Chromium Code Reviews Chromium Code Reviews
Issue 489103004:
Allow editing passwords in settings/passwords (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/passwords/password_manager_presenter.h" | 5 #include "chrome/browser/ui/passwords/password_manager_presenter.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/metrics/user_metrics_action.h" | 9 #include "base/metrics/user_metrics_action.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "base/prefs/pref_service.h" |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 76 last_authentication_time_ = base::TimeTicks(); | 76 last_authentication_time_ = base::TimeTicks(); |
| 77 | 77 |
| 78 // Reset the current lists. | 78 // Reset the current lists. |
| 79 password_list_.clear(); | 79 password_list_.clear(); |
| 80 password_exception_list_.clear(); | 80 password_exception_list_.clear(); |
| 81 | 81 |
| 82 populater_.Populate(); | 82 populater_.Populate(); |
| 83 exception_populater_.Populate(); | 83 exception_populater_.Populate(); |
| 84 } | 84 } |
| 85 | 85 |
| 86 // static | |
| 87 bool PasswordManagerPresenter::CheckOriginValidityForAdding( | |
| 88 const GURL& origin) { | |
| 89 // Restrict the URL scheme to http and https since a manually-added | |
| 90 // PasswordForm entry's |scheme| is assumed to be SCHEME_HTML. | |
| 91 return origin.is_valid() && (origin.SchemeIs(url::kHttpScheme) || | |
| 92 origin.SchemeIs(url::kHttpsScheme)); | |
| 93 } | |
| 94 | |
| 95 void PasswordManagerPresenter::AddPassword( | |
| 96 const GURL& origin, | |
| 97 const base::string16& username_value, | |
| 98 const base::string16& password_value) { | |
| 99 #if !defined(OS_ANDROID) // This is never called on Android. | |
| 100 if (!CheckOriginValidityForAdding(origin) || password_value.empty()) { | |
| 101 // Invalid |origin| or empty |password_value| might come from a compromised | |
| 102 // renderer, which shouldn't be saved to the password store. | |
|
vabr (Chromium)
2014/08/25 07:35:07
Is it "might come" or "can only come"? If I unders
jaekyeom
2014/08/26 05:34:48
Done.
| |
| 103 NOTREACHED(); | |
| 104 return; | |
| 105 } | |
| 106 PasswordStore* store = GetPasswordStore(); | |
| 107 if (!store) | |
| 108 return; | |
| 109 | |
| 110 GURL::Replacements replacements; | |
| 111 replacements.ClearUsername(); | |
| 112 replacements.ClearPassword(); | |
| 113 replacements.ClearQuery(); | |
| 114 replacements.ClearRef(); | |
| 115 autofill::PasswordForm form; | |
| 116 form.origin = origin.ReplaceComponents(replacements); | |
| 117 form.username_value = username_value; | |
| 118 form.password_value = password_value; | |
| 119 form.signon_realm = origin.GetOrigin().spec(); | |
| 120 form.ssl_valid = origin.SchemeIsSecure(); | |
| 121 form.date_created = base::Time::Now(); | |
| 122 | |
| 123 store->AddLogin(form); | |
| 124 #endif | |
| 125 } | |
| 126 | |
| 127 void PasswordManagerPresenter::UpdatePassword( | |
| 128 size_t index, | |
| 129 const base::string16& password_value) { | |
| 130 #if !defined(OS_ANDROID) // This is never called on Android. | |
| 131 if (index >= password_list_.size() || password_value.empty()) { | |
| 132 // |index| out of bounds might come from a compromised renderer, don't let | |
| 133 // it crash the browser. http://crbug.com/362054 | |
| 134 // Similarly, empty |password_value| also might come from a compromised | |
| 135 // renderer, which is forbidden to be saved to the password store. So use | |
| 136 // the same logic. | |
| 137 NOTREACHED(); | |
| 138 return; | |
| 139 } | |
| 140 PasswordStore* store = GetPasswordStore(); | |
| 141 if (!store) | |
| 142 return; | |
| 143 autofill::PasswordForm form(*password_list_[index]); | |
| 144 form.password_value = password_value; | |
| 145 store->UpdateLogin(form); | |
| 146 #endif | |
| 147 } | |
| 148 | |
| 86 void PasswordManagerPresenter::RemoveSavedPassword(size_t index) { | 149 void PasswordManagerPresenter::RemoveSavedPassword(size_t index) { |
| 87 if (index >= password_list_.size()) { | 150 if (index >= password_list_.size()) { |
| 88 // |index| out of bounds might come from a compromised renderer, don't let | 151 // |index| out of bounds might come from a compromised renderer, don't let |
| 89 // it crash the browser. http://crbug.com/362054 | 152 // it crash the browser. http://crbug.com/362054 |
| 90 NOTREACHED(); | 153 NOTREACHED(); |
| 91 return; | 154 return; |
| 92 } | 155 } |
| 93 PasswordStore* store = GetPasswordStore(); | 156 PasswordStore* store = GetPasswordStore(); |
| 94 if (!store) | 157 if (!store) |
| 95 return; | 158 return; |
| (...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 232 } | 295 } |
| 233 | 296 |
| 234 void PasswordManagerPresenter::PasswordExceptionListPopulater:: | 297 void PasswordManagerPresenter::PasswordExceptionListPopulater:: |
| 235 OnGetPasswordStoreResults( | 298 OnGetPasswordStoreResults( |
| 236 const std::vector<autofill::PasswordForm*>& results) { | 299 const std::vector<autofill::PasswordForm*>& results) { |
| 237 page_->password_exception_list_.clear(); | 300 page_->password_exception_list_.clear(); |
| 238 page_->password_exception_list_.insert(page_->password_exception_list_.end(), | 301 page_->password_exception_list_.insert(page_->password_exception_list_.end(), |
| 239 results.begin(), results.end()); | 302 results.begin(), results.end()); |
| 240 page_->SetPasswordExceptionList(); | 303 page_->SetPasswordExceptionList(); |
| 241 } | 304 } |
| OLD | NEW |
