Generate passwords only for forms that autofill server marks as account creation forms.

components/autofill/content/renderer/password_generation_manager.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/autofill/content/renderer/password_generation_manager.h"
 
 #include "base/logging.h"
+#include "base/memory/scoped_ptr.h"
 #include "components/autofill/core/common/autofill_messages.h"
+#include "components/autofill/core/common/form_data.h"
 #include "components/autofill/core/common/password_generation_util.h"
 #include "content/public/renderer/password_form_conversion_utils.h"
 #include "content/public/renderer/render_view.h"
 #include "google_apis/gaia/gaia_urls.h"
 #include "third_party/WebKit/public/platform/WebCString.h"
 #include "third_party/WebKit/public/platform/WebRect.h"
 #include "third_party/WebKit/public/platform/WebVector.h"
 #include "third_party/WebKit/public/web/WebDocument.h"
 #include "third_party/WebKit/public/web/WebFormElement.h"
 #include "third_party/WebKit/public/web/WebFrame.h"
@@ skipping 38 matching lines @@
     // to fill those.
     if (passwords->size() > 2)
       passwords->resize(2);
 
     return true;
   }
 
   return false;
 }
 
+bool ContainsURL(const std::vector<GURL>& urls, const GURL& url) {
+  return std::find(urls.begin(), urls.end(), url) != urls.end();
+}
+
+// Returns true if the |form1| is essentially equal to |form2|.
+bool FormEquals(const autofill::FormData& form1,
+                const content::PasswordForm& form2) {
+  // TODO(zysxqn): use more signals than just origin to compare.
+  return form1.origin == form2.origin;
+}
+
+bool ContainsForm(const std::vector<autofill::FormData>& forms,
+                  const content::PasswordForm& form) {
+  for (std::vector<autofill::FormData>::const_iterator it =
+           forms.begin(); it != forms.end(); ++it) {
+    if (FormEquals(*it, form))
+      return true;
+  }
+  return false;
+}
+
 }  // namespace
 
 PasswordGenerationManager::PasswordGenerationManager(
     content::RenderView* render_view)
     : content::RenderViewObserver(render_view),
       render_view_(render_view),
       enabled_(false) {
   render_view_->GetWebView()->setPasswordGeneratorClient(this);
 }
 PasswordGenerationManager::~PasswordGenerationManager() {}
 
 void PasswordGenerationManager::DidFinishDocumentLoad(WebKit::WebFrame* frame) {
   // In every navigation, the IPC message sent by the password autofill manager
   // to query whether the current form is blacklisted or not happens when the
   // document load finishes, so we need to clear previous states here before we
   // hear back from the browser. We only clear this state on main frame load
   // as we don't want subframe loads to clear state that we have recieved from
   // the main frame. Note that we assume there is only one account creation
   // form, but there could be multiple password forms in each frame.
   if (!frame->parent()) {

[Garrett Casto, 2013/09/04 22:03:30]

One thing that would be really nice would be some stats to track cases where the
local heuristics fire but we don't show the icon. You don't need to add them in
this CL, but a TODO would be nice.

[zysxqn, 2013/09/04 22:17:50]

Done.

     not_blacklisted_password_form_origins_.clear();
-    // Initialize to an empty and invalid GURL.
-    account_creation_form_origin_ = GURL();
+    account_creation_forms_.clear();
+    possible_account_creation_form_.reset(new content::PasswordForm());
     passwords_.clear();
   }
 }
 
 void PasswordGenerationManager::DidFinishLoad(WebKit::WebFrame* frame) {
   // We don't want to generate passwords if the browser won't store or sync
   // them.
   if (!enabled_)
     return;
 
