.ContentBlocking
@@ -122,6 +124,7 @@ class DomainsReferenceTest(private val testCase: TestCase) {
     private val mockGpc: Gpc = mock()
     private val mockAdClickManager: AdClickManager = mock()
     private val mockMaliciousSiteProtection: MaliciousSiteBlockerWebViewIntegration = FakeMaliciousSiteBlockerWebViewIntegration()
+    private val fakeAndroidBrowserConfigFeature = FakeFeatureToggleFactory.create(AndroidBrowserConfigFeature::class.java)
 
     companion object {
         private val moshi = Moshi.Builder().add(ActionJsonAdapter()).build()
@@ -179,6 +182,10 @@ class DomainsReferenceTest(private val testCase: TestCase) {
             requestFilterer = mockRequestFilterer,
             maliciousSiteBlockerWebViewIntegration = mockMaliciousSiteProtection,
             duckPlayer = mockDuckPlayer,
+            dispatchers = coroutinesTestRule.testDispatcherProvider,
+            appCoroutineScope = coroutinesTestRule.testScope,
+            androidBrowserConfigFeature = fakeAndroidBrowserConfigFeature,
+            isMainProcess = true,
         )
     }