1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "components/autofill/content/renderer/password_autofill_agent.h" 6 7 #include "base/bind.h" 8 #include "base/memory/scoped_ptr.h" 9 #include "base/message_loop/message_loop.h" 10 #include "base/metrics/histogram.h" 11 #include "base/strings/utf_string_conversions.h" 12 #include "components/autofill/content/common/autofill_messages.h" 13 #include "components/autofill/content/renderer/form_autofill_util.h" 14 #include "components/autofill/content/renderer/password_form_conversion_utils.h" 15 #include "components/autofill/content/renderer/renderer_save_password_progress_logger.h" 16 #include "components/autofill/core/common/form_field_data.h" 17 #include "components/autofill/core/common/password_autofill_util.h" 18 #include "components/autofill/core/common/password_form.h" 19 #include "components/autofill/core/common/password_form_fill_data.h" 20 #include "content/public/common/page_transition_types.h" 21 #include "content/public/renderer/document_state.h" 22 #include "content/public/renderer/navigation_state.h" 23 #include "content/public/renderer/render_view.h" 24 #include "third_party/WebKit/public/platform/WebVector.h" 25 #include "third_party/WebKit/public/web/WebAutofillClient.h" 26 #include "third_party/WebKit/public/web/WebDocument.h" 27 #include "third_party/WebKit/public/web/WebElement.h" 28 #include "third_party/WebKit/public/web/WebFormElement.h" 29 #include "third_party/WebKit/public/web/WebInputEvent.h" 30 #include "third_party/WebKit/public/web/WebLocalFrame.h" 31 #include "third_party/WebKit/public/web/WebNode.h" 32 #include "third_party/WebKit/public/web/WebNodeList.h" 33 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" 34 #include "third_party/WebKit/public/web/WebUserGestureIndicator.h" 35 #include "third_party/WebKit/public/web/WebView.h" 36 #include "ui/events/keycodes/keyboard_codes.h" 37 #include "url/gurl.h" 38 39 namespace autofill { 40 namespace { 41 42 // The size above which we stop triggering autocomplete. 43 static const size_t kMaximumTextSizeForAutocomplete = 1000; 44 45 // Maps element names to the actual elements to simplify form filling. 46 typedef std::map<base::string16, blink::WebInputElement> FormInputElementMap; 47 48 // Use the shorter name when referencing SavePasswordProgressLogger::StringID 49 // values to spare line breaks. The code provides enough context for that 50 // already. 51 typedef SavePasswordProgressLogger Logger; 52 53 // Utility struct for form lookup and autofill. When we parse the DOM to look up 54 // a form, in addition to action and origin URL's we have to compare all 55 // necessary form elements. To avoid having to look these up again when we want 56 // to fill the form, the FindFormElements function stores the pointers 57 // in a FormElements* result, referenced to ensure they are safe to use. 58 struct FormElements { 59 blink::WebFormElement form_element; 60 FormInputElementMap input_elements; 61 }; 62 63 typedef std::vector<FormElements*> FormElementsList; 64 65 // Helper to search the given form element for the specified input elements 66 // in |data|, and add results to |result|. 67 static bool FindFormInputElements(blink::WebFormElement* fe, 68 const FormData& data, 69 FormElements* result) { 70 // Loop through the list of elements we need to find on the form in order to 71 // autofill it. If we don't find any one of them, abort processing this 72 // form; it can't be the right one. 73 for (size_t j = 0; j < data.fields.size(); j++) { 74 blink::WebVector<blink::WebNode> temp_elements; 75 fe->getNamedElements(data.fields[j].name, temp_elements); 76 77 // Match the first input element, if any. 78 // |getNamedElements| may return non-input elements where the names match, 79 // so the results are filtered for input elements. 80 // If more than one match is made, then we have ambiguity (due to misuse 81 // of "name" attribute) so is it considered not found. 82 bool found_input = false; 83 for (size_t i = 0; i < temp_elements.size(); ++i) { 84 if (temp_elements[i].to<blink::WebElement>().hasHTMLTagName("input")) { 85 // Check for a non-unique match. 86 if (found_input) { 87 found_input = false; 88 break; 89 } 90 91 // Only fill saved passwords into password fields and usernames into 92 // text fields. 93 blink::WebInputElement input_element = 94 temp_elements[i].to<blink::WebInputElement>(); 95 if (input_element.isPasswordField() != 96 (data.fields[j].form_control_type == "password")) 97 continue; 98 99 // This element matched, add it to our temporary result. It's possible 100 // there are multiple matches, but for purposes of identifying the form 101 // one suffices and if some function needs to deal with multiple 102 // matching elements it can get at them through the FormElement*. 103 // Note: This assignment adds a reference to the InputElement. 104 result->input_elements[data.fields[j].name] = input_element; 105 found_input = true; 106 } 107 } 108 109 // A required element was not found. This is not the right form. 110 // Make sure no input elements from a partially matched form in this 111 // iteration remain in the result set. 112 // Note: clear will remove a reference from each InputElement. 