Password managers prompts to save a password when a form was modified and some XHR finished |
||
Issue descriptionChrome Version: 59.0.3033.0 OS: Win7 What steps will reproduce the problem? (1) Open a website which offers a login/registration form with possible form modification and a XHR request (https://passport.yandex.ru/registration/ for example). (2) Enter a username and a password (3) Made the website to perform the form modification in parallel with the XHR request. What is the expected result? No password save prompt should appear. What happens instead? User sees password save prompt. What's the problem? After an XHR is completed, PasswordAutofillAgent tries to check if the form is still visible (i.e. if the user has successfuly logged in or still sees the form) by searching the form with the same action URL. This works until the form has action URL. If it doesn't, the search is performed using field matching. This will fail if the form was modified by the website. Proposed fix - add a form search logic using blink::WebFormElement reference comparison. AutofillAgent does this in it's own logic (see how AutofillAgent::last_interacted_form_ is used https://chromium.googlesource.com/chromium/src.git/+/master/components/autofill/content/renderer/autofill_agent.h#277).
,
Mar 20 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/531d81feacb5306300387558824ee4ce11e98b89 commit 531d81feacb5306300387558824ee4ce11e98b89 Author: sense <sense@yandex-team.ru> Date: Mon Mar 20 10:12:07 2017 Add password form search using blink::WebNode reference comparison. After an XHR is completed, PasswordAutofillAgent tries to check if the form is still visible (i.e. if the user has successfuly logged in or still sees the form) by searching the form with the same action URL. This works until the form has action URL. If it doesn't, the search is performed using field matching. This will fail if the form is modified by the website right before the XHR has completed. This CL adds support for the form search using blink::WebFormElement and blink::WebInputElement (for unowned forms) reference comparison. BUG= 700862 R=dvadym@chromium.org Review-Url: https://codereview.chromium.org/2746033004 Cr-Commit-Position: refs/heads/master@{#458032} [modify] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/chrome/renderer/autofill/password_autofill_agent_browsertest.cc [modify] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/components/autofill/content/renderer/BUILD.gn [modify] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/components/autofill/content/renderer/form_autofill_util.cc [modify] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/components/autofill/content/renderer/form_autofill_util.h [modify] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/components/autofill/content/renderer/password_autofill_agent.cc [modify] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/components/autofill/content/renderer/password_autofill_agent.h [add] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/components/autofill/content/renderer/provisionally_saved_password_form.cc [add] https://crrev.com/531d81feacb5306300387558824ee4ce11e98b89/components/autofill/content/renderer/provisionally_saved_password_form.h
,
Mar 20 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by vabr@chromium.org
, Mar 14 2017