1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "components/autofill/content/renderer/password_autofill_agent.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "base/message_loop/message_loop.h"
10 #include "base/metrics/histogram.h"
11 #include "base/strings/utf_string_conversions.h"
12 #include "components/autofill/content/common/autofill_messages.h"
13 #include "components/autofill/content/renderer/form_autofill_util.h"
14 #include "components/autofill/content/renderer/password_form_conversion_utils.h"
15 #include "components/autofill/core/common/form_field_data.h"
16 #include "components/autofill/core/common/password_autofill_util.h"
17 #include "components/autofill/core/common/password_form.h"
18 #include "components/autofill/core/common/password_form_fill_data.h"
19 #include "content/public/renderer/render_view.h"
20 #include "third_party/WebKit/public/platform/WebVector.h"
21 #include "third_party/WebKit/public/web/WebAutofillClient.h"
22 #include "third_party/WebKit/public/web/WebDocument.h"
23 #include "third_party/WebKit/public/web/WebElement.h"
24 #include "third_party/WebKit/public/web/WebFormElement.h"
25 #include "third_party/WebKit/public/web/WebFrame.h"
26 #include "third_party/WebKit/public/web/WebInputEvent.h"
27 #include "third_party/WebKit/public/web/WebNode.h"
28 #include "third_party/WebKit/public/web/WebNodeList.h"
29 #include "third_party/WebKit/public/web/WebPasswordFormData.h"
30 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
31 #include "third_party/WebKit/public/web/WebUserGestureIndicator.h"
32 #include "third_party/WebKit/public/web/WebView.h"
33 #include "ui/events/keycodes/keyboard_codes.h"
38 // The size above which we stop triggering autocomplete.
39 static const size_t kMaximumTextSizeForAutocomplete = 1000;
41 // Maps element names to the actual elements to simplify form filling.
42 typedef std::map<base::string16, blink::WebInputElement>
45 // Utility struct for form lookup and autofill. When we parse the DOM to look up
46 // a form, in addition to action and origin URL's we have to compare all
47 // necessary form elements. To avoid having to look these up again when we want
48 // to fill the form, the FindFormElements function stores the pointers
49 // in a FormElements* result, referenced to ensure they are safe to use.
51 blink::WebFormElement form_element;
52 FormInputElementMap input_elements;
55 typedef std::vector<FormElements*> FormElementsList;
57 // Helper to search the given form element for the specified input elements
58 // in |data|, and add results to |result|.
59 static bool FindFormInputElements(blink::WebFormElement* fe,
61 FormElements* result) {
62 // Loop through the list of elements we need to find on the form in order to
63 // autofill it. If we don't find any one of them, abort processing this
64 // form; it can't be the right one.
65 for (size_t j = 0; j < data.fields.size(); j++) {
66 blink::WebVector<blink::WebNode> temp_elements;
67 fe->getNamedElements(data.fields[j].name, temp_elements);
69 // Match the first input element, if any.
70 // |getNamedElements| may return non-input elements where the names match,
71 // so the results are filtered for input elements.
72 // If more than one match is made, then we have ambiguity (due to misuse
73 // of "name" attribute) so is it considered not found.
74 bool found_input = false;
75 for (size_t i = 0; i < temp_elements.size(); ++i) {
76 if (temp_elements[i].to<blink::WebElement>().hasTagName("input")) {
77 // Check for a non-unique match.
83 // Only fill saved passwords into password fields and usernames into
85 blink::WebInputElement input_element =
86 temp_elements[i].to<blink::WebInputElement>();
87 if (input_element.isPasswordField() !=
88 (data.fields[j].form_control_type == "password"))
91 // This element matched, add it to our temporary result. It's possible
92 // there are multiple matches, but for purposes of identifying the form
93 // one suffices and if some function needs to deal with multiple
94 // matching elements it can get at them through the FormElement*.
95 // Note: This assignment adds a reference to the InputElement.
96 result->input_elements[data.fields[j].name] = input_element;
101 // A required element was not found. This is not the right form.
