Allow autofill in iframe inside page of same origin

components/autofill/content/renderer/password_autofill_agent.cc

Index: components/autofill/content/renderer/password_autofill_agent.cc
diff --git a/components/autofill/content/renderer/password_autofill_agent.cc b/components/autofill/content/renderer/password_autofill_agent.cc
index 237f23a2055d901e576ffbec07b6c432635b31fc..67650e77a4ecfbd82ee51c2b5949f62358612217 100644
--- a/components/autofill/content/renderer/password_autofill_agent.cc
+++ b/components/autofill/content/renderer/password_autofill_agent.cc
@@ -450,10 +450,21 @@ bool FillFormOnPasswordReceived(
     std::map<const blink::WebInputElement, blink::WebString>&
         nonscript_modified_values,
     base::Callback<void(blink::WebInputElement*)> registration_callback) {
-  // Do not fill if the password field is in an iframe.
-  DCHECK(password_element.document().frame());
-  if (password_element.document().frame()->parent())
+  // Do not fill if the password field is in a chain of iframes not having
+  // identical origin.
+  blink::WebFrame* cur_frame = password_element.document().frame();
+  blink::WebString bottom_frame_origin =
+          cur_frame->securityOrigin().toString();
+
+  DCHECK(cur_frame);
+
+  while (cur_frame->parent() &&

[Garrett Casto, 2015/05/26 20:31:38]

I think that it's slightly simpler to construct this as

while (cur_frame->parent()) {
  cur_frame = cur_frame->parent()
  if (!<origin check>)
    return false
}

+         bottom_frame_origin.equals(cur_frame->securityOrigin().toString())) {
+    cur_frame = cur_frame->parent();
+  }
+  if (!bottom_frame_origin.equals(cur_frame->securityOrigin().toString())) {

[Garrett Casto, 2015/05/26 20:31:38]

Nit: We don't put one braces on one line if statements.

     return false;
+  }
 
   // If we can't modify the password, don't try to set the username
   if (!IsElementAutocompletable(password_element))