| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/autofill/content/renderer/password_autofill_agent.h" | 5 #include "components/autofill/content/renderer/password_autofill_agent.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 609 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 620 | 620 |
| 621 //////////////////////////////////////////////////////////////////////////////// | 621 //////////////////////////////////////////////////////////////////////////////// |
| 622 // PasswordAutofillAgent, public: | 622 // PasswordAutofillAgent, public: |
| 623 | 623 |
| 624 PasswordAutofillAgent::PasswordAutofillAgent(content::RenderFrame* render_frame) | 624 PasswordAutofillAgent::PasswordAutofillAgent(content::RenderFrame* render_frame) |
| 625 : content::RenderFrameObserver(render_frame), | 625 : content::RenderFrameObserver(render_frame), |
| 626 logging_state_active_(false), | 626 logging_state_active_(false), |
| 627 was_username_autofilled_(false), | 627 was_username_autofilled_(false), |
| 628 was_password_autofilled_(false), | 628 was_password_autofilled_(false), |
| 629 sent_request_to_store_(false), | 629 sent_request_to_store_(false), |
| 630 checked_safe_browsing_reputation_(false), |
| 630 binding_(this) { | 631 binding_(this) { |
| 631 // PasswordAutofillAgent is guaranteed to outlive |render_frame|. | 632 // PasswordAutofillAgent is guaranteed to outlive |render_frame|. |
| 632 render_frame->GetInterfaceRegistry()->AddInterface( | 633 render_frame->GetInterfaceRegistry()->AddInterface( |
| 633 base::Bind(&PasswordAutofillAgent::BindRequest, base::Unretained(this))); | 634 base::Bind(&PasswordAutofillAgent::BindRequest, base::Unretained(this))); |
| 634 } | 635 } |
| 635 | 636 |
| 636 PasswordAutofillAgent::~PasswordAutofillAgent() { | 637 PasswordAutofillAgent::~PasswordAutofillAgent() { |
| 637 } | 638 } |
| 638 | 639 |
| 639 void PasswordAutofillAgent::BindRequest( | 640 void PasswordAutofillAgent::BindRequest( |
| (...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 892 *password_info = &iter->second; | 893 *password_info = &iter->second; |
| 893 if (password_element->IsNull()) | 894 if (password_element->IsNull()) |
| 894 *password_element = (*password_info)->password_field; | 895 *password_element = (*password_info)->password_field; |
| 895 | 896 |
| 896 return true; | 897 return true; |
| 897 } | 898 } |
| 898 | 899 |
| 899 bool PasswordAutofillAgent::ShouldShowNotSecureWarning( | 900 bool PasswordAutofillAgent::ShouldShowNotSecureWarning( |
| 900 const blink::WebInputElement& element) { | 901 const blink::WebInputElement& element) { |
| 901 // Do not show a warning if the feature is disabled or the context is secure. | 902 // Do not show a warning if the feature is disabled or the context is secure. |
| 902 if (!security_state::IsHttpWarningInFormEnabled() || | 903 return security_state::IsHttpWarningInFormEnabled() && |
| 903 content::IsOriginSecure( | 904 !content::IsOriginSecure( |
| 904 url::Origin(render_frame()->GetWebFrame()->Top()->GetSecurityOrigin()) | 905 url::Origin( |
| 905 .GetURL())) | 906 render_frame()->GetWebFrame()->Top()->GetSecurityOrigin()) |
| 906 return false; | 907 .GetURL()); |
| 908 } |
| 907 | 909 |
| 908 // Show the warning on all Password inputs. | 910 bool PasswordAutofillAgent::IsUsernameOrPasswordField( |
| 911 const blink::WebInputElement& element) { |
| 909 // Note: A site may use a Password field to collect a CVV or a Credit Card | 912 // Note: A site may use a Password field to collect a CVV or a Credit Card |
| 910 // number, but showing a slightly misleading warning here is better than | 913 // number, but showing a slightly misleading warning here is better than |
| 911 // showing no warning at all. | 914 // showing no warning at all. |