113 if (!found_input) { 114 result->input_elements.clear(); 115 return false; 116 } 117 } 118 return true; 119 } 120 121 // Helper to locate form elements identified by |data|. 122 void FindFormElements(blink::WebView* view, 123 const FormData& data, 124 FormElementsList* results) { 125 DCHECK(view); 126 DCHECK(results); 127 blink::WebFrame* main_frame = view->mainFrame(); 128 if (!main_frame) 129 return; 130 131 GURL::Replacements rep; 132 rep.ClearQuery(); 133 rep.ClearRef(); 134 135 // Loop through each frame. 136 for (blink::WebFrame* f = main_frame; f; f = f->traverseNext(false)) { 137 blink::WebDocument doc = f->document(); 138 if (!doc.isHTMLDocument()) 139 continue; 140 141 GURL full_origin(doc.url()); 142 if (data.origin != full_origin.ReplaceComponents(rep)) 143 continue; 144 145 blink::WebVector<blink::WebFormElement> forms; 146 doc.forms(forms); 147 148 for (size_t i = 0; i < forms.size(); ++i) { 149 blink::WebFormElement fe = forms[i]; 150 151 GURL full_action(f->document().completeURL(fe.action())); 152 if (full_action.is_empty()) { 153 // The default action URL is the form's origin. 154 full_action = full_origin; 155 } 156 157 // Action URL must match. 158 if (data.action != full_action.ReplaceComponents(rep)) 159 continue; 160 161 scoped_ptr<FormElements> curr_elements(new FormElements); 162 if (!FindFormInputElements(&fe, data, curr_elements.get())) 163 continue; 164 165 // We found the right element. 166 // Note: this assignment adds a reference to |fe|. 167 curr_elements->form_element = fe; 168 results->push_back(curr_elements.release()); 169 } 170 } 171 } 172 173 bool IsElementEditable(const blink::WebInputElement& element) { 174 return element.isEnabled() && !element.isReadOnly(); 175 } 176 177 bool DoUsernamesMatch(const base::string16& username1, 178 const base::string16& username2, 179 bool exact_match) { 180 if (exact_match) 181 return username1 == username2; 182 return StartsWith(username1, username2, true); 183 } 184 185 // Returns |true| if the given element is both editable and has permission to be 186 // autocompleted. The latter can be either because there is no 187 // autocomplete='off' set for the element, or because the flag is set to ignore 188 // autocomplete='off'. Otherwise, returns |false|. 189 bool IsElementAutocompletable(const blink::WebInputElement& element) { 190 return IsElementEditable(element) && 191 (ShouldIgnoreAutocompleteOffForPasswordFields() || 192 element.autoComplete()); 193 } 194 195 // Returns true if the password specified in |form| is a default value. 196 bool PasswordValueIsDefault(const PasswordForm& form, 197 blink::WebFormElement form_element) { 198 blink::WebVector<blink::WebNode> temp_elements; 199 form_element.getNamedElements(form.password_element, temp_elements); 200 201 // We are loose in our definition here and will return true if any of the 202 // appropriately named elements match the element to be saved. Currently 203 // we ignore filling passwords where naming is ambigious anyway. 204 for (size_t i = 0; i < temp_elements.size(); ++i) { 205 if (temp_elements[i].to<blink::WebElement>().getAttribute("value") == 206 form.password_value) 207 return true; 208 } 209 return false; 210 } 211 212 // Log a message including the name, method and action of |form|. 213 void LogHTMLForm(SavePasswordProgressLogger* logger, 214 SavePasswordProgressLogger::StringID message_id, 215 const blink::WebFormElement& form) { 216 logger->LogHTMLForm(message_id, 217 form.name().utf8(), 218 form.method().utf8(), 219 GURL(form.action().utf8())); 220 } 221 222 } // namespace 223 224 //////////////////////////////////////////////////////////////////////////////// 225 // PasswordAutofillAgent, public: 226 227 PasswordAutofillAgent::PasswordAutofillAgent(content::RenderView* render_view) 228 : content::RenderViewObserver(render_view), 229 usernames_usage_(NOTHING_TO_AUTOFILL), 230 web_view_(render_view->GetWebView()), 231 logging_state_active_(false), 232 was_username_autofilled_(false), 233 was_password_autofilled_(false), 234 username_selection_start_(0), 235 weak_ptr_factory_(this) { 236 Send(new AutofillHostMsg_PasswordAutofillAgentConstructed(routing_id())); 237 } 238 239 PasswordAutofillAgent::~PasswordAutofillAgent() { 240 } 241 242 PasswordAutofillAgent::PasswordValueGatekeeper::PasswordValueGatekeeper() 243 : was_user_gesture_seen_(false) { 244 } 245 246 PasswordAutofillAgent::PasswordValueGatekeeper::~PasswordValueGatekeeper() { 247 } 248 249 void PasswordAutofillAgent::PasswordValueGatekeeper::RegisterElement( 250 blink::WebInputElement* element) { 251 if (was_user_gesture_seen_) 252 ShowValue(element); 253 else 254 elements_.push_back(*element); 255 } 256 257 void PasswordAutofillAgent::PasswordValueGatekeeper::OnUserGesture() { 258 was_user_gesture_seen_ = true; 259 260 for (std::vector<blink::WebInputElement>::iterator it = elements_.begin(); 261 