102 // Make sure no input elements from a partially matched form in this
103 // iteration remain in the result set.
104 // Note: clear will remove a reference from each InputElement.
106 result->input_elements.clear();
113 // Helper to locate form elements identified by |data|.
114 void FindFormElements(blink::WebView* view,
115 const FormData& data,
116 FormElementsList* results) {
119 blink::WebFrame* main_frame = view->mainFrame();
123 GURL::Replacements rep;
127 // Loop through each frame.
128 for (blink::WebFrame* f = main_frame; f; f = f->traverseNext(false)) {
129 blink::WebDocument doc = f->document();
130 if (!doc.isHTMLDocument())
133 GURL full_origin(doc.url());
134 if (data.origin != full_origin.ReplaceComponents(rep))
137 blink::WebVector<blink::WebFormElement> forms;
140 for (size_t i = 0; i < forms.size(); ++i) {
141 blink::WebFormElement fe = forms[i];
143 GURL full_action(f->document().completeURL(fe.action()));
144 if (full_action.is_empty()) {
145 // The default action URL is the form's origin.
146 full_action = full_origin;
149 // Action URL must match.
150 if (data.action != full_action.ReplaceComponents(rep))
153 scoped_ptr<FormElements> curr_elements(new FormElements);
154 if (!FindFormInputElements(&fe, data, curr_elements.get()))
157 // We found the right element.
158 // Note: this assignment adds a reference to |fe|.
159 curr_elements->form_element = fe;
160 results->push_back(curr_elements.release());
165 bool IsElementEditable(const blink::WebInputElement& element) {
166 return element.isEnabled() && !element.isReadOnly();
169 void SetElementAutofilled(blink::WebInputElement* element, bool autofilled) {
170 if (element->isAutofilled() == autofilled)
172 element->setAutofilled(autofilled);
173 // Notify any changeEvent listeners.
174 element->dispatchFormControlChangeEvent();
177 bool DoUsernamesMatch(const base::string16& username1,
178 const base::string16& username2,
181 return username1 == username2;
182 return StartsWith(username1, username2, true);
185 // Returns |true| if the given element is both editable and has permission to be
186 // autocompleted. The latter can be either because there is no
187 // autocomplete='off' set for the element, or because the flag is set to ignore
188 // autocomplete='off'. Otherwise, returns |false|.
189 bool IsElementAutocompletable(const blink::WebInputElement& element) {
190 return IsElementEditable(element) &&
191 (ShouldIgnoreAutocompleteOffForPasswordFields() ||
192 element.autoComplete());
195 // Returns true if the password specified in |form| is a default value.
196 bool PasswordValueIsDefault(const PasswordForm& form,
197 blink::WebFormElement form_element) {
198 blink::WebVector<blink::WebNode> temp_elements;
199 form_element.getNamedElements(form.password_element, temp_elements);
201 // We are loose in our definition here and will return true if any of the
202 // appropriately named elements match the element to be saved. Currently
203 // we ignore filling passwords where naming is ambigious anyway.