| 912 if (element.IsPasswordField()) | 915 if (element.IsPasswordField()) |
| 913 return true; | 916 return true; |
| 914 | 917 |
| 915 // If a field declares itself a username input, show the warning. | 918 // If a field declares itself a username input, show the warning. |
| 916 if (HasAutocompleteAttributeValue(element, "username")) | 919 if (HasAutocompleteAttributeValue(element, "username")) |
| 917 return true; | 920 return true; |
| 918 | 921 |
| (...skipping 20 matching lines...) Expand all Loading... |
| 939 bool PasswordAutofillAgent::ShowSuggestions( | 942 bool PasswordAutofillAgent::ShowSuggestions( |
| 940 const blink::WebInputElement& element, | 943 const blink::WebInputElement& element, |
| 941 bool show_all, | 944 bool show_all, |
| 942 bool generation_popup_showing) { | 945 bool generation_popup_showing) { |
| 943 blink::WebInputElement username_element; | 946 blink::WebInputElement username_element; |
| 944 blink::WebInputElement password_element; | 947 blink::WebInputElement password_element; |
| 945 PasswordInfo* password_info; | 948 PasswordInfo* password_info; |
| 946 | 949 |
| 947 if (!FindPasswordInfoForElement(element, &username_element, &password_element, | 950 if (!FindPasswordInfoForElement(element, &username_element, &password_element, |
| 948 &password_info)) { | 951 &password_info)) { |
| 949 if (ShouldShowNotSecureWarning(element)) { | 952 if (IsUsernameOrPasswordField(element)) { |
| 950 autofill_agent_->ShowNotSecureWarning(element); | 953 #if defined(SAFE_BROWSING_DB_LOCAL) |
| 951 return true; | 954 if (!checked_safe_browsing_reputation_) { |
| 955 checked_safe_browsing_reputation_ = true; |
| 956 GURL action_url = |
| 957 element.Form().IsNull() |
| 958 ? GURL() |
| 959 : form_util::GetCanonicalActionForForm(element.Form()); |
| 960 blink::WebLocalFrame* frame = render_frame()->GetWebFrame(); |
| 961 GURL frame_url = GURL(frame->GetDocument().Url()); |
| 962 GetPasswordManagerDriver()->CheckSafeBrowsingReputation(action_url, |
| 963 frame_url); |
| 964 } |
| 965 #endif |
| 966 if (ShouldShowNotSecureWarning(element)) { |
| 967 autofill_agent_->ShowNotSecureWarning(element); |
| 968 return true; |
| 969 } |
| 952 } | 970 } |
| 953 return false; | 971 return false; |
| 954 } | 972 } |
| 955 | 973 |
| 956 // If autocomplete='off' is set on the form elements, no suggestion dialog | 974 // If autocomplete='off' is set on the form elements, no suggestion dialog |
| 957 // should be shown. However, return |true| to indicate that this is a known | 975 // should be shown. However, return |true| to indicate that this is a known |
| 958 // password form and that the request to show suggestions has been handled (as | 976 // password form and that the request to show suggestions has been handled (as |
| 959 // a no-op). | 977 // a no-op). |
| 960 if (!element.IsTextField() || !IsElementAutocompletable(element) || | 978 if (!element.IsTextField() || !IsElementAutocompletable(element) || |
| 961 !IsElementAutocompletable(password_element)) | 979 !IsElementAutocompletable(password_element)) |
| (...skipping 222 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1184 | 1202 |
| 1185 void PasswordAutofillAgent::WillCommitProvisionalLoad() { | 1203 void PasswordAutofillAgent::WillCommitProvisionalLoad() { |
| 1186 FrameClosing(); | 1204 FrameClosing(); |
| 1187 } | 1205 } |
| 1188 | 1206 |
| 1189 void PasswordAutofillAgent::DidCommitProvisionalLoad( | 1207 void PasswordAutofillAgent::DidCommitProvisionalLoad( |
| 1190 bool is_new_navigation, | 1208 bool is_new_navigation, |
| 1191 bool is_same_document_navigation) { | 1209 bool is_same_document_navigation) { |
| 1192 if (is_same_document_navigation) { | 1210 if (is_same_document_navigation) { |
