OLD | NEW |
| (Empty) |
1 /* | |
2 * Copyright (C) 2009 Google Inc. All rights reserved. | |
3 * | |
4 * Redistribution and use in source and binary forms, with or without | |
5 * modification, are permitted provided that the following conditions are | |
6 * met: | |
7 * | |
8 * * Redistributions of source code must retain the above copyright | |
9 * notice, this list of conditions and the following disclaimer. | |
10 * * Redistributions in binary form must reproduce the above | |
11 * copyright notice, this list of conditions and the following disclaimer | |
12 * in the documentation and/or other materials provided with the | |
13 * distribution. | |
14 * * Neither the name of Google Inc. nor the names of its | |
15 * contributors may be used to endorse or promote products derived from | |
16 * this software without specific prior written permission. | |
17 * | |
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
29 */ | |
30 | |
31 #include "config.h" | |
32 #include "WebPasswordFormData.h" | |
33 | |
34 #include "HTMLNames.h" | |
35 #include "WebPasswordFormUtils.h" | |
36 #include "core/dom/Document.h" | |
37 #include "core/html/HTMLFormElement.h" | |
38 #include "core/html/HTMLInputElement.h" | |
39 #include "platform/weborigin/KURL.h" | |
40 | |
41 using namespace WebCore; | |
42 | |
43 namespace blink { | |
44 | |
45 namespace { | |
46 | |
47 // Helper to determine which password is the main one, and which is | |
48 // an old password (e.g on a "make new password" form), if any. | |
49 bool locateSpecificPasswords(PasswordFormFields* fields, | |
50 HTMLInputElement** password, | |
51 HTMLInputElement** oldPassword) | |
52 { | |
53 ASSERT(fields); | |
54 ASSERT(password); | |
55 ASSERT(oldPassword); | |
56 switch (fields->passwords.size()) { | |
57 case 1: | |
58 // Single password, easy. | |
59 *password = fields->passwords[0]; | |
60 break; | |
61 case 2: | |
62 if (fields->passwords[0]->value() == fields->passwords[1]->value()) | |
63 // Treat two identical passwords as a single password. | |
64 *password = fields->passwords[0]; | |
65 else { | |
66 // Assume first is old password, second is new (no choice but to gue
ss). | |
67 *oldPassword = fields->passwords[0]; | |
68 *password = fields->passwords[1]; | |
69 } | |
70 break; | |
71 case 3: | |
72 if (fields->passwords[0]->value() == fields->passwords[1]->value() | |
73 && fields->passwords[0]->value() == fields->passwords[2]->value()) { | |
74 // All three passwords the same? Just treat as one and hope. | |
75 *password = fields->passwords[0]; | |
76 } else if (fields->passwords[0]->value() == fields->passwords[1]->value(
)) { | |
77 // Two the same and one different -> old password is duplicated one. | |
78 *oldPassword = fields->passwords[0]; | |
79 *password = fields->passwords[2]; | |
80 } else if (fields->passwords[1]->value() == fields->passwords[2]->value(
)) { | |
81 *oldPassword = fields->passwords[0]; | |
82 *password = fields->passwords[1]; | |
83 } else { | |
84 // Three different passwords, or first and last match with middle | |
85 // different. No idea which is which, so no luck. | |
86 return false; | |
87 } | |
88 break; | |
89 default: | |
90 return false; | |
91 } | |
92 return true; | |
93 } | |
94 | |
95 // Helped method to clear url of unneeded parts. | |
96 KURL stripURL(const KURL& url) | |
97 { | |
98 KURL strippedURL = url; | |
99 strippedURL.setUser(String()); | |
100 strippedURL.setPass(String()); | |
101 strippedURL.setQuery(String()); | |
102 strippedURL.setFragmentIdentifier(String()); | |
103 return strippedURL; | |
104 } | |
105 | |
106 WebString getElementNameOrId(const HTMLInputElement& element) | |
107 { | |
108 return element.nameForAutofill(); | |
109 } | |
110 | |
111 // Helper to gather up the final form data and create a PasswordForm. | |
112 void assemblePasswordFormResult(const KURL& fullOrigin, | |
113 const KURL& fullAction, | |
114 HTMLFormControlElement* submit, | |
115 HTMLInputElement* userName, | |
116 const Vector<String>& alternateUserNames, | |
117 HTMLInputElement* oldPassword, | |
118 HTMLInputElement* password, | |
119 WebPasswordFormData* result) | |
120 { | |
121 // We want to keep the path but strip any authentication data, as well as | |
122 // query and ref portions of URL, for the form action and form origin. | |
123 result->action = stripURL(fullAction); | |
124 result->origin = stripURL(fullOrigin); | |
125 | |
126 // Naming is confusing here because we have both the HTML form origin URL | |
127 // the page where the form was seen), and the "origin" components of the url | |
128 // (scheme, host, and port). | |
129 KURL signonRealmURL = stripURL(fullOrigin); | |
130 signonRealmURL.setPath(""); | |
131 result->signonRealm = signonRealmURL; | |
132 | |
133 result->possibleUserNames = alternateUserNames; | |
134 if (submit) | |
135 result->submitElement = submit->name(); | |
136 if (userName) { | |
137 result->userNameElement = getElementNameOrId(*userName); | |
138 result->userNameValue = userName->value(); | |
139 } | |
140 if (password) { | |
141 result->passwordElement = getElementNameOrId(*password); | |
142 result->passwordValue = password->value(); | |
143 result->passwordShouldAutocomplete = password->shouldAutocomplete(); | |
144 } | |
145 if (oldPassword) { | |
146 result->oldPasswordElement = getElementNameOrId(*oldPassword); | |
147 result->oldPasswordValue = oldPassword->value(); | |
148 } | |
149 } | |
150 | |
151 } // namespace | |
152 | |
153 WebPasswordFormData::WebPasswordFormData(const WebFormElement& webForm) | |
154 { | |
155 RefPtr<HTMLFormElement> form = webForm.operator PassRefPtr<HTMLFormElement>(
); | |
156 PasswordFormFields fields; | |
157 findPasswordFormFields(form.get(), &fields); | |
158 | |
159 // Get the document URL | |
160 KURL fullOrigin = form->document().url(); | |
161 | |
162 // Calculate the canonical action URL | |
163 String action = form->action(); | |
164 if (action.isNull()) | |
165 action = ""; // missing 'action' attribute implies current URL | |
166 KURL fullAction = form->document().completeURL(action); | |
167 if (!fullAction.isValid()) | |
168 return; | |
169 | |
170 // Determine the types of the password fields | |
171 HTMLInputElement* password = 0; | |
172 HTMLInputElement* oldPassword = 0; | |
173 if (!locateSpecificPasswords(&fields, &password, &oldPassword)) | |
174 return; | |
175 | |
176 assemblePasswordFormResult(fullOrigin, fullAction, | |
177 fields.submit, fields.userName, | |
178 fields.alternateUserNames, | |
179 oldPassword, password, this); | |
180 } | |
181 | |
182 } // namespace blink | |
OLD | NEW |