it != elements_.end(); 262 ++it) { 263 ShowValue(&(*it)); 264 } 265 266 elements_.clear(); 267 } 268 269 void PasswordAutofillAgent::PasswordValueGatekeeper::Reset() { 270 was_user_gesture_seen_ = false; 271 elements_.clear(); 272 } 273 274 void PasswordAutofillAgent::PasswordValueGatekeeper::ShowValue( 275 blink::WebInputElement* element) { 276 if (!element->isNull() && !element->suggestedValue().isNull()) 277 element->setValue(element->suggestedValue(), true); 278 } 279 280 bool PasswordAutofillAgent::TextFieldDidEndEditing( 281 const blink::WebInputElement& element) { 282 LoginToPasswordInfoMap::const_iterator iter = 283 login_to_password_info_.find(element); 284 if (iter == login_to_password_info_.end()) 285 return false; 286 287 const PasswordFormFillData& fill_data = iter->second.fill_data; 288 289 // If wait_for_username is false, we should have filled when the text changed. 290 if (!fill_data.wait_for_username) 291 return false; 292 293 blink::WebInputElement password = iter->second.password_field; 294 if (!IsElementEditable(password)) 295 return false; 296 297 blink::WebInputElement username = element; // We need a non-const. 298 299 // Do not set selection when ending an editing session, otherwise it can 300 // mess with focus. 301 FillUserNameAndPassword(&username, 302 &password, 303 fill_data, 304 true /* exact_username_match */, 305 false /* set_selection */); 306 return true; 307 } 308 309 bool PasswordAutofillAgent::TextDidChangeInTextField( 310 const blink::WebInputElement& element) { 311 LoginToPasswordInfoMap::const_iterator iter = 312 login_to_password_info_.find(element); 313 if (iter == login_to_password_info_.end()) 314 return false; 315 316 // The input text is being changed, so any autofilled password is now 317 // outdated. 318 blink::WebInputElement username = element; // We need a non-const. 319 username.setAutofilled(false); 320 321 blink::WebInputElement password = iter->second.password_field; 322 if (password.isAutofilled()) { 323 password.setValue(base::string16(), true); 324 password.setAutofilled(false); 325 } 326 327 // If wait_for_username is true we will fill when the username loses focus. 328 if (iter->second.fill_data.wait_for_username) 329 return false; 330 331 if (!element.isText() || !IsElementAutocompletable(element) || 332 !IsElementAutocompletable(password)) { 333 return false; 334 } 335 336 // Don't inline autocomplete if the user is deleting, that would be confusing. 337 // But refresh the popup. Note, since this is ours, return true to signal 338 // no further processing is required. 339 if (iter->second.backspace_pressed_last) { 340 ShowSuggestionPopup(iter->second.fill_data, username); 341 return true; 342 } 343 344 blink::WebString name = element.nameForAutofill(); 345 if (name.isEmpty()) 346 return false; // If the field has no name, then we won't have values. 347 348 // Don't attempt to autofill with values that are too large. 349 if (element.value().length() > kMaximumTextSizeForAutocomplete) 350 return false; 351 352 // The caret position should have already been updated. 353 PerformInlineAutocomplete(element, password, iter->second.fill_data); 354 return true; 355 } 356 357 bool PasswordAutofillAgent::TextFieldHandlingKeyDown( 358 const blink::WebInputElement& element, 359 const blink::WebKeyboardEvent& event) { 360 // If using the new Autofill UI that lives in the browser, it will handle 361 // keypresses before this function. This is not currently an issue but if 362 // the keys handled there or here change, this issue may appear. 363 364 LoginToPasswordInfoMap::iterator iter = login_to_password_info_.find(element); 365 if (iter == login_to_password_info_.end()) 366 return false; 367 368 int win_key_code = event.windowsKeyCode; 369 iter->second.backspace_pressed_last = 370 (win_key_code == ui::VKEY_BACK || win_key_code == ui::VKEY_DELETE); 371 return true; 372 } 373 374 bool PasswordAutofillAgent::FillSuggestion( 375 const blink::WebNode& node, 376 const blink::WebString& username, 377 const blink::WebString& password) { 378 blink::WebInputElement username_element; 379 PasswordInfo password_info; 380 381 if (!FindLoginInfo(node, &username_element, &password_info) || 382 !IsElementAutocompletable(username_element) || 383 !IsElementAutocompletable(password_info.password_field)) { 384 return false; 385 } 386 387 base::string16 current_username = username_element.value(); 388 username_element.setValue(username, true); 389 username_element.setAutofilled(true); 390 username_element.setSelectionRange(username.length(), username.length()); 391 392 password_info.password_field.setValue(password, true); 393 password_info.password_field.setAutofilled(true); 394 395 return true; 396 } 397 398 bool PasswordAutofillAgent::PreviewSuggestion( 399 const blink::WebNode& node, 400 const blink::WebString& username, 401 const blink::WebString& password) { 402 blink::WebInputElement username_element; 403 PasswordInfo password_info; 404 405 if (!FindLoginInfo(node, &username_element, &password_info) || 406 !IsElementAutocompletable(username_element) || 407 !IsElementAutocompletable(password_info.password_field)) { 408 return false; 409 } 410 411 was_username_autofilled_ = username_element.isAutofilled(); 412 username_selection_start_ = username_element.selectionStart(); 413 username_element.setSuggestedValue(username); 414 username_element.setAutofilled(true); 415 username_element.setSelectionRange( 416 username_selection_start_, 417 username_element.suggestedValue().length()); 418 419 was_password_autofilled_ = password_info.password_field.isAutofilled(); 420 password_info.password_field.setSuggestedValue(password); 421 password_info.password_field.setAutofilled(true); 422 423 return true; 424 } 425 426 bool PasswordAutofillAgent::DidClearAutofillSelection( 427 const blink::WebNode& node) { 428 blink::WebInputElement username_element; 429 PasswordInfo password_info; 430 if (!FindLoginInfo(node, &username_element, &password_info)) 431 return false; 432 433 ClearPreview(&username_element, &password_info.password_field); 434 return true; 435 } 436 437 bool PasswordAutofillAgent::ShowSuggestions( 438 const blink::WebInputElement& element) { 439 LoginToPasswordInfoMap::const_iterator iter = 440 login_to_password_info_.find(element); 441 if (iter == login_to_password_info_.end()) 442 return false; 443 444 // If autocomplete='off' is set on the form elements, no suggestion dialog 445 // should be shown. However, return |true| to indicate that this is a known 446 // password form and that the request to show suggestions has been handled (as 447 // a no-op). 448 if (!IsElementAutocompletable(element) || 449 !IsElementAutocompletable(iter->second.password_field)) 450 return true; 451 452 return ShowSuggestionPopup(iter->second.fill_data, element); 453 } 454 455 bool PasswordAutofillAgent::OriginCanAccessPasswordManager( 456 const blink::WebSecurityOrigin& origin) { 457 return origin.canAccessPasswordManager(); 458 } 459 460 void PasswordAutofillAgent::OnDynamicFormsSeen(blink::WebFrame* frame) { 461 SendPasswordForms(frame, false /* only_visible */); 462 } 463 464 void PasswordAutofillAgent::FirstUserGestureObserved() { 465 gatekeeper_.OnUserGesture(); 466 } 467 468 void PasswordAutofillAgent::SendPasswordForms(blink::WebFrame* frame, 469 bool only_visible) { 470 scoped_ptr<RendererSavePasswordProgressLogger> logger; 471 if (logging_state_active_) { 472 logger.reset(new RendererSavePasswordProgressLogger(this, routing_id())); 473 logger->LogMessage(Logger::STRING_SEND_PASSWORD_FORMS_METHOD); 474 logger->LogBoolean(Logger::STRING_ONLY_VISIBLE, only_visible); 475 } 476 477 // Make sure that this security origin is allowed to use password manager. 478 blink::WebSecurityOrigin origin = frame->document().securityOrigin(); 479 if (logger) { 480 logger->LogURL(Logger::STRING_SECURITY_ORIGIN, 481 GURL(origin.toString().utf8())); 482 } 483 if (!OriginCanAccessPasswordManager(origin)) { 484 if (logger) { 485 logger->LogMessage(Logger::STRING_SECURITY_ORIGIN_FAILURE); 486 logger->LogMessage(Logger::STRING_DECISION_DROP); 487 } 488 return; 489 } 490 491 // Checks whether the webpage is a redirect page or an empty page. 492 if (IsWebpageEmpty(frame)) { 493 if (logger) { 494 logger->LogMessage(Logger::STRING_WEBPAGE_EMPTY); 495 logger->LogMessage(Logger::STRING_DECISION_DROP); 496 } 497 return; 498 } 499 500 blink::WebVector<blink::WebFormElement> forms; 501 frame->document().forms(forms); 502 if (logger) 503 logger->LogNumber(Logger::STRING_NUMBER_OF_ALL_FORMS, forms.size()); 504 505 std::vector<PasswordForm> password_forms; 506 for (size_t i = 0; i < forms.size(); ++i) { 507 const blink::WebFormElement& form = forms[i]; 508 bool is_form_visible = IsWebNodeVisible(form); 509 if (logger) { 510 LogHTMLForm(logger.get(), Logger::STRING_FORM_FOUND_ON_PAGE, form); 511 logger->LogBoolean(Logger::STRING_FORM_IS_VISIBLE, is_form_visible); 512 } 513 514 // If requested, ignore non-rendered forms, e.g. those styled with 515 // display:none. 516 if (only_visible && !is_form_visible) 517 continue; 518 519 scoped_ptr<PasswordForm> password_form(CreatePasswordForm(form)); 520 if (password_form.get()) { 521 if (logger) { 522 logger->LogPasswordForm(Logger::STRING_FORM_IS_PASSWORD, 523 *password_form); 524 } 525 password_forms.push_back(*password_form); 526 } 527 } 528 529 if (password_forms.empty() && !only_visible) { 530 // We need to send the PasswordFormsRendered message regardless of whether 531 // there are any forms visible, as this is also the code path that triggers 532 // showing the infobar. 