204 for (size_t i = 0; i < temp_elements.size(); ++i) {
205 if (temp_elements[i].to<blink::WebElement>().getAttribute("value") ==
214 ////////////////////////////////////////////////////////////////////////////////
215 // PasswordAutofillAgent, public:
217 PasswordAutofillAgent::PasswordAutofillAgent(content::RenderView* render_view)
218 : content::RenderViewObserver(render_view),
219 usernames_usage_(NOTHING_TO_AUTOFILL),
220 web_view_(render_view->GetWebView()),
221 weak_ptr_factory_(this) {
224 PasswordAutofillAgent::~PasswordAutofillAgent() {}
226 PasswordAutofillAgent::PasswordValueGatekeeper::PasswordValueGatekeeper()
227 : was_user_gesture_seen_(false) {}
229 PasswordAutofillAgent::PasswordValueGatekeeper::~PasswordValueGatekeeper() {}
231 void PasswordAutofillAgent::PasswordValueGatekeeper::RegisterElement(
232 blink::WebInputElement* element) {
233 if (was_user_gesture_seen_)
236 elements_.push_back(*element);
239 void PasswordAutofillAgent::PasswordValueGatekeeper::OnUserGesture() {
240 was_user_gesture_seen_ = true;
242 for (std::vector<blink::WebInputElement>::iterator it = elements_.begin();
243 it != elements_.end();
251 void PasswordAutofillAgent::PasswordValueGatekeeper::Reset() {
252 was_user_gesture_seen_ = false;
256 void PasswordAutofillAgent::PasswordValueGatekeeper::ShowValue(
257 blink::WebInputElement* element) {
258 if (!element->isNull() && !element->suggestedValue().isNull())
259 element->setValue(element->suggestedValue(), true);
262 bool PasswordAutofillAgent::TextFieldDidEndEditing(
263 const blink::WebInputElement& element) {
264 LoginToPasswordInfoMap::const_iterator iter =
265 login_to_password_info_.find(element);
266 if (iter == login_to_password_info_.end())
269 const PasswordFormFillData& fill_data =
270 iter->second.fill_data;
272 // If wait_for_username is false, we should have filled when the text changed.
273 if (!fill_data.wait_for_username)
276 blink::WebInputElement password = iter->second.password_field;
277 if (!IsElementEditable(password))
280 blink::WebInputElement username = element; // We need a non-const.
282 // Do not set selection when ending an editing session, otherwise it can
284 FillUserNameAndPassword(&username, &password, fill_data,
285 true /* exact_username_match */,
286 false /* set_selection */);
290 bool PasswordAutofillAgent::TextDidChangeInTextField(
291 const blink::WebInputElement& element) {
292 LoginToPasswordInfoMap::const_iterator iter =
293 login_to_password_info_.find(element);
294 if (iter == login_to_password_info_.end())
297 // The input text is being changed, so any autofilled password is now
299 blink::WebInputElement username = element; // We need a non-const.
300 blink::WebInputElement password = iter->second.password_field;
301 SetElementAutofilled(&username, false);
302 if (password.isAutofilled()) {
303 password.setValue(base::string16());
304 SetElementAutofilled(&password, false);
307 // If wait_for_username is true we will fill when the username loses focus.
308 if (iter->second.fill_data.wait_for_username)
311 if (!element.isText() || !IsElementAutocompletable(element) ||
312 !IsElementAutocompletable(password)) {
316 // Don't inline autocomplete if the user is deleting, that would be confusing.
317 // But refresh the popup. Note, since this is ours, return true to signal
318 // no further processing is required.
319 if (iter->second.backspace_pressed_last) {
320 ShowSuggestionPopup(iter->second.fill_data, username);
324 blink::WebString name = element.nameForAutofill();
326 return false; // If the field has no name, then we won't have values.
328 // Don't attempt to autofill with values that are too large.
329 if (element.value().length() > kMaximumTextSizeForAutocomplete)
332 // The caret position should have already been updated.
333 PerformInlineAutocomplete(element, password, iter->second.fill_data);
337 bool PasswordAutofillAgent::TextFieldHandlingKeyDown(
338 const blink::WebInputElement& element,
339 const blink::WebKeyboardEvent& event) {
340 // If using the new Autofill UI that lives in the browser, it will handle
341 // keypresses before this function. This is not currently an issue but if
342 // the keys handled there or here change, this issue may appear.
