Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(982)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/password_manager/chrome_password_manager_client.cc

Issue 2947413002: Restrict CM API interface request and message dispatch. (Closed)
Patch Set: Reworked tests, added error handler in renderer. Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/password_manager/chrome_password_manager_client.h ('K') | « chrome/browser/password_manager/chrome_password_manager_client.h ('k') | chrome/browser/password_manager/credential_manager_browsertest.cc » ('j') | chrome/browser/password_manager/credential_manager_browsertest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/password_manager/chrome_password_manager_client.cc
diff --git a/chrome/browser/password_manager/chrome_password_manager_client.cc b/chrome/browser/password_manager/chrome_password_manager_client.cc
index 19e3d7e39e71d8f6abe01bd81df5fc9b6e961bd2..ea22b4d61da883cacc95e4e9b798cbeb2d3b866d 100644
--- a/chrome/browser/password_manager/chrome_password_manager_client.cc
+++ b/chrome/browser/password_manager/chrome_password_manager_client.cc
@@ -373,6 +373,7 @@ void ChromePasswordManagerClient::NotifyStorePasswordCalled() {
// If a site stores a credential the autofill password manager shouldn't kick
// in.
password_manager_.DropFormManagers();
+ was_store_ever_called_ = true;
}
void ChromePasswordManagerClient::AutomaticPasswordSave(
@@ -454,8 +455,6 @@ ukm::SourceId ChromePasswordManagerClient::GetUkmSourceId() {
return *ukm_source_id_;
}
-// TODO(crbug.com/706392): Fix password reuse detection for Android.
-#if !defined(OS_ANDROID)
void ChromePasswordManagerClient::DidFinishNavigation(
content::NavigationHandle* navigation_handle) {
if (!navigation_handle->IsInMainFrame() || !navigation_handle->HasCommitted())
@@ -464,6 +463,14 @@ void ChromePasswordManagerClient::DidFinishNavigation(
if (!navigation_handle->IsSameDocument())
dcheng 2017/06/28 19:04:49 How about combining all the non-same document clea
engedy 2017/06/30 19:41:54 Hmm, that line wasn't there before the last rebase
ukm_source_id_.reset();
vasilii 2017/06/29 11:59:58 As a side effect that line now runs on Android. I
engedy 2017/06/30 19:41:54 Rebase artifact. After discussing with Dominic, we
+ // From this point on, the CredentialManagerImpl will service API calls in the
+ // context of the new WebContents::GetLastCommittedURL, which may very well be
+ // cross-origin. Disconnect existing client, and drop pending requests.
+ if (!navigation_handle->IsSameDocument())
+ credential_manager_impl_.DisconnectBinding();
+
+// TODO(crbug.com/706392): Fix password reuse detection for Android.
+#if !defined(OS_ANDROID)
password_reuse_detection_manager_.DidNavigateMainFrame(GetMainFrameURL());
// After some navigations RenderViewHost persists and just adding the observer
// will cause multiple call of OnInputEvent. Since Widget API doesn't allow to
@@ -472,8 +479,10 @@ void ChromePasswordManagerClient::DidFinishNavigation(
web_contents()->GetRenderViewHost()->GetWidget()->RemoveInputEventObserver(
this);
web_contents()->GetRenderViewHost()->GetWidget()->AddInputEventObserver(this);
+#endif
}
+#if !defined(OS_ANDROID)
void ChromePasswordManagerClient::OnInputEvent(
const blink::WebInputEvent& event) {
if (event.GetType() != blink::WebInputEvent::kChar)
@@ -725,6 +734,11 @@ void ChromePasswordManagerClient::BindCredentialManager(
content::WebContents::FromRenderFrameHost(render_frame_host);
DCHECK(web_contents);
+ // Only valid for the currently committed RenderFrameHost, and not, e.g. old
+ // zombie RFH's being swapped out following cross-origin navigations.
+ if (web_contents->GetMainFrame() != render_frame_host)
+ return;
+
ChromePasswordManagerClient* instance =
ChromePasswordManagerClient::FromWebContents(web_contents);
« chrome/browser/password_manager/chrome_password_manager_client.h ('K') | « chrome/browser/password_manager/chrome_password_manager_client.h ('k') | chrome/browser/password_manager/credential_manager_browsertest.cc » ('j') | chrome/browser/password_manager/credential_manager_browsertest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698