Allow autofill in iframe inside page of same origin

chrome/browser/password_manager/password_manager_browsertest.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <string>
 
 #include "base/command_line.h"
 #include "base/metrics/histogram_samples.h"
 #include "base/metrics/statistics_recorder.h"
 #include "base/path_service.h"
@@ skipping 30 matching lines @@
 #include "content/public/browser/navigation_controller.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/test/browser_test_utils.h"
 #include "content/public/test/test_utils.h"
 #include "net/base/filename_util.h"
+#include "net/dns/mock_host_resolver.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
 #include "net/test/embedded_test_server/http_request.h"
 #include "net/test/embedded_test_server/http_response.h"
 #include "net/test/spawned_test_server/spawned_test_server.h"
 #include "net/url_request/test_url_fetcher_factory.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "third_party/WebKit/public/web/WebInputEvent.h"
 #include "ui/events/keycodes/keyboard_codes.h"
 #include "ui/gfx/geometry/point.h"
 
@@ skipping 277 matching lines @@
     observer.Wait();
   }
 
   // Waits until the "value" attribute of the HTML element with |element_id| is
   // equal to |expected_value|. If the current value is not as expected, this
   // waits until the "change" event is fired for the element. This also
   // guarantees that once the real value matches the expected, the JavaScript
   // event loop is spun to allow all other possible events to take place.
   void WaitForElementValue(const std::string& element_id,
                            const std::string& expected_value);
+  // Same as above except the element |element_id| is in iframe |iframe_id|
+  void WaitForElementValue(const std::string& iframe_id,
+                           const std::string& element_id,
+                           const std::string& expected_value);
   // Checks that the current "value" attribute of the HTML element with
   // |element_id| is equal to |expected_value|.
   void CheckElementValue(const std::string& element_id,
                          const std::string& expected_value);
+  // Same as above except the element |element_id| is in iframe |iframe_id|
+  void CheckElementValue(const std::string& iframe_id,
+                         const std::string& element_id,
+                         const std::string& expected_value);
 
   // TODO(dvadym): Remove this once history.pushState() handling is not behind
   // a flag.
   // Calling this will activate handling of pushState()-initiated form submits.
   // This feature is currently behind a renderer flag. Just setting the flag in
   // the browser will not change it for the already running renderer at tab 0.
   // Therefore this method first sets the flag and then opens a new tab at
   // position 0. This new tab gets the flag copied from the browser process.
   void ActivateHistoryPushState();
 
  private:
   DISALLOW_COPY_AND_ASSIGN(PasswordManagerBrowserTest);
 };
 
 void PasswordManagerBrowserTest::WaitForElementValue(
     const std::string& element_id,
     const std::string& expected_value) {
+    PasswordManagerBrowserTest::WaitForElementValue("null",
+                                                    element_id,
+                                                    expected_value);
+}
+
+void PasswordManagerBrowserTest::WaitForElementValue(
+    const std::string& iframe_id,
+    const std::string& element_id,
+    const std::string& expected_value) {
   enum ReturnCodes {  // Possible results of the JavaScript code.
     RETURN_CODE_OK,
     RETURN_CODE_NO_ELEMENT,
     RETURN_CODE_WRONG_VALUE,
     RETURN_CODE_INVALID,
   };
   const std::string value_check_function = base::StringPrintf(
       "function valueCheck() {"
-      "  var element = document.getElementById('%s');"
+      "  if (%s)"
+      "    var element = document.getElementById("
+      "        '%s').contentDocument.getElementById('%s');"
+      "  else "
+      "    var element = document.getElementById('%s');"
       "  return element && element.value == '%s';"
       "}",
+      iframe_id.c_str(),
+      iframe_id.c_str(),
+      element_id.c_str(),
       element_id.c_str(),
       expected_value.c_str());
   const std::string script =
       value_check_function +
       base::StringPrintf(
           "if (valueCheck()) {"
           "  /* Spin the event loop with setTimeout. */"
           "  setTimeout(window.domAutomationController.send(%d), 0);"
           "} else {"
-          "  var element = document.getElementById('%s');"
+          "  if (%s)"
+          "    var element = document.getElementById("
+          "        '%s').contentDocument.getElementById('%s');"
+          "  else "
+          "    var element = document.getElementById('%s');"
           "  if (!element)"
           "    window.domAutomationController.send(%d);"
           "  element.onchange = function() {"
           "    if (valueCheck()) {"
           "      /* Spin the event loop with setTimeout. */"
           "      setTimeout(window.domAutomationController.send(%d), 0);"
           "    } else {"
           "      window.domAutomationController.send(%d);"
           "    }"
           "  };"
           "}",
           RETURN_CODE_OK,
+          iframe_id.c_str(),
+          iframe_id.c_str(),
+          element_id.c_str(),
           element_id.c_str(),
           RETURN_CODE_NO_ELEMENT,
           RETURN_CODE_OK,
           RETURN_CODE_WRONG_VALUE);
   int return_value = RETURN_CODE_INVALID;
   ASSERT_TRUE(content::ExecuteScriptAndExtractInt(
       RenderViewHost(), script, &return_value));
   EXPECT_EQ(RETURN_CODE_OK, return_value)
       << "element_id = " << element_id
       << ", expected_value = " << expected_value;
 }
 
