[Password Manager, merge to M-59] Make filling robust against changing url by JavaScript.

[Password Manager, merge to M-59] Make filling robust against changing url by JavaScript.

When PasswordAutofillAgent receives filling data from the browser, it checks that origin of this data is the same of the current frame origin. If JavaScript changes origin between PasswordAutofillAgent discovers a password form and when it receives filling, filling fails.

This CL replaces checking by origin to by checking by signon_realm (signon_realm=scheme:origin:port), which is a primary key for retrieving credentials from the store, so it doesn't change any security guarantees.

TBR=kolos@chromium.org

BUG=723679
Review-Url: https://codereview.chromium.org/2893633002
Cr-Original-Commit-Position: refs/heads/master@{#472839}
Review-Url: https://codereview.chromium.org/2900713003 .
Cr-Commit-Position: refs/branch-heads/3071@{#648}
Cr-Branched-From: a106f0abbf69dad349d4aaf4bcc4f5d376dd2377-refs/heads/master@{#464641}
Committed: https://chromium.googlesource.com/chromium/src/+/3454ffaef5cb228f599efe8158bd1bc41fb479eb

[dvadym, 2017-05-22 12:24:45]

Description was changed from

==========
[Password Manager, merge to M-59] Make filling robust against changing url by
JavaScript.

When PasswordAutofillAgent receives filling data from the browser, it checks
that origin of this data is the same of the current frame origin. If JavaScript
changes origin between PasswordAutofillAgent discovers a password form and when
it receives filling, filling fails.

This CL replaces checking by origin to by checking by signon_realm
(signon_realm=scheme:origin:port), which is a primary key for retrieving
credentials from the store, so it doesn't change any security guarantees.

BUG=723679

Review-Url: https://codereview.chromium.org/2893633002
Cr-Commit-Position: refs/heads/master@{#472839}
(cherry picked from commit 0273d9bd3e2d25f1485ab7a9469318c74ab7cb17)
==========

to

==========
[Password Manager, merge to M-59] Make filling robust against changing url by
JavaScript.

When PasswordAutofillAgent receives filling data from the browser, it checks
that origin of this data is the same of the current frame origin. If JavaScript
changes origin between PasswordAutofillAgent discovers a password form and when
it receives filling, filling fails.

This CL replaces checking by origin to by checking by signon_realm
(signon_realm=scheme:origin:port), which is a primary key for retrieving
credentials from the store, so it doesn't change any security guarantees.

TBR=kolos@chromium.org

BUG=723679

Review-Url: https://codereview.chromium.org/2893633002
Cr-Commit-Position: refs/heads/master@{#472839}
(cherry picked from commit 0273d9bd3e2d25f1485ab7a9469318c74ab7cb17)
==========

[dvadym, 2017-05-22 12:25:22]

Description was changed from

==========
[Password Manager, merge to M-59] Make filling robust against changing url by
JavaScript.

When PasswordAutofillAgent receives filling data from the browser, it checks
that origin of this data is the same of the current frame origin. If JavaScript
changes origin between PasswordAutofillAgent discovers a password form and when
it receives filling, filling fails.

This CL replaces checking by origin to by checking by signon_realm
(signon_realm=scheme:origin:port), which is a primary key for retrieving
credentials from the store, so it doesn't change any security guarantees.

TBR=kolos@chromium.org

BUG=723679

Review-Url: https://codereview.chromium.org/2893633002
Cr-Commit-Position: refs/heads/master@{#472839}
(cherry picked from commit 0273d9bd3e2d25f1485ab7a9469318c74ab7cb17)
==========

to

==========
[Password Manager, merge to M-59] Make filling robust against changing url by
JavaScript.

When PasswordAutofillAgent receives filling data from the browser, it checks
that origin of this data is the same of the current frame origin. If JavaScript
changes origin between PasswordAutofillAgent discovers a password form and when
it receives filling, filling fails.

This CL replaces checking by origin to by checking by signon_realm
(signon_realm=scheme:origin:port), which is a primary key for retrieving
credentials from the store, so it doesn't change any security guarantees.

TBR=kolos@chromium.org

BUG=723679

Review-Url: https://codereview.chromium.org/2893633002
Cr-Original-Commit-Position: refs/heads/master@{#472839}
Review-Url: https://codereview.chromium.org/2900713003 .
Cr-Commit-Position: refs/branch-heads/3071@{#648}
Cr-Branched-From:
a106f0abbf69dad349d4aaf4bcc4f5d376dd2377-refs/heads/master@{#464641}
Committed:
https://chromium.googlesource.com/chromium/src/+/3454ffaef5cb228f599efe8158bd...
==========

[dvadym, 2017-05-22 12:25:23]

Committed patchset #2 (id:20001) manually as
3454ffaef5cb228f599efe8158bd1bc41fb479eb (presubmit successful).