Fix of password autofilling on hidden passwords forms.

components/autofill/content/renderer/password_form_conversion_utils.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/autofill/content/renderer/password_form_conversion_utils.h"
 
 #include <string>
 
 #include "base/i18n/case_conversion.h"
 #include "base/lazy_instance.h"
@@ skipping 320 matching lines @@
   }
 
   std::map<WebInputElement, PasswordFormFieldPredictionType> predicted_elements;
   if (form_predictions) {
     FindPredictedElements(form, password_form->form_data, *form_predictions,
                           &predicted_elements);
   }
 
   std::string layout_sequence;
   layout_sequence.reserve(form.control_elements.size());
+  bool visible_passwords_fields_found = false;
   for (size_t i = 0; i < form.control_elements.size(); ++i) {
     WebFormControlElement control_element = form.control_elements[i];
 
     WebInputElement* input_element = toWebInputElement(&control_element);
     if (!input_element || !input_element->isEnabled())
       continue;
 
     if (input_element->isTextField()) {
       if (input_element->isPasswordField())
         layout_sequence.push_back('P');
       else
         layout_sequence.push_back('N');
     }
 
     bool password_marked_by_autocomplete_attribute =
         HasAutocompleteAttributeValue(*input_element,
                                       kAutocompleteCurrentPassword) ||
         HasAutocompleteAttributeValue(*input_element, kAutocompleteNewPassword);
 
     // If the password field is readonly, the page is likely using a virtual
     // keyboard and bypassing the password field value (see
     // http://crbug.com/475488). There is nothing Chrome can do to fill
     // passwords for now. Continue processing in case when the password field
     // was made readonly by JavaScript before submission. We can do this by
     // checking whether password element was updated not from JavaScript.
     if (input_element->isPasswordField() &&
-        form_util::IsWebNodeVisible(*input_element) &&
         (!input_element->isReadOnly() ||
          (nonscript_modified_values &&
           nonscript_modified_values->find(*input_element) !=
               nonscript_modified_values->end()) ||
          password_marked_by_autocomplete_attribute)) {
+      if (form_util::IsWebNodeVisible(*input_element)) {
+        if (!visible_passwords_fields_found) {
+          // Remove all invisible passwords fields, we don't care about them
+          // anymore.
+          passwords.clear();
+          visible_passwords_fields_found = true;
+        }
+      } else {
+        if (visible_passwords_fields_found)
+          continue;
+      }
+
       // We add the field to the list of password fields if it was not flagged
       // as a special NOT_PASSWORD prediction by Autofill. The NOT_PASSWORD
       // mechanism exists because some webpages use the type "password" for
       // fields which Autofill knows shouldn't be treated as passwords by the
       // Password Manager. This is ultimately bypassed if the field has
       // autocomplete attributes.
       auto possible_password_element_iterator =
           predicted_elements.find(*input_element);
       if (password_marked_by_autocomplete_attribute ||
           possible_password_element_iterator == predicted_elements.end() ||
@@ skipping 249 matching lines @@
 }
 
 bool HasAutocompleteAttributeValue(const blink::WebInputElement& element,
                                    const char* value_in_lowercase) {
   return base::LowerCaseEqualsASCII(
       base::StringPiece16(element.getAttribute("autocomplete")),
       value_in_lowercase);
 }
 
 }  // namespace autofill