PasswordForm: move from current/old password scheme to current/new.

components/autofill/content/renderer/password_form_conversion_utils.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/autofill/content/renderer/password_form_conversion_utils.h"
 
 #include "base/strings/string_util.h"
 #include "components/autofill/content/renderer/form_autofill_util.h"
 #include "components/autofill/core/common/password_form.h"
 #include "third_party/WebKit/public/platform/WebString.h"
@@ skipping 16 matching lines @@
 static const size_t kMaxPasswords = 3;
 
 // Checks in a case-insensitive way if the autocomplete attribute for the given
 // |element| is present and has the specified |value_in_lowercase|.
 bool HasAutocompleteAttributeValue(const WebInputElement* element,
                                    const char* value_in_lowercase) {
   return LowerCaseEqualsASCII(element->getAttribute("autocomplete"),
                               value_in_lowercase);
 }
 
-// Helper to determine which password is the main one, and which is
-// an old password (e.g on a "make new password" form), if any.
+// Helper to determine which password is the main (current) one, and which is
+// the new password (e.g., on a sign-up or change password form), if any.
 bool LocateSpecificPasswords(std::vector<WebInputElement> passwords,
                              WebInputElement* password,
-                             WebInputElement* old_password) {
+                             WebInputElement* new_password) {
   switch (passwords.size()) {
     case 1:
       // Single password, easy.
       *password = passwords[0];
       break;
     case 2:
       if (passwords[0].value() == passwords[1].value()) {
-        // Treat two identical passwords as a single password.
-        *password = passwords[0];
+        // Two identical passwords: assume we are seeing a new password with a
+        // confirmation. This can be either a sign-up form or a password change
+        // form that does not ask for the old password.
+        *new_password = passwords[0];
       } else {
         // Assume first is old password, second is new (no choice but to guess).
-        *old_password = passwords[0];
-        *password = passwords[1];
+        *password = passwords[0];
+        *new_password = passwords[1];
       }
       break;
     case 3:
-      if (passwords[0].value() == passwords[1].value() &&
+      if (!passwords[0].value().isEmpty() &&
+          passwords[0].value() == passwords[1].value() &&
           passwords[0].value() == passwords[2].value()) {
-        // All three passwords the same? Just treat as one and hope.
+        // All three passwords are the same and non-empty? This does not make
+        // any sense, give up.
+        return false;
+      } else if (passwords[1].value() == passwords[2].value()) {
+        // New password is the duplicated one, and comes second; or empty form
+        // with 3 password fields, in which case we will assume this layout.
         *password = passwords[0];
+        *new_password = passwords[1];
       } else if (passwords[0].value() == passwords[1].value()) {
-        // Two the same and one different -> old password is duplicated one.
-        *old_password = passwords[0];
+        // It is strange that the new password comes first, but trust more which
+        // fields are duplicated than the ordering of fields.
         *password = passwords[2];
-      } else if (passwords[1].value() == passwords[2].value()) {
-        *old_password = passwords[0];
-        *password = passwords[1];
+        *new_password = passwords[0];
       } else {
         // Three different passwords, or first and last match with middle
         // different. No idea which is which, so no luck.
         return false;
       }
       break;
     default:
       return false;
   }
   return true;
 }
 
-// Get information about a login form that encapsulated in the
-// PasswordForm struct.
+// Get information about a login form encapsulated in a PasswordForm struct.
 void GetPasswordForm(const WebFormElement& form, PasswordForm* password_form) {
   WebInputElement latest_input_element;
   WebInputElement username_element;
   // Caches whether |username_element| is marked with autocomplete='username'.
   // Needed for performance reasons to avoid recalculating this multiple times.
   bool has_seen_element_with_autocomplete_username_before = false;
   std::vector<WebInputElement> passwords;
   std::vector<base::string16> other_possible_usernames;
 
   WebVector<WebFormControlElement> control_elements;
@@ skipping 80 matching lines @@
 
   // Calculate the canonical action URL
   WebString action = form.action();
   if (action.isNull())
     action = WebString(""); // missing 'action' attribute implies current URL
   GURL full_action(form.document().completeURL(action));
   if (!full_action.is_valid())
     return;
 
   WebInputElement password;
-  WebInputElement old_password;
-  if (!LocateSpecificPasswords(passwords, &password, &old_password))
+  WebInputElement new_password;
+  if (!LocateSpecificPasswords(passwords, &password, &new_password))
     return;
 
   // We want to keep the path but strip any authentication data, as well as
   // query and ref portions of URL, for the form action and form origin.
   GURL::Replacements rep;
   rep.ClearUsername();
   rep.ClearPassword();
   rep.ClearQuery();
   rep.ClearRef();
   password_form->action = full_action.ReplaceComponents(rep);
   password_form->origin = full_origin.ReplaceComponents(rep);
 
   rep.SetPathStr("");
   password_form->signon_realm = full_origin.ReplaceComponents(rep).spec();
 
   password_form->other_possible_usernames.swap(other_possible_usernames);
 
   if (!password.isNull()) {
     password_form->password_element = password.nameForAutofill();
     password_form->password_value = password.value();
     password_form->password_autocomplete_set = password.autoComplete();
   }
-  if (!old_password.isNull()) {
-    password_form->old_password_element = old_password.nameForAutofill();
-    password_form->old_password_value = old_password.value();
+  if (!new_password.isNull()) {
+    password_form->new_password_element = new_password.nameForAutofill();
+    password_form->new_password_value = new_password.value();
   }
 
   password_form->scheme = PasswordForm::SCHEME_HTML;
   password_form->ssl_valid = false;
   password_form->preferred = false;
   password_form->blacklisted_by_user = false;
   password_form->type = PasswordForm::TYPE_MANUAL;
   password_form->use_additional_authentication = false;
 }
 
@@ skipping 13 matching lines @@
                            blink::WebFormControlElement(),
                            REQUIRE_NONE,
                            EXTRACT_NONE,
                            &password_form->form_data,
                            NULL /* FormFieldData */);
 
   return password_form.Pass();
 }
 
 }  // namespace autofill