[PM-4415] Detect password submissions on forms that do not emit submit

2024-10-08 07:42:21 -05:00 · 2024-10-08 07:42:21 -05:00 · 377fae713c
parent 9853c2180d
commit 377fae713c
3 changed files with 15 additions and 2 deletions
--- a/apps/browser/src/autofill/background/abstractions/overlay.background.ts
+++ b/apps/browser/src/autofill/background/abstractions/overlay.background.ts
@ -227,6 +227,7 @@ export type OverlayBackgroundExtensionMessageHandlers = {
  addEditCipherSubmitted: () => void;
  editedCipher: () => void;
  deletedCipher: () => void;
+  bgSaveCipher: () => void;
  fido2AbortRequest: ({ message, sender }: BackgroundOnMessageHandlerParams) => void;
 };

--- a/apps/browser/src/autofill/background/overlay.background.ts
+++ b/apps/browser/src/autofill/background/overlay.background.ts
@ -173,6 +173,7 @@ export class OverlayBackground implements OverlayBackgroundInterface {
    addEditCipherSubmitted: () => this.updateOverlayCiphers(),
    editedCipher: () => this.updateOverlayCiphers(),
    deletedCipher: () => this.updateOverlayCiphers(),
+    bgSaveCipher: () => this.updateOverlayCiphers(),
    fido2AbortRequest: ({ sender }) => this.abortFido2ActiveRequest(sender.tab.id),
  };
  private readonly inlineMenuButtonPortMessageHandlers: InlineMenuButtonPortMessageHandlers = {
--- a/apps/browser/src/autofill/services/inline-menu-field-qualification.service.ts
+++ b/apps/browser/src/autofill/services/inline-menu-field-qualification.service.ts
@ -289,10 +289,22 @@ export class InlineMenuFieldQualificationService
    field: AutofillField,
    pageDetails: AutofillPageDetails,
  ): boolean {
+    const parentForm = pageDetails.forms[field.form];
+
    // If the provided field is set with an autocomplete value of "current-password", we should assume that
    // the page developer intends for this field to be interpreted as a password field for a login form.
    if (this.fieldContainsAutocompleteValues(field, this.currentPasswordAutocompleteValue)) {
-      return pageDetails.fields.filter(this.isNewPasswordField).length === 0;
+      if (!parentForm) {
+        return (
+          pageDetails.fields.filter(this.isNewPasswordField).filter((f) => f.viewable).length === 0
+        );
+      }
+
+      return (
+        pageDetails.fields
+          .filter(this.isNewPasswordField)
+          .filter((f) => f.viewable && f.form === field.form).length === 0
+      );
    }

    const usernameFieldsInPageDetails = pageDetails.fields.filter(this.isUsernameField);
@ -306,7 +318,6 @@ export class InlineMenuFieldQualificationService

    // If the field is not structured within a form, we need to identify if the field is present on
    // a page with multiple password fields. If that isn't the case, we can assume this is a login form field.
-    const parentForm = pageDetails.forms[field.form];
    if (!parentForm) {
      // If no parent form is found, and multiple password fields are present, we should assume that
      // the passed field belongs to a user account creation form.