Move password-related methods from core.js to password_controller.js.

ios/chrome/browser/passwords/password_controller_unittest.mm

 // Copyright 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #import "ios/chrome/browser/passwords/password_controller.h"
 
 #import <Foundation/Foundation.h>
 
 #include <memory>
 #include <utility>
@@ skipping 731 matching lines @@
 static NSString* kInputFieldValueVerificationScript =
     @"var result='';"
      "var inputs = document.getElementsByTagName('input');"
      "for(var i = 0; i < inputs.length; i++){"
      "  var input = inputs[i];"
      "  if (input.value) {"
      "    result += input.id + '=' + input.value +';';"
      "  }"
      "}; result";
 
+// Test html content and expected result for __gCrWeb.hasPasswordField call.
+struct TestDataForPasswordFormDetection {
+  NSString* page_content;
+  BOOL contains_password;
+};
+
+// Tests that the existence of (or the lack of) a password field in the page is
+// detected correctly.
+TEST_F(PasswordControllerTest, HasPasswordField) {
+  TestDataForPasswordFormDetection test_data[] = {
+      // Form without a password field.
+      {@"<form><input type='text' name='password'></form>", NO},
+      // Form with a password field.
+      {@"<form><input type='password' name='password'></form>", YES}};
+  for (size_t i = 0; i < arraysize(test_data); i++) {
+    TestDataForPasswordFormDetection& data = test_data[i];
+    LoadHtml(data.page_content);
+    id result = ExecuteJavaScript(@"__gCrWeb.hasPasswordField()");
+    EXPECT_NSEQ(@(data.contains_password), result)
+        << " in test " << i << ": "
+        << base::SysNSStringToUTF8(data.page_content);
+  }
+}
+
+// Tests that the existence a password field in a nested iframe/ is detected
+// correctly.
+TEST_F(PasswordControllerTest, HasPasswordFieldinFrame) {
+  TestDataForPasswordFormDetection data = {
+    // Form with a password field in a nested iframe.
+    @"<iframe name='pf'></iframe>"
+     "<script>"
+     "  var doc = frames['pf'].document.open();"
+     "  doc.write('<form><input type=\\'password\\'></form>');"
+     "  doc.close();"
+     "</script>",
+    YES
+  };
+  LoadHtml(data.page_content);
+  id result = ExecuteJavaScript(@"__gCrWeb.hasPasswordField()");
+  EXPECT_NSEQ(@(data.contains_password), result)
+      << base::SysNSStringToUTF8(data.page_content);
+}
+
 struct FillPasswordFormTestData {
   const std::string origin;
   const std::string action;
   const char* username_field;
   const char* username_value;
   const char* password_field;
   const char* password_value;
   const BOOL should_succeed;
   NSString* expected_result;
 };
 
-// Test that filling password forms works correctly.
+// Tests that filling password forms works correctly.
 TEST_F(PasswordControllerTest, FillPasswordForm) {
   LoadHtml(kHtmlWithMultiplePasswordForms);
 
+  // TODO(crbug.com/614092): can we remove this assertion? This call is the only
+  // reason why hasPasswordField is a public API on gCrWeb. If the page does
+  // not contain a password field, shouldn't one of the expectations of the
+  // remaining tests also fail?
   EXPECT_NSEQ(@YES, ExecuteJavaScript(@"__gCrWeb.hasPasswordField()"));
 
   const std::string base_url = BaseUrl();
   // clang-format off
   FillPasswordFormTestData test_data[] = {
     // Basic test: one-to-one match on the first password form.
     {
       base_url,
       base_url,
       "u0",
@@ skipping 553 matching lines @@
 // Tests that an HTTPS page with a password field does not update the SSL status
 // to indicate DISPLAYED_PASSWORD_FIELD_ON_HTTP.
 TEST_F(PasswordControllerTest, HTTPSPassword) {
   LoadHtml(kHtmlWithPasswordForm, GURL("https://chromium.test"));
 
   web::SSLStatus ssl_status =
       web_state()->GetNavigationManager()->GetLastCommittedItem()->GetSSL();
   EXPECT_FALSE(ssl_status.content_status &
                web::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
 }