344 LoginToPasswordInfoMap::iterator iter = login_to_password_info_.find(element);
345 if (iter == login_to_password_info_.end())
348 int win_key_code = event.windowsKeyCode;
349 iter->second.backspace_pressed_last =
350 (win_key_code == ui::VKEY_BACK || win_key_code == ui::VKEY_DELETE);
354 bool PasswordAutofillAgent::DidAcceptAutofillSuggestion(
355 const blink::WebNode& node,
356 const blink::WebString& username) {
357 blink::WebInputElement input;
358 PasswordInfo password;
359 if (!FindLoginInfo(node, &input, &password))
362 // Set the incoming |username| in the text field and |FillUserNameAndPassword|
364 input.setValue(username, true);
365 return FillUserNameAndPassword(&input, &password.password_field,
367 true /* exact_username_match */,
368 true /* set_selection */);
371 bool PasswordAutofillAgent::DidClearAutofillSelection(
372 const blink::WebNode& node) {
373 blink::WebInputElement input;
374 PasswordInfo password;
375 return FindLoginInfo(node, &input, &password);
378 bool PasswordAutofillAgent::ShowSuggestions(
379 const blink::WebInputElement& element) {
380 LoginToPasswordInfoMap::const_iterator iter =
381 login_to_password_info_.find(element);
382 if (iter == login_to_password_info_.end())
385 // If autocomplete='off' is set on the form elements, no suggestion dialog
386 // should be shown. However, return |true| to indicate that this is a known
387 // password form and that the request to show suggestions has been handled (as
389 if (!IsElementAutocompletable(element) ||
390 !IsElementAutocompletable(iter->second.password_field))
393 return ShowSuggestionPopup(iter->second.fill_data, element);
396 bool PasswordAutofillAgent::OriginCanAccessPasswordManager(
397 const blink::WebSecurityOrigin& origin) {
398 return origin.canAccessPasswordManager();
401 void PasswordAutofillAgent::OnDynamicFormsSeen(blink::WebFrame* frame) {
402 SendPasswordForms(frame, false /* only_visible */);
405 void PasswordAutofillAgent::SendPasswordForms(blink::WebFrame* frame,
407 // Make sure that this security origin is allowed to use password manager.
408 blink::WebSecurityOrigin origin = frame->document().securityOrigin();
409 if (!OriginCanAccessPasswordManager(origin))
412 // Checks whether the webpage is a redirect page or an empty page.
413 if (IsWebpageEmpty(frame))
416 blink::WebVector<blink::WebFormElement> forms;
417 frame->document().forms(forms);
419 std::vector<PasswordForm> password_forms;
420 for (size_t i = 0; i < forms.size(); ++i) {
421 const blink::WebFormElement& form = forms[i];
423 // If requested, ignore non-rendered forms, e.g. those styled with
425 if (only_visible && !IsWebNodeVisible(form))
428 scoped_ptr<PasswordForm> password_form(CreatePasswordForm(form));
429 if (password_form.get())
430 password_forms.push_back(*password_form);
433 if (password_forms.empty() && !only_visible) {
434 // We need to send the PasswordFormsRendered message regardless of whether
435 // there are any forms visible, as this is also the code path that triggers
436 // showing the infobar.
441 Send(new AutofillHostMsg_PasswordFormsRendered(routing_id(),
444 Send(new AutofillHostMsg_PasswordFormsParsed(routing_id(), password_forms));
448 bool PasswordAutofillAgent::OnMessageReceived(const IPC::Message& message) {
450 IPC_BEGIN_MESSAGE_MAP(PasswordAutofillAgent, message)
451 IPC_MESSAGE_HANDLER(AutofillMsg_FillPasswordForm, OnFillPasswordForm)
452 IPC_MESSAGE_UNHANDLED(handled = false)
453 IPC_END_MESSAGE_MAP()
457 void PasswordAutofillAgent::DidStartLoading() {
458 if (usernames_usage_ != NOTHING_TO_AUTOFILL) {
459 UMA_HISTOGRAM_ENUMERATION("PasswordManager.OtherPossibleUsernamesUsage",
460 usernames_usage_, OTHER_POSSIBLE_USERNAMES_MAX);
461 usernames_usage_ = NOTHING_TO_AUTOFILL;
465 void PasswordAutofillAgent::DidFinishDocumentLoad(blink::WebFrame* frame) {
466 // The |frame| contents have been parsed, but not yet rendered. Let the
467 // PasswordManager know that forms are loaded, even though we can't yet tell
468 // whether they're visible.
