[autofill] Add support for PSL domain matching for password autofill.

chrome/browser/password_manager/password_form_manager.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/password_manager/password_form_manager.h"
 
 #include <algorithm>
 
 #include "base/metrics/histogram.h"
 #include "base/string_util.h"
@@ skipping 171 matching lines @@
 
   // Make sure the important fields stay the same as the initially observed or
   // autofilled ones, as they may have changed if the user experienced a login
   // failure.
   // Look for these credentials in the list containing auto-fill entries.
   PasswordFormMap::const_iterator it =
       best_matches_.find(credentials.username_value);
   if (it != best_matches_.end()) {
     // The user signed in with a login we autofilled.
     pending_credentials_ = *it->second;
-    is_new_login_ = false;
+
+    // PSL origin  matches should always be new logins, since we want to store
+    // them so they can automatically be filled in later.
+    is_new_login_ = pending_credentials_.is_psl_origin_match;
 
     // Check to see if we're using a known username but a new password.
     if (pending_credentials_.password_value != credentials.password_value)
       user_action_ = kUserActionOverride;
   } else if (action == ALLOW_OTHER_POSSIBLE_USERNAMES &&
              UpdatePendingCredentialsIfOtherPossibleUsername(
                  credentials.username_value)) {
     // |pending_credentials_| is now set. Note we don't update
     // |pending_credentials_.username_value| to |credentials.username_value|
     // yet because we need to keep the original username to modify the stored
@@ skipping 16 matching lines @@
   if (pending_credentials_.action.is_empty())
     pending_credentials_.action = observed_form_.action;
 
   pending_credentials_.password_value = credentials.password_value;
   pending_credentials_.preferred = credentials.preferred;
 
   if (has_generated_password_)
     pending_credentials_.type = PasswordForm::TYPE_GENERATED;
 }
 
+bool PasswordFormManager::IsPSLOriginMatched() {
+  return pending_credentials_.is_psl_origin_match;

[palmer, 2013/06/06 21:16:42]

Nit: Some people prefer to see these getter functions inlined in the .h file.
(I'm fine either way.)

[nyquist, 2013/06/07 22:51:10]

Done.

+}
+
 void PasswordFormManager::Save() {
   DCHECK_EQ(state_, POST_MATCHING_PHASE);
   DCHECK(!profile_->IsOffTheRecord());
 
   if (IsNewLogin())
     SaveAsNewLogin(true);
   else
     UpdateLogin();
 }
 
@@ skipping 91 matching lines @@
   // Check to see if the user told us to ignore this site in the past.
   if (preferred_match_->blacklisted_by_user) {
     manager_action_ = kManagerActionBlacklisted;
     return;
   }
 
   // If not blacklisted, send a message to allow password generation.
   SendNotBlacklistedToRenderer();
 
   // Proceed to autofill.
-  // Note that we provide the choices but don't actually prefill a value if
-  // either: (1) we are in Incognito mode, or (2) the ACTION paths don't match.
+  // Note that we provide the choices but don't actually prefill a value if:
+  // (1) we are in Incognito mode, (2) the ACTION paths don't match,
+  // or (3) if it matched using PSL domain matching.
   bool wait_for_username =
       profile_->IsOffTheRecord() ||
       observed_form_.action.GetWithEmptyPath() !=
-          preferred_match_->action.GetWithEmptyPath();
+          preferred_match_->action.GetWithEmptyPath() ||
+          preferred_match_->is_psl_origin_match;
   if (wait_for_username)
     manager_action_ = kManagerActionNone;
   else
     manager_action_ = kManagerActionAutofilled;
   password_manager_->Autofill(observed_form_, best_matches_,
                               *preferred_match_, wait_for_username);
 }
 
 void PasswordFormManager::OnPasswordStoreRequestDone(
       CancelableRequestProvider::Handle handle,
@@ skipping 17 matching lines @@
   OnRequestDone(results);
 }
 
 bool PasswordFormManager::IgnoreResult(const PasswordForm& form) const {
   // Ignore change password forms until we have some change password
   // functionality
   if (observed_form_.old_password_element.length() != 0) {
     return true;
   }
   // Don't match an invalid SSL form with one saved under secure
-  // circumstances.
-  if (form.ssl_valid && !observed_form_.ssl_valid) {
+  // circumstances unless it was found as a PSL origin domain match.
+  if (form.ssl_valid &&

[palmer, 2013/06/06 21:16:42]

Hmm, I am not sure I like either the old or the new logic. Shouldn't it be that
if any form has invalid SSL, that we don't do any autofilling?