 void PasswordManagerBrowserTest::CheckElementValue(
     const std::string& element_id,
     const std::string& expected_value) {
+  PasswordManagerBrowserTest::CheckElementValue("null",
+                                                element_id,
+                                                expected_value);
+}
+
+void PasswordManagerBrowserTest::CheckElementValue(
+    const std::string& iframe_id,
+    const std::string& element_id,
+    const std::string& expected_value) {
   const std::string value_check_script = base::StringPrintf(
-      "var element = document.getElementById('%s');"
+      "if (%s)"
+      "  var element = document.getElementById("
+      "      '%s').contentDocument.getElementById('%s');"
+      "else "
+      "  var element = document.getElementById('%s');"
       "window.domAutomationController.send(element && element.value == '%s');",
+      iframe_id.c_str(),
+      iframe_id.c_str(),
+      element_id.c_str(),
       element_id.c_str(),
       expected_value.c_str());
   bool return_value = false;
   ASSERT_TRUE(content::ExecuteScriptAndExtractBool(
       RenderViewHost(), value_check_script, &return_value));
   EXPECT_TRUE(return_value) << "element_id = " << element_id
                             << ", expected_value = " << expected_value;
 }
 
 void PasswordManagerBrowserTest::ActivateHistoryPushState() {
@@ skipping 1476 matching lines @@
   NavigateToFile("/password/password_xhr_submit.html");
 
   // Let the user interact with the page, so that DOM gets modification events,
   // needed for autofilling fields.
   content::SimulateMouseClickAt(
       WebContents(), 0, blink::WebMouseEvent::ButtonLeft, gfx::Point(1, 1));
 
   // Wait until that interaction causes the password value to be revealed.
   WaitForElementValue("password_field", "mypassword");
 }
+
+// Check that a password form in an iframe of different origin will not be
+// filled in until a user interact with the form.
+IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, CrossSiteIframeNotFillTest) {
+  // Setup the mock host resolver
+  host_resolver()->AddRule("*", "127.0.0.1");
+
+  // Here we need to dynamically create the iframe because the port
+  // embedded_test_server ran on was dynamically allocated, so the iframe's src
+  // attribute can only be determined at run time.
+  NavigateToFile("/password/password_form_in_crosssite_iframe.html");
+  NavigationObserver ifrm_observer(WebContents());
+  ifrm_observer.SetPathToWaitFor("/password/crossite_iframe_content.html");
+
+  std::string submit = base::StringPrintf(

[Garrett Casto, 2015/05/28 18:08:18]

Sorry, if this was clear, but the JS function name was descriptive, but the
std::string named "submit" didn't really describe what the JS would do. That is
what I would rename.

[xunlu, 2015/05/28 22:28:16]

Done.

+      "create_iframe("
+          "'http://randomsite.net:%d/password/crossite_iframe_content.html');",
+      embedded_test_server()->port());
+
+  ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), submit));
+  ifrm_observer.Wait();
+
+  NavigationObserver init_observer(WebContents());
+  init_observer.SetPathToWaitFor("/password/done.html");
+  scoped_ptr<PromptObserver> prompt_observer(
+      PromptObserver::Create(WebContents()));
+  // Store a password for autofill later

[Garrett Casto, 2015/05/28 18:08:18]

Nit: This isn't a rule, but we generally value consistency and in this file the
comments generally come at the beginning of a block of code, not in the middle. 

[xunlu, 2015/05/28 22:28:15]

Done.

