Issue 881731 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	█ gemene@google.com Last visit > 30 days ago
Closed:	Sep 27
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	3
Type:	Bug

Clean credentials with wrong signon_realm.

Project Member Reported by gemene@google.com, Sep 7

Issue description


signon_realm for HTTPS credentials which migrated from HTTP credentials was computed wrong first time by HttpPasswordStoreMigrator and it contained the whole URL path, while it should only contain the web origin. Because the signon realm is used to construct the SQL query that returns the forms that match a specific form, credentials which will be used for filling, the credentials with wrong signon_realm are never filled (because they don’t match).

https://crrev.com/c/1098967 solved this problem for future migrations, but because the wrong migrating code already ran, PasswordStore contains some credentials that were created during the migration to HTTPS and have wrong signon_realm.


signon_realm for HTTPS credentials which migrated from HTTP credentials was computed wrong first time by HttpPasswordStoreMigrator and it contained the whole URL path, while it should only contain the web origin. Because the signon realm is used to construct the SQL query that returns the forms that match a specific form, credentials which will be used for filling, the credentials with wrong signon_realm are never filled (because they don’t match).

https://crrev.com/c/1098967 solved this problem for future migrations, but because the wrong migrating code already ran, PasswordStore contains some credentials that were created during the migration to HTTPS and have wrong signon_realm.


See https://docs.google.com/document/d/139w-K9cuCzFaqANNiEixpGLojZ2Fc6wo_q2PXgk238A/edit?usp=sharing for more details.

Comment 1 by gemene@google.com, Sep 14

Description: Show this description

Comment 2 by gemene@google.com, Sep 14

Owner: gemene@google.com
Status: Assigned (was: Untriaged)

Project Member

Comment 3 by bugdroid1@chromium.org, Sep 25

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/3f678adef674d554dfca1fe60797d9183b81cff6

commit 3f678adef674d554dfca1fe60797d9183b81cff6
Author: Gemene Narcis <gemene@google.com>
Date: Tue Sep 25 15:30:18 2018

Remove HTML credentials that have wrong signon_realm

HttpPasswordStoreMigrator copies/moves HTTP saved credentials to HTTPS.
However, signon_realm was computed wrong first time and it contained
the whole URL path. https://crrev.com/c/1098967 solved this problem,
but because the code already ran, PasswordStore contains some
credentials that were created and have wrong signon_realm.

This CL removes forms with wrong signon_realm, relying on HTTP->HTTPS
migration to recreate them correctly. See
https://docs.google.com/document/d/139w-K9cuCzFaqANNiEixpGLojZ2Fc6wo_q2PXgk238A/edit?usp=sharing
for more details.

Bug:  881731 
Cq-Include-Trybots: luci.chromium.try:ios-simulator-cronet;luci.chromium.try:ios-simulator-full-configs
Change-Id: Id20f5ecee02d6fe6d30b8692df64fb51d42d3275
Reviewed-on: https://chromium-review.googlesource.com/1186323
Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org>
Reviewed-by: Vaclav Brozek <vabr@chromium.org>
Reviewed-by: Ilya Sherman <isherman@chromium.org>
Commit-Queue: Narcis Gemene <gemene@google.com>
Cr-Commit-Position: refs/heads/master@{#593944}
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/chrome/browser/password_manager/password_store_factory.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/BUILD.gn
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/blacklisted_duplicates_cleaner_unittest.cc
[add] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/invalid_realm_credential_cleaner.cc
[add] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/invalid_realm_credential_cleaner.h
[add] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/invalid_realm_credential_cleaner_unittest.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager_util.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager_util.h
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager_util_unittest.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/common/password_manager_pref_names.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/common/password_manager_pref_names.h
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/ios/chrome/browser/passwords/ios_chrome_password_store_factory.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/tools/metrics/histograms/histograms.xml

Comment 4 by gemene@google.com, Sep 27

Status: Fixed (was: Assigned)

►

Issue 881731 link

Issue metadata

Clean credentials with wrong signon_realm.

Issue description

Comment 1 by gemene@google.com, Sep 14

Comment 1 Deleted

Comment 2 by gemene@google.com, Sep 14

Comment 2 Deleted

Comment 3 by bugdroid1@chromium.org, Sep 25

Comment 3 Deleted

Comment 4 by gemene@google.com, Sep 27

Comment 4 Deleted

Sign in to add a comment