Autofill: Better recognize credit card fields.

components/autofill/core/browser/credit_card_field.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/autofill/core/browser/credit_card_field.h"
 
 #include <stddef.h>
 
 #include "base/memory/scoped_ptr.h"
 #include "base/strings/string16.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "components/autofill/core/browser/autofill_field.h"
 #include "components/autofill/core/browser/autofill_regex_constants.h"
+#include "components/autofill/core/browser/autofill_regexes.h"
 #include "components/autofill/core/browser/autofill_scanner.h"
 #include "components/autofill/core/browser/field_types.h"
 
 namespace autofill {
 
 // Credit card numbers are at most 19 digits in length.
 // [Ref: http://en.wikipedia.org/wiki/Bank_card_number]
 static const size_t kMaxValidCardNumberSize = 19;
 
 // static
+const int CreditCardField::kMatchNumAndTel =
+    MATCH_DEFAULT | MATCH_NUMBER | MATCH_TELEPHONE;
+
+// static
+const int CreditCardField::kMatchNumTelAndPass =
+    kMatchNumAndTel | MATCH_PASSWORD;
+
+// static
 scoped_ptr<FormField> CreditCardField::Parse(AutofillScanner* scanner) {
   if (scanner->IsEnd())
     return nullptr;
 
   scoped_ptr<CreditCardField> credit_card_field(new CreditCardField);
   size_t saved_cursor = scanner->SaveCursor();
 
   // Credit card fields can appear in many different orders.
   // We loop until no more credit card related fields are found, see |break| at
-  // bottom of the loop.
+  // the bottom of the loop.
   for (int fields = 0; !scanner->IsEnd(); ++fields) {
     // Ignore gift card fields.
     if (ParseField(scanner, base::UTF8ToUTF16(kGiftCardRe), nullptr))
       break;
 
-    if (!credit_card_field->cardholder_) {
+    if (!credit_card_field->cardholder_ &&
+        !LikelyCardNumberField(scanner) &&

[Evan Stade, 2015/03/13 20:57:13]

Why are you checking !LikelyCardNumberField in several places, as opposed to,
say, moving the card number matcher earlier in the loop?

[Lei Zhang, 2015/03/13 23:11:00]

Changing the order may creates more of the same problem. Instead of incorrectly
recognizing a name as a number, we may end up incorrectly recgonzing a number as
a name. The order we have seem to work well for most cases, so I don't want to
change it. I just want to make it more accurate. The !LikelyFoo() calls act as
filters to help decrease false positives.

+        !MayBeCardCVCField(scanner)) {
       if (ParseField(scanner,
                      base::UTF8ToUTF16(kNameOnCardRe),
                      &credit_card_field->cardholder_)) {
         continue;
       }
 
       // Sometimes the cardholder field is just labeled "name". Unfortunately
       // this is a dangerously generic word to search for, since it will often
       // match a name (not cardholder name) field before or after credit card
       // fields. So we search for "name" only when we've already parsed at
       // least one other credit card field and haven't yet parsed the
       // expiration date (which usually appears at the end).
       if (fields > 0 &&
           !credit_card_field->expiration_month_ &&
           ParseField(scanner,
                      base::UTF8ToUTF16(kNameOnCardContextualRe),
                      &credit_card_field->cardholder_)) {
         continue;
       }
     }
 
     // Check for a credit card type (Visa, MasterCard, etc.) field.
-    if (!credit_card_field->type_ &&
-        ParseFieldSpecifics(scanner,
-                            base::UTF8ToUTF16(kCardTypeRe),
-                            MATCH_DEFAULT | MATCH_SELECT,
-                            &credit_card_field->type_)) {
+    // This used to match text fields, and had a regex for the field name/label,
+    // but LikelyCardType() works as well and produces fewer incorrect matches.

[Evan Stade, 2015/03/13 20:57:13]

this extra documentation is perhaps relevant to this code review but I'd not
leave it in the code

[Lei Zhang, 2015/03/13 23:11:00]

Removed.

+    if (!credit_card_field->type_ && LikelyCardType(scanner)) {
+      credit_card_field->type_ = scanner->Cursor();
+      scanner->Advance();
       continue;
     }
 
     // We look for a card security code before we look for a credit card number
     // and match the general term "number". The security code has a plethora of
     // names; we've seen "verification #", "verification number", "card
     // identification number", and others listed in the regex pattern used
     // below.
     // Note: Some sites use type="tel" or type="number" for numerical inputs.
-    const int kMatchNumAndTel = MATCH_DEFAULT | MATCH_NUMBER | MATCH_TELEPHONE;
     if (!credit_card_field->verification_ &&
+        !LikelyCardNumberField(scanner) &&
         ParseFieldSpecifics(scanner,
                             base::UTF8ToUTF16(kCardCvcRe),
-                            kMatchNumAndTel | MATCH_PASSWORD,
+                            kMatchNumTelAndPass,
                             &credit_card_field->verification_)) {
       continue;
     }
 
     AutofillField* current_number_field;
     if (ParseFieldSpecifics(scanner,
                             base::UTF8ToUTF16(kCardNumberRe),
                             kMatchNumAndTel,
                             &current_number_field)) {
       // Avoid autofilling any credit card number field having very low or high
@@ skipping 22 matching lines @@
       continue;
 
     if (credit_card_field->expiration_month_ &&
         !credit_card_field->expiration_year_ &&
         !credit_card_field->expiration_date_) {
       // Parsed a month but couldn't parse a year; give up.
       scanner->RewindTo(saved_cursor);
       return nullptr;
     }
 
-    // Some pages (e.g. ExpediaBilling.html) have a "card description"

[Lei Zhang, 2015/03/13 08:15:11]

With the other changes, this reached the start of a new CC block and start
eating those fields. If we ever find another example where a CC block gets
broken in two, we can try putting this back, but with something more restrictive
than just ^card.

