OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/password_manager/core/browser/password_form_manager.h" | 5 #include "components/password_manager/core/browser/password_form_manager.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <set> | 8 #include <set> |
9 | 9 |
10 #include "base/metrics/histogram_macros.h" | 10 #include "base/metrics/histogram_macros.h" |
(...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
163 // we also consider the actions a match. This is to accommodate cases where | 163 // we also consider the actions a match. This is to accommodate cases where |
164 // the original login form is on an HTTP page, but a failed login attempt | 164 // the original login form is on an HTTP page, but a failed login attempt |
165 // redirects to HTTPS (as in http://example.org -> https://example.org/auth). | 165 // redirects to HTTPS (as in http://example.org -> https://example.org/auth). |
166 if (!origins_match && !observed_form_.origin.SchemeIsCryptographic() && | 166 if (!origins_match && !observed_form_.origin.SchemeIsCryptographic() && |
167 form.origin.SchemeIsCryptographic()) { | 167 form.origin.SchemeIsCryptographic()) { |
168 const std::string& old_path = observed_form_.origin.path(); | 168 const std::string& old_path = observed_form_.origin.path(); |
169 const std::string& new_path = form.origin.path(); | 169 const std::string& new_path = form.origin.path(); |
170 origins_match = | 170 origins_match = |
171 observed_form_.origin.host() == form.origin.host() && | 171 observed_form_.origin.host() == form.origin.host() && |
172 observed_form_.origin.port() == form.origin.port() && | 172 observed_form_.origin.port() == form.origin.port() && |
173 base::StartsWithASCII(new_path, old_path, /*case_sensitive=*/true); | 173 base::StartsWith(new_path, old_path, base::CompareCase::SENSITIVE); |
174 } | 174 } |
175 | 175 |
176 if (!origins_match) | 176 if (!origins_match) |
177 return result; | 177 return result; |
178 | 178 |
179 result |= RESULT_ORIGINS_MATCH; | 179 result |= RESULT_ORIGINS_MATCH; |
180 | 180 |
181 // Autofill predictions can overwrite our default username selection so | 181 // Autofill predictions can overwrite our default username selection so |
182 // if this form was parsed with autofill predictions then allow the username | 182 // if this form was parsed with autofill predictions then allow the username |
183 // element to be different. | 183 // element to be different. |
(...skipping 209 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
393 continue; | 393 continue; |
394 if (credential_scores[i] < best_score) { | 394 if (credential_scores[i] < best_score) { |
395 // Empty path matches are most commonly imports from Firefox, and | 395 // Empty path matches are most commonly imports from Firefox, and |
396 // generally useful to autofill. Blacklisted entries are only meaningful | 396 // generally useful to autofill. Blacklisted entries are only meaningful |
397 // in the absence of non-blacklisted entries, in which case they need no | 397 // in the absence of non-blacklisted entries, in which case they need no |
398 // protection to become |best_matches_|. TODO(timsteele): Bug 1269400. We | 398 // protection to become |best_matches_|. TODO(timsteele): Bug 1269400. We |
399 // probably should do something more elegant for any shorter-path match | 399 // probably should do something more elegant for any shorter-path match |
400 // instead of explicitly handling empty path matches. | 400 // instead of explicitly handling empty path matches. |
401 bool is_credential_protected = | 401 bool is_credential_protected = |
402 observed_form_.scheme == PasswordForm::SCHEME_HTML && | 402 observed_form_.scheme == PasswordForm::SCHEME_HTML && |
403 base::StartsWithASCII("/", login->origin.path(), true) && | 403 base::StartsWith("/", login->origin.path(), |
| 404 base::CompareCase::SENSITIVE) && |
404 credential_scores[i] > 0 && !login->blacklisted_by_user; | 405 credential_scores[i] > 0 && !login->blacklisted_by_user; |
405 // Passwords generated on a signup form must show on a login form even if | 406 // Passwords generated on a signup form must show on a login form even if |
406 // there are better-matching saved credentials. TODO(gcasto): We don't | 407 // there are better-matching saved credentials. TODO(gcasto): We don't |
407 // want to cut credentials that were saved on signup forms even if they | 408 // want to cut credentials that were saved on signup forms even if they |
408 // weren't generated, but currently it's hard to distinguish between those | 409 // weren't generated, but currently it's hard to distinguish between those |
409 // forms and two different login forms on the same domain. Filed | 410 // forms and two different login forms on the same domain. Filed |
410 // http://crbug.com/294468 to look into this. | 411 // http://crbug.com/294468 to look into this. |
411 is_credential_protected |= login->type == PasswordForm::TYPE_GENERATED; | 412 is_credential_protected |= login->type == PasswordForm::TYPE_GENERATED; |
412 | 413 |
413 if (is_credential_protected) | 414 if (is_credential_protected) |
(...skipping 556 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
970 LogPasswordGenerationSubmissionEvent(PASSWORD_SUBMITTED); | 971 LogPasswordGenerationSubmissionEvent(PASSWORD_SUBMITTED); |
971 } | 972 } |
972 | 973 |
973 void PasswordFormManager::SubmitFailed() { | 974 void PasswordFormManager::SubmitFailed() { |
974 submit_result_ = kSubmitResultFailed; | 975 submit_result_ = kSubmitResultFailed; |
975 if (has_generated_password_) | 976 if (has_generated_password_) |
976 LogPasswordGenerationSubmissionEvent(PASSWORD_SUBMISSION_FAILED); | 977 LogPasswordGenerationSubmissionEvent(PASSWORD_SUBMISSION_FAILED); |
977 } | 978 } |
978 | 979 |
979 } // namespace password_manager | 980 } // namespace password_manager |
OLD | NEW |