[autofill] Add support for PSL domain matching for password autofill.

chrome/browser/password_manager/password_form_manager.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/password_manager/password_form_manager.h"
 
 #include <algorithm>
 
 #include "base/metrics/histogram.h"
 #include "base/strings/string_split.h"
@@ skipping 135 matching lines @@
 
   // Save the pending_credentials_ entry marked as blacklisted.
   SaveAsNewLogin(false);
 }
 
 bool PasswordFormManager::IsNewLogin() {
   DCHECK_EQ(state_, POST_MATCHING_PHASE);
   return is_new_login_;
 }
 
+bool PasswordFormManager::IsPendingCredentialsPublicSuffixMatch() {
+  return !pending_credentials_.original_signon_realm.empty();
+}
+
 void PasswordFormManager::SetHasGeneratedPassword() {
   has_generated_password_ = true;
 }
 
 bool PasswordFormManager::HasGeneratedPassword() {
   // This check is permissive, as the user may have generated a password and
   // then edited it in the form itself. However, even in this case the user
   // has already given consent, so we treat these cases the same.
   return has_generated_password_;
 }
@@ skipping 16 matching lines @@
 
   // Make sure the important fields stay the same as the initially observed or
   // autofilled ones, as they may have changed if the user experienced a login
   // failure.
   // Look for these credentials in the list containing auto-fill entries.
   PasswordFormMap::const_iterator it =
       best_matches_.find(credentials.username_value);
   if (it != best_matches_.end()) {
     // The user signed in with a login we autofilled.
     pending_credentials_ = *it->second;
-    is_new_login_ = false;
+
+    // Public suffix matches should always be new logins, since we want to store
+    // them so they can automatically be filled in later.
+    is_new_login_ = !pending_credentials_.original_signon_realm.empty();
 
     // Check to see if we're using a known username but a new password.
     if (pending_credentials_.password_value != credentials.password_value)
       user_action_ = kUserActionOverride;
   } else if (action == ALLOW_OTHER_POSSIBLE_USERNAMES &&
              UpdatePendingCredentialsIfOtherPossibleUsername(
                  credentials.username_value)) {
     // |pending_credentials_| is now set. Note we don't update
     // |pending_credentials_.username_value| to |credentials.username_value|
     // yet because we need to keep the original username to modify the stored
@@ skipping 127 matching lines @@
   // Check to see if the user told us to ignore this site in the past.
   if (preferred_match_->blacklisted_by_user) {
     manager_action_ = kManagerActionBlacklisted;
     return;
   }
 
   // If not blacklisted, send a message to allow password generation.
   SendNotBlacklistedToRenderer();
 
   // Proceed to autofill.
-  // Note that we provide the choices but don't actually prefill a value if
-  // either: (1) we are in Incognito mode, or (2) the ACTION paths don't match.
+  // Note that we provide the choices but don't actually prefill a value if:
+  // (1) we are in Incognito mode, (2) the ACTION paths don't match,
+  // or (3) if it matched using public suffix domain matching.
   bool wait_for_username =
       profile_->IsOffTheRecord() ||
       observed_form_.action.GetWithEmptyPath() !=
-          preferred_match_->action.GetWithEmptyPath();
+          preferred_match_->action.GetWithEmptyPath() ||
+          !preferred_match_->original_signon_realm.empty();
   if (wait_for_username)
     manager_action_ = kManagerActionNone;
   else
     manager_action_ = kManagerActionAutofilled;
   password_manager_->Autofill(observed_form_, best_matches_,
                               *preferred_match_, wait_for_username);
 }
 
 void PasswordFormManager::OnPasswordStoreRequestDone(
       CancelableRequestProvider::Handle handle,
@@ skipping 165 matching lines @@
   }
   return false;
 }
 
 int PasswordFormManager::ScoreResult(const PasswordForm& candidate) const {
   DCHECK_EQ(state_, MATCHING_PHASE);
   // For scoring of candidate login data:
   // The most important element that should match is the origin, followed by
   // the action, the password name, the submit button name, and finally the
   // username input field name.
-  // Exact origin match gives an addition of 32 (1 << 5) + # of matching url
+  // Exact origin match gives an addition of 64 (1 << 6) + # of matching url
   // dirs.
-  // Partial match gives an addition of 16 (1 << 4) + # matching url dirs
+  // Partial match gives an addition of 32 (1 << 5) + # matching url dirs
   // That way, a partial match cannot trump an exact match even if
   // the partial one matches all other attributes (action, elements) (and
   // regardless of the matching depth in the URL path).
+  // If public suffix origin match was not used, it gives an addition of
+  // 16 (1 << 4).
   int score = 0;
   if (candidate.origin == observed_form_.origin) {
     // This check is here for the most common case which
     // is we have a single match in the db for the given host,
     // so we don't generally need to walk the entire URL path (the else
     // clause).
-    score += (1 << 5) + static_cast<int>(form_path_tokens_.size());
+    score += (1 << 6) + static_cast<int>(form_path_tokens_.size());
   } else {
     // Walk the origin URL paths one directory at a time to see how
     // deep the two match.
     std::vector<std::string> candidate_path_tokens;
     base::SplitString(candidate.origin.path(), '/', &candidate_path_tokens);
     size_t depth = 0;
     size_t max_dirs = std::min(form_path_tokens_.size(),
                                candidate_path_tokens.size());
     while ((depth < max_dirs) && (form_path_tokens_[depth] ==
                                   candidate_path_tokens[depth])) {
       depth++;
       score++;
     }
     // do we have a partial match?
-    score += (depth > 0) ? 1 << 4 : 0;
+    score += (depth > 0) ? 1 << 5 : 0;
   }
   if (observed_form_.scheme == PasswordForm::SCHEME_HTML) {
+    if (candidate.original_signon_realm.empty())
+      score += 1 << 4;
     if (candidate.action == observed_form_.action)
       score += 1 << 3;
     if (candidate.password_element == observed_form_.password_element)
       score += 1 << 2;
     if (candidate.submit_element == observed_form_.submit_element)
       score += 1 << 1;
     if (candidate.username_element == observed_form_.username_element)
       score += 1 << 0;
   }
 
   return score;
 }
 
 void PasswordFormManager::SubmitPassed() {
   submit_result_ = kSubmitResultPassed;
 }
 
 void PasswordFormManager::SubmitFailed() {
   submit_result_ = kSubmitResultFailed;
 }
 
 void PasswordFormManager::SendNotBlacklistedToRenderer() {
   content::RenderViewHost* host = web_contents_->GetRenderViewHost();
   host->Send(new AutofillMsg_FormNotBlacklisted(host->GetRoutingID(),
                                                  observed_form_));
 }