New issue
Advanced search Search tips

Issue 630555 link

Starred by 2 users

Issue metadata

Status: Assigned
Owner:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Task



Sign in to add a comment

Treat affiliated websites as PSL-matched for password filling

Project Member Reported by vabr@chromium.org, Jul 22 2016

Issue description

Based on the assumption that two web origins being affiliated (in terms of AffiliationService) is the same level of trust between them as having the same registerable domain, we should allow to fill credentials from one affiliated website on another in the same way we do for PSL matched credentials.

This bug tracks obtaining a security confirmation that the assumption is correct, and implementing the change in behaviour.
 

Comment 1 by jww@chromium.org, Jul 22 2016

As mentioned in the email thread, this approach sounds good to me. However, I would love for the UI to be very explicit about what's going on, even as compared to the PSL matching UI. The extreme version is that the drop-down would say "Chrome sees you have a credential for foo.com, which we know is associated with bar.com. Would you like to use the bar.com credential here?" Obviously, that's way too verbose, but you get the idea :-)

Comment 2 by vabr@chromium.org, Jul 25 2016

Thanks, jww@. I think I need to speak to hwi@ about how to best get that message through.

Comment 3 by vabr@chromium.org, Jul 25 2016

Blockedon: 611751
I started an e-mail conversation with hwi@ about this.

Also, I'm marking this as blocking issue 611751, because once with adding more use-cases for affiliation, we might need to care sooner about exceeding the quota.

Comment 4 by vabr@chromium.org, Jul 26 2016

Blockedon: -611751
Turns out, the web<-->web affiliation is only supported for cases where also an app is involved. That should not cause us to exceed the quota mentioned in #2 soooner.

Comment 5 by hwi@chromium.org, Aug 1 2016

I'll reach out to jww@, vabr@ and other folks once I start exploring design options in August. Thanks!
Owner: vasi...@chromium.org
Status: Assigned (was: Available)

Comment 7 by vabr@chromium.org, May 2 2017

Labels: -tracking_work Type-Task
Project Member

Comment 8 by bugdroid1@chromium.org, Jun 21 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf

commit 3c475eb2fbbcea708e0e7f91e07e7f2112a411cf
Author: vasilii <vasilii@chromium.org>
Date: Wed Jun 21 10:40:10 2017

Reland 2: Move the files related to Android <-> Web credentials to a separate folder.

Previous attempts were https://codereview.chromium.org/2949793002/ and https://codereview.chromium.org/2949573002/

BUG=630555
TBR=engedy@chromium.org,stevenjb@chromium.org,sdefresne@chromium.org

Review-Url: https://codereview.chromium.org/2950063002
Cr-Commit-Position: refs/heads/master@{#481167}

[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/chrome/browser/extensions/api/passwords_private/passwords_private_delegate_impl.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/chrome/browser/ui/passwords/manage_passwords_view_utils.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/chrome/browser/ui/passwords/password_manager_presenter.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/content/browser/credential_manager_impl.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/content/browser/credential_manager_impl_unittest.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/BUILD.gn
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliated_match_helper.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliated_match_helper.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliated_match_helper_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_api.proto
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_backend.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_backend.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_backend_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_database.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_database.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_database_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetch_throttler.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetch_throttler.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetch_throttler_delegate.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetch_throttler_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetcher.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetcher.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetcher_delegate.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_fetcher_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_service.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_service.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_service_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_utils.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_utils.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/affiliation_utils_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/facet_manager.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/facet_manager.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/facet_manager_host.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/facet_manager_unittest.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/fake_affiliation_api.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/fake_affiliation_api.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/fake_affiliation_fetcher.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/fake_affiliation_fetcher.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/mock_affiliated_match_helper.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/mock_affiliated_match_helper.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/mock_affiliation_consumer.cc
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/mock_affiliation_consumer.h
[rename] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/android_affiliation/test_affiliation_fetcher_factory.h
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/credential_manager_pending_request_task.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/login_database.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/password_form_manager.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/password_manager.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/password_store.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/password_store_factory_util.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/password_store_unittest.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/components/password_manager/core/browser/password_ui_utils.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/ios/chrome/browser/passwords/ios_chrome_password_store_factory.cc
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/ios/chrome/browser/ui/settings/password_details_collection_view_controller.mm
[modify] https://crrev.com/3c475eb2fbbcea708e0e7f91e07e7f2112a411cf/ios/chrome/browser/ui/settings/save_passwords_collection_view_controller.mm

Project Member

Comment 9 by bugdroid1@chromium.org, Jul 3 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2befc6f4110c0146686f35638e6e890cc1486d7e

commit 2befc6f4110c0146686f35638e6e890cc1486d7e
Author: vasilii <vasilii@chromium.org>
Date: Mon Jul 03 18:16:44 2017

Introduce a parse for digital asset links.

The spec is https://github.com/google/digitalassetlinks/blob/master/well-known/details.md

BUG=630555

Review-Url: https://codereview.chromium.org/2967503003
Cr-Commit-Position: refs/heads/master@{#484025}

[modify] https://crrev.com/2befc6f4110c0146686f35638e6e890cc1486d7e/components/password_manager/core/browser/BUILD.gn
[add] https://crrev.com/2befc6f4110c0146686f35638e6e890cc1486d7e/components/password_manager/core/browser/site_affiliation/asset_link_data.cc
[add] https://crrev.com/2befc6f4110c0146686f35638e6e890cc1486d7e/components/password_manager/core/browser/site_affiliation/asset_link_data.h
[add] https://crrev.com/2befc6f4110c0146686f35638e6e890cc1486d7e/components/password_manager/core/browser/site_affiliation/asset_link_data_unittest.cc
[modify] https://crrev.com/2befc6f4110c0146686f35638e6e890cc1486d7e/components/password_manager/core/browser/site_affiliation/asset_link_retriever.cc
[modify] https://crrev.com/2befc6f4110c0146686f35638e6e890cc1486d7e/components/password_manager/core/browser/site_affiliation/asset_link_retriever.h
[modify] https://crrev.com/2befc6f4110c0146686f35638e6e890cc1486d7e/components/password_manager/core/browser/site_affiliation/asset_link_retriever_unittest.cc

Sign in to add a comment