533 return; 534 } 535 536 if (only_visible) { 537 Send(new AutofillHostMsg_PasswordFormsRendered(routing_id(), 538 password_forms)); 539 } else { 540 Send(new AutofillHostMsg_PasswordFormsParsed(routing_id(), password_forms)); 541 } 542 } 543 544 bool PasswordAutofillAgent::OnMessageReceived(const IPC::Message& message) { 545 bool handled = true; 546 IPC_BEGIN_MESSAGE_MAP(PasswordAutofillAgent, message) 547 IPC_MESSAGE_HANDLER(AutofillMsg_FillPasswordForm, OnFillPasswordForm) 548 IPC_MESSAGE_HANDLER(AutofillMsg_SetLoggingState, OnSetLoggingState) 549 IPC_MESSAGE_UNHANDLED(handled = false) 550 IPC_END_MESSAGE_MAP() 551 return handled; 552 } 553 554 void PasswordAutofillAgent::DidStartLoading() { 555 if (usernames_usage_ != NOTHING_TO_AUTOFILL) { 556 UMA_HISTOGRAM_ENUMERATION("PasswordManager.OtherPossibleUsernamesUsage", 557 usernames_usage_, 558 OTHER_POSSIBLE_USERNAMES_MAX); 559 usernames_usage_ = NOTHING_TO_AUTOFILL; 560 } 561 } 562 563 void PasswordAutofillAgent::DidFinishDocumentLoad(blink::WebLocalFrame* frame) { 564 // The |frame| contents have been parsed, but not yet rendered. Let the 565 // PasswordManager know that forms are loaded, even though we can't yet tell 566 // whether they're visible. 567 SendPasswordForms(frame, false); 568 } 569 570 void PasswordAutofillAgent::DidFinishLoad(blink::WebLocalFrame* frame) { 571 // The |frame| contents have been rendered. Let the PasswordManager know 572 // which of the loaded frames are actually visible to the user. This also 573 // triggers the "Save password?" infobar if the user just submitted a password 574 // form. 575 SendPasswordForms(frame, true); 576 } 577 578 void PasswordAutofillAgent::FrameDetached(blink::WebFrame* frame) { 579 FrameClosing(frame); 580 } 581 582 void PasswordAutofillAgent::FrameWillClose(blink::WebFrame* frame) { 583 FrameClosing(frame); 584 } 585 586 void PasswordAutofillAgent::WillSendSubmitEvent( 587 blink::WebLocalFrame* frame, 588 const blink::WebFormElement& form) { 589 // Some login forms have onSubmit handlers that put a hash of the password 590 // into a hidden field and then clear the password (http://crbug.com/28910). 591 // This method gets called before any of those handlers run, so save away 592 // a copy of the password in case it gets lost. 593 scoped_ptr<PasswordForm> password_form(CreatePasswordForm(form)); 594 if (password_form) 595 provisionally_saved_forms_[frame].reset(password_form.release()); 596 } 597 598 void PasswordAutofillAgent::WillSubmitForm(blink::WebLocalFrame* frame, 599 const blink::WebFormElement& form) { 600 scoped_ptr<RendererSavePasswordProgressLogger> logger; 601 if (logging_state_active_) { 602 logger.reset(new RendererSavePasswordProgressLogger(this, routing_id())); 603 logger->LogMessage(Logger::STRING_WILL_SUBMIT_FORM_METHOD); 604 LogHTMLForm(logger.get(), Logger::STRING_HTML_FORM_FOR_SUBMIT, form); 605 } 606 607 scoped_ptr<PasswordForm> submitted_form = CreatePasswordForm(form); 608 609 // If there is a provisionally saved password, copy over the previous 610 // password value so we get the user's typed password, not the value that 611 // may have been transformed for submit. 612 // TODO(gcasto): Do we need to have this action equality check? Is it trying 613 // to prevent accidentally copying over passwords from a different form? 614 if (submitted_form) { 615 if (logger) { 616 logger->LogPasswordForm(Logger::STRING_CREATED_PASSWORD_FORM, 617 *submitted_form); 618 } 619 if (provisionally_saved_forms_[frame].get() && 620 submitted_form->action == provisionally_saved_forms_[frame]->action) { 621 if (logger) 622 logger->LogMessage(Logger::STRING_SUBMITTED_PASSWORD_REPLACED); 623 submitted_form->password_value = 624 provisionally_saved_forms_[frame]->password_value; 625 } 626 627 // Some observers depend on sending this information now instead of when 628 // the frame starts loading. If there are redirects that cause a new 629 // RenderView to be instantiated (such as redirects to the WebStore) 630 // we will never get to finish the load. 631 Send(new AutofillHostMsg_PasswordFormSubmitted(routing_id(), 632 *submitted_form)); 633 // Remove reference since we have already submitted this form. 634 provisionally_saved_forms_.erase(frame); 635 } else if (logger) { 636 logger->LogMessage(Logger::STRING_DECISION_DROP); 637 } 638 } 639 640 blink::WebFrame* PasswordAutofillAgent::CurrentOrChildFrameWithSavedForms( 641 const blink::WebFrame* current_frame) { 642 for (FrameToPasswordFormMap::const_iterator it = 643 provisionally_saved_forms_.begin(); 644 it != provisionally_saved_forms_.end(); 645 ++it) { 646 blink::WebFrame* form_frame = it->first; 647 // The check that the returned frame is related to |current_frame| is mainly 648 // for double-checking. There should not be any unrelated frames in 649 // |provisionally_saved_forms_|, because the map is cleared after 650 // navigation. If there are reasons to remove this check in the future and 651 // keep just the first frame found, it might be a good idea to add a UMA 652 // statistic or a similar check on how many frames are here to choose from. 653 if (current_frame == form_frame || 654 current_frame->findChildByName(form_frame->assignedName())) { 655 return form_frame; 656 } 657 } 658 return NULL; 659 } 660 661 void PasswordAutofillAgent::DidStartProvisionalLoad( 662 blink::WebLocalFrame* frame) { 663 scoped_ptr<RendererSavePasswordProgressLogger> logger; 664 if (logging_state_active_) { 665 logger.reset(new RendererSavePasswordProgressLogger(this, routing_id())); 666 logger->LogMessage(Logger::STRING_DID_START_PROVISIONAL_LOAD_METHOD); 