[Mac] Passwords: Don't always prompt to access passwords saved by other browsers

chrome/browser/password_manager/password_store.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/password_manager/password_store.h"
 
 #include "base/bind.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop/message_loop.h"
 #include "base/message_loop/message_loop_proxy.h"
@@ skipping 102 matching lines @@
 void PasswordStore::RemoveLoginsCreatedBetween(const base::Time& delete_begin,
                                                const base::Time& delete_end) {
   ScheduleTask(base::Bind(&PasswordStore::WrapModificationTask, this,
       base::Closure(
           base::Bind(&PasswordStore::RemoveLoginsCreatedBetweenImpl, this,
                      delete_begin, delete_end))));
 }
 
 CancelableTaskTracker::TaskId PasswordStore::GetLogins(
     const PasswordForm& form,
+    AuthorizationPromptPolicy prompt_policy,
     PasswordStoreConsumer* consumer) {
   // Per http://crbug.com/121738, we deliberately ignore saved logins for
   // http*://www.google.com/ that were stored prior to 2012. (Google now uses
   // https://accounts.google.com/ for all login forms, so these should be
   // unused.) We don't delete them just yet, and they'll still be visible in the
   // password manager, but we won't use them to autofill any forms. This is a
   // security feature to help minimize damage that can be done by XSS attacks.
   // TODO(mdm): actually delete them at some point, say M24 or so.
   base::Time ignore_logins_cutoff;  // the null time
   if (form.scheme == PasswordForm::SCHEME_HTML &&
       (form.signon_realm == "http://www.google.com" ||
        form.signon_realm == "http://www.google.com/" ||
        form.signon_realm == "https://www.google.com" ||
        form.signon_realm == "https://www.google.com/")) {
     static const base::Time::Exploded exploded_cutoff =
         { 2012, 1, 0, 1, 0, 0, 0, 0 };  // 00:00 Jan 1 2012
     ignore_logins_cutoff = base::Time::FromUTCExploded(exploded_cutoff);
   }
 
   CancelableTaskTracker::IsCanceledCallback is_canceled_cb;
   CancelableTaskTracker::TaskId id =
       consumer->cancelable_task_tracker()->NewTrackedTaskId(&is_canceled_cb);
 
   ConsumerCallbackRunner callback_runner =
       base::Bind(&PostConsumerCallback,
                  base::MessageLoopProxy::current(),
                  is_canceled_cb,
                  consumer,
                  ignore_logins_cutoff);
-  ScheduleTask(
-      base::Bind(&PasswordStore::GetLoginsImpl, this, form, callback_runner));
+  ScheduleTask(base::Bind(&PasswordStore::GetLoginsImpl,
+                          this, form, prompt_policy, callback_runner));
   return id;
 }
 
 CancelableRequestProvider::Handle PasswordStore::GetAutofillableLogins(
     PasswordStoreConsumer* consumer) {
   return Schedule(&PasswordStore::GetAutofillableLoginsImpl, consumer);
 }
 
 CancelableRequestProvider::Handle PasswordStore::GetBlacklistLogins(
     PasswordStoreConsumer* consumer) {
@@ skipping 76 matching lines @@
 #endif  // !defined(OS_MACOSX)
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&PasswordStore::NotifyLoginsChanged, this));
 }
 
 void PasswordStore::NotifyLoginsChanged() {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   FOR_EACH_OBSERVER(Observer, observers_, OnLoginsChanged());
 }