+  std::string init_form = "sendMessage('fill_and_submit');";
+  ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), init_form));
+  init_observer.Wait();
+  EXPECT_TRUE(prompt_observer->IsShowingPrompt());
+  prompt_observer->Accept();
+
+  // Visit the form again
+  NavigationObserver reload_observer(WebContents());
+  NavigateToFile("/password/password_form_in_crosssite_iframe.html");
+  reload_observer.Wait();
+
+  NavigationObserver ifrm_observer_2(WebContents());
+  ifrm_observer_2.SetPathToWaitFor("/password/crossite_iframe_content.html");
+  ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), submit));
+  ifrm_observer_2.Wait();
+

[Garrett Casto, 2015/05/28 18:08:18]

So we talked about how it's probably okay here not to actually interact with the
page to verify that you can get the data if you actually select the dropdown,
but it would be nice to interact with the frame in the same way that you do
below so that the password would be visible to script if it was filled.

[xunlu, 2015/05/28 22:28:16]

Done.

+  // Verfiy username is not autofilled

[Garrett Casto, 2015/05/28 18:08:18]

"Verify"

[xunlu, 2015/05/28 22:28:16]

Done.

+  std::string empty_username;
+  ASSERT_TRUE(content::ExecuteScriptAndExtractString(
+      RenderViewHost(),
+      "sendMessage('get_username');",
+      &empty_username));
+  ASSERT_EQ("", empty_username);
+
+
+  // Verfiy password is not autofilled

[Garrett Casto, 2015/05/28 18:08:18]

"Verify"

[xunlu, 2015/05/28 22:28:16]

Done.

+  std::string empty_password;
+  ASSERT_TRUE(content::ExecuteScriptAndExtractString(
+      RenderViewHost(),
+      "sendMessage('get_password');",
+      &empty_password));
+  ASSERT_EQ("", empty_password);
+}
+
+// Check that a password form in an iframe of same origin will not be
+// filled in until user interact with the iframe.
+IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest,
+                       SameOriginIframeAutoFillTest) {
+  // Visit the sign-up form to store a password for autofill later
+  NavigateToFile("/password/password_form_in_same_origin_iframe.html");
+  NavigationObserver observer(WebContents());
+  observer.SetPathToWaitFor("/password/done.html");
+  scoped_ptr<PromptObserver> prompt_observer(
+      PromptObserver::Create(WebContents()));
+
+  std::string submit =
+      "var ifrmDoc = document.getElementById('iframe').contentDocument;"
+      "ifrmDoc.getElementById('username_field').value = 'temp';"
+      "ifrmDoc.getElementById('password_field').value = 'pa55w0rd';"
+      "ifrmDoc.getElementById('input_submit_button').click();";
+  ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), submit));
+  observer.Wait();
+  EXPECT_TRUE(prompt_observer->IsShowingPrompt());
+  prompt_observer->Accept();
+
+  // Visit the form again
+  NavigationObserver reload_observer(WebContents());
+  NavigateToFile("/password/password_form_in_same_origin_iframe.html");
+  reload_observer.Wait();
+
+  // Verfiy username is autofilled

[Garrett Casto, 2015/05/28 18:08:18]

"Verify"

[xunlu, 2015/05/28 22:28:16]

Done.

+  CheckElementValue("iframe", "username_field", "temp");
+
+  // Verfiy password is not autofilled

[Garrett Casto, 2015/05/28 18:08:18]

"Verify"

[xunlu, 2015/05/28 22:28:16]

Done.

+  CheckElementValue("iframe", "password_field", "");
+
+  // Simulate the user interaction in the iframe which should trigger autofill.
+  ASSERT_TRUE(content::ExecuteScript(
+      RenderViewHost(),
+      "var iframeRect = document.getElementById("
+      "'iframe').getBoundingClientRect();"));
+  int top;
+  ASSERT_TRUE(content::ExecuteScriptAndExtractInt(
+      RenderViewHost(),
+      "window.domAutomationController.send(iframeRect.top);",
+      &top));
+  int left;
+  ASSERT_TRUE(content::ExecuteScriptAndExtractInt(
+      RenderViewHost(),
+      "window.domAutomationController.send(iframeRect.left);",
+      &left));
+
+  content::SimulateMouseClickAt(
+      WebContents(), 0, blink::WebMouseEvent::ButtonLeft, gfx::Point(left + 1,
+                                                                     top + 1));
+  // Verify password has been autofilled
+  WaitForElementValue("iframe", "password_field", "pa55w0rd");
+
+  // Verfiy username has been autofilled

[Garrett Casto, 2015/05/28 18:08:18]

"Verify"

[xunlu, 2015/05/28 22:28:15]

Done.

+  CheckElementValue("iframe", "username_field", "temp");
+
+}