Autofill and password autofill on iOS causes errors when trying to fill cross-origin frames |
||
Issue descriptionRepro steps: (0) Save a credential for www.barrysbootcamp.com. (1) Load http://www.barrysbootcamp.com/reserve/index.cfm?action=Account.login in the simulator. (2) Inspect the tab in Safari Developer tools. (3) Attempt to get the username filled. (4) Check the console logs in the Developer tools window. The console shows: "Blocked a frame with origin "http://www.barrysbootcamp.com" from accessing a frame with origin "http://staticxx.facebook.com". The frame being accessed set "document.domain" to "facebook.com", but the frame requesting access did not. Both must set "document.domain" to the same value to allow access." It points to the final part of __gCrWeb.fillPasswordFormWithData of password_controller.js, which does: // Recursively invoke for all frames/iframes. var frames = win.frames; for (var i = 0; i < frames.length; i++) { if (__gCrWeb.fillPasswordFormWithData( formData, username, password, frames[i], opt_normalizedOrigin)) { filled = true; } } The filling does not succeed, and fillPasswordFormWithData returns false. The user-visible result is: autofill not working. When that part of the code is commented out, the same error is triggered by extractFormsAndFormElements_ of autofill_controller_.js.
,
Apr 19 2017
It does not seem fixed.
,
Apr 6 2018
Problem with cross-origin iframes excelption was fixed, now Password Manager tries to fill only same origin iframes by calling getSameOriginIframes https://cs.chromium.org/chromium/src/ios/chrome/browser/passwords/resources/password_controller.js?type=cs&q=var+frames+%3D+getSameOriginFrames_&sq=package:chromium&l=262 I've checked this site, it changed, and now there are no iframes anymore. iOS Chrome fills credentials normally. |
||
►
Sign in to add a comment |
||
Comment 1 by vabr@chromium.org
, Jan 27 2017