667 } 668 669 if (!frame->parent()) { 670 // If the navigation is not triggered by a user gesture, e.g. by some ajax 671 // callback, then inherit the submitted password form from the previous 672 // state. This fixes the no password save issue for ajax login, tracked in 673 // [http://crbug/43219]. Note that this still fails for sites that use 674 // synchonous XHR as isProcessingUserGesture() will return true. 675 blink::WebFrame* form_frame = CurrentOrChildFrameWithSavedForms(frame); 676 if (logger) { 677 logger->LogBoolean(Logger::STRING_FORM_FRAME_EQ_FRAME, 678 form_frame == frame); 679 } 680 // Bug fix for crbug.com/368690. isProcessingUserGesture() is false when 681 // the user is performing actions outside the page (e.g. typed url, 682 // history navigation). We don't want to trigger saving in these cases. 683 content::DocumentState* document_state = 684 content::DocumentState::FromDataSource( 685 frame->provisionalDataSource()); 686 content::NavigationState* navigation_state = 687 document_state->navigation_state(); 688 if (content::PageTransitionIsWebTriggerable( 689 navigation_state->transition_type()) && 690 !blink::WebUserGestureIndicator::isProcessingUserGesture()) { 691 // If onsubmit has been called, try and save that form. 692 if (provisionally_saved_forms_[form_frame].get()) { 693 if (logger) { 694 logger->LogPasswordForm( 695 Logger::STRING_PROVISIONALLY_SAVED_FORM_FOR_FRAME, 696 *provisionally_saved_forms_[form_frame]); 697 } 698 Send(new AutofillHostMsg_PasswordFormSubmitted( 699 routing_id(), *provisionally_saved_forms_[form_frame])); 700 provisionally_saved_forms_.erase(form_frame); 701 } else { 702 // Loop through the forms on the page looking for one that has been 703 // filled out. If one exists, try and save the credentials. 704 blink::WebVector<blink::WebFormElement> forms; 705 frame->document().forms(forms); 706 707 bool password_forms_found = false; 708 for (size_t i = 0; i < forms.size(); ++i) { 709 blink::WebFormElement form_element = forms[i]; 710 if (logger) { 711 LogHTMLForm( 712 logger.get(), Logger::STRING_FORM_FOUND_ON_PAGE, form_element); 713 } 714 scoped_ptr<PasswordForm> password_form( 715 CreatePasswordForm(form_element)); 716 if (password_form.get() && !password_form->username_value.empty() && 717 !password_form->password_value.empty() && 718 !PasswordValueIsDefault(*password_form, form_element)) { 719 password_forms_found = true; 720 if (logger) { 721 logger->LogPasswordForm( 722 Logger::STRING_PASSWORD_FORM_FOUND_ON_PAGE, *password_form); 723 } 724 Send(new AutofillHostMsg_PasswordFormSubmitted(routing_id(), 725 *password_form)); 726 } 727 } 728 if (!password_forms_found && logger) { 729 logger->LogMessage(Logger::STRING_DECISION_DROP); 730 } 731 } 732 } 733 // Clear the whole map during main frame navigation. 734 provisionally_saved_forms_.clear(); 735 736 // This is a new navigation, so require a new user gesture before filling in 737 // passwords. 738 gatekeeper_.Reset(); 739 } else { 740 if (logger) 741 logger->LogMessage(Logger::STRING_DECISION_DROP); 742 } 743 } 744 745 void PasswordAutofillAgent::OnFillPasswordForm( 746 const PasswordFormFillData& form_data) { 747 if (usernames_usage_ == NOTHING_TO_AUTOFILL) { 748 if (form_data.other_possible_usernames.size()) 749 usernames_usage_ = OTHER_POSSIBLE_USERNAMES_PRESENT; 750 else if (usernames_usage_ == NOTHING_TO_AUTOFILL) 751 usernames_usage_ = OTHER_POSSIBLE_USERNAMES_ABSENT; 752 } 753 754 FormElementsList forms; 755 // We own the FormElements* in forms. 756 FindFormElements(render_view()->GetWebView(), form_data.basic_data, &forms); 757 FormElementsList::iterator iter; 758 for (iter = forms.begin(); iter != forms.end(); ++iter) { 759 scoped_ptr<FormElements> form_elements(*iter); 760 761 // Attach autocomplete listener to enable selecting alternate logins. 762 // First, get pointers to username element. 763 blink::WebInputElement username_element = 764 form_elements->input_elements[form_data.basic_data.fields[0].name]; 765 766 // Get pointer to password element. (We currently only support single 767 // password forms). 768 blink::WebInputElement password_element = 769 form_elements->input_elements[form_data.basic_data.fields[1].name]; 770 771 // If wait_for_username is true, we don't want to initially fill the form 772 // until the user types in a valid username. 773 if (!form_data.wait_for_username) 774 FillFormOnPasswordRecieved(form_data, username_element, password_element); 775 776 // We might have already filled this form if there are two <form> elements 777 // with identical markup. 