Wow that sucks. It's not just HTML Cleaners though. A few years ago (before snowden) I analyzed free proxy servers and found that most of them blocked https and many even injected JS or HTML into all requests [1].
I also wrote a tutorial on how you can build an infecting proxy too [2]. Doesn't work anymore though since HTTPS is everywhere. Thank god