devol
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

[PM-12775] Autofill should not occur within 2FA fields

This commit is contained in:
Cesar Gonzalez 2024-09-27 16:07:03 -05:00
parent 08e9a69083
commit 9637dcfcf8
No known key found for this signature in database
GPG Key ID: 3381A5457F8CCECF
4 changed files with 14 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/browser/src/autofill/services/autofill-constants.ts
View File

@ -55,6 +55,7 @@ export class AutoFillConstants {
static readonly PasswordFieldExcludeList: string[] = [
...AutoFillConstants.FieldIgnoreList,
"hint",
"onetimepassword",
];

20
apps/browser/src/autofill/services/autofill.service.spec.ts
View File

@ -2260,29 +2260,23 @@ describe("AutofillService", () => {
options,
);
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenCalledTimes(4);
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenNthCalledWith(
1,
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenCalledWith(
usernameField,
AutoFillConstants.UsernameFieldNames,
);
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenNthCalledWith(
2,
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenCalledWith(
emailField,
AutoFillConstants.UsernameFieldNames,
);
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenNthCalledWith(
3,
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenCalledWith(
telephoneField,
AutoFillConstants.UsernameFieldNames,
);
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenNthCalledWith(
4,
expect(AutofillService.fieldIsFuzzyMatch).toHaveBeenCalledWith(
totpField,
AutoFillConstants.UsernameFieldNames,
);
expect(AutofillService.fieldIsFuzzyMatch).not.toHaveBeenNthCalledWith(
5,
expect(AutofillService.fieldIsFuzzyMatch).not.toHaveBeenCalledWith(
nonViewableField,
AutoFillConstants.UsernameFieldNames,
);
@ -2328,6 +2322,7 @@ describe("AutofillService", () => {
it("will not attempt to fuzzy match a totp field if totp autofill is not allowed", async () => {
options.allowTotpAutofill = false;
jest.spyOn(autofillService as any, "findMatchingFieldIndex");
await autofillService["generateLoginFillScript"](
fillScript,
@ -2336,7 +2331,7 @@ describe("AutofillService", () => {
options,
);
expect(AutofillService.fieldIsFuzzyMatch).not.toHaveBeenCalledWith(
expect(autofillService["findMatchingFieldIndex"]).not.toHaveBeenCalledWith(
expect.anything(),
AutoFillConstants.TotpFieldNames,
);
@ -2386,7 +2381,6 @@ describe("AutofillService", () => {
false,
false,
);
expect(AutofillService.fieldIsFuzzyMatch).not.toHaveBeenCalled();
expect(AutofillService.fillByOpid).toHaveBeenCalledTimes(2);
expect(AutofillService.fillByOpid).toHaveBeenNthCalledWith(
1,

5
apps/browser/src/autofill/services/autofill.service.ts
View File

@ -2556,6 +2556,11 @@ export default class AutofillService implements AutofillServiceInterface {
return;
}
// We want to avoid treating TOTP fields as password fields
if (AutofillService.fieldIsFuzzyMatch(f, AutoFillConstants.TotpFieldNames)) {
return;
}
const isLikePassword = () => {
if (f.type !== "text") {
return false;

3
apps/browser/src/autofill/services/inline-menu-field-qualification.service.ts
View File

@ -30,7 +30,6 @@ export class InlineMenuFieldQualificationService
this.webAuthnAutocompleteValue,
]);
private fieldIgnoreListString = AutoFillConstants.FieldIgnoreList.join(",");
private passwordFieldExcludeListString = AutoFillConstants.PasswordFieldExcludeList.join(",");
private currentPasswordAutocompleteValue = "current-password";
private newPasswordAutoCompleteValue = "new-password";
private autofillFieldKeywordsMap: AutofillKeywordsMap = new WeakMap();
@ -927,7 +926,7 @@ export class InlineMenuFieldQualificationService
return false;
}
return !(this.passwordFieldExcludeListString.indexOf(cleanedValue) > -1);
return !AutoFillConstants.PasswordFieldExcludeList.some((i) => cleanedValue.indexOf(i) > -1);
}
/**