| 1193 OnSameDocumentNavigationCompleted(); | 1211 OnSameDocumentNavigationCompleted(); |
| 1212 } else { |
| 1213 checked_safe_browsing_reputation_ = false; |
| 1194 } | 1214 } |
| 1195 } | 1215 } |
| 1196 | 1216 |
| 1197 void PasswordAutofillAgent::FrameDetached() { | 1217 void PasswordAutofillAgent::FrameDetached() { |
| 1198 // If a sub frame has been destroyed while the user was entering information | 1218 // If a sub frame has been destroyed while the user was entering information |
| 1199 // into a password form, try to save the data. See https://crbug.com/450806 | 1219 // into a password form, try to save the data. See https://crbug.com/450806 |
| 1200 // for examples of sites that perform login using this technique. | 1220 // for examples of sites that perform login using this technique. |
| 1201 if (render_frame()->GetWebFrame()->Parent() && | 1221 if (render_frame()->GetWebFrame()->Parent() && |
| 1202 provisionally_saved_form_.IsPasswordValid()) { | 1222 provisionally_saved_form_.IsPasswordValid()) { |
| 1203 GetPasswordManagerDriver()->InPageNavigation( | 1223 GetPasswordManagerDriver()->InPageNavigation( |
| (...skipping 386 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1590 } | 1610 } |
| 1591 | 1611 |
| 1592 void PasswordAutofillAgent::FrameClosing() { | 1612 void PasswordAutofillAgent::FrameClosing() { |
| 1593 for (auto const& iter : web_input_to_password_info_) { | 1613 for (auto const& iter : web_input_to_password_info_) { |
| 1594 password_to_username_.erase(iter.second.password_field); | 1614 password_to_username_.erase(iter.second.password_field); |
| 1595 } | 1615 } |
| 1596 web_input_to_password_info_.clear(); | 1616 web_input_to_password_info_.clear(); |
| 1597 provisionally_saved_form_.Reset(); | 1617 provisionally_saved_form_.Reset(); |
| 1598 field_value_and_properties_map_.clear(); | 1618 field_value_and_properties_map_.clear(); |
| 1599 sent_request_to_store_ = false; | 1619 sent_request_to_store_ = false; |
| 1620 checked_safe_browsing_reputation_ = false; |
| 1600 } | 1621 } |
| 1601 | 1622 |
| 1602 void PasswordAutofillAgent::ClearPreview( | 1623 void PasswordAutofillAgent::ClearPreview( |
| 1603 blink::WebInputElement* username, | 1624 blink::WebInputElement* username, |
| 1604 blink::WebInputElement* password) { | 1625 blink::WebInputElement* password) { |
| 1605 if (!username->IsNull() && !username->SuggestedValue().IsEmpty()) { | 1626 if (!username->IsNull() && !username->SuggestedValue().IsEmpty()) { |
| 1606 username->SetSuggestedValue(blink::WebString()); | 1627 username->SetSuggestedValue(blink::WebString()); |
| 1607 username->SetAutofilled(was_username_autofilled_); | 1628 username->SetAutofilled(was_username_autofilled_); |
| 1608 username->SetSelectionRange(username_query_prefix_.length(), | 1629 username->SetSelectionRange(username_query_prefix_.length(), |
| 1609 username->Value().length()); | 1630 username->Value().length()); |
| (...skipping 27 matching lines...) Expand all Loading... |
| 1637 PasswordAutofillAgent::GetPasswordManagerDriver() { | 1658 PasswordAutofillAgent::GetPasswordManagerDriver() { |
| 1638 if (!password_manager_driver_) { | 1659 if (!password_manager_driver_) { |
| 1639 render_frame()->GetRemoteInterfaces()->GetInterface( | 1660 render_frame()->GetRemoteInterfaces()->GetInterface( |
| 1640 mojo::MakeRequest(&password_manager_driver_)); | 1661 mojo::MakeRequest(&password_manager_driver_)); |
| 1641 } | 1662 } |
| 1642 | 1663 |
| 1643 return password_manager_driver_; | 1664 return password_manager_driver_; |
| 1644 } | 1665 } |
| 1645 | 1666 |
| 1646 } // namespace autofill | 1667 } // namespace autofill |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2833193002:
Trigger Password Protection ping on username/password field on focus (Closed)