[nyquist, 2013/06/07 22:51:10]

I've gone back to the old way which never autofills anything where the source is
HTTPS and the destination form is HTTP. Would it be OK to keep it like that?

+      !observed_form_.ssl_valid &&
+      !form.is_psl_origin_match) {
     return true;
   }
   return false;
 }
 
 void PasswordFormManager::SaveAsNewLogin(bool reset_preferred_login) {
   DCHECK_EQ(state_, POST_MATCHING_PHASE);
   DCHECK(IsNewLogin());
   // The new_form is being used to sign in, so it is preferred.
   DCHECK(pending_credentials_.preferred);
@@ skipping 126 matching lines @@
   }
   return false;
 }
 
 int PasswordFormManager::ScoreResult(const PasswordForm& candidate) const {
   DCHECK_EQ(state_, MATCHING_PHASE);
   // For scoring of candidate login data:
   // The most important element that should match is the origin, followed by
   // the action, the password name, the submit button name, and finally the
   // username input field name.
-  // Exact origin match gives an addition of 32 (1 << 5) + # of matching url
+  // Exact origin match gives an addition of 64 (1 << 6) + # of matching url
   // dirs.
-  // Partial match gives an addition of 16 (1 << 4) + # matching url dirs
+  // Partial match gives an addition of 16 (1 << 5) + # matching url dirs

[Ilya Sherman, 2013/06/06 09:25:35]

16 -> 32?

[nyquist, 2013/06/07 22:51:10]

Done.

   // That way, a partial match cannot trump an exact match even if
   // the partial one matches all other attributes (action, elements) (and
   // regardless of the matching depth in the URL path).
+  // If PSL origin match was not used, it gives an addition of 16 (1 << 4).
   int score = 0;
   if (candidate.origin == observed_form_.origin) {
     // This check is here for the most common case which
     // is we have a single match in the db for the given host,
     // so we don't generally need to walk the entire URL path (the else
     // clause).
-    score += (1 << 5) + static_cast<int>(form_path_tokens_.size());
+    score += (1 << 6) + static_cast<int>(form_path_tokens_.size());
   } else {
     // Walk the origin URL paths one directory at a time to see how
     // deep the two match.
     std::vector<std::string> candidate_path_tokens;
     base::SplitString(candidate.origin.path(), '/', &candidate_path_tokens);
     size_t depth = 0;
     size_t max_dirs = std::min(form_path_tokens_.size(),
                                candidate_path_tokens.size());
     while ((depth < max_dirs) && (form_path_tokens_[depth] ==
                                   candidate_path_tokens[depth])) {
       depth++;
       score++;
     }
     // do we have a partial match?
-    score += (depth > 0) ? 1 << 4 : 0;
+    score += (depth > 0) ? 1 << 5 : 0;
   }
   if (observed_form_.scheme == PasswordForm::SCHEME_HTML) {
+    if (!candidate.is_psl_origin_match)
+      score += 1 << 4;
     if (candidate.action == observed_form_.action)
       score += 1 << 3;
     if (candidate.password_element == observed_form_.password_element)
       score += 1 << 2;
     if (candidate.submit_element == observed_form_.submit_element)
       score += 1 << 1;
     if (candidate.username_element == observed_form_.username_element)
       score += 1 << 0;
   }
 
   return score;
 }
 
 void PasswordFormManager::SubmitPassed() {
   submit_result_ = kSubmitResultPassed;
 }
 
 void PasswordFormManager::SubmitFailed() {
   submit_result_ = kSubmitResultFailed;
 }
 
 void PasswordFormManager::SendNotBlacklistedToRenderer() {
   content::RenderViewHost* host = web_contents_->GetRenderViewHost();
   host->Send(new AutofillMsg_FormNotBlacklisted(host->GetRoutingID(),
                                                  observed_form_));
 }