469 SendPasswordForms(frame, false);
472 void PasswordAutofillAgent::DidFinishLoad(blink::WebFrame* frame) {
473 // The |frame| contents have been rendered. Let the PasswordManager know
474 // which of the loaded frames are actually visible to the user. This also
475 // triggers the "Save password?" infobar if the user just submitted a password
477 SendPasswordForms(frame, true);
480 void PasswordAutofillAgent::FrameDetached(blink::WebFrame* frame) {
484 void PasswordAutofillAgent::FrameWillClose(blink::WebFrame* frame) {
488 void PasswordAutofillAgent::WillSendSubmitEvent(
489 blink::WebFrame* frame,
490 const blink::WebFormElement& form) {
491 // Some login forms have onSubmit handlers that put a hash of the password
492 // into a hidden field and then clear the password (http://crbug.com/28910).
493 // This method gets called before any of those handlers run, so save away
494 // a copy of the password in case it gets lost.
495 scoped_ptr<PasswordForm> password_form(CreatePasswordForm(form));
497 provisionally_saved_forms_[frame].reset(password_form.release());
500 void PasswordAutofillAgent::WillSubmitForm(blink::WebFrame* frame,
501 const blink::WebFormElement& form) {
502 scoped_ptr<PasswordForm> submitted_form = CreatePasswordForm(form);
504 // If there is a provisionally saved password, copy over the previous
505 // password value so we get the user's typed password, not the value that
506 // may have been transformed for submit.
507 // TODO(gcasto): Do we need to have this action equality check? Is it trying
508 // to prevent accidentally copying over passwords from a different form?
509 if (submitted_form) {
510 if (provisionally_saved_forms_[frame].get() &&
511 submitted_form->action == provisionally_saved_forms_[frame]->action) {
512 submitted_form->password_value =
513 provisionally_saved_forms_[frame]->password_value;
516 // Some observers depend on sending this information now instead of when
517 // the frame starts loading. If there are redirects that cause a new
518 // RenderView to be instantiated (such as redirects to the WebStore)
519 // we will never get to finish the load.
520 Send(new AutofillHostMsg_PasswordFormSubmitted(routing_id(),
522 // Remove reference since we have already submitted this form.
523 provisionally_saved_forms_.erase(frame);
527 void PasswordAutofillAgent::WillProcessUserGesture() {
528 gatekeeper_.OnUserGesture();
531 blink::WebFrame* PasswordAutofillAgent::CurrentOrChildFrameWithSavedForms(
532 const blink::WebFrame* current_frame) {
533 for (FrameToPasswordFormMap::const_iterator it =
534 provisionally_saved_forms_.begin();
535 it != provisionally_saved_forms_.end();
537 blink::WebFrame* form_frame = it->first;
538 // The check that the returned frame is related to |current_frame| is mainly
539 // for double-checking. There should not be any unrelated frames in
540 // |provisionally_saved_forms_|, because the map is cleared after
541 // navigation. If there are reasons to remove this check in the future and
542 // keep just the first frame found, it might be a good idea to add a UMA
543 // statistic or a similar check on how many frames are here to choose from.
544 if (current_frame == form_frame ||
545 current_frame->findChildByName(form_frame->assignedName())) {
552 void PasswordAutofillAgent::DidStartProvisionalLoad(blink::WebFrame* frame) {
553 if (!frame->parent()) {
554 // If the navigation is not triggered by a user gesture, e.g. by some ajax
555 // callback, then inherit the submitted password form from the previous
556 // state. This fixes the no password save issue for ajax login, tracked in
557 // [http://crbug/43219]. Note that this still fails for sites that use
558 // synchonous XHR as isProcessingUserGesture() will return true.
559 blink::WebFrame* form_frame = CurrentOrChildFrameWithSavedForms(frame);
560 if (!blink::WebUserGestureIndicator::isProcessingUserGesture()) {
561 // If onsubmit has been called, try and save that form.
