Fix for scoring password autofill candidates:

components/password_manager/core/browser/password_form_manager.cc

Index: components/password_manager/core/browser/password_form_manager.cc
diff --git a/components/password_manager/core/browser/password_form_manager.cc b/components/password_manager/core/browser/password_form_manager.cc
index 70fc1e5c98335fdc5f76aa04738f650f59415d71..e8867c7fc3d437ef337d8cec7b0d87388236b405 100644
--- a/components/password_manager/core/browser/password_form_manager.cc
+++ b/components/password_manager/core/browser/password_form_manager.cc
@@ -633,19 +633,21 @@ void PasswordFormManager::CheckForAccountCreationForm(
 int PasswordFormManager::ScoreResult(const PasswordForm& candidate) const {
   DCHECK_EQ(state_, MATCHING_PHASE);
   // For scoring of candidate login data:
-  // The most important element that should match is the origin, followed by
-  // the action, the password name, the submit button name, and finally the
-  // username input field name.
+  // The most important element that should match is the signon_realm followed
+  // by the origin, the action, the password name, the submit button name, and
+  // finally the username input field name.
+  // If public suffix origin match was not used, it gives an addition of
+  // 128 (1 << 7).
   // Exact origin match gives an addition of 64 (1 << 6) + # of matching url
   // dirs.
   // Partial match gives an addition of 32 (1 << 5) + # matching url dirs
   // That way, a partial match cannot trump an exact match even if
   // the partial one matches all other attributes (action, elements) (and
   // regardless of the matching depth in the URL path).
-  // If public suffix origin match was not used, it gives an addition of
-  // 16 (1 << 4).
   int score = 0;
-  if (candidate.origin == observed_form_.origin) {
+  if (!candidate.IsPublicSuffixMatch()) {
+    score += 1 << 7;
+  } else if (candidate.origin == observed_form_.origin) {

[Garrett Casto, 2014/04/24 22:35:29]

Sorry about this, but I realized this isn't quite right. There shouldn't be an
else here.

if (!candidate.IsPublicSuffixMatch() {
  ...
}

if (candidate.origin == observed_form_.origin)
...

The issue is that you may have multiple matches that are from the same realm but
different origin (e.g. example.com/first vs. example.com/second) and these
should score differently. The fact that this didn't fail a test isn't great
either, so we should probably add something to verify this.

     // This check is here for the most common case which
     // is we have a single match in the db for the given host,
     // so we don't generally need to walk the entire URL path (the else
@@ -668,8 +670,6 @@ int PasswordFormManager::ScoreResult(const PasswordForm& candidate) const {
     score += (depth > 0) ? 1 << 5 : 0;
   }
   if (observed_form_.scheme == PasswordForm::SCHEME_HTML) {
-    if (!candidate.IsPublicSuffixMatch())
-      score += 1 << 4;
     if (candidate.action == observed_form_.action)
       score += 1 << 3;
     if (candidate.password_element == observed_form_.password_element)