| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CONTENT_PUBLIC_COMMON_PASSWORD_FORM_H__ | |
| 6 #define CONTENT_PUBLIC_COMMON_PASSWORD_FORM_H__ | |
| 7 | |
| 8 #include <map> | |
| 9 #include <string> | |
| 10 #include <vector> | |
| 11 | |
| 12 #include "base/time/time.h" | |
| 13 #include "content/common/content_export.h" | |
| 14 #include "url/gurl.h" | |
| 15 | |
| 16 namespace content { | |
| 17 | |
| 18 // The PasswordForm struct encapsulates information about a login form, | |
| 19 // which can be an HTML form or a dialog with username/password text fields. | |
| 20 // | |
| 21 // The Web Data database stores saved username/passwords and associated form | |
| 22 // metdata using a PasswordForm struct, typically one that was created from | |
| 23 // a parsed HTMLFormElement or LoginDialog, but the saved entries could have | |
| 24 // also been created by imported data from another browser. | |
| 25 // | |
| 26 // The PasswordManager implements a fuzzy-matching algorithm to compare saved | |
| 27 // PasswordForm entries against PasswordForms that were created from a parsed | |
| 28 // HTML or dialog form. As one might expect, the more data contained in one | |
| 29 // of the saved PasswordForms, the better the job the PasswordManager can do | |
| 30 // in matching it against the actual form it was saved on, and autofill | |
| 31 // accurately. But it is not always possible, especially when importing from | |
| 32 // other browsers with different data models, to copy over all the information | |
| 33 // about a particular "saved password entry" to our PasswordForm | |
| 34 // representation. | |
| 35 // | |
| 36 // The field descriptions in the struct specification below are intended to | |
| 37 // describe which fields are not strictly required when adding a saved password | |
| 38 // entry to the database and how they can affect the matching process. | |
| 39 | |
| 40 struct CONTENT_EXPORT PasswordForm { | |
| 41 // Enum to differentiate between HTML form based authentication, and dialogs | |
| 42 // using basic or digest schemes. Default is SCHEME_HTML. Only PasswordForms | |
| 43 // of the same Scheme will be matched/autofilled against each other. | |
| 44 enum Scheme { | |
| 45 SCHEME_HTML, | |
| 46 SCHEME_BASIC, | |
| 47 SCHEME_DIGEST, | |
| 48 SCHEME_OTHER | |
| 49 } scheme; | |
| 50 | |
| 51 // The "Realm" for the sign-on (scheme, host, port for SCHEME_HTML, and | |
| 52 // contains the HTTP realm for dialog-based forms). | |
| 53 // The signon_realm is effectively the primary key used for retrieving | |
| 54 // data from the database, so it must not be empty. | |
| 55 std::string signon_realm; | |
| 56 | |
| 57 // The original "Realm" for the sign-on (scheme, host, port for SCHEME_HTML, | |
| 58 // and contains the HTTP realm for dialog-based forms). This realm is only set | |
| 59 // when two PasswordForms are matched when trying to find a login/pass pair | |
| 60 // for a site. It is only set to a non-empty value during a match of the | |
| 61 // original stored login/pass and the current observed form if all these | |
| 62 // statements are true: | |
| 63 // 1) The full signon_realm is not the same. | |
| 64 // 2) The registry controlled domain is the same. For example; example.com, | |
| 65 // m.example.com, foo.login.example.com and www.example.com would all resolve | |
| 66 // to example.com since .com is the public suffix. | |
| 67 // 3) The scheme is the same. | |
| 68 // 4) The port is the same. | |
| 69 // For example, if there exists a stored password for http://www.example.com | |
| 70 // (where .com is the public suffix) and the observed form is | |
| 71 // http://m.example.com, |original_signon_realm| must be set to | |
| 72 // http://www.example.com. | |
| 73 std::string original_signon_realm; | |
| 74 | |
| 75 // The URL (minus query parameters) containing the form. This is the primary | |
| 76 // data used by the PasswordManager to decide (in longest matching prefix | |
| 77 // fashion) whether or not a given PasswordForm result from the database is a | |
| 78 // good fit for a particular form on a page, so it must not be empty. | |
| 79 GURL origin; | |
| 80 | |
| 81 // The action target of the form. This is the primary data used by the | |
| 82 // PasswordManager for form autofill; that is, the action of the saved | |
| 83 // credentials must match the action of the form on the page to be autofilled. | |
| 84 // If this is empty / not available, it will result in a "restricted" | |
| 85 // IE-like autofill policy, where we wait for the user to type in his | |
| 86 // username before autofilling the password. In these cases, after successful | |
| 87 // login the action URL will automatically be assigned by the | |