I wonder what happened to ExpediaBilling.html and friends.

-    // field; we parse this field but ignore it.
-    // We also ignore any other fields within a credit card block that
-    // start with "card", under the assumption that they are related to
-    // the credit card section being processed but are uninteresting to us.
-    if (ParseField(scanner, base::UTF8ToUTF16(kCardIgnoredRe), nullptr))
-      continue;
-
     break;
   }
 
   // Some pages have a billing address field after the cardholder name field.
   // For that case, allow only just the cardholder name field.  The remaining
   // CC fields will be picked up in a following CreditCardField.
   if (credit_card_field->cardholder_)
     return credit_card_field.Pass();
 
   // On some pages, the user selects a card type using radio buttons
   // (e.g. test page Apple Store Billing.html).  We can't handle that yet,
   // so we treat the card type as optional for now.
   // The existence of a number or cvc in combination with expiration date is
   // a strong enough signal that this is a credit card.  It is possible that
   // the number and name were parsed in a separate part of the form.  So if
   // the cvc and date were found independently they are returned.
   bool has_cc_number_or_verification = (credit_card_field->verification_ ||
                                         !credit_card_field->numbers_.empty());
   bool has_date_or_mm_yy = (credit_card_field->expiration_date_ ||
                             (credit_card_field->expiration_month_ &&
                              credit_card_field->expiration_year_));
   if (has_cc_number_or_verification && has_date_or_mm_yy)
     return credit_card_field.Pass();
 
   scanner->RewindTo(saved_cursor);
   return nullptr;
 }
 
+// static
+bool CreditCardField::LikelyCardNumberField(AutofillScanner* scanner) {
+  if (scanner->IsEnd())
+    return false;
+
+  // Look for a form of the right type with a 16 to 19 digit maxlength.

[Evan Stade, 2015/03/13 20:57:13]

the minimum card has less than 16 digits

[Lei Zhang, 2015/03/13 23:11:00]

Yes, but if a website made it less than 16, then they can't accept a
VISA/Mastercard CC number.

+  AutofillField* field = scanner->Cursor();
+  return (MatchesFormControlType(field->form_control_type, kMatchNumAndTel) &&
+          field->max_length >= 16 &&
+          field->max_length <= kMaxValidCardNumberSize);
+}
+
+// static
+bool CreditCardField::LikelyCardType(AutofillScanner* scanner) {
+  if (scanner->IsEnd())
+    return false;
+
+  AutofillField* field = scanner->Cursor();
+  if (MatchesFormControlType(field->form_control_type, MATCH_SELECT)) {

[Evan Stade, 2015/03/13 20:57:13]

I feel like this code should go somewhere we can reuse it for address pieces

Also you should reuse/share with the filling code, i.e.
FillCreditCardTypeSelectControl

[Lei Zhang, 2015/03/13 23:11:00]

Done.

+    // VISA and Mastercard are oftentimes branded as is in other countries, so
+    // translations are probably not needed.
+    const char* const kCardBrands[] = {
+      "visa",
+      "mastercard",
+    };
+    for (const char* brand : kCardBrands) {
+      for (const auto& value : field->option_values) {
+        if (MatchesPattern(value, base::ASCIIToUTF16(brand)))
+          return true;
+      }
+      for (const auto& content : field->option_contents) {
+        if (MatchesPattern(content, base::ASCIIToUTF16(brand)))
+          return true;
+      }
+    }
+  }
+  return false;
+}
+
+// static
+bool CreditCardField::MayBeCardCVCField(AutofillScanner* scanner) {
+  if (scanner->IsEnd())
+    return false;
+
+  // Look for a form of the right type with a 3 or 4 digit maxlength.
+  AutofillField* field = scanner->Cursor();
+  return (MatchesFormControlType(field->form_control_type,
+                                 kMatchNumTelAndPass) &&
+          (field->max_length == 3 || field->max_length == 4));
+}
+
 CreditCardField::CreditCardField()
     : cardholder_(nullptr),
       cardholder_last_(nullptr),
       type_(nullptr),
       verification_(nullptr),
       expiration_month_(nullptr),
       expiration_year_(nullptr),
       expiration_date_(nullptr),
       exp_year_type_(CREDIT_CARD_EXP_DATE_4_DIGIT_YEAR) {
 }
@@ skipping 98 matching lines @@
 
 ServerFieldType CreditCardField::GetExpirationYearType() const {
   return (expiration_date_
               ? exp_year_type_
               : ((expiration_year_ && expiration_year_->max_length == 2)
                      ? CREDIT_CARD_EXP_2_DIGIT_YEAR
                      : CREDIT_CARD_EXP_4_DIGIT_YEAR));
 }
 
 }  // namespace autofill