New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 881731 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Last visit > 30 days ago
Closed: Sep 27
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Clean credentials with wrong signon_realm.

Project Member Reported by gemene@google.com, Sep 7

Issue description


signon_realm for HTTPS credentials which migrated from HTTP credentials was computed wrong first time by HttpPasswordStoreMigrator and it contained the whole URL path, while it should only contain the web origin. Because the signon realm is used to construct the SQL query that returns the forms that match a specific form, credentials which will be used for filling, the credentials with wrong signon_realm are never filled (because they don’t match).

https://crrev.com/c/1098967 solved this problem for future migrations, but because the wrong migrating code already ran, PasswordStore contains some credentials that were created during the migration to HTTPS and have wrong signon_realm.


See https://docs.google.com/document/d/139w-K9cuCzFaqANNiEixpGLojZ2Fc6wo_q2PXgk238A/edit?usp=sharing for more details.


 
Description: Show this description
Owner: gemene@google.com
Status: Assigned (was: Untriaged)
Project Member

Comment 3 by bugdroid1@chromium.org, Sep 25

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/3f678adef674d554dfca1fe60797d9183b81cff6

commit 3f678adef674d554dfca1fe60797d9183b81cff6
Author: Gemene Narcis <gemene@google.com>
Date: Tue Sep 25 15:30:18 2018

Remove HTML credentials that have wrong signon_realm

HttpPasswordStoreMigrator copies/moves HTTP saved credentials to HTTPS.
However, signon_realm was computed wrong first time and it contained
the whole URL path. https://crrev.com/c/1098967 solved this problem,
but because the code already ran, PasswordStore contains some
credentials that were created and have wrong signon_realm.

This CL removes forms with wrong signon_realm, relying on HTTP->HTTPS
migration to recreate them correctly. See
https://docs.google.com/document/d/139w-K9cuCzFaqANNiEixpGLojZ2Fc6wo_q2PXgk238A/edit?usp=sharing
for more details.

Bug:  881731 
Cq-Include-Trybots: luci.chromium.try:ios-simulator-cronet;luci.chromium.try:ios-simulator-full-configs
Change-Id: Id20f5ecee02d6fe6d30b8692df64fb51d42d3275
Reviewed-on: https://chromium-review.googlesource.com/1186323
Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org>
Reviewed-by: Vaclav Brozek <vabr@chromium.org>
Reviewed-by: Ilya Sherman <isherman@chromium.org>
Commit-Queue: Narcis Gemene <gemene@google.com>
Cr-Commit-Position: refs/heads/master@{#593944}
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/chrome/browser/password_manager/password_store_factory.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/BUILD.gn
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/blacklisted_duplicates_cleaner_unittest.cc
[add] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/invalid_realm_credential_cleaner.cc
[add] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/invalid_realm_credential_cleaner.h
[add] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/invalid_realm_credential_cleaner_unittest.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager_util.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager_util.h
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/browser/password_manager_util_unittest.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/common/password_manager_pref_names.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/components/password_manager/core/common/password_manager_pref_names.h
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/ios/chrome/browser/passwords/ios_chrome_password_store_factory.cc
[modify] https://crrev.com/3f678adef674d554dfca1fe60797d9183b81cff6/tools/metrics/histograms/histograms.xml

Status: Fixed (was: Assigned)

Sign in to add a comment