562 if (provisionally_saved_forms_[form_frame].get()) {
563 Send(new AutofillHostMsg_PasswordFormSubmitted(
565 *provisionally_saved_forms_[form_frame]));
566 provisionally_saved_forms_.erase(form_frame);
568 // Loop through the forms on the page looking for one that has been
569 // filled out. If one exists, try and save the credentials.
570 blink::WebVector<blink::WebFormElement> forms;
571 frame->document().forms(forms);
573 for (size_t i = 0; i < forms.size(); ++i) {
574 blink::WebFormElement form_element= forms[i];
575 scoped_ptr<PasswordForm> password_form(
576 CreatePasswordForm(form_element));
577 if (password_form.get() &&
578 !password_form->username_value.empty() &&
579 !password_form->password_value.empty() &&
580 !PasswordValueIsDefault(*password_form, form_element)) {
581 Send(new AutofillHostMsg_PasswordFormSubmitted(
582 routing_id(), *password_form));
587 // Clear the whole map during main frame navigation.
588 provisionally_saved_forms_.clear();
590 // This is a new navigation, so require a new user gesture before filling in
596 void PasswordAutofillAgent::OnFillPasswordForm(
597 const PasswordFormFillData& form_data) {
598 if (usernames_usage_ == NOTHING_TO_AUTOFILL) {
599 if (form_data.other_possible_usernames.size())
600 usernames_usage_ = OTHER_POSSIBLE_USERNAMES_PRESENT;
601 else if (usernames_usage_ == NOTHING_TO_AUTOFILL)
602 usernames_usage_ = OTHER_POSSIBLE_USERNAMES_ABSENT;
605 FormElementsList forms;
606 // We own the FormElements* in forms.
607 FindFormElements(render_view()->GetWebView(), form_data.basic_data, &forms);
608 FormElementsList::iterator iter;
609 for (iter = forms.begin(); iter != forms.end(); ++iter) {
610 scoped_ptr<FormElements> form_elements(*iter);
612 // Attach autocomplete listener to enable selecting alternate logins.
613 // First, get pointers to username element.
614 blink::WebInputElement username_element =
615 form_elements->input_elements[form_data.basic_data.fields[0].name];
617 // Get pointer to password element. (We currently only support single
619 blink::WebInputElement password_element =
620 form_elements->input_elements[form_data.basic_data.fields[1].name];
622 // If wait_for_username is true, we don't want to initially fill the form
623 // until the user types in a valid username.
624 if (!form_data.wait_for_username)
625 FillFormOnPasswordRecieved(form_data, username_element, password_element);
627 // We might have already filled this form if there are two <form> elements
628 // with identical markup.
629 if (login_to_password_info_.find(username_element) !=
630 login_to_password_info_.end())
633 PasswordInfo password_info;
634 password_info.fill_data = form_data;
635 password_info.password_field = password_element;
636 login_to_password_info_[username_element] = password_info;
640 FindFormAndFieldForFormControlElement(
641 username_element, &form, &field, REQUIRE_NONE);
642 Send(new AutofillHostMsg_AddPasswordFormMapping(
649 ////////////////////////////////////////////////////////////////////////////////
650 // PasswordAutofillAgent, private:
652 void PasswordAutofillAgent::GetSuggestions(
653 const PasswordFormFillData& fill_data,
654 const base::string16& input,
655 std::vector<base::string16>* suggestions,
656 std::vector<base::string16>* realms) {
657 if (StartsWith(fill_data.basic_data.fields[0].value, input, false)) {
658 suggestions->push_back(fill_data.basic_data.fields[0].value);
659 realms->push_back(base::UTF8ToUTF16(fill_data.preferred_realm));
662 for (PasswordFormFillData::LoginCollection::const_iterator iter =
663 fill_data.additional_logins.begin();
664 iter != fill_data.additional_logins.end(); ++iter) {
665 if (StartsWith(iter->first, input, false)) {
666 suggestions->push_back(iter->first);
