Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(378)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/autofill/core/browser/autofill_manager.cc

Issue 1136473006: Don't autofill credit cards on non-secure pages (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Default implementation for other OSes Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/autofill/core/browser/autofill_client.h ('k') | components/autofill/core/browser/autofill_manager_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/autofill/core/browser/autofill_manager.cc
diff --git a/components/autofill/core/browser/autofill_manager.cc b/components/autofill/core/browser/autofill_manager.cc
index 5df3ca14bda7fa0fee2dde5a92456f091613c803..e0add7e10754dad9e2157dd41fe2c4cabdac9f03 100644
--- a/components/autofill/core/browser/autofill_manager.cc
+++ b/components/autofill/core/browser/autofill_manager.cc
@@ -86,10 +86,6 @@ bool SectionIsAutofilled(const FormStructure& form_structure,
return false;
}
-bool FormIsHTTPS(const FormStructure& form) {
- return form.source_url().SchemeIs(url::kHttpsScheme);
Evan Stade 2015/05/18 18:15:50 so palmer@, should we just change this to SchemeIs
palmer 2015/05/18 18:26:19 LGTM either way. (And, at the moment and into at l
Ilya Sherman 2015/05/18 18:41:30 Sorry, I'm still not following why we shouldn't ju
-}
-
// Uses the existing personal data in |profiles| and |credit_cards| to determine
// possible field types for the |submitted_form|. This is potentially
// expensive -- on the order of 50ms even for a small set of |stored_data|.
@@ -491,9 +487,11 @@ void AutofillManager::OnQueryFormFieldAutofill(int query_id,
GetProfileSuggestions(*form_structure, field, *autofill_field);
}
if (!suggestions.empty()) {
- // Don't provide credit card suggestions for non-HTTPS pages. However,
- // do provide a warning to the user.
- if (is_filling_credit_card && !FormIsHTTPS(*form_structure)) {
+ // Don't provide credit card suggestions for non-secure pages. However,
+ // do provide a warning to the user. This will generate warnings on pages
+ // with mixed content (which includes forms with an http target).
+ if (is_filling_credit_card &&
+ !client_->IsContextSecure(form_structure->source_url())) {
Suggestion warning_suggestion(l10n_util::GetStringUTF16(
IDS_AUTOFILL_WARNING_INSECURE_CONNECTION));
warning_suggestion.frontend_id = POPUP_ITEM_ID_WARNING_MESSAGE;
« no previous file with comments | « components/autofill/core/browser/autofill_client.h ('k') | components/autofill/core/browser/autofill_manager_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698