778 if (login_to_password_info_.find(username_element) != 779 login_to_password_info_.end()) 780 continue; 781 782 PasswordInfo password_info; 783 password_info.fill_data = form_data; 784 password_info.password_field = password_element; 785 login_to_password_info_[username_element] = password_info; 786 787 FormData form; 788 FormFieldData field; 789 FindFormAndFieldForFormControlElement( 790 username_element, &form, &field, REQUIRE_NONE); 791 Send(new AutofillHostMsg_AddPasswordFormMapping( 792 routing_id(), field, form_data)); 793 } 794 } 795 796 void PasswordAutofillAgent::OnSetLoggingState(bool active) { 797 logging_state_active_ = active; 798 } 799 800 //////////////////////////////////////////////////////////////////////////////// 801 // PasswordAutofillAgent, private: 802 803 void PasswordAutofillAgent::GetSuggestions( 804 const PasswordFormFillData& fill_data, 805 const base::string16& input, 806 std::vector<base::string16>* suggestions, 807 std::vector<base::string16>* realms) { 808 if (StartsWith(fill_data.basic_data.fields[0].value, input, false)) { 809 suggestions->push_back(fill_data.basic_data.fields[0].value); 810 realms->push_back(base::UTF8ToUTF16(fill_data.preferred_realm)); 811 } 812 813 for (PasswordFormFillData::LoginCollection::const_iterator iter = 814 fill_data.additional_logins.begin(); 815 iter != fill_data.additional_logins.end(); 816 ++iter) { 817 if (StartsWith(iter->first, input, false)) { 818 suggestions->push_back(iter->first); 819 realms->push_back(base::UTF8ToUTF16(iter->second.realm)); 820 } 821 } 822 823 for (PasswordFormFillData::UsernamesCollection::const_iterator iter = 824 fill_data.other_possible_usernames.begin(); 825 iter != fill_data.other_possible_usernames.end(); 826 ++iter) { 827 for (size_t i = 0; i < iter->second.size(); ++i) { 828 if (StartsWith(iter->second[i], input, false)) { 829 usernames_usage_ = OTHER_POSSIBLE_USERNAME_SHOWN; 830 suggestions->push_back(iter->second[i]); 831 realms->push_back(base::UTF8ToUTF16(iter->first.realm)); 832 } 833 } 834 } 835 } 836 837 bool PasswordAutofillAgent::ShowSuggestionPopup( 838 const PasswordFormFillData& fill_data, 839 const blink::WebInputElement& user_input) { 840 blink::WebFrame* frame = user_input.document().frame(); 841 if (!frame) 842 return false; 843 844 blink::WebView* webview = frame->view(); 845 if (!webview) 846 return false; 847 848 std::vector<base::string16> suggestions; 849 std::vector<base::string16> realms; 850 GetSuggestions(fill_data, user_input.value(), &suggestions, &realms); 851 DCHECK_EQ(suggestions.size(), realms.size()); 852 853 FormData form; 854 FormFieldData field; 855 FindFormAndFieldForFormControlElement( 856 user_input, &form, &field, REQUIRE_NONE); 857 858 blink::WebInputElement selected_element = user_input; 859 gfx::Rect bounding_box(selected_element.boundsInViewportSpace()); 860 861 float scale = web_view_->pageScaleFactor(); 862 gfx::RectF bounding_box_scaled(bounding_box.x() * scale, 863 bounding_box.y() * scale, 864 bounding_box.width() * scale, 865 bounding_box.height() * scale); 866 Send(new AutofillHostMsg_ShowPasswordSuggestions( 867 routing_id(), field, bounding_box_scaled, suggestions, realms)); 868 return !suggestions.empty(); 869 } 870 871 void PasswordAutofillAgent::FillFormOnPasswordRecieved( 872 const PasswordFormFillData& fill_data, 873 blink::WebInputElement username_element, 874 blink::WebInputElement password_element) { 875 // Do not fill if the password field is in an iframe. 876 DCHECK(password_element.document().frame()); 877 if (password_element.document().frame()->parent()) 878 return; 879 880 if (!ShouldIgnoreAutocompleteOffForPasswordFields() && 881 !username_element.form().autoComplete()) 882 return; 883 884 // If we can't modify the password, don't try to set the username 885 if (!IsElementAutocompletable(password_element)) 886 return; 887 888 // Try to set the username to the preferred name, but only if the field 889 // can be set and isn't prefilled. 890 if (IsElementAutocompletable(username_element) && 891 username_element.value().isEmpty()) { 892 // TODO(tkent): Check maxlength and pattern. 893 username_element.setValue(fill_data.basic_data.fields[0].value, true); 894 } 895 896 // Fill if we have an exact match for the username. Note that this sets 897 // username to autofilled. 898 FillUserNameAndPassword(&username_element, 899 &password_element, 900 fill_data, 901 true /* exact_username_match */, 902 false /* set_selection */); 903 } 904 905 bool PasswordAutofillAgent::FillUserNameAndPassword( 906 blink::WebInputElement* username_element, 907 blink::WebInputElement* password_element, 908 const PasswordFormFillData& fill_data, 909 bool exact_username_match, 910 bool set_selection) { 911 base::string16 current_username = username_element->value(); 912 // username and password will contain the match found if any. 913 base::string16 username; 914 base::string16 password; 915 916 // Look for any suitable matches to current field text. 917 if (DoUsernamesMatch(fill_data.basic_data.fields[0].value, 918 current_username, 919 exact_username_match)) { 920 username = fill_data.basic_data.fields[0].value; 921 password = fill_data.basic_data.fields[1].value; 922 } else { 923 // Scan additional logins for a match. 924 PasswordFormFillData::LoginCollection::const_iterator iter; 925 for (iter = fill_data.additional_logins.begin(); 926 iter != fill_data.additional_logins.end(); 927 ++iter) { 928 if (DoUsernamesMatch( 929 iter->first, current_username, exact_username_match)) { 930 username = iter->first; 931 password = iter->second.password; 932 break; 933 } 934 } 935 936 // Check possible usernames. 