[password autofill] Remove references to PasswordForm from RenderViewImpl

components/autofill/content/renderer/password_autofill_agent.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/autofill/content/renderer/password_autofill_agent.h"
 
 #include "base/bind.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop/message_loop.h"
 #include "base/metrics/histogram.h"
 #include "base/strings/utf_string_conversions.h"
 #include "components/autofill/content/renderer/form_autofill_util.h"
 #include "components/autofill/core/common/autofill_messages.h"
 #include "components/autofill/core/common/form_field_data.h"
 #include "components/autofill/core/common/password_form_fill_data.h"
 #include "content/public/common/password_form.h"
 #include "content/public/renderer/password_form_conversion_utils.h"
 #include "content/public/renderer/render_view.h"
 #include "third_party/WebKit/public/platform/WebVector.h"
 #include "third_party/WebKit/public/web/WebAutofillClient.h"
 #include "third_party/WebKit/public/web/WebDocument.h"
 #include "third_party/WebKit/public/web/WebElement.h"
 #include "third_party/WebKit/public/web/WebFormElement.h"
 #include "third_party/WebKit/public/web/WebFrame.h"
 #include "third_party/WebKit/public/web/WebInputEvent.h"
 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
+#include "third_party/WebKit/public/web/WebUserGestureIndicator.h"
 #include "third_party/WebKit/public/web/WebView.h"
 #include "ui/base/keycodes/keyboard_codes.h"
 
 namespace autofill {
 namespace {
 
 // The size above which we stop triggering autocomplete.
 static const size_t kMaximumTextSizeForAutocomplete = 1000;
 
 // Maps element names to the actual elements to simplify form filling.
@@ skipping 383 matching lines @@
 }
 
 void PasswordAutofillAgent::FrameDetached(WebKit::WebFrame* frame) {
   FrameClosing(frame);
 }
 
 void PasswordAutofillAgent::FrameWillClose(WebKit::WebFrame* frame) {
   FrameClosing(frame);
 }
 
+void PasswordAutofillAgent::WillSendSubmitEvent(
+    WebKit::WebFrame* frame,
+    const WebKit::WebFormElement& form) {
+  // Some login forms have onSubmit handlers that put a hash of the password
+  // into a hidden field and then clear the password. (Issue 28910.)

[Ilya Sherman, 2013/07/27 01:09:48]

nit: Could you make the bug reference into an http://crbug.com hyperlink?

[Garrett Casto, 2013/08/03 00:38:42]

Done.

+  // This method gets called before any of those handlers run, so save away
+  // a copy of the password in case it gets lost.
+  provisional_forms_[frame].reset(content::CreatePasswordForm(form).release());

[Ilya Sherman, 2013/07/27 01:09:48]

Is there a guarantee that we will free elements from this map?  I'm a little
worried that this can create a slow memory leak (though since form submissions
are relatively rare, it's not a particularly bad memory leak).

[Garrett Casto, 2013/08/03 00:38:42]

I was actually thinking about this earlier, and I don't know for certain. I
think that there might be a leak if the user tries to log in to a subframe but
fails and then navigates the main page away. I can add code to delete this in
FrameClosing() to be extra safe.

+}
+
+void PasswordAutofillAgent::WillSubmitForm(WebKit::WebFrame* frame,
+                                           const WebKit::WebFormElement& form) {
+  scoped_ptr<content::PasswordForm> submitted_form =
+      content::CreatePasswordForm(form);
+
+  // If there is a provisionally saved password, copy over the previous
+  // password value so we get the users typed password, not the value that

[Ilya Sherman, 2013/07/27 01:09:48]

nit: "users" -> "user's"

[Garrett Casto, 2013/08/03 00:38:42]

Done.

+  // may have been transformed for submit.
+  // TODO(gcasto): Do we need to have this action equality check? Is it trying
+  // to prevent accidentally copying over passwords from a different form?
+  if (submitted_form.get()) {

[Ilya Sherman, 2013/07/27 01:09:48]

nit: No need for .get()

[Garrett Casto, 2013/08/03 00:38:42]

Done.

+    if (provisional_forms_[frame].get() &&

[Ilya Sherman, 2013/07/27 01:09:48]

nit: Ditto

[Garrett Casto, 2013/08/03 00:38:42]

linked_ptr<> aren't convertible to bool, so this doesn't work.

+        submitted_form->action == provisional_forms_[frame]->action) {
+      submitted_form->password_value =
+          provisional_forms_[frame]->password_value;
+    }

[Ilya Sherman, 2013/07/27 01:09:48]

nit: Please leave a blank line after this one.

[Garrett Casto, 2013/08/03 00:38:42]

Done.

+    // Some observers depend on sending this information now instead of when
+    // the frame starts loading. If there are redirects that cause a new
+    // RenderView to be instantiated (such as redirects to the WebStore)
+    // we will never get to finish the load.
+    Send(new AutofillHostMsg_PasswordFormSubmitted(routing_id(),
+                                                   *submitted_form.get()));

[Ilya Sherman, 2013/07/27 01:09:48]

nit: No need for .get()

[Garrett Casto, 2013/08/03 00:38:42]

Done.

+    // Remove reference since we have already submitted this form.
+    provisional_forms_.erase(frame);
+  }
+}
+
+void PasswordAutofillAgent::DidStartProvisionalLoad(WebKit::WebFrame* frame) {
+  // If the navigation is not triggered by a user gesture, e.g. by some ajax
+  // callback, then inherit the submitted password form from the previous
+  // state. This fixes the no password save issue for ajax login, tracked in
+  // [http://crbug/43219]. Note that there are still some sites that this
+  // fails for because they use some element other than a submit button to
+  // trigger submission (which means WillSendSubmitEvent will not be called).
+  if (!frame->parent() &&
+      !WebKit::WebUserGestureIndicator::isProcessingUserGesture() &&
+      provisional_forms_[frame].get()) {

[Ilya Sherman, 2013/07/27 01:09:48]

nit: No need for .get()

[Garrett Casto, 2013/08/03 00:38:42]

Doesn't work.

+    Send(new AutofillHostMsg_PasswordFormSubmitted(
+        routing_id(),
+        *provisional_forms_[frame].get()));

[Ilya Sherman, 2013/07/27 01:09:48]

nit: No need for .get()

[Garrett Casto, 2013/08/03 00:38:42]

Done.

[Garrett Casto, 2013/08/03 00:38:42]

Done.

+  }
+  provisional_forms_.erase(frame);

[Ilya Sherman, 2013/07/27 01:09:48]

Can we clear the whole map if the |frame| is a top-level frame, either here or
when a load commits?

[Garrett Casto, 2013/08/03 00:38:42]

Sure.

+}
+
 void PasswordAutofillAgent::OnFillPasswordForm(
     const PasswordFormFillData& form_data) {
   if (usernames_usage_ == NOTHING_TO_AUTOFILL) {
     if (form_data.other_possible_usernames.size())
       usernames_usage_ = OTHER_POSSIBLE_USERNAMES_PRESENT;
     else if (usernames_usage_ == NOTHING_TO_AUTOFILL)
       usernames_usage_ = OTHER_POSSIBLE_USERNAMES_ABSENT;
   }
 
   FormElementsList forms;
@@ skipping 228 matching lines @@
   LoginToPasswordInfoMap::iterator iter = login_to_password_info_.find(input);
   if (iter == login_to_password_info_.end())
     return false;
 
   *found_input = input;
   *found_password = iter->second;
   return true;
 }
 
 }  // namespace autofill