components/autofill/content/renderer/password_form_conversion_utils.cc - Issue 1072813002: Avoid considering readonly password elements in password form

Side by Side Diff: components/autofill/content/renderer/password_form_conversion_utils.cc

Issue 1072813002: Avoid considering readonly password elements in password form (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Updating test Created 5 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "components/autofill/content/renderer/password_form_conversion_utils.h"	5 #include "components/autofill/content/renderer/password_form_conversion_utils.h"

6	6

7 #include <vector>	7 #include <vector>

8	8

9 #include "base/lazy_instance.h"	9 #include "base/lazy_instance.h"

10 #include "base/memory/scoped_ptr.h"	10 #include "base/memory/scoped_ptr.h"

(...skipping 343 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
354 }	354 }

355 }	355 }

356 password_form->username_value = username_value;	356 password_form->username_value = username_value;

357 }	357 }

358	358

359 WebInputElement password;	359 WebInputElement password;

360 WebInputElement new_password;	360 WebInputElement new_password;

361 if (!LocateSpecificPasswords(passwords, &password, &new_password))	361 if (!LocateSpecificPasswords(passwords, &password, &new_password))

362 return;	362 return;

363	363

	364 // If Password field is readonly, there is no point in considering
	vabr (Chromium) 2015/04/10 08:04:51 I suggest the following rephrasing, to better capt I suggest the following rephrasing, to better capture the reasons for not supporting those forms for now: // If the password field is readonly, the page is likely using a virtual keyboard and bypassing the password field value (see http://crbug.com/475488). There is nothing Chrome can do to fill passwords for now. ramya.v 2015/04/10 10:40:23 Done. Show quoted text On 2015/04/10 08:04:51, vabr (Chromium) wrote: > I suggest the following rephrasing, to better capture the reasons for not > supporting those forms for now: > > // If the password field is readonly, the page is likely using a virtual > keyboard and bypassing the password field value (see http://crbug.com/475488). > There is nothing Chrome can do to fill passwords for now. Done.
	365 // such form for autofill e.g., m.epost.go.kr,

	366 // where password field is associated with virtual keypad.

	367 if (!password.isNull() && password.isReadOnly())
	vabr (Chromium) 2015/04/10 08:04:51 Instead of doing this check here, I suggest moving Instead of doing this check here, I suggest moving adding this to the condition on line 257. That way, the read-only passwords will not even be considered for being used, and in case there are other, modifiable, password fields, Chrome will try to use them. There is a caveat, though, in case the readonly password element is explicitly marked as a password field by an autocomplete attribute. To handle those correctly, I suggest dropping this block, and changing the check on line 257 to if (input_element->isPasswordField() && (!input_element.isReadInly() \|\| HasAutocompleteAttributeValue(input_element, "current-password") \|\| HasAutocompleteAttributeValue(input_element, "new-password")) { ... } ramya.v 2015/04/10 10:40:23 Done. Show quoted text On 2015/04/10 08:04:51, vabr (Chromium) wrote: > Instead of doing this check here, I suggest moving adding this to the condition > on line 257. That way, the read-only passwords will not even be considered for > being used, and in case there are other, modifiable, password fields, Chrome > will try to use them. > > There is a caveat, though, in case the readonly password element is explicitly > marked as a password field by an autocomplete attribute. To handle those > correctly, I suggest dropping this block, and changing the check on line 257 to > > if (input_element->isPasswordField() && (!input_element.isReadInly() \|\| > HasAutocompleteAttributeValue(input_element, "current-password") \|\| > HasAutocompleteAttributeValue(input_element, "new-password")) { > ... > } Done.
	368 return;

	369

364 password_form->action = GetCanonicalActionForForm(form);	370 password_form->action = GetCanonicalActionForForm(form);

365 if (!password_form->action.is_valid())	371 if (!password_form->action.is_valid())

366 return;	372 return;

367	373

368 password_form->origin = GetCanonicalOriginForDocument(form.document());	374 password_form->origin = GetCanonicalOriginForDocument(form.document());

369 GURL::Replacements rep;	375 GURL::Replacements rep;

370 rep.SetPathStr("");	376 rep.SetPathStr("");

371 password_form->signon_realm =	377 password_form->signon_realm =

372 password_form->origin.ReplaceComponents(rep).spec();	378 password_form->origin.ReplaceComponents(rep).spec();

373 password_form->other_possible_usernames.swap(other_possible_usernames);	379 password_form->other_possible_usernames.swap(other_possible_usernames);

(...skipping 69 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
443 blink::WebFormControlElement(),	449 blink::WebFormControlElement(),

444 REQUIRE_NONE,	450 REQUIRE_NONE,

445 EXTRACT_NONE,	451 EXTRACT_NONE,

446 &password_form->form_data,	452 &password_form->form_data,

447 NULL /* FormFieldData */);	453 NULL /* FormFieldData */);

448	454

449 return password_form.Pass();	455 return password_form.Pass();

450 }	456 }

451	457

452 } // namespace autofill	458 } // namespace autofill

OLD	NEW