chrome/browser/password_manager/password_manager_browsertest.cc - Issue 488083002: [Password Manager] Fix to recognise failed login attempt for sites where content server pushes new …

Side by Side Diff: chrome/browser/password_manager/password_manager_browsertest.cc

Issue 488083002: [Password Manager] Fix to recognise failed login attempt for sites where content server pushes new … (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@branch_autofill_todo_20140813

Patch Set: Incorporated review comments and added browser_tests. Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <string>	5 #include <string>

6	6

7 #include "base/command_line.h"	7 #include "base/command_line.h"

8 #include "base/metrics/histogram_samples.h"	8 #include "base/metrics/histogram_samples.h"

9 #include "base/metrics/statistics_recorder.h"	9 #include "base/metrics/statistics_recorder.h"

10 #include "base/run_loop.h"	10 #include "base/run_loop.h"

(...skipping 1101 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1112 std::string submit =	1112 std::string submit =

1113 "document.getElementById('username').value = 'overwrite_me';"	1113 "document.getElementById('username').value = 'overwrite_me';"

1114 "document.getElementById('password').value = 'random';"	1114 "document.getElementById('password').value = 'random';"

1115 "document.getElementById('non-form-button').click();";	1115 "document.getElementById('non-form-button').click();";

1116 ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), submit));	1116 ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), submit));

1117 observer.Wait();	1117 observer.Wait();

1118	1118

1119 EXPECT_TRUE(prompt_observer->IsShowingPrompt());	1119 EXPECT_TRUE(prompt_observer->IsShowingPrompt());

1120 }	1120 }

1121	1121

	1122 // Test that if login fails and content server pushes a different login form

	1123 // with action URL having different scheme and/or case. Heuristic shall be able
	vabr (Chromium) 2014/08/21 14:54:12 I'm actually not convinced that the action URL com I'm actually not convinced that the action URL comparison should be case insensitive. URL paths are case insensitive. Are there real examples, when Chrome's password manager misunderstands a failed login because of a different letter case? vabr (Chromium) 2014/08/21 14:54:12 The test below does not test the different scheme, The test below does not test the different scheme, only the different case. Please introduce a separate test to test the different scheme. Pritam Nikam 2014/08/21 16:49:21 I didn't find any real example though, this partic Show quoted text On 2014/08/21 14:54:12, vabr (Chromium) wrote: > I'm actually not convinced that the action URL comparison should be case > insensitive. URL paths are case insensitive. Are there real examples, when > Chrome's password manager misunderstands a failed login because of a different > letter case? I didn't find any real example though, this particular test-case is failing keeping password_manager.cc untouched. Thats the reason I've added this case insensitivity check as well. Pritam Nikam 2014/08/21 16:49:21 Seems it's quite difficult as we need http and htt Show quoted text On 2014/08/21 14:54:12, vabr (Chromium) wrote: > The test below does not test the different scheme, only the different case. > Please introduce a separate test to test the different scheme. Seems it's quite difficult as we need http and https servers running. Current test class uses only HTTP test_server i,e, embedded_test_server(). Moreover, it does not have support for DNS resolution, it publishes a random port and with 127.0.0.1 (localhost) every time we run browser_tests. So even we have a HTTPS server running, port number will be different than that of and test cases will fail even if we ignore schemes. e.g. say separate_login_form.html action >> http://127.0.0.1:1234:/password/done_and_separate_login_form.html and done_and_separate_login_form.html action >> https://127.0.0.1:7890:/password/done_and_separate_login_form.html comparing urls even ignoring schemes will not match.
	1124 // identify such cases and shall not prompt to save incorrect password.

	1125 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest,

	1126 NoPromptForLoginFailedAndServerPushSeperateLoginForm) {

	1127 NavigateToFile("/password/seperate_login_form.html");
	vabr (Chromium) 2014/08/21 14:54:12 typo: seperate -> separate Please also correct in typo: seperate -> separate Please also correct in the file names, id names etc. Pritam Nikam 2014/08/21 16:49:21 Done. Show quoted text On 2014/08/21 14:54:12, vabr (Chromium) wrote: > typo: seperate -> separate > Please also correct in the file names, id names etc. Done.
	1128

	1129 NavigationObserver observer(WebContents());

	1130 scoped_ptr<PromptObserver> prompt_observer(

	1131 PromptObserver::Create(WebContents()));

	1132 std::string fill_and_submit =

	1133 "document.getElementById('username_seperate').value = 'temp';"

	1134 "document.getElementById('password_seperate').value = 'random';"

	1135 "document.getElementById('submit_seperate').click();";

	1136 ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), fill_and_submit));

	1137 observer.Wait();

	1138

	1139 EXPECT_FALSE(prompt_observer->IsShowingPrompt());

	1140 }

OLD	NEW

« no previous file with comments | « no previous file | chrome/test/data/password/done_and_seperate_login_form.html » ('j') | components/password_manager/core/browser/password_manager.cc » ('J')