667 realms->push_back(base::UTF8ToUTF16(iter->second.realm));
671 for (PasswordFormFillData::UsernamesCollection::const_iterator iter =
672 fill_data.other_possible_usernames.begin();
673 iter != fill_data.other_possible_usernames.end(); ++iter) {
674 for (size_t i = 0; i < iter->second.size(); ++i) {
675 if (StartsWith(iter->second[i], input, false)) {
676 usernames_usage_ = OTHER_POSSIBLE_USERNAME_SHOWN;
677 suggestions->push_back(iter->second[i]);
678 realms->push_back(base::UTF8ToUTF16(iter->first.realm));
684 bool PasswordAutofillAgent::ShowSuggestionPopup(
685 const PasswordFormFillData& fill_data,
686 const blink::WebInputElement& user_input) {
687 blink::WebFrame* frame = user_input.document().frame();
691 blink::WebView* webview = frame->view();
695 std::vector<base::string16> suggestions;
696 std::vector<base::string16> realms;
697 GetSuggestions(fill_data, user_input.value(), &suggestions, &realms);
698 DCHECK_EQ(suggestions.size(), realms.size());
702 FindFormAndFieldForFormControlElement(
703 user_input, &form, &field, REQUIRE_NONE);
705 blink::WebInputElement selected_element = user_input;
706 gfx::Rect bounding_box(selected_element.boundsInViewportSpace());
708 float scale = web_view_->pageScaleFactor();
709 gfx::RectF bounding_box_scaled(bounding_box.x() * scale,
710 bounding_box.y() * scale,
711 bounding_box.width() * scale,
712 bounding_box.height() * scale);
713 Send(new AutofillHostMsg_ShowPasswordSuggestions(routing_id(),
718 return !suggestions.empty();
721 void PasswordAutofillAgent::FillFormOnPasswordRecieved(
722 const PasswordFormFillData& fill_data,
723 blink::WebInputElement username_element,
724 blink::WebInputElement password_element) {
725 // Do not fill if the password field is in an iframe.
726 DCHECK(password_element.document().frame());
727 if (password_element.document().frame()->parent())
730 if (!ShouldIgnoreAutocompleteOffForPasswordFields() &&
731 !username_element.form().autoComplete())
734 // If we can't modify the password, don't try to set the username
735 if (!IsElementAutocompletable(password_element))
738 // Try to set the username to the preferred name, but only if the field
739 // can be set and isn't prefilled.
740 if (IsElementAutocompletable(username_element) &&
741 username_element.value().isEmpty()) {
742 // TODO(tkent): Check maxlength and pattern.
743 username_element.setValue(fill_data.basic_data.fields[0].value, true);
746 // Fill if we have an exact match for the username. Note that this sets
747 // username to autofilled.
748 FillUserNameAndPassword(&username_element, &password_element, fill_data,
749 true /* exact_username_match */,
750 false /* set_selection */);
753 bool PasswordAutofillAgent::FillUserNameAndPassword(
754 blink::WebInputElement* username_element,
755 blink::WebInputElement* password_element,
756 const PasswordFormFillData& fill_data,
757 bool exact_username_match,
758 bool set_selection) {
759 base::string16 current_username = username_element->value();
760 // username and password will contain the match found if any.
761 base::string16 username;
762 base::string16 password;
764 // Look for any suitable matches to current field text.
765 if (DoUsernamesMatch(fill_data.basic_data.fields[0].value, current_username,
766 exact_username_match)) {
767 username = fill_data.basic_data.fields[0].value;
768 password = fill_data.basic_data.fields[1].value;
770 // Scan additional logins for a match.
771 PasswordFormFillData::LoginCollection::const_iterator iter;
772 for (iter = fill_data.additional_logins.begin();
773 iter != fill_data.additional_logins.end(); ++iter) {
774 if (DoUsernamesMatch(iter->first, current_username,
775 exact_username_match)) {
776 username = iter->first;
777 password = iter->second.password;
782 // Check possible usernames.