@@ skipping 20 matching lines @@
     GURL realm(password_form->signon_realm);
     if (realm == GURL(GaiaUrls::GetInstance()->gaia_login_form_realm()))
       continue;
 
     std::vector<WebKit::WebInputElement> passwords;
     if (GetAccountCreationPasswordFields(forms[i], &passwords)) {
       DVLOG(2) << "Account creation form detected";
       password_generation::LogPasswordGenerationEvent(
           password_generation::SIGN_UP_DETECTED);
       passwords_ = passwords;
-      account_creation_form_origin_ = password_form->origin;
+      possible_account_creation_form_.swap(password_form);
       MaybeShowIcon();
       // We assume that there is only one account creation field per URL.
       return;
     }
   }
   password_generation::LogPasswordGenerationEvent(
       password_generation::NO_SIGN_UP_DETECTED);
 }
 
 bool PasswordGenerationManager::ShouldAnalyzeDocument(
@@ skipping 28 matching lines @@
 
 bool PasswordGenerationManager::OnMessageReceived(const IPC::Message& message) {
   bool handled = true;
   IPC_BEGIN_MESSAGE_MAP(PasswordGenerationManager, message)
     IPC_MESSAGE_HANDLER(AutofillMsg_FormNotBlacklisted,
                         OnFormNotBlacklisted)
     IPC_MESSAGE_HANDLER(AutofillMsg_GeneratedPasswordAccepted,
                         OnPasswordAccepted)
     IPC_MESSAGE_HANDLER(AutofillMsg_PasswordGenerationEnabled,
                         OnPasswordGenerationEnabled)
+    IPC_MESSAGE_HANDLER(AutofillMsg_AccountCreationFormsDetected,
+                        OnAccountCreationFormsDetected)
     IPC_MESSAGE_UNHANDLED(handled = false)
   IPC_END_MESSAGE_MAP()
   return handled;
 }
 
 void PasswordGenerationManager::OnFormNotBlacklisted(
     const content::PasswordForm& form) {
   not_blacklisted_password_form_origins_.push_back(form.origin);
   MaybeShowIcon();
 }
 
 void PasswordGenerationManager::OnPasswordAccepted(
     const base::string16& password) {
   for (std::vector<WebKit::WebInputElement>::iterator it = passwords_.begin();
        it != passwords_.end(); ++it) {
     it->setValue(password);
     it->setAutofilled(true);
     // Advance focus to the next input field. We assume password fields in
     // an account creation form are always adjacent.
     render_view_->GetWebView()->advanceFocus(false);
   }
 }
 
 void PasswordGenerationManager::OnPasswordGenerationEnabled(bool enabled) {
   enabled_ = enabled;
 }
 
+void PasswordGenerationManager::OnAccountCreationFormsDetected(
+    const std::vector<autofill::FormData>& forms) {
+  account_creation_forms_.insert(
+      account_creation_forms_.end(), forms.begin(), forms.end());
+  MaybeShowIcon();
+}
+
 void PasswordGenerationManager::MaybeShowIcon() {
   // We should show the password generation icon only when we have detected
-  // account creation form and we have confirmed from browser that this form
-  // is not blacklisted by the users.
-  if (!account_creation_form_origin_.is_valid() ||
+  // account creation form, we have confirmed from browser that this form
+  // is not blacklisted by the users, and the Autofill server has marked one
+  // of its field as ACCOUNT_CREATION_PASSWORD.
+  if (!possible_account_creation_form_.get() ||
       passwords_.empty() ||
-      not_blacklisted_password_form_origins_.empty()) {
+      not_blacklisted_password_form_origins_.empty() ||
+      account_creation_forms_.empty()) {
     return;
   }
 
-  for (std::vector<GURL>::iterator it =
-           not_blacklisted_password_form_origins_.begin();
-       it != not_blacklisted_password_form_origins_.end(); ++it) {
-    if (*it == account_creation_form_origin_) {
-      passwords_[0].passwordGeneratorButtonElement().setAttribute("style",
-                                                            "display:block");
-      password_generation::LogPasswordGenerationEvent(
-          password_generation::ICON_SHOWN);
-      return;
-    }
+  if (!ContainsURL(not_blacklisted_password_form_origins_,
+                   possible_account_creation_form_->origin)) {
+    return;
   }
+
+  if (!ContainsForm(account_creation_forms_,
+                    *possible_account_creation_form_)) {
+    return;
+  }
+
+  passwords_[0].passwordGeneratorButtonElement().setAttribute("style",
+                                                              "display:block");
+  password_generation::LogPasswordGenerationEvent(
+      password_generation::ICON_SHOWN);
 }
 
 }  // namespace autofill