| 88 // PasswordManager. | |
| 89 // | |
| 90 // When parsing an HTML form, this must always be set. | |
| 91 GURL action; | |
| 92 | |
| 93 // The name of the submit button used. Optional; only used in scoring | |
| 94 // of PasswordForm results from the database to make matches as tight as | |
| 95 // possible. | |
| 96 // | |
| 97 // When parsing an HTML form, this must always be set. | |
| 98 string16 submit_element; | |
| 99 | |
| 100 // The name of the username input element. Optional (improves scoring). | |
| 101 // | |
| 102 // When parsing an HTML form, this must always be set. | |
| 103 string16 username_element; | |
| 104 | |
| 105 // The username. Optional. | |
| 106 // | |
| 107 // When parsing an HTML form, this is typically empty unless the site | |
| 108 // has implemented some form of autofill. | |
| 109 string16 username_value; | |
| 110 | |
| 111 // This member is populated in cases where we there are multiple input | |
| 112 // elements that could possibly be the username. Used when our heuristics for | |
| 113 // determining the username are incorrect. Optional. | |
| 114 // | |
| 115 // When parsing an HTML form, this is typically empty. | |
| 116 std::vector<string16> other_possible_usernames; | |
| 117 | |
| 118 // The name of the password input element, Optional (improves scoring). | |
| 119 // | |
| 120 // When parsing an HTML form, this must always be set. | |
| 121 string16 password_element; | |
| 122 | |
| 123 // The password. Required. | |
| 124 // | |
| 125 // When parsing an HTML form, this is typically empty. | |
| 126 string16 password_value; | |
| 127 | |
| 128 // False if autocomplete is set to "off" for the password input element; | |
| 129 // True otherwise. | |
| 130 bool password_autocomplete_set; | |
| 131 | |
| 132 // If the form was a change password form, the name of the | |
| 133 // 'old password' input element. Optional. | |
| 134 string16 old_password_element; | |
| 135 | |
| 136 // The old password. Optional. | |
| 137 string16 old_password_value; | |
| 138 | |
| 139 // Whether or not this login was saved under an HTTPS session with a valid | |
| 140 // SSL cert. We will never match or autofill a PasswordForm where | |
| 141 // ssl_valid == true with a PasswordForm where ssl_valid == false. This means | |
| 142 // passwords saved under HTTPS will never get autofilled onto an HTTP page. | |
| 143 // When importing, this should be set to true if the page URL is HTTPS, thus | |
| 144 // giving it "the benefit of the doubt" that the SSL cert was valid when it | |
| 145 // was saved. Default to false. | |
| 146 bool ssl_valid; | |
| 147 | |
| 148 // True if this PasswordForm represents the last username/password login the | |
| 149 // user selected to log in to the site. If there is only one saved entry for | |
| 150 // the site, this will always be true, but when there are multiple entries | |
| 151 // the PasswordManager ensures that only one of them has a preferred bit set | |
| 152 // to true. Default to false. | |
| 153 // | |
| 154 // When parsing an HTML form, this is not used. | |
| 155 bool preferred; | |
| 156 | |
| 157 // When the login was saved (by chrome). | |
| 158 // | |
| 159 // When parsing an HTML form, this is not used. | |
| 160 base::Time date_created; | |
| 161 | |
| 162 // Tracks if the user opted to never remember passwords for this form. Default | |
| 163 // to false. | |
| 164 // | |
| 165 // When parsing an HTML form, this is not used. | |
| 166 bool blacklisted_by_user; | |
| 167 | |
| 168 // Enum to differentiate between manually filled forms and forms with auto | |
| 169 // generated passwords. | |
| 170 enum Type { | |
| 171 TYPE_MANUAL, | |
| 172 TYPE_GENERATED, | |
| 173 }; | |
| 174 | |
| 175 // The form type. Not used yet. Please see http://crbug.com/152422 | |
| 176 Type type; | |
| 177 | |
| 178 // The number of times that this username/password has been used to | |
| 179 // authenticate the user. | |
| 180 // | |
| 181 // When parsing an HTML form, this is not used. | |
| 182 int times_used; | |
| 183 | |
| 184 // Returns true if this match was found using public suffix matching. | |
| 185 bool IsPublicSuffixMatch() const; | |
| 186 | |
| 187 PasswordForm(); | |
| 188 ~PasswordForm(); | |
| 189 }; | |
| 190 | |
| 191 // Map username to PasswordForm* for convenience. See password_form_manager.h. | |
| 192 typedef std::map<string16, PasswordForm*> PasswordFormMap; | |
| 193 | |
| 194 } // namespace content | |
| 195 | |
| 196 #endif // CONTENT_PUBLIC_COMMON_PASSWORD_FORM_H__ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23742004:
Move PasswordForm from //content to //autofill. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@move_password_form_conversion_utils