783 if (username.empty() && password.empty()) {
784 for (PasswordFormFillData::UsernamesCollection::const_iterator iter =
785 fill_data.other_possible_usernames.begin();
786 iter != fill_data.other_possible_usernames.end(); ++iter) {
787 for (size_t i = 0; i < iter->second.size(); ++i) {
788 if (DoUsernamesMatch(iter->second[i], current_username,
789 exact_username_match)) {
790 usernames_usage_ = OTHER_POSSIBLE_USERNAME_SELECTED;
791 username = iter->second[i];
792 password = iter->first.password;
796 if (!username.empty() && !password.empty())
801 if (password.empty())
802 return false; // No match was found.
804 // TODO(tkent): Check maxlength and pattern for both username and password
807 // Don't fill username if password can't be set.
808 if (!IsElementAutocompletable(*password_element)) {
812 // Input matches the username, fill in required values.
813 if (IsElementAutocompletable(*username_element)) {
814 username_element->setValue(username, true);
815 SetElementAutofilled(username_element, true);
818 username_element->setSelectionRange(current_username.length(),
821 } else if (current_username != username) {
822 // If the username can't be filled and it doesn't match a saved password
823 // as is, don't autofill a password.
827 // TODO(vabr): The "gatekeeper" feature is currently disabled on mobile.
828 // http://crbug.com/345510#c13
829 #if !defined(OS_ANDROID) && !defined(OS_IOS)
830 // Wait to fill in the password until a user gesture occurs. This is to make
831 // sure that we do not fill in the DOM with a password until we believe the
832 // user is intentionally interacting with the page.
833 password_element->setSuggestedValue(password);
834 gatekeeper_.RegisterElement(password_element);
836 password_element->setValue(password);
839 // Note: Don't call SetElementAutofilled() here, as that dispatches an
840 // onChange event in JavaScript, which is not appropriate for the password
841 // element if a user gesture has not yet occured.
842 password_element->setAutofilled(true);
846 void PasswordAutofillAgent::PerformInlineAutocomplete(
847 const blink::WebInputElement& username_input,
848 const blink::WebInputElement& password_input,
849 const PasswordFormFillData& fill_data) {
850 DCHECK(!fill_data.wait_for_username);
852 // We need non-const versions of the username and password inputs.
853 blink::WebInputElement username = username_input;
854 blink::WebInputElement password = password_input;
856 // Don't inline autocomplete if the caret is not at the end.
857 // TODO(jcivelli): is there a better way to test the caret location?
858 if (username.selectionStart() != username.selectionEnd() ||
859 username.selectionEnd() != static_cast<int>(username.value().length())) {
863 // Show the popup with the list of available usernames.
864 ShowSuggestionPopup(fill_data, username);
867 #if !defined(OS_ANDROID)
868 // Fill the user and password field with the most relevant match. Android
869 // only fills in the fields after the user clicks on the suggestion popup.
870 FillUserNameAndPassword(&username, &password, fill_data,
871 false /* exact_username_match */,
872 true /* set_selection */);
876 void PasswordAutofillAgent::FrameClosing(const blink::WebFrame* frame) {
877 for (LoginToPasswordInfoMap::iterator iter = login_to_password_info_.begin();
878 iter != login_to_password_info_.end();) {
879 if (iter->first.document().frame() == frame)
880 login_to_password_info_.erase(iter++);
884 for (FrameToPasswordFormMap::iterator iter =
885 provisionally_saved_forms_.begin();
886 iter != provisionally_saved_forms_.end();) {
887 if (iter->first == frame)
888 provisionally_saved_forms_.erase(iter++);
894 bool PasswordAutofillAgent::FindLoginInfo(const blink::WebNode& node,
895 blink::WebInputElement* found_input,
896 PasswordInfo* found_password) {
897 if (!node.isElementNode())
900 blink::WebElement element = node.toConst<blink::WebElement>();
901 if (!element.hasTagName("input"))
904 blink::WebInputElement input = element.to<blink::WebInputElement>();
905 LoginToPasswordInfoMap::iterator iter = login_to_password_info_.find(input);
906 if (iter == login_to_password_info_.end())
909 *found_input = input;
910 *found_password = iter->second;
914 } // namespace autofill