937 if (username.empty() && password.empty()) { 938 for (PasswordFormFillData::UsernamesCollection::const_iterator iter = 939 fill_data.other_possible_usernames.begin(); 940 iter != fill_data.other_possible_usernames.end(); 941 ++iter) { 942 for (size_t i = 0; i < iter->second.size(); ++i) { 943 if (DoUsernamesMatch( 944 iter->second[i], current_username, exact_username_match)) { 945 usernames_usage_ = OTHER_POSSIBLE_USERNAME_SELECTED; 946 username = iter->second[i]; 947 password = iter->first.password; 948 break; 949 } 950 } 951 if (!username.empty() && !password.empty()) 952 break; 953 } 954 } 955 } 956 if (password.empty()) 957 return false; // No match was found. 958 959 // TODO(tkent): Check maxlength and pattern for both username and password 960 // fields. 961 962 // Don't fill username if password can't be set. 963 if (!IsElementAutocompletable(*password_element)) { 964 return false; 965 } 966 967 // Input matches the username, fill in required values. 968 if (IsElementAutocompletable(*username_element)) { 969 username_element->setValue(username, true); 970 username_element->setAutofilled(true); 971 972 if (set_selection) { 973 username_element->setSelectionRange(current_username.length(), 974 username.length()); 975 } 976 } else if (current_username != username) { 977 // If the username can't be filled and it doesn't match a saved password 978 // as is, don't autofill a password. 979 return false; 980 } 981 982 // Wait to fill in the password until a user gesture occurs. This is to make 983 // sure that we do not fill in the DOM with a password until we believe the 984 // user is intentionally interacting with the page. 985 password_element->setSuggestedValue(password); 986 gatekeeper_.RegisterElement(password_element); 987 988 password_element->setAutofilled(true); 989 return true; 990 } 991 992 void PasswordAutofillAgent::PerformInlineAutocomplete( 993 const blink::WebInputElement& username_input, 994 const blink::WebInputElement& password_input, 995 const PasswordFormFillData& fill_data) { 996 DCHECK(!fill_data.wait_for_username); 997 998 // We need non-const versions of the username and password inputs. 999 blink::WebInputElement username = username_input; 1000 blink::WebInputElement password = password_input; 1001 1002 // Don't inline autocomplete if the caret is not at the end. 1003 // TODO(jcivelli): is there a better way to test the caret location? 1004 if (username.selectionStart() != username.selectionEnd() || 1005 username.selectionEnd() != static_cast<int>(username.value().length())) { 1006 return; 1007 } 1008 1009 // Show the popup with the list of available usernames. 1010 ShowSuggestionPopup(fill_data, username); 1011 1012 #if !defined(OS_ANDROID) 1013 // Fill the user and password field with the most relevant match. Android 1014 // only fills in the fields after the user clicks on the suggestion popup. 1015 FillUserNameAndPassword(&username, 1016 &password, 1017 fill_data, 1018 false /* exact_username_match */, 1019 true /* set_selection */); 1020 #endif 1021 } 1022 1023 void PasswordAutofillAgent::FrameClosing(const blink::WebFrame* frame) { 1024 for (LoginToPasswordInfoMap::iterator iter = login_to_password_info_.begin(); 1025 iter != login_to_password_info_.end();) { 1026 if (iter->first.document().frame() == frame) 1027 login_to_password_info_.erase(iter++); 1028 else 1029 ++iter; 1030 } 1031 for (FrameToPasswordFormMap::iterator iter = 1032 provisionally_saved_forms_.begin(); 1033 iter != provisionally_saved_forms_.end();) { 1034 if (iter->first == frame) 1035 provisionally_saved_forms_.erase(iter++); 1036 else 1037 ++iter; 1038 } 1039 } 1040 1041 bool PasswordAutofillAgent::FindLoginInfo(const blink::WebNode& node, 1042 blink::WebInputElement* found_input, 1043 PasswordInfo* found_password) { 1044 if (!node.isElementNode()) 1045 return false; 1046 1047 blink::WebElement element = node.toConst<blink::WebElement>(); 1048 if (!element.hasHTMLTagName("input")) 1049 return false; 1050 1051 blink::WebInputElement input = element.to<blink::WebInputElement>(); 1052 LoginToPasswordInfoMap::iterator iter = login_to_password_info_.find(input); 1053 if (iter == login_to_password_info_.end()) 1054 return false; 1055 1056 *found_input = input; 1057 *found_password = iter->second; 1058 return true; 1059 } 1060 1061 void PasswordAutofillAgent::ClearPreview( 1062 blink::WebInputElement* username, 1063 blink::WebInputElement* password) { 1064 if (!username->suggestedValue().isEmpty()) { 1065 username->setSuggestedValue(blink::WebString()); 1066 username->setAutofilled(was_username_autofilled_); 1067 username->setSelectionRange(username_selection_start_, 1068 username->value().length()); 1069 } 1070 if (!password->suggestedValue().isEmpty()) { 1071 password->setSuggestedValue(blink::WebString()); 1072 password->setAutofilled(was_password_autofilled_); 1073 } 1074 } 1075 1076 } // namespace autofill 1077