mirror of
https://github.com/bitwarden/browser
synced 2024-12-23 08:30:14 +01:00
Merge pull request #1407 from bitwarden/tighten-autofill-non-password
beefed up restrictions on what is considered isLikePassword
This commit is contained in:
commit
1375b422c7
@ -903,16 +903,18 @@ export default class AutofillService implements AutofillServiceInterface {
|
||||
if (value == null) {
|
||||
return false;
|
||||
}
|
||||
const lowerValue = value.toLowerCase();
|
||||
if (lowerValue.indexOf('onetimepassword') >= 0) {
|
||||
// Removes all whitespace, _ and - characters
|
||||
const cleanedValue = value.toLowerCase().replace(/[\s_\-]/g, '');
|
||||
|
||||
if (cleanedValue.indexOf('password') < 0) {
|
||||
return false;
|
||||
}
|
||||
if (lowerValue.indexOf('password') < 0) {
|
||||
return false;
|
||||
}
|
||||
if (lowerValue.indexOf('captcha') >= 0) {
|
||||
|
||||
const ignoreList = ['onetimepassword', 'captcha', 'findanything'];
|
||||
if (ignoreList.some((i) => cleanedValue.indexOf(i) > -1)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
};
|
||||
const isLikePassword = () => {
|
||||
|
Loading…
Reference in New Issue
Block a user