[Password Autofill] Catch XHR submitted forms where onsubmit() wasn't called.

components/autofill/content/renderer/password_autofill_agent.cc

Index: components/autofill/content/renderer/password_autofill_agent.cc
diff --git a/components/autofill/content/renderer/password_autofill_agent.cc b/components/autofill/content/renderer/password_autofill_agent.cc
index 0a5c23e191398576b618ed1168ea47ff4319871c..54a29f9d5767dafb5a65ccdfc0ae6ffc420070ed 100644
--- a/components/autofill/content/renderer/password_autofill_agent.cc
+++ b/components/autofill/content/renderer/password_autofill_agent.cc
@@ -485,16 +485,33 @@ void PasswordAutofillAgent::DidStartProvisionalLoad(blink::WebFrame* frame) {
     // If the navigation is not triggered by a user gesture, e.g. by some ajax
     // callback, then inherit the submitted password form from the previous
     // state. This fixes the no password save issue for ajax login, tracked in
-    // [http://crbug/43219]. Note that there are still some sites that this
-    // fails for because they use some element other than a submit button to
-    // trigger submission (which means WillSendSubmitEvent will not be called).
+    // [http://crbug/43219]. Note that this still fails for sites that use
+    // synchonous XHR as isProcessingUserGesture() will return true.
     blink::WebFrame* form_frame = CurrentOrChildFrameWithSavedForms(frame);
-    if (!blink::WebUserGestureIndicator::isProcessingUserGesture() &&
-        provisionally_saved_forms_[form_frame].get()) {
-      Send(new AutofillHostMsg_PasswordFormSubmitted(
-          routing_id(),
-          *provisionally_saved_forms_[form_frame]));
-      provisionally_saved_forms_.erase(form_frame);
+    if (!blink::WebUserGestureIndicator::isProcessingUserGesture()) {
+      // If onsubmit has been called, try and save that form.
+      if (provisionally_saved_forms_[form_frame].get()) {
+        Send(new AutofillHostMsg_PasswordFormSubmitted(
+            routing_id(),
+            *provisionally_saved_forms_[form_frame]));
+        provisionally_saved_forms_.erase(form_frame);
+      } else {
+        // Loop through the forms on the page looking for one that has been
+        // filled out. If one exists, try and save the credentials.
+        blink::WebVector<blink::WebFormElement> forms;
+        frame->document().forms(forms);
+
+        for (size_t i = 0; i < forms.size(); ++i) {

[vabr (Chromium), 2014/01/16 09:22:10]

If your performance concerns were about this for cycle, then I share them a
little. :)

I agree that we can start with just looking at how it performs.
If needed, we can try to shorten the time to give up on forms which are not
password forms, e.g., by reordering WebPasswordFormData c-tor to check password
fields earlier.

[Garrett Casto, 2014/01/16 22:23:59]

Yeah. From a performance standpoint the most optimal thing to do would be to
save a reference to the form when it's being filled out so that we don't have to
loop at all, but that's reasonably complicated.

[vabr (Chromium), 2014/01/17 09:28:01]

Sure, let's wait if we need to optimise this at all.

+          blink::WebFormElement fe = forms[i];
+          scoped_ptr<PasswordForm> password_form(CreatePasswordForm(fe));
+          if (password_form.get() &&
+              !password_form->username_value.empty() &&
+              !password_form->password_value.empty()) {
+            Send(new AutofillHostMsg_PasswordFormSubmitted(
+                routing_id(), *password_form));
+          }
+        }
+      }
     }
     // Clear the whole map during main frame navigation.
     provisionally_saved_forms_.clear();