Fix false positives caused in Android manifest analysis

[nick-lupien]

Describe the Pull Request

Problem:

• Recurring false positives coming from the Android manifest analysis module.
• FPs occur when well-known URLs like assetlinks.json redirect from http->https. In these instances, high-severity findings would appear in the Manifest Analysis section suggesting that the URLs were configured incorrectly, when in fact the 301 redirect is a valid configuration.
• Ordinarily this would be resolved by setting allow_redirects to True in the requests.get, but this was removed in (f22c584) specifically to mitigate GHSA-m435-9v6r-v5f6.
• This PR aims to reduce a specific, common false positive while maintaining protections against SSRF.

Solution:

• Check redirects to see if they're simple TLS upgrades; if so, perform a manual redirect to the TLS version.

Checklist for PR

• Run MobSF unit tests and lint tox -e lint,test
• Tested Working on Linux, Mac, Windows, and Docker
• Add unit test for any new Web API (Refer: StaticAnalyzer/tests.py)
• Make sure tests are passing on your PR

Additional Comments (if any)

[ajinabraham]

Thanks for the PR. I will review this and get back.

[ajinabraham]

Simplified the logic a bit to automatically handle this without requiring a redirect.
Closing in favour of #2484